Please enable JavaScript.
Coggle requires JavaScript to display documents.
Compute - Amazon EC2 - Coggle Diagram
Compute - Amazon EC2
Purchasing options
-
Savings Plans = reduce costs by making a commitment to a consistent amount of usage, in USD per hour, for a term of 1 or 3 years
Reserved Instances = reduce costs by making a commitment to a consistent instance configuration, including type and Region, for a term of 1 or 3 years
-
-
-
Spot Instances = request unused EC2 instances, which can reduce EC2 costs significantly
Dedicated Hosts = pay for physical host fully dedicated to running instances, and bring existing per-socket, per-core, or per-VM software licenses to reduce costs
Dedicated Instances = pay, by the hour, for instances that run on single-tenant hardware
Capacity Reservations = reserve capacity for EC2 instances in a specific Availability Zone for any duration
-
Instance
= a virtual server in the cloud, launched from AMI
-
-
types
general purpose
M5 and M5a
-
-
-
backend servers for SAP, SharePoint, cluster computing, and other enterprise applications
balance of compute, memory, and networking resources
M5zn
ideal for applications that benefit from extremely high single-thread performance, high throughput, and low latency networking
-
-
-
M6g and M6gd
AWS Graviton2 processors, deliver balanced compute, memory, and networking for general purpose workloads
-
-
-
-
-
-
T2, T3, T3a, and T4g
baseline level of CPU performance with the ability to burst to a higher level when required by workload
-
-
development, build, test, and staging environments
-
compute optimized
-
C6g, C6gd, and C6gn
powered by AWS Graviton2 processors, ideal for running advanced, compute-intensive workloads
-
-
-
-
-
-
-
-
memory optimized
R5, R5a, R5b, and R5n
high-performance, relational and NoSQL databases
distributed web scale cache stores that provide in-memory caching of key-value type data (Redis, Memcached)
in-memory databases using optimized data storage formats and analytics for business intelligence (eg. SAP HANA)
-
-
R6g and R6gd
powered by AWS Graviton2 processors, ideal for running memory-intensive workloads
-
-
-
X1
-
big-data processing engines (Spark, Presto, ...)
-
-
-
storage optimized
-
-
H1
-
applications requiring sequential access to large amounts of data on direct-attached instance storage
-
-
accelerated computing
use hardware accelerators, or co-processors, to perform some functions, such as floating point number calculations, graphics processing, or data pattern matching
-
-
-
EBS–optimized instance uses optimized configuration stack and provides extra dedicated capacity for EBS I/O
-
Best practices
Security
Manage access to AWS resources and APIs using identity federation, IAM users, and IAM roles
Establish credential management policies and procedures for creating, distributing, rotating, and revoking AWS access credentials
-
Regularly patch, update, and secure the operating system and applications on your instance
Storage
Understand the implications of the root device type for data persistence, backup, and recovery
-
-
-
Remember that the data stored in instance store is deleted when you stop, hibernate, or terminate your instance
-
-
Backup and recovery
-
Deploy critical components of your application across multiple Availability Zones, and replicate your data appropriately
-
-
Ensure that you are prepared to handle failover. For a basic solution, you can manually attach a network interface or Elastic IP address to a replacement instance. For an automated solution, you can use Amazon EC2 Auto Scaling
-
Networking
Set the time-to-live (TTL) value for your applications to 255, for IPv4 and IPv6
Storage
EBS
-
-
-
EBS snapshots
-
-
volumes created from an unencrypted snapshot that you own or have access to can be encrypted on-the-fly
when you copy an unencrypted snapshot that you own, you can encrypt it during the copy process
when you copy an encrypted snapshot that you own or have access to, you can reencrypt it with a different key during the copy process
first snapshot of an encrypted volume that has been created from an unencrypted snapshot is always a full snapshot
first snapshot of a reencrypted volume, which has a different CMK compared to the source snapshot, is always a full snapshot
Elastic Volumes
= increase the volume size, change the volume type, or adjust the performance of your EBS volumes
if instance supports Elastic Volumes, you can do so without detaching the volume or restarting the instance
-
-
EBS encryption
-
-
procedure
EBS sends a GenerateDataKeyWithoutPlaintext request to KMS, specifying the chosen CMK
KMS generates a new data key, encrypts it under the CMK that you chose for volume encryption, and sends the encrypted data key to EBS to be stored with the volume metadata
when you attach an encrypted volume to an instance, EC2 sends a Decrypt request to KMS, specifying the encrypted data key
EBS sends a CreateGrant request to KMS, so that it can decrypt the data key
-
EC2 uses the plaintext data key in hypervisor memory to encrypt disk I/O to the volume. The plaintext data key persists in memory as long as the volume is attached to the instance
Data Lifecycle Manager
= automate the creation, retention, and deletion of EBS snapshots and EBS-backed AMIs
-
-
complete backup solution for Amazon EC2 instances and individual EBS volumes at no additional cost (other than snapshot storage)
-
-
-
-
Instance store
-
-
ideal for temporary storage of information that changes frequently or for data that is replicated across a fleet of instances
-
-
-
-
FSx for Windows
= fully managed Windows file servers, backed by a fully–native Windows file system with the features, performance, and compatibility to easily lift and shift enterprise applications to AWS
-
native for the industry-standard Server Message Block (SMB) protocol to access file storage over a network
optimized for enterprise applications, with native Windows compatibility, enterprise performance and features, and consistent sub-millisecond latencies
Enhanced networking
-
provides higher bandwidth, higher packet per second (PPS) performance, and consistently lower inter-instance latencies
-
all current generation instance types support enhanced networking, except for T2
Elastic Fabric Adapter
-
-
provides lower and more consistent latency and higher throughput than the TCP transport traditionally used in cloud-based HPC systems
-
Placement groups
use placement groups to influence the placement of a group of interdependent instances to meet the needs of your workload
strategies
-
partition = spreads instances across logical partitions such that groups of instances in one partition do not share the underlying hardware with groups of instances in different partition (eg. Hadoop, Cassandra, Kafka, ...)
-
-
-
-
spread = strictly places a small group of instances across distinct underlying hardware to reduce correlated failures
recommended for applications that have a small number of critical instances that should be kept separate from each other
-
-
-
-
-
limitations
-
-
-
On-Demand Capacity Reservation and zonal Reserved Instances provide a capacity reservation for EC2 instances in a specific AZ. The capacity reservation can be used by instances in a placement group. However, it is not possible to explicitly reserve capacity for a placement group
-