EC2 Flashcards
What does EC2 stand for?
Elastic Cloud Compute
What is EC2?
A web service that provides resizable compute capacity in the cloud
What are the benefits of EC2? (2)
- Reduces the time required to obtain and boot new server instances to minutes
- Scale capacity as your computing requirements change
What are the five EC2 pricing models? (5)
- On Demand
- Reserved
- Spot
- Savings Plans
- Dedicated Hosts
What are the features of the EC2 On Demand pricing model? (2)
- Pay a fixed rate by the hour (or second) with no commitment
- No up-front payment
Which use cases work well under the EC2 On Demand pricing model? (2)
- Applications with short term, spiky or unpredictable workloads that cannot be interrupted
- Applications being developed or tested on Amazon EC2 for the first time
What are the features of the EC2 Reserved pricing model? (3)
- Provides a capacity reservation
- Offers a significant discount on the hourly charge for an instance
- Contract terms of 1 or 3 years
Which use cases work well under the EC2 Reserved pricing model? (3)
- Applications with steady state or predictable usage
- Applications that require reserved capacity
- Users able to make upfront payments to reduce their total computing costs
What are the three types of EC2 Reserved pricing? (3)
- Standard reserved instances
- Convertible reserved instances
- Scheduled reserved instances
What are the features of standard reserved instances? (2)
- Offer up to 75% off On-Demand instances
- Standard RIs can only be modified, not exchanged
What are the features of convertible reserved instances? (2)
- Offer up to 54% off On-Demand instances
- Convertible RIs can be exchanged for different Convertible RIs of equal or greater value
What are the attributes of a Reserved Instance? (4)
- Instance type (CPU, memory, storage, networking capacity)
- Platform description (operating system)
- Tenancy (runs on shared hardware/single-tenant hardware/Dedicated Host)
- Availability zone (optional)
What are the features of scheduled reserved instances? (2)
- Available to launch within the time windows you reserve
- Use case: capacity matching to a predictable recurring schedule that only requires a fraction of a day/week/month
What are the features of the EC2 Spot pricing model? (2)
- Allows you to request spare EC2 computing capacity for up to 90% off the On-Demand price
- Bid whatever price you want for instance capacity
Which use cases are suited to the EC2 Spot pricing model? (3)
- Applications that have flexible start and end times
- Applications that are only feasible at very low compute prices
- Users with urgent computing needs for large amounts of additional capacity
What are the features of the EC2 Savings Plans pricing model?
Offers low prices on EC2 usage in exchange for a commitment to a consistent amount of usage ($ per hour) for a 1 or 3 year term
How do Reserved Instances provide a capacity reservation?
By assignment to a specific Availability Zone
What happens when you terminate an EC2 Spot instance vs when EC2 terminates it? (2)
- If a Spot instance is terminated by EC2, you will not be charged for a partial hour of usage
- If you terminate the instance yourself, you will be charged for any hour in which the instance ran
What are the features of the EC2 Dedicated Host pricing model? (3)
- A physical EC2 server is dedicated for your use
- Reduce costs by allowing you to use existing server-bound software licenses
- Can be purchased On-Demand or as a Reservation
Which use cases are suited to the EC2 Dedicate Host pricing model? (2)
- Regulatory requirements which do not support multi-tenant virtualisation
- Licensing which does not support multi-tenancy or cloud deployment
What are the differences between a Dedicated Host and a Dedicated Instance? (2)
- A Dedicated Host gives you additional visibility and control over how instances are placed on a physical server
- With a Dedicated Host, can consistently deploy your instances to the same physical server over time
What is the default status of Termination Protection for an EC2 instance?
Termination Protection is turned off by default
By default, what happens to the root EBS volume when an EBS-backed instance is terminated?
On an EBS-backed instance, the default action is for the root EBS volume to be deleted when the instance is terminated
What does the root device volume contain?
The image used to boot the instance
What is an AMI?
An Amazon Machine Image provides the information required to launch an instance
Can root and non-root device volumes be selected for encryption during an instance launch? If not, how can the volume be encrypted after launch (3)
- The root device volume cannot be encrypted during an instance launch
- After launch, a snapshot must be taken, copied, this snapshot encrypted, an encrypted volume created from this & the existing volume then replaced with the encrypted volume
- A non-root device volume can be encrypted during launch or after launch
Are security groups stateful or stateless?
Security groups are stateful
What does stateful mean?
When you create an inbound rule allowing traffic in, an outbound rule is created automatically which allows the traffic back out again
What are the default properties of a security group? (2)
- All inbound traffic is blocked
- All outbound traffic is allowed
Can you block a particular port or IP address with security groups?
No, you can’t block a particular port or IP address with security groups
How can you block a particular port or IP address?
With Network Access Control Lists
What is the maximum number of EC2 instances within a security group?
Unlimited
Can an EC2 instance have multiple attached security groups?
Yes
What can you specify using a security group? Allow rules, deny rules, or both
You can specify allow rules, but not deny rules using security groups
What does EBS stand for>
Elastic Block Store
What does Amazon EBS do?
Provides persistent block storage volumes for use with EC2 instances in the AWS cloud
How does the design of Amazon EBS protect you from component failure?
Each EBS volume is automatically replicated within its Availability Zone
What are the five types of EBS? (5)
- General Purpose SSD
- Provisioned IOPS SSD
- Throughput Optimised HDD
- Cold HDD
- Magnetic
Describe the General Purpose SSD EBS volume type and its use cases (2)
- Balances price and performance for a wide variety of transactional workloads
- Most workloads
Describe the Provisioned IOPS SSD EBS volume type and its use cases (2)
- Highest-performance SSD volume designed for mission critical applications
- Databases
Describe the Throughput Optimised HDD EBS volume type and its use cases (2)
- Low cost HDD volume designed for frequently accessed, throughput-intensive workloads
- Big data, data warehouses
Describe the Cold HDD EBS volume type and its use cases (2)
- Lowest cost HDD volume designed for less frequently accessed workloads
- File servers
Describe the Magnetic EBS volume type and its use cases (2)
- Previous generation HDD
- Workloads where data is infrequently accessed
Can an EC2 instance and its EBS volume reside in different availability zones?
No
How do you launch an EC2 instance in a different Availability Zone? (3)
- Take a snapshot of the instance
- Take an image of the snapshot
- Use this image to provision new EC2 instance - change the Availability Zone during the launch process
When you terminate an EC2 instance with multiple EBS volumes, what happens after termination? (2)
- By default, the root EBS volume is deleted
- Whereas the additional volumes remain but their status is “available” rather than “in-use” - assuming the default of an unticked “delete on termination” for additional volumes
Where do volumes and snapshots exist, respectively? (2)
- Volumes exist on EBS
- Snapshots exist on S3
How can Amazon EBS and snapshots be described colloquially? (2)
- EBS is a virtual hard disk in the cloud
- Snapshots are a photograph of the disk
How do snapshots relate to volumes?
Snapshots are point in time copies of volumes
Describe how elastic block storage (EBS) works (3)
- Snapshots are incremental
- Only the blocks that have changed since your last snapshot are moved to S3
- As a result, the first snapshot may take some time to create
Can you change EBS volume sizes on the fly?
Yes, you can change volume size and storage type
Can you take a snapshot of EBS volumes that serve as root devices while their associated instance is running? Should you? (2)
- You can take a snapshot while the instance is running
- But you should stop the instance before taking the snapshot
What are the properties of AMIs which differentiate different ones? (5)
- Region
- Operating system
- Architecture
- Launch permissions
- Storage for the root device
For AMIs, what are the two types of storage for the root device? (2)
- Instance store (ephemeral storage)
- EBS backed volumes
Can you reboot AMIs without losing your data?
Yes
What are the differences between EBS backed volumes and instance store volumes? (4)
- Root device of an instance launched from an EBS backed volume AMI: an EBS volume created from an EBS snapshot
- Root device of an instance launched from an instance store volume AMI: an instance store volume created from a template stored in Amazon S3
- EBS backed instances can be stopped; you will not the data on the instance if stopped
- Instance store volumes cannot be stopped; if the underlying host fails, you will lose your data
Can you share snapshots? If so, are there any limitations on this? (2)
- Yes, snapshots can be shared with other AWS accounts or made public
- You can only share snapshots if they are unencrypted
If you take a snapshot of an encrypted volume, is the resulting snapshot encrypted?
Yes
If a volume is restored from an encrypted snapshot, is the resulting volume encrypted?
Yes
What is CloudWatch?
CloudWatch is a monitoring service to monitor your AWS resources, as well as the applications that you run on AWS
Which compute functions can CloudWatch monitor? (4)
- EC2 instances
- Autoscaling groups
- Elastic load balancers
- Route53 health checks
Which storage & content delivery functions can CloudWatch monitor? (3)
- EBS volumes
- Storage gateways
- CloudFront
What is CloudTrail?
CloudTrail increases visibility into your user and resource activity by recording AWS Management Console actions and API calls
What can CloudTrail identify? (3)
- Which users and accounts called AWS
- The source IP address from which the calls were made
- When the calls occurred
What is the difference between CloudWatch and CloudTrail?
CloudWatch is performance monitoring, CloudTrail is CCTV (audit)
Which host level metrics are available using CloudWatch? (4)
- CPU
- Network
- Disk
- Status check
By default, how often does CloudWatch with EC2 monitor events?
5 minutes by default
With detailed monitoring, how often can CloudWatch with EC2 monitor events?
Every minute
What are the four key features of CloudWatch? (4)
- Dashboards
- Alarms
- Events
- Logs
What do you need to enable in order to user the AWS command line interface?
Programmatic access (from IAM in the AWS console)
What are the benefits of using IAM roles with EC2? (4)
- More secure than storing your access key and secret access key on individual EC2 instances
- Roles are easier to manage
- Roles can be assigned to an EC2 instance after it’s created, using console or command line
- Roles are universal, you can use them in any region
What is Amazon Elastic File System?
Elastic File System (EFS) is a file storage service for Amazon EC2 instances
What are the benefits of EFS? (6)
- Simple interface for creating + configuring file systems
- Elastic storage capacity, scalable up to petabytes
- Two EC2 instances can both reside on the same EFS (as opposed to one EBS per EC2)
- You only pay for the storage you use, no pre-provisioning required
- Data is stored across multiple availability zones within a region
- Read After Write consistency
What are the three types of EC2 Placement Groups? (3)
- Clustered
- Spread
- Partitioned
To what extent must the name of a placement group be unique?
Must be unique within your AWS account only, not globally unique
Can you merge placement groups?
No, you can’t merge placement groups
Can you move an existing instance into a placement group?
No, you can’t move an existing instance into a placement group
What should you do if you’d like an existing instance to be within a placement group?
Create an AMI from the existing instance, then launch a new instance from the AMI into a placement group
What is a clustered placement group?
A group of instances within a single Availability Zone
For which applications is a clustered placement group suitable?
Applications that need low network latency and high network throughput
Is it advisable to place multiple types of EC2 instances into a single clustered placement group?
No, AWS recommends that homogenous instances (same EC2 instance type) are placed within a clustered placement group
What is a spread placement group?
A group of instances that are each placed on distinct underlying hardware
For which applications is a spread placement group advisable and why?
- Applications that have a small number of critical instances that should be kept separate from each other
- Designed to protect your EC2 instances from hardware failure
What “distinct underlying hardware” is each instance placed on in a spread placement group? (3)
- Different racks
- Within either the same or different Availability Zone(s)
- Always within the same region
What is a partitioned placement group? (3)
- A group is divided into logical segments called partitions
- Partitions are comprised of 1 or more instance(s)
- No two partitions within a placement group share the same racks
What “distinct underlying hardware” is each partition placed on in a partitioned placement group? (3)
- A rack per partition
- Within either the same of different Availability Zone(s)
- Always within the same region
