Amazon AWS Reserved Instance
- What constitutes "ephemeral storage?"
- Instance resides in a security group
- Storage resides within in Amazon Elastic Block Store (EBS)
- Root volume is an EBS-backed volume
- All resides within an Availability Zone
- Secure instance by specifying a key pair and a security group
- PV = Para-virtualization = pros: high performance, cons: OS/kernel custimization impossible, linux only
- HVM = Hardware-assisted virtualization = pros: stability, low performance
- VPC = Virtual private cloud = free.
- public and private subnets to facilitate running applications
- store data in s3 and set permissions such that data can only be accessed by my VPC
- Network access control list (ACL) - an optional layer of security that acts as a firewall for controlling traffic in and out of a subnet.
Storage for the root device
- EBS-backed = 5 cents per GB per month + 5 cents per 1e6 io requests
- snapshots just save the diff so relatively cheap
- persistent storage between instance terminations
- Instance Store-Backed = S3
- IOPS = input/output operations per second
- PIOPS = Provisioned IOPS, I guess like a dedicated highway for your data, don't have to share the highway with other people?
- EBS-Optimized Instances
- Used for storage optimized instances, like c3.xlarge
- dedicated throughput to Amazon EBS I/O. Requires additional hourly fee
- a set of rules used to determine where network traffic is directed
- A permanent IP associated with your account, not a particular instance
- If an instance goes down, can remap a replacement instance to the elastic IP, rather wait for a new server's IP to propagate in the DNS
- first one is free, plus 100 remaps free, more will cost you
- three IPs, private IP (intra cloud), public IP for instance, elastic IP (one per account)
- public IP - comes with allocation
- Instance ID - right click on the elastic IP and click "associate with instance" ... in my case that instances's public IP became the elastic IP.
Launch EC2 Instance
- EC2 Console
- Make sure your VPC has inbound SSH HTTP and HTTPS rules