EC2 Fundamentals Flashcards
What is an EC2?
EC2 = Elastic Compute Cloud = Infra as a service
What are EC2 capabilities?
- Virtual Machines (EC2)
- Storing data on virtual drives (EBS)
- Distributing load across machines (ELB)
- Scaling the services using an auto-scaling group (ASG)
What OS Can you use on an EC2?
- Linux
- Windows
- Mac OS
What are the 7 settings you can choose on an EC2?
- OS
- CPU
- RAM
- Storage space
- Network Card (speed, public IP address)
- Firewall Rules (security group)
- Bootstrap script (configure at first launch) for EC2 user data
What are the 2 options of storage you can have in EC2?
- Network-attached (EBS & EFS)
- Hardware (EC2 Instance Store)
What is Bootstrapping?
launching commands when a machine starts (runs once at beginning)
What is the EC2 user data (bootstrap) used for?
To Automate boot tasks such as:
- Installing updates
- Installing software
- Downloading common files from internet
- Anything really
What user does the EC2 User Data script runs with?
Root (has sudo rights)
What are the EC2 instance types?
t2.micro
t2xlarge
These dictate vCPU, Mem (GiB), Storage, Network, EBS bandwidth
Which instance type of EC2 is included in the free tier?
t2.micro (up to 750 hours per month)
What happens when you stop and start an EC2 instance?
The public IP might change (the private wont)
How many instance types of EC2 are there?
7
What are the instance types of EC2?
- General Purpose
- Compute optimised
- Memory optimised
- Accelerated computing
- Storage optimised
- Instance features
- Measuring Instance performance
What does “m5.2xlarge” mean?
m = instance type
5 = generation
2xlarge = size within the instance class
What is a General Purpose EC2 instance type good for?
Great for diversity of workloads such as web servers or code repositories
Balance between:
1. compute
2. memory
3. networking
What are Compute Optimised EC2 instances good for?
Compute-intensive tasks that need high perf processors.
- batch processing workload
- media transcoding
- high perf web servers
- high perf computing (HPC)
- scientific modelling & ML
- dedicated gaming servers
What are Memory Optimised EC2 instances good for?
Fast performance for workloads that process large data sets in memory
- High perf relational/non relational database
- distributed web scale cache stores
- in-memory databases optimised for BI (Business intelligence)
- apps performing real-time processing of big unstructured data
What are Storage Optimised EC2 instances good for?
Good for storage-intensive tasks that need high sequential read/write access to large data sets on local storage
- High frequency online transaction processing (OLTP)
- Relational & NoSQL databases
- Cache for in-memory databases (Redis)
- Data warehousing apps
- Distributed file systems
What do Security Groups do?
Control how traffic is allowed in/out of EC2 instances
What kind of rules do Security Groups contain?
Allow rules only
What do Security Groups rules reference by? (what do they see and say yes or no)
Based on IP or Security Groups
How is a Security Group used? Give a scenario
You put the SG around an EC2, and they block everything. You then set the allow list for inbound/outbound traffic.
Are Security Groups like a firewall?
Yes
What do Security Groups regulate?
- Access to ports
- Authorised IP ranges - IPv4 / IPv6
- Inbound traffic
- Outbound traffic
Does a Security Group allow all inbound traffic by default?
No. You set who is allowed in
Does a Security Group allow all outbound traffic by default?
Yes
Can Security Groups be attached to multiple instances?
Yes
Can Security Groups be in multiple regions/VPC combinations at the same time?
No - locked down to a region/VPC combination
Will the EC2 instance see the traffic that a Security Group blocks?
No because the SG lives outside the EC2
What is a good practice for SHH and Security Groups?
To maintain one separate SG for SSH access
What does it mean if your application is timing out and is not accessible?
Security Group issue
If you application gets a “connection refused” error, is it a Security Group issue?
No - application error or not launched.
How can you Reference other security groups?
Instead of selecting which IPs can pass through the SG, you can select Security Groups instead. For example, you have an EC2 instance with Security Group, that security group can allow all the traffic from Security Group 2 & 3 which each has another instance inside of them.
What is port 22?
SSH (Secure Shell) - log into linux instance
What is port 21?
FTP (File Transfer Protocol) - upload files into a file share
What port is SFTP?
22 just like SSH (Secure Transfer Protocol) - upload files using SSH
What is port 80?
HTTP - access unsecured websites
What is port 443?
HTTPS - access secured websites
When do you use SSH?
When you want to log into your servers via the terminal and perform maintenance/actions
Which OS can use SSH?
- Linux
- Mac
- Windows 10 =>
Which OS cannot use SSH?
Win 10 <
What is an alternative if you cannot use SSH?
Putty
Which OS can use Putty?
Win 10 higher/lower
What is an EC2 instance connect?
Uses your web browser to connect to an EC2 instance.
What is the command for connecting to an EC2 instance?
ssh -i “keypair.pem”@<ip></ip>
What is the command to make the keypair private after you download it ?
chmod 0400 <keypair></keypair>
If you already have a .pem keypair and want to use Putty what can you do?
Convert it within Putty to a .ppk file.
What do you need to include in the Host Name (or IP address) filed in Putty?
ec2-user@<ip></ip>
ec2-user is already created in that linux instance from AWS
What command do you use to SSH from Win10 +?
ssh -i .<.pem> ec2-user@<ip></ip>