AWS学习笔记2 -- EC2基础

AWS学习笔记2 -- EC2基础

ec2实例类型

refer: ​​class="data-table" data-id="t7a7e9d1-QiXEZ2eJ" data-transient-attributes="class" data-width="1246px" style="width: 100%; outline: currentcolor none medium; border-collapse: collapse;">

General_Purpose

通用

通用实例提供计算、内存和联网资源三方面的平衡，可用于各种不同的工作负载。这些实例非常适合于以相同比例使用这些资源的应用程序，如 Web 服务器和代码存储库。 

Compute_Optimized

计算优化型

计算优化型实例非常适用于从高性能处理器获取的受计算限制的应用程序。属于此系列的实例非常适用于批处理工作负载、媒体转码、高性能 Web 服务器、高性能计算 (HPC)、科学建模、专用游戏服务器和广告服务器引擎、机器学习推理和其他计算密集型应用程序。

Memory_Optimized

内存优化型

• High performance for relational or non-relational databases
• Distributed web-scale cache stores
• In-memory databases optimized for BI (business intelligence)
• Applications performing real-time processing of big unstructured data

内存优化型实例旨在提高可处理内存中大型数据集的工作负载的性能。

Accelerated_Computing

加速计算

加速计算实例使用硬件加速器或协同处理器来执行浮点数计算、图形处理或数据模式匹配等功能，比使用在 CPU 上运行的软件更高效。

Storage_Optimized

存储优化型

• High-frequency online transactional processing (OLTP) systems
• Relational and NoSQL databases
• Cache for in-memory databases (e.g., Redis)
• data warehousing application
• distributed file systems

存储优化型实例旨在用于需要对本地存储上的大型数据集进行高速连续读写访问的工作负载。它们经过了优化，每秒可以向应用程序交付数以万计的低延迟、随机 I/O 操作 (IOPS)。

命名约定

实例类型名称由实例系列、世代和大小组成。它们还可以表示其他功能，例如：

a – AMD 处理器g – AWS Graviton 处理器i – 英特尔处理器d – 实例存储卷n – 网络优化b – 数据块存储优化e – 额外的存储或内存z – 高频率

m5.2xlarge

m: 实例系列 instance class5: 世代 generation (AWS improves them over time)2xlarge: 大小 size within the instance class

Introduction to Security Groups

Security groups only contain allow rulesSecurity groups rules can reference by IP or by security group

Security Groups Good to know

Can be attached to multiple instancesLocked down to a region / VPC combinationDoes live "outside" the EC2 – if traffic is blocked the EC2 instance won't see itIt's good to maintain one separate security group for SSH accessIf your application is not accessible (time out), then it's a security group issueIf your application gives a "connection refused" error, then it's an application error or it's not launchedAll inbound traffic is blockedAll outbound traffic is authorised

Classic Ports to know

22 = SSH (Secure Shell) - log into a Linux instance21 = FTP (File Transfer Protocol) – upload files into a file share22 = SFTP (Secure File Transfer Protocol) – upload files using SSH80 = HTTP – access unsecured websites443 = HTTPS – access secured websites3389 = RDP (Remote Desktop Protocol) – log into a Windows instance

EC2 Instances Purchasing Options

On-Demand Instances:

·Pay for what you use:

Linux or Windows-billing per second after the first minuteAll other operating systems-billing per hour

Has the highest cost but no upfront paymentNo long-term commitment·Recommended forshort-term and un-interrupted workloads, where you can't predict how the application will behave

EC2 Reserved Instance 预留实例​:

(1年或3年两个选项) 预定且可预付(无预付、部分预付、全预付)Reserved Instances 标准预留实例: long workloads

相较于On-demand, 高达72%的折扣特定实例类型, 不能更改 You reserve a specific instance attributes (InstanceType, Region, TenancyOS)Reservation Period-1 year (+discount), or 3 years (+++discount)Payment Options (支付选项：预付比例) - No Upfront(+), Partial Upfront(++), All Upfront(+++)Reserved Instance's Scope - Regional or Zonal (reserve capacity in an AZRecommended for steady-state usage applications (think database)You can buy and sell in the Reserved Instance Marketplace

Scheduled Reserved Instances 只有US East (N. Virginia), US West (Oregon),EU (Ireland) 支持，用于定期执行的任务，比如安全扫描等。 every Thursday between 3 and 6 pmConvertible Reserved Instances 可转换预留实例: long workloads with flexible instances

可转换预留实例的折扣额度较小，但允许在合同期间更改某些其他实例类型、更改其他属性Can change the EC2 instance type, instance familyOS scope and tenancyUp to 66% discount

EC2 Savings Plans(1 & 3 years)

commitment to an amount of usage, long workload 承诺在1年或3年期，每个月最低消费额，超出额度部分，按照on-demand的价格支付；锁定Get a discount based on long-term usage (up to 72% - same as Reserved Instances)Commit to a certain type of usage ($10/hour for 1 or 3 years)Usage beyond EC2 Savings Plans is billed at the On-Demand priceLocked to a specific instance family & AWS region (e.g., M5 in us-east-1)Flexible across:

Instance Size (e.g., m5.large, m5.2xlarge)OS (e.g., Linux, Windows)Tenancy (Host, Dedicated, Default)

Spot Instances:

short workloads, cheap, can lose instances (less reliable)Useful for workloads that are resilient to failure: Batch jobs, Data analysis, Image processing, Any distributed workloads, Workloads with a flexible start and end time如果主动终止一个竞价实例，需要为当前这个完整小时付费如果因为价格上涨，AWS终止了你的竞价实例，那么这个小时的费用会被免除

​Dedicated Hosts:

适用于限制数据出境的、绑定系统的license等情况，贵！ A physical server with EC2 instance capacity fully dedicated to your useAllows you address compliance requirements and use your existing server-bound software licenses (per-socket, per-core, per-VM software licenses)Purchasing Options:

On-demand - pay per second for active Dedicated HostReserved -1 or 3 years (No Upfront, Partial Upfront, All Upfront)

The most expensive option

Useful for software that have complicated licensing model (BYOL - Bring Your Own License)Or for companies that have strong regulatory or compliance needs

Dedicated Instances:

No other customers will share your hardwareMay share hardware with other instances in same accountNo control over instance placement (can move hardware after Stop / Start)

Capacity Reservations

Reserve On-Demand instances capacity in a specific AZ for any durationYou always have access to EC2 capacity when you need itNo time commitment (create/cancel anytime), no billing discounts Combine with Regional Reserved Instances and Savings Plans to benefit from billing discountsYou're charged at On-Demand rate whether you run instances or not 运行与否都要付钱Suitable for short-term, uninterrupted workloads that needs to be in a specific AZ

价格示例：

与选择的区域、类型有关，此为m4.large在同一区域的价格对比：

EC2 User Data

使用EC2 User Data 脚本，在首次启动时，执行一次使用场景： 如安装软件（如anti-virus）、打补丁、下载文件、 系统加固等等

IAM Roles for EC2 Instance

禁止提供安全凭证用于aws configure， 已经启用的，可以在IAM中停用凭证，并将客户端的 ~/.aws/crendentials 文件删除。

正确方式：

版权声明：本文内容由网络用户投稿，版权归原作者所有，本站不拥有其著作权，亦不承担相应法律责任。如果您发现本站中有涉嫌抄袭或描述失实的内容，请联系我们jiasou666@gmail.com 处理，核实后本网站将在24小时内删除侵权内容。