EC2 Flashcards
Instance pricing models
On Demand, Spot, Reserved, Dedicated Hosts
If you terminate spot instance
you pay for the hour. If AWS terminates it, you are not charged for the hour
Instance types
DRMCGIFTPX
EBS types
SSD, General Purpose - GP2 (up to 10k IOPS)
SSD, Provisioned IOPS - IO1 (> 10k IOPS)
HDD, Throughput Optimized - ST1 (frequently accessed workloads)
HDD, Cold - SC1 (less frequently accessed data)
HDD, Magnetic Standard (cheap, infrequently accessed storage)
Can you mount 1 EBS volume to multiple EC2 instances?
No, use EFS instead
Termination protection
is turned off by default, you must turn it on
On an EBS-backed instance, the default action is for the root EBS volume
to be deleted when the instance is terminated
Can root volumes be encrypted by default?
No, you need a third party tool to encrypt the volume. Additional volumes can be encrypted
Volumes exist on
EBS. virtual hard disk
Snapshots exist on
S3
Can you take a snapshot of a volume?
Yes, this will store that volume on S3
What are snapshots?
point in time copies of Volumes
Snapshots are incremental, so
only the blocks that have changed since your last snapshot are moved to S3
First snapshots
may take some time to create
Snapshots of encrypted volumes
are encrypted automatically
Volumes restored from encrypted snapshots
are encrypted automatically
Can you share snapshots?
Yes if they are unencrypted. these snapshots can be shared with other AWS accounts or made public
to create a snapshot for EBS volumes that serve as root devices,
you should stop the instance before taking the snapshot
Instance store volumes are sometimes called
ephemeral storage
Can instance store volumes be stopped?
No, if the underlying host fails, you will lose your data
Can EBS volumes be stopped?
Yes, you will not lose data if it is stopped
Can you reboot volumes?
Yes for both, you will not lose data
By default, both root volumes
will be deleted on termination, but you can tell AWS to keep the root EBS volume
How to take snapshot of a raid array?
take application consistent snapshot to prevent excluding data. stop the app from writing to the disk + flush all caches to the disk. freeze file system or unmount raid array or shut down associated instance
Are AMIs global or regional?
Regional. You can only launch an AMI from the region in which it is stored. However you can copy AMIs to other regions using the console, command line or API
CloudWatch
standard=5 mins, detailed=1 min
CloudWatch is for
performance monitoring
CloudTrail is for
auditing
With CloudWatch you can do
Dashboards, Alarms, Events, Logs
Which is more secure, Roles or storing access key ID/secret access key on instances?
Roles, they are also easier to manage
Can roles be assigned to an EC2 instance after it’s created?
Yes but only using the command line
Are roles universal?
Yes
Instance metadata
used to get info about instance (e.g. public ip)
curl http://169.254.169.254/latest/meta-data/
Is there user data for an instance?
No
EFS features
supports NFSv4, only pay for storage you use, can scale up to petabytes, can support thousands of concurrent NFS connections, data is stored across multiple AZs in a region
Consistency of EFS
read after write
Lambda
compute service where you upload your code and create Lambda function. AWS takes care of provisioning and managing servers you use
Use Lambda as
event-driven compute service where Lambda runs your code in response to events, as compute service to run your code in response to HTTP requests using API Gateway or API calls made using AWS SDKs
