November 23, 2017

NAT Gateway vs NAT Instances

Some around the web readings on NAT Gateway vs NAT Instances.

o NAT Instance – old one; NAT Gateway is relatively new, introduced in 2016
o NAT Instance is an EC2 instance
  •  Create an EC2 instance and put it behind default web SG, launch instance.
  •  Create a Route out to the internet from NAT Instance for the go ahead and disable “Source & Destination Check”
  • Attach the instance to the Private Security Group / Default one, go and edit the Route Table of the Main Route Table to allow internet – to the newly created NAT Instance and select the NAT Instance Id (not IGW).
o NAT Gateway
  • NAT Gateway is service which AWS takes care of scaling up, scaling down under lying resources based on the need 
  • Most customers always use NAT Gateway in Production as Failover is taken care internally

NAT Instances
  • When creating a NAT instance, Disable Source / Destination check on the instance
  • NAT instance must be in a public subnet
  • There must be a route out of the private subnet to the NAT instance, in order for this to work
  • The amount of traffic that NAT instances supports, depends on the instance size. If you are bottlenecking, increase the instance size
  • You can create high availability using AutoScaling Groups, multiple subnets in different AZ’s and a script to automate failover. This is extremely painful but can be done. Customers always complain about this pain point and hence the NAT Gateways were created.
  • NAT Instances are always behind a SG.

NAT Gateways
  • Relatively new service
  • Preferred by the enterprise
  • Scale automatically upto 10 Gbps
  • No need to patch
  • Not associated with SGs
  • Automatically assigned with public IP
  • Remember to update your route tables
  • No need to disable Source / Destination checks.

November 3, 2017

Tips for `AWS Certified Solution Architect - Associate` Preparation

Self Evalution:

Take Diagnostic Test (60 questions 80 mins) in whizlabs practise-tests to guage your strength and weaknesses before you begin your preparation.

If you have very limited knowledge wrt AWS, move on to #1 under Course Material.

Course Material

1. AWS Certified Solutions Architect - Associate 2017 from A Cloud Guru in - Should be around $10.
Tips 1: This course starts from zero and covers upto 80% of the course, provided you read all the FAQs & white papers as advised by the instructor. Good to start with this and go for Linux Academy]
Tips 2: Complete all Labs & repeat VPC lab couple of times
Tips 3: Mobile app is also good, if you would want to listen on the move.
2. - AWS Certified Solutions Architect - Associate Badge (Optional)
3.AWS Certified Solutions Architect - Associate from Linux Academy 
Tips 1: Complete all labs from LA and read all the whitepapers referrred in downloads section. Subnetting & EC2 trouble shooting is well explained there.
Tips 2: Mobile app is also good if you would want to listen on the move, especially for the flash cards & final quiz.
4. Linux Academy - The Orion paper is a good reference material

Practise Tests

  1. Linux Academy Chapter Quiz - Final Quiz
  2. -> Costs around INR 899/- but around 20 questions will come from this whizlabs, so worth practising all 7 or 8 papers they have.