Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

AWS Developer > EC2 > Flashcards

EC2 Flashcards

1
Q

CLI Commands

  • aws ec2 describe-instances: Describes one or more of your instances.
  • aws ec2 describe-images: Describes one or more of the images (AMIs, AKIs, and ARIs) available to you. Images available to you include public images, private images that you own, and private images owned by other AWS accounts but for which you have explicit launch permissions.
  • aws ec2 run-instances: Launches the specified number of instances using an AMI for which you have permissions (<> start-instances).
  • aws ec2 terminate-instances:Shuts down one or more instances. This operation is idempotent; if you terminate an instance more than once, each call succeeds.
A

CLI Commands

  • aws ec2 describe-instances: Describes one or more of your instances.
  • aws ec2 describe-images: Describes one or more of the images (AMIs, AKIs, and ARIs) available to you. Images available to you include public images, private images that you own, and private images owned by other AWS accounts but for which you have explicit launch permissions.
  • aws ec2 run-instances: Launches the specified number of instances using an AMI for which you have permissions (<> start-instances).
  • aws ec2 terminate-instances:Shuts down one or more instances. This operation is idempotent; if you terminate an instance more than once, each call succeeds.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

SDK

https://aws.amazon.com/tools/

  • Android, iOS, Javascript (Browser)
  • Java
  • .Net
  • Node.js
  • PHP
  • Python
  • Ruby
  • Go
  • C++
A

SDK

https://aws.amazon.com/tools/

  • Android, iOS, Javascript (Browser)
  • Java
  • .Net
  • Node.js
  • PHP
  • Python
  • Ruby
  • Go
  • C++
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

SDK Default Regions

  • Default Region: US-EAST-1
  • Some have default regions (Java)
  • Some do not (Node.js)
A

SDK Default Regions

  • Default Region: US-EAST-1
  • Some have default regions (Java)
  • Some do not (Node.js)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

EC2 - Pricing Options

  • On-Demand: allow you to pay a fixed rate by the hour with no commitment
  • Reserved Instances: provide you with a capacity reservation, and offer a significant discount on the hourly charge for an instance. 1 Year or 3 Years Terms.
  • Spot Instances: enable you to bid whatever price you want for instance capacity, providing for even greater savings if your applications have flexible start and end times
    • If you terminate the instance, you pay for the hour
    • If AWS terminates the spot instance, you get the hour it was terminated in for free
  • Dedicated Hosts: Physical EC2 server dedicated for your use. Dedicated Hosts can help you reduce costs by allowing you to use your existing server-bound software licenses, such as MSDN subscription licenses
A

EC2 - Pricing Options

  • On-Demand: allow you to pay a fixed rate by the hour with no commitment
  • Reserved Instances: provide you with a capacity reservation, and offer a significant discount on the hourly charge for an instance. 1 Year or 3 Years Terms.
  • Spot Instances: enable you to bid whatever price you want for instance capacity, providing for even greater savings if your applications have flexible start and end times
    • If you terminate the instance, you pay for the hour
    • If AWS terminates the spot instance, you get the hour it was terminated in for free
  • Dedicated Hosts: Physical EC2 server dedicated for your use. Dedicated Hosts can help you reduce costs by allowing you to use your existing server-bound software licenses, such as MSDN subscription licenses
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

EC2 - Instance Types

DR MC GIFT PX

  • D for Density
  • R for RAM
  • M - main choice for general purpose apps
  • C for Compute
  • G for Graphics
  • I for IOPS
  • F for FPGA
  • T cheap general purpose (think T2 micro)
  • P - Graphics (think Pics)
  • X - Extreme memory
A

EC2 - Instance Types

DR MC GIFT PX

  • D for Density
  • R for RAM
  • M - main choice for general purpose apps
  • C for Compute
  • G for Graphics
  • I for IOPS
  • F for FPGA
  • T cheap general purpose (think T2 micro)
  • P - Graphics (think Pics)
  • X - Extreme memory
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

EC2 - Instance Types

A

EC2 - Instance Types

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

EBS Consists of:

  • General Purpose SSD - GP2 - (Up to 10,000 IOPS)
  • Provisioned IOPS SSD - IO1 - (More than 10,000 IOPS)
  • HDD, Throughput Optimized - ST1 - frequently accessed workloads
  • HDD, Cold - SC1 - less frequently accessed data
  • HDD, Magnetic - Standard - cheap, infrequently accessed storage

You cannot mount 1 EBS volume to multiple EC2 instances, instead use EFS.

A

EBS Consists of:

  • General Purpose SSD - GP2 - (Up to 10,000 IOPS)
  • Provisioned IOPS SSD - IO1 - (More than 10,000 IOPS)
  • HDD, Throughput Optimized - ST1 - frequently accessed workloads
  • HDD, Cold - SC1 - less frequently accessed data
  • HDD, Magnetic - Standard - cheap, infrequently accessed storage

You cannot mount 1 EBS volume to multiple EC2 instances, instead use EFS.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

EC2 - EBS

  • General Purpose SSD (GP2)
    • General purpose, balances both price and performance
    • Ratio of 3 IOPS per GB with up to 10,000 IOPS and the ability to burst up to 3,000 IOPS for extended periods of time for volumes under 1 GB
  • Provisionned IOPS SSD (IO1)
    • Designed for I/O intensive applications such as large relational or NoSQL databases
    • Use if you need more than 10,000 IOPS
    • Can provision up to 20,000 IOPS per volume
A

EC2 - EBS

  • General Purpose SSD (GP2)
    • General purpose, balances both price and performance
    • Ratio of 3 IOPS per GB with up to 10,000 IOPS and the ability to burst up to 3,000 IOPS for extended periods of time for volumes under 1 GB
  • Provisionned IOPS SSD (IO1)
    • Designed for I/O intensive applications such as large relational or NoSQL databases
    • Use if you need more than 10,000 IOPS
    • Can provision up to 20,000 IOPS per volume
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

EC2 - EBS

  • Throughput Optimized HDD (ST1)
    • Big Data
    • Data Warehouse
    • Log processing
    • Cannot be a boot volume
  • Cold HDD (SC1)
    • Lowest cost storage for infrequently accessed workloads
    • File server
    • Cannot be a boot volume
  • Magnetic (Standard)
    • Lowest cost per GB of all EBS volume types that is bootable. Magnetic volumes are ideal for workloads where data is accessed infrequently, and applications where the lowest storage cost is important
A

EC2 - EBS

  • Throughput Optimized HDD (ST1)
    • Big Data
    • Data Warehouse
    • Log processing
    • Cannot be a boot volume
  • Cold HDD (SC1)
    • Lowest cost storage for infrequently accessed workloads
    • File server
    • Cannot be a boot volume
  • Magnetic (Standard)
    • Lowest cost per GB of all EBS volume types that is bootable. Magnetic volumes are ideal for workloads where data is accessed infrequently, and applications where the lowest storage cost is important
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

EC2 - Launch new instance

  • Termination protection is turned off by default, you must turn it on (flag in Instance Details: Enable termination protection)
  • On an EBS-backed instance, the default action for the root EBS volume is to be deleted when the instance is terminated (flag in Storage: Delete on Termination)
  • EBS root volume of your DEFAULT AMI’s cannot be encrypted. You can use a third party tool to encrypt the root volume or this can be done when creating AMI’s in the AWS console or using the API
  • Additional EBS volume can be encrypted
A

EC2 - Launch new instance

  • Termination protection is turned off by default, you must turn it on (flag: Enable termination protection)
  • On an EBS-backed instance, the default action for the root EBS volume is to be deleted when the instance is terminated
  • EBS root volume of your DEFAULT AMI’s cannot be encrypted. You can use a third party tool to encrypt the root volume or this can be done when creating AMI’s in the AWS console or using the API
  • Additional EBS volume can be encrypted
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

EBS Volumes in Region

Amazon EBS volumes are created in a specific AZ and can then be attached to any instances in that same AZ

  • To make a volume available outside of the AZ, you can create a snapshot and restore that snapshot to a new volume anywhere in that region
  • You can copy snapshots to other regions and then restore them to new volumes there
A

EBS Volumes in Region

Amazon EBS volumes are created in a specific AZ and can then be attached to any instances in that same AZ

  • To make a volume available outside of the AZ, you can create a snapshot and restore that snapshot to a new volume anywhere in that region
  • You can copy snapshots to other regions and then restore them to new volumes there
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Security Groups

  • Security Groups are virtual firewall
  • All Inbound Traffic is blocked by default
  • All Outbout Traffic is allowed by default
  • Changes to Security Groups take effect immediately
  • You can have any number of EC2 instances within a security group
  • You can have multiple security groups attached to EC2 instances
  • Security Groups are STATEFUL
    • If you create an inbound traffic rule allowing traffic in, that traffic is automatically allowed back out again
  • You cannot block specific IP addresses using Security Groups, instead use Network Access Control Lists
  • You can specify allow rules, but not deny rules
A

Security Groups

  • Security Groups are virtual firewall
  • All Inbound Traffic is blocked by default
  • All Outbout Traffic is allowed by default
  • Changes to Security Groups take effect immediately
  • You can have any number of EC2 instances within a security group
  • You can have multiple security groups attached to EC2 instances
  • Security Groups are STATEFUL
    • If you create an inbound traffic rule allowing traffic in, that traffic is automatically allowed back out again
  • You cannot block specific IP addresses using Security Groups, instead use Network Access Control Lists
  • You can specify allow rules, but not deny rules
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Volumes and Snapshots

  • Volumes exist on EBS
    • Volumes = Virtual Hard Disk
  • Snapshots of a Volume exists on S3
  • Snapshots are point in time copies of Volumes
  • Snapshots are incremental, this means that only blocks that have changed since your last snapshot are moved to S3
A

Volumes and Snapshots

  • Volumes exist on EBS
    • Volumes = Virtual Hard Disk
  • Snapshots of a Volume exists on S3
  • Snapshots are point in time copies of Volumes
  • Snapshots are incremental, this means that only blocks that have changed since your last snapshot are moved to S3
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Snapshots

  • Snapshots of encrypted volumes are encrypted automatically
  • Volumes restored from encrypted snapshots are encrypted automatically
  • You can share snapshots, but only if they are unencrypted (the encryption key is tied to your AWS account)
    • These snapshots can be shared with other AWS accounts or made public
  • To create a snapshot for Amazon EBS volumes that serve as root devices, you should stop the instance before taking the snapshot
A

Snapshots

  • Snapshots of encrypted volumes are encrypted automatically
  • Volumes restored from encrypted snapshots are encrypted automatically
  • You can share snapshots, but only if they are unencrypted (the encryption key is tied to your AWS account)
    • These snapshots can be shared with other AWS accounts or made public
  • To create a snapshot for Amazon EBS volumes that serve as root devices, you should stop the instance before taking the snapshot
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

How can I take a Snapshot of a RAID Array?

Problem: Take a snapshot, the snapshot excludes data held in the cache by applications and the OS. This tends not to matter on a single volume, however using mulitple volumes in a RAID array, this can be a problem due to interdependencies of the array.

Solution: Take an application consistent snapshot.

  • Stop the application from writing to disk
  • Flush all caches to the disk

How can we do this?

  • Freeze the file system (OR)
  • Umount the RAID array (OR)
  • Shutting down the EC2 instance
A

How can I take a Snapshot of a RAID Array?

Problem: Take a snapshot, the snapshot excludes data held in the cache by applications and the OS. This tends not to matter on a single volume, however using mulitple volumes in a RAID array, this can be a problem due to interdependencies of the array.

Solution: Take an application consistent snapshot.

  • Stop the application from writing to disk
  • Flush all caches to the disk

How can we do this?

  • Freeze the file system (OR)
  • Umount the RAID array (OR)
  • Shutting down the EC2 instance
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

AMI

Amazon Machine Image (AMI) provides pre-configured operation systems such as Linux and Windows.

AMI’s are regional. You can only launch an AMI from the region in which it is stored. However, you can copy AMI’s to other regions using the console, command line or the Amazon EC2 API.

You can choose an AMI from:

  • Basic Amazon Machine Image (AMI) provided by AWS
  • AWS Marketplace
  • Community AMIs
  • Create your own AMI
  • VM Import/Export
A

AMI

Amazon Machine Image (AMI) provides pre-configured operation systems such as Linux and Windows.

AMI’s are regional. You can only launch an AMI from the region in which it is stored. However, you can copy AMI’s to other regions using the console, command line or the Amazon EC2 API.

You can choose an AMI from:

  • Basic Amazon Machine Image (AMI) provided by AWS
  • AWS Marketplace
  • Community AMIs
  • Create your own AMI
  • VM Import/Export
17
Q

You can select your AMI based on:

  • Region (see Regions and Availability Zones)
  • Operating System
  • Architecture (32-bit or 64-bit)
  • Launch Permissions
  • Storage for the Root Device (Root Device Volume)
    • EBS
    • Instance Store (EPHEMERAL STORAGE)
A

Amazon Machine Image (AMI) provides pre-configured operation systems such as
Linux and Windows.

You can select your AMI based on:

  • Region (see Regions and Availability Zones)
  • Operating System
  • Architecture (32-bit or 64-bit)
  • Launch Permissions
  • Storage for the Root Device (Root Device Volume)
    • EBS
    • Instance Store (EPHEMERAL STORAGE)

AMI’s are regional. You can only launch an AMI from the region in which it is stored. However, you can copy AMI’s to other regions using the console, command line or the Amazon EC2 API.

18
Q

EBS vs Instance Store

All AMIs are categorized as either backed by Amazon EBS or backed by instance store

EBS Volumes: Network attached, persistent storage. The root device for an instance launched from the AMI is an Amazon EBS volume created from an Amazon EBS snapshot

Instance Store Volumes: Locally attached instance storage. The root device for an instance launched from the AMI is an instance store volume created from a template stored in Amazon S3

A

EBS vs Instance Store

All AMIs are categorized as either backed by Amazon EBS or backed by instance store

For EBS Volumes: The root device for an instance launched from the AMI is an Amazon EBS volume created from an Amazon EBS snapshot

For Instance Store Volumes: The root device for an instance launched from the AMI is an instance store volume created from a template stored in Amazon S3

19
Q

EBS vs Instance Store

  • Instance Store Volumes are sometimes called Ephemeral Storage
  • Instance Store Volumes cannot be stopped. If the underlying host fails, you will loose your data
  • EBS backed instances can be stopped. You will not loose the data on this instance if it is stopped
  • You can reboot both, you will not loose your data
  • By default, both ROOT volumes will be deleted on termination, however with EBS volumes, you can tell AWS to keep the root device volume (uncheck “Delete on Termination” flag)
A

EBS vs Instance Store

  • Instance Store Volumes are sometimes called Ephemeral Storage
  • Instance Store Volumes cannot be stopped. If the underlying host fails, you will loose your data
  • EBS backed instances can be stopped. You will not loose the data on this instance if it is stopped
  • You can reboot both, you will not loose your data
  • By default, both ROOT volumes will be deleted on termination, however with EBS volumes, you can tell AWS to keep the root device volume (uncheck “Delete on Termination” flag)
20
Q

EBS vs Instance Store

In general, Instance Store volumes are ideal for temporary storage of information that is continually changing, such as buffers, caches, scratch data and other temporary content, or for data that is replicated across a fleet of instances. Unlike EBS volumes, Instance Store cannot be detached or attached to another instance.

A

EBS vs Instance Store

In general, Instance Store volumes are ideal for temporary storage of information that is continually changing, such as buffers, caches, scratch data and other temporary content, or for data that is replicated across a fleet of instances. Unlike EBS volumes, Instance Store cannot be detached or attached to another instance.

21
Q

Elastic Load Balancers

  • Read the ELB FAQ for Classic Load Balancers (as opposed to Application Load Balancers)
  • Instances monitored by ELB are reported as
    • InService
    • OutofService
  • Health Checks check instance health by talking to it
  • ELB have their own DNS name. You are never given an IP address
  • Connection draining: Enabled by default. It happens while deregistering an instance from an Elastic Load Balancer. For the duration of the configured timeout, the load balancer will allow existing, in-flight requests made to an instance to complete, but it will not send any new requests to the instance. Once the timeout is reached, any remaining connections will be forcibly closed.
A

Elastic Load Balancers

  • Read the ELB FAQ for Classic Load Balancers (as opposed to Application Load Balancers)
  • Instances monitored by ELB are reported as
    • InService
    • OutofService
  • Health Checks check instance health by talking to it
  • ELB have their own DNS name. You are never given an IP address
  • Connection draining: Enabled by default. It happens while deregistering an instance from an Elastic Load Balancer. For the duration of the configured timeout, the load balancer will allow existing, in-flight requests made to an instance to complete, but it will not send any new requests to the instance. Once the timeout is reached, any remaining connections will be forcibly closed.
22
Q

ELB - Multi-Load Balancer Pattern

  • The behavior (on the load balancer level) for mobile sites and PC sites can be different, even when using the same Amazon EC2 instance
  • Even when multiple SSLs (HTTPS) are used by the same Amazon EC2 instance, you can prepare load balancers for each SSL (ELB supports a single SSL certificate)
  • Session affinity: You bind all the transactions of a session to a specific compute ressource. This is achieved through the “sticky sessions” feature of ELB.
A

ELB - Multi-Load Balancer Pattern

  • The behavior (on the load balancer level) for mobile sites and PC sites can be different, even when using the same Amazon EC2 instance
  • Even when multiple SSLs (HTTPS) are used by the same Amazon EC2 instance, you can prepare load balancers for each SSL (ELB supports a single SSL certificate)
  • Session affinity: You bind all the transactions of a session to a specific compute ressource. This is achieved through the “sticky sessions” feature of ELB.
23
Q

CloudWatch

  • Standard Monitoring = 5 mins
  • Detailed Monitoring = 1 min
  • CloudWatch is for performance monitoring (CPU, Network, Disk, Status)
  • CloudTrail is for auditing
A

CloudWatch

  • Standard Monitoring = 5 mins
  • Detailed Monitoring = 1 min
  • CloudWatch is for performance monitoring (CPU, Network, Disk, Status)
  • CloudTrail is for auditing
24
Q

What can I do with CloudWatch

  • Dashboards: Creates awesome dashboards to see what is happening with your AWS environment
  • Alarms: Allows you to set Alarms that notify you when particular threshold are hit
  • Events: CloudWatch Events helps you to respond to state changes in your AWS ressources
  • Logs: CloudWatch Logs helps you to aggregate, monitor and store logs
A

What can I do with CloudWatch

  • Dashboards: Creates awesome dashboards to see what is happening with your AWS environment
  • Alarms: Allows you to set Alarms that notify you when particular threshold are hit
  • Events: CloudWatch Events helps you to respond to state changes in your AWS ressources
  • Logs: CloudWatch Logs helps you to aggregate, monitor and store logs
25
Q

IAM Roles

  • Roles are more secure than storing your access key and secret access key on individual EC2 instances
  • Roles are easier to manage
  • Roles can be assigned to an EC2 instance after it is created, but currently only using the command line
  • Roles are universal, you can use them in any Region
A

IAM Roles

  • Roles are more secure than storing your access key and secret access key on individual EC2 instances
  • Roles are easier to manage
  • Roles can be assigned to an EC2 instance after it is created, but currently only using the command line
  • Roles are universal, you can use them in any Region
26
Q

EC2 Instance Meta-data

  • Used to get information about an instance (such as public IP)
  • Not user meta data
  • Command: curl http://169.254.169.254/latest/meta-data
A

EC2 Instance Meta-data

  • Used to get information about an instance (such as public IP)
  • Not user meta data
  • Command: curl http://169.254.169.254/latest/meta-data
27
Q

EC2 - Placement Group

A placement group is a logical grouping of instances within a single Availibility Zone. Using placement groups enables applications to participate in a low-latency, 10 Gpbs network. Placement groups are recommended for applications that benefit from low network latency, high network throughput, or both (e.g. Grid, Hadoop, Cassandra, etc.).

A

EC2 - Placement Group

A placement group is a logical grouping of instances within a single Availibility Zone. Using placement groups enables applications to participate in a low-latency, 10 Gpbs network. Placement groups are recommended for applications that benefit from low network latency, high network throughput, or both.

28
Q

EC2 - Placement Group

  • A placement group can’t span mulitple Availibility Zones
  • The name you specify for a placement group must be unique within your AWS account
  • Only certain type of instances can be launched in placement group (Compute Optimized, GPU, Memory Optimized, Storage Optimized)
  • AWS recommend homogenous instances within placement groups
  • You can’t merge placement groups
  • You can’t move an existing instance into a placement group. You can create an AMI from your existing instance, and then launch a new instance from the AMI into a placement group
A

EC2 - Placement Group

  • A placement group can’t span mulitple Availibility Zones
  • The name you specify for a placement group must be unique within your AWS account
  • Only certain type of instances can be launched in placement group (Compute Optimized, GPU, Memory Optimized, Storage Optimized)
  • AWS recommend homogenous instances within placement groups
  • You can’t merge placement groups
  • You can’t move an existing instance into a placement group. You can create an AMI from your existing instance, and then launch a new instance from the AMI into a placement group
29
Q

EFS

Amazon Elastic File System (Amazon EFS) is a file storage service for Amazon Elastic Compute Cloud (Amazon EC2) instances. Amazon EFS is easy to use and provides a simple interface that allows you to create and configure file systems quickly and easily. With Amazon EFS, storage capacity is elastic, growing and shrinking automatically as you add and remove files, so your applications have the storage they need, when they need it.

A

EFS

Amazon Elastic File System (Amazon EFS) is a file storage service for Amazon Elastic Compute Cloud (Amazon EC2) instances. Amazon EFS is easy to use and provides a simple interface that allows you to create and configure file systems quickly and easily. With Amazon EFS, storage capacity is elastic, growing and shrinking automatically as you add and remove files, so your applications have the storage they need, when they need it.

30
Q

EFS - Features

  • Supports the Network File System version 4 (NFSv4) protocol
  • You only pay for the storage you use (no pre-provisioning required)
  • Can scale up to the petabytes
  • Can support thousands of concurrent NFS connections
  • Data is stored across multiple AZ’s within a region
A

EFS - Features

  • Supports the Network File System version 4 (NFSv4) protocol
  • You only pay for the storage you use (no pre-provisioning required)
  • Can scale up to the petabytes
  • Can support thousands of concurrent NFS connections
  • Data is stored across multiple AZ’s within a region
31
Q

What is Lambda?

AWS Lambda is a compute service where you can upload your code and create a Lambda function. AWS Lambda takes care of provisioning and managing the servers that you use to run the code. You don’t have to worry about operating systems, patching, scaling etc. You can use Lambda in the following ways:

  • As en event-driven compute service where AWS Lambda runs your code in response to events. These events could be changes to data in an Amazon S3 bucket or an Amazon DynamoDB table
  • As a compute service to run your code in response to HTTP requests using Amazon API Gateway or API calls made using AWS SDKs.
A

What is Lambda?

AWS Lambda is a compute service where you can upload your code and create a Lambda function. AWS Lambda takes care of provisioning and managing the servers that you use to run the code. You don’t have to worry about operating systems, patching, scaling etc. You can use Lambda in the following ways:

  • As en event-driven compute service where AWS Lambda runs your code in response to events. These events could be changes to data in an Amazon S3 bucket or an Amazon DynamoDB table
  • As a compute service to run your code in response to HTTP requests using Amazon API Gateway or API calls made using AWS SDKs.

AWS Developer (12 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions