EC2 - Fundamentals Flashcards
What is EC2?
EC2 = Elastic Compute Cloud = Infrastructure as a Service
What are the sizing and configuration levels of EC2?
- OS
- CPU
- RAM
- Storage
- EBS& EFS (network attached)
- EC2 instance store
- Network card
- Security groups
- Bootstrap script: EC2 User Data
What is EC2 User Data?
A script that only run once at the instance first start
What is the example usage of EC2 User Data?
- Installing updates
- Installing sws
- Downloading common files
- etc..
Who is the Runner of the User Data?
The root user.
What are the main EC2 Instance Types?
- General purpose
- Compute Optimized
- Memory Optimized
- Accelerated Computing
- Storage Optimized
- HPC optimized
Describe General Purpose Instance Type
- diversity of workloads
- balance between: compute, memory, networking
Describe Compute Optimized instance type
Great for compute-intensive tasks that require high performance
processor
* Batch processing workloads
* Media transcoding
* High performance web servers
* Scientific modeling & machine learning
* Dedicated gaming servers
Describe Memory Optimized instance type
Fast performance for workloads that process large data sets in memory
* High performance, relational/non-relational databases
* Distributed web scale cache stores
* In-memory databases optimized for BI (business intelligence)
* Applications performing real-time processing of big unstructured data
Describe Storage Optimized instance type
Great for storage-intensive tasks that require high, sequential read and write
access to large data sets on local storage
* High frequency online transaction processing (OLTP) systems
* Relational & NoSQL databases
* Cache for in-memory databases (for example, Redis)
* Data warehousing applications
* Distributed file systems
What are EC2 Security Groups?
- Security Groups are the fundamental of network security in AWS
- They control how traffic is allowed into or out of our EC2 Instances
- Security groups only contain ALLOW rules
- Security groups rules can reference by IP or by security group
- They are “acting” as a firewall before the EC2 instances
Security Groups - Good to know
- Can be attached to multiple instances
*Locked down to a region / VPC combination - Does live “outside” the EC2 – if traffic is blocked the EC2 instance won’t see it
- It’s good to maintain one separate security group for SSH access
- If your application is not accessible (time out), then it’s a security group issue
- If your application gives a “connection refused“ error, then it’s an application error or it’s not launched
- All inbound traffic is blocked by default
- All outbound traffic is authorised by default
What are the main Ports to know?
- 22 = SSH - log into Linux instance
- 21 = FTP - upload files into a file share
- 22 = SFTP - upload files using SSH
- 80 = HTTP - access unsecured websites
- 443 = HTTPS - access secured websites
- 3389 = Windows RDP
How can you log in into all types of EC2 regardless to OS?
EC2 Instance Connect
How to connect to Mac or Linux instances?
SSH
Does EC2 Instance Connect need any setup?
The port 22 (SSH) must be opened
What are the main EC2 instance purchase options?
- On-Demand instaces - shor workload, predictable pricing, pay by second
- Reserved (1 & 3 years)
- Reserved instances - long workloads
- Convertible Reserved Instances - long workloads flexible instances
- Saving Plans (1 & 3 years) - commitment to amount of usage, long workload
- Spot Instances - short workloads, cheap, can lose instances
- Dedicated Hosts - book an entire physical server, control instance placement
- Dedicated Instances - no other customers will share your hardware
- Capital Reservations - reserve capacity in a specific AZ for any duration
What are the main feature of EC2 Reserved Instances?
- You reserve a specific instance attributes (Instance Type, Region, Tenancy, OS)
- Reservation Period – 1 year (+discount) or 3 years (+++discount)
- Payment Options – No Upfront (+), Partial Upfront (++), All Upfront (+++)
- Reserved Instance’s Scope – Regional or Zonal (reserve capacity in an AZ)
- You can buy and sell in the Reserved Instance Marketplace
What are the main feature of EC2 Convertible Reserved Instances?
- Same as Reserved Instances
- Can change the EC2 instance type, instance family, OS, scope and tenancy
What are the main feature of EC2 Savings Plans?
*Get a discount based on long-term usage (up to 72% - same as RIs)
* Commit to a certain type of usage ($10/hour for 1 or 3 years)
* Usage beyond EC2 Savings Plans is billed at the On-Demand price
* Locked to a specific instance family & AWS region (e.g., M5 in us-east-1)
* Flexible across:
* Instance Size (e.g., m5.xlarge, m5.2xlarge)
* OS (e.g., Linux, Windows)
* Tenancy (Host, Dedicated, Default)
What are the main feature of EC2 Spot Instances?
*Instances that you can “lose” at any point of time if your max price is less than the current spot price
* The MOST cost-efficient instances in AWS
* Useful for workloads that are resilient to failure
* Batch jobs
* Data analysis
* Image processing
* Any distributed workloads
* Workloads with a flexible start and end time
* Not suitable for critical jobs or databases
What are the main feature of EC2 Dedicated Hosts?
- A physical server with EC2 instance capacity fully dedicated to your use
- Allows you address compliance requirements and use your existing server- bound software licenses (per-socket, per-core, pe—VM software licenses)
- Purchasing Options:
- On-demand – pay per second for active Dedicated Host
- Reserved - 1 or 3 years (No Upfront, Partial Upfront, All Upfront)
- The most expensive option
- Useful for software that have complicated licensing model (BYOL – Bring Your Own License)
- Or for companies that have strong regulatory or compliance needs
What are the main feature of EC2 Dedicated Instances?
*Instances run on hardware that’s dedicated to you
* May share hardware with other instances in same account
* No control over instance placement (can move hardware after Stop / Start)
