EC2 - Elastic Compute Cloud:
- https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/concepts.html
- Amazon Elastic Compute Cloud (Amazon EC2) provides scalable computing capacity in the Amazon Web Services (AWS) cloud - server instances hosted in Amazon DCs.
AMI PV / HVM - Paravirtual and Hardware VM
- Linux Amazon Machine Images use one of two types of virtualization: paravirtual (PV) or hardware virtual machine (HVM). The main differences between PV and HVM AMIs are the way in which they boot and whether they can take advantage of special hardware extensions (CPU, network, and storage) for better performance.
- Hardware VM guests are fully virtualized. It means that the VMs running on top of their hypervisors are not aware that they are sharing processing time with other clients on the same hardware. The host should have the capability to emulate underlying hardware for each of its guest machines. This virtualization type provides the ability to run an operating system directly on top of a virtual machine without any modification — as if it were run on the bare-metal hardware. The advantage of this is that HVMs can use hardware extensions which provide very fast access to underlying hardware on the host system.
- Paravirtualization, on the other hand, is a lighter form of virtualization. This technique is fast and provides near native speed in comparison to full virtualization. With Paravirtualization, the guest operating system requires some modification before everything can work. These modifications allow the hypervisor to export a modified version of the underlying hardware to the VMs, allowing them near-native performance. All PV machines running on a hypervisor are basically modified operating systems like Solaris or various Linux distributions.
- - Some Amazon Elastic Compute Cloud (Amazon EC2) instance types come with a form of directly attached, block-device storage known as the instance store. The instance store is ideal for temporary storage, because the data stored in instance store volumes is not persistent through instance stops, terminations, or hardware failures.
- - For data you want to retain longer, or if you want to encrypt the data, use Amazon Elastic Block Store (Amazon EBS) volumes instead. EBS volumes preserve their data through instance stops and terminations, can be easily backed up with EBS snapshots, can be removed from one instance and reattached to another, and support full-volume encryption.
- - An Amazon Machine Image (AMI) provides the information required to launch an instance. You must specify an AMI when you launch an instance. You can launch multiple instances from a single AMI when you need multiple instances with the same configuration.
- EC2 should be launched in a VPC
- 'Delete on Termination' is automatically set on EC2 Root only. Off by default on other volumes.
§ CPU, Disk Read/Write, Network In/Out, Failed Checks, CPU Credit Usage
- Encryption Private key – you keep. For instance access – NOT FOR service access.
- EC2 Monitoring available by default:§ CPU, Disk Read/Write, Network In/Out, Failed Checks, CPU Credit Usage
§ basic (free) monitoring does not include Disk utilization
- EBS volumes – can’t launch an instance with root volume encrypted
§ Work-around: Can create AMI off a non-encrypted EC2 – copy and launch in another region with Encryption ON
§ Work-around: Can create AMI off a non-encrypted EC2 – copy and launch in another region with Encryption ON
- Can modify image permissions: encrypted AMI can’t be made public; non-encrypted can be made public
§ yum update -y
- Encryption key file – chmod 400 – make sure to enable Read only for the owner
- Yum - The 'Yellowdog Updater, Modified' is a free and open-source command-line package-management utility for computers running the Linux operating system using the RPM Package Manager.§ yum update -y
§ yum install httpd
- When you stop and then restart and EBS instance due to it being impaired, AWS can relaunch it on a new host
- Instance-Store Backed EC2
§ don’t have an option to Stop (unlike EBS). Stop = lose all data. Can Reboot / Terminate
- Instance-Store Backed EC2
§ don’t have an option to Stop (unlike EBS). Stop = lose all data. Can Reboot / Terminate
§ can’t create an AMI of it via console – need to use CLI installed, use S3, etc.
- EBS Backed EC2
§ can be stopped
- EBS Backed EC2
§ can be stopped
- EBS Optimized instance – deliver dedicated/maximized performance b/w EC2 and dedicated EBS volumes
Enhanced networking
When you use a volume external to the root host (EBS) – you want to make sure that communication between root and the volume is fast:
- Higher packets per second
- Lower latency
- Lower jitter
Enhanced networking uses Single Root I/O Virtualization – SR-I/OV
- SR-IOV is a method of device virtualization that provides higher I/O performance and lower CPU utilization when compared to traditional virtualized network interfaces
§ the guest EC2 instance has direct access to the host NIC. Better speed / lower latency. Not supported on all instance types.
- Enhanced networking provides higher bandwidth, higher packet per second (PPS) performance, and consistently lower inter-instance latencies.
- no additional charge for using enhanced networking
- Available on EBS and Instance stored volumes
- Available across multiple AZs
- EC2 root can be Instance store or Block store backed
- Enhanced networking is supported only for HVM instances:
- https://aws.amazon.com/premiumsupport/knowledge-center/enable-configure-enhanced-networking/
- SR-IOV is a method of device virtualization that provides higher I/O performance and lower CPU utilization when compared to traditional virtualized network interfaces
§ the guest EC2 instance has direct access to the host NIC. Better speed / lower latency. Not supported on all instance types.
- Enhanced networking provides higher bandwidth, higher packet per second (PPS) performance, and consistently lower inter-instance latencies.
- no additional charge for using enhanced networking
- Available on EBS and Instance stored volumes
- Available across multiple AZs
- EC2 root can be Instance store or Block store backed
- Enhanced networking is supported only for HVM instances:
- https://aws.amazon.com/premiumsupport/knowledge-center/enable-configure-enhanced-networking/
No comments:
Post a Comment