Private vs. Public vs. Elastic IP
Understanding IP addressing behaviour is critical for the exam, especially regarding instance lifecycle events (Stop/Start).
Private
- Definition: The internal IP address used for communication within the VPC.
- Persistence: Retained for the life of the instance. If you
StopandStartthe instance, the Private IP does not change. - Scope: Only reachable within the VPC or via VPN/Direct Connect (unless NAT is used).
Public
- Definition: An IP address reachable from the internet.
- Behaviour:
- Assigned automatically if
Auto-assign Public IPis enabled in the subnet settings or requested at launch. - Dynamic: If you Stop and Start the instance, the Public IP will change.
- Hostname: Cannot be manually moved between instances.
- Assigned automatically if
Elastic IP (EIP)
- Definition: A static, fixed Public IP address allocated to your AWS account.
- Use Case: Masking instance failures by rapidly remapping the address to another instance.
- Behaviour:
- You own it until you release it.
- Static: It does not change if you stop/start the instance.
- Scope: Region-specific (cannot move an EIP from us-east-1 to us-west-2).
- Cost:
- Free if attached to a running instance and it is the only EIP attached.
- Charges apply if: The instance is stopped, the EIP is unattached, or you have more than one EIP attached to a running instance.
EC2 Placement Groups
Placement groups determine how instances are placed on underlying hardware to optimize for performance, durability, or availability.
| Type | Description | Use Case | Constraint |
|---|---|---|---|
| Clustered | Instances are packed close together inside a single. Provides low latency and high network throughput (10Gbps+). | High Performance Computing (HPC), tightly coupled applications, supercomputing | Single AZ only. High risk of concurrent failure if the rack fails. |
| Spread | Instances are placed on distinct underlying hardware (different racks). Maximizes availability. | Critical applications where individual instances must be isolated from each other’s hardware failure. | Max 7 instances per AZ per placement group. |
| Partition | Instances are spread accross logical partitions (groups of racks). Instances in one partition do not share hardware with instances in other partition. | Distributed & Big Data workloads: Hadoop, Cassandra, Kafka | Can span multiple AZs. Scales to 100s of instances. |
Elastic Network Interfaces (ENI) - Overview
An ENI is a logical networking component in a VPC that represents a virtual network card.
- Scope: Bound to a specific Availability Zone (AZ). You cannot attach an ENI created in AZ A to an instance in AZ B.
- Attributes: An ENI can have:
- A primary private IPv4 address.
- One or more secondary private IPv4 addresses.
- One Elastic IP address (per private IPv4).
- One public IPv4 address.
- One or more security Groups
- A MAC address.