access to EC2 (for developers) Agenda – introduction – EC2 in native environment – 3-tier architecture intro – alternative methods of resource connection: – Bastion host – SSM – EC2 Instance Connect DDoS attacks A regular virtual machineIt's a VM. Classic EC2 instance in de‐ fault setting. Resources: EC2SecurityGroup: Type: AWS:: EC2:: SecurityGroup Properties: GroupName: Launch-wizard-13 Launch-wizard-13 GroupDescription: Allow traffic to EC2 SecurityGroupIngress: - CidrIp: 0.0.0.0/0 IpProtocol: -1 SecurityGroupEgress: - CidrIp: 0.0.0.0/0

configuration settings of the service provider. • An Amazon VPC with an EC2 instance ◦ Setting up the VPC ◦ Launching an EC2 instance ▪ In the instance Security Group, allow ICMP traffic from the VPC Authoriz horize rule e rule. 2. For Destination network to enable, specify the IP address of your EC2 instance created in the prerequisites. For example, 172.31.16.0/20 . 3. Under Grant access to, select

⾸先，我们要明确需要覆盖的场景，当前⽆外乎虚机和容器两⼤类了。⽽容器⾥⼜分为
cgroup v1
和
cgroup v2 ，所以总的有三类需要处理：
• 虚机（不同云⼚商有不同的叫法，⽐如
ECS,
EC2
等）
• 容器
cgroup
v1
• 容器
cgroup
v2
这⾥有个特别需要关注的点是：容器是否设置了
cpu limit ，如果没设，就只能⽤可以调度的
cpu
个数来计算，⽐如

“platform-as-as-service” environment that operates on a higher level than an “infrastructure cloud” like Amazon EC2, attempting to share resources with even greater efficiency. The Sandbox: Your applications run

implementation designed to create AJAX powered websites. lib GoAWS - Library for many AWS services (S3, SQS, EC2, etc) lib GoPOP3 - Implements the POP3 protocol as specified in RFC 1939 lib GoRTP - RTP / RTCP stack