Skip to main content

AWS Architect Associate Notes - EC2

 

    1. EC2 - Elastic Compute Cloud
      1. Resizable compute capacity
    2. Pricing models
      1. On demand
        1. Low, flexible, no upfront cost
        2. Suitable for short term spike
      2. Reserved
        1. Suitable for steady state
        2. Pricing
          1. Standard reserved instance - 75% cheaper
          2. Convertible reserved instances - 54% cheaper
          3. Scheduled reserved instances
      3. SPOT
        1. For application have low compute usage
        2. Upto 90 % cheaper compared to on DEMAND
        3. Flexible start and end time
        4. You are not charged for the hour if AWS terminates your instance but are charged if you terminate the instance
        5. Suitable for fault tolerant or HPC application where downtime on short notice is acceptable. You get 2 minutes notice before an instance is terminated
        6. SPOT blocks stops an instance from being terminated if the spot pice goes above your max price and you can set this between 1 and 6 hours
        7. SPOT Fleet is collection of SPOT instance and optionally on demand instances
      4. Dedicated
        1. Regulated environment
        2. Licensing restrictions e.g. oracle doesn't allow multi tenant
    3. On EBS backed instance, by default Root volume are deleted when instances are terminated but any additional volumes are not
    4. Termination protection is off by default, you must turn it ON
    5. Root volumes and additional volumes  can be encrypted
    6. Security groups
      1. A rule change on a security group takes place immediately
      2. Security groups are stateful i.e if you all http port 80 in by default it allows port 80 out
      3. Network access control list (NACL) are state less - you have to explicitly allow in bound and outbound
      4. Security group you can only allow access but not block access unlike NACL
      5. Security group everything is blocked by default
      6. You can attack more than one security group to a EC2 instance
    7. EBS - Elastic Block Storage
      1. Persistent block storage volume for use with EC2
      2. Automatically replicated within the AZ to protect from component failure and offer high availability and durability
      3. Types
        1. General purpose SSD
        2. Provisioned IOPS SSD
        3. Throughput optimised HDD
        4. Cold HDD
        5. Magnetic
      4. Tip: EBS Volumes should be in same AZ as EC2
      5. Snapshots point in time copies on S3
        1. To take snapshot of volumes that serve root, you should stop the instance
        2. You can create AMI from snapshots
      6. Virtualisation type -?
        1. HVM - Hardware assisted virtualisation
        2. PV - Para virtualisation
    8. AMI Types -
      1. Instance store - Ephemeral store
        1. Cannot be stopped. If underlying storage fails, you loose the data
      2. EBS backed volume
        1. Can be stopped. You will not loose the data
        2. You can reboot both
    9. ENI vs ENA vs EFA
      1. ENI Elastic Network Interface - like a virtual network card
      2. ENA - Ehanced Network
      3. Elastic Fabric Adapter
        1. N/W device attached to Ec2 to provide High Performance Computing
    10. Encrypt a EBS root volume if you didn't encrypt at the time of creating EC2
      1. Create a snapshot
      2. Copy the snapshot and enable encryption
      3. Create an AMI from encrypted snapshot
      4. Create a EC2 from new AMI
    11. Hibernate
      1. RAM contents are persisted on root volume
      2. Root volume must be encrypted
      3. Provides a quick boot compared to STOP as OS does not need to be loaded
      4. Instance id is preserved
      5. Instance RAM must be less than 150GB
      6. Instance can't be hibernated for more than 60 days
      7. Available for on demand and reserved instances
    12. AWS CloudWatch
      1. Monitors services and applications performance
      2. Monitors host level metrics - cpu, disk, status
      3. Cloud watch monitors performance where CloudTrail monitors api calls in the AWS platform
      4. CloudWatch with EC2 will monitor events every 5 minutes
      5. 1 minute interval by turning detailed monitoring
      6. CloudWatch alarms to trigger notifications
    13. Roles
      1. More secure than storing Access keys on EC2
      2. Easy to manage
      3. Roles are universal and can be used in any region
      4. Can be assigned to EC2 after the instance has been created using command line or console
    14. Metadata
      1. Using endpoint http://169.254.269.254/latest/meta-data/<property> e.g mac or use /latest/user-data]
    15. EBS vs EFS (Elastic file System)
      1. EFS can be shared across multiple EC2 instances
      2. Storage grows and shrinks automatically up to petabytes
      3. Pay for the storage you use
      4. Can support thousands of concurrent NFS connections
      5. Data is stored across Multiple Azs in a region
      6. Read after Write concurrency
    16. FSx for Windows
      1. Native file system for windows.
      2. Windows file server for Windows applications like SQL Server, IIS ,Active Directory
    17. FSx for Lusture
      1. Managed file system for compute intensive workload like machine learning
      2. Can store data on S3 as well
    18. Placement groups
      1. Name of  placement group must be unique within your EC2 account
      2. You cannot merge placement groups
      3. You can move instance between placement group through CLI or SDK only. Instance must be in stopped state
      4. AWS recommends to have homogenous instance in clustered groups
      5. Clustered
        1. EC2 instance places in same AZ for low latency and high throughput
        2. Only certain instance can be launched in clustered
      6. Spread
        1. Separate racks,  with distinct underlying hardware
        2. Opposite of clustered
      7. Partition
        1. Multiple instance in a partition
        2. Each partition is on different hardware e.g. racks
    19. HPC - High Performance Compute
      1. Data transfer options
        1. Snowball and Snowmobile
        2. Datasync - agent on VM to sync data on from data centre into S3, FSA, FSX etc
        3. DirectConnection - Dedicated Private connection between on prem and AWS
      2. Compute and Networking
        1. CPU Or GPU optimised
        2. Spot instances fleets
        3. Placement groups
        4. Enhanced Network adapters
        5. Enhanced Networking
        6. Enhanced Fabric adapters
      3. Storage
        1. Instance attached
          1. EFS
          2. Ephemeral
        2. Network storage
          1. S3
          2. EFS
          3. FSx for Lusture
      4. Orchestration and automation
        1. AWS Batch - to run batch jobs
        2. AWS Parallel cluster - managed parallel HPC clusters
    20. AWS WAF - Web Application Firewall
      1. Monitors HTTP/s traffic to CloudFront, ALB and API Gateway
      2. Application layer - or layer 7 aware firewall
      3. Behaviour
        1. Allow all except the one you specify
        2. Block all except the one you specify
        3. Passive mode - count the request that match properties

     

     

Labels:

Comments

Post a Comment

Popular posts from this blog

How to detect HTML5 support for a browser?

HTML5 has introduced lots of new cool  tags . Not all the browsers support all tags and also the implementation of these tags may be different for each browser. HTML5 specification defines the functional aspects of these tags and not the implementation. Also the general concensus is that by 2022 all browsers will support all new features of HTML5. Of all the modern browsers, Chrome seems to have implemented most, if not all, featutes of HTML5. IE9 supports few. Firefox sits in between. So as a developer how do you make use of the cool HTML5 features without causing any compatibility issues with existing browsers? Traditionally developers have used User Agent to detect browser type and use the features accordingly. However these days, you can easily change a User Agent by using addons in your browser. So you need a more robust way to detect the features supported by the browser as the same engine of two different versions of a browser mig...
Post a Comment
Read more

Searching Unicode characters in Oracle table

Oracle implementation of Regular expression has no support for using hexadecimal code to search for Unicode characters. The only way to search for Unicode character is it use the character itself. Normally with Regular expression, you can use \x or \u followed by hexadecimal code to search for any character. E.g. \x20 will match space. But REGEXP_LIKE in Oracle does not support \x. You need to use unistr function to convert the code to equivalent character and then use it with REGEXP_LIKE. E.g. REGEXP_LIKE(source,'[' ||unistr('\0020')|| ']');
Post a Comment
Read more

System.Configuration in .Net Framework 2 onwards

Often application need custom configuration section. System.Configuration namespace includes classes for reading and writing configuration settings. There is a slight difference in how you use this namespace depending on the Framework version you are using Prior to .Net Framework 2.0, the .Net Framework included System.Configuration namespace, but that version of the namespace is now outdated. If you simply add the System.configuration namespace to your project (using in C#), your application references the outdated namespace. To refer to the updated namespace, follow these steps 1. In VS, open the project that requires System.Configuration namespace. 2. Click on the Project menu and then click Add Reference 3. On the .Net tab, Select System.Configuration as shown in following figure, and click OK 4. Now add the System.Configuration namespace to your project normally using Imports (in VB) or using (in C#) and your application will reference the correct version of the namespa...
Post a Comment
Read more