Chapter 3: Amazon Elastic Compute Cloud (Amazon EC2) and Amazon Elastic Block Store (Amazon EBS)

Chapter 3: Amazon Elastic Compute Cloud (Amazon EC2) and
Amazon Elastic Block Store (Amazon EBS)

  1. C. Reserved Instances provide cost savings when you can commit to running instances full time, such as to handle the base traffic. On-Demand Instances provide the flexibility to handle traffic spikes, such as on the last day of the month.
  • 按需实例可以提供自由的扩展,应对临时的负载,支持应对流量峰值
  1. B. Spot Instances are a very cost-effective way to address temporary compute needs that are not urgent and are tolerant of interruption. That’s exactly the workload described here. Reserved Instances are inappropriate for temporary workloads. On-Demand Instances are good for temporary workloads, but don’t offer the cost savings of Spot Instances. Adding more queues is a non-responsive answer as it would not address the problem.
  • 对于不紧急并且允许中断的临时任务可以使用spot instance来降低成本;
  • Reserved Instance不是用来支持临时任务的
  • On-Demand instance 虽然是用来支持临时任务的,但是成本较高;
  1. C, D. The Amazon EC2 instance ID will be assigned by AWS as part of the launch process. The administrator password is assigned by AWS and encrypted via the public key. The instance type defines the virtual hardware and the AMI defines the initial software state. You must specify both upon launch.
  • AWS的用户名和密码是不需要指定的,无论在linux还是windows下,因为aws提供的是public key进行访问,你登录后可以设定通过密码访问,同时自己也需要创建账号密码;
  • 必选项创建一个示例一般先选择instance type,然后选择ami。
  • 可选项:配置instance、添加标签、设置安全组、添加存储
  • 一个region都是提前选择好的,但是里边的az是通过创建subnet的时候需要指定的。如果在配置instance时候,不指定vpc和子网,一般都会使用默认创建的内容。
  1. A, C. You can change the instance type only within the same instance type family, or you can change the Availability Zone. You cannot change the operating system nor the
    instance type family.
  • 可以改变一个instance的规格,基于相同family类型
  • 可以改变instance的az
  • 这两个在instance运行时菜单是不可点击的,理论上只有stop的时候才可以操作;
  1. D. When there are multiple security groups associated with an instance, all the rules are aggregated.
  • 当有多个安区组关联到一个实例上,那么他们是累加的规则
  • 当然一个实例可以配置多个安区组sg
  1. A, B, E. These are the benefits of enhanced networking.
  • SR-IOV 是一种设备虚拟化方法,与传统虚拟化网络接口相比,它不仅能提高 I/O 性能,还能降低 CPU 使用率。增强联网可以提高带宽,提高每秒数据包数 (PPS) 性能,并不断降低实例间的延迟。使用增强联网不收取任何额外费用
  • Intel 82599 虚拟功能 (VF) 接口支持10G的增强联网,支持instance如下:C3、C4、D2、I2、M4 (m4.16xlarge 除外) 和 R3 实例
  • Elastic Network Adapter (ENA)支持25G的增强联网,支持instance如下:C5、C5d、F1、G3、H1、I3、m4.16xlarge、M5、M5d、P2、P3、R4 和 X1
  1. A, B, D. The other answers have nothing to do with networking.
  • HPC的网络能力增强必须 先选择支持增强联网的实例,开启网络增强能力,设定到一个placement group中
  1. C. Dedicated Instances will not share hosts with other accounts.
  • 您的实例在单租户硬件上运行。
  1. B, C. Instance stores are low-durability, high-IOPS storage that is included for free with the hourly cost of an instance.
  • instance的存储是临时性的,只要主机stop和terminal就会丢失;
  • 较高的iops
  • instance提供了默认大小的存储不收费,对于新增的存储大小进行收费
  1. A, C. There are no tapes in the AWS infrastructure. Amazon EBS volumes persist when the instance is stopped. The data is automatically replicated within an Availability Zone.Amazon EBS volumes can be encrypted upon creation and used by an instance in thesame manner as if they were not encrypted.
  • EBS是自动在AZ中复制的。但是不会备份到tape中。
  • EBS支持加密创建
  1. B. There is no delay in processing when commencing a snapshot.
  • 创建一个snapshot是不会有时间延迟的。
  1. B. The volume is created immediately but the data is loaded lazily. This means that the volume can be accessed upon creation, and if the data being requested has not yet been restored, it will be restored upon first request.
  • EBS从快照中恢复数据是立即可以被访问的,但是数据加载较慢,如果数据还没被加载完成就收到请求了,那么基于第一个request,数据将被加载。所以对外展现是立即就可以使用了。
  1. A, C. B and D are incorrect because an instance store will not be durable and a magnetic volume offers an average of 100 IOPS. Amazon EBS-optimized instances reserve network bandwidth on the instance for IO, and Provisioned IOPS SSD volumes provide the highest consistent IOPS.
  • 首先在启动的时候选择EBS优化的instance
  • 然后选择 SSD这种高iops的卷进行存储;
  1. D. Bootstrapping runs the provided script, so anything you can accomplish in a script you can accomplish during bootstrapping.
  • 通过user data这个内容,您可以完成安全更新、应用版本升级、配置os的服务
  1. C. The public half of the key pair is stored on the instance, and the private half can then be used to connect via SSH.
  • 新创建的instance都是通过私钥访问的。
  1. B, C. These are the possible outputs of VM Import/Export.
  • vm的导入导出支持ami创建和instance创建
  1. B, D. Neither the Windows machine name nor the Amazon EC2 instance ID can be resolved into an IP address to access the instance.
  • 能解析成一个IP的只有 public dns name和eip
  1. A. None of the other options will have any effect on the ability to connect.
  • 访问不了一般都是vpc的安全组问题或者子网的ACL设置问题
  1. C. A short period of heavy traffic is exactly the use case for the bursting nature of general-purpose SSD volumes—the rest of the day is more than enough time to build up enough IOPS credits to handle the nightly task. Instance stores are not durable, magnetic volumes cannot provide enough IOPS, and to set up a Provisioned IOPS SSD volume to handle the peak would mean spending money for more IOPS than you need.
  • 短期的高负载没必要使用 专属的iops ssd,直接使用标准版本的ssd盘就可以了。aws提供了一个instance积分的制度,可以动态调整IOPS。
  1. B. There is a very small hourly charge for allocated elastic IP addresses that are not associated with an instance.
  • 当eip 挂在的instance停机了,是需要收费的
  • 当eip挂在的instance在使用,是不需要收费的,AWS的理念是让大家不要浪费eip
  • EIP一般被用到slb场景,当instance stop后再开机,EIP是不会变的,而默认分配的public ip 会改变;

知识点总结

  • Know the basics of launching an Amazon ec2 instance. To launch an instance, you must specify an AMI, which defines the software on the instance at launch, and an instance type, which defines the virtual hardware supporting the instance (memory, vCPUs, and so on).

  • 了解创建一个EC2实例的基本输入信息。

  • 必须指定一个AMI:定义了实例启动时操作系统及软件;

  • 指定一个实例类型:定了一个虚拟硬件的的规格 memory、vCPU等

  • Know what architectures are suited for what Amazon ec2 pricing options. Spot Instances are best suited for workloads that can accommodate interruption. Reserved Instances are best for consistent, long-term compute needs. On-Demand Instances provide flexible compute to respond to scaling needs.

  • 知道适合不同架构的EC2定价选择;

  • Spot instance 适合可以随时终端的负载;

  • Reserved instance 适合长期持续访问的计算需求;

  • On-Demand instances:提供了按需扩展的自由计算能力;

  • Know how to combine multiple pricing options that result in cost optimization and scalability. On-Demand Instances can be used to scale up a web application running on Reserved Instances in response to a temporary traffic spike. For a workload with several Reserved Instances reading from a queue, it’s possible to use Spot Instances to alleviate heavy traffic in a cost-effective way. These are just two of countless examples where a workload may use different pricing options.

  • 了解如何组合多个定价选择

  • On-Demand instances可以用作解决临时流量峰值的解决方案;

  • 对于一个从queue中读取消费消息的Reserved Instances,有很大可能可以使用Spot instances去解决流量高峰,从而获得更高的性价比;

  • Know the benefits of enhanced networking. Enhanced networking enables you to get significantly higher PPS performance, lower network jitter, and lower latencies.

  • enhanced networking 可以让我们显著的获得更高的PPS性能,低网络抖动,低延迟;

  • Know the capabilities of vm import/export. VM Import/Export allows you to import existing VMs to AWS as Amazon EC2 instances or AMIs. Amazon EC2 instances that were imported through VM Import/Export can also be exported back to a virtual environment.

  • 了解VM import/export能力,VM import/export允许你导入现有的VMs到AWS作为EC2实例或者AMIs。 Amazon EC2实例可以通过VM导入,也可以被导出到虚拟环境中;

  • Know the methods for accessing an instance over the internet. You can access an Amazon EC2 instance over the web via public IP address, elastic IP address, or public DNS name. There are additional ways to access an instance within an Amazon VPC, including private IP addresses and ENIs.

  • 了解通过internet访问instance的方法:通过public IP、EIP、public DNS name。

  • 还有一些额外的方法:private IP 和 ENIs;

  • Know the lifetime of an instance store. Data on an instance store is lost when the instance is stopped or terminated. Instance store data survives an OS reboot.

  • 了解instance store的生命周期;instance被stopped或者terminated的时候,instance本身的store data将被清空。但是OS reboot的时候 instance的store data会被保存;

  • Know the properties of the Amazon EC2 pricing options. On-Demand Instances require no up-front commitment, can be launched any time, and are billed by the hour. Reserved Instances require an up-front commitment and vary in cost depending on whether they are paid all up front, partially up front, or not up front. Spot Instances are launched when your bid price exceeds the current spot price. Spot Instances will run until the spot price exceeds your bid price, in which case the instance will get a two-minute warning and terminate.

  • 了解Amazon EC2的定价模型;

  • On-Demand instance:不需要提前付款,可以随时启动,按小时付费;

  • Reserved instance:需要一个预付协议,可以选择是否全部预付,部分预付,或者不预付,不同的选择价格不同;

  • Spot Instance:在spot价格超过当前竞标价,在spot价格高于你的竞标价时停止,停止时将有一个提前两分钟的警告,然后终止;

  • Know what determines network performance. Every instance type is rated for low, moderate, high, or 10 Gbps network performance, with larger instance types generally having higher ratings. Additionally, some instance types offer enhanced networking, which provides additional improvement in network performance.

  • 了解网络性能决策。每个instance type被定级为low,moderate,high或者10 Gbps的网络性能;Larger instance type一般有较高的定级;

  • 另外,一些instance type提供enhance networking,可以提供网络上的性能改善;

  • Know what instance metadata is and how it’s obtained. Metadata is information about an Amazon EC2 instance, such as instance ID, instance type, and security groups, that is available from within the instance. It can be obtained through an HTTP call to a specific IP address.

  • 了解什么是instance的元数据以及如何获取。元数据是EC2的信息,例如instanceID,instance type,安全组。他可以通过http调用特定IP的方式获取;

  • Know how security groups protect instances. Security groups are virtual firewalls controlling traffic in and out of your Amazon EC2 instances. They are deny by default, and you can allow traffic by adding rules specifying traffic direction, port, protocol, and destination address (via Classless Inter-Domain Routing [CIDR] block). They are applied at the instance level, meaning that traffic between instances in the same security group must adhere to the rules of that security group. They are stateful, meaning that an outgoing rule will allow the response without a correlating incoming rule.

  • 了解安全组是如何保护instance的。安全组是虚拟的防火墙用来控制EC2流量的进出;默认是deny所有,你可以指定规则指明流量的进出、端口和协议,以及目标地址。他们适用于instance level,意味着相同安全组内的instance拥有相同的流量规则。他们是有状态的,意味着出口规则定义完成后,入口规则就不需要定制了;

  • Know how to interpret the effect of security groups. When an instance is a member of multiple security groups, the effect is a union of all the rules in all the groups.

  • 了解如何中断安全组的效果。当一个instance是多个安全组的一员,对instance的影响是多个安全组的并集;

  • Know the different Amazon ebs volume types, their characteristics, and their appropriate workloads. Magnetic volumes provide an average performance of 100 IOPS and can be provisioned up to 1 TB. They are good for cold and infrequently accessed data. General-purpose SSD volumes provide three IOPS/GB up to 10,000 IOPS, with smaller volumes able to burst 3,000 IOPS. They can be provisioned up to 16 TB and are appropriate for dev/test environments, small databases, and so forth. Provisioned IOPS SSD can provide up to 20,000 consistent IOPS for volumes up to 16 TB. They are the best choice for workloads such as large databases executing many transactions.

  • 了解不同AWS EBS卷类型,他们的特点,他们适合的负载能力。

  • 普通磁盘支持 500的IOPS/

  • General-purpose SSD 卷提供 10000的IOPS,16TB存储量,比较适合dev/test环境,小型数据库等;

  • Provisioned IOPS SSD 提供20000的IOPS,16TB存储量,比较适合大型数据库负载,执行多事务性程序;


    image.png
  • Know how to encrypt an Amazon ebs volume. Any volume type can be encrypted at launch. Encryption is based on AWS KMS and is transparent to applications on the attached instances.

  • 了解如何加密一个EBS卷。任何类型的卷都可以在launch的时候加密;加密是基于AWS的KMS,在应用调取的时候自动解密转换;

  • Understand the concept and process of snapshots. Snapshots provide a point-in-time backup of an Amazon EBS volume and are stored in Amazon S3. Subsequent snapshots are incremental—they only store deltas. When you request a snapshot, the point-in-time snapshot is created immediately and the volume may continue to be used, but the snapshot may remain in pending status until all the modified blocks have been transferred to Amazon S3. Snapshots may be copied between regions.

  • 了解Snapshots的概念。Snapshots提供了一个按照时间点备份EBS卷的策略,同时将Snapshots存储在S3。顺序的snapshots是增量的存储;

  • 当你设置一个snapshot, point-in-time的snapshot被立即创建了,同时这个卷也许持续被使用。但是当snapshot是pending状态的时候,可能是在等待modified blocks被传输到S3。

  • Snapshots 也可以跨region复制。

  • Know how Amazon ebs-optimized instances affect Amazon ebs performance. In addition to the IOPS that control the performance in and out of the Amazon EBS volume, use Amazon EBS-optimized instances to ensure additional, dedicated capacity for Amazon EBS I/O.

  • 了解AWS的ebs-optimized instance如何影响 ebs的性能;IOPS是控制in and out的EBS卷,使用EBS-optimized instance可以保证额外的,专属的EBS IO;

最后编辑于
©著作权归作者所有,转载或内容合作请联系作者
  • 序言:七十年代末,一起剥皮案震惊了整个滨河市,随后出现的几起案子,更是在滨河造成了极大的恐慌,老刑警刘岩,带你破解...
    沈念sama阅读 204,293评论 6 478
  • 序言:滨河连续发生了三起死亡事件,死亡现场离奇诡异,居然都是意外死亡,警方通过查阅死者的电脑和手机,发现死者居然都...
    沈念sama阅读 85,604评论 2 381
  • 文/潘晓璐 我一进店门,熙熙楼的掌柜王于贵愁眉苦脸地迎上来,“玉大人,你说我怎么就摊上这事。” “怎么了?”我有些...
    开封第一讲书人阅读 150,958评论 0 337
  • 文/不坏的土叔 我叫张陵,是天一观的道长。 经常有香客问我,道长,这世上最难降的妖魔是什么? 我笑而不...
    开封第一讲书人阅读 54,729评论 1 277
  • 正文 为了忘掉前任,我火速办了婚礼,结果婚礼上,老公的妹妹穿的比我还像新娘。我一直安慰自己,他们只是感情好,可当我...
    茶点故事阅读 63,719评论 5 366
  • 文/花漫 我一把揭开白布。 她就那样静静地躺着,像睡着了一般。 火红的嫁衣衬着肌肤如雪。 梳的纹丝不乱的头发上,一...
    开封第一讲书人阅读 48,630评论 1 281
  • 那天,我揣着相机与录音,去河边找鬼。 笑死,一个胖子当着我的面吹牛,可吹牛的内容都是我干的。 我是一名探鬼主播,决...
    沈念sama阅读 38,000评论 3 397
  • 文/苍兰香墨 我猛地睁开眼,长吁一口气:“原来是场噩梦啊……” “哼!你这毒妇竟也来了?” 一声冷哼从身侧响起,我...
    开封第一讲书人阅读 36,665评论 0 258
  • 序言:老挝万荣一对情侣失踪,失踪者是张志新(化名)和其女友刘颖,没想到半个月后,有当地人在树林里发现了一具尸体,经...
    沈念sama阅读 40,909评论 1 299
  • 正文 独居荒郊野岭守林人离奇死亡,尸身上长有42处带血的脓包…… 初始之章·张勋 以下内容为张勋视角 年9月15日...
    茶点故事阅读 35,646评论 2 321
  • 正文 我和宋清朗相恋三年,在试婚纱的时候发现自己被绿了。 大学时的朋友给我发了我未婚夫和他白月光在一起吃饭的照片。...
    茶点故事阅读 37,726评论 1 330
  • 序言:一个原本活蹦乱跳的男人离奇死亡,死状恐怖,灵堂内的尸体忽然破棺而出,到底是诈尸还是另有隐情,我是刑警宁泽,带...
    沈念sama阅读 33,400评论 4 321
  • 正文 年R本政府宣布,位于F岛的核电站,受9级特大地震影响,放射性物质发生泄漏。R本人自食恶果不足惜,却给世界环境...
    茶点故事阅读 38,986评论 3 307
  • 文/蒙蒙 一、第九天 我趴在偏房一处隐蔽的房顶上张望。 院中可真热闹,春花似锦、人声如沸。这庄子的主人今日做“春日...
    开封第一讲书人阅读 29,959评论 0 19
  • 文/苍兰香墨 我抬头看了看天上的太阳。三九已至,却和暖如春,着一层夹袄步出监牢的瞬间,已是汗流浃背。 一阵脚步声响...
    开封第一讲书人阅读 31,197评论 1 260
  • 我被黑心中介骗来泰国打工, 没想到刚下飞机就差点儿被人妖公主榨干…… 1. 我叫王不留,地道东北人。 一个月前我还...
    沈念sama阅读 44,996评论 2 349
  • 正文 我出身青楼,却偏偏与公主长得像,于是被迫代替她去往敌国和亲。 传闻我的和亲对象是个残疾皇子,可洞房花烛夜当晚...
    茶点故事阅读 42,481评论 2 342

推荐阅读更多精彩内容