EC2
Elastic Compute Cloud
Last updated
Elastic Compute Cloud
Last updated
|
A virutal server
Can scale up and down within minutes
SLA = 99.99%
T2, G is a general purpose instance type.
X1e, R is memory optimized.
H1 is storage optimized.
P3 is for advanced computing and can include special hardware for graphics processing.
is a network disk that is attached to EC2.
When you need very high IOPS storage for EC2, refer to .
Steps to provision an EC2 instance
Remember to create & download keypair.
Capacity reservation (reserve capacity for EC2 instance in a specific AZ): None. Turn this to None to save cost.
Session are secured using AWS Key Management service key.
Can log session commands in S3 bucket or CloudWatch Logs log group.
No SSH, no Bastion host, No need to open inbound ports.
1-click access.
Using IAM policies to control SSH access.
No need of SSH Keys, but actually using SSH access to your instance.
Ensure that you have correct number of EC2 instances available to handle the load on your application.
Automatically instance replacement -> If the health check fail, it will trigger the lauching of new healthy instance.
Instance rebalancing -> When an AZ failed, it will shift the instances from that failed AZ to the remaining healthy AZ.
Provision new resources take minutes. Slow if compare to Lambda scaling ability.
Allows applications to pick up exactly where they left off.
Use cases
Services that take time to initialize
Saving RAM state
Long-running processing
eg: 2-weeks company shutdown
To use hibernate
Root volume: must be encrypted EBS volume.
AMI: Linux or Windows
RAM size: must less than 150GB.
NOT hibernated > 60 days.
-> It is not possible to enable or disable hibernation for an instance after it has been launched.
There are 3 types of Placement group
high-performance low-latency
large distributed, replicated workloads
high-availability reduce failures
placing EC2 instnaces next to each other
Hadoop, Cassandra, Kafka
placing EC2 instances in different hardware cross-AZs.
Send metric to Cloud Watch every 1-minute (instead of 5-minute period).
Check inbound of Security group if it already allow the right protocol/port.
Check NACLs associated with the subnets, to ensure they allow inbound and outbound traffic.
ALB listener if the traffic is being directed to the correct protocol:port of the Target Group
Check if the Target group includes the EC2 instances as registered targets.
EC2 instance:
Check health status, and Status check 2/2?
Connect to the EC2 instance to check if the httpd server is running.
Check logs
Check EC2 instance's system logs.
CloudWatch log: CPU, network traffic, disk I/O...
CloudTrail log.
Termination protection will not prevent an Autoscaling Group from terminating instances, instance scale-in protection will. Termination protection protect from manually termination.
DefaultInstanceWarmup : determines how long your instances need to finish initializing to be InService state.
The only way to retrieve instance metadata is to use the link-local address, which is 169.254.169.254.
When you stop an instance, AWS may move the virtualized EC2 instance to another host computer; the instance may get a new public IP address, and the data in your attached instance store volumes will be deleted.
You can combine Spot + On-Demand instance only. You cannot combine Spot and Reserved instances.
Hibernation saves the contents from the instance memory (RAM) to your root volume.
When you provision an IAM to use with SSM, refer .
