Udemy Lecture 3: EC2

Question 1

What does EC2 stand?

Answer 1

stands for elastic compute cloud & its a way todo infrastructure as a service on AWS

Question 2

What are the different things EC2 mainly used for?

Answer 2

• Renting virtual machines (EC2)
  -Storing data on virtual drives (EBS)
  -Distributing load across machines (ELB)
  -Scaling the services using an auto-scaling group (ASG)

Question 3

What do you have to decide when it comes to EC2?

Answer 3

-Operating systems (OS): Linux, Windows or Mac OS
-How much compute power & cores (CPU)
-How much random- access memory (RAM)
-How much storage space (& do you want it networked attached with EBS & EFS or do you want it hardware with EC2 instance store)
-Network card ( speed of the card, public IP address)
-Firewall rules (what type of security group)
-Bootstrap script (configure at first launch called the EC2 user data)

Question 4

Its possible to bootstrap our instances using an EC2 user ________

Answer 4

data script

Question 5

Bootstrapping means what?

Answer 5

launching commands when a machine starts

That scripts is only run once at the instance first start

Question 6

EC2 user data is used to automate boot tasks such as what?

Answer 6

Installing updates
Installing software
Downloading common files from the internet
Anything you can think of

Question 7

The EC2 data script runs with the _________

Answer 7

root user

Question 8

What is AWS naming conventions for EC2 instance?

Answer 8

m5.2xlarge

-m: instance class
-5: generation of the instance (AWS improves them over time, so if its a newer version it will be m6 not m5)
-2xlarge: size within the instance class (the larger the size the larger the memory)

Question 9

What are general Purpose instances best for?

Answer 9

greate for a diversity of workloads such as web servers or code repositories

Good balance between:
Compute
Memory
Networking
t2.micro (is a general purpose EC2 instance)

Question 10

What are Compute Optimized instance best for?

Answer 10

great for compute -intensive tasks that require high performance processors like (all the compute instances start with a C)

Can use for :
-Batch processing workloads
-Media transcoding
-High Performance webservers
-High performance computing (HPC)
-Scientific modeling & machine learning
-Dedicated gaming servers

Question 11

What are Memory optimized EC2 instance best for?

Answer 11

fast performance for workloads that process large data sets in memory like (all the memory instances start with R bc R stands for RAM)

Can use for:
-High performance, relational/non-rational databases
-Distributed web scale cache stores
-In-memory database optimized for BI (business Intelligence)
-Applications performing real-time processing of big unstructured data

Question 12

What are Storage optimized instances best for?

Answer 12

great for storage -intensive tasks that require high, sequential read & write access to large data sets on local storage (storage instances start with an I OR D)

Can use for:
-High frequency online transaction (OLTP) systems
-Relational & NoSQL databases
-Cache for in-memory databases (ex. redis)
-Data warehousing application
-Distributed file systems

Question 13

________ are the fundamental of network security in AWS and they control how traffic is allowed into or out of our EC2 instance

Answer 13

Security groups

Question 14

Security groups only contain _________ rules

Answer 14

allow rules

Question 15

____________ rules can reference by IP or by other security groups

Answer 15

Security groups

Question 16

What does a security groups regulate?

Answer 16

-Access to Ports
-Authorized IP ranges - IPv4 & IPv6
-Control of inbound network (from other to the instance)
-Control of outbound network (from the instance to other)

Question 17

Security groups can be attached to ________ instances

Answer 17

multiple

Question 18

Security groups are locked down to a ________/ VPC combination

Answer 18

regions

Question 19

Its good to maintain one separate security group for ______ access

Answer 19

SSH

Question 20

If your application is not accessible (time out) then its a _________ issue

Answer 20

security group

Question 21

If your application gives a “connection refused” error then its an _________ or its not launched

Answer 21

application error

Question 22

By default all in bound traffic is _______ & all outbound traffic is ________ with security groups

Answer 22

blocked, authorized

Question 23

What are the different ports?

Answer 23

22= SSH
21=FTP
22=SFTP
80=HTTP
443= HTTPS
3389=RDP

Question 24

What is 22=SSH port?

Answer 24

(secure shell)- log into a linux instance

Question 25

What is the 21= FTP port?

Answer 25

(file transfer protocol) - upload files into a file share

Question 26

What is 22=SFTP port?

Answer 26

(secure file transfer protocol)- upload files using SSH

Question 27

What is 80=HTTP port?

Answer 27

access unsecure websites

Question 28

What is 443=HTTPS port?

Answer 28

access secured websites

Question 29

What is 3389= RDP port?

Answer 29

(remote desktop protocol) - log into a windows instance

Question 30

________ is usable on OS systems such as Mac, Linux, Windows 10+ , if your using a system that is window 10 or below then can use Putty

Answer 30

SSH

Putty does the same thing as SSH (& can also be used on window 10+)

Question 31

___________ can be used on all OS systems

Answer 31

EC2 instance connect

Question 32

What is the share responsibility model for EC2?

Answer 32

Aws is responsible for:
-Infrastructure (global network security)
-Isolation on physical host
-Replacing faulty hardware
-Compliance validation

You are responsible for:
-Security groups roles
-Operatin system patches & updates
-Software & utilities installed on the EC2 instance
-IAM roles assigned to EC2 & IAM user access management
-Data security on your instance

Question 33

EC2 instance is composed of what?

Answer 33

AMI (OS) + instance size (CPU + RAM) + Storage + security groups + EC2 user data

Question 34

________ starts a terminal into our EC2 instance (port 22)

Answer 34

SSH

Question 35

EC2 instance role link to ________

Answer 35

IAM roles

Question 36

What are the different EC2 purchasing options?

Answer 36

-On-demand
-Spot
-Reserved (standard & convertible)
-Dedicated host - get access to the physical sever itself
-Dedicated instance - instances that run on hardware thats dedicated to you, may share hardware with other instances in same account & no control over instance placement (can move hardware after stop/start)