Open TracyDai23 opened 4 years ago
Amazon Elastic Compute Cloud (EC2) is a web service that provides resizable compute capacity in the cloud. Amazon EC2 reduces the time required to obtain and boot new server instances to minutes, allowing you to quickly scale capacity, both up and down, as your computing requirements change. Pricing methods:
If the spot instance is terminated by Amazon EC2, you will not be charged for a partial hour of usage. However, if you terminate the instance yourself, you will be charged for any hour in which the instance ran.
//difference between SSL(Https) and SSH
Amazon Elastic Block Store(EBS) provides persistent block storage volumes for use with Amazon EC2 instances in the AWS Cloud. Each Amazon EBS volume is automatically replicated within its Availability Zone to protect you from component failure, offering high availability and durability.
//Block Storage vs. Object Storage: With block storage, files are split into evenly sized blocks of data, each with its own address but with no additional information (metadata) to provide more context for what that block of data is. ... Object storage, by contrast, doesn't split files up into raw blocks of data.
In the exam you will be given different scenarios and you will be asked to choose whether you should use an ENI, EN or EFA.
What can I do with CloudWatch?
There are two different types of Backups for RDS:
MultiAZ: Used for Disaster Recovery; You can force a failover from one AZ to another by rebooting the RDS instance.
Encryption at rest is supported for MySQL, Oracle, SQL Server, PostgreSQL, MariaDB & Aurora. Encryption is done using the AWS Key Management Service (KMS) service. Once your RDS instance is encrypted, the data stored at rest in the underlying storage is encrypted, as are its automated backups, read replicas, and snapshots.
Elasticache is a web service that makes it easy to deploy, operate, and scale an in-memory cache in the cloud. The service improves the performance of web applications by allowing you to retrieve information from fast, managed, in-memory caches, instead of relying entirely on slower disk-based databases.
Common DNS Types:
Route53:
域名解析中A记录、CNAME、MX记录、NS记录的区别和联系
// 计算机网络的补充学习书目: 计算机网络自顶向下方法
AWS guide page linux commands to connect from public EC2 instance to private EC2 instance: sudo su //change to root admin access
ssh ec2-user@
cat .htaccesss // check file content. Full cat command resource is here
Nat Instances:
NAT Gateways
Ephemeral port //Google "What's my IP" to get my ip address
Need at least two public subnets in order to create load balancer.
//from AWS guide, what is VPC Endpoint: A VPC endpoint enables you to privately connect your VPC to supported AWS services and VPC endpoint services powered by AWS PrivateLink without requiring an internet gateway, NAT device, VPN connection, or AWS Direct Connect connection. Instances in your VPC do not require public IP addresses to communicate with resources in the service. Traffic between your VPC and the other service does not leave the Amazon network.
Endpoints are virtual devices. They are horizontally scaled, redundant, and highly available VPC components. They allow communication between instances in your VPC and services without imposing availability risks or bandwidth constraints on your network traffic.
There are two types of VPC endpoints: interface endpoints and gateway endpoints. Create the type of VPC endpoint required by the supported service.
//LINUX Codes:
ssh ec2-user@
after remove NAT Gateway, but added VPC endpoint to the private EC2 instance, we can test to connect to s3 again with following code: [root@ip-10-0-2-235 ec2-user] # aws s3 ls --region us-east-1 // have to add region to make it work when using VPC endpoint. This is different from using NAT Gateway.
Currently Gateway Endpoints Support: Amazon S3, DynamoDB
VPC quiz questions: 1.Having just created a new VPC and launching an instance into its public subnet, you realise that you have forgotten to assign a public IP to the instance during creation. What is the simplest way to make your instance reachable from the outside world? Answer: Create an Elastic IP address and associate it with your instance Explanation: Although creating a new NIC & associating an EIP also results in your instance being accessible from the internet, it leaves your instance with 2 NICs & 2 private IPs as well as the public address and is therefore not the simplest solution. By default, any user-created VPC subnet WILL NOT automatically assign public IPv4 addresses to instances – the only subnet that does this is the “default” VPC subnets automatically created by AWS in your account.
//OSI Model Layer 4: Transport Layer Layer 7: Application Layer
Bootstrap code:
#!/bin/bash
yum update -y
yum install httpd -y
service httpd start
chkconfig httpd on
cd /var/www/html
echo "<html><h1>This is WebServer 01</h1></html>" > index.html
//(#!/bin/bash ) What exactly is this ? It is known as ‘she-bang‘. This derives from the concatenation of the tokens sharp (#) and bang (!).
Exam tips:
Use Cron to push changes from write node to S3 bucket and push changes from S3 bucket to read note.
//Target Groups Each target group is used to route requests to one or more registered targets. When you create each listener rule, you specify a target group and conditions. When a rule condition is met, traffic is forwarded to the corresponding target group. You can create different target groups for different types of requests. For example, create one target group for general requests and other target groups for requests to the microservices for your application.
Cloud Formation is the tool that are accompanied by a step-by-step deployment guide. For the guide, we needed a mechanism to automate the documentation of AWS CloudFormation input parameters that are passed to the template at runtime to control the deployment configuration.
With Elastic Beanstalk, you can quickly deploy and manage applications in the AWS Cloud without worrying about the infrastructure that runs those applications. You simply upload your application, and Elastic Beanstalk automatically handles the details of capacity provisioning, load balancing, scaling, and application health monitoring.
Using Amazon SQS, you can decouple the components of an application so they run independently, easing message management between components.
Exam tips:
//SWF allows human actions with in the process. Amazon use this service in their Warehouse, like customer order a book online. Choose book, and make payments are all done by codes. But human tasks like pick a physical book, and pack the package for you can be finished by using SWF service. Exam tips: SWF vs SQS:
like billing notification alarm sent from AWS. Exam tips: SNS Benefits:
Exam tips:
//Three major Kinesis products: Kinesis Streams, Kinesis Firehose, and Kinesis Analytics Exam tips:
Exam tips:
//When creating Lambda API Gateway, will need to choose REST API as API Type
Create billing alarm:
from Cloud Watch service, you can set billing alarm to send you notification automatically.