Questions Flashcards
I’ve heard some rumors that the cloud is more expensive so i’d like to learn how this will affect our bottom line — TCO team
I need to better understand the workloads in discussion, perhaps we can have a session around a particular workload and business needs to perform a Total Cost of Ownership analysis.
There may be areas to further cost-optimize workloads for cloud hosting.
If we enter an enterprise relationship with AWS, what discount structures can we expect?
I can give a broad overview of pricing for various services, but to get into a more detailed discussion, including specific discounts, we should have a followup conversation with your Account Manager as well.
On-demand pricing seems to be a good option, but I need to know how much I need to allocate expenses up-front for budget estimation.
On-demand pricing won’t work for us
We also offer saving with our Reserved Capacity (Reserved Instances for example) pricing, where you can fix-priced the cost with 1 or 3 year engagement.
We just bought lots of new hardware and software licenses, do I need to throw them away to move to AWS?
You don’t need to throw away your current investment, many of our customers use AWS to extend their current datacenters and applications, without more large up-front expenses.
How do we prevent costs going out of control?
It’s great that this can enable our developers to be more agile, but what’s to stop them from spinning up a lot of expensive services?
AWS provides robust billing reporting features. One best-practices is to tag resources, which can help break down costs consumed by application area or business unit, etc.
You can create budgets in your AWS account tied to tags and/or services. By setting a threshold, you can configure alerts to be notified when costs start to approach a level you’re not comfortable with.
Budget alerts can also be tied to functions you can create using our Lambda service to take action on the alert.
Using our Identity and Access Management service, you can also define policies which limit the services certain groups of users can interact with. One could be to ensure only smaller computer instances are available to developers in their account.
If we go over a defined budget, are you going to terminate and delete our instances and data?
AWS won’t terminate or delete your data. We provide tools allowing you to define the actions to take based on alerts, but those are for you to define and manage.
Do you support AIX?
AIX isn’t a supported OS, but what are you looking to migrate?
I’d like to go into more detail on that workload. While the OS itself may not be supported, we can go over architectures to support the workload in AWS.
We can’t have competitors on the same hosts as our workloads. Can AWS guarantee we won’t be sharing hardware?
I’m curious what your concerns are?
AWS fully isolates instances from each other, but we do offer Dedicated Hosts which dedicates the underlying host soley for your account’s use.
We’ve invested heavily in X and its licensed per processor ID, so we can’t use cloud virtualization can we?
If you have licensing requirements tied to hardware IDs, AWS offers Bare Metal instances where you have access to the hardware for use cases like this.
What hypervisor do you run?
How do you guarantee isolation between guests?
AWS historically leveraged the Xen hypervisor. Starting in 2018 AWS launched its own hypervisor named Nitro which uses less resources than traditional hypervisors making performance nearly indistinguishable from bare-metal systems. Hypervisor runs in Ring0
VMs run in Ring3/Ring4 and discuss from there.
Isolation between EC2 and EBS - Understanding the communication.
So, EC2 is basically the same as VMware?
While similar to VMware in terms of being virtualized operating systems, EC2 is compute on demand and there are a lot of options to enable your developers and engineers to create resilient applications with AWS managing the underling infrastructure.
VMware is also a partner and it is possible to run VMware on top of EC2 and to integrate with your on-premises VMWare infrastructure.]
You mentioned encryption at rest and in transit, but that’s a heavy hit to compute power. How much overhead is there when enabling encryption?
That depends on where we’re discussing encryption. For example: encrypted EBS volumes you can expect the same IOPs with minimal impact on latency. For SSL between EC2 instances, you can expect similar performance overhead to hosting on-premises.
Where are you most concerned about performance impact? I can dig deeper into this and get back to you with more details.
How do you guarantee we don’t get impacted by “noisy neighbors”?
How do you guarantee the CPU and memory we’ve requested is actually allocated to us and not stolen by another VM?
As we get into architectural discussions with your teams, we have a Well Architected Framework and whitepapers we can leverage for resiliancy designs. With CloudWatch monitoring, actions can be automated for recovering from impacted components.
AWS also offers Dedicated Hosts, which dedicates the underlying host solely for your account’s use, but I would like to look at the requirements in more detail before making a recommendation.
Microsoft offers instances with 64TB of memory. What’s your largest?
What’s the largest machine we can get in terms of memory?
If you can’t offer 64TB, why would we choose you over Azure?
We’re constantly release new instance types so I’ll need to look it up to be sure [pull up https://aws.amazon.com/ec2/instance-types/ if possible]
What are you looking to run on this instance type?
Our app needs sub milisecond response times between components, so we locate VMs in the same rack in our datacenter. Running these in multiple AZs or even across the datacenter from each other is too slow. Can you guarantee they’ll be hosted physically together?
What are placement groups?
I’d like to dive a little deeper in the architecture at some point, but if there are workloads that require specific placement requirements, you can use Placement Groups to define several scenarios:
- Clusters: logical grouping of instances within a single Availability Zone where all nodes can communicate at the full line rate of 10 Gpbs with very low latency
- Partitions: logical groupings of instances, where contained instances do not share the same underlying hardware across different partitions
- Spread: group of instances that are each placed on distinct underlying hardware
Can I bring my Windows Server licenses to AWS?
AWS supports BYOL for Windows and SQL Server, but you will need to check with your enterprise agreement terms as to whether you’re able to leverage this feature.
Do you support Windows Server 2003?
Windows 2003 R2 is available as an AMI, but we can also discuss steps to migrate your workloads to a newer Windows version since Microsoft ended support in 2015.
How often do you patch Amazon Linux and Windows AMIs? What about other OSs?
Amazon Linux is a rolling-release distribution where the latest package versions are available on first boot. The major releases are packaged every 6 months.
Amazon also releases updated Windows AMIs monthly.
For each AMI release, there’s a changelog of included fixes, but once instances are launched from the AMIs, patching is the responsibility of the customer.
You said we can instantly scale, but realistically how long does it take?
This depends on your workload and services and how you choose to configure the instances.
For services like DynamoDB, when you adjust the throughput capacity, the capacity is available as soon as the configuration change is applied.
For an EC2 instance, you’ll want to do some test runs to determine the average OS bootup time and any post-boot configuration management runs to understand how long from initiating an launch to application availability.
Hardware fails and if we’re running thousands of instances, what do you do to guarnatee we’re not losing VMs when your servers crash or fail?
As we get into architectural discussions with your teams, we have a Well Architected Framework and whitepapers we can leverage for resiliancy designs. At a high level, using multiple Availability Zones, Autoscaling Groups, and Eleastic Load Balancers are some best practices around ensuring high availability.
Is there a particular workload you have in mind?
What type of hardware is this going to run on? We are very particular on what we want.
AWS custom designs most of the hardware in our datacenters in order to meet our capacity, resiliency, and maintenance standards. We don’t purchase off-the-shelf hardware. If you want specifics, I can look into getting more details.
Can you share any examples of your particular requirements?
What is a hypervisor ?
A hypervisor is software that runs on a physical machine to support the EC2 instances on that machine. It is a layer that AWS is responsible for and not something that you would have visibiity of. In the Shared Responsibility Model it is an AWS responsibility to secure that layer.
We’re heavily invested in Oracle RAC. Do you support that?
AWS doesn’t natively support Oracle RAC, but there may be partner solutions [FlashGrid?] to leverage if RAC is a requirement. I’d love to sit down and go over this in more detail. There may be other services like Aurora that can provide the high availability and speed you need.
Do you support TDE? (Transparent Data Encryption)
AWS supports encryption at rest and in transit via a variety of methods. Using server-side encryption, you can provide a key or generate one and using the Key Management Service, configure policies for access. Client-side keys are also supported.
Is there a particular use case you have in mind?
We just went through a major purchase of Oracle database licenses. What do I do with them if we use RDS?
Depending on your licensing agreement with Oracle, you may be able to use the same licenses with Oracle on RDS.
Why should we switch away from MongoDB?
AWS allows the flexibility to run almost any workload, including MongoDB. You can continue to use and manage MongoDB like you currently do by running it on EC2.
AWS offers DocumentDB with MongoDB compatibility if you’d like to shift the infrastructure manangement to AWS, but there’s no requirement to do so.
What’s our RTO if there is a failure? do you support point-in-time restores?
If you are using Multi-AZ RDS, a failure of one node generally recovers within a minute by switching to the standby instance with the only availability impact being the time it takes for the DNS pointer to update.
For a single-AZ RDS instance, the RTO of an outage where the data isn’t impacted, just the EC2 instance, the availability impact would be the length of time it takes for the underlying EC2 instance to recover, which could take several minutes plus the time to replay any transaction logs.
If the impact is due to losing the storage volume, a point-in-time restore can be performed from a snapshot.
Redshift: How is it different from Green Plum data warehouse that we use?
AWS Redshift is Large scale data warehouse service for use with business intelligence tools while Pivotal GreenPlum is a Analytic Database platform built on PostgresSQL. Can you kindly elaborate on the particular use case to deep dive at later point of time
Redshift and EMR kind of the same thing, no?
Use Redshift when…
Traditional data warehouse
When you need the data relatively hot for analytics such as BI
when there is no data engineering team
When you require joins
When u need a cluster 24X7. Use EMR (SparkSQL, Presto, hive) when
When you dont need a cluster 24X7
When elasticity is important (auto scaling on tasks)
When cost is important: spots
Until a few hundred TB’s, In some cases PB’s will work.
When you want to separate compute and storage (external table + task node + auto scaling)
If Elasticache is compatible with redis/memcached, you’re saying its not actually them? Is it Amazon’s own? We don’t want to do a whole re-engineering effort and get locked into your solution.
Both Elasticache for Redis and for Memcached are fully compatible services that don’t require code changes. You can point your existing applications and clients to Elasticache to begin using the service.
Elastic Beanstalk and OpsWorks sound really similar. How are they different?
Both Beanstalk and OpsWorks are means of managing your infrastructure, but they target different use cases.
For Beanstalk, you can simply upload your code and Elastic Beanstalk and define its requirements and the service handles the infrastructure, deployment, load-balancing, scaling, and monitoring.
OpsWorks is a configuration management service that provides managed instances of Chef and Puppet that allow you to use code to automate the configurations of your servers. OpsWorks lets you use Chef and Puppet to automate how servers are configured, deployed, and managed.
Is this similar to salesforce cloud or icloud?
Those services are cloud-hosted. AWS provides all the I.T. resources necessary to host an application, such as these, in the cloud.
Those applications are higher-level offerings built on top of I.T. resources provided by cloud providers, like AWS.
How does AWS operate under Amazon.com?
Since you’re part of Amazon, are we just getting excess capacity they’re not using? Are we going to be treated like second-class citizens?
As a retailer, we’re competitors with Amazon, so why should we work with AWS?
AWS and Amazon.com are separate entities and Amazon.com is a customer of AWS with their own account manager and team, just like anyone else.
Amazon.com doesn’t get priority or special access and their utilization and growth plans are taken into account during AWS’s capacity planning, just like with any other customer.
If we spin down an environment on Friday, but need it on Monday, will AWS guarantee that they the capacity be available?
If we’re anticipating a huge spike and need 1000 instances, will AWS guarantee the capacity?
One of the reserved instance types offered are “Availability Zone” RIs, which would ensure the capacity purchased in that specific Availability Zone is reserved for use.
There are design considerations and strategies we can go over to help ensure application resiliency should a specific instance type not be available in a specific Availability Zone.
If you’re anticipating a need for a sudden increase in resources, like 1000 new instances, your Solution Architects and Account Manager would work with you to understand the use case and guide you meeting that demand.
AWS also has a process for special events. By working with your account team, we can open an Infrastructure Events Management ticket that helps you plan for large-scale events such as product or application launches, infrastructure migrations, and marketing events. This includes capacity planning support.
What’s a region?
What’s an Availability Zone?
Regions are separete geographic areas completely independent from each other. Each region has multiple isolate fault tolerant domains called Availability Zones connected to each other by low latency links. Availability Zones contain one or more datacenters.
Azure has x # of Regions but you have only Y?
I’m not sure how other providers configure their offerings, but AWS has 81 Availability Zones within 25 geographic regions around the world, with announced plans for XX more Availability Zones and 3 more AWS Regions. (XX- confirm the latest numbers on global infrastructure site)
AWS also has XX Points of Presence (XX Edge Locations and X Regional Edge Caches) in XX cities across XX countries.
What global capabilities are you looking for?
We have requirements for datacenter distances. How far apart are the datacenters in an Availability Zone?
Where are your datacenters?
How far apart are two AZs?
How many Availability Zones are in a region?
For the security of all customers, we don’t publish the locations or details of the specific datacenters. We can provide you with the third-party audit reports and dive deeper into our certifications if you’d like.
For high availability, best practices are to ensure a workload spans multiple Availability Zones, which are designed to be fault-isolated from each other.
Every region has at least two Availability Zones, but for a particular region, we publish the AZ counts by region online. I’d be happy to get the latest info for you.
What is the business driver for specified distances?
I see that some regions only have 2 AZ’s listed. That means S3 Standard isn’t supported there, correct?
While we design regions with at least two publicly Availability Zones, we ensure the capacity exists to meet service committments. S3-standard is supported and the replication occurs to a private area within that Region, but that area isn’t made publically available for workload placement.
