Week 4: Monitoring and Optimizing Solutions on AWS

by
Contents hide
1 INTRODUCTION
2 WEEK 4 QUIZ
3 END OF COURSE ASSESSMENT
4 CONCLUSION
Spread the love

INTRODUCTION

This Week Four, witness the exploration of monitoring benefits in AWS with scenarios on how to optimize the various solutions within the whole ecosystem of AWs. You will also explore the details of Elastic Load Balancing (ELB) and the differences between vertical and horizontal scaling.

Learning objectives:

  • Define benefits of monitoring on AWS
  • Explain the purpose of Amazon CloudWatch on AWS
  • Investigate methods of optimizing solutions on AWS
  • Web applications serve traffic using Amazon Elastic Load Balancer traffic
  • The difference between vertical and horizontal scaling is as follows:
  • Set up high availability for your application.

WEEK 4 QUIZ

1. What are the three components of Amazon EC2 Auto Scaling?

  • Amazon Machine Image (AMI) ID, instance type, storage
  • Launch template, scaling policies, EC2 Auto Scaling group (CORRECT)
  • Scaling policies, security group, EC2 Auto Scaling group
  • Security group, instance type, key pair

Correct: You must create three elements for Amazon EC2 Auto Scaling: an EC2 instance configuration template (which can either be a launch template or a launch configuration), an EC2 Auto Scaling group which will maintain a minimum, maximum, and desired instance count, and scaling policies that will automatically vary the number of instances according to certain criteria or even schedules. For more information, see Amazon EC2 Auto Scaling documentation.

2. Which of the following features are included in Elastic Load Balancing (ELB)?

  • Automatic scaling
  • Integration with Amazon Relational Database Service RDS
  • Integration with Amazon EC2 Auto Scaling
  • A and B
  • A and C (CORRECT)

Correct: Elastic Load Balancing (ELB) distributes the incoming traffic automatically across multiple targets, which may include the Amazon Elastic Compute Cloud (Amazon EC2) instances, or even containers or IP addresses, in one or more Availability Zones. ELB dynamically scales in or out to accommodate changes in incoming traffic. Auto Scaling incurs no additional operation since, when you configure ELB with Auto Scaling, instances launched with Auto Scaling are automatically registered with the load balancer. Refer to the Route Traffic with Amazon Elastic Load-Balancing documentation for specifics.

3. True or False: When a user uses Elastic Load Balancing (ELB) with an Auto Scaling group, it is not necessary to manually register individual Amazon Elastic Compute Cloud (Amazon EC2) instances with the load balancer.

  • True (CORRECT)
  • False

Correct: New instances automatically register themselves with the load balancer as they are launched. For more information, please see the Amazon EC2 Auto Scaling documentation.

4. An application must choose target groups by using a rule that is based on the path of a URL. Which Elastic Load Balancing (ELB) type should be used for this use case?

  • Network Load Balancer
  • Application Load Balancer (CORRECT)
  • Classic Load Balancer
  • Gateway Load Balancer

Correct: The Application Load Balancer is the layer 7 load balancer that primarily distributes HTTP and HTTPS traffic and supports routing based on rules. For additional details, see Route Traffic with Amazon Elastic Load Balancing.

5. What are the two ways that an application can be scaled?

  • Diagonally and vertically
  • Vertically and horizontally (CORRECT)
  • Horizontally and diagonally
  • Independently and vertically

Correct: There are two methods to scale an application; vertically by increasing resources (like CPUs, memory) of existing machines, and horizontally-adding additional machines to a common resource pool. Please refer to the Optimizing Solutions on AWS documentation for more details.

6. Which elements in Amazon CloudWatch dashboards can be used to view and analyze metrics?

  • Widgets (CORRECT)
  • Metrics
  • Icons
  • Components

Correct: Widgets are the features that you can add to your dashboards in Amazon CloudWatch. Read more about them in the Introduction to Amazon CloudWatch video.

7. What are the possible states of a metric alarm in Amazon CloudWatch?

  • OK, ALARM, NOT_AVAILABLE
  • OK, ALERT, INSUFFICIENT_DATA
  • OK, ALARM, INSUFFICIENT_DATA (CORRECT)
  • OK, ALERT, NOT_AVAILABLE

Correct: Data pollution concerns only a few key states of CloudWatch metric alarm-the following summarizes them with a note of the additional details:

OK: This state indicates the threshold for the metric to be passed for this example scenario potential use case: monitoring CPU utilization with an alarm when the crossing is found at 80%. Otherwise, it will represent in a state OK.

ALARM: This is the state in which the metric has risen beyond or fallen below the limits set by the threshold. For example, using the above case, the monitored data will alert you in ALARM because the CPU’s utilization has exceeded the 80% threshold.

INSUFFICIENT_DATA: This state is triggered when CloudWatch does not have enough data to determine if the metric is within the stated threshold. For instance, the metric has only just begun; there has not been any data collected during the duration defined, or the metric may be unavailable for one or many reasons-for example, during a changeover time or no input data. In order to properly assess alarm state, CloudWatch requires a sufficient amount of data.

8. What kind of data can a company collect with VPC Flow Logs?

  • Data about network traffic that comes into and out of a virtual private cloud (VPC) (CORRECT)
  • Malicious activity and unauthorized behavior
  • Configurations of AWS resources
  • Compliance-related information

Correct: VPC Flow Logs allow a company to collect data on the bandwidth entering and leaving their VPC. The specifics can be found in the Monitoring subsection on AWS.

9. What is a benefit of monitoring on AWS?

  • Monitoring creates operation overhead.
  • Monitoring recognizes security threats and events. (CORRECT)
  • Monitoring decreases the performance and reliability of resources.
  • Increases speed and agility

Correct: Users are tracking resources, events, and systems with the passage of time when a baseline is established by such means. A baseline represents normal activity and can, therefore, assist the users in finding anomalies, which can include anything from traffic spikes occurring without warning to unfamiliar IP addresses accessing resources. Once an anomaly has been recorded, an alert can be triggered or an investigation event can be initiated. More information about these can be found in the Reading: Monitoring on AWS section.

10. True or False: When a company redesigns an application by using a serverless service on AWS, they might not need to configure networking components, such as a virtual private cloud (VPC), subnets, and security groups.

  • T​rue (CORRECT)
  • F​alse

Correct: AWS Lambda executes by default functions inside a secured VPC-with access to AWS services and the Internet. For more information, consult the Redesigning the Employee Directory Application section.

END OF COURSE ASSESSMENT

1. What are the four main factors you should take into consideration when choosing a Region?

  • Latency, price, service availability, and compliance. (CORRECT)
  • Latency, security, high availability, and resiliency.
  • Latency, taxes, speed, and compliance.
  • Latency, high availability, taxes, and compliance.

Correct: When it comes to picking the right AWS Region for hosting your applications or workloads, you need to think of latency, pricing, service availability as well as compliance. Considering them allows you to make a well-thought-out decision while selecting an AWS Region. For more information, refer to the video “AWS Global Infrastructure.”

2. Which of the following best describe the relationship between Regions, Availability Zones and data centers?

  • Regions are clusters of Availability Zones. Availability Zones are clusters of data centers. (CORRECT)
  • Data centers are cluster of Availability Zones. Regions are clusters of Availability Zones.
  • Data centers are clusters of Regions. Regions are clusters of Availability Zones.
  • Availability Zones are clusters of Regions. Regions are clusters of data centers.

Correct: Available for high availability and redundancy, the AWS Global Infrastructure comes with many promises such as AWS Regions made up of clusters or pools of Availability Zones interconnected by high-speed available and redundant links. Availability Zones will also be similar; they are pools of highly available data centers that are redundant and interconnected through high-speed connections. Further details can be found in the video, “AWS Global Infrastructure.”

3. Which of the following can be found in an IAM policy?

  • Effect
  • Action
  • Object
  • A and B (CORRECT)
  • B and C

Correct: A policy is a rough equivalent to an object that denotes permissions with respect to an identity or resource when associated with both. The evaluation of these policies occurs when an IAM principal makes a request. Permissions contained in one’s policy will finally determine how the request gets processed – allowed or denied. Most policies exist in AWS in terms of being JSON documents attached to some IAM identity, such as user, group of users, or role. The general structure of a policy statement consists of the following:

Version: A directive that signals which version of the policy language is being implemented (a practice considered best is to use the latest version, i.e. 2012-10-17).

Statement: This is the main element; it can have multiple statements as it contains the other elements.

Sid (Optional): Optional statement identifier that helps to distinguish between multiple statements.

Effect: An indication of whether the policy grants access or denies it, using either Allow or Deny.

Principal (Typically required): This defines the account, user, role, or federated user granted or denied access, but it must only be included in resource-based policies; for all IAM policies, principal is implied.

Action: Specifies which actions the policy allows or denies.

Resource (Typically required): This describes which resources the actions affect; this is mandatory in IAM policies. For resource-based policies, this element is optional.

Condition (Optional): Specifies the conditions whereby access is accorded by the policy.

This is the content of video and reading in Introduction to Amazon’s Identity and Access Management.

4. Users in your company are authenticated in your corporate network and want to be able to use AWS without having to sign in again. Which AWS authentication option should you use?

  • AWS Root User
  • IAM User
  • IAM Role (CORRECT)
  • IAM Group

Correct: Rather than an IAM user for every available employee that would require access to the AWS account, federate employees using IAM Roles. This enables you to manage permissions more efficiently. For detailed info, see AWS Identity Federation. This will also be discussed in the Role-Based Access in AWS reading and video.

5. What must you do to allow resources in a public subnet to communicate with the internet?

  • Create a route to a private subnet.
  • Attach an internet gateway to your VPC.
  • Create a route in a route table to the internet gateway.
  • A and B
  • B and C (CORRECT)

Correct: To allow your resources to communicate with the internet, attach an internet gateway to your VPC and create a route in a route table for this traffic to go through the internet gateway. This route table should then be associated with the subnet containing your internet-facing resources. Also, ensure that the internet-facing resources have a public ip address. Ensure to follow the link: “Introduction To Amazon VPC”, “Amazon VPC Routing”.

6. What does an Amazon EC2 instance type indicate?

  • Instance AMI and networking speed
  • Instance tenancy and instance billing
  • Instance placement and instance size
  • Instance family and instance size (CORRECT)

Correct: Amazon EC2 has been providing a suite of instance types optimized for all sorts of uses. These instance types come in various CPU, memory, storage and networking capacities, so you can select exactly the amount of any combination of resources that your applications might benefit from. Instance types come in multiple sizes for their respective types, providing the elasticity of scaling according to workload requirements. This information is part of the Introduction to Amazon Elastic Compute Cloud video and accompanying reading material.

7. Which of the following is a typical use case for Amazon S3?

  • File storage for multiple EC2 instances
  • Object storage for media hosting (CORRECT)
  • Block storage for an EC2 instance
  • Object storage for a boot drive

Correct: Amazon S3 is an object storage service that specializes in the storage of huge objects such as media files. S3 is well suited for housing uploads of video, photo, or music files thanks to its capacity to store an unlimited number of objects and its individual object size support of up to 5 TB. The content discussed here is stored in the Object Storage with Amazon S3 resource.

8. You are an employee at a healthcare facility tasked with storing 7 years of patient information that is rarely accessed. Your boss wants you to consider one of the Amazon S3 storage tiers to store this information. Which storage tier should you suggest?

  • S3 Standard
  • S3 Standard-Infrequent Access
  • S3 Glacier Deep Archive (CORRECT)
  • S3 Intelligent-Tiering

Correct: It is the economic storage class in Amazon S3 which is intended for very long retention and digital preservation of infrequently accessed data, such as once or twice in a year-the second storage option in Amazon S3: Amazon Glacier Deep Archive. Its specific features make it suitable to highly regulated industries such as Financial Services, Healthcare, and the Public Sector. These industries generally require data retention of seven years or longer in compliance with regulatory requirements. This is what you will find in Reading 3.3.

9. When using Amazon Relational Database Service you are responsible for what task of running and operating the database?

  • Optimizing the database (CORRECT)
  • Provisioning and managing the underlying infrastructure
  • Installing the RDBMS onto the DB instance
  • Installing patches to the OS for the DB instance

Correct: The entire underlying infrastructure on which the database runs is not managed anymore when using Amazon RDS. Instead, the user is advised to work on the database itself, as Amazon RDS will manage everything else: hardware, patching, backups, etc. View more in the Explore Databases on AWS video.

10. True or false: A Multi-AZ deployment is beneficial when you want to increase the availability of your database.

  • True (CORRECT)
  • False

Correct: When you use Amazon RDS, the DB instance is assigned to one subnet of a single Availability Zone (AZ). However, even if you develop an application for multi subnet multi-AZ, it is advisable to deploy it in a Multi-AZ, which ensures that even if one AZ goes temporarily unresponsive, your database is still available. This information is well contained in the Introduction to Amazon Relational Database Service video.

11. What are the three components of EC2 Auto Scaling?

  • Launch template, scaling policies, EC2 Auto Scaling group (CORRECT)
  • Scaling policies, security group, EC2 Auto Scaling group
  • Security group, instance type, Key pair
  • AMI ID, instance type, storage

Correct: Launch template or launch configuration for instance configuration, EC2 Auto Scaling group and scaling policy. Each of these elements is actually essential for operating EC2 Auto Scaling services. With the launch configuration or the launch template, you set up a configuration for your EC2 instances. Then you create an EC2 Auto Scaling Group, which allows you to specify the minimum, maximum, and desired capacity for your instances. Then you define one or more scaling policies to configure the group for scaling according to specific conditions or schedule. For more information, refer to the video on Amazon EC2 Auto Scaling.

12. Which of the following ELB load balancer types should be used for an application requiring to choose target groups with a rule based on the domain of a website?

  • Application Load Balancer (CORRECT)
  • Target Load Balancer
  • Network Load Balancer
  • Classic Load Balancer

Correct: Application Load Balancer is a Layer 7 load balancer that has an advanced routing rule to route HTTP and HTTPS traffic. Therefore, this is the best option to use in applications requiring this capability. Watch the video Route Traffic with Amazon Elastic Load Balancing to know more.

CONCLUSION

TBW

Leave a Comment