Interview Questions.

AWS EC2 Interview Questions and Answers


AWS EC2 Interview Questions and Answers

Q1. Explain Elastic Block Storage?  What type of overall performance can you assume?  How do you again it up?  How do you improve overall performance?

Ans: EBS is a virtualized SAN or garage vicinity community.  That way it's miles RAID garage initially so it is redundant and fault tolerant.  If disks die in that RAID you do not lose facts.  Great!  It is likewise virtualized, so you can provision and allocate garage, and fasten it to your server with numerous API calls.  No calling the storage professional and asking her or him to run specialised commands from the hardware dealer.

Performance on EBS can showcase variability.  That is it may cross above the SLA performance degree, then drop below it.  The SLA gives you with an average disk I/O price you can assume.  This can frustrate a few parents specially overall performance specialists who anticipate reliable and consistent disk throughput on a server.  Traditional physically hosted servers behave that manner.  Virtual AWS instances do no longer.

Backup EBS volumes by means of the usage of the picture facility thru API name or thru a GUI interface like elasticfox.

Improve overall performance by means of the usage of Linux software raid and striping across four volumes.

Q2. What is S3?  What is it used for?  Should encryption be used?

Ans: S3 stands for Simple Storage Service.  You can consider it like ftp storage, in which you may circulate files to and from there, but now not mount it like a filesystem.  AWS routinely places your snapshots there, in addition to AMIs there.  Encryption need to be taken into consideration for sensitive records, as S3 is a proprietary generation developed by Amazon themselves, and as yet unproven vis-a-vis a protection perspective.

Q3. What is an AMI?  How do I build one?

Ans: AMI stands for Amazon Machine Image.  It is correctly a picture of the basis filesystem.  Commodity hardware servers have a bios that factors the the grasp boot record of the first block on a disk.  A disk picture though can sit anywhere bodily on a disk, so Linux can boot from an arbitrary location on the EBS storage network.

Build a brand new AMI via first spinning up and instance from a trusted AMI.  Then adding packages and components as required.  Be wary of setting sensitive records onto an AMI.  For example your get admission to credentials need to be added to an example after spinup.  With a database, mount an out of doors extent that holds your MySQL facts after spinup as nicely.

Q4. Can I vertically scale an Amazon example?  How?

Ans: Yes.  This is an first-rate characteristic of AWS and cloud virtualization.  Spinup a brand new large example than the one you're presently running.  Pause that example and detach the foundation ebs quantity from this server and discard.  Then prevent your live instance, detach its root extent.  Note the precise device ID and fasten that root volume on your new server.   And the start it once more.  Voila you have scaled vertically in-area!!

Q5. What is auto-scaling?  How does it work?

Ans: Autoscaling is a feature of AWS which allows you to configure and mechanically provision and spinup new times without the need to your intervention.  You do that by placing thresholds and metrics to monitor.  When those thresholds are crossed a brand new example of your selecting could be spun up, configured, and rolled into the weight balancer pool.  Voila you've got scaled horizontally without any operator intervention!

Q6. What automation equipment can I use to spinup servers?

Ans: The most apparent manner is to roll-your-personal scripts, and use the AWS API gear.  Such scripts might be written in bash, perl or different language or your choice.  Next option is to use a configuration control and provisioning tool like puppet or better it is successor Opscode Chef.  You might also appearance towards a tool like Scalr.  Lastly you could go along with a controlled solution such as Rightscale.

Q7. What is configuration control?  Why might I need to apply it with cloud provisioning of sources?

Ans: Configuration control has been around for a long time in web operations and systems management.  Yet the cultural reputation of it has been limited.  Most structures administrators configure machines as software turned into evolved earlier than model manipulate - that is manually making modifications on servers.  Each server can then and generally is barely different.  Troubleshooting though is easy as you login to the field and operate on it without delay.  Configuration control brings a huge automation tool into the photo, coping with servers like strings of a puppet.  This forces standardization, first-rate practices, and reproducibility as all configs are versioned and managed.  It also introduces a brand new way of operating which is the biggest hurdle to its adoption.

Enter the cloud, and configuration control will become even more important.  That's due to the fact virtual servers inclusive of amazons EC2 times are a good deal much less reliable than physical ones.  You surely want a mechanism to rebuild them as-is at any second.  This pushes great practices like automation, reproducibility and disaster restoration into center level.

Q8. Explain how you will simulate perimeter protection the usage of Amazon Web Services model?

Ans: Traditional perimeter security that we are already acquainted with the use of firewalls and so on isn't supported in the Amazon EC2 international.  AWS supports protection companies.  One can create a safety organization for a soar box with ssh access - simplest port 22 open.  From there a webserver organization and database institution are created.  The webserver group allows eighty and 443 from the world, but port 22 *simplest* from the jump container institution.  Further the database group allows port 3306 from the webserver organization and port 22 from the bounce box organization.  Add any machines to the webserver institution and they can all hit the database.  No one from the world can, and no one can at once ssh to any of your boxes.