EC2 Solution Architect Level

EC2 Solution Architect Level

Understanding Public and Private IPs in AWS

Let’s delve into the crucial concept of public and private IP addresses in AWS.

Public IP Addresses:

  • Unique: Each public IP is unique across the internet.
  • Accessibility: Machines with public IPs can be accessed from anywhere on the internet.
  • Dynamic: They can change when an EC2 instance is stopped and started.
  • Elastic IPs: These are static public IPs that can be assigned to different instances. However, their use is often discouraged due to limitations and potential architectural complexities.

Private IP Addresses:

  • Network-Specific: Private IPs are only accessible within a private network.
  • Non-Unique: Multiple devices within a private network can have the same private IP.
  • NAT and Internet Gateways: Devices within a private network typically use a Network Address Translation (NAT) device and an internet gateway to communicate with the public internet.

Best Practices:

  • Avoid Overreliance on Elastic IPs: Consider using DNS names or Load Balancers for more flexible and scalable solutions.
  • Utilize Private IPs for Internal Communication: This ensures secure and efficient communication within your AWS environment.
  • Understand the Implications of Public IPs: Be mindful of security risks and the need for appropriate security measures when exposing instances to the public internet.

By grasping the differences between public and private IPs, we can make informed decisions about your AWS network architecture and optimize your infrastructure for performance and security.

Network setup involving two companies, Company A and Company B, with their respective private networks connected to the public internet through Internet Gateways. The two companies are able to communicate with each other using the "WWW" connection.

Understanding Placement Groups

Placement groups offer granular control over the physical placement of your EC2 instances within AWS infrastructure. This strategic approach can significantly impact performance, fault tolerance, and scalability of your applications.

Three Key Placement Group Strategies

  1. Cluster Placement Group:
    • Pros: High-performance, low-latency networking within a single Availability Zone (AZ).
    • Cons: High risk of failure if the entire AZ goes down.
    • Ideal Use Cases: Big data jobs requiring rapid processing and high-speed networking, applications demanding extremely low latency and high throughput.
Cluster Group
  1. Spread Placement Group:
    • Pros: Minimized risk of simultaneous failures by spreading instances across different hardware.
    • Cons: Limited to seven instances per AZ per placement group.
    • Ideal Use Cases: Critical applications prioritizing high availability and fault tolerance.
Spread Placement Groups
  1. Partition Placement Group:
    • Pros: Combines the benefits of spread and cluster, offering both isolation and scalability.
    • Cons: Requires partition-aware applications.
    • Ideal Use Cases: Big data applications like Hadoop, Cassandra, and Kafka that can distribute data and workloads across partitions.
Partition Groups

Choosing the Right Strategy

The optimal placement group strategy depends on your specific application requirements:

  • Performance-critical: Cluster placement group
  • High availability: Spread or Partition placement group
  • Scalability and fault tolerance: Partition placement group

By carefully considering these factors, you can effectively leverage placement groups to optimize your EC2 deployments and achieve desired performance and reliability goals.

Elastic Network Interfaces (ENIs)

ENIs are the virtual network cards that power EC2 instances and other AWS services. They provide network connectivity, including private and public IP addresses.

The diagram illustrates a common scenario in AWS where an EC2 instance is configured with multiple ENIs. This configuration enables the instance to have multiple IP addresses.

Key Points:

  • ENIs are Bound to Availability Zones: An ENI created in a specific AZ can only be used within that AZ.
  • Primary and Secondary Private IPs: Each ENI can have a primary private IP and multiple secondary IPs.
  • Elastic IPs: ENIs can be associated with elastic IPs (public IP addresses) for external access.
  • Security Groups: Security groups can be attached to ENIs to control inbound and outbound traffic.
  • MAC Addresses: ENIs have unique MAC addresses.
  • Dynamic Attachment and Detachment: ENIs can be created independently and attached or detached to EC2 instances on the fly.
  • Failover and IP Migration: ENIs can be used for failover scenarios by migrating IP addresses between instances.

By understanding ENIs, you can optimize your AWS network architecture for performance, security, and flexibility.

EC2 Hibernate: A New Way to Save Time and Resources

Have you ever wished you could pause your EC2 instances without losing their in-memory state? EC2 Hibernate is the solution!

How it works is it preserves RAM state. When you hibernate an instance, its current memory state is saved to the root EBS volume. This results in faster boot times. Upon restarting, the instance boots up quickly as it doesn't need to reinitialize the OS and applications. It can be ideal for long-running processes.

Key Points:

  • Instance RAM limit: Currently, instances must have less than 150GB of RAM.
  • Root volume requirements: The root volume must be an encrypted EBS volume with sufficient space to store the RAM dump.
  • Operating system support: Compatible with Linux and Windows.
  • Instance types: Available for on-demand, reserved, and spot instances.
  • Hibernation duration: Instances should not be hibernated for more than 60 days.

[1]: Stephane Maarek, AWS Certified Solutions Architect Associate Certification SAA-C03