In one of the previous article, I have mentioned AWS S3 Interview questions and answers but now in this article, we will focus on AWS EC2 Interview Questions and answer, which can be read by beginner or intermediate or experienced AWS architect.
1. What is AWS EC2?
Amazon web service platform is a combination of infrastructure as a service (IaaS), platform as a service (PaaS) and packaged software as a service (SaaS) which produce cloud computing solutions with cost effectiveness, flexibility and so on.
An EC2(Elastic Compute Cloud) instance is simply a virtual server in Amazon Web Services terminology.
With an EC2 instance, AWS subscribers can request and provision a computer server within the AWS cloud.
Amazon EC2 enables you to scale up or down to handle changes in requirements or spikes in popularity, reducing your need to forecast traffic.
2. What is AWS S3?
Amazon Simple Storage Service (Amazon S3) is an object storage service offering industry-leading scalability, data availability, security, and performance.
You can store any type of file on the Amazon S3 cloud object storage service.
So, you can store and retrieve any type of file on amazon s3 cloud, you can makes these files publicly available or only available to your organization.
3. What is AMI?
An Amazon Machine Image (AMI) provides the information required to launch an instance. An Amazon Machine Image (AMI) is used to create virtual servers (Amazon Elastic Compute Cloud or EC2 instances) in the Amazon Web Services (AWS) environment.
You must specify an AMI when you launch an instance. You can launch multiple instances from a single AMI when you need multiple instances with the same configuration.
You can use different AMIs to launch instances when you need instances with different configurations. It offers an easy and visual mode of launching instances of your virtual machine on the cloud platform.
4. What is Amazon EC2 Root Device Volume?
When you create an instance, the root device volume has the picture that was utilized to boot up the case in any case.
5. What is the connection between Instance and AMI?
An Amazon Machine Image (AMI) is a template that contains a software configuration (for example, an operating system, an application server, and applications). From an AMI, you launch an instance, which is a copy of the AMI running as a virtual server in the cloud.
You can launch multiple instances of an AMI, as shown in the following figure.
Instances keep running until you stop, hibernate, or terminate them, or until they fail. If an instance fails, you can launch a new one from the AMI.
6. What is AWS EC2 Instance Storage?
An instance storage provides temporary or Ephemeral block-level storage for an EC2 instance.
Instance store storage is located on the disks that are physically attached to the host computer.
Instance store is ideal for temporary storage of information that changes frequently, such as buffers, caches, scratch data, and other temporary content, or for data that is replicated across a fleet of instances, such as a load-balanced pool of web servers.
7. What are the Best Practices for Security in Amazon EC2?
- Restrict access and allow only trusted hosts or networks to use the instance ports, using EC2 Security groups.
- Use AWS Identity and access management (IAM roles) for access control.
- Disable password-based login.
- Do not open S3 storage buckets for public access unless needed.
8. What is difference between Terminating an EC2 Instance and Stopping an Instance?
When we terminate an EC2 instance, it transfers to the stopped state, while the EBS volumes are deleted and can’t be recovered.
But when we stop an EC2 instance, it's like a normal shutdown of the instance and then, it moves to the stopped state.
9. How to launch EC2 instance?
- First, login into your AWS console and open up the EC2 console.
- Choose Launch Instance from the dashboard.
- Pick an AMI
- Pick an Instance Type.(Based on OS and RAM)
- Select Review and Launch (let the wizard take care of the remaining configuration settings).
- Select Security Group from the Security Groups on the Review Instance Launch page, and click on Launch.
- When it asks for a key pair, pick an Existing key pair.
- Click on View Instance to return to the EC2 console.
10. How can you upgrade EC2 Instance?
You can follow below steps to upgrade EC2 (with downtime of few minutes):
- Login into your AWS EC2 Console.
- Navigate to "Instances" (From left-pane) and Select instance which you want to upgrade
- Now, right-click on instance and select "Stop Instance", since, we cannot upgrade running instance, we will have to stop it, it will not take time.
- Once, you have stopped the instance, Right-Click on it, and then select "Instance Settings", then select "Change Instance Type"
- On Instance Selection screen, choose the new instance type, for example, I am upgrading from "t2.Micro" to "t2.medium", so select "t2.medium" and click "Apply"
- Then Again, right-click instance, and select "Start Instance", to start it.
- After a minute or two it will start working with upgraded version of instance.
11. How can you upgrade EC2 Instance without downtime?
Follow below steps to upgrade or change EC2 instance without downtime:
- Create a image of your Current Instance, you can do this, by right-clicking on your Instance, and then select "Image" -> "Create Image" (Creates an AMI of the instance)
- Now create a new EC2 Instance with upgraded configuration and using above created image
- Deasccociate Public IP Address from old server and associate it with new EC2 Server
- That's it, your new upgaded Ec2 instance is ready.
- You can terminate old instance, after checking new one has all your data.
12. How Would You Stop the Deletion of Root Device Volume Using a Console?
- At the EC2 console, click on Launch Instance.
- On the Amazon Machine Image page, select the AMI and choose an Instance Type.
- On the Instance Details pages, configure the settings.
- Deselect "Delete on Termination" on the Add Storage page.
- Complete the remaining wizard configuration pages and click Launch.
13. What is a Security Group in EC2?
Security groups in EC2 work as firewalls for associated instances.
They control both outbound and inbound traffic at the instance level, we can add rules to, incoming and outgoing traffic of instance, for example:
- Allow or not, to connect to our instance using SSH.
- Permit the outbound and inbound access for HTTP and HTTPS from any location.
14. How Would You Disable a Password-based Login for Root User?
Perform following steps
- Login to remote server in Linux
- Open the /etc/ssh/sshd_config file on any text editor.
- Looks for #PermitRootLogin and change it to without-password.
15. Can You Use S3 with an EC2 Instance?
Yes, we can use the Amazon S3 with EC2 instances with root devices using local instance storage.
16. Explain the difference between Public IP and Elastic IP.
Public IP: It is a usual Public IP Address that is associated to EC2 instance. If an instance is stopped, the associated Public Address is released and once the instance starts again, a new Public Address is issued resulting in updating the host record on DNS Server.
Elastic IP: Elastic IP Address is a static Public Address that's associated to EC2 instance. EIP will not change even if a server is stopped and started again. This address also allows a instance to host resources on public internet very similar to Public Address.
17. What is EBS volume?
EBS (Elastic Block Store) is a virtual block device that can be attached to EC2 instance. After you attach a volume to an instance, you can use it as you would use a physical hard drive. EBS volumes are flexible.
18. Can we attach multiple EBS volume to an instance?
Yes, You can attach multiple EBS volumes to a single instance.
19. Describe AWS Elastic Load Balancer.
A load balancer distributes incoming traffic across targets, such as your EC2 instances. This enables you to increase the availability of your application.
To ensure continuous delivery of our applications, Amazon provides us with Elastic Load Balancer with EC2, that can automatically distribute traffic to our application across multiple targets such as instances, lambda functions, virtual appliances, IP address and containers.
You may also like to read: