来源:AWS解决方案架构师认证-助理级(SAA-C03)仿真练习题
3 题,免费题库,题目质量不高,仅供自己复习使用。
如果侵权请联系删除。
🌟 单词:
- desiren. 愿望,欲望;情欲 | v. 渴望 | adj. 渴望的,想要的,预期的
- restrictv. 限制,约束;限定
- fulfillv. 做完(工作), 达到(目的), 应验(预言等), 满足(希望)
- maintainv. 维持;维修,保养;赡养,负担,支持;主张,断言;保卫,守住
一、Auto Scaling
An application runs on Amazon EC2 instances across multiple Availability Zones. The instances run in an Amazon EC2 Auto Scaling group behind an Application Load Balancer. The application performs best when the CPU utilization of the EC2 instances is at or near 40%.
What should a solutions architect do to maintain the desired performance across all instances in the group?
- Use a simple scaling policy to dynamically scale the Auto Scaling group.
- ✅ Use a target tracking policy to dynamically scale the Auto Scaling group.
- Use an AWS Lambda function to update the desired Auto Scaling group capacity.
- ❌ Use scheduled scaling actions to scale up and scale down the Auto Scaling group.
✨ 关键词:Auto Scaling group(自动扩展组)、target tracking policy(目标跟踪扩展策略)、simple scaling policy(简单扩展策略)、scheduled scaling actions(预先的扩展动作)
4️⃣ ❌ -> 2️⃣ ✅
💡 解析:考点为扩展策略的分类和使用场景:
- 动态扩展策略:
- 目标跟踪扩展策略:根据设置的整个组的指标(例如平均 CPU 使用率)动态地调整实例数量。
- 简单扩展策略:指标触发某个值之后,就做什么(扩容几台实例等)。
- 步进扩展策略:指标触发某个值之后,就做什么(扩容几台实例等);指标再触发什么条件后,再做什么…
- 计划扩展策略:定义 Auto Scaling 要扩展的时间,以及我们想要扩展多少个实例。
主要针对可以预见的、比方说早上用户多的情况,扩展实例数量。
- 预测性扩展策略:根据先前发生的事件的历史记录预测将要发生的事件,然后在特定的时间扩缩实例。
题目中有指定的
40%CPU 使用率目标,因此选 2️⃣target tracking policy。
二、VPC endpoints
A company has application running on Amazon EC2 instances in a VPC. One of the applications needs to call an Amazon S3 API to store and read objects. The company’s security policies restrict限制 any internet-bound traffic from the applications.
Which action will fulfill these requirements and maintain security?
1. ✅ Configure an S3 interface endpoint.
2. ❌ Configure an S3 gateway endpoint.
3. Create an S3 bucket in a private subnet.
4. Create an S3 bucket in the same Region as the EC2 instance.
✨ 关键词:私网、S3 网关终端节点、VPC endpoints
2️⃣ ❌ -> 1️⃣ ✅
💡 解析:A VPC endpoint enables you to privately connect your VPC to supported AWS services and VPC endpoint services powered by AWS PrivateLink without requiring an internet gateway, NAT device, VPN connection, or AWS Direct Connect connection. Instances in your VPC do not require public IP addresses to communicate with resources in the service. Traffic between your VPC and the other service does not leave the Amazon network.
An interface endpoint is an elastic network interface with a private IP address from the IP address range of your subnet that serves as an entry point for traffic destined to a supported service. Interface endpoints are powered by AWS PrivateLink, a technology that enables you to privately access services by using private IPaddresses. AWS PrivateLink restricts all network traffic between your VPC and services to the Amazonnetwork. You do not need an internet gateway, a NAT device, or a virtual private gateway.
Reference:
https://aws.amazon.com/blogs/aws/new-vpc-endpoint-for-amazon-s3/
https://docs.aws.amazon.com/vpc/latest/userguide/vpc-endpoints.html
中文文档:使用接口 VPC 端点访问 AWS 服务。
三、Amazon EFS
A company is hosting a web application on AWS using a single Amazon EC2 instance that stores user-uploaded documents in an Amazon EBS volume. For better scalability and availability, the company duplicated the architecture and created a second EC2 instance and EBS volume in another Availability Zone, placing both behind an Application Load Balancer. After completing this change, users reported that each time they refreshed the website, they could see one subset of their documents or the other, but never all of the documents at the same time.
What should a solutions architect propose to ensure users see all of their documents at once?
- Copy the data so both EBS volumes contain all the documents.
- Configure the Application Load Balancer to direct a user to the server with the documents.
- ✅ Copy the data from both EBS volumes to Amazon EFS. Modify the application to save new documents to Amazon EFS.
- Configure the Application Load Balancer to send the request to both servers. Return each document from the correct server.
✨ 关键词:Amazon EFS
3️⃣ ✅
💡 解析:Amazon EFS provides file storage in the AWS Cloud. With Amazon EFS, you can create a file system, mount the file system on an Amazon EC2 instance, and then read and write data to and from your file system. You can mount an Amazon EFS file system in your VPC, through the Network File System versions 4.0 and 4.1 (NFSv4) protocol. We recommend using a current generation Linux NFSv4.1 client, such as those found in the latest Amazon Linux, Redhat, and Ubuntu AMIs, in conjunction with the Amazon EFS Mount Helper. For instructions, see Using the amazon-efs-utils Tools.
For a list of Amazon EC2 Linux Amazon Machine Images (AMIs) that support this protocol, see NFS Support. For some AMIs, you’ll need to install an NFS client to mount your file system on your Amazon EC2 instance. For instructions, see Installing the NFS Client.
You can access your Amazon EFS file system concurrently from multiple NFS clients, so applications that scale beyond a single connection can access a file system. Amazon EC2 instances running in multiple Availability Zones within the same AWS Region can access the file system, so that many users can access and share a common data source.
How Amazon EFS Works with Amazon EC2:
Reference:
https://docs.aws.amazon.com/efs/latest/ug/how-it-works.html#how-it-works-ec2
视频课截图:
