Understanding AWS Essentials: Placement Groups, Elastic IP, EFA, and EC2 Key Pairs

DEVESH NEMADEDEVESH NEMADE
5 min read

Placement Group

  • Cluster
    Packs instances close together inside an Availability Zone. This strategy enables workloads to achieve the low-latency network performance necessary for tightly-coupled node-to-node communication that is typical of high-performance computing (HPC) applications.

  • Partition
    Spreads your instances across logical partitions such that groups of instances in one partition do not share the underlying hardware with groups of instances in different partitions. Amazon EC2 ensures that each partition within a placement group has its own set of racks. Each rack has its own network and power source. No two partitions within a placement group share the same racks, allowing you to isolate the impact of hardware failure within your application.
    This strategy is typically used by large distributed and replicated workloads, such as Hadoop, Cassandra, and Kafka.

  • Spread
    Strictly places a small group of instances across distinct underlying hardware to reduce correlated failures.

Placement groups are optional. If you don't launch your instances into a placement group, EC2 tries to place the instances in such a way that all of your instances are spread out across the underlying hardware to minimize correlated failures.
There is no charge for creating a placement group.

Rules and Limitations

  • An instance can be placed in one placement group at a time; you can't place an instance in multiple placement groups.

  • You can't merge placement groups.

  • You can't launch Dedicated Hosts in placement groups.

  • You can't launch a Spot Instance that is configured to stop or hibernate on interruption in a placement group.

Elastic IP

Elastic IP address is a static IPv4 address designed for dynamic cloud computing. An Elastic IP address is allocated to your AWS account, and is yours until you release it.

  • An Elastic IP address is static; it does not change over time.

  • An Elastic IP address is for use in a specific Region only, and cannot be moved to a different Region.

  • An Elastic IP address comes from Amazon's pool of IPv4 addresses, or from a custom IPv4 address pool that you have brought to your AWS account. We do not support Elastic IP addresses for IPv6.

  • To use an Elastic IP address, you first allocate one to your account, and then associate it with your instance or a network interface.

  • When you associate an Elastic IP address with an instance, it is also associated with the instance's primary network interface. When you associate an Elastic IP address with a network interface that is attached to an instance, it is also associated with the instance.

  • When you associate an Elastic IP address with an instance or its primary network interface, if the instance already has a public IPv4 address associated with it, that public IPv4 address is released back into Amazon's pool of public IPv4 addresses and the Elastic IP address is associated with the instance Instead. You cannot reuse the public IPv4 address previously associated with the instance and you cannot convert that public IPv4 address to an Elastic IP address.

By default, all AWS accounts have a quota of five (5) Elastic IP addresses per Region.

Elastic Network Interface

Primary Network Interface

Each instance has a default network interface, called the primary network interface. You can't detach a primary network interface from an instance.

Secondary Network Interfaces

You can create and attach secondary network interfaces to your instance. The maximum number of network interfaces varies by instance type.

You can associate an Elastic IP address with one of the private IPv4 addresses for the network interface. You can associate one Elastic IP address with each private IPv4 address. If you disassociate an Elastic IP address from a network interface, you can release it or associate it with a different instance.

Per network interface generally supports up to 30 private IP.

Elastic Fabric Adapter

An Elastic Fabric Adapter (EFA) is a network device that you can attach to your Amazon EC2 instance to accelerate Artificial Intelligence (AI), Machine Learning (ML), and High Performance Computing (HPC) applications.

  • EFA traffic can't cross Availability Zones or VPCs. This does not apply to normal IP traffic from the ENA device of an EFA interface.

  • EFA traffic is not routable. Normal IP traffic from the ENA device of an EFA interface remains routable. EFA is available as an optional Amazon EC2 networking feature that you can enable on any supported instance at no additional cost.

Differences between ENA, EFA, and EFA-only network interfaces

  • ENA interfaces provide all of the traditional IP networking and routing features that are required to support IP networking for a VPC. For more information, see Enable enhanced networking with ENA on your EC2 instances.

  • EFA (EFA with ENA) interfaces provide both the ENA device for IP networking and the EFA device for low-latency, high-throughput communication.

  • EFA-only interfaces support only the EFA device capabilities, without the ENA device for traditional IP networking.

EBS Encryption

You can encrypt both the boot and data volumes of an EC2 instance.

When you create an encrypted EBS volume and attach it to a supported instance type, the following types of data are encrypted:

  • Data at rest inside the volume

  • All data moving between the volume and the instance

  • All snapshots created from the volume

  • All volumes created from those snapshots

EC2 Key Pair

A key pair, consisting of a public key and a private key, is a set of security credentials that you use to prove your identity when connecting to an Amazon EC2 instance. For Linux instances, the private key allows you to securely SSH into your instance. For Windows instances, the private key is required to decrypt the administrator password, which you then use to connect to your instance.

Amazon EC2 stores the public key on your instance, and you store the private key, as shown in the following diagram. It's important that you store your private key in a secure place because anyone who possesses your private key can connect to your instances that use the key pair.

Note: Because Amazon EC2 doesn't keep a copy of your private key, there is no way to recover a private key if you lose it. However, there can still be a way to connect to instances for which you've lost the private key.

If Lost Your Private Key

If you lose the private key for an EBS-backed instance, you can regain access to your instance. You must stop the instance, detach its root volume and attach it to another instance as a data volume, modify the authorized_keys file with a new public key, move the volume back to the original instance, and restart the instance.

0
Subscribe to my newsletter

Read articles from DEVESH NEMADE directly inside your inbox. Subscribe to the newsletter, and don't miss out.

placementgruopefa awsNIC awaws elastic ipkeypair

Written by

DEVESH NEMADE
DEVESH NEMADE