Chapter 3: Amazon Elastic Compute Cloud (Amazon EC2) and
Amazon Elastic Block Store (Amazon EBS)

1. C. Reserved Instances provide cost savings when you can commit to running instances full time, such as to handle the base traffic. On-Demand Instances provide the flexibility to handle traffic spikes, such as on the last day of the month.

• 按需實(shí)例可以提供自由的擴(kuò)展蜗字，應(yīng)對(duì)臨時(shí)的負(fù)載粟害，支持應(yīng)對(duì)流量峰值

2. B. Spot Instances are a very cost-effective way to address temporary compute needs that are not urgent and are tolerant of interruption. That’s exactly the workload described here. Reserved Instances are inappropriate for temporary workloads. On-Demand Instances are good for temporary workloads, but don’t offer the cost savings of Spot Instances. Adding more queues is a non-responsive answer as it would not address the problem.

• 對(duì)于不緊急并且允許中斷的臨時(shí)任務(wù)可以使用spot instance來降低成本轧房；
• Reserved Instance不是用來支持臨時(shí)任務(wù)的
• On-Demand instance 雖然是用來支持臨時(shí)任務(wù)的柴钻，但是成本較高亿虽；

3. C, D. The Amazon EC2 instance ID will be assigned by AWS as part of the launch process. The administrator password is assigned by AWS and encrypted via the public key. The instance type defines the virtual hardware and the AMI defines the initial software state. You must specify both upon launch.

• AWS的用戶名和密碼是不需要指定的帝嗡，無論在linux還是windows下龄减，因?yàn)閍ws提供的是public key進(jìn)行訪問似忧，你登錄后可以設(shè)定通過密碼訪問渣叛，同時(shí)自己也需要?jiǎng)?chuàng)建賬號(hào)密碼；
• 必選項(xiàng)創(chuàng)建一個(gè)示例一般先選擇instance type盯捌，然后選擇ami淳衙。
• 可選項(xiàng)：配置instance、添加標(biāo)簽、設(shè)置安全組箫攀、添加存儲(chǔ)
• 一個(gè)region都是提前選擇好的肠牲，但是里邊的az是通過創(chuàng)建subnet的時(shí)候需要指定的。如果在配置instance時(shí)候匠童，不指定vpc和子網(wǎng)埂材，一般都會(huì)使用默認(rèn)創(chuàng)建的內(nèi)容。

4. A, C. You can change the instance type only within the same instance type family, or you can change the Availability Zone. You cannot change the operating system nor the
   instance type family.

• 可以改變一個(gè)instance的規(guī)格汤求，基于相同family類型
• 可以改變instance的az
• 這兩個(gè)在instance運(yùn)行時(shí)菜單是不可點(diǎn)擊的俏险，理論上只有stop的時(shí)候才可以操作；

5. D. When there are multiple security groups associated with an instance, all the rules are aggregated.

• 當(dāng)有多個(gè)安區(qū)組關(guān)聯(lián)到一個(gè)實(shí)例上扬绪，那么他們是累加的規(guī)則
• 當(dāng)然一個(gè)實(shí)例可以配置多個(gè)安區(qū)組sg

6. A, B, E. These are the benefits of enhanced networking.

• SR-IOV 是一種設(shè)備虛擬化方法竖独，與傳統(tǒng)虛擬化網(wǎng)絡(luò)接口相比，它不僅能提高 I/O 性能挤牛，還能降低 CPU 使用率莹痢。增強(qiáng)聯(lián)網(wǎng)可以提高帶寬，提高每秒數(shù)據(jù)包數(shù) (PPS) 性能墓赴，并不斷降低實(shí)例間的延遲竞膳。使用增強(qiáng)聯(lián)網(wǎng)不收取任何額外費(fèi)用
• Intel 82599 虛擬功能 (VF) 接口支持10G的增強(qiáng)聯(lián)網(wǎng)，支持instance如下：C3诫硕、C4坦辟、D2、I2章办、M4 (m4.16xlarge 除外) 和 R3 實(shí)例
• Elastic Network Adapter (ENA)支持25G的增強(qiáng)聯(lián)網(wǎng)辛臊，支持instance如下：C5瓮下、C5d前塔、F1鲸湃、G3、H1休偶、I3梁厉、m4.16xlarge、M5踏兜、M5d懂算、P2、P3庇麦、R4 和 X1

7. A, B, D. The other answers have nothing to do with networking.

• HPC的網(wǎng)絡(luò)能力增強(qiáng)必須 先選擇支持增強(qiáng)聯(lián)網(wǎng)的實(shí)例计技，開啟網(wǎng)絡(luò)增強(qiáng)能力，設(shè)定到一個(gè)placement group中

8. C. Dedicated Instances will not share hosts with other accounts.

• 您的實(shí)例在單租戶硬件上運(yùn)行山橄。

9. B, C. Instance stores are low-durability, high-IOPS storage that is included for free with the hourly cost of an instance.

• instance的存儲(chǔ)是臨時(shí)性的垮媒，只要主機(jī)stop和terminal就會(huì)丟失；
• 較高的iops
• instance提供了默認(rèn)大小的存儲(chǔ)不收費(fèi)，對(duì)于新增的存儲(chǔ)大小進(jìn)行收費(fèi)

10. A, C. There are no tapes in the AWS infrastructure. Amazon EBS volumes persist when the instance is stopped. The data is automatically replicated within an Availability Zone.Amazon EBS volumes can be encrypted upon creation and used by an instance in thesame manner as if they were not encrypted.

• EBS是自動(dòng)在AZ中復(fù)制的睡雇。但是不會(huì)備份到tape中萌衬。
• EBS支持加密創(chuàng)建

11. B. There is no delay in processing when commencing a snapshot.

• 創(chuàng)建一個(gè)snapshot是不會(huì)有時(shí)間延遲的。

12. B. The volume is created immediately but the data is loaded lazily. This means that the volume can be accessed upon creation, and if the data being requested has not yet been restored, it will be restored upon first request.

• EBS從快照中恢復(fù)數(shù)據(jù)是立即可以被訪問的它抱，但是數(shù)據(jù)加載較慢秕豫，如果數(shù)據(jù)還沒被加載完成就收到請(qǐng)求了，那么基于第一個(gè)request观蓄，數(shù)據(jù)將被加載混移。所以對(duì)外展現(xiàn)是立即就可以使用了。

13. A, C. B and D are incorrect because an instance store will not be durable and a magnetic volume offers an average of 100 IOPS. Amazon EBS-optimized instances reserve network bandwidth on the instance for IO, and Provisioned IOPS SSD volumes provide the highest consistent IOPS.

• 首先在啟動(dòng)的時(shí)候選擇EBS優(yōu)化的instance
• 然后選擇 SSD這種高iops的卷進(jìn)行存儲(chǔ)侮穿；

14. D. Bootstrapping runs the provided script, so anything you can accomplish in a script you can accomplish during bootstrapping.

• 通過user data這個(gè)內(nèi)容歌径，您可以完成安全更新、應(yīng)用版本升級(jí)亲茅、配置os的服務(wù)

15. C. The public half of the key pair is stored on the instance, and the private half can then be used to connect via SSH.

• 新創(chuàng)建的instance都是通過私鑰訪問的回铛。

16. B, C. These are the possible outputs of VM Import/Export.

• vm的導(dǎo)入導(dǎo)出支持ami創(chuàng)建和instance創(chuàng)建

17. B, D. Neither the Windows machine name nor the Amazon EC2 instance ID can be resolved into an IP address to access the instance.

• 能解析成一個(gè)IP的只有 public dns name和eip

18. A. None of the other options will have any effect on the ability to connect.

• 訪問不了一般都是vpc的安全組問題或者子網(wǎng)的ACL設(shè)置問題

19. C. A short period of heavy traffic is exactly the use case for the bursting nature of general-purpose SSD volumes—the rest of the day is more than enough time to build up enough IOPS credits to handle the nightly task. Instance stores are not durable, magnetic volumes cannot provide enough IOPS, and to set up a Provisioned IOPS SSD volume to handle the peak would mean spending money for more IOPS than you need.

• 短期的高負(fù)載沒必要使用 專屬的iops ssd，直接使用標(biāo)準(zhǔn)版本的ssd盤就可以了克锣。aws提供了一個(gè)instance積分的制度茵肃，可以動(dòng)態(tài)調(diào)整IOPS。

20. B. There is a very small hourly charge for allocated elastic IP addresses that are not associated with an instance.

• 當(dāng)eip 掛在的instance停機(jī)了袭祟，是需要收費(fèi)的
• 當(dāng)eip掛在的instance在使用免姿，是不需要收費(fèi)的，AWS的理念是讓大家不要浪費(fèi)eip
• EIP一般被用到slb場(chǎng)景榕酒，當(dāng)instance stop后再開機(jī)，EIP是不會(huì)變的故俐，而默認(rèn)分配的public ip 會(huì)改變想鹰；

知識(shí)點(diǎn)總結(jié)

• Know the basics of launching an Amazon ec2 instance. To launch an instance, you must specify an AMI, which defines the software on the instance at launch, and an instance type, which defines the virtual hardware supporting the instance (memory, vCPUs, and so on).

• 了解創(chuàng)建一個(gè)EC2實(shí)例的基本輸入信息。

• 必須指定一個(gè)AMI：定義了實(shí)例啟動(dòng)時(shí)操作系統(tǒng)及軟件药版；

• 指定一個(gè)實(shí)例類型：定了一個(gè)虛擬硬件的的規(guī)格 memory辑舷、vCPU等

• Know what architectures are suited for what Amazon ec2 pricing options. Spot Instances are best suited for workloads that can accommodate interruption. Reserved Instances are best for consistent, long-term compute needs. On-Demand Instances provide flexible compute to respond to scaling needs.

• 知道適合不同架構(gòu)的EC2定價(jià)選擇；

• Spot instance 適合可以隨時(shí)終端的負(fù)載槽片；

• Reserved instance 適合長(zhǎng)期持續(xù)訪問的計(jì)算需求何缓；

• On-Demand instances：提供了按需擴(kuò)展的自由計(jì)算能力；

• Know how to combine multiple pricing options that result in cost optimization and scalability. On-Demand Instances can be used to scale up a web application running on Reserved Instances in response to a temporary traffic spike. For a workload with several Reserved Instances reading from a queue, it’s possible to use Spot Instances to alleviate heavy traffic in a cost-effective way. These are just two of countless examples where a workload may use different pricing options.

• 了解如何組合多個(gè)定價(jià)選擇

• On-Demand instances可以用作解決臨時(shí)流量峰值的解決方案还栓；

• 對(duì)于一個(gè)從queue中讀取消費(fèi)消息的Reserved Instances碌廓，有很大可能可以使用Spot instances去解決流量高峰，從而獲得更高的性價(jià)比剩盒；

• Know the benefits of enhanced networking. Enhanced networking enables you to get significantly higher PPS performance, lower network jitter, and lower latencies.

• enhanced networking 可以讓我們顯著的獲得更高的PPS性能谷婆，低網(wǎng)絡(luò)抖動(dòng)，低延遲；

• Know the capabilities of vm import/export. VM Import/Export allows you to import existing VMs to AWS as Amazon EC2 instances or AMIs. Amazon EC2 instances that were imported through VM Import/Export can also be exported back to a virtual environment.

• 了解VM import/export能力纪挎，VM import/export允許你導(dǎo)入現(xiàn)有的VMs到AWS作為EC2實(shí)例或者AMIs期贫。 Amazon EC2實(shí)例可以通過VM導(dǎo)入，也可以被導(dǎo)出到虛擬環(huán)境中异袄；

• Know the methods for accessing an instance over the internet. You can access an Amazon EC2 instance over the web via public IP address, elastic IP address, or public DNS name. There are additional ways to access an instance within an Amazon VPC, including private IP addresses and ENIs.

• 了解通過internet訪問instance的方法：通過public IP通砍、EIP、public DNS name烤蜕。

• 還有一些額外的方法：private IP 和 ENIs封孙；

• Know the lifetime of an instance store. Data on an instance store is lost when the instance is stopped or terminated. Instance store data survives an OS reboot.

• 了解instance store的生命周期；instance被stopped或者terminated的時(shí)候玖绿，instance本身的store data將被清空敛瓷。但是OS reboot的時(shí)候 instance的store data會(huì)被保存；

• Know the properties of the Amazon EC2 pricing options. On-Demand Instances require no up-front commitment, can be launched any time, and are billed by the hour. Reserved Instances require an up-front commitment and vary in cost depending on whether they are paid all up front, partially up front, or not up front. Spot Instances are launched when your bid price exceeds the current spot price. Spot Instances will run until the spot price exceeds your bid price, in which case the instance will get a two-minute warning and terminate.

• 了解Amazon EC2的定價(jià)模型斑匪；

• On-Demand instance：不需要提前付款呐籽，可以隨時(shí)啟動(dòng)，按小時(shí)付費(fèi)蚀瘸；

• Reserved instance：需要一個(gè)預(yù)付協(xié)議狡蝶，可以選擇是否全部預(yù)付，部分預(yù)付贮勃，或者不預(yù)付，不同的選擇價(jià)格不同奏瞬；

• Spot Instance：在spot價(jià)格超過當(dāng)前競(jìng)標(biāo)價(jià)泉孩，在spot價(jià)格高于你的競(jìng)標(biāo)價(jià)時(shí)停止寓搬，停止時(shí)將有一個(gè)提前兩分鐘的警告，然后終止镣典；

• Know what determines network performance. Every instance type is rated for low, moderate, high, or 10 Gbps network performance, with larger instance types generally having higher ratings. Additionally, some instance types offer enhanced networking, which provides additional improvement in network performance.

• 了解網(wǎng)絡(luò)性能決策唾琼。每個(gè)instance type被定級(jí)為low锡溯，moderate肴裙，high或者10 Gbps的網(wǎng)絡(luò)性能蜻懦；Larger instance type一般有較高的定級(jí)夕晓；

• 另外，一些instance type提供enhance networking征炼，可以提供網(wǎng)絡(luò)上的性能改善躬贡；

• Know what instance metadata is and how it’s obtained. Metadata is information about an Amazon EC2 instance, such as instance ID, instance type, and security groups, that is available from within the instance. It can be obtained through an HTTP call to a specific IP address.

• 了解什么是instance的元數(shù)據(jù)以及如何獲取拂玻。元數(shù)據(jù)是EC2的信息，例如instanceID魄懂，instance type闯第，安全組。他可以通過http調(diào)用特定IP的方式獲忍蠲薄篡腌；

• Know how security groups protect instances. Security groups are virtual firewalls controlling traffic in and out of your Amazon EC2 instances. They are deny by default, and you can allow traffic by adding rules specifying traffic direction, port, protocol, and destination address (via Classless Inter-Domain Routing [CIDR] block). They are applied at the instance level, meaning that traffic between instances in the same security group must adhere to the rules of that security group. They are stateful, meaning that an outgoing rule will allow the response without a correlating incoming rule.

• 了解安全組是如何保護(hù)instance的敷扫。安全組是虛擬的防火墻用來控制EC2流量的進(jìn)出葵第；默認(rèn)是deny所有合溺，你可以指定規(guī)則指明流量的進(jìn)出棠赛、端口和協(xié)議膛腐，以及目標(biāo)地址鼎俘。他們適用于instance level贸伐，意味著相同安全組內(nèi)的instance擁有相同的流量規(guī)則。他們是有狀態(tài)的脯丝，意味著出口規(guī)則定義完成后伏伐，入口規(guī)則就不需要定制了藐翎；

• Know how to interpret the effect of security groups. When an instance is a member of multiple security groups, the effect is a union of all the rules in all the groups.

• 了解如何中斷安全組的效果。當(dāng)一個(gè)instance是多個(gè)安全組的一員赚导，對(duì)instance的影響是多個(gè)安全組的并集赤惊；

• Know the different Amazon ebs volume types, their characteristics, and their appropriate workloads. Magnetic volumes provide an average performance of 100 IOPS and can be provisioned up to 1 TB. They are good for cold and infrequently accessed data. General-purpose SSD volumes provide three IOPS/GB up to 10,000 IOPS, with smaller volumes able to burst 3,000 IOPS. They can be provisioned up to 16 TB and are appropriate for dev/test environments, small databases, and so forth. Provisioned IOPS SSD can provide up to 20,000 consistent IOPS for volumes up to 16 TB. They are the best choice for workloads such as large databases executing many transactions.

• 了解不同AWS EBS卷類型,他們的特點(diǎn)未舟，他們適合的負(fù)載能力裕膀。

• 普通磁盤支持 500的IOPS/

• General-purpose SSD 卷提供 10000的IOPS,16TB存儲(chǔ)量,比較適合dev/test環(huán)境，小型數(shù)據(jù)庫等寸齐；

• Provisioned IOPS SSD 提供20000的IOPS渺鹦，16TB存儲(chǔ)量蛹含，比較適合大型數(shù)據(jù)庫負(fù)載浦箱，執(zhí)行多事務(wù)性程序祠锣；

  
  
  image.png

• Know how to encrypt an Amazon ebs volume. Any volume type can be encrypted at launch. Encryption is based on AWS KMS and is transparent to applications on the attached instances.

• 了解如何加密一個(gè)EBS卷伴网。任何類型的卷都可以在launch的時(shí)候加密是偷；加密是基于AWS的KMS募逞，在應(yīng)用調(diào)取的時(shí)候自動(dòng)解密轉(zhuǎn)換放接；

• Understand the concept and process of snapshots. Snapshots provide a point-in-time backup of an Amazon EBS volume and are stored in Amazon S3. Subsequent snapshots are incremental—they only store deltas. When you request a snapshot, the point-in-time snapshot is created immediately and the volume may continue to be used, but the snapshot may remain in pending status until all the modified blocks have been transferred to Amazon S3. Snapshots may be copied between regions.

• 了解Snapshots的概念纠脾。Snapshots提供了一個(gè)按照時(shí)間點(diǎn)備份EBS卷的策略，同時(shí)將Snapshots存儲(chǔ)在S3糊渊。順序的snapshots是增量的存儲(chǔ)渺绒；

• 當(dāng)你設(shè)置一個(gè)snapshot菱鸥， point-in-time的snapshot被立即創(chuàng)建了氮采，同時(shí)這個(gè)卷也許持續(xù)被使用。但是當(dāng)snapshot是pending狀態(tài)的時(shí)候主到，可能是在等待modified blocks被傳輸?shù)絊3登钥。

• Snapshots 也可以跨region復(fù)制怔鳖。

• Know how Amazon ebs-optimized instances affect Amazon ebs performance. In addition to the IOPS that control the performance in and out of the Amazon EBS volume, use Amazon EBS-optimized instances to ensure additional, dedicated capacity for Amazon EBS I/O.

• 了解AWS的ebs-optimized instance如何影響 ebs的性能结执；IOPS是控制in and out的EBS卷艾凯，使用EBS-optimized instance可以保證額外的趾诗，專屬的EBS IO恃泪；