AWS学习笔记（七）：EBS, AMI, EFS

What's an EBS Volume?

• They can only be mounted to one instance at a time (at the CCP level)
• They are bound to a specific availability zone

EBS – Delete on Termination attribute

• Controls the EBS behaviour when an EC2 instance terminates
  • By default, the root EBS volume is deleted (attribute enabled)
  • By default, any other attached EBS volume is not deleted (attribute disabled)
• This can be controlled by the AWS console / AWS CLI
• Use case: preserve root volume when instance is terminated

EBS Snapshots

• Make a backup (snapshot) of your EBS volume at a point in time
• Not necessary to detach volume to do snapshot, but recommended
• Can copy snapshots across AZ or Region

AMI (Amazon Machine Image)

• AMI are a customization of an EC2 instance
  • You add your own software, configuration, operating system, monitoring…
  • Faster boot / configuration time because all your software is pre-packaged
• AMI are built for a specific region (and can be copied across regions)
• You can launch EC2 instances from:
  • A Public AMI: AWS provided
  • Your own AMI: you make and maintain them yourself
  • An AWS Marketplace AMI: an AMI someone else made (and potentially sells)

AMI Process (from an EC2 instance)

• Start an EC2 instance and customize it
• Stop the instance (for data integrity)
• Build an AMI – this will also create EBS snapshots
• Launch instances from other AMIs

EBS Volume Types

• EBS Volumes come in 6 types
  • gp2 / gp3 (SSD): General purpose SSD volume that balances price and performance for a wide variety of workloads
  • io1 / io2 (SSD): Highest-performance SSD volume for mission-critical low-latency or high-throughput workloads
  • st1 (HDD): Low cost HDD volume designed for frequently accessed, throughputintensive workloads
  • sc1 (HDD): Lowest cost HDD volume designed for less frequently accessed workloads
• EBS Volumes are characterized in Size | Throughput | IOPS (I/O Ops Per Sec)
• When in doubt always consult the AWS documentation – it's good!
• Only gp2/gp3 and io1/io2 can be used as boot volumes

EBS –Volume Types Summary

Amazon EBS卷类型

EBS Multi-Attach – io1/io2 family

• Attach the same EBS volume to multiple EC2 instances in the same AZ
• Each instance has full read & write permissions to the volume
• Use case:
  • Achieve higher application availability in clustered Linux applications (ex: Teradata)
  • Applications must manage concurrent write operations
• Must use a file system that's cluster-aware (not XFS, EX4, etc…)

EBS Encryption

• When you create an encrypted EBS volume, you get the following:
  • Data at rest is encrypted inside the volume
  • All the data in flight moving between the instance and the volume is encrypted
  • All snapshots are encrypted
  • All volumes created from the snapshot
• Encryption and decryption are handled transparently (you have nothing to do)
• Encryption has a minimal impact on latency
• EBS Encryption leverages keys from KMS (AES-256)
• Copying an unencrypted snapshot allows encryption
• Snapshots of encrypted volumes are encrypted

Encryption: encrypt an unencrypted EBS volume

• Create an EBS snapshot of the volume
• Encrypt the EBS snapshot (using copy)
• Create new ebs volume from the snapshot (the volume will also be encrypted)
• Now you can attach the encrypted volume to the original instance

EFS – Elastic File System

• Managed NFS (network file system) that can be mounted on many EC2
• EFS works with EC2 instances in multi-AZ
• Highly available, scalable, expensive (3x gp2), pay per use
• Use cases: content management, web serving, data sharing,Wordpress
• Uses NFSv4.1 protocol
• Uses security group to control access to EFS
• Compatible with Linux based AMI (not Windows)
• Encryption at rest using KMS
• POSIX (Portable Operating System Interface 可移植操作系统接口) file system (~Linux) that has a standard file API
• File system scales automatically, pay-per-use, no capacity planning!

EFS – Performance & Storage Classes

• EFS Scale
  • 1000s of concurrent NFS clients, 10 GB+ /s throughput
  • Grow to Petabyte-scale network file system, automatically
• Performance mode (set at EFS creation time)
  • General purpose (default): latency-sensitive use cases (web server, CMS, etc…)
  • Max I/O – higher latency, throughput, highly parallel (big data, media processing)
• Throughput mode
  • Bursting (1 TB = 50MiB/s + burst of up to 100MiB/s)
  • Provisioned: set your throughput regardless of storage size, ex: 1 GiB/s for 1 TB storage
• Storage Tiers (lifecycle management feature – move file after N days)
  • Standard: for frequently accessed files
  • Infrequent access (EFS-IA): cost to retrieve files, lower price to store

EBS vs EFS – Elastic Block Storage

• EBS volumes…
  • can be attached to only one instance at a time
  • are locked at the Availability Zone (AZ) level
  • gp2: IO increases if the disk size increases
  • io1: can increase IO independently
• To migrate an EBS volume across AZ
  • Take a snapshot
  • Restore the snapshot to another AZ
  • EBS backups use IO and you shouldn’t run them while your application is handling a lot of traffic
• Root EBS Volumes of instances get terminated by default if the EC2 instance gets terminated (you can disable that)

EBS vs EFS – Elastic File System

• Mounting 100s of instances across AZ
• EFS share website files (WordPress)
• Only for Linux Instances (POSIX)
• EFS has a higher price point than EBS
• Can leverage EFS-IA for cost savings