EC2 — Concept
What it is
Amazon Elastic Compute Cloud (EC2) = on-demand virtual machines ("instances") running in AWS. You pick the OS, CPU/RAM/network shape, storage, and network — AWS handles the host hardware, hypervisor, and physical data center.
Why it exists
To replace owning physical servers with elastic, pay-as-you-go capacity that can scale from one instance to thousands in minutes, across multiple regions and AZs.
How it works
- An AMI (Amazon Machine Image) is the template — OS + pre-installed software + permissions.
- A launch template (or older launch configuration) defines the AMI, instance type, key pair, security groups, user-data, and storage.
- Instance runs in a VPC subnet inside one Availability Zone. To survive an AZ outage you need Multi-AZ via an Auto Scaling Group + ELB.
- Storage options: EBS (network block, persistent), Instance Store (local NVMe, ephemeral), EFS (shared NFS), FSx (managed file systems).
- Access controlled by Security Groups (stateful, allow-only) and NACLs (stateless, subnet-level).
Instance families (memorize the letter)
| Family | Use | Examples |
|---|---|---|
| General purpose | Balanced CPU/RAM | t3, t4g, m6i, m7g |
| Compute optimized | CPU-heavy (HPC, batch, gaming servers) | c6i, c7g |
| Memory optimized | Large in-memory DB / caches | r6i, x2, z1d |
| Storage optimized | High local IOPS (NoSQL, data warehouses) | i4i, d3, h1 |
| Accelerated computing | GPU / ML / FPGA | p5, g5, inf2, trn1 |
Purchase options (BIG exam topic)
| Option | Commitment | Discount | Use when |
|---|---|---|---|
| On-Demand | None | 0 % | Short, unpredictable workloads, dev/test |
| Reserved Instances (RI) | 1 or 3 yr | up to ~72 % | Steady-state production |
| Savings Plans | 1 or 3 yr, $/hr commit | up to ~72 % | Flexible across instance family/region (Compute SP) or family-locked (EC2 Instance SP) |
| Spot | None (can be reclaimed with 2-min notice) | up to ~90 % | Fault-tolerant, stateless, batch, CI, big-data |
| Dedicated Host | Per-host, optional 1/3 yr | — | BYOL licenses (Windows, Oracle), compliance |
| Dedicated Instance | None | — | Hardware isolation, no host visibility |
| Capacity Reservations | None (pay even if unused) | 0 % | Guaranteed capacity in an AZ for a known event |
When to use vs alternatives
| Use ... | Instead of ... | When ... |
|---|---|---|
| Lambda | EC2 | Workload is event-driven, < 15 min, stateless |
| ECS/Fargate | EC2 | Containerized, don't want to manage OS patching |
| Lightsail | EC2 | Tiny predictable workload, fixed monthly price |
| Batch | EC2 | Long-running queued batch jobs (uses EC2/Fargate underneath) |
Limits & defaults
- Default vCPU limit per region for On-Demand standard instances: starts low, must request increase.
- 5 SGs per ENI by default (soft-limit, max 16).
- Spot interruption notice: 2 minutes.
- User-data runs once at first boot by default (
cloud-init). - Stopping an instance is free (you still pay for EBS); terminating deletes the root EBS volume by default.
- Hibernate preserves RAM to EBS root volume (must be encrypted, supported families only).
- Placement groups: Cluster (low latency, single AZ), Spread (≤7 per AZ, separate hardware), Partition (up to 7 partitions per AZ, big distributed apps like HDFS/Cassandra).
Common exam scenarios
- "Lowest cost for fault-tolerant batch processing" → Spot Instances (often in an ASG with mixed instances policy).
- "Steady 24/7 production DB server, want best price" → Reserved Instance or Compute Savings Plan.
- "Need lowest network latency between nodes for HPC" → Cluster placement group + ENA/EFA.
- "Bring-your-own Windows / Oracle license" → Dedicated Host.
- "App must survive AZ failure" → ASG across ≥2 AZs behind an ELB (single EC2 ≠ HA).
- "Need to keep data on the instance after stop" → use EBS root, not Instance Store.
- "Encrypt boot volume on existing unencrypted AMI" → copy AMI with
--encryptedflag, launch from copy.
Exam tip
EC2 alone is never highly available — HA = Auto Scaling Group across multiple AZs + ELB. If a question says "single EC2 in us-east-1a", the right answer almost always involves adding ASG/ELB.