Elastic Compute Cloud (EC2)

Question 1

What is Elastic Compute Cloud (EC2)?

Answer 1

In it’s essence it’s a virtual machine that’s hosted in AWS instead of your own data center.

It’s designed to make web-scale cloud computing easier for developers at the capacity you want when you need it.

You can select the capacity you need right now and grow/shrink the service when you need it.

Question 2

What are the 4 EC2 pricing options?

Answer 2

1 On-Demand
- Pay by the hour or second, depending on the type of instance you run

2. Reserved
   - Reserved capacity for 1 or 3 years. Up to 72% discount on the hourly charge.
3. Spot
   - Purchase unused capacity at a discount of up to 90%. Prices fluctuate with supply and demand.
4. Dedicated
   - A physical EC2 server dedicated for your use. The most expensive one.

Question 3

When do you want a on-demand pricing model for instances?

Answer 3

In general you want this in 3 different scenario us:

1. You need flexibility in capacity, and you don’t want to do upfront payment or long-term commitment.
2. You need something for the short term, and your workloads are going to be very unpredictable.
3. You are testing the waters and you’re testing your application for the first time.

Question 4

When do you want a reserved pricing model for instances?

Answer 4

This basically the opposite of when you want the on-demand pricing model.

1. You have predictable usage, so you know what you’re gonna use for the next 1 or 3 years.
2. Your application have specific capacity requirements so you know what the capacity is gonna be.
3. You want to reduce your computing cost since reserved is cheaper than on-demand (up to 72% depending contract length).

Question 5

What are the different options of reserved EC2 instances?

Answer 5

1. Standard - Pick one type of instance and stick to that one.
2. Convertible - You can change your reserved instance type at the cost of only up to 52% discount of on-demand instances.
3. Scheduled - Reserve only capacity within a timeframe you define. Like maybe you only need a large amount of reserved capacity in the morning when people log in.

Question 6

When do you want to use Spot pricing for instances?

Answer 6

You generally want to use Spot pricing when your application is very flexible about it’s schedule. So it doesn’t really matter if it runs Monday afternoon or Saturday morning. And you want to be as cost sensitive as possible, since you can just buy capacity when it’s at its cheapest.

A side note is they can be useful for users with an urgent need for large amounts of additional computing capacity.

Question 7

When do you want to use a dedicated host pricing mode for your instances?

Answer 7

1. Compliance requirements
   - Multiple people on AWS use the same hardware to run their instances. There might be some govermental rules or something like a bank might have a rule that says you need to have your data on dedicated hardware and not shared.
2. Licensing requirements
   - The same as compliance. You might have licenses from Microsoft or Oracle that demand you have dedicated and not share hardware.
3. Can be purchased both as a on-demand and reserved pricing models.

Question 8

Which tool can you use to estimate AWS pricing?

Answer 8

The AWS pricing calculator.

Question 9

How do you elevate your permissions to root using the command line in an instance?

Answer 9

sudo su

Question 10

How do check for updates in an instance using the command line?

Answer 10

dnf update -y

Question 11

How do you configure ine command line?

Answer 11

First you need to create an access key and secret access key in IAM and tick of the user needs access to the AWS CLI.

The you go to the command line and type the command:

aws configure

and provide the credintials you created in IAM.

Question 12

What is an IAM Role?

Answer 12

A role is an identity you can create in IAM that has specific permissions. A role is similar to a user, as it’s and AWS identity with permission policies that determine what the identity can and cannot do in AWS.

Roles are intended to be assumable by anyone who needs it.

A special feature of roles is it can allow cross-account access. This allows one AWS account the ability to interact with resources in other AWS accounts.

They are also preffered from a security perspective, so you would always prefer to use roles rather than hardcode credintials if possible.

Question 13

Are roles permenanet?

Answer 13

No, A role does not have standard long-term credentials the same way password or access keys do. Instead, when you assume a role, it provides you with temporary security credntials for your role session.

Question 14

Who can assume roles?

Answer 14

Roles can be assumed by people, AWS architecture, or other system-level accounts

Question 15

Why is it more secure to assign an instance a role with permissions and do you work from there rather than the main account?

Answer 15

The reason is the instances don’t store Credintials. If the instance should get hacked, the hacker can only do what that instance is allowed to do thorugh it’s role. And you can just terminate the instance and the hacker loses access.

If the account is hacked on the other hand they will have access to your access key and secret access key, and they can do pretty much anything they want, and not only what the instance was allowed to do.

Question 16

What is a bootstrap script?

Answer 16

It’s a script that runs when an instance is first run (bootstrap scripts are also called user data).

A classic example is if you want the instance to automatically install applications and then run them.

Question 17

What is EC2 metadata?

Answer 17

It’s simply data that describes your EC2 instance.

This can be stuff like your EC2 instance’s Ip address, host name, security groups etc.

Question 18

What does an elastic network interface (ENI) provide, and what is it’s use cases?

Answer 18

It provides:

1. Private IPv4 addresses
2. MAC address
3. Public IPv4 address
4. 1 or more security groups
   5.Many IPv6 Addresses

It’s use cases are:

1. Create a management network
2. Use network and security appliances in your VPC.
3. Create a low budget, high-availability solution.

All EC2 instances have an ENI attached to it by default.

Question 18

What are the 3 types of networking you can do with an EC2 instance?

Answer 18

You can attach 3 different types of virtual networking cards to your EC2 instances

1. Elastic network interface (ENI)
   - For basic day-to-day networking
2. Enhanced networking (EN)
   - Uses single root I/O virtualization (SR-IOV) to provide high performance
3. Elastic fabric adapter
   - Accelerates high performance computing and machine learning applications

Question 19

What is the use case of Enhanced networking?

Answer 19

1. You get high performance networking between 10 Gbps and 100 Gbps.
2. Provides higher bandwidth, higher packet per second (PPS) performance, and consistently lower inter-instance latencies.

Question 20

What are the two different types Enhanced networking?

Answer 20

1. Elastic network adapter (ENA)
   - Supports network speeds of up to 100 Gbps for supported instance types
2. Intel 82599 virtual function (VF) interface
   - Supports network speeds of up to 10 Gbps for supported instance types. Typically used on older instances.

You always want to use ENA in any scenario because it’s a lot faster and more modern.

Question 21

What does the Elastic Fabric Adapter provide?

Answer 21

1. A network device you can attach to your Amazon EC2 instance to accelerate high performance computing (HPC) and machine learning applications.
2. Provides lower and more consistent latency and higher throughput than TCP transport traditionally used in cloud-based HPC systems.

Question 22

What is an OS-bypass?

Answer 22

OS-bypass enables HPC and machine learning applications to bypass the operating system kernel and communicate directly with the EFA device.

Not currently support with windows, only Linux.

Question 23

What are the 3 types of placement groups?

Answer 23

1. Cluster
2. Spread
3. Partition

Question 24

What is cluster placement groups and their advantages?

Answer 24

This is grouping of instances within a single availability zone. This is the only placement group that can’t spread acros availability zones.

This is recommended for applications that need low network latency, high network throughput or both.

Only certain instance types can be launched into a cluster placement group. It is generally recommended to only have the same type of instance in this placement group.

Question 25

What is spread placement groups, and when are they recommended?

Answer 25

A spread placement group is a group of instances that are each placed on distinct underlying hardware.

Spread placement groups are recommended for applications that have a small number of critical instances that should be kept seperate from each other.

This is used for individual instances. If for instance we have a database on one hardware we don’t want our backup database on the same piece of hardware.

Question 26

What are partition placement groups

Answer 26

Each partition placement group has it own set of racks. Each rack has its own network and power source. No two partitions within a placement group share the same racks, allowing you to isolate the impact of hardware failure within your application.

This is used when you have multiple instances and want them to have their own network and power sources.

Question 27

How does pricing of spot pricing work?

Answer 27

You decide on your maximum spot price. the instance will be provisioned so long as the spot price is below your maximum spot price.

If the spot price goes above your maximum you can either stop or terminate the instance.

The different regions and availability zones have different spot prices, so you should do some research on which has the cheapest spot prices.

Do not use spot instances for workloads that needs to be running 24/7, critical jobs or databases.

Question 28

How do you terminate a spot instance under a persistent spot request?

Answer 28

You cancel the spot request. You then terminate the instance.

Question 29

What are spot fleets?

Answer 29

A spot fleet is a collection of spot instances and (optionally) on-demand instances.

The spot fleet attempts to launch the number of spot instances and on-demand instances to meet the target capacity you specified in the spot fleet request.

The request for spot instances is fulfilled if there is available capacity and the maximum price you specified in the request exceeds the current spot price.

The spot fleet also attempts to maintain its target capacity fleet if your spot instances are interupted.

Question 30

What are pools?

Answer 30

A pool is a way to define a group of seettings like EC2 instance, operation system, and availability zones.

Question 31

What are the 4 different spot fleet strategies.

Answer 31

1. Capacity optimized

The spot instances come from the pool with optimal capacity for the number of instances launching.

2. Lowest price

The spot instances comes from the pool with the lowest price. This is the default strategy.

3. Diversified

The spot instances are distributed across all pools.

4. Instance Pools to use count

The spot instances are distributed across the number of spot instance pools you specify. This parameter is valid only whe used in combination with the lowest price stategy.

Question 32

Can you deploy vCenter on the AWS cloud using VMware?

Answer 32

Yes, you can deploy vCetner on the AWS Cloud using VMware.

It’s considered a good solution for extending your private VMware Cloud into the AWS public cloud.

Question 33

What is an AWS outpost?

Answer 33

Outposts brings the AWS data center directly to you, on premise. You can have outposts in sizes from 1U to 42U racks and multiple rack deployments.

It allows you to have the large variety of AWS services in your data center.

This allows you to extendAWS to your data center.

Question 34

What are the benefits of Outposts?

Answer 34

1. Hybrid cloud
   you can create a hybrid cloud where you can leverage AWS services inside your own data center.
2. Fully managed infrastructure
   AWS can manage the infrastructure for you. You don’t need a dedicated team to look after your outposts infrastructere.
3. Consistency
   Brint the AWS management console, API’s and SDK’s into you data center, allowing uniform consistency in your hybrid environment.

Question 35

What are the two different outposts familiymembers, and when do you use one over the other?

Answer 35

1. Outposts rack

• Hardware is starting with a single 42U rack and can scale up to 96 racks
• Services that are provided are AWS compute, storage, database and other services locally
• The results you can expect is it gives the same AWS infrastructure, services and APIs in your own datacenter

It’s recomended for business with A LOT of storage available

2. Outposts servers

• In terms of hardware you get individual servers in 1U or 2U form factor
• You can expect to get local compute and networking services.

It’s recommended in use cases where you have small space requiremnets like a retail store or banch offices.