NOTES:

Read EC2 FAQ before goting to exam.

# What is EC2?
Amazon Elastic Compute Cloud (Amazon EC2) is a web service that provides
resizable compute capacity in the cloud. Amazon EC2 reduces the time required to
obtain and boot new server instance to minute, allowing you to quickly scale
capacity, both up and down , as your computing requirements change.

What is EC2?

/\
/**\Exam Tips
\**/
\/
# EC2
* Know the difference between ;
* On Demand
* Spot
* Reserved
* Dedicated Hosts
* Remember with spot instances;
* If you terminate the instance , you pay for the hour
* If AWS terminates the spot instance, you get the hour it was
terminated in for free.

# EBS (Elastic Block Storage)

* EBS Consists of;
* SSD, General Purpose- GP2- (Up to 10,000 IOPS)
* SSD,Provisioned IOPS- IO1- (More than 10,000 IOPS)
* HDD, Throughput Optimized- ST1- frequently accessed workloads
* HDD, Cold- SC1- less frequently accessed data.
* HDD, Magnetic- Standard- cheap, infrequently accessed storage
* You cannot mount 1 EBS volume to multiple EC2 instances, instaed use
EFS.

# EC2 Instance Types

* How I remeber them now;
* D for Density
* R for RAM
* M - Main choice for general purpose apps
* C for Compute
* G- Graphics
* I for IOPS
* F for FPGA
* T cheap general purpose (Think T2 Micro)
* P- Graphics (think Pics)
* X- Exctreme Meomory

# EC2 Instance Lab:

* Termination Protection is turned off by default, you must turn it on.
 * On an EBS-backed instance, the default action is for the root EBS
volume to be deleted when the instance is terminated.
* EBS Root Volumes of your DEFAULT AMI's cannot be encrypted. You can
also use a third party tool (such as bit locker etc) to encrypt
the root volume, or this can be done when creating AMI's (lab to
follow) in the AWS console or using the API.
* Additional volumes can be encrypted.

# Security Group Lab:

* All Inbound Traffic is Blocked By Default.
* All outbound traffic is allowed
* Changes to security groups take effect immediately.
* You can have any number of EC2 instances within a security group.
* You can have multiple security groups attached to EC2 Instances .
* Secuirty groups are STATEFUL
* If you create an inbound rule allowing traffic in, that traffic is
automatically allowed back out again.
* You cannnot block specific IP addresses using Security Groups, instead
use Network Access Control Lists.
* You can specify allow rules, but not deny rules.

# Volumes & Snapshots:

* Volumes exist on EBS:
* Virtual Hard Disk
* Snapshots exist on S3.
* Snapshots are point in time copies of Volumes.
* Snapshots are incremental- This means that only the blocks that have
chnaged since your last snapshot are moved to S3.
* If this is your first snapshot , it may take some time to create.

# Snapshots of Root Device Volumes:

* To create a snapshot for Amazon EBS volumes that serve as root
devices, you should stop the instance before taking the snapshot .
* However you can take a snap while the instance is running.
* You can create AMI's from both Volumes and Snapshots.
* You can change EBS volume sizes on the fly, including changing the
size and storage type.
* Volumes will ALWAYS be in the same availability zone as the EC2
instance.
* To move an EC2 volume from one AZ/Region to anothefr , take a snap or
an image of it, then copy it to the new AZ/Region.

# Volumes vs Snapshots - Security:

* Snapshots of encrypted volumes are encrypted automatically .
* Volumes restored from encrypted snapshots are encrypted automatically.
* You can share snapshots, but only if they ar unecrypted .
* These snapshots can be shared with other AWS accounts or made
public.

[Lecture]
# Encrypt Root Device Volume and Create an AMI- Lab:
# Snapshots of Root Device Volumes:
* To create a snapshot of Amazon EBS volumes that serve as root devices,
you should stop the instance before taking the sanpshot.

# Volumes vs Snapshots - Security:

* Snapshots of encrypted volumes are encrypted automatically .
* Volumes restored from encrypted snapshots are encrypted automatically.
* You can share snapshots, but only if they ar unecrypted .
* These snapshots can be shared with other AWS accounts or made
public.

---------------
###[Lecture]###
---------------

# AMIs - EBS Root Device Volumes vs Instance Store:

# AMI Types (EBS vs Instance Store)

* All AMIs are categorized as either backed by Amazon EBS or backed by

instance store.
* For EBS Volumes: The root device for instance launched from the AMI is
an Amazon EBS volumes created from an Amazon EBS snapshot.
* For Instance Store Volumes: The root device for an instance launched
from the AMI is an instance store volume created from a template stored in Amazon
S3.

/\
/**\Exam Tips
\**/
\/
* EBS vs Instance Store
* Instance Store Volumes are sometimes called Ephemeral Storage.
* Instance store volumes cannot be stopped. If the underlying host
fails, you will lose your data.
* EBS backed instances can be stopped.You will not lose the data on
this instance if it is stopped.
* You can reboot both, you will not lose your data.
* By default, both ROOT volumes will not be deleted on termination ,
however with EBS volumes, you can tell AWS to keep the root device volume.

---------------
###[Lecture]###
---------------
# Elastic Load Balancers- Lab:
* Elastic Load Balancers:
* Instances monitored by ELB are reported as;
InService , or OutOfService
* Health Checks check the instance health by talking to it
* Have their own DNS name. You are never given an IP address.
* Read the ELB FAQ for Classic Load Balancers
* Want to depp dive on application load balancers? Check our depp dive
course!

---------------
###[Lecture]###
---------------
# Cloud Watch EC2 Lab:
 /\
/**\Exam Tips
\**/
\/
* Standard Monitoring = 5 Minutes
* Detailed Monitoring = 1 Minute

* What can I do with Cloudwatch?

* Dashboards- Create awesome dashboards to see what is happening with
your AWS environment.
* Alarms- Allows you to set Alarms that notify you when particular
thresolds are hit.
* Events - CloudWatch Events helps you to respond to state changes in
your AWS resources.
* Logs - CLooudWatch Logs helps you to aggregate, monitor , and store
logs.

NOTE: People are alsways confused between CloudWatch and CloudTrail

Well, CLoudWatch gives you about CPU,Disk,Network utilization
and Status etc while[Performnce monitoring of your resources within AWS]
CloudTrail gives you information about that if you cdeated a
user, or S3 bucket that is you action history and what people are doing with your
AWS account.
[CloudtTrail means audittrail means what people are doing with
you AWS account]

---------------
###[Lecture]###
---------------
# AWS Command Line(CLI) Lab:

---------------
###[Lecture]###
---------------
# Identity Access Management Roles Lab:
ssh key required access key id and access but roles don't required so it's
more safer than SSH

---------------
###[Lecture]###
---------------
# S3 CLI & Regions:[Not Important for exam point of view]
* Bash Scripting Lab:

---------------
###[Lecture]###
---------------
# Using Boostrap scripts:
 *

---------------
###[Lecture]###
---------------
# Instance Metadata:[Imp for Exam]
* metadata curl http:/169.254.169.254/latest/meta-data/

---------------
###[Lecture]###
---------------
# Launch Configurations & Auto Scaling Groups:
*

---------------
###[Lecture]###
---------------
# EC2 Placement Groups:
* What is Placement Groups?
A placement group is a logical grouping of instances within a single
Availability Zone. Using placement groups enables applications to
participate in a low-latency,10 Gbps network.Plecement groups are
recommended for applications that benefits from low network latency,
high network throughput, or both.

* A placement group cannot span multiple Availability Zones.

* The name you spcify for a placement group must be unique within your
AWS account.
* Only certain types of instances can be launched in a placement
group()Compute Optimized,GPU, Memory Optimized, Storage Optimized)
* AWS recommend homogeneous instances within placement groups.
* You can't merge placement groups.
* You can't move an existing instance into a placement group. You can
create an AMI from your existing instance , and then launch a new instance
instance from the AMI into a placement group.

---------------
###[Lecture]###
---------------
# Elastic File System(EFS)[block based storage] Lab:
* Amazon Elastic File System (Amazon EFS) is a file storage service for
Amazon Elastic Compute Cloud(Amazon EC2) instances. Amazon
EFS is easy to use and provides a simple interface that allows you to
create and cofigure file systems quickly and easily. With Amazon
EFS, storage capacity is elastic, growing and shinking automatically
as you add and remove files, so your applications have the storage they need,
when they need it.

* FES Features:
* Supports the Network File System version 4 (NFSv4) protocol .
* You only pay for the storage you see(no pre-provisioning required).
 * Can scale up to the petabytes.
* Can support thousands of concurrent NFS connections.
* Data is stored across multiple AZ's within a region.
* Read after Write Consistency.

* In exm there shuold be quetions on EBS and EFS. Through EFS you can
connect multiple EC2 instance while you can connect t
only one EC2 instance through .You can put security at directory and
file level in EFS.

---------------
###[Lecture]###
---------------
# Lambda Concepts:[Several questions on Lambda]
*

Data Centers--->IAAS(Infrastructure As A Service, issue ,hard disk

failure etc.)[EC2-2006]
---> Pass As A Service[Elastic Beanstalk]--->
Containers[Docker , but you have to keep running your
contaners]--->
Serverless[Lambda, no worries for data centers, IAAS,PAAS,
maanging containers.. ionly you have to worried about is you code.]

* What is Lambda:
Lambda is incapsulating your
* Data Centres
* Hardware
* Assembly Code/Protocols
* High Level Systems
* Operating Systems
* Operating Systems
* Application Layers/AWS APIs
* AWS Lambda

AWS Lambda is a compute service where you can upload your code and
create a Lambda function. AWS Lambda takes care of provisioning
and managing the servers that you use to run the code. You don't have
to worry about operating systems , patching , scaling , etc. You
can use Lambda in the following ways.

* As a event-driven compute service where AWS Lambda runs your code in

response to events. These events could be changes to data in
an amazon S3 bucket or an Amazon DynamoDB table.
* As a compute service to run your code in response to HTTP request
using Amazon API Gateway or API calls made using AWS SDK's . This
is what we use at A Cloud Guru.
* Languages supported by Lambda[exam, Node.js 6.10,C#(.NET Core
1.0),C#(.NET Core 2.0),Go 1.x,Java 8,Node.js 4.3,Node.js 6.10,Python 2.7, Python
3.6]

* How Is Lambda Priced?

* Number of requests
* First 1 million request are free. $0.20 per 1 million requests
thereafter.
 * Duration
* Duration is calculated from the time your code begins executing
until it retyrns or otherwise terminates, rounded
up to the nearest 100ms.
The price depends on the amount of memory you aloocated to your
function. You are charged $0.00001667 for every GB-second used.

* Free Tier Requests

Duration
1M REQUESTS 1M REQUESTS FREE
400,000 GB-SECONDS PER MONTH FREE
per month First 1M requests per
month are free. First 400,000 GB-seconds per month, up to 3.2M
400,000 GB-SECONDS $0.20 PER 1M
REQUESTS THEREAFTER seconds of compute time, are free.
of compute time per month. $0.0000002 per
request.

$0.00001667 FOR EVERY GB-SECOND

The Lambda free tier does not automatically
USED THEREAFTER
expire at the end of your 12 month AWS Free
Tier term, but is available to both existing and
The price depends on the amount of memory
new AWS customers indefinitely.
you allocate to your function.

* Why is Lambda Cool?

NO SERVERS!
Continuous Scaling
Super super super cheap!

/\
/**\Exam Tips
\**/
\/
* Lambda scales out(not up) automatically
* Lambda functions are independent , 1 event = 1 function
* Lambda is serverless
* Know what services are serverless
* Lambda functions can trigger other lambda functions, 1 event can= x
functions if functions trigger other functions

* Architecture can get extrememly comlicated , AWS X-ray allows you to

debug what is happening
* Lambda can do thngs globally, you can use it to back S3 buckets to
other S3 buckets etc
* Know your triggers
---------------
###[Lecture]###
---------------
# Build A Serverless Webpage:
* Build A Serverless Webpage With API Gateway & Lambda:

---------------
###[Lecture]###
---------------
# Using Polly To Help You Pass Your Exam - A Serverless Approach - Part 1:
*

* API In Amazon API Gateway, an API refres to a collection of resources

and methods that can be invoked through HTTPS endpoints.

---------------
###[Lecture]###
---------------
# EC2 - Summary & Exam:

/\
/**\Exam Tips EC2
\**/
\/
*
* Know the difference between ;
* On Demand
* Spot
* Reserved
* Dedicated Hosts
* Remember with spot instances;
* If you terminate the instance , you pay for the hour
* If AWS terminates the spot instance, you get the hour it was
terminated in for free.

*EC2 Instance Types

Family Speciality Use Case
D2 Dense Storage
Filservers/Data Warehousing/Hadoop
R4 Memory Optimized Memory
Intensive Apps/DBs
M4 General Purpose
Application Servers
C4 Compute Optimized CPU
Intensive Apps/DBs
G2 Graphic Intensive Video
Encoding/3D Application Streaming
I2 High Speed Storage NoSQL
DBs, Data Warehousing etc
F1 Field Programmable Gate Array
 Hardware acceleration for your code
T2 Lowest Cost,General Purpose Web
Server/Small DBs
P2 Graphic/General Purpose GPU
Machine Learning , Bit Coin Mining etc
X1 Mempory Optimized SAP
HANA/Apache Spark etc

# EC2 Instance Types

* How I remeber them now;
* D for Density
* R for RAM
* M - Main choice for general purpose apps
* C for Compute
* G- Graphics
* I for IOPS
* F for FPGA
* T cheap general purpose (Think T2 Micro)
* P- Graphics (think Pics)
* X- Exctreme Meomory

# EBS (Elastic Block Storage)

* EBS Consists of;
* SSD, General Purpose- GP2- (Up to 10,000 IOPS)
* SSD,Provisioned IOPS- IO1- (More than 10,000 IOPS)
* HDD, Throughput Optimized- ST1- frequently accessed workloads
* HDD, Cold- SC1- less frequently accessed data.
* HDD, Magnetic- Standard- cheap, infrequently accessed storage
* You cannot mount 1 EBS volume to multiple EC2 instances, instaed use
EFS.

# EC2 Instance Lab:

* Termination Protection is turned off by default, you must turn it on.
* On an EBS-backed instance, the default action is for the root EBS
volume to be deleted when the instance is terminated.
* EBS Root Volumes of your DEFAULT AMI's cannot be encrypted. You can
also use a third party tool (such as bit locker etc) to encrypt
the root volume, or this can be done when creating AMI's (lab to
follow) in the AWS console or using the API.
* Additional volumes can be encrypted.

# Volumes & Snapshots:

* Volumes exist on EBS:
* Virtual Hard Disk
* Snapshots exist on S3.
* Snapshots are point in time copies of Volumes.
* Snapshots are incremental- This means that only the blocks that have
chnaged since your last snapshot are moved to S3.
* If this is your first snapshot , it may take some time to create.
* Only one EBS volume per EC2 instance.

# Volumes vs Snapshots - Security:

* Snapshots of encrypted volumes are encrypted automatically .
* Volumes restored from encrypted snapshots are encrypted automatically.
* You can share snapshots, but only if they ar unecrypted .
 * These snapshots can be shared with other AWS accounts or made
public.

NOTE: EBS Snapshots are backed up to S3 in what manner? --Incrementally

# Snapshots of Root Device Volumes:

* To create a snapshot of Amazon EBS volumes that serve as root devices,
you should stop the instance before taking the sanpshot.

* EBS vs Instance Store

* Instance Store Volumes are sometimes called Ephemeral Storage.
* Instance store volumes cannot be stopped. If the underlying host
fails, you will lose your data.
* EBS backed instances can be stopped.You will not lose the data on
this instance if it is stopped.
* You can reboot both, you will not lose your data.
* By default, both ROOT volumes will not be deleted on termination ,
however with EBS volumes, you can tell AWS to keep the root device volume.
Notes: You can control whether an EBS root volume is deleted when its associated
instance is terminated. The default delete-on-termination behaviour depends on
whether the volume is a root volume, or an additional volume. By default,
the DeleteOnTermination attribute for root volumes is set to 'true.' However,
this attribute may be changed at launch by using either the AWS Console or
the command line. For an instance that is already running, the
DeleteOnTermination attribute must be changed using the CLI. Further
information: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-
instances.

# How can I take a Snapshot of a RAID Array?

Problem: Take a snapshot , the snapshot excludes data held in the cache by
application and the OS. This tends not to matter on a single volume,
however uing multiple volumes in a RAID array, this single volume ,
however using multiple volumes in a RAID array, this can be problem
due to interdependencies of the array.
Solution : Take an axpplication consistent snapshot.Hiw do we actualy do that
* Stop the application from writing to disk.
* Flush all caches to the disk.

* How can we do this?[3 ways of dong this ]

* Freeze the file system
* Unmount the RAID Array
* Shutting down the associated EC2 instance.

# Amazon Machine Images

AMI's are regional . You can only launch an AMI from the region in which it is
stored. However you can copy AMI's to other regions using the console,
command line or the Amazon EC2 API.

# CloudWatch
* Standard Monitoring = 5 Minutes
* Detailed Monitoring = 1 Minute

* CloudWatch is for performnce monitoring

 * CloudTrail is for auditing

# What can I do with CloudWatch?

* Dashboards- Create awesome dashboards to see what is happening with

your AWS environment.
* Alarms- Allows you to set Alarms that notify you when particular
thresolds are hit.
* Events - CloudWatch Events helps you to respond to state changes in
your AWS resources.
* Logs - CLooudWatch Logs helps you to aggregate, monitor , and store
logs.

# Roles Lab?
* Roles are more secure than storing your access key and secret access
key on individualEC2 instances.
* Roles are easier to manage.
* Roles can be assigned to an EC2 instance AFTER it has been
provisioned using both the command line and the AWS console.
* Roles are universal , you can use them in any region.

# Instance Meta-data?
* used to get information about an instance(such as public ip)
* curl http://169.254.169.254/latest/meta-data

# FES Features?
* Supports the Network File System version 4 (NFSv4) protocol .
* You only pay for the storage you see(no pre-provisioning required).
* Can scale up to the petabytes.
* Can support thousands of concurrent NFS connections.
* Data is stored across multiple AZ's within a region.
* Read after Write Consistency.

# What is Lambda:
* AWS Lambda is a compute service where you can upload your code and
create a Lambda function. AWS Lambda takes care of provisioning
and managing the servers that you use to run the code. You don't
have to worry about operating systems , patching , scaling , etc. You
can use Lambda in the following ways.

* As a event-driven compute service where AWS Lambda runs your code in

response to events. These events could be changes to data in
an amazon S3 bucket or an Amazon DynamoDB table.

* As a compute service to run your code in response to HTTP request

using Amazon API Gateway or API calls made using AWS SDK's . This
is what we use at A Cloud Guru.