Scribd Logo
Upload

Welcome to Scribd!

  • Aws Scenario

    Uploaded by

    Vishnu
    6 views3 pages

    Original Title

    aws scenario

    Copyright

    © © All Rights Reserved

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    6 views3 pages

    Aws Scenario

    Uploaded by

    Vishnu

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 3

    Explain the difference between On-Demand, Reserved, and Spot Instances.

    When would
    you use each?

    1)ondemand:
    -->expensive model,pricing based on per hour or per second basis,no upfront
    cost,flexible.

    usecase :- short-term project,unpredicatabl workloads,going to work in


    multiple cloud environment

    2)Reserved:
    ---> need to pay upfront either partial or full.70% discount compared to
    ondemand pricing , long term commitment 1 or 3 years.

    usecase:- longterm project,with good planning and knowledge about project


    workloads and system requirements

    3)spot:
    ---> cheapest pricing model,90% discount compared to ondemand,price varies
    based on instance availability.aws can get back instance
    any time with 2 minute notice.

    usecase: data analytics,test and dev environment,stateless webservers

    Describe the security considerations when launching EC2 instances. How can you
    secure data at rest and in transit on EC2 instances?

    security considerations:-

    Network level:-

    1) VPC - Private network (provide ntw level security)

    2) NACL - subnet firewall (provide subnet level security)

    3) SG - instance firewall (provide instance level security)

    infrastructure level:-

    1) EBS encryption - encrypt data at rest

    2) termination and stop protection

    3) uncheck ebs root volume deletion when instance terminate

    secure data at rest:

    1) EBS encryption

    secure data at trainst:-

    1) ssl and tls - encryption at transit

    You are tasked with designing a highly available and fault-tolerant architecture
    for a web application on AWS. How would you use EC2 instances to achieve this?

    highly available:-

    1) r53 - setting fail over routing policy - avoid region level failure
    2) create subnet in all availability zone and use loadbalancer - avoid zone
    level failure

    fault tolerant:-

    1) auto scaling - auto scaling terminate unhealthy instance and create new
    instance

    Explain the significance of an Amazon Machine Image (AMI). How can you create a
    custom AMI, and when might you need to do so?

    1) pre-install any required packages on an EC2 instance, improve boot time,


    production-ready instances quickly when needed

    You need to optimize costs for a workload running on EC2 instances. What strategies
    and services might you consider to achieve cost savings?

    strategies:-

    1) Cloud Financial Management

    organization needs to dedicate time and resources to set up a team of


    people expert in cost optimization and cloud financial Management to
    predict cost and optimize cost based on our project needs.

    service:-
    1) aws pricing calculator --> calculate a price of our architecture before
    implementation

    2) aws budget --> forecast bills,set alarm if it goes above certain limit

    3) aws cost explorer --> create dashboard of the usage

    2) Adopt a consumption model:-

    ex:-
    development and test environments are typically only used for eight hours a
    day during the work week. You can stop these resources when
    they are not in use for a potential cost savings of 75% (40 hours versus
    168 hours).

    service:-
    1) lambda --> automatically start and stop instance based on lambda
    function we defined.

    My Production website experiences varying levels of traffic throughout the day. How
    can you ensure that your Amazon EC2 instances manage my
    workloads???

    1) auto scaling :-

    autoscaling helps to scale up and down instance if based on metrics we set.

    My application needs to store sensitive data, and you want to ensure that the data
    is encrypted at rest on EC2 instances. How can you enable this encryption?
    1) kMS :-

    key Management service used to store keys and manage keys.

    1) aws managed keys :-

    -->aws create and manage these keys.we dont have any access over it.we
    can only see the metedata of the key.

    --> no creation cost.it have usage cost depends on region.

    2) customer managed keys :-

    --> customer create and manage these keys.we have full control over
    it.we can give access to user,rotate keys etc.

    --> 1$/month for each key.it have usage cost depends on region.

    Increase performance in ec2 without change in infrastructure

    1) set cronjobs to clear server cache periodically

    2) set cronjobs to move logs of past seven days or so to s3 and clear logs over
    time to get some space in ec2.

    3) poor coding:- app server takes more time to compile the program

    4) outdated os :- not updating the os too long lead to performance and security
    issues.

    5) plugin configuration mismatch:- updating or installing new plugin may affect


    performance

    6) if our application is running in kubernetes.


    sometime a pod without cpu and mem limit may overuse rss it leads slow our
    application pods running in same node.set a limit to every pod.

    You might also like