BYTE the Cloud

Chris 0:00
All right, so we're diving deep into Amazon EC2 today. Yeah, sounds good. And as mid level cloud engineers, you probably know you probably use this service quite a bit. Yeah, definitely

Kelly 0:09
a bread and butter service, for sure. But

Chris 0:11
we're gonna go deeper Absolutely, especially for those of you studying for the AWS Solutions Architect Associate exam,

Kelly 0:17
for sure. Yeah, there's some good stuff here. So

Chris 0:20
this is kind of like a focused study session. Yeah, I like it, where we unpack EC2 Exactly. And so let's get started. Yeah, I'm excited. What exactly is EC2? Why is it so important to AWS? So

Kelly 0:34
at its core, EC2 lets you rent these virtual servers, okay, called instances in the cloud. It's kind of like having a data center at your fingertips, right, without the hassle of physical hardware. I like that you can choose the operating system, the amount of processing power, memory and storage you need, all customized to your requirements. So it's like building

Chris 0:57
your own virtual computer, exactly, yeah, but with more power and flexibility, yeah, than a single physical machine, for sure. Okay, and that's why it's considered foundational, yeah, for sure. EC2 powers so many different types of applications, yeah, from

Kelly 1:12
simple websites to complex machine learning models. Wow, it's really the engine behind a lot of what we see in the cloud today?

Chris 1:21
Yeah, that makes sense. So it's not just one type of virtual server, right, right? There's all these different Exactly, yeah, flavors of EC2 instances. Yeah,

Kelly 1:29
it's like choosing the right tool for the job, right? Do you need a heavy duty truck, right? Or a nimble sports car, right? That's the beauty of EC2.

Chris 1:38
Okay, give me some real world examples. Yeah, sure of how people are actually using these different types of instances. So let's say

Kelly 1:45
you're a game developer, okay, and you have a popular online game, you need to be able to handle potentially millions of players connecting at the same time, especially during peak hours. Oh, yeah. EC2's auto scaling features can spin up additional game servers. Interesting as the demand increases, ensure a smooth and responsive experience for your players, even during

Chris 2:08
those traffic spikes Exactly. So that's how you prevent those gridded lag spikes exactly for gamers. That's right. Okay,

Kelly 2:14
cool. Now on a completely different end of the spectrum, okay, imagine you're a scientist working on complex climate models, okay? You need massive computing power to run those simulations. Yeah, that would make sense. With EC2, you can create entire clusters of high performance computing instances specifically designed for those kinds of workloads. So

Chris 2:36
it really does span this huge range of applications. It does it's crazy. That's why it's called Elastic Compute Cloud

Kelly 2:41
exactly, it can stretch and adapt to meet a variety of needs.

Chris 2:46
Okay, so let's unpack, yeah, let's dive in the core features of EC2. Sure? What are some of the things that cloud engineers absolutely, yeah, need to know about. So

Kelly 2:56
instance types are a big one. There are general purpose instances like the t2 mic, which are perfect for low traffic websites or dev environments where you don't need a ton of processing power. And then you have compute optimized instances like the c5 family, so different engines for different needs, exactly. Yeah. And then you have memory optimized instances like the R family, designed for handling large data sets in memory and storage optimized instances like the I family got it, ideal for handling massive data streams. So

Chris 3:29
it's not just about processing power, yeah, you got it. There's instances tailored to all different types of data processing as well, right? And then on top of that, you've got security groups, that's right, yeah, which act as virtual firewalls controlling network access to EC2 instances,

Kelly 3:47
yeah, and elastic IP addresses, which provide static public IPs okay for your instances, so even if the underlying IP changes, you still have a consistent address for your applications.

Chris 4:00
I'm starting to see how these features, yeah, add layers of control and flexibility, yeah, for sure, but yeah, let's be realistic, right? There must be some limitations to easy too, right, right? Yeah. What are some of those? So

Kelly 4:12
one of the biggest ones is cost management. Okay, it's incredibly easy to spin up a bunch of powerful instances and forget about them leading to unexpected bills, right? Yeah, you need to be diligent about monitoring your usage and choosing cost effective options for your needs. What

Chris 4:28
about security? Yeah,

Kelly 4:29
security is always a shared responsibility in the cloud, right? AWS provides a secure foundation, but you need to configure your instances correctly, okay, so things like strong passwords for your Iam users, properly configuring those security groups we talked about right and following best practices for data protection are essential.

Chris 4:51
So we need to be proactive exactly and not rely on AWS to handle everything for sure. Okay? And that's where understanding how ect. To integrate, yes, with other AWS services becomes really important, absolutely, yeah. So EC2 isn't just this standalone service. It plays nicely with others in the AWS ecosystem.

Kelly 5:12
It does for sure, okay, think of it like a well oiled machine, right? EC2 can leverage services like s3 for object storage, elastic load balancing, for distributing traffic, okay? Auto spailing, for dynamically adjusting resources I am for managing user access. So EC2

Chris 5:31
is a powerful tool on its own, yeah? But it's even more powerful, way more powerful, yeah, when combined with these other services, that's right. Okay, I think we've laid a good foundation here. I agree. Now let's shift gears. Let's do it and dive into what you came here for. All right, exam prep. I like it. Let's start with those instance types. Sure, there are so many options I know, right? It can be a bit overwhelming, definitely. Yeah, we're gonna break it down. Help me break it down. We got you covered. Awesome. All right, let's get started. Okay,

Kelly 6:00
so when it comes to instance types on the exam, the key is to understand the characteristics of each instance family and match them to the requirements of the use case. And the question, okay, that makes sense. Like, do they need raw CPU power? Do they need a lot of memory

Chris 6:17
stuff like that, but with so many families, how do I even begin to sort them out.

Kelly 6:21
Yeah, it can be overwhelming, for sure. Yeah, so think of it this way, okay, if the question is talking about a scenario where cost effectiveness is really important and the workload is light, like a simple website or a dev environment, okay, you'd immediately think of the t2 family, okay, t2 family, especially the t2 micro instance. All

Chris 6:41
right, so the t2 family is like the budget friendly option,

Kelly 6:44
exactly for those less demanding tasks.

Chris 6:47
What about when you need serious processing power? Yeah, then you want to

Kelly 6:51
go with the compute optimized families. So if the question is talking about raw CPU performance for maybe some batch processing or running some high performance applications. You'd think about the c5 family, okay, the c5 family, they're designed to handle those CPU intensive workloads. Got

Chris 7:09
it so. T2 for cost effectiveness, yep. C5 for raw CPU power,

Kelly 7:14
exactly.

Chris 7:14
Are there any other families I should be keeping in mind for the exam? Yeah,

Kelly 7:19
for sure. Okay, the m4 family is a great all rounder, okay, it offers a good balance of compute, memory and networking capabilities, okay, so

Chris 7:27
they're kind of like the in between, yeah, exactly

Kelly 7:29
right. They're a popular choice for things like web servers, application servers, okay, and just general purpose workloads. So

Chris 7:37
the m4 is like the reliable workhorse of the EC2 world. That's

Kelly 7:41
a good analogy. I like it. Okay, so

Chris 7:43
we've got t2, for cost effectiveness, yep. C5, for CPU power, yeah. And m4 for general purpose. That's right. Now, what if the exam throws me a curve ball? Okay, I like and I need an instance with a lot of RAM, yeah, for sure. Is there a specific family for

Kelly 7:59
that? Absolutely. Okay, that's when you look at the R family, okay? They're designed for memory intensive workload,

Chris 8:04
okay, like maybe a real time analytics application, exactly.

Kelly 8:07
Yeah, good example. Okay, and they come with a high ratio of memory to CPU cores, so

Chris 8:12
if you need to handle large data sets in memory, yeah, our family, that's it. This is starting to feel a lot more manageable, good.

Kelly 8:19
I'm glad to hear it. What about

Chris 8:20
storage? Yeah. So for storage, if I need to handle these massive data streams, right? Is there a family for that?

Kelly 8:26
Yeah, you'd want to look at the i family. The I family, they're optimized for high sequential read and write performance, okay? So they can handle a lot

Chris 8:33
of data coming in and going out exactly. Okay. So to recap, we've got t2 for cost effectiveness, yep. C5 for CPU power, sure. M4, for general purpose, that's right. R for memory intensive workloads, yeah, and for storage optimized tasks,

Kelly 8:50
you got it. Is

Chris 8:51
there anything else we need to know about instance types on the exam? Yeah. So

Kelly 8:55
those are the main families, okay, but remember, each family also has a range of instance sizes, okay? So, like small, medium large, exactly, yeah. So from small to extra large, offering different combinations of CPU cores, memory and storage capacity.

Chris 9:12
So the exam might ask about a specific instance size, right?

Kelly 9:16
They might get really specific and say which instant size within this family would be best for this scenario. Got it. So you need to understand how those vCPUs, the memory and the storage capacity, all relate to each other.

Chris 9:28
Okay, that makes sense, yeah. So it's not just picking the right family, but also the right size, exactly, exactly. Okay. So let's move on to another important topic for the exam. Sounds good? Pricing options,

Kelly 9:39
okay, yeah.

Chris 9:40
Can you walk me through how to approach those questions? Yeah,

Kelly 9:43
for sure. So AWS offers several different pricing models for EC2 right to kind of meet different needs and budgets. Okay? And so on the exam, you'll likely be asked to recommend the most cost effective option based on whatever's in the question. Got it so? Really all about understanding the trade offs between the different pricing models.

Chris 10:03
Okay, so let's start with on demand instances. Okay, yeah, when

Kelly 10:06
would those be the best choice? So

Chris 10:08
on demand instances offer the most flexibility. Okay, you pay for what you use by the hour or even by the second with no long term commitments. Okay, so they're great for short term, unpredictable workloads.

Kelly 10:23
Okay, so it's like paying for a rental car.

Chris 10:25
That's good analogy. Use

Kelly 10:26
it when you need it and return it when you're done. Exactly. Okay. What about reserved instances? Yeah, so

Chris 10:31
reserved instances are more like purchasing a car, okay? They offer a significant discount compared to on demand, but you commit to using a specific instance type, okay? For a one or three year term. So you're locked in.

Kelly 10:46
You are Yeah, but you get that discount. You get a big

Chris 10:48
discount. Okay, so those are best for applications where you have steady state usage,

Kelly 10:52
okay? So you can confidently predict your long term needs

Chris 10:56
exactly. So you know what you're gonna need and you're gonna use it for a while makes sense. Reserved instances are the way to go, all right, on demand for flexibility, reserved instances for long term commitment and cost savings. Exactly. Now. What about Spot Instances?

Kelly 11:10
Ah, Spot Instances Aren't those

Chris 11:12
the really cheap ones? Yeah, they are, but you can lose them. You can Yeah.

Kelly 11:16
So with Spot Instances, you're basically bidding on spare EC2 capacity, and you can get them at a much lower price, like, up to 90% cheaper, right? Yeah, up to 90% Wow, yeah, it's a big discount, okay. But the trade off is that if your bid gets outbid, yeah, your instances can get terminated with very little notice, two minutes, two minutes, yeah, you get a two minute warning.

Chris 11:38
So it's like finding a great deal on a flight. I like that analogy, but you might get bumped exactly if someone else is willing to pay more exactly. So when would those be a good option?

Kelly 11:49
So they're best for fault tolerant applications or flexible applications where interruptions aren't a big deal,

Chris 11:57
okay? So maybe like batch processing jobs exactly, where you can just restart them, yep, easily

Kelly 12:03
or stateless web servers, things that can be easily restarted.

Chris 12:06
So Spot Instances are for the bargain hunters, yeah, and those who can handle a bit of unpredictability, right?

Unknown Speaker 12:14
That's a good way to put it

Chris 12:16
all right. So we've covered on demand reserved, yeah, and Spot Instances. Is there anything else we should keep in mind about pricing options? Yeah, don't

Kelly 12:25
forget about savings plans. Okay? Savings Plans? What are those? So they kind of combine the cost savings of reserved instances, okay, with the flexibility of on demand, okay, how do they do that? So you're basically committing to a consistent amount of compute usage over a one or three year term, okay, but you don't have to choose specific instance types,

Chris 12:48
so it's like buying in bulk, but you don't know what you're gonna get,

Kelly 12:50
yeah, kind of okay, you're just committing to that level of usage, all right.

Chris 12:55
So it's for customers who have consistent usage, yeah, but they might not know what they're gonna need exactly a year from now. Okay, so savings plans for that kind of situation, yep, all right, that covers the main pricing options. It does what other topics related to EC2 might pop up on the exam. Yeah.

Kelly 13:12
Placement groups are a big one. Placement groups, yeah, they let you control where your instances are placed, okay, either within an availability zone or across availability zones, okay? So that you can optimize for either performance or availability, okay. So for example, cluster placement groups are great for low latency communication between instances, right? So those are often used for things like high performance computing, big data processing, right, or other applications where latency is a concern, cluster placement

Chris 13:40
groups for speed, that's it. What other types of placement groups are

Kelly 13:44
there? Yep, there are also partition placement groups, okay? And spread placement groups,

Chris 13:48
all right. Tell me about partition placement groups. Yeah. So

Kelly 13:51
partition placement groups spread your instances across different partitions, okay, within an availability zone. This helps to ensure that if one partition fails, right, your application can still run,

Chris 14:03
okay, so you're minimizing the impact of a potential failure Exactly, yeah. What about spread placement groups?

Kelly 14:10
Yeah. So spread placement groups are similar, okay, but they work across availability zones. So

Chris 14:15
instead of spreading within a single availability zone, right, you're spreading across multiple availability zones exactly for even more redundancy. That's right. Okay, so, cluster placement groups for low latency, yeah, partition placement groups for high availability within an availability zone, right? And spread placement groups for high availability across availability zone. You got it? Got it? Awesome. What other EC2 concepts should I brush up on for the exam,

Kelly 14:42
security groups?

Chris 14:43
Okay, yeah, those are important, yeah, you

Kelly 14:45
need to understand how to configure them, right to control traffic to your instances, so

Chris 14:50
like allowing SSH access only from specific IP addresses, exactly. Yeah, good example. Okay, so I need to practice my security group. Because. Configurations, yeah, for sure. What about elastic load balancing?

Kelly 15:03
Yeah. So elastic load balancing, or ELB, yeah, is a service that distributes incoming traffic across multiple instances.

Chris 15:11
So if I have a web application, yeah, running on multiple instances, right, ELB makes sure that the traffic is spread out Exactly,

Kelly 15:17
yep. And it also makes sure that if one instance fails, right? The traffic is redirected to the healthy instances

Chris 15:25
got it so it helps with high availability and scalability for sure. Okay, so

Kelly 15:28
on the exam, they might ask you to choose the right type of load balancer, okay,

Chris 15:33
so there are different types of load balancer, yeah. Like, what like an application

Kelly 15:36
load balancer for HTTP and HTTPS traffic, right? Or a network load balancer, okay, for TCP and UDP traffic, so I need to know the difference between those. Yeah, you need to know when to use which one, okay. And you might also be asked about health checks. Health checks, yeah, those determine if an instance is healthy, right, and only route traffic to healthy instances. Yeah,

Chris 15:59
okay, so the load balancer is constantly checking exactly on the health of the instances. That's right. Or what about auto scaling? Yeah, so

Kelly 16:06
auto scaling works with ELB Okay, to basically make sure that you have the right number of instances running based on demand. So if traffic

Chris 16:17
suddenly spikes, yeah, auto scaling will spin up more instances exactly to handle that traffic, that's right. And then it'll scale back down, yeah, when the traffic dies down exactly.

Kelly 16:28
And on the exam, they might ask you to configure auto scaling policies, okay, based on different metrics, all right,

Chris 16:35
so like CPU utilization or network traffic, yeah, exactly. Okay. This is starting to come together. Awesome. Now we haven't talked much about EBS volumes. Yeah, EBS

Kelly 16:45
volumes are important too. What do I need to know about those for the exam? So EBS volumes give you persistent block storage for your instances. Okay, so it's kind of like having an external hard drive for your instance got it and you can store data that needs to stick around, even if the instance gets terminated. Okay. So what types of EBS volumes are there? Yeah, so there

Chris 17:07
are a few different types, okay, but the two most common ones are GP two and IO one, okay, GP two and IO one, yeah. So GP two is a general purpose SSD volume, okay, that offers a good balance of price and performance. So that's kind of your default option, yeah, you could say that, okay. And then IO one is a provisioned IOPS SSD volume, okay. What does that mean? So that means you can specify exactly how much IOPS performance you need, okay, and it's designed for workloads that require consistent high performance, like databases, exactly. Yeah, good

Kelly 17:40
example. Okay, so GP2 for general purpose, yep. IO1, for high performance. Anything else? Yeah, don't

Chris 17:46
forget about encryption. Encryption, yeah, you can encrypt your EBS volume, right to protect the data exactly. Okay, so on the exam, they might ask about encryption and how to set it up, okay, all right. And the last thing I wanted to

Kelly 17:58
touch on was NAT gateways and net instances,

Chris 18:02
okay, NAT gateways and Nat instances, yeah. How might those be relevant for the exam? So they

Kelly 18:07
allow instances in a private subnet to connect to the internet, right, but without having public IP addresses, okay, so it's a security thing,

Chris 18:18
right? You don't want those instances exposed exactly to the public Internet. You got it? Okay? So they're like intermediaries, yeah, that allow the private instances to initiate outbound connections, right? But they're not directly accessible from the outside world. That's

Kelly 18:32
right, okay? And so on the exam, they might ask you to set up a NAT gateway or a NAT instance,

Chris 18:38
okay, to enable internet access for those private instances, exactly. All right, I will definitely brush up on my NAT gateway and Nat instance knowledge. Sounds good. This has been a really helpful overview. I'm glad to hear it of all the different EC2 concepts, yeah, that might pop up on the exam, for sure. Anything else you'd like to add?

Kelly 18:56
Yeah, just remember, practice makes perfect. So the more you familiarize yourself with these concepts and work through practice questions. Yeah, the more comfortable you'll be on exam day.

Chris 19:06
Great advice. Thanks. I'm definitely feeling more prepared now. I'm glad. All right, okay, so we've covered a lot of ground with those core EC2 concepts, but I have a feeling there's more. Oh yeah, definitely. What are some of those advanced EC2 features, yeah, for sure, that might give me an edge.

Kelly 19:24
So let's talk about elastic fabric adapter or EFA. EFA, yeah,

okay, I'm intrigued. So imagine you're working with high performance computing applications that need really low latency communication between instances, so

Chris 19:38
like tightly coupled workloads, exactly where even a tiny delay can really mess things up.

Kelly 19:44
Yeah, exactly. Okay, so EFA is basically a special network interface for EC2 instances, okay, that gives you that ultra low latency communication. And how does it do that? So it kind of bypasses the operating systems network stack and allows. For direct communication between instances at

Chris 20:03
the hardware level. So it's like a dedicated express lane for data. Yeah, that's a good way to think about it, between those high performance computing instances, exactly. Wow, that's pretty cool. It is. Yeah. Okay, so EFA for high speed communication, yep. What else?

Kelly 20:15
So let's talk about placement groups again. Okay, yeah, we

Chris 20:18
talked about cluster partition and spread placement groups, right? But are there more? There

Kelly 20:23
are a couple of more specialized types that you might see on the exam, okay, like, what so dedicated placement groups and host affinity placement groups. All right, what are those all about? So dedicated placement groups are for when you need complete isolation. So your instances are the only ones on those physical servers,

Chris 20:42
so no noisy neighbors, exactly. Yeah. Okay. So

Kelly 20:46
if you have an application that has strict regulatory requirements, right, or maybe you just want to make sure that the performance is super predictable, dedicated placement groups are the way to go.

Chris 20:58
Okay, and what about host affinity placement groups, yeah. So those give you

Kelly 21:02
even more control over where your instances are placed, how so you can actually choose which dedicated host your instances run on. So

Chris 21:10
if I have specific licensing requirements, yeah, exactly. They're tied to physical hardware, right? Or if I need certain instances to always be together, yep, host affinity is the way to go. Who got it? Okay, so dedicated placement groups for isolation, host affinity for fine grained control. That's right. Okay, got it awesome. Now let's talk about security. Sure, we touched on security groups, but what about actively detecting intrusions? Yeah,

Kelly 21:35
so for that, you would use AWS GuardDuty. GuardDuty, yeah, it's like a security guard for your cloud environment. Okay. What does it do? So it uses machine learning and anomaly detection, okay, to identify threats.

Chris 21:49
So it's like constantly looking for suspicious activity, exactly. Yep, okay. It can

Kelly 21:53
detect things like unusual API calls, attempts to access sensitive data or communication with known bad IP addresses. So

Chris 22:03
it's like having an extra set of eyes. Yeah, that's

Kelly 22:05
a good way to put it, okay, and it can also help you respond to incidents really quickly.

Chris 22:09
Okay, so guard duty for threat detection and response, exactly. Got it now. What about compliance? Yeah, compliance

Kelly 22:15
is important too. How

Chris 22:16
do we make sure that our EC2 deployments are meeting all the regulatory requirements. So

Kelly 22:21
AWS has a whole suite of tools to help with that, okay, one of the key ones is AWS Config. AWS

Chris 22:27
config, yeah, okay, tell me more about that. So it's basically

Kelly 22:30
a configuration management system for your entire AWS environment, okay, so it keeps track of all your resources, what they're configured like and it helps you make sure that you're following best practices.

Chris 22:43
So it's like a detailed audit trail for our cloud infrastructure. Yeah, exactly,

Kelly 22:47
okay. And it can also automate some remediation actions,

Chris 22:50
okay, so if there's a problem, yeah, it can help us fix it automatically, exactly, okay. So we've got guard duty for security, yep, AWS config for compliance. Any other essential services.

Kelly 23:02
Don't forget about AWS budgets, okay? AWS budgets, yeah, might not seem directly related to EC2, right, but it's super important for managing your costs,

Chris 23:11
okay? And how does AWS budgets help with that? So

Kelly 23:15
you can set spending limits for your accounts, okay, track your usage against those budgets, right? And get alerts when you're getting close to your limits. So

Chris 23:24
it's like a financial advisor, yeah, exactly for our cloud spending. I like it. Okay, that's a good analogy. It is. Any other parting words of wisdom, yeah,

Kelly 23:32
just remember that this is just the beginning. Okay, the cloud is constantly evolving, so just stay curious. Keep learning, yeah, and keep experimenting.

Chris 23:41
That's great advice. Thanks. I feel like I have a much stronger foundation in EC2 now, awesome, and I'm excited to keep learning. You too. So to all of you cloud enthusiasts out there, yeah, keep learning, keep building, and keep pushing the boundaries of what's possible in the cloud. That's right until next time. Happy clouding.

Kelly 23:58
Happy clouding.