Section 4: AWS Fundamentals: ELB + ASG + EBS

Question 1

What does ELB stand for?

Answer 1

Elastic Load Balancer (EC2 Load Balancer)

Question 2

What are load balancers?

Answer 2

Servers that forward internet traffic to multiple servers (EC2 instances) downstream

Question 3

How to access the application faced by a LB?

Answer 3

By using the DNS of the LB

Question 4

What happens to the instances that crash / stop responding correctly?

Answer 4

They get terminated by the LB and the LB will then forward the traffic to other instances

Question 5

How does the LB knows the health status of the instances?

Answer 5

By doing regular health checks to the instances

Question 6

How does the LB help with security?

Answer 6

It provides SSL termination for your web apps and separate public traffic from private traffic

Question 7

What is the benefit of using an ELB rather than a custom load balancer?

Answer 7

AWS guarantees that it will be working and handle updates and maintenance.
It is integretad with many AWS offerings

Question 8

What are the three types of ELB?

Answer 8

Classic Load Balancer (CLB, deprecated)
Application Load Balancer (ALB)
Network Load Balancer (NLB)

Question 9

How does an ELB perfom a health check on an instance?

Answer 9

It pings a port and a route (e.g. /health) and makes sure the response has a status of 200 (OK)

Question 10

What protocol does the ALB serves?

Answer 10

HTTP, HTTPS, Websockets (Layer 7 - Application Layer)

Question 11

What do ALB allow you to do?

Answer 11

Load balance to multiple HTTP applications across machines (target group)
Load balance to multiple applications on the same machine (containers)

Question 12

On what parameters can an ALB load balance traffic on?

Answer 12

Route (e.g. /users)

Hostname (domain) (e.g example.com)

Question 13

What are good use cases for ALB?

Answer 13

Micro services

Container based application (Docker & Amazon ECS)

Question 14

What does ECS stand for?

Answer 14

Elastic Container Service

Question 15

If we didn’t have ALBs, how could we get the same result with the CLB?

Answer 15

We would need to create one CLB per application (expensive and inefficient)

Question 16

What is a target group

Answer 16

A target group is a group of EC2 instances which are targetted by a LB.

Question 17

At what level can stickiness be enabled?

Answer 17

Target group level

Question 18

What does stickiness at the target group level mean?

Answer 18

Same request goes to the same instance

Question 19

What generates the stickiness?

TG, ALB, ASG or app

Answer 19

The ALB (not the application)

Question 20

What IP does the application server sees?

Answer 20

The private IP of the LB

Question 21

How can the application server see the IP of the user?

Answer 21

By looking at the “X-Forwarded-For” header of the request

Question 22

How can the application server see the port and the proto when using an ALB?

Answer 22

By looking at the “X-Forwarded-Port” and “X-Forwarded-Proto” headers respectively

Question 23

What does NLB stand for?

Answer 23

Network Load Balancer

Question 24

What protocol does the NLB serves?

Answer 24

TCP, UDP, TLS (Layer 4 - Transport Layer)

Question 25

What type of IP does NLB support?

Answer 25

Static IP or Elastic IP

Question 26

What does the NLB do?

Answer 26

Forward TCP traffic to your instances

Question 27

How many requests can an NLB handle per seconds?

Answer 27

Millions

Question 28

What is the latency brought by a NLB

Answer 28

About 100 ms compared to 400 ms for ALBs

Question 29

What are NLBs mostly used for?

Answer 29

Extreme performance (not be the default LB you choose)

Question 30

What does the creation process of an NLB look like?

Answer 30

Pretty much the same as an ALB

Question 31

What security feature do all ELB provide?

Answer 31

SSL certificates and SSL termination

Question 32

Can LBs scale?

Answer 32

Yes but not instantly, contact AWS for “warm-up” if you expect a sudden peak

Question 33

What IP does the NLB sees?

Answer 33

The client IP

Question 34

What enduces 4xx errors?

Answer 34

The client

Question 35

What enduces 5xx errors?

What about 503?

Answer 35

The application

503 errors mean at capacity or no registered target

Question 36

What to do if the LB can’t connect to your application?

Answer 36

Check the security groups

Question 37

How to make sure that a user can only access the application through an ELB?

Answer 37

By editing the security group attached to the application to only allow traffic on port 80 from the custom source sg-XXXXXX which is the sg attached to the LB.

Question 38

What can cause the “503 Service Temporarily Unavailable” error?

Answer 38

The target group of an ELB contains no running EC2 instances

Question 39

What does ASG stand for?

Answer 39

Auto Scaling Group

Question 40

What is the purpose of the ASG?

Answer 40

Ensure we have a minimum and a maximum number of machines running

Question 41

How does an ASG achieve its purpose? (3 things)

Answer 41

By scaling out to match an increased load
By scaling in to match a decreased load
Automatically registering new instances to an ELB

Question 42

What does “scale out” mean?

Answer 42

Add EC2 instances

Question 43

What does “scale in” mean?

Answer 43

Remove EC2 instances

Question 44

What are the three variables that affect the number of running EC2 instances in an ASG?

Answer 44

Minimum size
Actual size (Desired Capacity)
Maximum size

Question 45

What attributes does an ASG have?

Answer 45

Launch Configuration
Min/Max/Initial Capacity
Scaling Policies
Load Balancer Information
Network + Subnet Information

Question 46

What does an ASG launch configuration contain? (6 things)

Answer 46

AMI
Instance Type
EC2 User Data
EBS Volume
Security Groups
SSH Key Pair

Question 47

What can trigger an ASG to change the number of running EC2 instances?

Answer 47

CloudWatch alarms that monitor a metric (Such as average CPU)
New Simple Auto Scaling Rules managed by EC2

Question 48

What are the new auto scaling rules managed by EC2?

Answer 48

Target average CPU usage
Number of request on the ELB per instance
Average network in
Average network out

Question 49

What is the benefit of using the new auto scaling rules managed by EC2?

Answer 49

They are simple easier to set up and can make more sense

Question 50

How to use custom metric for auto scaling?

Answer 50

1. Send custom metric from app on EC2 to CloudWatch (PutMetric API)
2. Create CloudWatch alarm to react to low/high values
3. Use the CloudWatch alarm as the scaling policy for ASG

Question 51

What happens to IAM roles attached to ASGs?

Answer 51

They get assigned to the EC2 instances managed by the ASG

Question 52

How much $ are ASG?

Answer 52

FREE! You only pay for the underlying resources

Question 53

What does EBS stands for?

Answer 53

Elastic Block Store

Question 54

What happens to an EC2 instance root volume when it is manually terminated?

Answer 54

It gets deleted

Question 55

What is an EBS volume?

Answer 55

A network drive (not physical drive)

Question 56

What can an EBS volume be attached to?

Answer 56

A single EC2 instance

Question 57

How fast can an EBS be detached from an instance and attached to a new one?

Answer 57

Quickly

Question 58

On what level is an EBS locked?

Answer 58

Availability Zone (AZ)

Question 59

How to move a volume across another AZ?

Answer 59

By first making a snapshot of it

Question 60

What is the billing model of EBS volumes?

Answer 60

Provisioned (You get billed for all the provisioned capacity (GBs and IOPs)

Question 61

What does IOPs stands for?

Answer 61

Input/Output Operations Per Second

Question 62

What are the 4 types of EBS?

Answer 62

GP2 (SSD) Great Value - General Purpose
IO1 (SSD) Highest Cost - Highest performance
ST1 (HDD) Low Cost - Designed for frequent access
SC1 (HDD) Lowest Cost - Designed for low frequency

Question 63

Can you resize an EBS volume?

Answer 63

You can only increase the size and IOPs of an EBS volume

Question 64

What do you need to do after increasing the size of an EBS volume?

Answer 64

Repartition the drive

Question 65

How can you decrease the size of an EBS volume?

Answer 65

You first need to snaspshot the volume, then create a new smaller volume

Question 66

How can you backup an EBS volume?

Answer 66

By making a snapshot of it

Question 67

How much space does a snapshot take?

Answer 67

The space that the data occupied in the EBS volume (E.g. A snapshot of a 100GB EBS volume which contained 5 GB of data would weigth 5GB)

Question 68

What are snapshots used for?

Answer 68

Resizing a volume down
Changing the volume type
Encrypt a volume

Question 69

What is encrypted when using an encrypted EBS volume?

Answer 69

Data is encrypted at rest (on the volume)
Data is encrypted in flight (between the instances and the volume)
Data is encrypted in snapshots
Volumes created from snapshots are also encrypted

Question 70

How are encryption and decryption of EBS volumes handled?

Answer 70

Transparently

Question 71

How big is the impact of encryption on latency?

Answer 71

Minimal

Question 72

What keys does EBS encryption leverage?

Answer 72

Keys from KMS (AES-256)

Question 73

What does KMS (AES-256) stand for?

Answer 73

Key Management Service (Advanced Encryption Standard, blocks of 128 bits and key size of 256 bits)

Question 74

What are Instance Store?

Answer 74

Physically attached storage to the machine

Question 75

What is the main benefit of an Instance Store?

Answer 75

Better I/O performance

Question 76

What happens to the data in an Instance Store when the machine is terminated?

Answer 76

It is lost

Question 77

Can you resize the Instance Store?

Answer 77

No

Question 78

Who has to manage backups when it comes to Instance Store?

Answer 78

The user

Question 79

Can/should you backup EBS volumes while your application is handling a lot of traffic?

Answer 79

You should not, because EBS backups use IO

Question 80

By default, what happens to root EBS volumes attached to EC2 instances when the instance is terminatted?

Answer 80

They also get terminated (Data is lost)