Amazon Web Services Interview Questions and Answers – Interview Tips
1) What is AWS?
Ans: AWS (Amazon Web Services) is a platform which provides secure cloud services, database storage, offerings to compute power, content delivery among other services to help business level and develop.
2) What is auto-scaling? How does it work? Ans: Auto scaling is a feature of AWS which enables you to configure and immediately provision and spin up new situations without any need of intervention. You need to do this by mounting thresholds and metrics to watch. When individually these thresholds are met, a completely new occasion of a person’s selection will most likely be spun up, configured, and folded into the load balancer pool. Voila, you have scaled horizontally without any operator intervention!
3) What is an AMI? How do I build one? Ans: AMI denotes Amazon Machine Image. It is definitely a picture of the source file system. Useful hardware, servers have bios that denote the master boot record from the first slab on a disk. A disk image, although can sit actually on a disk, Linux can boot from an absolute location on the EBS storage network. Build a new AMI by first rotating up an example from a trusted AMI then add packages and components required. Be cautious of placing sensitive data on an AMI. For example, access credentials of yours should be added to an instance after spinup with a database, position an external volume that operates your MySQL data after spinup as well.
4) Can I vertically scale an Amazon instance? How? Ans: Yes. This is an incredible feature of AWS and cloud virtualization. Spin up a new larger instance than the one you are currently running. Pause that instance and detach the root EBS volume and discard. Then stop your live instance, detach its root volume. Note down the unique device ID and attach that root volume to your new server. And then start it again. And, you have scaled vertically in-place!
5) What is Amazon S3? Ans: Amazon S3 (Simple Storage Service) is an object storage with a simple web service interface to store and retrieve any amount of data from anywhere on the web.
6) What is SimpleDB? Ans: It is a structured data store that supports indexing and data queries to both EC2 and S3.
7) What is the type of architecture, where half of the workload is on the public load while the other half is on the local storage? Ans: Hybrid Cloud Architecture.
8) How can you send a request to Amazon S3? Ans: You can send the request by using the REST API or the AWS SDK wrapper libraries that wrap the underlying Amazon S3 REST API.
9) How many buckets can be created in AWS by default? Ans: By default, 100 buckets can be created.
10) Should encryption be used for S3? Ans: Encryption should be considered for sensitive data as S3 is a proprietary technology.
11) What are the various AMI design options? Ans: Fully Baked AMI, JeOS (just enough operating system) AMI, and Hybrid AMI.
12) What is Geo Restriction in CloudFront? Ans: Geo-restriction, also known as geoblocking, is used to prevent users in specific geographic locations from accessing content that you’re distributing through a CloudFront web distribution.
13) Explain T2 instances? Ans: T2 instances are designed to provide moderate baseline performance and the capability to burst to higher performance as required by workload.
14) What is AWS Lambda? Ans: AWS Lambda is a compute service that lets you run code in the AWS Cloud without provisioning or managing servers.
15) What is a Serverless application in AWS? Ans: The AWS Serverless Application Model (AWS SAM) extends AWS CloudFormation to provide a simplified way of defining the Amazon API Gateway APIs, AWS Lambda functions, and Amazon DynamoDB tables needed by your serverless application.
16) What is the use of Amazon ElastiCache? Ans: Amazon ElastiCache is a web service that makes it easy to deploy, operate, and scale an in-memory data store or cache in the cloud.
17) Differentiate between stopping and terminating an instance. Ans: When an instance is stopped, it performs a normal shutdown and then transitions to a paused state. When an instance is terminated, it performs a normal shutdown, then the attached Amazon EBS volumes are deleted unless the volume’s deleteOnTermination attribute is set to false.
18) Is it possible to change the private IP addresses of an EC2 while it is running/stopped in a VPC? Ans: The primary private IP address cannot be changed. However, secondary private addresses can be unassigned, assigned or moved between interfaces or instances at any point.
19) Give one instance where you would prefer Provisioned IOPS over Standard RDS storage? Ans: This can happen when you have batch-oriented workloads.
20) What is the importance of buffer in Amazon Web Services? Ans: An Elastic Load Balancer ensures that the incoming traffic is distributed optimally across various AWS instances. A buffer will synchronize different components and makes the arrangement additional elastic to a burst of load or traffic. The components are prone to work in an unstable way of receiving and processing the requests. The buffer creates the equilibrium linking various apparatus and crafts them effort at the identical rate to supply more rapid services.
21) What is the way to secure data for carrying in the cloud? Ans: One thing must be ensured that no one should seize the information in the cloud while data is moving from point one to another and also there should not be any leakage with the security key from several storerooms in the cloud. Segregation of information from additional companies’ information and then encrypting it by means of approved methods is one of the options.
22) Name the several layers of Cloud Computing. Ans: Here is a list of layers of the cloud computing 1) PaaS – Platform as a Service 2) IaaS – Infrastructure as a Service 3) SaaS – Software as a Service
23) What are the components involved in Amazon Web Services? Ans: There are 4 components involved, which are as follows. 1) S3: with this, one can retrieve the key information which is occupied in creating cloud structural design and amount of produced information also can be stored in this component that is the consequence of the key specified. 2) Amazon EC2 instance: helpful to run a large distributed system on the Hadoop cluster. Automatic parallelization and job scheduling can be achieved by this component. 3) Amazon SQS: this component acts as a mediator between different controllers. Also worn for cushioning requirements those are obtained by the manager of Amazon. 4) Amazon SimpleDB: helps in storing the transitional position log and the errands executed by the consumers.
24) Distinguish between scalability and flexibility? Ans: The aptitude of any scheme to enhance the tasks on hand to its present hardware resources to grip inconsistency in command is known as scalability. This capability to augment the tasks on hand to its present and supplementary hardware property is recognized as flexibility. This enables the industry to summon command without putting in the infrastructure at all. AWS has several configuration management solutions for AWS scalability, flexibility, availability and management.
25) Name the various layers of the cloud architecture? Ans: The 5 layers of cloud architecture are listed below:- 1) CC– Cluster Controller 2) SC– Storage Controller 3) CLC– Cloud Controller 4) Walrus 5) NC– Node Controller
26) Which automation gears can help with spinup services? Ans: The API tools can be both used for spinup services and the written scripts. These scripts could be coded in Perl, bash or other languages of preference. The other option is that of patterned administration and stipulating tools such as a dummy or improved descendant. A tool called Scalr can also be used and we can go with a controlled explanation like a RightScale.
27) How do the processes start, stop and terminate works? Ans: Starting and stopping of an instance: If an instance gets stopped or ended, the instance functions a usual power cut and then changes over to a clogged position. You can establish the case afterward since all the EBS volumes of Amazon remain attached. If an instance is in stopping state, then you will not get charged for additional instance. Finishing the instance: If an instance gets terminated it tends to perform a typical blackout, so the EBS volumes which are attached will get removed except the volume’s deleteOnTermination characteristic is set to zero. In such cases, the instance will get removed and cannot set it up afterward.
28) What is Amazon EC2 service? Ans: Amazon Elastic Compute Cloud (Amazon EC2) is an Amazon Web service that provides resizable (scalable) computing capacity in the cloud. You can configure security and networking as well as manage storage. It also helps in obtaining and configuring capacity using minimal friction. You can use it to launch as many virtual servers as you need.
29) Compare AWS and OpenStack? Ans:
30) What are the features of the Amazon EC2 service? Ans: Amazon EC2 provides the following features: a) Virtual computing environment (known as instances) b) Pre-configured templates for your instances (known as Amazon Machine Images – AMIs) c) Amazon Machine Images (AMIs) is a complete package that you need for your server (including the operating system and additional software) d) It provides various configurations of CPU, memory, storage and networking capacity for your instances (known as instance type) e) It provides secure login information for your instances using key pairs (AWS stores the public key and you can store the private key in a secure place) f) Storage volumes of temporary data is deleted when you stop or terminate your instance (known as instance store volumes) g) It provides persistent storage volumes (using Amazon Elastic Block Store – EBS) h) A firewall that enables you to specify the protocols, ports, and source IP ranges that can reach your instances using security groups i) Static IP addresses for dynamic cloud computing (known as Elastic IP address) j) It provides metadata (known as tags) k) It provides virtual networks that are logically isolated from the rest of the AWS CLOUD, and that you can optionally connect to your own network (known as virtual private clouds – VPCs)
31) What is Amazon Machine Image (AMI)? Ans: An Amazon Machine Image (AMI) is a template that contains a software configuration (for example, an operating system, an application server, and applications). From an AMI, we launch an instance, which is a copy of the AMI running as a virtual server in the cloud. We can even launch multiple instances of an AMI.
32) What is the relation between Instance and AMI? Ans: We can launch different types of instances from a single AMI. An instance type essentially determines the hardware of the host computer used for your instance. Each instance type offers different compute and memory capabilities. After we launch an instance, it looks like a traditional host, and we can interact with it as we would do with any computer. We have complete control of our instances; we can use it to run commands that require root privileges.
33) Explain storage for Amazon EC2 instance? Ans: Amazon EC2 provides many data storage options for your instances. Each option has a unique combination of performance and durability. These storages can be used independently or in combination to suit your requirements. There are mainly four types of storages provided by AWS. Amazon EBS: Its durable, block-level storage volumes can attached in running Amazon EC2 instance. The Amazon EBS volume persists independently from the running life of an Amazon EC2 instance. After an EBS volume is attached to an instance, you can use it like any other physical hard drive. Amazon EBS encryption feature supports encryption feature. Amazon EC2 Instance Store: Storage disk that is attached to the host computer is referred to as instance store. The instance storage provides temporary block-level storage for Amazon EC2 instances. The data on an instance store volume persists only during the life of the associated Amazon EC2 instance; if you stop or terminate an instance, any data on instance store volumes is lost. Amazon S3: Amazon S3 provides access to reliable and inexpensive data storage infrastructure. It is designed to make web-scale computing easier by enabling you to store and retrieve any amount of data, at any time, from within Amazon EC2 or anywhere on the web. Adding Storage: Every time you launch an instance from an AMI, a root storage device is created for that instance. The root storage device contains all the information necessary to boot the instance. You can specify storage volumes in addition to the root device volume when you create an AMI or launch an instance using block device mapping.
34) What are the Security Best Practices for Amazon EC2? There are several best practices for secure Amazon EC2. Following are few of them:- 1) Use AWS Identity and Access Management (IAM) to control access to your AWS resources. 2) Restrict access by only allowing trusted hosts or networks to access ports on your instance. 3) Review the rules in your security groups regularly, and ensure that you apply the principle of least 4) Privilege — only open up permissions that you require. 5) Disable password-based logins for instances launched from your AMI. Passwords can be found or cracked, and are a security risk.
35) Explain Elastic Block Storage. What type of performance can you expect? How do you back it up? How do you improve performance? Ans: EBS is a virtualized SAN or storage area network. That means it is RAID storage to start with, so it’s redundant and faults tolerant. If disks die in that RAID you don’t lose data. It is also virtualized, so you can provision and allocate storage, and attach it to your server with various API calls. No calling the storage expert and asking him or her to run specialized commands from the hardware vendor. Performance on EBS can exhibit variability. That is, it can go above the SLA performance level then, drop below it. The SLA provides you with an average disk I/O rate you can expect. This can frustrate some folks, especially performance experts who expect reliable and consistent disk throughout on a server. Traditional physically hosted servers behave that way. Virtual AWS instances do not. Backup EBS volumes by using the snapshot facility via API call or via a GUI interface like elasticfox. Improve performance by using Linux software raid and striping across four volumes.
36) What is S3? What is it used for? Should encryption be used? Ans: S3 stands for Simple Storage Service. You can think of it like FTP storage, where you can move files to and from there, but not mount it like a filesystem. AWS automatically puts your snapshots there, as well as AMIs there. Encryption should be considered for sensitive data, as AWS S3 is a proprietary technology developed by Amazon themselves, and as yet unproven vis-a-vis a security standpoint.
37) What automation tools can I use to spin up servers? Ans: The most obvious way is to roll-your-own scripts and use the AWS API tools. Such scripts could be written in bash, Perl or another language of preference. The next option is to use a configuration management and provisioning tools like Opscode Chef or Scalr. Lastly, you can go with a managed solution such as RightScale.
38) What is configuration management? Why would I want to use it with cloud provisioning of resources? Ans: Configuration management has been around for a long time in web operations and systems administration. Yet the cultural popularity of it has been limited. Most systems administrators configure machines as the software was developed before version control – that is manually making changes on servers. Each server can then and usually is slightly different. Troubleshooting though is straightforward as you log in to the box and operate on it directly. Configuration management brings a large automation tool in the picture, managing servers like strings of a puppet. This forces standardization, best practices, and reproducibility as all configurations are versioned and managed. It also introduces a new way of working which is the biggest hurdle to its adoption. Once you enter the cloud, then configuration management becomes even more critical. That’s because virtual servers such as Amazon’s EC2 instances are much less reliable than physical ones. You absolutely need a mechanism to rebuild them as-is at any moment. This pushes best practices like automation, reproducibility and disaster recovery into center stage.
39) Explain how you would simulate perimeter security using the Amazon Web Services model? Ans: Traditional perimeter security that we’re already familiar with using firewalls and so forth is not supported in the Amazon EC2 world. AWS supports security groups. One can create a security group for a jump box with ssh access – only port 22 open. From there a web server group and database group are created. The web server group allows 80 and 443 from the world, but port 22 *only* from the jump box group. Further, the database group allows port 3306 from the web server group and port 22 from the jump box group. Add any machines to the web server group and they can all hit the database. No one from the world can, and no one can directly ssh to any of your boxes.
40) How to use Amazon SQS? Ans: Amazon SQS (Simple Queue Service) is a message passing mechanism that is used for communication between different connectors that are connected with each other. It also acts as a communicator between various components of Amazon. It keeps all the different functional components together. This functionality helps different components to be loosely coupled, and provide an AWS architecture that is more failure resilient system.
41) I have some private servers on my premises, also I have distributed some of my workloads on the public cloud, what is this architecture called? Ans: A. Virtual Private Network B. Private Cloud C. Virtual Private Cloud D. Hybrid Cloud Answer D. Explanation: This type of architecture would be a hybrid cloud because we are using both, the public cloud and on-premises servers i.e the private cloud. To make this hybrid architecture easy to use, it’d be better if the private and public cloud were all on the same network(virtually). This is established by including your public cloud servers in a virtual private cloud and connecting this virtual cloud with your on-premise servers using a VPN (Virtual Private Network).
42) What does the following command do with respect to the Amazon EC2 security groups? Ans: A. Groups the user created security groups into a new group for easy access. B. Creates a new security group for use with your account. C. Creates a new group inside the security group. D. Creates a new rule inside the security group. Answer B. Explanation: A Security group is just like a firewall, it controls the inbound and outbound traffic in and out of your instance. The command mentioned says to create a security group, and its function is the same. Moving along, once your security group is created, you can add different rules to it. For example, you have an RDS instance, to access it, you have to add the public IP address of the machine from which you want to access the instance in its security group.
43) You have a video transcoding application. The videos are processed according to a queue. If the processing of a video is interrupted in one instance, it is resumed in another instance. Currently, there is a huge back-log of videos which needs to be processed, for this you need to add more instances, but you need these instances only until your backlog is reduced. Which of these would be an efficient way to do it? Ans: You should be using an On Demand instance for the same. The reasons being, the workload has to be processed now, meaning it is urgent, secondly you don’t need them once your backlog is cleared, therefore Reserved Instance is out of the picture, and since the work is urgent, you cannot stop the work on your instance just because the spot price spiked, therefore Spot Instances shall also not be used. Hence On-Demand instances shall be the right choice in this case.
44) You have a distributed application that periodically processes large volumes of data across multiple Amazon EC2 Instances. The application is designed to recover gracefully from Amazon EC2 instance failures. You are required to accomplish this task in the most cost-effective way? Which of the following will meet your requirements? Ans: A. Spot Instances B. Reserved instances C. Dedicated Instances D. On-Demand Instances Answer: A Since the work we are addressing here is not continuous, a reserved instance shall be idle at times, same goes with On Demand instances. Also, it does not make sense to launch an On-Demand instance whenever work comes up since it is expensive. Hence Spot Instances will be the right fit because of their low rates and no long-term commitments.
45) How is stopping and terminating an instance different from each other? Ans: Starting, stopping and terminating are the three states in an EC2 instance, let’s discuss them in detail: a) Stopping and Starting an instance: When an instance is stopped, the instance performs a normal shutdown and then transitions to a stopped state. All of its Amazon EBS volumes remain attached, and you can start the instance again at a later time. You are not charged for additional instance hours while the instance is in a stopped state. b) Terminating an instance: When an instance is terminated, the instance performs a normal shutdown, then the attached Amazon EBS volumes are deleted unless the volume’s deleteOnTermination attribute is set to false. The instance itself is also deleted, and you can’t start the instance again at a later time.
46) If I want my instance to run on a single-tenant hardware, which value do I have to set the instance’s tenancy attribute to? Ans: A. Dedicated B. Isolated C. One D. Reserved Answer A. The Instance tenancy attribute should be set to Dedicated Instance. The rest of the values are invalid.
47) When will you incur costs with an Elastic IP address (EIP)? Ans: A. When an EIP is allocated. B. When it is allocated and associated with a running instance. C. When it is allocated and associated with a stopped instance. D. Costs are incurred regardless of whether the EIP is associated with a running instance. Answer C. You are not charged, if only one Elastic IP address is attached to your running instance. But you do get charged under the following conditions: • When you use more than one Elastic IPs with your instance. • When your Elastic IP is attached to a stopped instance. • When your Elastic IP is not attached to any instance.
48) How is a Spot instance different from an On-Demand instance or Reserved Instance? Ans: Firstly, Spot Instance, On-Demand instance and Reserved Instances are all models for pricing. Moving along, spot instances provide the ability for customers to purchase compute capacity with no upfront commitment, at hourly rates usually lower than the On-Demand rate in each region. Spot instances are just like bidding, the bidding price is called Spot Price. The Spot Price fluctuates based on supply and demand for instances, but customers will never pay more than the maximum price they have specified. If the Spot Price moves higher than a customer’s maximum price, the customer’s EC2 instance will be shut down automatically. But the reverse is not true, if the Spot prices come down again, your EC2 instance will not be launched automatically, one has to do that manually. In Spot and On-demand instance, there is no commitment for the duration from the user side, however in reserved instances, one has to stick to the time period that he has chosen.
49) Are the Reserved Instances available for Multi-AZ Deployments? Ans: A. Multi-AZ Deployments are only available for Cluster Compute instances types B. Available for all instance types C. Only available for M3 instance types D. Not Available for Reserved Instances Answer B. Reserved Instances is a pricing model, which is available for all instance types in EC2.
50) How to use the processor state control feature available on the c4.8xlarge instance? Ans: The processor state control consists of 2 states: a) The C state – Sleep state varying from c0 to c6. C6 is the deepest sleep state for a processor b) The P state – Performance state p0 being the highest and p15 being the lowest possible frequency. The C state and P state are used as Processors have cores; these cores need thermal headroom to boost their performance. Since all the cores are on the processor the temperature should be kept at an optimal state so that all the cores can perform at the highest performance. Now how will these states help in that? If a core is put into sleep state it will reduce the overall temperature of the processor and hence other cores can perform better. Now the same can be synchronized with other cores so that the processor can boost as many cores it can by timely putting other cores to sleep, and thus get an overall performance boost. Concluding, the C and P state can be customized in some EC2 instances like the c4.8xlarge instance and thus you can customize the processor according to your workload. If you like this article, and wish to know more on AWS, click here and read up.
2) What is auto-scaling? How does it work? Ans: Auto scaling is a feature of AWS which enables you to configure and immediately provision and spin up new situations without any need of intervention. You need to do this by mounting thresholds and metrics to watch. When individually these thresholds are met, a completely new occasion of a person’s selection will most likely be spun up, configured, and folded into the load balancer pool. Voila, you have scaled horizontally without any operator intervention!
3) What is an AMI? How do I build one? Ans: AMI denotes Amazon Machine Image. It is definitely a picture of the source file system. Useful hardware, servers have bios that denote the master boot record from the first slab on a disk. A disk image, although can sit actually on a disk, Linux can boot from an absolute location on the EBS storage network. Build a new AMI by first rotating up an example from a trusted AMI then add packages and components required. Be cautious of placing sensitive data on an AMI. For example, access credentials of yours should be added to an instance after spinup with a database, position an external volume that operates your MySQL data after spinup as well.
4) Can I vertically scale an Amazon instance? How? Ans: Yes. This is an incredible feature of AWS and cloud virtualization. Spin up a new larger instance than the one you are currently running. Pause that instance and detach the root EBS volume and discard. Then stop your live instance, detach its root volume. Note down the unique device ID and attach that root volume to your new server. And then start it again. And, you have scaled vertically in-place!
5) What is Amazon S3? Ans: Amazon S3 (Simple Storage Service) is an object storage with a simple web service interface to store and retrieve any amount of data from anywhere on the web.
6) What is SimpleDB? Ans: It is a structured data store that supports indexing and data queries to both EC2 and S3.
7) What is the type of architecture, where half of the workload is on the public load while the other half is on the local storage? Ans: Hybrid Cloud Architecture.
8) How can you send a request to Amazon S3? Ans: You can send the request by using the REST API or the AWS SDK wrapper libraries that wrap the underlying Amazon S3 REST API.
9) How many buckets can be created in AWS by default? Ans: By default, 100 buckets can be created.
10) Should encryption be used for S3? Ans: Encryption should be considered for sensitive data as S3 is a proprietary technology.
11) What are the various AMI design options? Ans: Fully Baked AMI, JeOS (just enough operating system) AMI, and Hybrid AMI.
12) What is Geo Restriction in CloudFront? Ans: Geo-restriction, also known as geoblocking, is used to prevent users in specific geographic locations from accessing content that you’re distributing through a CloudFront web distribution.
13) Explain T2 instances? Ans: T2 instances are designed to provide moderate baseline performance and the capability to burst to higher performance as required by workload.
14) What is AWS Lambda? Ans: AWS Lambda is a compute service that lets you run code in the AWS Cloud without provisioning or managing servers.
15) What is a Serverless application in AWS? Ans: The AWS Serverless Application Model (AWS SAM) extends AWS CloudFormation to provide a simplified way of defining the Amazon API Gateway APIs, AWS Lambda functions, and Amazon DynamoDB tables needed by your serverless application.
16) What is the use of Amazon ElastiCache? Ans: Amazon ElastiCache is a web service that makes it easy to deploy, operate, and scale an in-memory data store or cache in the cloud.
17) Differentiate between stopping and terminating an instance. Ans: When an instance is stopped, it performs a normal shutdown and then transitions to a paused state. When an instance is terminated, it performs a normal shutdown, then the attached Amazon EBS volumes are deleted unless the volume’s deleteOnTermination attribute is set to false.
18) Is it possible to change the private IP addresses of an EC2 while it is running/stopped in a VPC? Ans: The primary private IP address cannot be changed. However, secondary private addresses can be unassigned, assigned or moved between interfaces or instances at any point.
19) Give one instance where you would prefer Provisioned IOPS over Standard RDS storage? Ans: This can happen when you have batch-oriented workloads.
20) What is the importance of buffer in Amazon Web Services? Ans: An Elastic Load Balancer ensures that the incoming traffic is distributed optimally across various AWS instances. A buffer will synchronize different components and makes the arrangement additional elastic to a burst of load or traffic. The components are prone to work in an unstable way of receiving and processing the requests. The buffer creates the equilibrium linking various apparatus and crafts them effort at the identical rate to supply more rapid services.
21) What is the way to secure data for carrying in the cloud? Ans: One thing must be ensured that no one should seize the information in the cloud while data is moving from point one to another and also there should not be any leakage with the security key from several storerooms in the cloud. Segregation of information from additional companies’ information and then encrypting it by means of approved methods is one of the options.
22) Name the several layers of Cloud Computing. Ans: Here is a list of layers of the cloud computing 1) PaaS – Platform as a Service 2) IaaS – Infrastructure as a Service 3) SaaS – Software as a Service
23) What are the components involved in Amazon Web Services? Ans: There are 4 components involved, which are as follows. 1) S3: with this, one can retrieve the key information which is occupied in creating cloud structural design and amount of produced information also can be stored in this component that is the consequence of the key specified. 2) Amazon EC2 instance: helpful to run a large distributed system on the Hadoop cluster. Automatic parallelization and job scheduling can be achieved by this component. 3) Amazon SQS: this component acts as a mediator between different controllers. Also worn for cushioning requirements those are obtained by the manager of Amazon. 4) Amazon SimpleDB: helps in storing the transitional position log and the errands executed by the consumers.
24) Distinguish between scalability and flexibility? Ans: The aptitude of any scheme to enhance the tasks on hand to its present hardware resources to grip inconsistency in command is known as scalability. This capability to augment the tasks on hand to its present and supplementary hardware property is recognized as flexibility. This enables the industry to summon command without putting in the infrastructure at all. AWS has several configuration management solutions for AWS scalability, flexibility, availability and management.
25) Name the various layers of the cloud architecture? Ans: The 5 layers of cloud architecture are listed below:- 1) CC– Cluster Controller 2) SC– Storage Controller 3) CLC– Cloud Controller 4) Walrus 5) NC– Node Controller
26) Which automation gears can help with spinup services? Ans: The API tools can be both used for spinup services and the written scripts. These scripts could be coded in Perl, bash or other languages of preference. The other option is that of patterned administration and stipulating tools such as a dummy or improved descendant. A tool called Scalr can also be used and we can go with a controlled explanation like a RightScale.
27) How do the processes start, stop and terminate works? Ans: Starting and stopping of an instance: If an instance gets stopped or ended, the instance functions a usual power cut and then changes over to a clogged position. You can establish the case afterward since all the EBS volumes of Amazon remain attached. If an instance is in stopping state, then you will not get charged for additional instance. Finishing the instance: If an instance gets terminated it tends to perform a typical blackout, so the EBS volumes which are attached will get removed except the volume’s deleteOnTermination characteristic is set to zero. In such cases, the instance will get removed and cannot set it up afterward.
28) What is Amazon EC2 service? Ans: Amazon Elastic Compute Cloud (Amazon EC2) is an Amazon Web service that provides resizable (scalable) computing capacity in the cloud. You can configure security and networking as well as manage storage. It also helps in obtaining and configuring capacity using minimal friction. You can use it to launch as many virtual servers as you need.
29) Compare AWS and OpenStack? Ans:
Criteria | AWS | OpenStack |
License | Amazon proprietary | Open Source |
Operating System | Whatever cloud administrator provides | Whatever AMIs provided by AWS |
Performing repeatable operations | Through templates | Through text files |
30) What are the features of the Amazon EC2 service? Ans: Amazon EC2 provides the following features: a) Virtual computing environment (known as instances) b) Pre-configured templates for your instances (known as Amazon Machine Images – AMIs) c) Amazon Machine Images (AMIs) is a complete package that you need for your server (including the operating system and additional software) d) It provides various configurations of CPU, memory, storage and networking capacity for your instances (known as instance type) e) It provides secure login information for your instances using key pairs (AWS stores the public key and you can store the private key in a secure place) f) Storage volumes of temporary data is deleted when you stop or terminate your instance (known as instance store volumes) g) It provides persistent storage volumes (using Amazon Elastic Block Store – EBS) h) A firewall that enables you to specify the protocols, ports, and source IP ranges that can reach your instances using security groups i) Static IP addresses for dynamic cloud computing (known as Elastic IP address) j) It provides metadata (known as tags) k) It provides virtual networks that are logically isolated from the rest of the AWS CLOUD, and that you can optionally connect to your own network (known as virtual private clouds – VPCs)
31) What is Amazon Machine Image (AMI)? Ans: An Amazon Machine Image (AMI) is a template that contains a software configuration (for example, an operating system, an application server, and applications). From an AMI, we launch an instance, which is a copy of the AMI running as a virtual server in the cloud. We can even launch multiple instances of an AMI.
32) What is the relation between Instance and AMI? Ans: We can launch different types of instances from a single AMI. An instance type essentially determines the hardware of the host computer used for your instance. Each instance type offers different compute and memory capabilities. After we launch an instance, it looks like a traditional host, and we can interact with it as we would do with any computer. We have complete control of our instances; we can use it to run commands that require root privileges.
33) Explain storage for Amazon EC2 instance? Ans: Amazon EC2 provides many data storage options for your instances. Each option has a unique combination of performance and durability. These storages can be used independently or in combination to suit your requirements. There are mainly four types of storages provided by AWS. Amazon EBS: Its durable, block-level storage volumes can attached in running Amazon EC2 instance. The Amazon EBS volume persists independently from the running life of an Amazon EC2 instance. After an EBS volume is attached to an instance, you can use it like any other physical hard drive. Amazon EBS encryption feature supports encryption feature. Amazon EC2 Instance Store: Storage disk that is attached to the host computer is referred to as instance store. The instance storage provides temporary block-level storage for Amazon EC2 instances. The data on an instance store volume persists only during the life of the associated Amazon EC2 instance; if you stop or terminate an instance, any data on instance store volumes is lost. Amazon S3: Amazon S3 provides access to reliable and inexpensive data storage infrastructure. It is designed to make web-scale computing easier by enabling you to store and retrieve any amount of data, at any time, from within Amazon EC2 or anywhere on the web. Adding Storage: Every time you launch an instance from an AMI, a root storage device is created for that instance. The root storage device contains all the information necessary to boot the instance. You can specify storage volumes in addition to the root device volume when you create an AMI or launch an instance using block device mapping.
34) What are the Security Best Practices for Amazon EC2? There are several best practices for secure Amazon EC2. Following are few of them:- 1) Use AWS Identity and Access Management (IAM) to control access to your AWS resources. 2) Restrict access by only allowing trusted hosts or networks to access ports on your instance. 3) Review the rules in your security groups regularly, and ensure that you apply the principle of least 4) Privilege — only open up permissions that you require. 5) Disable password-based logins for instances launched from your AMI. Passwords can be found or cracked, and are a security risk.
35) Explain Elastic Block Storage. What type of performance can you expect? How do you back it up? How do you improve performance? Ans: EBS is a virtualized SAN or storage area network. That means it is RAID storage to start with, so it’s redundant and faults tolerant. If disks die in that RAID you don’t lose data. It is also virtualized, so you can provision and allocate storage, and attach it to your server with various API calls. No calling the storage expert and asking him or her to run specialized commands from the hardware vendor. Performance on EBS can exhibit variability. That is, it can go above the SLA performance level then, drop below it. The SLA provides you with an average disk I/O rate you can expect. This can frustrate some folks, especially performance experts who expect reliable and consistent disk throughout on a server. Traditional physically hosted servers behave that way. Virtual AWS instances do not. Backup EBS volumes by using the snapshot facility via API call or via a GUI interface like elasticfox. Improve performance by using Linux software raid and striping across four volumes.
36) What is S3? What is it used for? Should encryption be used? Ans: S3 stands for Simple Storage Service. You can think of it like FTP storage, where you can move files to and from there, but not mount it like a filesystem. AWS automatically puts your snapshots there, as well as AMIs there. Encryption should be considered for sensitive data, as AWS S3 is a proprietary technology developed by Amazon themselves, and as yet unproven vis-a-vis a security standpoint.
37) What automation tools can I use to spin up servers? Ans: The most obvious way is to roll-your-own scripts and use the AWS API tools. Such scripts could be written in bash, Perl or another language of preference. The next option is to use a configuration management and provisioning tools like Opscode Chef or Scalr. Lastly, you can go with a managed solution such as RightScale.
38) What is configuration management? Why would I want to use it with cloud provisioning of resources? Ans: Configuration management has been around for a long time in web operations and systems administration. Yet the cultural popularity of it has been limited. Most systems administrators configure machines as the software was developed before version control – that is manually making changes on servers. Each server can then and usually is slightly different. Troubleshooting though is straightforward as you log in to the box and operate on it directly. Configuration management brings a large automation tool in the picture, managing servers like strings of a puppet. This forces standardization, best practices, and reproducibility as all configurations are versioned and managed. It also introduces a new way of working which is the biggest hurdle to its adoption. Once you enter the cloud, then configuration management becomes even more critical. That’s because virtual servers such as Amazon’s EC2 instances are much less reliable than physical ones. You absolutely need a mechanism to rebuild them as-is at any moment. This pushes best practices like automation, reproducibility and disaster recovery into center stage.
39) Explain how you would simulate perimeter security using the Amazon Web Services model? Ans: Traditional perimeter security that we’re already familiar with using firewalls and so forth is not supported in the Amazon EC2 world. AWS supports security groups. One can create a security group for a jump box with ssh access – only port 22 open. From there a web server group and database group are created. The web server group allows 80 and 443 from the world, but port 22 *only* from the jump box group. Further, the database group allows port 3306 from the web server group and port 22 from the jump box group. Add any machines to the web server group and they can all hit the database. No one from the world can, and no one can directly ssh to any of your boxes.
40) How to use Amazon SQS? Ans: Amazon SQS (Simple Queue Service) is a message passing mechanism that is used for communication between different connectors that are connected with each other. It also acts as a communicator between various components of Amazon. It keeps all the different functional components together. This functionality helps different components to be loosely coupled, and provide an AWS architecture that is more failure resilient system.
41) I have some private servers on my premises, also I have distributed some of my workloads on the public cloud, what is this architecture called? Ans: A. Virtual Private Network B. Private Cloud C. Virtual Private Cloud D. Hybrid Cloud Answer D. Explanation: This type of architecture would be a hybrid cloud because we are using both, the public cloud and on-premises servers i.e the private cloud. To make this hybrid architecture easy to use, it’d be better if the private and public cloud were all on the same network(virtually). This is established by including your public cloud servers in a virtual private cloud and connecting this virtual cloud with your on-premise servers using a VPN (Virtual Private Network).
42) What does the following command do with respect to the Amazon EC2 security groups? Ans: A. Groups the user created security groups into a new group for easy access. B. Creates a new security group for use with your account. C. Creates a new group inside the security group. D. Creates a new rule inside the security group. Answer B. Explanation: A Security group is just like a firewall, it controls the inbound and outbound traffic in and out of your instance. The command mentioned says to create a security group, and its function is the same. Moving along, once your security group is created, you can add different rules to it. For example, you have an RDS instance, to access it, you have to add the public IP address of the machine from which you want to access the instance in its security group.
43) You have a video transcoding application. The videos are processed according to a queue. If the processing of a video is interrupted in one instance, it is resumed in another instance. Currently, there is a huge back-log of videos which needs to be processed, for this you need to add more instances, but you need these instances only until your backlog is reduced. Which of these would be an efficient way to do it? Ans: You should be using an On Demand instance for the same. The reasons being, the workload has to be processed now, meaning it is urgent, secondly you don’t need them once your backlog is cleared, therefore Reserved Instance is out of the picture, and since the work is urgent, you cannot stop the work on your instance just because the spot price spiked, therefore Spot Instances shall also not be used. Hence On-Demand instances shall be the right choice in this case.
44) You have a distributed application that periodically processes large volumes of data across multiple Amazon EC2 Instances. The application is designed to recover gracefully from Amazon EC2 instance failures. You are required to accomplish this task in the most cost-effective way? Which of the following will meet your requirements? Ans: A. Spot Instances B. Reserved instances C. Dedicated Instances D. On-Demand Instances Answer: A Since the work we are addressing here is not continuous, a reserved instance shall be idle at times, same goes with On Demand instances. Also, it does not make sense to launch an On-Demand instance whenever work comes up since it is expensive. Hence Spot Instances will be the right fit because of their low rates and no long-term commitments.
45) How is stopping and terminating an instance different from each other? Ans: Starting, stopping and terminating are the three states in an EC2 instance, let’s discuss them in detail: a) Stopping and Starting an instance: When an instance is stopped, the instance performs a normal shutdown and then transitions to a stopped state. All of its Amazon EBS volumes remain attached, and you can start the instance again at a later time. You are not charged for additional instance hours while the instance is in a stopped state. b) Terminating an instance: When an instance is terminated, the instance performs a normal shutdown, then the attached Amazon EBS volumes are deleted unless the volume’s deleteOnTermination attribute is set to false. The instance itself is also deleted, and you can’t start the instance again at a later time.
46) If I want my instance to run on a single-tenant hardware, which value do I have to set the instance’s tenancy attribute to? Ans: A. Dedicated B. Isolated C. One D. Reserved Answer A. The Instance tenancy attribute should be set to Dedicated Instance. The rest of the values are invalid.
47) When will you incur costs with an Elastic IP address (EIP)? Ans: A. When an EIP is allocated. B. When it is allocated and associated with a running instance. C. When it is allocated and associated with a stopped instance. D. Costs are incurred regardless of whether the EIP is associated with a running instance. Answer C. You are not charged, if only one Elastic IP address is attached to your running instance. But you do get charged under the following conditions: • When you use more than one Elastic IPs with your instance. • When your Elastic IP is attached to a stopped instance. • When your Elastic IP is not attached to any instance.
48) How is a Spot instance different from an On-Demand instance or Reserved Instance? Ans: Firstly, Spot Instance, On-Demand instance and Reserved Instances are all models for pricing. Moving along, spot instances provide the ability for customers to purchase compute capacity with no upfront commitment, at hourly rates usually lower than the On-Demand rate in each region. Spot instances are just like bidding, the bidding price is called Spot Price. The Spot Price fluctuates based on supply and demand for instances, but customers will never pay more than the maximum price they have specified. If the Spot Price moves higher than a customer’s maximum price, the customer’s EC2 instance will be shut down automatically. But the reverse is not true, if the Spot prices come down again, your EC2 instance will not be launched automatically, one has to do that manually. In Spot and On-demand instance, there is no commitment for the duration from the user side, however in reserved instances, one has to stick to the time period that he has chosen.
49) Are the Reserved Instances available for Multi-AZ Deployments? Ans: A. Multi-AZ Deployments are only available for Cluster Compute instances types B. Available for all instance types C. Only available for M3 instance types D. Not Available for Reserved Instances Answer B. Reserved Instances is a pricing model, which is available for all instance types in EC2.
50) How to use the processor state control feature available on the c4.8xlarge instance? Ans: The processor state control consists of 2 states: a) The C state – Sleep state varying from c0 to c6. C6 is the deepest sleep state for a processor b) The P state – Performance state p0 being the highest and p15 being the lowest possible frequency. The C state and P state are used as Processors have cores; these cores need thermal headroom to boost their performance. Since all the cores are on the processor the temperature should be kept at an optimal state so that all the cores can perform at the highest performance. Now how will these states help in that? If a core is put into sleep state it will reduce the overall temperature of the processor and hence other cores can perform better. Now the same can be synchronized with other cores so that the processor can boost as many cores it can by timely putting other cores to sleep, and thus get an overall performance boost. Concluding, the C and P state can be customized in some EC2 instances like the c4.8xlarge instance and thus you can customize the processor according to your workload. If you like this article, and wish to know more on AWS, click here and read up.
Chandanakatta
Author
Hey there! I shoot some hoops when I’m not drowned in the books, sitting by the side of brooks.