EC2 Exam Tips
- Know the difference between:
- On Demand
- You terminate - you pay for the hour
- AWS terminates - the hour is free
EC2 Instance Types
|D2||Dense Storage||Fileservers/Data Warehousing/Hadoop|
|R4||Memory Optimized||Memory Intensive Apps/DBs|
|M4||General Purpose||Application Servers|
|C4||Compute Optimized||CPU Intensive Apps/DBs|
|G2||Graphics Intensive||Video Encoding/ 3D Application Streaming|
|I2||High Speed Storage||NoSQL DBs, Data Warehousing, etc.|
|F1||Field Programmable Gate Array||Hardware acceleration for your code.|
|T2||Lowest Cost, General Purpose||Web Servers/Small DBs|
|P2||Graphics/General Purpose GPU||Machine Learning, Bit Coin Mining, etc|
|X1||Memory Optimized||SAP HANA/Apache Spark etc|
EBS Consists of:
- SSD, General Purpose - GP2 - (Up to 10,000 IOPS)
- SSD, Provisioned IOPS - IO1 - (More than 10,000 IOPS)
- HDD, Throughput Optimized - ST1 - frequently accessed workloads
- HDD, Cold - SC1 - less frequently accessed data
HDD, Magnetic - Standard - cheap, infrequently accessed storage
You cannot mount 1 EBS volume to multiple EC2 instances, instead use EFS.
- Termination Protection is turned off by default, you must turn it on.
- On an EBS-backed instance, the default action is for the root EBS volume to be deleted when the instance is terminated
- Root Volumes cannot be encrypted by default, you need a third party tool (such as bit locker, etc) to encrypt the root volume.
Additional volumes can be encrypted
- Volumes exist on EBS
- Virtual Hard Disk
- Snapshots exist on S3
- You can take a snapshot of a volume, this will store that volume on S3.
- Snapshots are point in time copies of Volumes.
- Snapshots are incremental, this means that only the blocks that have changed since your last snapshot are moved to S3
If this is your first snapshot, it may take some time to create
- Snapshots of encrypted volumes are encrypted automatically
- Volumes restored from encrypted snapshots are encrypted automatically
- You can share snapshots, but only if they are unencrypted
These snapshots can be shared with other AWS accounts or made public
- To create a snapshot for EBS volumes that serve as a root device, you should stop the instance before taking the snapshot
EBS vs Instance Store
- Instance Store = Ephemeral.
- Instance Store cannot be stopped, the host fails, you lose data
- EBS backed instances can be stopped, you will not lose the data on this instance if it is stopped.
- You can reboot both, you will not lose your data.
- By default, both ROOT volumes will be deleted on termination, however with EBS volumes, you can tell AWS to keep the root device volume.
How can I take a Snapshot of a RAID array
- Problem - Take a snapshot of a RAID array, the snapshot excludes data held in the cache by applications and the OS. This tends not to matter on a single volume, however using multiple volumes in a RAID array, this can be a problem due to interdependencies of the array.
Solution - Take an application consistent snapshot
- Stop the application from writing to disk
- Flush all caches to the disk
- Freeze the file system
- Unmount the RAID array
- Shut down associated EC2 Instances
- AMIs are regional but can be copied via console, CLI or API
- Standard - 5 Min
Detailed - 1 min
- CloudWatch - Performance
CloudTrail - Auditing
- Dashboards - Visual
- Alarms - Thresholds
- Events - State change response
- Logs - Syslog
- Roles are more secure than storing access keys
- Easier to manage than keys
- Roles can be assigned to EC2 Instance AFTER it has been provisioned using both CLI and console
- Roles are universal, you can use them in any region
- Used to get information about an instance
- curl http://169.254.169.254/latest/meta-data
- curl http://169.254.169.254/latest/user-data
- Supports the NFSv4 protocol
- You only pay for the storage you use (no pre-provisioning)
- Can scale up to the petabytes
- Can support thousands of concurrent NFS connections
- Data is stored across multiple AZ’s within a region
- Read After Write Consistency
- A compute service where you can upload your code and create a Lambda function. AWS Lambda takes care of provisioning and managing the servers that you use to run the code. You con’t have to worry about operating systems, patching, scaling, etc. You can use Lambda in the following ways.
- As an event-driven compute service where AWS Lambda runs your code in response to events. These events could be changes to data in an Amazon S3 bucket or an Amazon DynamoDB table.
- As a compute service to run your code in response to HTTP requests using API Gateway or API calls made using AWS SDKs.