pavan's blog

AWS-Day4-Assignment

Pavan Kumar Gudipati's photo
Pavan Kumar Gudipati
·

5 min read

  1. What are EBS Volumes?

    Ans: An Amazon EBS volume is a durable, block-level storage device that you can attach to your instances. After you attach a volume to an instance, you can use it as you would use a physical hard drive. EBS volumes are flexible. For current-generation volumes attached to current-generation instance types, you can dynamically increase size, modify the provisioned IOPS capacity, and change volume type on live production volumes.

  2. What are the types of volumes for EC2 instances?

    Ans: Amazon EBS provides the following volume types:

    1) General Purpose SSD (gp2 and gp3)

    2) Provisioned IOPS SSD (io1 and io2)

    3) Throughput Optimized HDD (st1)

    4)Cold HDD (sc1)

    5) Magnetic (standard).

  3. What is the difference between Instance Store and EBS Volume?

    Ans:

    EBS volume is network attached drive which results in slow performance but data is persistent meaning even if you reboot the instance data will be there.

    Instance store instance store provides temporary block-level storage for your instance. This storage is located on disks that are physically attached to the host computer.

  4. Is it possible to modify/reduce/increase the size of the EBS volume?

    Ans: It is impossible to decrease EBS volume size. When you have 100GB EBS and you decide to modify it into 30GB you will get error: The size of a volume can only be increased, not decreased.

    With Elastic Volumes, you can dynamically increase the size, increase or decrease the performance, and change the volume type of your Amazon EBS volumes without detaching them.

    Use the following process when modifying a volume:

    1. (Optional) Before modifying a volume that contains valuable data, it is a best practice to create a snapshot of the volume in case you need to roll back your changes.

    2. Request the volume modification.

    3. Monitor the progress of the volume modification.

    4. If the size of the volume was modified, extend the volume's file system to take advantage of the increased storage capacity.

  5. What is an ELB?

    Ans:

    Elastic Load Balancer (ELB) is an AWS service that enables you to distribute load between AWS resources, that is, between EC2 instances. ELB is an AWS-managed service and is thus highly available.

    The instances you want to distribute the load can be in different availability zones in the same region. ELB auto-scales to handle the load as it increases or decreases; most importantly, it distributes the load only to healthy instances via health checks.

    You can have public load balancers, which are public to the internet, and private load balancers, which are private to a specific AWS network.

  6. What is the difference between NLB, CLB and ALB?

    Ans:

    NLB:

    (1) works at layer 4 only and able to handle both TCP, UDP, as well as TCP connections with TLS

    (2) has a very high performance

    (3) uses static IP addresses and can be assigned EIPs, which both ALB and ELB can’t

    (4) NLB natively preserves the source IP address in TCP/UDP packets; in contrast, ALB and ELB can be configured to add additional HTTP headers with forwarding information, and those have to be parsed properly by your application.

    CLB (ELB):

    (1) works for both layer 4 (TCP) and 7 (HTTP)

    (2) only one that works in EC2-Classic in case you have a very old AWS account

    (3) supports application-defined sticky session cookies whereas ALB’s cookies can’t be controlled by the user

    (4) able to terminate TLS traffic and re-encrypt traffic as long as a SSL (self-signed certificate is provided) — end-to-end encryption is a usual requirement in many compliance programs

    Notes: ELB can be configured to verify the TLS certificate provided by the target for extra security

    ALB:

    (1) It has a wide range of routing rules for incoming requests based on hostname, path, query string parameter, HTTP method, HTTP headers, source IP, or port number. It could also route requests to Lambda functions

    whereas ELB only allows you routing based on port number

    (2) can be configured to return a fixed response or a redirection

    (3) supports HTTP/2 and websockets

    (4) supports Server Name Indication (SNI), which allows it to serve many domain names, with a limitation up to 25 certificates plus the default certificate

    whereas ELB allows only one domain name

    (5) supports user authentication via a variety of methods including OIDC, SAML, LDAP, Microsoft AD, and well-known social identity providers such as Facebook and Google. his can help you off-load the user authentication part of your application to the load balancer

  7. What are Target Groups and where are they used?

    Ans:

    Target groups route requests to individual registered targets, such as EC2 instances, using the protocol and port number that you specify. You can register a target with multiple target groups. You can configure health checks on a per-target group basis. Health checks are performed on all targets registered to a target group that is specified in a listener rule for your load balancer.

  8. What are Health Checks in Load Balancers?

    Ans:

    Your Classic Load Balancer periodically sends requests to its registered instances to test their status. These tests are called health checks. The status of the instances that are healthy at the time of the health check is InService. The status of any instances that are unhealthy at the time of the health check is OutOfService. The load balancer performs health checks on all registered instances, whether the instance is in a healthy state or an unhealthy state.

  9. What is the internal DNS name in the load balancer?

    Ans:

    The nodes of an internal load balancer have only private IP addresses. The DNS name of an internal load balancer is publicly resolvable to the private IP addresses of the nodes. Therefore, internal load balancers can only route requests from clients with access to the VPC for the load balancer.

  10. What is an internal and public-facing load balancer?

    Ans:

    The nodes of an internet-facing load balancer have public IP addresses. The DNS name of an internet-facing load balancer is publicly resolvable to the public IP addresses of the nodes. Therefore, internet-facing load balancers can route requests from clients over the internet.

    The nodes of an internal load balancer have only private IP addresses. The DNS name of an internal load balancer is publicly resolvable to the private IP addresses of the nodes. Therefore, internal load balancers can only route requests from clients with access to the VPC for the load balancer.

    Both internet-facing and internal load balancers route requests to your targets using private IP addresses. Therefore, your targets do not need public IP addresses to receive requests from an internal or an internet-facing load balancer.

AWS