Server-Based Compute (EC2) Fundamentals

Question 1

What is EC2?

Answer 1

o	EC2 (Elastic Compute Cloud) is an IaaS (Infrastructure as a Service) product, responsible for providing long-running compute as a service, through instances
o	It is a regional service, so all instances created in a Region will be isolated to that Region

Question 2

How do you connect to an EC2 instance?

Answer 2

o Before creating an Instance, you need to create a Key Pair: the Public Part is stored by AWS, the Private Part is downloaded to your machine.

Question 3

What is the difference between Instance Store Volumes and Elastic Block Store?

Answer 3

o Instance Store Volumes can be configured, and they are physically part of the instance, hence no resilience (if the instance fails, the data is lost too). They are not persistent, but are the highest performance store volumes
o Elastic Block Store (EBS) is the other type of storage: they are created outside of the instance, and attached to it

Question 4

How do you monitor an EC2 running instance?

Answer 4

o Tight link with CloudWatch, for monitoring resources usage

o Data coming at 5’ granularity by default, which can be improved to 1’ at extra cost

Question 5

How does billing work for Instances and Storage?

Answer 5

o You are not billed if an instance is in a pending, stopping, stopped, shutting down or terminated state (excluding reserved instances)
o You are billed for EBS Volumes regardless of instance’s state

Question 6

What are the various families of Instance Types?

Answer 6

o EC2 Instances are grouped into families, designed for a specific broad type workload: general purpose, compute optimized, memory optimized, storage optimized and accelerated computing

Question 7

What are the various sizes of Instances?

Answer 7

o Instance sizes include nano, micro, small, medium, large, x.large, 2x.large and larger

Question 8

What are Snapshots?

Answer 8

o Snapshots are point in time backups of an EBS volume, stored in S3
o The initial snapshot is a full copy of the volume, and further snapshots only store data changes since last snapshot
o Snapshots can be used to create new volumes and are a great way to move or copy instances between AZs
o It is best practice to shutdown an instance before creating snapshots
o Snapshots can be copied between regions, shared and automated using Data Lifecycle Management (DLM)

Question 9

What are Security Groups?

Answer 9

o Security Groups are software firewalls that can be attached to network interfaces and (by association) products in AWS
o SG have inbound and outbound rules, allowing traffic from or to a source (IP, network, named AWS entity) and protocol
o SG have a hidden implicit/default deny rule but cannot explicitly deny traffic
o SG are stateful (for any traffic allowed in/out, the return traffic is automatically allowed)
o SG can reference AWS resources, other SGs and even themselves
o Every Elastic Network Interface can have a maximum of 5 SG associated with it

Question 10

What is Instance Metadata, and what is the HTTP address associated with it?

Answer 10

o Instance Metadata is data relating to the instance that can be accessed from within the Instance itself, using a utility capable of accessing HTTP and using the URL http://169.254.169.254/latest/meta-data
o It is a way for scripts and applications running on EC2 to get visibility of data without using API calls