EC2 Flashcards
What is EC2?
EC2 is AWS’s VM in the cloud service
What are the 4 types of EC2 instances? (pricing)
1) On demand
2) Reserved
3) Spot
4) Dedicated hosts
What is EBS?
Elastic Block Store
A virtual disc in the cloud.
Is termination protection enabled by default?
No
What happens to the root EBS volume when an instance is terminated?
It is deleted
What happens to an additional EBS volume when an instance is terminated?
It is NOT deleted!
Can EBS volumes be encrypted?
Yes
What is a security group?
A security group is a virtual firewall that controls the traffic for one or more instances. You can assign a security group to instances or select a default security instance
What are the default inbound outbound traffic rules of a new security group?
All inbound traffic is blocked by default and all outbound traffic is allowed.
What do changes to a security group take effect?
Immediately
Can you have multiple security groups attached to an EC2 instance?
Yes
Are security groups stateful or stateless? and what does this mean?
They are stateful…. When you open a port you open for both outbound and inbound traffic
Can you block specific IP addresses in an security group?
No for that you will need to use an NACL
What is a NACL?
Network access control list.
An optional layer of security that acts as a firewall for controlling traffic in and out of one or more subnets
Can you specify deny rules in a security group?
No, you can only specify allow rules.
Name 2 SSD based EBS volume types…
1) General purpose SSD- gp2
2) Provisioned IOPS SSD- i01
Name 3 magnetic based EBS volume types…
1) Throughput optimised- st1
2) Cold HDD- sc1
3) Magnetic
What is the use case for a gp2 EBS volume?
Most workloads
Max IOPS= 16,000
Volume size= 1GB-16TB
What is the use case for a io1 EBS volume?
e.g. a EC2 based database that are mission critical!
Max IOPS= 64,000
Volume size= 1GB-16TB
What does IOPS stand for?
Inputs/outputs per second
What is the use case for a st1 volume?
Throughput intensive big data workloads
Max IOPS= 500
Vol size=500GB-16TB
What is the use case for a sc1?
File severs
Max IOPS= 250
Vol size= 500GB-16TB
What is the use case for Magnetic?
Workloads that are infrequently accessed
Max IOPS= 40-200
Vol size= 16GB-1TB
Can you have a EBS in a different AZ to an the EC2 instance interacting with it?
No, the EC2 instance and EBS volume must be the same AZ
What is snapshot?
A snapshot is a copy of an EBS volume. They exist on S3. These are point in time copies of volumes. They are incremental.
What should you do to take a snapshot of a root EBS volume?
Stop the EC2 instance before creating the snapshot
Can you create AMI’s from volumes and snapshots?
Yes
Can you change EBS volume sizes on the fly? including storage type?
Yes
What are the 3 steps to move a EBS volume from one AZ to another?
1) Take a snapshot
2) Create and AMI
3) Use AMI to launch an EC2 instance in a new AZ
What are the 4 steps to move an EBS volume from one AZ to another region?
1) Create a snapshot
2) Create an AMI
3) Copy AMI from one region to another
4) Use AMI to launch an EC2 instance in the new region
Are snapshots of encrypted volumes encrypted by default?
Yes
Are volumes restored from encrypted snapshots encrypted?
Yes
Can you share snapshots with other AWS accounts or the public?
Yes, but only if they are not encrypted
Can root volumes be encrypted?
Yes, AWS have made it easy to encrypt a root volume with one click, however this can be done manually.
What is the manual process of encrypting a root volume?
1) Create a snapshot of the unencrypted root volume
2) Create a copy of the snapshot and select the encrypt option
3) Create an AMI from the encrypted snapshot
4) Use this AMI to launch new encrypted instance with encrypted root volumes
What is an instance store?
An instance store provides a temporary block-level storage for your instance. The storage is located on discs that are physically attached to the host computer (physical hardware in AWS).
What is another name for an instance store?
Ephemeral storage
What happens to data stored in an instance store if the underlying host fails?
The data is lost.
What happens to data stored in an instance store if you reboot the instance attached to it?
You will not loose your data.
What is happens by default to a root EBS voume?
The root EBS volume will be deleted. Hoever, this setting can be changed to persist the root EBS volume
What is CloudWatch used for?
CloudWatch is used to monitoring performance of AWS environment and you can set alarms which can trigger notifications.
What is CloudTrail used for?
CloudTrail is used to monitor all API calls within the AWS environment and this information is used for audit purposes.
What are 4 key features of CloudWatch?
1) Dashboards
2) Alarms- alert when threshold is reached
3) Events- Helps you respond to changes in AWS resources
4) Logs- Aggregate, monitor and store logs
What is a Role?
An IAM identity that you can create in your AWS account that has specific permissions. An IAM role is similar to an IAM user in that it has an AWS identity with permissions and policies that determine what the identity can and cannot do in AWS.
Why use a role?
A role is more secure than storing your access ID and access key on an EC2 instance and they are easier to manage.
Can a role be assigned to an EC2 instance after it is created using the console?
Yes
Are roles universal?
Yes
What is a bootstrap script?
A bootstrap script is a script that is run when an EC2 instance first boots. This can be used to automate the installation of software and to complete updates.
What is instance and user metadata?
Instance metadata is data about your instance that can be used to configure or manage the running of an instance. e.g. public IP address
User data information about the user e.g. user_id value
What is the URL used to access instance and user data from an EC2 instance?
http: //193.84.224.252/latest/meta-data/
http: //193.84.224.252/latest/user-data/
What is EFS?
Linux based Elastic File System.
File system in the cloud. EC2 instances can then mount the directories in EFS
You can also mount on premise file systems using DirectConnect.
Grows and shrinks as required. Stores across multi AZs
Only pay for what you use.
What protocol does EFS support?
Supports the NFSv4 protocol
What is are EC2 placement groups used for?
A method of grouping all of your instances across underlying hardware to minimise correlated failures
What are the 3 placement groups available for EC2?
1) Clustered placement group
2) Spread placement group
3) Partition placement group
What is a clustered placement group?
A clustered placement group is a method of grouping EC2 instances within a single AZ.
What is the use case for a clustered placement group?
If an app required low network latency or high network throughput or both!
remember only certain types of EC2 instances can be placed in a clustered placement group
What is a spread placement group?
A spread placement group is a group of instances that are each placed on distinct underlying pieces of hardware.
What is the use case for a spread placement group?
A spread placement group is recommended for apps that have a small number of critical instances that should be kept separate from each other. This is usually on different racks in 1 AZ, but can span multiple AZs.
What is a partition placement group?
A partition placement group divides parts of racks to house EC2 instances. These are divided into logical segments called partitions. No two partitions within a placement group share the same rack.
What is the use case for a partition placement group?
The customer would like to reduce correlated failures for large workloads. This is required to run applications like Hadoop, Hbase, Kafka and Aerospike within a single AZ.
Can you merge EC2 placement groups?
No
Can add an existing instance into a placement group? and how would you do this?
No, you would need to create and AMI from the EC2 instance and then launch a new instance from the AMI into a placement group.
Which EC2 placement groups cannot be spread across multiple AZs?
Spread and partition placement groups can be spread across AZs. Clustered placement groups cannot.
What are the underlying hypervisors used to create EC2 instances? (choose 2)
1) Xen
2) Nitro
What do you assume when a question specifies that a number of EC2 instances is required (100% fault tolerance)?
That you will loose the AZ with the most instances!
What is the cheapest type of EBS volume?
HDD based volumes e.g. sc1 and st1
What is the main limitation of a spread placement group?
That you can only have a maximum of 7 running instances per AZ
What type of storage is EBS? (block based or object)
Block based…. the clue is in the name
Name 3 ways to improve the performance of an EBS volume in addition to choosing the correct EBS volume type for your specific task.
1) Schedule snapshots of HDD based volumes for periods of low use
2) Ensure that EC2 instances are types that can be optimised for use with EBS
3) You can stripe volumes together in a RAID 0 configuration
How many instances can I run on EC2?
Limit applies to the number of vCPUs that you are running (on demand) e.g. standard instances – 1152vCPUs
