Section 3: AWS Fundamentals: EC2

Question 1

What does EC2 stands for?

Answer 1

Elastic Computer Cloud

Question 2

What are EC2’s four main capabilities?

Answer 2

Renting virtual machines (EC2)
Storing data on virtual drives (EBS)
Distributing load accross machines (ELB)
Scaling the services using an auto-scaling group (ASG)

Question 3

What does EBS stands for?

Answer 3

Elastic Block Store

Question 4

What does ELB stands for?

Answer 4

Elastic Load Balancing

Question 5

What does ASG stands for?

Answer 5

Auto-Scaling Group

Question 6

How do I SSH into an EC2 instance?

Answer 6

ssh -i keypair.pem ec2-user@XXX.XXX.XXX.XXX

Question 7

What is the standard TCP port for SSH?

Answer 7

22

Question 8

MAC: What to do if I get “WARNING: UNPROTECTED PRIVATE KEY FILE!” while trying to connect to my EC2 instance via SSH?

Answer 8

Run the command “chmod 0400 keypair.pem”

Question 9

WINDOWS: What to do if I get “WARNING: UNPROTECTED PRIVATE KEY FILE!” while trying to connect to my EC2 instance via SSH?

Answer 9

Look at the properties of the .pem file and make sure that I’m the sole Owner of the file

Question 10

What is a key pair?

Answer 10

A key pair is “keypair.pem” looking file which allows me to connect to my EC2 instance via SSH

Question 11

What are the fundamentals of network security in AWS?

Answer 11

Security Groups

Question 12

What is the function of Security Groups?

Answer 12

To control how traffic is allowed into or out of our EC2 machines

Question 13

What do security groups regulate?

Answer 13

Allowed ports

Authorized IP ranges - IPv4 and IPv6

Question 14

Can a security group be attached to many instances at the same time?

Answer 14

Yes

Question 15

Are security groups global?

Answer 15

No, they are locked down to a region / VPC

Question 16

What does VPC stands for?

Answer 16

Virtual Private Cloud

Question 17

Where do security groups lives (in relation to EC2 instances)?

Answer 17

They live outside of EC2 instances. These instances aren’t aware of blocked traffic.

Question 18

What common problem occurs when security groups are badly configured?

Answer 18

Application is not accessible (Timeout)

Question 19

What does a “connection refused” error mean when it comes to security groups?

Answer 19

They are unrelated, “connection refused” errors come from the EC2 itself or an application running on it. If a security group blocks your request, you won’t see anything other than a timeout after a while.

Question 20

By default, security groups ____ all inbound traffic and ____ all outbound traffic.

Answer 20

block all inbound traffic

allow all outbound traffic

Question 21

Characteristics of Public IP

Answer 21

Public IP can be identified on the internet (WWW)
Must be unique across the whole web
Can be geo-located easily

Question 22

Characteristics of Private IP

Answer 22

Can only be identified on a private network only
Must be unique across the private network
E.g. Two different private networks can have the same IPs
Machines connect to WWW using an internet gateway (a proxy)
Only a specified range of IPs can be used as private IP

Question 23

Characteristics of Elastic IP?

Answer 23

When you stop and then start an EC2 instance, it can change its public IP.
If you need to have a fixed public IP for your instance, you need an Elastic IP
An Elastic IP is a public IPv4 IP you own as long as you don’t delete it
You can attach it to one instance at a time

Question 24

What happens to the public IP of an EC2 instance if the machine is stopped and then started?

Answer 24

The public IP can change

Question 25

What is an EC2 User Data script?

Answer 25

A script that gets run when the EC2 instance first starts (It won’t get executed on future stop/start)

Question 26

What tasks can an EC2 User Data script do?

Answer 26

Anything, for e.g.
Install updates
Install software
Download common files from the internet
etc.

Question 27

As which user does the EC2 user data script run?

Answer 27

root

Question 28

What are the EC2 Instance Launch Types?

Answer 28

On-Demand Instances

Reserved Instances

• Convertible Reserved Instances
• Scheduled Reserved Instances

Spot Instances

Dedicated Instances
Dedicated Hosts

Question 29

On-Demand Instances pricing

Answer 29

Pay for what you use

Highest cost but no upfront payment and no long term commitment

Question 30

On-Demand Instances recommended use case

Answer 30

Short term un-interrupted workloads where you can’t predict how the application will behave

Question 31

Reserved Instances pricing

Answer 31

75% discount compared to On-demand

Pay upfront for what you use

Question 32

Reserved Instances reservation period

Answer 32

1 or 3 years

Question 33

Reserved Instances recommended use case

Answer 33

Steady state usage applications (think database)

Question 34

Convertible Reserved Instance pricing

Answer 34

Up to 54% discount compared to On-demand

Question 35

Convertible Reserved Instance main characteristic

Answer 35

Can change the EC2 type

Question 36

Scheduled Reserved Instances main characteristic

Answer 36

Launch within the time window you reserve (when you require a fraction of day/week/month)

Question 37

Spot Instances pricing

Answer 37

Up to 90% discount compared to On-demand

Price varies based on offer and demand

Question 38

Spot Instances usage time

Answer 38

You bid a price and get the instance as long as its under the price

Question 39

How are spot instances reclaimed by AWS?

Answer 39

Spot instances are reclaimed with a 2 minute notification warning when the spot price goes above your bid

Question 40

Spot Instances recommended use case

Answer 40

Batch jobs
Big Data analysis
Workloads that are resilient to failures

Question 41

Dedicated Hosts recommended use case

Answer 41

Software that have complicated licensing model (BYOL – Bring Your Own License)
Companies that have strong regulatory or compliance needs

Question 42

Dedicated Hosts characteristics

Answer 42

Physical dedicated EC2 server for your use
Full control of EC2 Instance placement
Visibility into the underlying sockets / physical cores of the hardware

Question 43

Dedicated Hosts pricing

Answer 43

More expensive than reserved instances

Question 44

Dedicated Hosts reservation period

Answer 44

1 to 3 years

Question 45

Dedicated Instances characteristics

Answer 45

Running on hardware that’s dedicated to you

May share hardware with other instances in same account

Question 46

On what time increments are EC2 instances usage billed?

Answer 46

On one second increments with a minimum of 60 seconds

Question 47

What factors influence an EC2 instance price?

Answer 47

Its type
Its region
Its pricing model (On-Demand, Savings Plan, Reserved, Spot, Dedicated Host)
Its OS

Question 48

What does AMI stands for?

Answer 48

Amazon Machine Image

Question 49

How to customize an existing AMI at runtime?

Answer 49

!/bin/bash

By using an EC2 User Data script like the following:

########################################################
##### USE THIS FILE IF YOU LAUNCHED AMAZON LINUX 2 #####
########################################################

# get admin privileges
sudo su

# install httpd (Linux 2 version)
yum update -y
yum install -y httpd.x86_64
systemctl start httpd.service
systemctl enable httpd.service
echo "Hello World from $(hostname -f)" > /var/www/html/index.html

Question 50

What is the scope of an AMI?

Answer 50

Its region, it cannot be used in another region

Question 51

What are some advantages of using a custom AMI?

Answer 51

Having pre-installed packages
Faster boot time
Machine can be configured with monitoring / enterprise software
Installing your app ahead of time (faster deploys when auto-scalling)
Optimization out of the box

Question 52

What are the 5 distinct characteristics of EC2 instances?

Answer 52

RAM
CPU
I/O (disk performance, EBS optimisations)
Network
GPU

Question 53

What are burstable instances (T2, T3, T3a)

Answer 53

Machines that can handle a hard spike in load very efficiently but won’t last if the load doesn’t decrease

Question 54

What are burstable instances (T2, T3, T3a) good at?

Answer 54

Handling unexpected traffic and getting the insurance that it will be handled correctly

Question 55

When should you consider using scheduled reserved instances?

Answer 55

When you have workloads that require a fraction of day/week/month