EC2 – AWS Developer Certified Exam Notes

  • Amazon Elastic Compute Cloud is a web service that provides resizable compute capacity in the cloud. Amazon EC2 reduces the time required to obtain and boot new server instances to minutes, allowing you to quickly scale capacity, both up and down, as your computing requirements change.
  • EC2 Options:
    • OnDemand: Allow you to pay a fixed rate by the hour (or second) with no commitment (for applications with unpredictable workload)
    • Reserved: Provide you with a capacity reservation, and offer a significant discount on the hourly charge for an instance. 1 hour or 3 year Terms. ability to make upfront payment
    • Spot: Enable you to bid whatever price you want for instance capacity, providing for even greater savings if your applications have flexible start and end times
      • if you terminate the instance, you pay for the hour
      • Is AWS terminates the spot instance, you get the hour if was terminated in for free
    • Dedicated Hosts: Physical EC2 server dedicated for your use. Dedicated Hosts can help you reduce costs by allowing you to use your existing server-bound software licences
  •  EC2 Instance Types:
    Family
    Speciality
    Use cases
    D2
    Dense Storage
    Fileservers/ Data Warehousing/ Hadoop
    R4
    Memory Optimized
    Memory Intensive Apps/ DBs
    M4
    Generel Purpose
    Application Servers
    C4
    Compute Optimized
    CPU Intensive Apss/ DBs
    G2
    Graphics Intensive
    Video Encoding/ 3D Application Streaming
    I2
    High Speed Storage IOPS
    NoSQL, DBs, Data Warehousing
    F1
    Field Programmable Gate Array
    Hardware acceleration for your code
    T2
    Lowest cost, General purpose
    Web Servers/ Small DBs
    P2
    Graphics
    Machine learning, Bit Coins Mining
    X1
    Memory Optimized
    SAP HANA/ Apache Spark
  • EBS: Amazon EBS allows you to create storage volumes and attach them to Amazon EC2 instances. Once attached, you can create a file system on top of these volumes, run a database, or use them in any other way you would use a block device. Amazon EBS volumes are places in a specific AZ, where they are automatically replicated to protect you from the failure of a single component.
  • IOPS: the requested number of IO operations per second that the volume can support
  • EMS Volume Types:
    • General purpose SSD (GP2) Up to 10000 IOPS
    • Provisioned IOPS SSD (IO1) use if you need more than 10000 IOPS
    • Throughput Optimized HDD (ST1) (Data warehouses, bigdata…) Frequently accessed workloads CANNOT BE USED AS BOOT VOLUME
    • Cold HDD (SC1) less frequently accessed data, for “fileserver” CANNOT BE USED AS BOOT VOLUME
    • Magnetic (Standard): Lowest cost per gigabyte. Ideal for workloads where data is accessed infrequently
  • You cannot mount 1 EBS volume to multiple EC2 instances, instead use EFS
  • Cant encrypt root volumes device for EC2 instances
  • Termination protection is turned off by default, you must turn it on
  • The EBS root volume of your default AMI’s cannot be encrypted. You can also use a third party tool (such as bit locker etc) to encrypt the root volume, or this can be done when creating AMI’s in the AWS console or using the API
  • Additional volumes can be encrypted
  • Security groups are STATEFUL:
    • If you create an inbound rule allowing traffic in, that traffic is automatically allowed back out again
  • default security group means any server can access other server from the same region
  • Possibility to have many security groups assigned to one EC2 instance
  • All inbound traffic is blocked by default
  • All outboud traffic is Allowed
  • You can have any number of EC2 instances within a security group
  • You cannot block specific IP addresses using Security Groups, instead use Network Access Control lists
  • You can allow rules, but cannot deny rules
  • EBS volumes can be changed on the fly (except for magnetic standard)
  • Best practice to stop the EC2 instance and then change the volume
  • You can change volume types by taking a snapshot and then using the snapshot to create a new volume
  • If you change a volume on the fly you must wait for 6 hours before making another change
  • You can scale EBS volume volumes up only
  • Volumes must be in the same AZ as the EC2 instances
  • Volumes exists on EBS and Snapshots exist on S3
  • Snapshots of encrypted volumes are encrypted automatically
  • Volumes restored from encrypted snapshots are encrypted automatically
  • You can share snapshots, but only if they are unencrypted
  • Instance Store Volumes are sometimes called Ephemeral Storage
  • Instance store volumes cannot be stopped. If the underlying host fails, you will lose your data
  • EBS backed instances can be stopped. You will not lose the data on the instance if it stopped
  • You can reboot both, you will not lose your data
  • Amazon EFS is a file storage service for Amazon Elastic Cloud instances. Amazon EFS is easy to use and provides a simple interface that allows you to create and configure file systems quickly and easily. With Amazon EFS, storage capacity is elastic, growing and shrinking automatically as you add and remove files, so your applications have the storage they need, when they need it.
  • EFS Features:
    • Supports the Network File System 4 (NFSv4) protocol
    • You only pay for the storage you use (no pre-provisionning required)
    • Can scale up to the petabytes
    • Can support thousands of concurrent NFS connections
    • Data is stored across multiple AZ’s within a region
    • Read After Write Consistency (As soon as you put your object to EFS, you can immediately read it)
  • EC2 metadata: curl http://169.254.169.254/latest/meta-data/public-ipv4
  • CloudWatch is for performance monitoring
    • Creates awesome dashboards to see what is happening with your AWS environment
    • Allows you to set alarms that notify you when particular thresholds are hit
    • CloudWatch Events helps you to respond to state changes in your AS resources
    • Helps you to aggregate, monitor, and store logs
    • Standard monitoring = 5 minutes
    • Detailed monitoring: 1 minute
  • CloudTrail is for auditing
  • 5XX means server side side error.
  • 4XX there has been a client side error
  • 3XX means there has been a redirection
  • In order to enable encryption at rest using EC2 and Elastic Block Store you need to configure encryption when creating the EBS volume
  • The EC2 instances under the autoscaling group are chargeable. But the autoscaling itself is not
  • Elastic Load Balancer is chargeable
  • The local instance store only persists during the life of the instance
  • In order to maintain the quality of EC2 addresses for sending email, we enforce default limits on the amount of email that can be sent from EC2 accounts
  • When an EC2 instance is terminated, we do charge for the storage for any Amazon EBS volumes
  • If I have two instances in different availability zones, data transfer is charged at “Data Transfer Out from EC2 to Another AWS Region” for the first instance and at “Data Transfer In from Another AWS Region” for the second instance
  • Amazon EC2 instances are grouped into 5 families:
    • General Purpose,
    • Compute Optimized,
    • Memory Optimized,
    • GPU,
    • and Storage Optimized instances
  • M3 instances provide better, more consistent performance than M1 instances for most use-cases
  • All accounts are limited to 5 Elastic IP addresses per region
  • Aach Availability Zone runs on its own physically distinct, independent infrastructure, and is engineered to be highly reliable
  • The new hypervisor for Amazon EC2, introduced with the launch of C5 instances, is a component that primarily provides CPU and memory isolation for C5 instances. VPC networking and EBS storage resources are implemented by dedicated hardware components that are part of all current generation EC2 instance families
  • There is no additional fee for Enhanced Networking. To take advantage of Enhanced Networking you need to launch the appropriate AMI on a supported instance type in a VPC (C3, C4, C5, D2, I3, I2 M4, X1 and R3 instances)
  • We currently support enhanced networking capabilities using SR-IOV (Single Root I/O Virtualization). SR-IOV is a method of device virtualization that provides higher I/O performance and lower CPU utilization compared to traditional implementations
  • If you are using an Amazon EBS volume as a root partition, you will need to set the Delete On Terminate flag to “N” if you want your Amazon EBS volume to persist outside the life of the instance.
  • Amazon EBS includes two major categories of storage: SSD-backed storage for transactional workloads (performance depends primarily on IOPS) and HDD-backed storage for throughput workloads (performance depends primarily on throughput, measured in MB/s). SSD-backed volumes are designed for transactional, IOPS-intensive database workloads, boot volumes, and workloads that require high IOPS. SSD-backed volumes include Provisioned IOPS SSD (io1) and General Purpose SSD (gp2). HDD-backed volumes are designed for throughput-intensive and big-data workloads, large I/O sizes, and sequential I/O patterns. HDD-backed volumes include Throughput Optimized HDD (st1) and Cold HDD (sc1).
  • EBS snapshots are only available through the Amazon EC2 APIs.
  • Each snapshot is given a unique identifier, and customers can create volumes based on any of their existing snapshots.
  • If you share a snapshot, you won’t be charged when other users make a copy of your snapshot. If you make a copy of another user’s shared volume, you will be charged normal EBS rates.
  • Amazon EFS is compatible with all Amazon EC2 instance types and is accessible from Linux-based AMIs.
  • If you have an Auto Scaling group with running instances and you choose to delete the Auto Scaling group, the instances will be terminated and the Auto Scaling group will be deleted.
  • Auto Scaling Service CANNOT scale past the Amazon EC2 limit of instances that you can run
  • The Classic Load Balancer that routes traffic based on either application or network level information, and the Application Load Balancer that routes traffic based on advanced application level information that includes the content of the request.
  • Possible to purchase RI for a running instance
  • Possible to change the RI during its term
  • RIs do not apply to Spot instances or instances running on Dedicated Hosts
  • A Convertible RI is a type of Reserved Instance with attributes that can be changed during the term.
  • The Convertible RI is useful for customers who can commit to using EC2 instances for a three-year term in exchange for a significant discount on their EC2 usage, are uncertain about their instance needs in the future, or want to benefit from changes in price.
  • The Reserved Instance Marketplace is an online marketplace that provides AWS customers the flexibility to sell their Amazon Elastic Compute Cloud (Amazon EC2) Reserved Instances to other businesses and organization
  • Spot instances allow you to specify the maximum hourly price that you are willing to pay to run a particular instance type
  • Micro Instances are well suited for lower throughput applications and web sites that consume significant compute cycles periodically but very little CPU at other times for background processes, daemons, etc.
  • Accelerated Computing instance family (P, G) is a family of instances which use hardware accelerators, or co-processors, to perform some functions, such as floating-point number calculation and graphics processing, more efficiently than is possible in software running on CPUs.
  • Example applications of G3 instances include 3D visualizations, graphics-intensive remote workstation, 3D rendering, application streaming, video encoding, and other server-side graphics workloads.
  • P3 instance use GPUs to accelerate numerous deep learning systems and applications including autonomous vehicle platforms, speech, image, and text recognition systems, intelligent video analytics, molecular simulations, drug discovery, disease diagnosis, weather forecasting, big data analytics, financial modeling, robotics, factory automation, real-time language translation, online search optimizations, and personalized user recommendations, to name just a few.
  • T2.nano, our smallest Burstable Performance Instance size
  • If your application requires sustained high CPU performance, we recommend our Fixed Performance Instances, such as M3, C3, and R3.
  • T2 instances have two new metrics, CPUCreditUsage and CPUCreditBalance. CPUCreditUsage indicates the amount of CPU Credits used. CPUCreditBalance indicates the balance of CPU Credits.
  • HIgh I/O instances (I2) are targeted at workloads that demand low latency and high random I/O in addition to moderate storage density and provide the best price/IOPS across other EC2 instance types. Dense-storage instances (D2) are optimized for applications that require high sequential read/write access and low cost storage for very large data sets and provide the best price/GB-storage and price/disk-throughput across other EC2 instances.
  • Memory-optimized instances offer large memory size for memory intensive applications including in-memory applications, in-memory databases, in-memory analytics solutions, High Performance Computing (HPC), scientific computing, and other memory-intensive applications.
  • VM Import/Export enables customers to import Virtual Machine (VM) images in order to create Amazon EC2 instances
  • You can export running or stopped EC2 instances that you previously imported using VM Import/Export. If the instance is running, it will be momentarily stopped to snapshot the boot volume. EBS data volumes cannot be exported. EC2 instances with more than one network interface cannot be exported.
  • A dedicated host is required if you want to use your existing Windows Server licence with EC2
  • Use AttachVolume to attach EBS volume to EC2 instance
  • AMI can only be used to launch EC2 instances in the same AWS region as the AMI is stored
  • Accounts can have a MAX of 100 buckets
  • Classic ELB supports IPv6 as well as IPv4.
  • Frequently snapshots are not recommended. as they can result in performance degradation. Additionally these snapshots will not capture users unsaved data that lives in the instance memory
  • Windows RDP works on port 3389
  • How can you secure data at rest on an EBS volume: EBS encyption can be enabled during the creation of an EBS volume. For a existing EBS volume, you need to use the encryption available at the Operationg system level
  • Amazon EBS-backed instances can be stopped and restarted, size limit is 16 TB
  • Size limit of Instance Store-backed is 10 GB
  • EC2 instance requires EIP or public IP in order to connect to the internet
  • Elastic IP address is a static IPv4
  • RegisterImage occurs in the final process of creating an AMI
  • Use CLI allocate-address to allocate EIP to EC2
  • BundleInstance API: Bundles an Amazon instance store-backed Windows instance (Only C: is bundled)
Advertisements

2 thoughts on “EC2 – AWS Developer Certified Exam Notes

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s