Amazon Sys Ops Chapter 4
Command to list all public AMIs
$ aws ec2 describe-images -executable-users all
Command to Find AMI Image
$ aws ec2 describe-images -owners self amazon
The EC2 Instance Lifecycle (6 items - list them From your Memory)
1. Pending 2. Running 3. Shutting-down 4. Terminated 5. Stopping 6. Stopped
How Many EC2 Instances Can You Run?
20 - To prevent you from getting Hacked and BitCoin Miner Boy If you need more, request an increase
how long will a spot instance run?
A Spot instance will run until you terminate it, until capacity becomes unavailable, or until the current Spot price becomes greater than your maximum Spot price bid.
dedicated instance
A dedicated instance runs in a VPC, on hardware dedicated to you. This is also called single-tenant hardware, unlike the default of shared hardware. However, unlike in the case of a dedicated host, you don't have visibility and control over how your instances are placed on the host server. You also don't have visibility into the number of sockets and physical cores of the host server, which is possible with a dedicated host. In addition, you can't deploy your dedicated instances to the same physical server over time.
describe differences between dedicated host and dedicated instance
A key difference between a dedicated host and a dedicated instance is that a dedicated host offers you visibility and control over how your instances are placed on the underlying physical server. Let's say your software licensing model specifies that you must limit the number of CPU cores on the underlying hardware. A dedicated host enables you to do this by specifying the number of CPU cores on the physical server. You can also deploy your instances consistently to the same physical server over time.
AMI Three Components
A template for the root volume of the instance, such as the one that hosts an OS or an application server, or some other application. • Permissions that control which AWS accounts can launch instances with an AMI. • A block device mapping scheme that specifies which storage volumes will be attached to an instance when you launch it.
Listing Your Instances from the CLI (WHAT COMMAND?)
AWS CLI's ec2 describe-instances command shows details about one or more of your instances. If you issue the command ec2 describe-instances without specifying any instance IDs, EC2 will show you details about all your instances. Obviously, if you have more than just a couple of instances, this could prove to be too much information. Therefore, it's a good idea to specify one or more instance IDs. Here's an example using the ec2 describe-instances command: $ aws ec2 describe-instances --instance-ids i-1234567890abcdef0 Remember several important things about the describe-instances command: • The results of the command may show instances that were terminated in the last hour. • The command will fail if you attempt to describe instances for an AZ that's undergoing service disruption.
What's the difference betwen stopped, terminated and running instances - which one(s) cost money?
AWS bills you for EC2 instance usage only when the instances are in the running state. Stopped or terminated instances don't cost you anything while they're in that state.
Linux Accelerated Computing Instances
Accelerated computing instances offer more parallelism, which enhances throughput for compute-intensive workloads. To provide the higher throughput, the instances have access to hardware-based computing accelerators such as graphics processing units (GPUs) or field programmable gate arrays (FPGAs). GPU-based instances provide access to NVIDIA GPUs, which contain thousands of cores. FPGA-based instances offer access to large FPGAs that contain millions of parallel system logic cells. There are four types of memory optimized instance families: P2, P3, G3, and F1. The smallest P2 instance type (p2.xlarge) has 4 vCPUs and 61GB RAM. The largest F1 instance type (f1.16xlarge) comes with 64 vCPUs and 976GB RAM.
Stopping, Rebooting, and Terminating an Instance - Describe how
After you have launched an instance, it's running and will continue to do so until you do one of two things: stop it or terminate it. There are major differences between stopping and terminating an EC2 instance.
Amazon Elastic Block Store
Amazon EBS consists of storage volumes that persist across the lifecycle of instances. If you need to persist your data, EBS is the way to go. EBS also offers fast access, making it an ideal storage format for use by databases and other applications that frequently update data and require persistence. When you run a database such as Oracle or Apache Cassandra, you store the data on the EBS volumes. EBS volumes are suitable for both database-style applications that require random reads/writes as well as applications that require heavy throughput and perform long, continuous reads/writes. EBS is, in many ways, the most important storage type for an EC2 instance, and it's something that administrators will deal with often. EBS volumes are like raw, unformatted disk drives, and you can create a file system on these drives, just as you can on any other block device such as a hard drive. EBS encrypts data using AWS Key Management Service (KMS), which means you don't need to worry about managing your own key management infrastructure. Both EBS disk volumes and any snapshots you make of them are encrypted. Since the encryption is done on the server that hosts the EC2 instance, data is encrypted when it's in transit between the instance and EBS storage. Here are key things to remember about EBS: • You create EBS volumes in a specific AZ. • You can mount multiple volumes on a single instance. • You can attach EBS volumes to a running EC2 instance. • When you shut down the instance, the EBS storage volumes aren't affected; their existence is independent of the instance lifecycle. • You can attach an EBS volume only to one instance at any time. • You can detach the EBS volume from one instance and reattach it to another running instance in the same AZ. • You can take backups of the EBS volumes, called snapshots, which are stored in Amazon S3. • You can create new EBS volumes from a snapshot. • Since EBS is a separate service, it's priced separately from the EC2 instance to which you attach the EBS volumes.
Amazon Elastic File System
Amazon offers scalable file storage you can use with EC2 instances. You create a single EFS file system and mount it and make the file system available for multiple instances. EFS is a separate service and you must pay a separate cost for using it. You can use EFS only for Linux-based EC2 instances. Chapter 7 discusses EFS.
AMI (Amazon Machine Images)
An AMI is a template that you use to create and run (launch) an EC2 instance. Once you launch the EC2 instance, you can connect to it and work with it just as you would on any other Linux server. You can do the following with an AMI: • Launch multiple instances from a single AMI. • Copy an AMI to a different availability zone (AZ) or multiple AZs within the same AWS region or to a different AWS region. • Use AMI in EC2 Auto Scaling. • Share the AMI with different AWS accounts. • Sell an AMI in the AWS Marketplace.
Dedicated Host
An EC2 dedicated host is a physical server whose capacity for EC2 instances is dedicated just for your use. You can use your existing server-bound (per-socket, per-core, and per-VM) software licenses (such as those for SUSE Linux Enterprise Server, SQL Server, and Windows Server) in EC2. Unlike in the case of a shared computer, a dedicated host is an isolated physical server whose configurations you can control; thus, it has the additional benefit of helping you satisfy your compliance requirements. A dedicated host enables you to use your current server-based software licenses, so it helps you satisfy your corporate compliance and regulatory mandate. A dedicated host can support a single instance type, and the number of instances you can launch from that host depends in the instance type the host supports. For example, a c3.xlarge dedicated host allows you to launch a maximum of eight c3.xlarge instances on it. You can purchase dedicated hosts On-Demand (hourly), or as a reservation, for up to 70 percent of the On-Demand price.
Is an instance tied to any specific AZ?
An instance is tied to the AZ where you launch it.
When is EBS Volume Store available when restoring?
Availability of EBS Volumes An EBS volume is available right away for full use after you create it. You don't need to pre-warm or initialize the volume. If you were to create a volume by restoring it from a snapshot, however, EC2 must first initialize it by retrieving the snapshot from Amazon S3 storage and writing it to the EBS volume. Therefore, the first time an I/O operation accesses the volume, there's a slight delay. However, once the initial data is accessed, the maximum performance of the EBS volume is fully available.
Burstable Performance Instances
Burstable performance instances (T2 and T3) offer a baseline level of CPU performance but can burst to a higher level when your workloads require it. Burstable performance instances are ideal for a wide variety of applications such as microservices and low-latency interactive applications. This is the only instance type that uses CPU usage credits. The smallest burstable performance instance type (t2.nano) comes with a single default virtual CPU (vCPU) and a memory of 0.5GB. The largest instance type (t3.2xlarge) comes with eight vCPUs and a memory of 32GB.
Data transfer from region to region
COSTS MONEY - At the Internet Data Transfer Rates
Compute Optimized Instances
Compute optimize instances are designed for compute-heavy applications that require high-performance processors. Applications such as batch processing workloads, high-performance computing (including high-performance web servers), scientific modeling, and machine learning benefit from using this instance type. There are two general purpose instance families, C4 and C5, which come in various sizes. The smallest C4 instance type (c4.large) has 2 vCPUs and 3.75GB RAM. The largest C5 instance type (c5d.18xlarge) comes with 72 vCPUs and 144GB RAM.
Should you run HVM or PV (as a best practice)
HVM
Instance Store: Key Facts
Here are key things to remember about an instance store: • You must specify the instance store volumes when you launch an instance. You can't add instance store volumes after the instance starts running. • The data on an instance store volume persists only while the instance to which the volume is attached is running. • When you stop or terminate the instance, the instance store data is lost, because AWS resets all the storage blocks in the store. If you reboot the instance, however, the instance store data remains intact. • Not all EC2 instance types support instance storage. • EC2 instances that use instance storage take longer to boot than instances that use EBS storage. • If the disk drive supporting the instance store fails, the data is lost. • You specify the instance store volumes for an instance with a block device mapping file (the file's entries include the device and the volumes it maps to). • You can use an instance store as swap space. • The cost of the instance storage volumes is included in the pricing of the EC2 instance.
You can store the root device data on EBS or a local instance store - Whats the difference? - Pros - Cons
If you choose EBS, data on the root device will persist independent from the instance's lifecyle. You can therefore start and stop the instance. The local instance store persists only during the instance's life. When would you do this? You choose a local instance store when you aren't storing any data to the root device. A local instance store offers a cheaper way to launch instances since you don't have to pay for any EBS devices to store the root device data. If you're running large web sites where each instance is a clone, the local instance store is a smart way to go.
Username-Related Errors
If you get errors such as the following, you need to verify that you are attempting the connection with the correct username for the AMI, and that you're specifying the correct private key (.pem) file for the instance. Common errors when you don't use the right username and the correct private key file include the following: Host key not found Permission denied (publickey) Authentication failed Permission denied
Combine or Separate EBS Volumes?
It's a best practice to separate EBS volumes for the OS and your data. You must also configure the EBS volumes to be retained after an instance termination so you don't lose data. You can delete the EBS volumes that you don't need any longer to avoid orphan volumes and to reduce costs.
Workload type - auto scaling vs gradual - differences and why
Know how your workload and the features that you select for an instance determine the scaling of the number of instances. If your workload is variable and you configure Auto Scaling and Elastic Load Balancing, you can automatically scale your EC2 instances (up or down). On the other hand, if your workload is growing gradually, you can consider moving to a larger instance type to handle the workload.
Memory Optimized Instances
Memory optimized instances have high amounts of memory and use techniques such as Scalable Memory Buffers that provide a very high (300GB) sustainable memory-read bandwidth and high (140 Gbps) sustainable memory-write bandwidth. The high amounts of memory and the speed-up technologies used by several instance types in the memory optimized instance family are ideal for applications such as high performance relational and NoSQL databases, in-memory databases such as SAP HANA, and applications that analyze high amounts of unstructured data in real time, caching servers such as Memcached that are used as a cache by multiple applications, and Apache Hadoop/Apache Spark clusters. There are three classes of memory optimized instance families: R4, X1, and X1e. The smallest R4 instance type (r4.large) has 2 vCPUs and 15.25GB RAM. The largest X1e instance type (x1e.32xlarge) comes with 128 vCPUs and 3904GB RAM.
Optimizing the CPU Options
Multiple threads, each represented as a vCPU, can run in a single Intel Xeon CPU core, which supports an EC2 instance. Depending on its type, each instance has a default number of CPU cores. For example, the m5.xlarge instance type has two CPU cores, and by default two threads can run per core. Thus, the m5.xlarge instance has four vCPUs by default. You can customize an instance for your specific needs by specifying the following CPU options during instance launch: • Number of CPU cores You can set the number of CPU cores for the instance within a permissible range. • Threads per core For certain high-performance computing workloads, you can specify just a single thread per CPU core rather than multiple cores.
Can you stop Instance store backed instance?
NO. you can only terminate it and lose your data!
What is default - Shared or single tenancy?
NOTE The default mode for EC2 is shared tenancy.
How can you tell if Amazon made an AMI?
NOTE You can easily tell an AWS AMI, since they have the name Amazon in the account field as an aliased owner. Only AWS can alias an AMI.
Selling of Standard Reserved vs Convertible Reserved Instances
NOTE You can sell a Standard Reserved instance in the Reserved Instance Marketplace, but you cannot sell a Convertible Reserved instance.
Instance Purchase Options
On-Demand instances Pay for an instance by the second. • Reserved instances Purchase instances for a term from one to three years, at a significant discount (up to a 75 percent discount compared to the price of On-Demand instances). • Scheduled instances Purchase, for a one-year term, instances that are available during a specific schedule that you specify. • Spot instances Purchase unused, surplus EC2 computing capacity at significantly lower cost, by placing a bid on the instance (up to 90 percent discount compared to the price of On-Demand instances). • Dedicated hosts Use a physical host that's exclusively dedicated to running your virtual instances. • Dedicated instances Pay an hourly price for instances that run on hardware without any other AWS tenants sharing the hardware with you.
Are On Demand Instances interrupted by EC2?
On-Demand instances aren't interrupted by EC2. On-Demand instances are ideal for new applications that you're testing on EC2, and applications that involve workload spikes, or workloads that are unpredictable, and can't be interrupted. AWS charges per instance-hour consumed for each instance, from the time you launch an instance until you terminate or stop the instance. AWS bills each partial instance-hour that the instance is running for, on a per-second basis for Linux instances and on a full-hour basis for all other instance types.
When does Billing Start on EC2 Instances? How do you stop the billing?
Once an instance is in the running state, billing starts and won't stop until you terminate or stop the instance. Billing won't stop simply because you log out of the instance. Therefore, be sure to stop (or terminate) instances you aren't using to prevent unnecessary billing.
CLI Command to terminate stuck instance
Once the new instance is running, you can terminate the stuck instance with the terminate-instance AWS CLI command.
Reserved Instances
Reserved instances are especially useful in lowering your computing costs, so I discuss these in detail. You pay by the second for each On-Demand instance, the rate depending on the instance type. Reserved instances offer a huge discount compared to the price of an On-Demand instance, with the discount reaching up to 70 percent compared to On-Demand instance pricing. In addition to Reserved instances offering a significant discount compared to On-Demand instances, by purchasing Reserved instances for a specific AZ (called a zonal Reserved instance), you can make these instances provide a capacity reservation, bolstering your confidence in your ability to launch the instance when your workloads need them. When you purchase a Reserved instance for a region (called a regional Reserved instance), the instance doesn't provide a capacity reservation. Reserved instances offer significant savings for applications that have a steady workload or a predictable usage pattern. Let's say you have an application that runs for an hour or so and must be available at all times. A Reserved instance is a good option here since it minimizes the instance cost while enhancing the availability of the instance. You can commit to using EC2 for a one- to three-year term to reduce your computing costs.
what remains the same between instance restarts?
Some things remain the same between instance restarts: • The instance retains its instance ID. • The instance retains all the EIP addresses associated with it. • All EBS volumes stay attached to the instance (with their data intact). • AWS will continue to charge you for the EBS volume usage.
Stopping an instance:
Stopping an instance brings the instance to a stopped state, and you can restart it later. You can stop an instance only if the root device is on an EBS volume (that is, if an instance is EBS-backed). The EBS storage volumes for the instance remain attached to the instance after stopping the instance.
Storage Optimized Instances
Storage optimized instances are ideal for workloads that perform high amounts of sequential read and write accesses to very large data sets. They make this possible by delivering tens of thousands of fast, random operations per second (IOPS). Storage optimized instances are well-suited for applications such as massively parallel processing (MPP) data warehouses, log or data processing workloads, and high volume online transaction processing (OLTP) systems. There are three classes of memory optimized instance families: D2, H1, and I3. The smallest D2 instance type (d2.xlarge) has 4 vCPUs and 30.5GB RAM. The largest I3 instance type (i3.metal) comes with 72 vCPUs and 512GB RAM.
which instances run on shared computers?
The On-Demand, Spot, Scheduled, and Reserved instances run on shared host computers. A dedicated instance runs in a VPC on hardware that's dedicated to a single customer. All dedicated instances that belong to your account are physically isolated at the hardware level. However, a dedicated instance may share hardware from non-dedicated instances from your AWS account.
On-Demand Instances
The default purchase option for an EC2 instance, On-Demand instances, is where you pay per hour or per second, depending on the instances that you run. You'll use this purchase option if you launch an instance by following the steps described in Exercise 4-3. Here's what you need to remember about provisioning On-Demand instances: • You don't need to make any commitments for the long term. • You don't need to pay anything up front. • Depending on which instances you run, you pay either per hour or per second. • You can increase or decrease the number of instances based on your workload, paying the hourly rates for the instances that you're running. (AWS doesn't bill you for stopped or terminated instances.)
What happens to data on ROOT when you terminate an instance?
The exam is likely to test your knowledge of what happens to the data on the root volume when you terminate an EC2 instance. Regardless of whether the instance is backed by S3-based AMI (EBS volume) or an instance store-based root volume, the root volume is always deleted. You can create EBS snapshots regularly for backing up data on EBS volumes. Unlike managed services such as AWS RDS, AWS ELB, and AWS DynamoDB, where AWS takes care of high availability through backups and other features such as Multi-AZ (for RDS), system administrators must manage high availability for EC2 instances through scripts, such as those that make backups.
how is spot instance price determined?
The exam will test your knowledge of Spot instance pricing. The price you pay for a Spot instance (the Spot price) is the Spot price in effect at the beginning of each instance hour of a running instance. If the Spot price changes after you launch the instance, AWS charges you the prevailing new price for your instance usage in each subsequent hour.
EBS Volume Types
There are four EBS volume types you can choose from, with the main difference among the different types being their price/performance ratio: • General purpose SSD • Provisioned IOPS SSD • Throughput-optimized HDD • Cold HDD
Maximum Number of Reserved Instances
There's a soft limit on how many Reserved instances you can purchase. You can purchase a maximum of 20 Reserved instances per AZ in your region, per month. In addition, you can also purchase 20 Regional Reserved instances. Once you purchase a Reserved instance, you can't cancel the purchase. However, you can modify, exchange, or sell the instance to others. You can sell the Reserved instance on the Reserved Instance Marketplace.
Custom AMI to Launch Instances
Using a Custom AMI to Launch Instances To use a custom AMI to create instances, do the following: 1. Create the AMI. 2. Register the AMI. 3. Launch the instance from the AMI. 4. Deregister the AMI. Once you deregister an AMI, you can't create anymore instances with it. However, all instances that you've you launched with this AMI will continue running unaffected.
User Key Not Recognized by Server Error
When you try to connect to an instance with a key that the server doesn't recognize, you see the following at the end of the error message: Permission denied (publickey) You must verify that your private key (.pem) has been converted to the correct format (.ppk), if you're using PuTTY to connect to the instance. Also, verify that you're using the correct username for the AMI. For example, for Amazon Linux AMI, the username is ec2-user, and for an Ubuntu AMI, the username is ubuntu. You can also receive the following error messages when connecting with the wrong username for your AMI: Server refused our key No supported authentication methods available
what happens when you stop an instance?
You can also bring an instance to the stopped state by using the shutdown, halt, or poweroff command. Each of these commands will stop the instance by default (and not terminate it). Here's what happens when you stop an instance: • The instance enters the stopping state, from which it transitions to the stopped state. • The instance is shut down. • AWS stops charging you for the instance. • If the instance belongs to an Auto Scaling group, AWS may mark the stopped instance as unhealthy and terminate the instance. It may also replace the instance.
How can you create EBS Volume store?
You can create an EBS volume either through the EC2 console or through the command line. Chapter 5 shows how to create an EBS volume through the console. Run the EC2 CLI command create-volume to create an EBS volume. This command creates the volume and attaches it to an instance in the same AZ as the instance. Always tag your EBS volumes so you can track them. Here's an example that shows how to create a volume and apply two tags to it, named purpose (Value=production) and department (Value=accounting): $ aws ec2 create-volume --availability-zone us-east-1a --volume-type gp2 --size 80 --tag-specifications 'ResourceType=volume,Tags=[{Key=purpose,Value=production},{Key=department,Value=cc123}]'
Spot Instances
You can significantly lower your spending on EC2 instances by purchasing Spot instances, which help you make use of unused EC2 instances. Unlike in the case of On-Demand instances, whose price stays fixed, the hourly price of the Spot instance varies based on the supply and demand for the instance. Spot instances take advantage of spare capacity in the AWS cloud and offer a steep discount over the price of On-Demand instances. You can save up to 90 percent of the cost of On-Demand instances by selecting Spot instances. Spot instances are ideal for applications that have flexible start and end times, as well as for applications that are cost-efficient only at very low prices for the compute instances. They are also a good choice when you have an urgent need to provision a large amount of additional compute capacity. If you have a batch application that can be interrupted and resumed without any issues, for example, you can choose Spot instances to minimize your compute costs for the application.
General Purpose Instances
You can use general purpose instances for a variety of workloads, since they offer a balance of compute, memory, and networking resources. There are three types of general purpose instance families: T2 instances, and M4 and M5 instances. T2 instances provide a baseline level of CPU performance but can burst to a higher level when needed. T2 instances are best suited for applications such as web sites, code repositories, developing and testing environments, and microservices. The smallest T2 instance (t2.nano) has 1 vCPU and 0.5GB RAM. The largest T2 instance (t2.2xlarge) comes with four vCPUs and 32GB RAM. The M4 and M5 instances are EBS-optimized, which helps you get consistently high performance for your EBS volumes, by eliminating contention between regular network traffic generated by your instance and the EBS I/O. In other words, these instances provide additional dedicated capacity for EBS I/O. M5 instances are the latest generation in the general purpose instance family. M5, M5a, and M5b instances are best suited for running small and medium-size databases, gaming servers, and backend servers for enterprise applications such as SAP. The smallest M5 instance type (m5.large) has 2 vCPUs and 0.5GB RAM. The largest M5 instance type (m5.24xlarge) comes with 96 vCPUs and 384GB RAM.
Ping Failures
You may experience two types of ping failures: you may be unable to ping your EC2 instance or to issue a ping command from the instance. Since the ping command is a type of ICMP traffic, you must ensure that for the first type of failure, you configure the inbound security group rules to allow ICMP traffic for the Echo request message either from all sources or from a specific instance. Similarly, you must configure the outbound security group rules to allow ICMP traffic for the Echo Request message to the instance you are trying to ping. Another situation in which you may not be able to ping an instance successfully is when you patch the OS of an instance and issue a reboot command from the OS. You may find that you aren't able to ping the instance's public IP address successfully following this, even after several minutes. This could be due to the OS patching causing a problem with the instance's network interface card (NIC) driver.
TIP Resizing an instance (changing the instance type) requires a restart of the instance.
You must be aware of the following when resizing an EBS-backed instance: • The instance is moved to a new host computer but will retain its instance ID. • The instance retains its private IPv4 addresses, EIP addresses, and any IPv6 addresses. • If the instance is running in a VPC with a public IPv4 address, it gets a new public IPv4 address and you can attach an EIP to avoid changing the public IP every time you stop and start the instance. • During the resizing operation, you must stop the instance and change its instance type. So, there is a service interruption when you resize an instance. It's a good idea to suspend scaling processes for the Auto Scaling group, if the current instance belongs to one. This will keep the Auto Scaling service from marking the stopped instance as unhealthy and launching a replacement instance.
Unprotected Private Key File Error
You must protect your private key file so other users can't read or write to it. If you use open file permissions such as 0777 (which allows anyone to read/write to the file), SSH ignores your key files because of its insecure permission level. You should set the file permissions to 044 so that you can SSH to your instances using a private key file.
When do you need to initialize an EBS volume?
You need to initialize an EBS volume only if you've restored it from a snapshot. - if you don't you will suffer I/O latency. initialize with the following command: sudo dd if=/dev/<dev> of=/dev/null bs=1M
You pay by which Time increment?
You pay for your EC2 Linux instance usage on a per-second basis. Instances that you launch in On-Demand, Reserved, and Spot forms (as well as your EBS volumes) are billed in 1-second increments, with a minimum of 60 seconds.
List all public AMIs command
aws ec2 describe-images -executable-users all
Finding the Root Device Type of an AMI
aws ec2 describe-images command
restart instance command (CLI)
aws ec2 start-instance -instance-ids i-1234567890abcdef0
Instance Stopping and Termination Issues If your instance takes a long time to come out of the stopping state after you stop the instance, you can force the instance to stop from the console or from the AWS CLI with this command:
aws ec2 stop-instance -instance-ids <instance-id> —force
AMI Permissions - when copied:
nderstand the nature of permissions when using an AMI. Because the copy process doesn't copy the launch permissions, any tags that you may have defined, or the Amazon S3 bucket permissions, you must apply these permissions and tags to the new AMI. Thus, if User A shares an AMI created in the us-east region from that user's account with User B, when User A copies the AMI to the us-west region, User B can't automatically access the copied AMI in User A's account. Because copying an AMI doesn't automatically copy the permissions on the AMI, you must do this manually. You can also share an AMI with another AWS account by copying an AMI. This is called a cross-account AMI copy. The original owner of the AMI continues to remain the owner of a shared AMI and is charged for storing the target AMI in the destination region.
Storage for EC2 Instances
• Amazon EC2 instance store Non-durable data storage • Amazon Elastic Block store (EBS) Durable storage • Amazon Elastic File System (Amazon EFS) Durable storage • Amazon Simple Storage Service (Amazon S3) Durable storage
Name 6 Instance Families
• Burstable performance instances • General purpose instances • Compute optimized instances • Memory optimized instances • Storage optimized instances • Linux accelerated computing instances
Connection issues - Network Error: Connection Timed out or Error Connecting to - Troubleshoot this NOW
• Check your security group rules to ensure that they include a rule that allows inbound traffic from your public IPv4 address on the correct port. • Check that a rule allows traffic from your computer to port 22 (SSH) for Linux servers. • Check that the route table for the subnet has a route that sends all traffic destined to go to hosts outside your VPC to the Internet gateway for your VPC. • Check the network access control list (NACL) for the subnet in which the instance is running. The NACL must permit inbound and outbound traffic from your local IP address on the proper port. (I explain NACL in Chapter 6.) • Check to ensure that your internal firewall allows inbound/outbound traffic from your server on port 22 for Linux servers and port 3389 for Windows servers. • Ensure that the instance has a public IPv4 address, or associate an elastic IP (EIP) address with the instance. • Check the CPU load on the EC2 instance to ensure it isn't overloaded.
Linux AMI Instance Virtualization Types
• Hardware virtual machine (HVM) Enables you to run an OS directly on the VM, just as you would run it on bare-metal hardware. The host server emulates the hardware it presents to the guest server (VM). HVM virtualization makes use of hardware extensions that enhance performance, such as the CPU virtualization extension. All instance types (described later in the chapter) support HVM virtualization. • Paravirtual (PV) Enables instances (guests) to run on hardware that doesn't formally support virtualization. The drawback, however, is that the guests can't use special hardware extensions such as GPU processing. Only some instance types such as the C3 current generation type support PV AMIs.
Instance Launch Issues - name 3, give the definition of each:
• InstanceLimitExceeded This error means that you've reached the limit on the number of EV2 instances that you can launch in a region. AWS sets default limits on the instances that you can run in a region. • InsufficientInstanceCapacity You receive this error when AWS EC2 doesn't have sufficient On-Demand instances to fulfill your request in an AZ. You can resolve this error by waiting for a few minutes and resubmitting your request, submitting a request with a reduced number of instances, or purchasing reserved instances (a way to reserve capacity long-term). • Instance moves from the PENDING to the TERMINATED state If an instance is terminating soon after you start it, you may have reached your EBS volume limit, you may have a corrupt EBS snapshot, or you may not have the permission to access the Key Management Service (KMS) key to decrypt an encrypted root volume. If it's an instance store-backed AMI that you're launching your instance with, the AMI may be missing an image.part.xx file.
AMI Selection Characteristics.
• Provider Select an AMI offered by AWS, Oracle, IBM, Microsoft, or the community. • Region Select any AWS region that's available to you; you can launch the instance here. • Operating system Select Linux or Windows. • Architecture Select a 32-bit (i386) or 64-bit (x86-64) architecture. • Launch permissions The owner of an AMI specifies the launch permissions, which determine its availability. Launch permissions can be public, implicit, or explicit. • A public launch permission means any AWS account can launch those AMIs. • An explicit launch permission grants permission to specific AWS accounts. • An implicit launch permission means that only the owner can launch EC2 instances from that AMI. • Storage for the root device An AMI can be Amazon Elastic Block Storage (EBS)-backed, or instance store-backed. (Because this is an important aspect of choosing an AMI, I discuss this characteristic in a separate section.)
Standard and Convertible Offering Classes There are two offering classes for Reserved instances:
• Standard Reserved instance Allows you to modify just some attributes of the instance, such as instance size, and you can't exchange the instances (when EC2 allows you to trade one Reserved instance for a different instance, and several rules apply). • Convertible Reserved instance Allows you to exchange the instance during its term for another Convertible Reserved instance with different attributes. Convertible Reserved instances offer more flexibility by allowing you to exchange an instance for a different one with alternative attributes such as instance family, instance type, platform, and tenancy to apply discount credits. A Convertible Reserved instance is a good option when your applications will be running daily throughout the year, you're looking for the most cost-effective pricing option for the instances, and you also expect that you may have to upgrade the instances to handle the increasing workloads that you're expecting.
Instance Recovery Failures
• The instance has reached the maximum of three recovery attempts per day. • An ongoing Service Health dashboard event may prevent the recovery process from running. • There may be a temporary lack of replacement hardware.
What ways can you launch an EC2 Instance?
• Use an AMI via the Launch Instance Wizard or from the command line. • Create a launch template with the configuration information to launch an instance, so you don't have to specify the launch parameters for every instance launch. A launch template will contain the AMI ID and instance and network settings for launching an instance. • Launch an instance from an existing EC2 instance. Click the Launch More Like This button in the EC2 console to use the instance as the basis for a new instance. This option replicates some configuration data from the source instance but doesn't clone the instance. If you need an exact copy of a current instance, create an AMI first, and then launch instances from that AMI. • Launch an instance from the backup you make of an EC2 instance. Create a backup of the root device volume of an EBS-backed Linux instance by creating a snapshot. This, however, only enables you to launch a new instance using the same image as the AMI that launched the original instance. The snapshot doesn't copy the data and software from the source database.
Copying AMI Facts:
• You can copy both EBS-backed and instance store-backed AMIs. • You can copy encrypted AMIs. • You can copy AMIs with encrypted snapshots. • You can copy an unencrypted source AMI to an encrypted target AMI, an unencrypted source AMI to an encrypted target AMI, and an unencrypted source AMI to an unencrypted target AMI. However, you can't copy an encrypted source AMI to an unencrypted target AMI.