AWS Cloud Practitioner Certification

3.EC2 -Elastic Cloud Compute

Amazon EC2 – = Infrastructure as a Service

It mainly consists in the capability of :

  1. Renting virtual machines (EC2)
  2. Storing data on virtual drives (EBS- Elastic Block Store)
  3. Distributing load across machines (ELB)
  4. Scaling the services using an auto-scaling group (ASG)

EC2 User Data

  • It is possible to bootstrap our instances using an EC2 User data script.
  • bootstrapping means launching commands when a machine starts
  • That script is only run once at the instance first start
  • EC2 user data is used to automate boot tasks such as:
    • Installing updates
    • Installing software
    • Downloading common files from the internet
    • Anything you can think of
  • The EC2 User Data Script runs with the root user

EC2 Instance Types – Overview

Types of EC-2 instances optimised based on their use cases:

https://aws.amazon.com/ec2/instance-types/

AWS has the following naming convention:

m5.2xlarge
m: instance class
• 5: generation (AWS improves them over time)
• 2xlarge: size within the instance class

EC2 Instance Types – General Purpose

Great for a diversity of workloads such as web servers or code repositories

Balance between:
• Compute
• Memory
• Networking

EC2 Instance Types – Compute Optimized

Great for compute-intensive tasks that require high performance
processors:

  1. Batch processing workloads
  2. Media transcoding
  3. High performance web servers
  4. High performance computing (HPC)
  5. Scientific modeling & machine learning
  6. Dedicated gaming servers

EC2 Instance Types – Memory Optimized

Fast performance for workloads that process large data sets in memory

Use cases:
• High performance, relational/non-relational databases
• Distributed web scale cache stores
• In-memory databases optimized for BI (business intelligence)
• Applications performing real-time processing of big unstructured data

EC2 Instance Types – Storage Optimized

Great for storage-intensive tasks that require high, sequential read and write
access to large data sets on local storage

Use cases:
• High frequency online transaction processing (OLTP) systems
• Relational & NoSQL databases
• Cache for in-memory databases (for example, Redis)
• Data warehousing applications
• Distributed file systems

Introduction to Security Groups

Security Groups are the fundamental of network security in AWS.They control how traffic is allowed into or out of our EC2 Instances

  • Security groups only contain ALLOW rules
  • Security groups rules can reference by IP or by security group

Security groups are acting as a “firewall” on EC2 instances

They regulate:

  1. Access to Ports
  2. Authorised IP ranges – IPv4 and IPv6
  3. Control of inbound network (from other to the instance)
  4. Control of outbound network (from the instance to other)

Good to know about Security Group

  1. Locked down to a region / VPC combination
  2. Does live “outside” the EC2 – if traffic is blocked the EC2 instance won’t see it
  3. It’s good to maintain one separate security group for SSH access
  4. If your application is not accessible (time out), then it’s a security group issue
  5. If your application gives a “connection refused“ error, then it’s an application error or it’s not launched
  6. All inbound traffic is blocked by default
  7. All outbound traffic is authorised by default

Classic Ports to know

  1. 22 = SSH (Secure Shell) – log into a Linux instance
  2. 21 = FTP (File Transfer Protocol) – upload files into a file share
  3. 22 = SFTP (Secure File Transfer Protocol) – upload files using SSH
  4. 80 = HTTP – access unsecured websites
  5. 443 = HTTPS – access secured websites
  6. 3389 = RDP (Remote Desktop Protocol) – log into a Windows instance

EC2 Instances Purchasing Options

  1. On-Demand Instances: short workload, predictable pricing
  2. Reserved: (MINIMUM 1 year)
    • Reserved Instances: long workloads
    • Convertible Reserved Instances: long workloads with flexible instances
    • Scheduled Reserved Instances: example – every Thursday between 3 and 6 pm
  3. Spot Instances: short workloads, cheap, can lose instances (less reliable)
  4. Dedicated Hosts: book an entire physical server, control instance placement
  5. Dedicated Instances: no other customers will share your hardware

EC2 On Demand

  • Pay for what you use:
    • Linux – billing per second, after the first minute
    • All other operating systems (ex: Windows) – billing per hour
  • Has the highest cost but no upfront payment
  • No long-term commitment
  • Recommended for short-term and un-interrupted workloads, where you can’t predict how the application will behave


EC2 Reserved Instances

  • Up to 72% discount compared to On-demand
  • Reservation period: 1 year = + discount | 3 years = +++ discount
  • Purchasing options: no upfront | partial upfront = + | All upfront = ++ discount
  • Recommended for steady-state usage applications (think database)

Convertible Reserved Instance

  • Can change the EC2 instance type
  • Up to 45% discount

Scheduled Reserved Instances

  • launch within time window you reserve
  • When you require a fraction of day / week / month
  • Commitment for 1 year only(365 day .must utilize 1200hrs)

EC2 Spot Instances

  1. Up-to 90% discount as compared to on-demand but can ‘lose’ instance if max price is less than usage
  2. Suitable for failure resilient tasks – batch process , not suitable for critical task like Db

EC2- Dedicated Hosts

Useful for software that have complicated licensing model (BYOL –
Bring Your Own License)

EC2 – Dedicated Instance

Host-instance affinity, BYOL ,Instance placement

Pages: Page 1, Page 2, Page 3, Page 4, Page 5, Page 6, Page 7, Page 8, Page 9, Page 10, Page 11, Page 12, Page 13, Page 14, Page 15, Page 16, Page 17, Page 18, Page 19, Page 20, Page 21, Page 22, Page 23

Published by

Unknown's avatar

sevanand yadav

software engineer working as web developer having specialization in spring MVC with mysql,hibernate

Leave a comment