Serverless Flashcards
What does AWS X-Ray do?
it allows you to scan Lambda architecture and debug issues with AWS Lambda
Can an AWS Lambda function trigger another AWS Lambda Function?
No
What is AWS SAM?
A superset of Cloudformation functionality that allows you to run serverless applications locally
At a high level, what does ECS do?
- ECS is a managed container orchestration service
- It creates clusters to manage fleets of container deployments
- Schedules containers for optimized placement within a cluster
In the context of ECS, What is a cluster?
In ECS, A cluster is a logical connection of ECS resources
In the context of ECS, what is the difference between a task definition and a container definition?
- A task definition defines your application (think Dockerfile but for ECS)
- A container definition defines the individual containers a task uses (think CPU, malloc, port mappings)
Suppose you have two containers that always need to run together. How would you ensure this in ECS?
put their container definitions under the same task definition
In the context of ECS, what is a task?
A single running copy of any containers defined in a task definition
(One working copy of your application)
In the context of ECS, what is a service?
A service allows task definitions to scale by adding tasks.
Sets a min/max number of tasks that varies with autoscaling
At a high level, what is Fargate?
Fargate is a serverless container engine
In what instances would you use EC2 instances instead of Fargate?
- Strict compliance requirements
- Your use case requires broader customization (since you can’t actually get in to the Fargate instance)
- Your use case requires GPUs
What does EKS stand for?
Elastic Kubernetes Service
At a high level, what is Kubernetes?
Kubernetes is an open-source software that lets you deploy and manage containerized applications at scale
In the context of EKS, what is a pod?
In EKS, containers are grouped into pods
It is roughly analagous to a task in ECS
What is the use case for EKS?
- You are already using Kubernetes and want to migrate to AWS
How does ECR ensure high availability?
It is deployed across multiple AZs within a region
At a high level, what is ECR?
ECR is a managed Docker container registry
How does ECS benefit from ELB?
with ELB, you can distribute traffic evenly across tasks in your service
What is the difference between EC2 Instance Roles and Task Roles?
- An EC2 Instance Role applies a policy to all tasks running in that EC2 instance
- A Task Role only applies to that task
So, Task Roles respect Least Priviledges better than EC2 instance Roles
When configruing SQS as event source for AWS Lambda function, what is the maximum batch size supported by AWS SQS RecieveMessage API call?
10
What Amazon CloudFront events can be used to trigger a Lambda Function?
- Viewer Request
- Viewer Response
- Origin Request
- Origin Response
(Source: https://github.cloud.capitalone.com/puggles/deposits-accounts-bankcard-pin/blob/develop/settings.xml#L9)
Suppose you change code and upload a new version of code to an AWS Lambda Function. What will happen to requests sent immediately after the code change?
For a brief period (usually less than one minute) requests might be served by either the old or new version
Are Lambda environment variables automatically encrypted?
They are encrypted when deployed, and decrypted when invoked (so your code can use them)
What actions are required by Lambda Execution Role in order to write logs in CloudWatch?
- CreateLogGroup
- CreateLogStream
- PutLogEvents
When a lambda is synchronously invoked and errors, what is returned?
A 200 status code
A FunctionError field in the response
What is the pricing model for AWS Lambda?
- Requests (per million)
- Total Duration and Hardware (per GB-s)
In the context of ECS, what is a task definition?
A JSON template that describes containers which form your application
What are the key features offered by ECS?
- Containers and Images
- Task Definitions
- Tasks and Scheduling
- Clusters
- Container Agent
How do ECS clusters get permissions to access your AWS resources?
They use container instance roles in IAM
