Skip to main content

AWS Architect Associate Notes - EC2

 

    1. EC2 - Elastic Compute Cloud
      1. Resizable compute capacity
    2. Pricing models
      1. On demand
        1. Low, flexible, no upfront cost
        2. Suitable for short term spike
      2. Reserved
        1. Suitable for steady state
        2. Pricing
          1. Standard reserved instance - 75% cheaper
          2. Convertible reserved instances - 54% cheaper
          3. Scheduled reserved instances
      3. SPOT
        1. For application have low compute usage
        2. Upto 90 % cheaper compared to on DEMAND
        3. Flexible start and end time
        4. You are not charged for the hour if AWS terminates your instance but are charged if you terminate the instance
        5. Suitable for fault tolerant or HPC application where downtime on short notice is acceptable. You get 2 minutes notice before an instance is terminated
        6. SPOT blocks stops an instance from being terminated if the spot pice goes above your max price and you can set this between 1 and 6 hours
        7. SPOT Fleet is collection of SPOT instance and optionally on demand instances
      4. Dedicated
        1. Regulated environment
        2. Licensing restrictions e.g. oracle doesn't allow multi tenant
    3. On EBS backed instance, by default Root volume are deleted when instances are terminated but any additional volumes are not
    4. Termination protection is off by default, you must turn it ON
    5. Root volumes and additional volumes  can be encrypted
    6. Security groups
      1. A rule change on a security group takes place immediately
      2. Security groups are stateful i.e if you all http port 80 in by default it allows port 80 out
      3. Network access control list (NACL) are state less - you have to explicitly allow in bound and outbound
      4. Security group you can only allow access but not block access unlike NACL
      5. Security group everything is blocked by default
      6. You can attack more than one security group to a EC2 instance
    7. EBS - Elastic Block Storage
      1. Persistent block storage volume for use with EC2
      2. Automatically replicated within the AZ to protect from component failure and offer high availability and durability
      3. Types
        1. General purpose SSD
        2. Provisioned IOPS SSD
        3. Throughput optimised HDD
        4. Cold HDD
        5. Magnetic
      4. Tip: EBS Volumes should be in same AZ as EC2
      5. Snapshots point in time copies on S3
        1. To take snapshot of volumes that serve root, you should stop the instance
        2. You can create AMI from snapshots
      6. Virtualisation type -?
        1. HVM - Hardware assisted virtualisation
        2. PV - Para virtualisation
    8. AMI Types -
      1. Instance store - Ephemeral store
        1. Cannot be stopped. If underlying storage fails, you loose the data
      2. EBS backed volume
        1. Can be stopped. You will not loose the data
        2. You can reboot both
    9. ENI vs ENA vs EFA
      1. ENI Elastic Network Interface - like a virtual network card
      2. ENA - Ehanced Network
      3. Elastic Fabric Adapter
        1. N/W device attached to Ec2 to provide High Performance Computing
    10. Encrypt a EBS root volume if you didn't encrypt at the time of creating EC2
      1. Create a snapshot
      2. Copy the snapshot and enable encryption
      3. Create an AMI from encrypted snapshot
      4. Create a EC2 from new AMI
    11. Hibernate
      1. RAM contents are persisted on root volume
      2. Root volume must be encrypted
      3. Provides a quick boot compared to STOP as OS does not need to be loaded
      4. Instance id is preserved
      5. Instance RAM must be less than 150GB
      6. Instance can't be hibernated for more than 60 days
      7. Available for on demand and reserved instances
    12. AWS CloudWatch
      1. Monitors services and applications performance
      2. Monitors host level metrics - cpu, disk, status
      3. Cloud watch monitors performance where CloudTrail monitors api calls in the AWS platform
      4. CloudWatch with EC2 will monitor events every 5 minutes
      5. 1 minute interval by turning detailed monitoring
      6. CloudWatch alarms to trigger notifications
    13. Roles
      1. More secure than storing Access keys on EC2
      2. Easy to manage
      3. Roles are universal and can be used in any region
      4. Can be assigned to EC2 after the instance has been created using command line or console
    14. Metadata
      1. Using endpoint http://169.254.269.254/latest/meta-data/<property> e.g mac or use /latest/user-data]
    15. EBS vs EFS (Elastic file System)
      1. EFS can be shared across multiple EC2 instances
      2. Storage grows and shrinks automatically up to petabytes
      3. Pay for the storage you use
      4. Can support thousands of concurrent NFS connections
      5. Data is stored across Multiple Azs in a region
      6. Read after Write concurrency
    16. FSx for Windows
      1. Native file system for windows.
      2. Windows file server for Windows applications like SQL Server, IIS ,Active Directory
    17. FSx for Lusture
      1. Managed file system for compute intensive workload like machine learning
      2. Can store data on S3 as well
    18. Placement groups
      1. Name of  placement group must be unique within your EC2 account
      2. You cannot merge placement groups
      3. You can move instance between placement group through CLI or SDK only. Instance must be in stopped state
      4. AWS recommends to have homogenous instance in clustered groups
      5. Clustered
        1. EC2 instance places in same AZ for low latency and high throughput
        2. Only certain instance can be launched in clustered
      6. Spread
        1. Separate racks,  with distinct underlying hardware
        2. Opposite of clustered
      7. Partition
        1. Multiple instance in a partition
        2. Each partition is on different hardware e.g. racks
    19. HPC - High Performance Compute
      1. Data transfer options
        1. Snowball and Snowmobile
        2. Datasync - agent on VM to sync data on from data centre into S3, FSA, FSX etc
        3. DirectConnection - Dedicated Private connection between on prem and AWS
      2. Compute and Networking
        1. CPU Or GPU optimised
        2. Spot instances fleets
        3. Placement groups
        4. Enhanced Network adapters
        5. Enhanced Networking
        6. Enhanced Fabric adapters
      3. Storage
        1. Instance attached
          1. EFS
          2. Ephemeral
        2. Network storage
          1. S3
          2. EFS
          3. FSx for Lusture
      4. Orchestration and automation
        1. AWS Batch - to run batch jobs
        2. AWS Parallel cluster - managed parallel HPC clusters
    20. AWS WAF - Web Application Firewall
      1. Monitors HTTP/s traffic to CloudFront, ALB and API Gateway
      2. Application layer - or layer 7 aware firewall
      3. Behaviour
        1. Allow all except the one you specify
        2. Block all except the one you specify
        3. Passive mode - count the request that match properties

     

     

Labels:

Comments

Post a Comment

Popular posts from this blog

Searching Unicode characters in Oracle table

Oracle implementation of Regular expression has no support for using hexadecimal code to search for Unicode characters. The only way to search for Unicode character is it use the character itself. Normally with Regular expression, you can use \x or \u followed by hexadecimal code to search for any character. E.g. \x20 will match space. But REGEXP_LIKE in Oracle does not support \x. You need to use unistr function to convert the code to equivalent character and then use it with REGEXP_LIKE. E.g. REGEXP_LIKE(source,'[' ||unistr('\0020')|| ']');
Post a Comment
Read more

C# Performance Improvement - The Power of StringBuilder

 Often when we are wring code we don't think about performance and go with the default options available to achieve a task. String concatenation is one such scenario. If you are doing simple and few string catenations, then you can use the following result = string1 + string2; string1+= string2; result = String.Concat(string1,string2); String.Format and string interpolation are few other options.  However when you are performing large and repetitive  operation, string catenation can be expensive. Here is an example to prove the point.  As you can see it took 41 seconds to perform 100k string catenation. Now lets replace this with StringBuilder and see.  8 ms!!!!!! That is a massive performance difference. Hope you get the point. More info on StringBuilder can be found here https://learn.microsoft.com/en-us/dotnet/api/system.text.stringbuilder?view=net-7.0
Post a Comment
Read more

How to get started with .Net Core and Lambda functions?

 Recently I started experimenting with .Net Core and AWS Lambda functions, I thought I will share the steps I took to get started Tools to install .Net Core 3.1 -  https://dotnet.microsoft.com/download/dotnet-core/3.1 AWS CLI -  https://aws.amazon.com/cli/   AWS Account - 12 months Free Tier -  https://aws.amazon.com/free Terminal - on iOS I use iTerm2 -  https://www.iterm2.com   Once you installed the above tools, head to AWS console and login with your root account to create an account which will be used by AWS CLI. Please see steps here   Now you can configure AWS CLI as detailed here . Verify that you able to connect to AWS service using CLI. To make life little easy with dotnet core and Lambda functions, you need to install AWS Extensions nuget pack for .Net CLI dotnet tool install -g Amazon.Lambda.Tools You can also install templates to get started quickly  dotnet new -i Amazon.Lambda.Templates That's it. Now the fun part!!!  Creat...
Post a Comment
Read more