2. Amazon EC2

Overview

• Amazon Elastic Compute Cloud (Amazon EC2) is a web service that provides secure, resizable compute capacity in the cloud. 
• The simple web interface of Amazon EC2 allows you to obtain and confifigure capacity with minimal friction.
• Amazon EC2 reduces the time required to obtain and boot new server instances (called Amazon EC2 instances) to minutes, allowing you to quickly scale capacity, both up and down, as your computing requirements change.

EC2 Features

• Virtual computing environments, known as EC2 instances
• Preconfigured templates for your instances, known as Amazon Machine Images (AMIs), that package the bits you need for your server (including the operating system and additional software)
• Various configurations of CPU, memory, storage, and networking capacity for your instances, known as Instance types
• Secure login information for your instances using key pairs (AWS stores the public key, and you store the private key in a secure place)
• Storage volumes for temporary data that’s deleted when you stop or terminate your instance, known as Instance store volumes
• Persistent storage volumes for your data using Amazon Elastic Block Store (Amazon EBS), known as Amazon EBS volumes
• Multiple physical locations for your resources, such as instances and EBS volumes, known as Regions and Availability Zones
• A firewall that enables you to specify the protocols, ports, and source IP ranges that can reach your instances using security groups
• Static IP addresses for dynamic cloud computing, known as Elastic IP addresses
• Metadata, known as tags, can be created and assigned to EC2 resources
• Script virtual hardware management with User Data
• Use Enhanced Networking for more Packets Per Second (PPS), lower latency, and less jitter
• Placement Groups provides low-latency networking between all instances in the cluster
• Better IOPS with EBS-optimized instances
• Dedicated Host for security and complicance

• Virtual networks you can create that are logically isolated from the rest of the AWS Cloud, and that you can optionally connect to your own network, known as virtual private clouds (VPCs)

How to lunch an EC2 instance

1. Select a pre-configured, templated Amazon Machine Image (AMI) to get up and running immediately. Or create an AMI containing your applications, libraries, data, and associated configuration settings.
2. Configure security and network access on your Amazon EC2 instance.
3. Choose which instance type(s) you want, then start, terminate, and monitor as many instances of your AMI as needed, using the web service APIs or the variety of management tools provided.
4. Determine whether you want to run in multiple locations, utilize static IP endpoints, or attach persistent block storage to your instances.
5. Pay only for the resources that you actually consume, like instance-hours or data transfer.

Compute Basics

There are two concepts that are key to launching instances on AWS:

• Instance type: the amount of virtual hardware dedicated to the instance
• AMI: the software loaded on the instance

 

Detail Reading

• Amazon EC2 Instance
• Amazon EC2 Amazon Machine Image
• Amazon EC2 Instance Lifecycle
• Amazon EC2 Pricing Options
• Amazon EC2 Storage
• Amazon EC2 Security
• Amazon EC2 Network
• Amazon EC2 Fleet
• Amazon EC2 Monitoring
• Amazon EC2 Best Practices

Exam Essentials

Know the basics of launching an Amazon ec2 instance.

To launch an instance, you must specify:

• an AMI, which defines the software on the instance at launch,
• an instance type, which defines the virtual hardware supporting the instance (memory, vCPUs, and so on).

Understand how to provision and launch an EC2 instance.

• select the right AMI and instance type
• configure a security group,
• add any extra storage volumes that might be needed,
• point to any necessary user data and scripts,
• tag all the elements using descriptive key values.

Know how security groups protect instances

• Security groups are virtual firewalls controlling traffic in and out of your Amazon EC2 instances.
• They are deny by default, and you can allow traffic by adding rules specifying traffic direction, port, protocol, and destination address (via Classless Inter-Domain Routing [CIDR] block).
• They are applied at the instance level, meaning that traffic between instances in the same security group must adhere to the rules of that security group.
• They are stateful, meaning that an outgoing rule will allow the response without a correlating incoming rule.

Know how to interpret the effect of security groups

• When an instance is a member of multiple security groups, the effect is a union of all the rules in all the groups. 

Know how to securely access your instances running on the cloud

• Security Groups and Network Access Lists
• Access Management (IAM) roles
• network address translation (NAT) instances
• key pair at first start

Know How to change the capabilities of an existing instance

1. Stop instance
2. Change instance type
3. Start instance

Know what architectures are suited for what Amazon ec2 pricing options

• Spot Instances are best suited for workloads that can accommodate interruption.
• Reserved Instances are best for consistent, long-term compute needs.
• On-Demand Instances provide flexible compute to respond to scaling needs.

Know how to combine multiple pricing options that result in cost optimization and scalability.

• On-Demand Instances can be used to scale up a web application running on Reserved Instances in response to a temporary traffic spike.
• For a workload with several Reserved Instances reading from a queue, it’s possible to use Spot Instances to alleviate heavy traffic in a cost-effective way.
• These are just two of countless examples where a workload may use different pricing options.

Know the benefits of enhanced networking.

• Enhanced networking enables you to get significantly higher PPS performance, lower network jitter, and lower latencies.

Know the capabilities of vm import/export.

• VM Import/Export allows you to import existing VMs to AWS as Amazon EC2 instances or AMIs.
• Amazon EC2 instances that were imported through VM Import/Export can also be exported back to a virtual environment.

Know the methods for accessing an instance over the internet.

• You can access an Amazon EC2 instance over the web via public IP address, elastic IP address, or public DNS name.
• There are additional ways to access an instance within an Amazon VPC, including private IP addresses and ENIs.

Know the properties of the Amazon EC2 pricing options.

• On-Demand Instances require no up-front commitment, can be launched any time, and are billed by the hour.
• Reserved Instances require an up-front commitment and vary in cost depending on whether they are paid all up front, partially up front, or not up front.
• Spot Instances are launched when your bid price exceeds the current spot price. Spot Instances will run until the spot price exceeds your bid price, in which case the instance will get a two-minute warning and terminate.

Know what determines network performance.

• Every instance type is rated for low, moderate, high, or 10 Gbps network performance, with larger instance types generally having higher ratings.
• Additionally, some instance types offer enhanced networking, which provides additional improvement in network performance.

Know what instance metadata is and how it’s obtained.

• Metadata is information about an Amazon EC2 instance, such as instance ID, instance type, and security groups, that is available from within the instance.
• It can be obtained through an HTTP call to a specific IP address:http://169.254.169.254/latest/meta-data/

Know how to Create and  L aunch an A MI  Based on an Existing  I nstance Storage  V olume

1. Create an image from the instance’s volume (you’ll access the dialog through the Actions pull-down menu in the Instances Dashboard).
2. Launch an instance from the console and select the new AMI from the My AMIs tab.

Reference:

https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/concepts.html

https://aws.amazon.com/ec2/?ec2-whats-new.sort-by=item.additionalFields.postDateTime&ec2-whats-new.sort-order=desc

AWS Certified Solutions Architect Official Study Guide - Associate

AWS Certified Solutions Architect Study Guide- Associate 2nd Edition