Udemy AWS SAA - EC2

172+198=370

37/370

EC2= Elastic Compute Cloud = Infrastructure as a Service
It mainly consists in the capability of :

• Renting virtual machines (EC2)
  • we can choose OS of the virtual machine, how much compute power of a CPU, how much RAM
  • we can choose how much storage space
    • Network-attached (EBS & EFS)
    • hardware (EC2 instance store)
  • Network card: speed of the card, Public IP address
  • Firewall rules: security group
  • Bootstrap script (configure at first launch): EC2 User Data
• Storing data on virtual drives (EBS)
• Distributing load across machines (ELB)
• Scaling the services using an auto-scaling group (ASG)

EC2 User Data

• an EC2 User data script bootstrap our instances. Bootstrapping means launching commands when a machine starts. That script is only run once at the instance first start. EC2 user data is used to automate boot tasks such as:
  • Installing updates
  • Installing software
  • Downloading common files from the internet
  • Anything you can think of
• The EC2 User Data Script runs with the root user

EC2 Instance:

• an EC2 virtual machine
• can used to host a website

If you stop and then restart the instance, the assigned Public IPv4 address might change

EC2 Instance Types
example: m5.2xlarge

• m: instance class
• 5: generation (AWS improve its hardware over time)
• 2xlarge: size within the instance class, more memory

EC2 Instance Types - General Purpose
Great for a diversity of workloads such as web servers or code repositories. Balance between:

• Compute
• Memory
• Networking
  In the course, we will be using the t2.micro which is a General Purpose EC2 instance

EC2 Instance Types- Compute Optimized
begin with c. Great for compute-intensive tasks that require high performance processors.

• Batch processing workloads
• Media transcoding
• High performance web servers
• High performance computing (HPC)
• Scientific modeling & machine learning
• Dedicated gaming servers

EC2 Instance Types-Memory Optimized
Start with R (R for RAM). Fast performance for workloads that process large data sets in memory
Use cases:

• High performance, relational/non-relational databases
• Distributed web scale cache stores
• In-memory databases optimized for Bl (business intelligence)
• Applications performing real-time processing of big unstructured data

EC2 InstanceTypes-Storage Optimized
Start with I / D / H1. Great for storage-intensive tasks that require high, sequential read and write access to large data sets on local storage
Use cases:

• High frequency online transaction processing (OLTP) systems
• Relational& NoSOL databases
• Cache for in-memory databases (for example, Redis)
• Data warehousing applications
• Distributed file systems

Security Groups

• Security Groups are the fundamental of network security in AWS.They control how traffic is allowed into or out of our EC2 Instances. Just like firewall.
• Security groups only contain allow rules and can reference by IP or by security group
• They regulate:
  • Access to Ports
  • Authorized IP ranges-lPv4 and lPv6
  • Control of inbound network (from other to the instance)
  • Control of outbound network (from the instance to other)
• they can be attached to multiple instances, locked down to a region/VPC combination
• it's good to maintain one separate security group for SSH access
• if you app is timed out, then it's security group issue, if it gives connection refused, then it's app error
• security groups can authorize each other

Classic Ports to know
22=SSH(Secure Shell) - log into a Linux instance
21= FTP (FileTransfer Protocol)- upload files into a file share
22= SFTP (Secure File Transfer Protocol)- upload files using SSH
80=HTTP-access unsecured websites
443=HTTPS-access secured websites
3389=RDP(Remote Desktop Protocol)-log into a Windows instance

SSH Overview

• can be used on Mac Linux and Windows >= 10
• if windows, can use Putty
• EC2 Instance Connect work for all OS

SSH on linux / Mac

• SSH allows you to control a remote machine, all using the command line
  • pwd: show where you at
  • ls: list all files in the folder you are
  • cd filename: go to which file
  • ssh -I filename 你的username@这里写IP地址: log into the EC2 machine

EC2 Instance Connect
Just click a button on AWS, voila you are in the EC2 machine. Be careful that you need to open your security group access

EC2 Dedicated Hosts

• A physical server with EC2 instance capacity fully dedicated to your use
• Usually useful for software that have complicated licensing model (BYOL-Bring your own license), or for strong regulatory compliances
• Allows you address compliance requirements and use your existing server-bound software licenses(per-socket, per-core, per-VM software licenses)
• Purchasing Options:
  • On-demand-pay per second for active Dedicated Host
  • Reserved-l or 3 years (No Upfront, Partial Upfront, All Upfront)
• The most expensive option

EC2 Dedicated Instances

• instance run on hardware that's dedicated to you
• may share hardware w/ other instances in same account
• no control over instance placement

Purchasing Options Analogy

• On demand: coming and staying in resort whenever we like, we pay the full price
• Reserved: like planning ahead and if we plan tostay for a long time, we may get a good 'discount.
• Savings Plans: pay a certain amount per hour for certain period and stay in any room type(e.g.King, Suite, Sea View, ...)
• Spot instances: the hotel allows people to bid for the empty rooms and the highest bidder keeps the rooms. You can get kicked out at any time
• Dedicated Hosts: We book an entire building of the resort
• Capacity Reservations: you book a room for a period with full price even you don't stay in it

EC2 Spot Instance Requests
• Used for batch jobs, data analysis, or workloads that are resilient to failures.
• Not great for critical jobs or databases
• Can get a discount of up to 90% compared to On-demand
• Define max spot price and get the instance while current spot price < max. The hourly spot price varies based on offer and capacity
• If the current spot price > your max price you can choose to stop or terminate your instance with a 2 minutes grace period
• to cancel a spot request, need to be active, open, or disabled. Canceling spot request doesn't mean terminating the spot instances

Spot fleets

• automatically request spot instances with the lowest price
• Spot Fleets = set of Spot Instances + (optional) On-Demand Instances. The Spot Fleet will try to meet the target capacity with price constraints
  • Define possible launch pools: instance type (m5.large), OS, Availability Zone
  • Can have multiple launch pools, so that the fleet can choose
  • Spot Fleet stops launching instances when reaching capacity or max cost
• Strategies to allocate Spot Instances:
  • lowestPrice: from the pool with the lowest price (cost optimization, short workload)
  • diversified: distributed across all pools
  • capacity optimized: pool with optimal capacity of the number of instances