EC2: elastic compute cloud Flashcards
EC2 Basics
- Infra as a service
- rent virtual machines (EC2)
- store data on virtual drives (EBS)
- distribute loads across machines (ELB)
- scale services using auto scaling group (ASG)
EC2 Sizing and Configuration Options
- OS: Linux, MacOS, Windows
- CPU: how many compute cores + powers
- RAM
- storage space
- network card: speed of the card, public IP address
- firewall rules
- bootstrap script: launching commands when a machine first starts, only runs once at instance first start (i.e, EC2 user data script)
EC2 User Data Script
used to automate bootstrap tasks such as installing updates, software, download common files
runs with root user (pseudo rights)
EC2 Instance Types
- 7 basic types, each with different families (i.e, General Purpose)
- naming convention: m5.2xlarge
- m: instance class
- 5: generation (increases over time)
- 2xlarge: size within instance class
EC2 Instance: General Purpose
balance between computer, memory, networking. great for diversity of workloads, web servers, code repos, etc.
ex: t2.micro
EC2 Instance: Compute Optimized
compute intensive tasks (ex: C5)
use cases: batch processing workloads, media transcoding, high performance web server or computer (HPC), scientific modeling + machine learning, dedicated game servers
EC2 Instance: Memory Optimized
fast performance for processing large data sets, relation/non-relational databases
use cases: distributed web scale cache stores, in-memory databases optimized for Business Intelligence, applications performing real time processing of big unstructured data
EC2 Instance: Storage Optimized
for storage intensive tasks, high read/write access to large data sets on local storage
high frequency online transactional processing (OLTP) systems
relational and noSQL databases
cache or in-memory databases (ex: Redis)
data warehousing applications
distributed file systems
EC2 Security Groups
fundamentals AWS network security that:
- control how traffic is allowed in/out of EC2 instances
- only contain ALLOW rules
- rules can reference by IP / by security group
- act as firewall
- regulate access to ports, authorized IP ranges IPv4 - IPv6, control of outbound network (from instances to other) and inbound (from other to instances)
Security Groups
can be attached to multiple instances
locked down t a region /VPC combination
live outside the EC2, so if traffic is blocked, EC2 can’t see it
timeout errors = security group issue
all inbound traffic blocked by default + all outbound traffic authorized by default
Classic Ports
22 = SSH (secure shell) log into linux instance
21 = FTP (file transfer protocol) upload files
22 = SFTP (secure file transfer protocol) upload files with SSH
80 = HTTP access unsecured websits
443 = HTTPS access secured websites
3389 = RDP (remote desktop protocol) log into Windows instance
EC2 Purchasing Options: On-Demand Instances
short workload, predictable pricing, pay by second
highest cost but no upfront payment, no long term commitment
recommended for unpredictable apps
EC2 Purchasing Options: Reserved
1 & 3 years - long workloads
*convertible reserved instances: long workloads with flexible instances
no upfront, partial upfront, all upfront with increasing discounts
regional / zonal
recc for steady state apps like databases
EC2 Purchasing Options: Savings Plans
1 & 3 years - commitment to an amount of usage, long workload, usage beyond is billed at On-Demand price
locked to specific instance family and AWS region
EC2 Purchasing Options: Spot Instances
short workloads, cheap, can lose instances (less reliable)
can lose instance at any point in time if your max price is less than current spot price
but most cost efficient
recc for workloads resilient to failure like batch jobs, distributed workloads, *not suitable for critical jobs
