Overview

  • AMI,AWS计算机映像 (Amazon Machine Image)
  • AMI 是定制的EC2 instance (对比传统的Ghost)
  • 与安装软件、配置、操作系统、监控……
  • 节约启动、配置的时间
  • AMI 映像,在创建的区域(region)有效, 跨区域需要复制
  • 可以从下列映像启用EC2:
  • A public AMI
  • Your own AMI
  • An AWS Marketplace AMI

从EC2 instance 创建AMI

  1. 启动ec2并进行个性化设置
  2. 停止EC2,保证数据完整性
  3. 创建AMI, 同时创建EBS snapshots
  4. 从其它AMI启动EC2

AWS学习笔记5:AMI, local store, EBS, EFS_linux

EC2 instance的存储 (实例存储卷)

  • EBS卷,是网络存储器,性能有限
  • 需要高性能的硬盘,使用EC2 Instance Store
  • better I/O performance
  • ephemeral: terminate系统即消失
  • Good for buffer/cache/scrachth data/temporary content
  • 硬件故障导致数据丢失的风险
  • Instance 所有者自行备份和复制数据

EBS 卷的类型

  • EBS卷支持6种类型
  • gp2/gp3 (SSD),通用型 SSD, General Perpose SSD:提供经济实惠的存储,是广泛工作负载的理想选择。​​gp2​​​ 卷的性能与卷大小关联,卷大小确定卷的基准性能水平以及积累 I/O 积分的速度;卷越大,基准性能级别就越高,I/O 积分积累速度也越快。I/O 积分表示您的​​gp2​​ 卷在需求超过基准性能时可用来突增大量 I/O 的可用带宽。您的卷拥有的 I/O 点数越多,它在需要更高性能时可以超过其基准性能水平的突增时间就越长,表现也越好。
  • io1/io2 (SSD),预置 IOPS SSD 卷, IOPS SSD:旨在满足 I/O 密集型工作负载(尤其是数据库工作负载)的需要,这些工作负载对存储性能和一致性非常敏感。预置 IOPS SSD 卷使用一致的 IOPS 速率,该速率在创建卷时指定。
  • st 1(HDD),吞吐量优化型 HDD, Throughput Optimized HDD: 低价格,针对大型流式处理工作负载进行了优化,其中主要的性能属性是吞吐量。如 Big data, data warehouses, Log processing
  • sc 1 (HDD), Cold HDD: 低价格,可用于具有较小数据集的工作负载的硬盘,在这些工作负载中,数据访问不频繁,性能不是最重要的.
  • EBS卷的特征包括:
  • 容量
  • 吞吐量
  • IOPS ( I/O Ops Per Sec)
  • st 1, sc1, 不能用作 boot volumes

AWS学习笔记5:AMI, local store, EBS, EFS_linux_02


AWS学习笔记5:AMI, local store, EBS, EFS_elastic_03

EBS卷挂载

  • 通过 Amazon EBS 多重挂载,可以将单个预置 IOPS SSD(​​io1​​​ 或 ​​io2​​)卷挂载到位于同一可用区中的多个实例。
  • 仅在预置 IOPS SSD 卷 上支持多重挂载。
  • 标准文件系统(例如 XFS 和 EXT4)不能被多个服务器(例如 EC2 实例)同时访问 !!!将多重挂载与标准文件系统结合使用可能会导致数据损坏或丢失!!!
  • 每个附加的实例都能够将其最大 IOPS 性能提升到卷的最大预置性能。但是,所有附加的实例的总体性能不能超过卷的最大预置性能

EBS卷加密

  • When you create an encrypted EBS volume, you get the following:
  • Data at rest is encrypted inside the volume
  • All the data in flight moving between the instance and the volume is encrypted
  • All snapshots are encrypted
  • All volumes created from the snapshot
  • Encryption and decryption are handled transparently (you have nothing to do)
  • Encryption has a minimal impact on latency
  • EBS Encryption leverages keys from KMS (AES-256)
  • Copying an unencrypted snapshot allows encryption
  • Snapshots of encrypted volumes are encrypted

Encryption: encrypt an unencrypted EBS volume

  1. Create an EBS snapshot of the volume 创建卷的快照
  2. Encrypt the EBS snapshot (using copy) 复制快照,并选择加密
  3. Create new ebs volume from the snapshot (the volume will also be encrypted) 从加密的快照创建新的卷
  4. Now you can attach the encrypted volume to the original instance 将加密的卷关联到实例

EFS – Elastic File System

  • Managed NFS (network file system) that can be mounted on many EC2
  • EFS works with EC2 instances in multi-AZ

AWS学习笔记5:AMI, local store, EBS, EFS_elastic_04

  • Highly available, scalable, expensive (3x gp2), pay per use
  • Use cases: content management, web serving, data sharing,Wordpress
  • Uses NFSv4.1 protocol
  • Uses security group to control access to EFS
  • Compatible with Linux based AMI (not Windows)
  • Encryption at rest using KMS
  • POSIX (Portable Operating System Interface 可移植操作系统接口) file system (~Linux) that has a standard file API
  • File system scales automatically, pay-per-use, no capacity planning!

EFS – Performance & Storage Classes

  • EFS Scale
  • 1000s of concurrent NFS clients, 10 GB+ /s throughput
  • Grow to Petabyte-scale network file system, automatically
  • Performance mode (set at EFS creation time)
  • General purpose (default): latency-sensitive use cases (web server, CMS, etc…)
  • Max I/O – higher latency, throughput, highly parallel (big data, media processing)
  • Throughput mode
  • Bursting (1 TB = 50MiB/s + burst of up to 100MiB/s)
  • Provisioned: set your throughput regardless of storage size, ex: 1 GiB/s for 1 TB storage
  • Storage Tiers (lifecycle management feature – move file after N days)
  • Standard: for frequently accessed files
  • Infrequent access (EFS-IA): cost to retrieve files, lower price to store

EBS vs EFS – Elastic Block Storage

  • EBS volumes…
  • can be attached to only one instance at a time
  • are locked at the Availability Zone (AZ) level
  • gp2: IO increases if the disk size increases
  • io1: can increase IO independently
  • To migrate an EBS volume across AZ
  • Take a snapshot
  • Restore the snapshot to another AZ
  • EBS backups use IO and you shouldn’t run them while your application is handling a lot of traffic
  • Root EBS Volumes of instances get terminated by default if the EC2 instance gets terminated (you can disable that)

EBS vs EFS – Elastic File System