Elastic Compute Cloud (EC2) Basics Flashcards
Virtualization 101
Virtualization is the process of running one or more operating systems in a piece of physical hardware.
Before virtualization, the architecture looks something like this:
A Server with a collection of physical resources, CPU & MEM, Network card and Devices. On top of this, runs an O.S, that O.S runs with a special level of access to the hardware, called “Priviledge Mode” (a small part of the O.S = Kernel)
-The kernel is the only part of the O.S, capable of interacting with the hardware.
-The O.S can allow other software to run, such as Applications, but these run on “User Mode” or “Unpriviledge Mode”. (They cannot directly interact with the hardware, they’ll have to go through the O.S) They’ll need to make a “System Call”.
Virtualization Architecture
Each O.S is separate, each runs it’s own Applications. But the CPU can only have one thing running as “Priviledge Mode”, a priviledge process RAM, has direct access to the hardware, and all of these O.S, if they’re running in their own modified state, they expect to be running on their own, on “Priviledge State”.
-Trying to run three or more different O.S, in this way, will cause system crashes.
Virtualization was created as a solution to this problem, allowing multiple different priviledge applications to run, on the same hardware. Initially virtualization, was really inefficient, because the hardware wans’t aware of it.
Methods of Performing Virtualization
-Emulated Virtualization (Software Virtualization)
This method hosts O.S running on the hardware, and it included different capabilities known as a “Hypervisor”. The software ran on “Priviledge Mode”, it had full access to hardware on the host server. Around the multiple other O.S, we’ll now refered it to “Guest O.S”, were wrapped in a container of sorts, called “Virtual Machines”.
Each VM, was an unmodified O.S, such as Windows or Linux, with a virtual allocation of resources, such as CPU, Memory, and a local disk space. VM’s also had devices mapped into them, such as Network cards, Graphics card, and other local devices, such as Storage. The Guest O.S, believed these to be real, just like physical devices, but they weren’t real, just Emulated hardware by the Hipervisor.
Since the Guest O.S, believes that they are running on real hardware, so they still attempt to make “Priviledge Calls”, they try to take control of the CPU, try to directly read/write, what they think of memory and disk, which are NOT real.
The Hypervisor, it performs a process called “Binary Translation”, any priviledge operation, are intercepted and translated on the fly in software, by the Hypervisor.
- Para-Virtualization
With Para-Virtualization, the Guest O.S, is still running in same VM container, with virtual resources allocated to them, but instead of the slow “Binary Translation”, another approach is used. Para-Virtualization only works on a small subset of O.S, O.S which can be modified.
Because with Para-Virtualization, there are areas of the Guest O.S, which attempt to make priviledge calls, and these are modified, they are modified to make them -usicalls-, but instead of directly calling on the hardware, they call to the Hypervisor, called “HyperCalls”.
So areas of the O.S, which would traditionally make “Priviledge Calls” directly to the hardware, are modified, so the source code of the O.S is changed, to call the Hypervisor rather than the Hardware. (This makes the Hardware aware)
-Hardware Assisted Virtualization
With this, the hardware itself become “Virtualization Aware”, the CPU contains specific instructions and capabilities, so the Hypervisor can directly control and configure, the support. So the CPU itself is aware of performing virtualization.
When Guest O.S attempt to run any priviledge instructions, they are trapped by the CPU, which knows to expect them from these Guest O.S’s, so the system as a whole, doesn’t hault. They are re-directed by the hardware, to the Hypervisor, and he handles how these are executed.
–Easier to obtain better performance
–I/O operations can impact performance (Since there’s only 1 network card)
- Single Root I/O Virtualization (SR-IOV)
SR-IOV allows a device, such as a network adapter, to separate access to its resources among various PCIe hardware functions.
SR-IOV enables network traffic to bypass the software switch layer of the Hyper-V virtualization stack. Because the VF is assigned to a child partition, the network traffic flows directly between the VF and child partition.
–As a result, the I/O overhead in the software emulation layer is diminished and achieves network performance that is nearly the same performance as in nonvirtualized environments.
–In EC2, this is “Enhanced Networking”.
EC2 Architecture and Resilience
-EC2 Instances are virtual machines (OS+Resources)
-EC2 Instances run on EC2 Hosts, and these are physical service hardware, which AWS manages.
-These are Shared Hosts or Dedicated Hosts
–Shared Hosts = Are hosts which are shared with different AWS customers, so you don’t get any ownership of the hardware, and pay for the individual instances on how long you run them for and what resources you have allocated. (Every customer is isolated from each other)
–Dedicated Hosts = You are paying for the entire hosts, not the instance which run on it, it’s dedicated to your account and you don’t have to share it with other customers.
-Hosts = 1 AZ - AZ Fails, Hosts Fails, Instances Fail. (AZ Resilient Service)
-Local storage = Instance Store (also AZ Resilient)
-Remote storage = EBS (also AZ Resilient)
-If you restart the instance, they stay on the same hosts.
They don’t stay if:
-The hosts fails or taken down for maintenance.
-If the instance is stopped and then started.
If any of these, happen, the instance will be relocated to another hosts in the same AZ.
-You cannot connect an instance with a volume in another AZ.
What’s EC2 good for?
-Traditional OS+Application Compute
-Long-Running Compute
-Server style applications…
-Perfect for services/apps that need burst or steady-state load.
-Monolithic application stacks (Database/Middleware..)
-Migrated application workloads or Disaster Recovery
EC2 Instances Types
When you choose an EC2 Instance type, you are doing so, to influence different things.
-Raw CPU, Memory, Local Storage Capacity & Type
-Resource Ratios - Some type of instances give you of one, than the other.
-The amount of Storage and Data Network Bandwidth.
-System Architecture / Vendor - Intel/AMD ….
-Additional Features and Capabilities - GPUs, FPGAs..
EC2 Categories
-General Purpose - Default - Diverse workloads, equal resource ratio.
-Compute Optimized - Media Processing, HPC, Scientific Modelling, Gaming, Machine Learning.
-Memory Optimized - Processing large in-memory datasets, some database workloads.
-Accelerated Computing - Hardware GPU, flied programmable gate arrays (FPGAs).
-Storage Optimized - Sequential and Random IO - scale-out transactional databases, data warehousing, Elasticsearch, analytics workloads.
Decoding EC2 Types
R5dn.8xlarge > Instance Type
R = Instance Family
5 = Instance Generation
dn = Additional Capabilities (This may vary)
8xlarge = Instance Size
Storage Key Terms
-Direct (local) attached Storage - Storage on the EC2 Host (Instance Store)
–Generally super fast
–If the hardware/disk fails, the storage can be lost
–If an EC2 Instance moves between hosts, the storage can be lost
-Network attached Storage - Volumes delivered over the network (EBS)
–In on-premises environments, this uses protocols such as ISCSI, or fiber channel. (In AWS - EBS)
–Highly resilient
–Separate from the instance hardware, so the storage can survive issues, which impact the EC2 hosts.
-Ephemeral Storage - Temporary Storage (Instance Store )
–You can’t rely on to be persistent
-Persistent Storage - Permanent Storage - lives on past the lifetime of the instance (EBS)
Three main categories of storage available within AWS
-Block Storage - Volume presented to the OS as a collection of blocks… no structure provided. MOUNTABLE, BOOTABLE.
–If you want a storage to boot from.
–If you want to utilize high performance storage inside an O.S
-File Storage - Presented as a file share.. has structure. MOUNTABLE, NOT BOOTABLE.
-If you want to share a file system, across multiple different servers or clients, or have them accessed by different services.
-Object Storage - collection of objects, flat structure. NOT MOUNTABLE, NOT BOOTABLE.
–Scalable, it can be accessed by thousands or millions of perople simultaneously
–If you want large access to read and write object data at scale. (Webscale application)
Storage Performance
IO Size x IOPS = Throughput
-IO (Block) Size = Is the size of the blocks of data that you’re writing to disk, expressed in kilobytes or megabytes (K/MB)
-Input/Output Operations per Second (IOPS) = Measures the number of IO operations the storage system can support in a second.
-Throughput = Is the rate of data a storage system can store on a particular piece of storage (MB/s)
If you want to maximize your throughput, you need to use the right block size and then maximize the IOPS, if either of these three are limited, it can impact the other two.
Elastic Block Store (EBS)
-Is a service which provides Block Storage - raw disk allocations (volume) - Can be encrypted using KMS
-EC2 instances see block device and create file system on this device (ext3/4, xfs)
-Storage is provisioned in ONE AZ (Resilient in that AZ)
-You create a volume and generally attach it, to ONE EC2 instance (or other service) over a storage network.
-Can be detached and reattached, EBS volumes are not linked to the instance lifecycle of one instance, they are persistent.
-Snapshot (backup) into S3 - Create volume from snapshot (migrate between AZs)
-EBS can provision volumes based on different physical storage types, different sizes, different performance profiles.
-Billed based on GB-month. (and in some cases performance)
-EBS replocates within an AZ - Failure of an AZ means failure of a volume.
-Snapshots copied across regions provide global resilience.
EBS Volume Types - General Purpose SSD - GP2
-Great for Boot volumes, low-latency interactive apps, dev & test.
-Volumes can be as small as 1GB, or as large as 16TB.
-When they are created, the volume is created with an IO Credit. (An IO Credit is 16KB IOPS assume 16KB - 1 IOPS is 1 IO in 1 second.)
-IO “Credit” Bucket - Capacity 5,4 million IO Credits - Fills of rate of Baseline Performance.
-Bucket Fills with min 100 IO Credits per second - Regardless of volume size.
-Beyond the 100 minimum the bucket fills with 3 IO credits per second, per GB of volume size (Baseline Performance)
Means that a 100GB Volume, gets 300 IO Credits per second, refilling the bucket. (Depends on the volume)
-By default, GP2 can burst up to 3,000 IOPS by depleting the bucket.
-All volumes get an initial 5,4 million IO credits, 30 minutes @ 3,000 IOPS - Great for boots and initial workloads.
If you are consuming more IO credits, than the rate that your bucket is refilling, then you are depleting the bucket.
-Volumes larger than 1,000GB (1TB) - Baseline is above burst. Credit system isn’t used & you always achieve Baseline. (Up to maximum for GP2 of 16,000 IO credits per second (Baseline Performance))
EBS Volume Types - General Purpose SSD - GP3
-Useful for: Virtual desktops, medium sized single instance databases such as MSSQL Server and Oracle DB, low-latency interactive apps, dev & test, boot volumes.
-Removes the credit bucket architecture of GP2.
-Every GP3 volume, regardless of size, starts with a STANDARD 3,000 IOPS & it can transfer 125 MiB/s.
-Volumes can be as small as 1GB, or as large as 16TB.
-GP3 is CHEAPER (~20%) Base price.
-If you need more performance, you can pay extra for up to 16,000 IOPS or 1,000 MiB/s.
-4x Faster Max throughput vs GP2 - 1,000 MiB/s vs 250 MiB/s.
EBS Volume Types - Provisioned IOPS SSD (io1/2)
-High performance, latency sensitive workloads, I/O-intensive NoSQL & relational databases.
-Designed for consistent low latency & jitter. **
-When you need smaller volumes and super high performance.
-With io1/2/BlockExpress IOPS can be adjusted Independently of size of the volume.
-Up to 64,000 IOPS per volume (4x GP2/3)
-Up to 256,000 IOPS per volume (Block Express)
-Up to 1,000 MB/s throughtput
-Up to 4,000 MB/s throughtput (Block Express)
-Volumes sizes:
–4GB-16TB io1/2
–4GB-64TB BlockExpress
-Performance ratio:
–io1 50IOPS/GB (MAX)
–io2 500IOPS/GB (MAX)
–BlockExpress 1000IOPS/GB (MAX)
-Per Instance Performance:
–Influenced by the type of volume, Type of instance, and Size of the instance.
–This maximums are more than a single EBS volume can provide, so you’re going to need multiple volumes.
–io1 - 260,000 IOPS & 7,500MB/s
–io2 - 160,000 IOPS & 4,750MB/s
–Block Express - 260,000 IOPS & 7,500MB/s
EBS Volume Types - HDD-Based
There’s 2 types of EBS HDD-based:
-Throughput Optimized (st1)
–Designed when cost is a concern, but you need frequent access to storage throughput intensive workloads (Big data, data warehouses, log processing)
–Cheaper than the SSD volumes.
–Designed for data, which is sequentially accessed, since it’s HDD-based, it’s not great at random access, more designed for data that needs to be written or read, in a fairly sequential way.
–Range from 125GB to 16TB.
–Max of 500 IOPS (1MB IO) - means MAX 500 MB/s.
–40MB/s per TB Base.
–250MB/s per TB Burst.
-Cold HDD (sc1)
–Designed for infrequent workloads, is geared towards maximum economy, when you just want to store lots of data and don’t care about performance.
–Cheaper than st1
–Max of 250 IOPS (1MB IO) - means MAX 250 MB/s.
–12MB/s per TB Base.
–80MB/s per TB Burst.
–Range from 125GB to 16TB.
–Lowest cost HDD volume designed for less frequently accessed workloads.
–Colder data/archives requiring fewer scans per day.
