Read EC2 FAQs
Know the different instance types:
- On demand
Know the difference between
- Dedicated hosts
- Shared tenancy
Know the process of launching an EC2 instance
To launch an instance, you need to specify an AMI, which defines the OS and software on the instance at launch (like unix. Windows. Webserver etc), an instance type (e.g. t2.micro), which defines the virtual hardware configuration for the instance (RAM, vCPUs etc).
Understand EC2 pricing for Cost Optimization and Scalability
Spot Instances are best suited for workloads that can accommodate interruption and are flexible with start and end times. Spot instances are well suited for applications that require low compute prices. If you terminate the instance you pay for the full hour but if AWS terminates it then you don’t pay for the hour.
Reserved Instances are best suited for consistent compute needs over a longer time period like 1-year or 3-year terms and are offered at a significant discount (upto 75%) compared to on-demand instances.
On-Demand Instances provide flexible compute by hour with no long term commitments and are a good option to respond to scaling needs during spikes and/or developing/testing apps on AWS for first time
Dedicated Hosts are physical EC2 servers dedicated for a specific organization’s use.
VM Import/Export enables you to import existing VM images to AWS as Amazon EC2 instances or AMIs. EC2 instances that imported using VM Import/Export can also be exported back to your own virtual environment.
Instance access over the internet
Know how access EC2 instance over the web via public IP address, elastic IP address, or public DNS of the instance.
Data on Instance store
Data on an instance store is lost when the instance is stopped or terminated. Instance store data survives an OS reboot.
Network Performance for EC2
Understand how different instance types are rated for low, moderate, high, or 10 Gbps network performance, as larger instance types generally have higher ratings. Additionally, know that some instance types offer enhanced networking, for additional throughput in network performance.
You can retrieve meta data about the instance, such as instance ID, instance type, and security groups, from within the instance. It can be obtained through an HTTP call to http://169.254.169.254/latest/meta-data/ . You can use tools as curl/ GET or instance metadata query tool.
Security groups are virtual firewalls for controlling traffic coming in and going out of Amazon EC2 instances. Security Groups deny all traffic by default, and you can allow traffic by adding rules specifying traffic (inbound/outbound), port, protocol, and destination address (via Classless Inter-Domain Routing [CIDR] block). Security Groups are applied at the instance level, and as a result traffic between instances in the same security group must adhere to the rules of the specific security group tied to the instance. They are stateful (whereas NACLs are stateless), meaning that an outgoing rule will allow the response without a explicitly defined incoming rule.
When an instance is a member of multiple security groups, the union of all the rules in all the groups is the net effect to the instance for inbound/outbound traffic.