Serverless Flashcards
What does AWS X-Ray do?
it allows you to scan Lambda architecture and debug issues with AWS Lambda
Does AWS Lambda scale out automatically?
Yes
Does AWS Lambda scale up automatically?
No
Can an AWS Lambda function trigger another AWS Lambda Function?
No
What does SAM stand for?
Serverless Application Model
What is AWS SAM?
A superset of Cloudformation functionality that allows you to run serverless applications locally
What does ECS stand for?
Elastic Container Service
What is a container?
A container is a package with an application, libraries, runtime, and the tools required to run it
What are the benefits of using containers?
- Containers provide isolation benefits of virtualization with less overhead and faster start times than VMs
- Containers are portable, and offer a consistent environment
At a high level, what does ECS do?
- ECS is a managed container orchestration service
- It creates clusters to manage fleets of container deployments
- Schedules containers for optimized placement within a cluster
What is the pricing structure of ECS?
ECS is free
(although the EC2/Fargate instances that you spin up in it have standard charges)
In the context of ECS, What is a cluster?
In ECS, A cluster is a logical connection of ECS resources
In the context of ECS, what is the difference between a task definition and a container definition?
- A task definition defines your application (think Dockerfile but for ECS)
- A container definition defines the individual containers a task uses (think CPU, malloc, port mappings)
Suppose you have two containers that always need to run together. How would you ensure this in ECS?
put their container definitions under the same task definition
In the context of ECS, what is a task?
A single running copy of any containers defined in a task definition
(One working copy of your application)
In the context of ECS, what is a service?
A service allows task definitions to scale by adding tasks.
Sets a min/max number of tasks that varies with autoscaling
In the context of ECS, what is a registry?
storage for container images
Used to download images to create containers
At a high level, what is Fargate?
Fargate is a serverless container engine
What is the pricing structure for Fargate?
You specify and pay for resources per application
In what instances would you use EC2 instances instead of Fargate?
- Strict compliance requirements
- Your use case requires broader customization (since you can’t actually get in to the Fargate instance)
- Your use case requires GPUs
What does EKS stand for?
Elastic Kubernetes Service
What does K8s stand for?
Kubernetes
At a high level, what is Kubernetes?
Kubernetes is an open-source software that lets you deploy and manage containerized applications at scale
In the context of EKS, what is a pod?
In EKS, containers are grouped into pods
It is roughly analagous to a task in ECS
What is the use case for EKS?
- You are already using Kubernetes and want to migrate to AWS
What does ECR stand for?
Elastic Container Registry
How does ECR ensure high availability?
It is deployed across multiple AZs within a region
What is the price structure of ECR? That is, what specifically do you pay for?
With ECR, you pay for storage and data transfer
At a high level, what is ECR?
ECR is a managed Docker container registry
How does ECS benefit from ELB?
with ELB, you can distribute traffic evenly across tasks in your service
What is the difference between EC2 Instance Roles and Task Roles?
- An EC2 Instance Role applies a policy to all tasks running in that EC2 instance
- A Task Role only applies to that task
So, Task Roles respect Least Priviledges better than EC2 instance Roles
When configruing SQS as event source for AWS Lambda function, what is the maximum batch size supported by AWS SQS RecieveMessage API call?
10
What Amazon CloudFront events can be used to trigger a Lambda Function?
- Viewer Request
- Viewer Response
- Origin Request
- Origin Response
(Source: https://github.cloud.capitalone.com/puggles/deposits-accounts-bankcard-pin/blob/develop/settings.xml#L9)
Suppose you change code and upload a new version of code to an AWS Lambda Function. What will happen to requests sent immediately after the code change?
For a brief period (usually less than one minute) requests might be served by either the old or new version
What poll-based services are supported by AWS Lambda?
- Kinesis
- DynamoDB
- SQS
(Source: https://docs.aws.amazon.com/lambda/latest/dg/lambda-invocation.html?shortFooter=true%23streaming-event-source-mapping)
What are the limitations on what memory can be allocated to an AWS Lambda Function?
128MB to 3008MB, in increments of 64 MBs
(Source: https://docs.aws.amazon.com/lambda/latest/dg/gettingstarted-limits.html)
Are Lambda environment variables automatically encrypted?
They are encrypted when deployed, and decrypted when invoked (so your code can use them)
What actions are required by Lambda Execution Role in order to write logs in CloudWatch?
- CreateLogGroup
- CreateLogStream
- PutLogEvents
When a lambda is synchronously invoked and errors, what is returned?
A 200 status code
A FunctionError field in the response
What is the pricing model for AWS Lambda?
- Requests (per million)
- Total Duration and Hardware (per GB-s)
In the context of ECS, what is a task definition?
A JSON template that describes containers which form your application
What are the key features offered by ECS?
- Containers and Images
- Task Definitions
- Tasks and Scheduling
- Clusters
- Container Agent
Can you add additional security capabailities to your ECS containers?
Yes, you have root access to the OS of your container instances
What should you do for monitoring and alerting with ECS?
Utilize CloudTrail**
Can Lambda be used for monitoring?
No
How do ECS clusters get permissions to access your AWS resources?
They use container instance roles in IAM
