Elastic Compute Cloud (EC2)

Question 1

What is an EC2 instance?

Answer 1

A virtual server hosted in an AWS data center, that is managed by you.

Question 2

What are the EC2 pricing options?

Answer 2

1. On-Demand
2. Reserved
3. Spot
4. Dedicated

Question 3

Explain EC2 Reserved pricing option.

Answer 3

It is reserved capacity for 1 to 3 years, with up to a 72% discount on the hourly charge.

Question 4

Explain the EC2 Spot Instance pricing option.

Answer 4

You purchase unused capacity at a discount up to 90% and prices fluctuate based on supply and demand.

Question 5

What are good use cases for the EC2 On-Demand pricing option?

Answer 5

Applications with short-term, spiky, or unpredictable workloads that cannot be interrupted.

Question 6

What are good use cases for the EC2 Reserved pricing option?

Answer 6

When you have predictable usage with specific capacity requirements and where you can make upfront payments. You can save up to 72% off the standard EC2 On-Demand option.

Question 7

What are Convertible Reserved Instances (RI) in EC2?

Answer 7

You have the option to change to a different RI type of equal or greater value with up to 54% off the On-Demand price.

Question 8

What are the three types of EC2 Reserved Instance types?

Answer 8

1. Standard Reserved
2. Convertible Reserved
3. Scheduled Reserved

Question 9

What are Scheduled Reserved Instances (RI) in EC2?

Answer 9

You may launch them within the time window you define of a predictable recurring schedule.

Question 10

Is a Reserved Instance cross-region?

Answer 10

No, it is regional-specific.

Question 11

When should you use spot instances in EC2?

Answer 11

For applications that have flexible start and end times, or applications that are only feasible as really low compute prices, or applications that need an urgent amount of additional computing capacity.

Question 12

When should you use dedicated hosts in EC2?

Answer 12

1. When you have regulatory compliance requirements that do not support multi-tenant virtualization
2. Great for licensing that doesn’t support multi-tenant or cloud deployments (e.g. Microsoft, Oracle)

Question 13

What are best practices for user access using the AWS CLI?

Answer 13

1. Always give your users the minimum amount of access required to do their job
2. Create groups and assign users to groups.

Question 14

What is a AWS secret access key?

Answer 14

Effectively the password for using the AWS CLI, where you will only get to see it once. If you lose it, you’ll need to delete it and recreate a new one.

Question 15

What operating systems are supported by the AWS CLI?

Answer 15

1. Windows
2. Mac
3. Unix

Question 16

What is an IAM role?

Answer 16

An identity you can create in IAM that has specific permissions, however is intended to be assumable by anyone who needs it.

When you assume a role, it provides you with temporary security credentials for your role session.

Question 17

Who or what can assume a role?

Answer 17

1. People
2. AWS architecture
3. System-level accounts

Question 18

Are roles account-specific?

Answer 18

No, they can allow the ability to interact with resources in other AWS accounts.

Question 19

What is the preferred option from a security perspective in IAM, users, groups or roles?

Answer 19

Roles (to avoid hard-coding credentials)

Question 20

If you change a policy document within a role, must you create a new role session to gain that new privilege?

Answer 20

No, it takes effect immediately.

Question 21

If you attach a role to a running EC2 instance, must you restart the instance to gain that new privilege?

Answer 21

No, it takes effect immediately without requiring a restart.

Question 22

What are security groups in EC2?

Answer 22

They are virtual firewalls for your EC2 instance.

Question 23

By default, what ports are open on an EC2 instance?

Answer 23

By default, everything is blocked. You must create security groups to make ports accessible.

Question 24

What is the IP address range to allow all access to an EC2 instance?

Answer 24

0.0.0.0/0

Question 25

What is a bootstrap script in EC2?

Answer 25

A script that is run when the instance first runs, which allows you to automate the installation of applications.

It is referred to as user data.

Question 26

If you change a security group’s permissions in EC2, must you restart the EC2 instance for it to take effect?

Answer 26

No, it takes effect immediately.

Question 27

Is there a limit to the number of EC2 instances allowed in a security group?

Answer 27

No, there is no limit.

Question 28

How many security groups can be attached to a single EC2 instance?

Answer 28

Multiple security groups are allowed.

Question 29

What are the default inbound and outbound permissions for traffic in EC2?

Answer 29

All inbound traffic is blocked, and all outbound traffic is allowed.

Question 30

What is EC2 metadata?

Answer 30

Data about your EC2 instance, such as private/public IP addresses, what security groups it is in, etc.

Question 31

What is the difference between user data and metadata in EC2?

Answer 31

User data is simply bootstrap scripts and metadata is data about your EC2 instance. You can use bootstrap scripts (user data) to access your EC2 metadata.

Question 32

What are the three different networking adapters that can be attached to your EC2 instances?

Answer 32

1. ENI (Elastic Network Interface) for basic day-to-day networking
2. EN (Enhanced Networking) for single root I/O virtualization (SR-IOV) to provide high performance
3. EFA (Elastic Fabric Adapter) which accelerates high performance computing (HPC) and machine learning applications

Question 33

What options does an ENI networking card in EC2 allow?

Answer 33

1. Private IPv4 addresses
2. Public IPv4 address
3. Many IPv6 addresses
4. MAC address
5. 1 or more security groups

Question 34

When would you use and ENI networking adapter in EC2?

Answer 34

1. Create a management network
2. Use network and security appliances in your VPC
3. Create dual-homed instances with workloads/roles on distinct subnets (allows private network addresses that are separate)
4. Create a low-budget, high-availability solution

By default, when you create an EC2 instance, an ENI will be attached.

Question 35

When would you use Enhanced Networking adapter in EC2?

Answer 35

1. For high-performance networking between 10 Gbps and100 Gbps
2. It provides higher I/O performance and lower CPU utilization (single root I/O virtualization SR-IOV)
3. It provides higher bandwidth, higher packet per second (PPS) performance, and consistently lower inter-instance latencies

Question 36

What are the two ways Enhanced Networking can be enabled in EC2?

Answer 36

1. Elastic Network Adapter (ENA) which supports network speeds up to 100 Gbps for supported instance types
2. Intel 82599 Virtual Function (VF) Interface which supports network speeds up to 10 Gbps for supported instance types (typically used on older instances)

Question 37

In a scenario where you are asked to recommend using an ENA Adapter or an Intel 82599 Virtual Function Interface, which would you recommend?

Answer 37

Always ENA adapter (its faster and more modern)

Question 38

What is an EFA in EC2?

Answer 38

It is an Elastic Fabric Adapter which is a network device you can attach to your EC2 instance to accelerate High Performance Computing (HPC) and machine learning applications.

It provides lower, more consistent latency and higher throughput than the TCP transport traditionally used in cloud-based HPC applications.

Question 39

In a scenario where you are asked about high-performance computing and what network adapter should you use, what would you recommend?

Answer 39

Elastic Network Adapter (ENA)

Question 40

What is OS-bypass feature in Elastic Network Adapters in EC2?

Answer 40

OS-Bypass enables HPC and machine learning applications to bypass the operating system kernel and communicate directly with the EFA device, but it is only supported on Linux, not Windows.

Question 41

In a scenario where you are asked about OS-bypass and how you can enhance your high-performance computing (HPC) and machine learning applications, what would you recommend?

Answer 41

OS-bypass with Elastic Fabric Adapter (ENA)

Question 42

In a scenario where you are asked about OS-bypass and how you can enhance your high-performance computing (HPC) and machine learning applications, what would network adapter recommend?

Answer 42

OS-bypass with Elastic Fabric Adapter (ENA)

Question 43

What are the three types of EC2 placement groups?

Answer 43

1. Cluster
2. Spread
3. Partition

Question 44

What is a clustered placement group in EC2?

Answer 44

Grouping instances in EC2 in a single AZ, for low network latency, high network throughput, or both.

Question 45

Can all EC2 instance types be launched in placement groups?

Answer 45

No, only certain types can (compute optimized, GPU and memory optimized, storage optimized)

Question 46

What are spread placement groups in EC2?

Answer 46

Grouping instances that are each placed on distinct underlying hardware.

Question 47

When would you recommend spread placement groups in EC2?

Answer 47

When you have a small number of critical instances that should be kept separate from each other, like primary and secondary databases.

Question 48

What are partition placement groups in EC2?

Answer 48

EC2 divides each group into logical partitions and each partition has its own set of racks and each rack has its own network and power sources.

Question 49

When would you recommend partition placement groups in EC2?

Answer 49

When you have multiple EC2 instances (e.g. HDFS, Cassandra, HBase) and they ned to be on their own racks and dedicated network infrastructure to isolate hardware failure within your application.

Question 50

What EC2 placement group can span multiple AZs?

Answer 50

Spread placement groups

Question 51

What EC2 placement group cannot span multiple AZs?

Answer 51

Cluster placement groups

Question 52

Can heterogeneous instances be placed into a cluster placement group in EC2?

Answer 52

AWS recommends only homogeneous instance in cluster placement groups.

Question 53

Can you merge EC2 placement groups?

Answer 53

No, you cannot.

Question 54

How can you move an existing instance into a placement group?

Answer 54

Before you move the instance, it must be in the stopped state. You can only use the AWS CLI and AWS SDK (but not console).

Question 55

In a scenario where you have a requirement about special licensing requirements or compliance requirements avoiding multi-tenancy hosts, what type of EC2 instance would you recommend?

Answer 55

Dedicated instance

Question 56

What do you need to choose when configuring a EC2 spot instance request?

Answer 56

1. The maximum spot price (you will be provisioned a spot instance as long as the spot price is below this price) and the spot prices varies depending on AZs, capacity and regions.
2. Desired number of instances
3. Launch specification (what AMI)
4. Request type (one time or persistent), and if persistent when is valid from and until

Question 57

How much warning are you given if your EC2 spot price is exceeded?

Answer 57

You have 2 minutes to choose whether to stop or terminate your instance.

Question 58

What is a spot block in EC2?

Answer 58

You may use this to stop your EC2 spot instances from being terminated for between 1 to 6 hours even if the spot price goes above your maximum.

Question 59

When are spot instances in EC2 NOT recommended?

Answer 59

1. Persistent workloads (like websites)
2. Critical jobs
3. Databases

Question 60

How do you terminate instances under a persistent spot request?

Answer 60

1. Cancel the spot request
2. Terminate your instances that are running

Question 61

What is a spot fleet in EC2?

Answer 61

A collection of spot instances and (optionally) on-demand instances that attempt to match your target capacity with your price restraints.

It is broken into launch pools (which define the EC2 instance type, operating system, and AZ).

You have multiple pools that the fleet will choose the best way to meet the strategy you define.

Question 62

What are the four different strategies for spot fleets in EC2?

Answer 62

1. Capacity Optimized
2. Diversified
3. Lowest Price (default option)
4. Instance Pools to Use Count (only allowed in conjunction with Lowest Price)

Question 63

How much can spot instances save off the price of on-demand instances?

Answer 63

Up to 90% off

Question 64

Why would you use VMWare on AWS in EC2?

Answer 64

1. If you need hybrid cloud strategy and you would like to leverage AWS services
2. Migrating your existing cloud environment to AWS and you want to use VMWare built-in tools
3. VMWare is famous for it’s Disaster Recovery technology, so can be used in a hybrid cloud environment for inexpensive DR

Question 65

How is vCenter deployed on AWS Cloud using VMWare?

Answer 65

1. It runs on dedicated hardware hosted by AWS using a single AWS account
2. Each host is capable of running multiple VMWare instances (up to the hundreds)
3. Clusters (VCenter clusters) can start with two hosts (minimum number for availability) up to 16 hosts per cluster

Question 66

What is AWS Outposts?

Answer 66

Brings the AWS data center directly to you, on-premises, where you can run many AWS services in your data center.

It allows you to have 1U and 2U servers all the way up to 42U racks and multiple-rack deployments.

Question 67

What are the benefits of AWS Outposts?

Answer 67

1. Hybrid cloud
2. Fully managed infrastructure
3. Brings consistency (AWS management console into your data center)

Question 68

What are the two AWS Outposts family members?

Answer 68

1. Outposts Rack (a whole rack of servers starting with 42U rack and scales up to 96U, only meant for data center)
2. Outposts Servers (in 1U or 2U form factor, for small spaces, such as retail stores, branch offices, healthcare provider locations, etc.) and it provides only compute and networking services

Question 69

In a scenario where you are asked how you can extend AWS to your on-premises data center, what service would you recommend?

Answer 69

AWS Outposts

Question 70

In what scenario would you use AWS Outposts Rack family member?

Answer 70

When you have a data center and large deployment requirements.

Question 71

In what scenario would you use AWS Outposts Servers family member?

Answer 71

In smaller spaces such as retail stores, branch offices, etc. where you have smaller deployment requirements.