Instance Storage 2 Flashcards

1
Q

At what layers is data encrypted on an ESB drive? (4 places)

  1. How is encryption handled?
A

Data is encrypted at rest inside the volume.

All the data moving between the instance and the volume is encrypted

Snapshots are encrypted

Volumes created from the snapshot are encrypted.

  1. It’s handled transparently
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What keys and key type does EBS encryption utilize?

How can an unencrypted disk be encrypted.

Are snapshots of encrypted volumes encrypted?

A

EBS encryption utilizes AES 256 keys from the AWS KMS.

Create a snapshot of the volume, encrypt that snapshot by making an encrypted copy, create a new EBS volume from that snapshot, then attach the encrypted volume to the original instance. You can also do a shortcut and create an encrypted volume directly from another volume.

Yes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Is EBS redundant?

A

Yes, it’s already replicated within an AZ.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is RAID 0?

What is this useful for?

Explain how RAID 0 works?

A

Raid 0 provides a way to increase IOPS performance by combining 2 more move volumes and getting the total IOPS and diskspace.

Applications that need a lot of IOPS and don’t need fault tolerance

Basically you are striping your data across volumes so for each volume that you add, you increase the number of IOPS that you can perform.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is RAID 1?

How are IOPS and throughput affected when you add another volume in RAID 1?

When would you use RAID 1?

A

Raid 0 Increases fault tolerance through mirroring.

When another volume is added in RAID 0, the number of IOPS and throughput does not increase, only the fault tolerance is improved because there is another backup.

When you want to increase fault tolerance or service disks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is the elastic file system (EFS)?

What are the uses of EFS?

What file systems can be used with EFS?

How does the price compare to gp2?

A

The elastic file system is a network file system that can be mounted on many EC2 instances across many AZs?

Content management, web serving, data sharing, Wordpress

Only linux file systems can be used. Windows AMIs cannot be used. It is pay per use.

It’s about 3x more expensive than gp2

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

How many clients can EFS support?

What is the throughput on EFS?

How does storage scaling work in EFS?

A

EFS can scale to 1000s of NFS clients

10GB+/s throughput.

It can grow to petabyte scale automatically.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are the performance modes of EFS?

A

General purpose - Used for latency sensitive use cases (web server, CMS, etc)

Max I/O - Has a higher latency, but higher throughput and it’s highly parallel. Useful for big data, media processing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are the throughput modes of EFS?

A

Bursting - 1 TB = 50MiB with bursts up to 1000MiB/s

Provisioned: Set your throughput regardless of storage size, Ex 1 GiB/s for 1TB storage

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are the storage tiers of EFS?

A

Standard - Used for frequently accessed files

Infrequent access - There is a cost to retrieve files, but a lower cost to store.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is an EFS access point?

A

Amazon EFS access points are application-specific entry points into an EFS file system that make it easier to manage application access to shared datasets. Access points can enforce a user identity, including the user’s POSIX groups, for all file system requests that are made through the access point. Access points can also enforce a different root directory for the file system so that clients can only access data in the specified directory or its subdirectories.

By combining IAM policies with access points, you can easily provide secure access to specific datasets for your applications.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly