Udemy Lecture 3: EC2 Flashcards
What does EC2 stand?
stands for elastic compute cloud & its a way todo infrastructure as a service on AWS
What are the different things EC2 mainly used for?
- Renting virtual machines (EC2)
-Storing data on virtual drives (EBS)
-Distributing load across machines (ELB)
-Scaling the services using an auto-scaling group (ASG)
What do you have to decide when it comes to EC2?
-Operating systems (OS): Linux, Windows or Mac OS
-How much compute power & cores (CPU)
-How much random- access memory (RAM)
-How much storage space (& do you want it networked attached with EBS & EFS or do you want it hardware with EC2 instance store)
-Network card ( speed of the card, public IP address)
-Firewall rules (what type of security group)
-Bootstrap script (configure at first launch called the EC2 user data)
Its possible to bootstrap our instances using an EC2 user ________
data script
Bootstrapping means what?
launching commands when a machine starts
That scripts is only run once at the instance first start
EC2 user data is used to automate boot tasks such as what?
Installing updates
Installing software
Downloading common files from the internet
Anything you can think of
The EC2 data script runs with the _________
root user
What is AWS naming conventions for EC2 instance?
m5.2xlarge
-m: instance class
-5: generation of the instance (AWS improves them over time, so if its a newer version it will be m6 not m5)
-2xlarge: size within the instance class (the larger the size the larger the memory)
What are general Purpose instances best for?
greate for a diversity of workloads such as web servers or code repositories
Good balance between:
Compute
Memory
Networking
t2.micro (is a general purpose EC2 instance)
What are Compute Optimized instance best for?
great for compute -intensive tasks that require high performance processors like (all the compute instances start with a C)
Can use for :
-Batch processing workloads
-Media transcoding
-High Performance webservers
-High performance computing (HPC)
-Scientific modeling & machine learning
-Dedicated gaming servers
What are Memory optimized EC2 instance best for?
fast performance for workloads that process large data sets in memory like (all the memory instances start with R bc R stands for RAM)
Can use for:
-High performance, relational/non-rational databases
-Distributed web scale cache stores
-In-memory database optimized for BI (business Intelligence)
-Applications performing real-time processing of big unstructured data
What are Storage optimized instances best for?
great for storage -intensive tasks that require high, sequential read & write access to large data sets on local storage (storage instances start with an I OR D)
Can use for:
-High frequency online transaction (OLTP) systems
-Relational & NoSQL databases
-Cache for in-memory databases (ex. redis)
-Data warehousing application
-Distributed file systems
________ are the fundamental of network security in AWS and they control how traffic is allowed into or out of our EC2 instance
Security groups
Security groups only contain _________ rules
allow rules
____________ rules can reference by IP or by other security groups
Security groups
What does a security groups regulate?
-Access to Ports
-Authorized IP ranges - IPv4 & IPv6
-Control of inbound network (from other to the instance)
-Control of outbound network (from the instance to other)
Security groups can be attached to ________ instances
multiple
Security groups are locked down to a ________/ VPC combination
regions
Its good to maintain one separate security group for ______ access
SSH
If your application is not accessible (time out) then its a _________ issue
security group
If your application gives a “connection refused” error then its an _________ or its not launched
application error
By default all in bound traffic is _______ & all outbound traffic is ________ with security groups
blocked, authorized
What are the different ports?
22= SSH
21=FTP
22=SFTP
80=HTTP
443= HTTPS
3389=RDP
What is 22=SSH port?
(secure shell)- log into a linux instance
What is the 21= FTP port?
(file transfer protocol) - upload files into a file share
What is 22=SFTP port?
(secure file transfer protocol)- upload files using SSH
What is 80=HTTP port?
access unsecure websites
What is 443=HTTPS port?
access secured websites
What is 3389= RDP port?
(remote desktop protocol) - log into a windows instance
________ is usable on OS systems such as Mac, Linux, Windows 10+ , if your using a system that is window 10 or below then can use Putty
SSH
Putty does the same thing as SSH (& can also be used on window 10+)
___________ can be used on all OS systems
EC2 instance connect
What is the share responsibility model for EC2?
Aws is responsible for:
-Infrastructure (global network security)
-Isolation on physical host
-Replacing faulty hardware
-Compliance validation
You are responsible for:
-Security groups roles
-Operatin system patches & updates
-Software & utilities installed on the EC2 instance
-IAM roles assigned to EC2 & IAM user access management
-Data security on your instance
EC2 instance is composed of what?
AMI (OS) + instance size (CPU + RAM) + Storage + security groups + EC2 user data
________ starts a terminal into our EC2 instance (port 22)
SSH
EC2 instance role link to ________
IAM roles
What are the different EC2 purchasing options?
-On-demand
-Spot
-Reserved (standard & convertible)
-Dedicated host - get access to the physical sever itself
-Dedicated instance - instances that run on hardware thats dedicated to you, may share hardware with other instances in same account & no control over instance placement (can move hardware after stop/start)
