Udemy AWS SAA - EBS, AMI, EFS

EBS (Elastic Block Store) Volume

• it is a network drive you can attach to you instances while they run
• it allows you instances to persist data, even after their termination. Just like a "network USB stick" (not physical)
• they can only be mounted to one instance at a time. And it is bound to a specific availability zone

EBS - Delete on Termination Attribute

• can control preserve root volume when instance is terminated

EBS Snapshots

• Make a backup (snapshot) of your EBS volume at a point in time
• You can copy snapshot from AZ to AZ
• You can archive it so cheaper, it take 24-72 hrs for restoring the archive
• You can recover deleted snapshots from recycle bin
• FSR (Fast Snapshot Restore): force full initialization of snapshot to have no latency on the first use, but very expensive

AMI

• Amazon Machine Image, a customization of an EC2 instance, you can add your own software, configuration, OS, monitoring, so that faster boot / config time bc all your software is pre-packaged
  • Public AMI: AWS provided;
  • Your own AMI: make and maintain them yourself;
  • An AWS marketplace AMI: AMI made by someone else

AMI Process

EC instance store

• EBS volumes are good but (it's network drive) limited performance
• So we need a high-performance in I/O hardware disk, use EC2 instance store. But it lose storage if they are stopped, so ephemeral, only good for buffer / cache / scratch data / temporary content
• risk of data loss if hardware fails, so need to backup and replicate

EBS Volume Types

• gp2/gp3 (SSD): General purpose SSD volume that balances price and performance fora wide variety of workloads

• iol /io2 (SSD): Highest-performance SSD volume for mission-critical low-latency or high-throughput workloads

• stl (HDD): Low cost HDD volume designed for frequently accessed, throughput-intensive workloads

• scl (HDD): Lowest cost HDD volume designed for less frequently accessed workloads

• only gp2 / gp3 and io1 / io2 can be used as boot volumes

EBS Volume Use Case

• GP: gp3 can increase IOPS and throughput independently, but gp2's volume size and IOPS are linked
• Provisioned IOPS SSD: great for database workload (sensitive to storage performance and consistency)
• HHD: hard disk drives, cannot be a boot volume

Multi-attach feature of EBS, only available to io1/io2

• It allows us attach same EBS volume to multiple EC2 instances in the same AZ
• it's up to 16 EC2 instances at a time
  can achieve higher application availability in clustered linux app

EBS Encryption

• When you create an encrypted EBS volume, you get the following:
  • Data at rest is encrypted inside the volume
  • All the data in fight moving between the instance and the volume is encrypted
  • All snapshots are encrypted
  • All volumes created from the snapshot
• Encryption and decryption are handled transparently (you have nothing todo)
• Encryption has a minimal impact on latency
• EBS Encryption leverages keys from KMS (AES-256)