© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Rob Alexander, AWS Principal Solutions Architect

August 2016

Amazon EBS Deep Dive

(Flexible)

Block

Store

Elastic

What is Amazon EBS?

EBS

volume

Availability Zone

AWS region

EC2

instance

What is Amazon EBS?

EBS

boot

volume

Availability Zone

AWS region

EC2

instance

EBS

data

volume

EBS

data

volume

Separation of Compute and Storage

Persistent

block storage Compute

Memory

What is Amazon EBS?

EBS

volume

Availability Zone Availability Zone

AWS region

Replica

What is Amazon EBS?

EBS

volume

Availability Zone

AWS region

Amazon

S3EBS snapshot

Availability Zone

Replica

How does an EBS snapshot work?

A B C

EBS volume

A B C

1

How does an EBS snapshot work?

A B C

EBS volume

A B C

12

C1

C1

D E -B

How does an EBS snapshot work?

A B

EBS volume

A B C

12

C1

C1

3

D E

D E -B

AC1

How does an EBS snapshot work?

A

EBS volume

A B C

12

C1

C1

3

D E

C1 D E

A

AC1

ED -B

How does an EBS snapshot work?

A

EBS volume

C1

3

D E

Create new EBS volume

What is Amazon EBS?

EBS

volume

Availability Zone

AWS region

Amazon

S3EBS snapshot

Availability Zone

EBS

volume

Replica Replica

What is Amazon EBS?

EBS

volume

Availability Zone

AWS region

Amazon

S3EBS snapshot

EBS

volume

Availability Zone

AWS region

EBS snapshot

Replica Replica

EBS Snapshot: Public Data Sets

AWS region

Public data sets

available as EBS

snapshots:

Availability Zone

EBS

volume

https://aws.amazon.com/public-data-sets/

• Genomic

• Census

• Global weather

• Transportation

Replica

What if an EBS volume fails?

EBS

volume

Availability Zone

EC2

instance

AWS region

EBS

volume

Replica

What if an EBS volume fails?

Availability Zone

EBS

volume

EC2

instance

AWS region

Replica

What about EC2 instance termination?

Availability Zone

EBS

volume

EC2

instance

DeleteOnTermination = True

DeleteOnTermination = False

AWS region

Replica

What about EC2 instance failure?

Availability Zone

AWS region

EBS

volume

EC2

instance

Replica

What about EC2 instance failure?

Availability Zone

AWS region

EBS

volume

New

EC2

instance

Replica

EBS Enables EC2 Auto Recovery

EBS Enables EC2 Auto Recovery

StatusCheckFailed_System

StatusCheckFailed_Instance

CloudWatch

per-instance metrics:

Amazon CloudWatch Alarm Actions

Instance

status check fails?

REBOOT

System

status check fails?

RECOVER

Instance ID

Instance metadata

Private IP addresses

Elastic IP addresses

EBS volume attachments

Instance retains:

• Limited to C3, C4, M3, M4, R3, and T2 instance types with EBS only storage

Amazon EC2

Auto Recovery

Set your failed check threshold

Choose 1-minute period

and statistic minimum

Choose recover action

Metric = StatusCheckFailed_System

CloudWatch

console

Amazon EC2

Auto Reboot

Choose reboot action

Metric = StatusCheckFailed_Instance

CloudWatch

console

EBS Volume Types

EBS Volume Types

Hard disk driveSolid state drive

EBS Volume Types

General Purpose

SSD

gp2

Provisioned IOPS

SSD

io1

Throughput Optimized

HDD

st1

Cold

HDD

sc1

SSD HDD

EBS Volume Types: I/O Provisioned

General Purpose SSD

gp2

Throughput: 160 MB/s

Latency: Single-digit ms

Capacity: 1 GB to 16 TB

Baseline: 3 IOPS per GB up to 10,000

Burst: 3,000 IOPS (for volumes up to 1 TB)

Great for boot volumes, low latency applications and bursty databases

Burst Bucket: General Purpose SSD (GP2)

Max I/O credit per bucket is 5.4M

You can spend up to

3000 IOPS per second

Baseline performance = 3 IOPS per GiB or 100 IOPS

Always accumulating

3 IOPS per GiB per second

gp2

Burst & Baseline: General Purpose SSD (GP2)IO

PS

0 1 16

1,000

2,000

3,000

8,000

10,000

BASELINE IOPS(Baseline of 3 IOPS/GB)

Burstable to

3,000 IOPS

3 90.5

Volume size (TB)

~ 3334 GB

Time to Deplete a Full GP2 Credit Bucket

0

100

200

300

400

500

600

700

1 8 30 100 150 200 250 300 350 400 450 500 550 600 650 700 750 800 850 900 950

Min

ute

s o

f B

urs

t

Volume size in GB

43 min 1 hour

10 hours

EBS Volume Types: I/O Provisioned

Provisioned IOPS SSD

io1

Baseline: 100 to 20,000 IOPS

Throughput: 320 MB/s

Latency: Single-digit ms

Capacity: 4 GB to 16 TB

Ideal for critical applications and databases with sustained IOPS

Scaling Provisioned IOPS SSD (IO1)IO

PS

0 1 16

1,000

5,000

10,000

15,000

20,000

3 90.5

MAX PROVISIONED IOPS(Maximum IOPS:GB ratio of 30:1)

Available Provisioned IOPS

Volume Size (TB)

~ 667 GB

EBS Volume Types: Throughput Provisioned

Throughput

Optimized HDD

st1

Baseline: 40 MB/s per TB up to 500 MB/s

Capacity: 500 GB to 16 TB

Burst: 250 MB/s per TB up to 500 MB/s

Ideal for large block, high throughput sequential workloads

Burst Bucket: Throughput Optimized HDD (ST1)

Max I/O bucket credit is 1 TB of

credit per TB in volume

You can spend up to

250 MB/s per TB

Baseline performance = 40 MB/s per TB

Always accumulating 40 MB/s per TB

st1

Up to 8 TB in I/O credit

Always accumulating 320 MB/s

You can spend up

to 500 MB/s

Burst Bucket: Example 8 TB ST1 Volume

Baseline performance = 320 MB/s

st1

Throughput Optimized HDD – Burst and Base

0

100

200

300

400

500

600

0.5 1 2 4 6 8 10 12 14 16

Th

rou

gh

pu

t in

MB

/s

Volume Size in TB

Burst Base

320

ST1

Cold HDD

sc1

EBS Volume Types: Throughput Provisioned

Baseline: 12 MB/s per TB up to 192 MB/s

Capacity: 500 GB to 16 TB

Burst: 80 MB/s per TB up to 250 MB/s

Ideal for sequential throughput workloads such as logging and backup

Burst Bucket: Cold HDD (SC1)

Max I/O bucket credit is 1 TB of

credit per TB in volume

You can spend up to 80

MB/s per TB

Baseline performance = 12 MB/s per TB

Always accumulating 12 MB/s per TB

Cold HDD – Burst and Base

0

50

100

150

200

250

300

0.5 1 2 4 6 8 10 12 14 16

Th

rou

gh

pu

t in

MB

/s

Volume size in TB

Burst Base

192

SC1

I/O Provisioned Volumes Throughput Provisioned Volumes

sc1st1io1gp2

$0.10 per GB $0.125 per GB

$0.065 per PIOPS

* All prices are per month and from the us-west-2 region as of April 2016

$0.045 per GB $0.025 per GB

EBS Volume Types

Magnetic

EBS Volume Types: Magnetic

Magnetic

Baseline: 100 IOPS best effort

Capacity: 1 GB to 1 TB

Burst: 40 MB/s to 90 MB/s best effort

$0.05 per GB

$0.05 per 1 million I/O requests

EBS Best Practices

EBS Best Practices

Performance

Performance: Counting IOPS

io1

gp2

Instance

Application

4 * 16 K random I/Os

IOPS = 4

Up to 256 KiB

400

Blocks 77, 125, 11, 400

11 125 77

Performance: Counting IOPS

io1

gp2

Instance

Application

4 * 16 K sequential I/Os

IOPS = 1

64 KiB

Blocks 11, 12, 13, 14

11 12 13 14

Performance: Counting Throughput

Instance

Application

Up to 1 MB/s

4 3 2 1

4 * 1 MiB sequential I/Os

sc1

st1

MB/s = 4

Performance: Counting Throughput

Instance

Applications

87 621 2 1

2 * 1 MB sequential I/Os

sc1

st1

MB/s = 42 * 16 K random I/Os

Performance: Burst Balance

0

20

40

60

80

100

120

0 1 2 3 4 5 6 7 8 9 10

Burs

t B

ala

nce %

Time in Hours

1 MB Sequential 16 KB Random

4TB SC1 Volume

1 MB Sequential:

500 MB/s for 3 hours

16 KB Random:

8 MB/s for 3 hours

Performance: Verifying ST1 & SC1 Workloads

iostat

256 sectors x 512 bytes/sector = 128 KiB

128 KiB

Performance: Verifying ST1 & SC1 Workloads

CloudWatch

Console

Under

64 KiB?

Performance: Verifying ST1 & SC1 Workloads

Small or

random IOPS

likely

CloudWatch

Console

Stuck

around

44 KiB?

Performance: Verifying ST1 & SC1 Workloads

CloudWatch

Console

Upgrade your kernel

to at least 3.8

Performance: Bandwidth Matters

EBSc3.2xlarge

EC2

instances

Internet

Databases

~ 125 MB/s

S3

c3.8xlarge

10 Gbps ~ 1250 MB/s

Performance: EBS-Optimized Instances

For max throughput statistics per instance types, see:

http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSOptimized.html

• Dedicated network bandwidth for EBS I/O

• Enabled by default on c4, d2, and m4 instances

• Can be enabled at instance launch or on a running instance

• Not an option on some 10 Gbps instance types

(c3.8xlarge, r3.8xlarge, i2.8xlarge)

Performance: EBS-Optimized Instances

EBS

EC2

instances InternetDatabases

c3.2xlarge

~ 125 MB/s

S3

Performance: Bandwidth Matters

c3.xlarge

EBS-optimized

dedicated 500 Mbps

~ 62.5 MB/s

2 TB GP2 volume:6,000 IOPS

160 MB/s max throughput4,000 16K IOPS

c3.2xlarge

EBS-optimized

dedicated 1 Gbps

~ 125 MB/s

8,000 16K IOPS

2 TB GP2 volume:6,000 IOPS

160 MB/s max throughput

Performance: Throughput Workload

EC2

instances InternetDatabases

m4.10xlarge

S310 Gbps ~ 1250 MB/s

~ 500 MB/s

32,000 16K IOPS

8 TB ST1 volume:320 MB/s base

500 MB/s burst

Performance: I/O Workload

EC2

instances InternetDatabases

m4.10xlarge

S310 Gbps ~ 1250 MB/s

~ 500 MB/s

32,000 16K IOPS

1 TB io1 volume:16,000 IOPS

Performance: I/O Workload

EC2

instances InternetDatabases

m4.10xlarge

S310 Gbps ~ 1250 MB/s

~ 500 MB/s

32,000 16K IOPS

RAID0

2 * 1 TB io1 volumes:32,000 IOPS

Best Practice: RAID

When to RAID?

• Storage requirement > 16 TB

• Throughput requirement > 500 MB/s

• IOPS requirement > 20,000 @ 16K

Best Practice: RAID

EBS

volume

Availability Zone

AWS region

EC2

instance

EBS

volume

RAID0RAID10

Replica Replica

Best Practice: RAID

Avoid RAID for redundancy

• RAID1 halves available EBS bandwidth

• RAID5/6 loses 20 – 30% of usable I/O to parity

Performance: Volume Initialization

New EBS volume? New EBS volume from snapshot?

• Attach and its ready to go • Initialize for best performance

• Random read across volume

EBS Best Practices

Performance

Management

Best Practice: Taking Snapshots

Quiesce I/O

1. Database: FLUSH and LOCK tables

2. Filesystem: sync and fsfreeze

3. EBS: snapshot all volumes

When CreateSnapshot API returns

success, it is safe to resume

Best Practice: Automate Snapshots

Key ingredients:

AWS Lambda Amazon EC2

Run commandTagging

https://aws.amazon.com/ec2/run-command/

Best Practice: Automate Snapshots

AWS Lambda

scheduled event:

daily snapshots

EC2

instances

Backup

Retention30 days

Search for instances

tagged “Backup”

EC2 Run commands to

fsfreezeSnapshot all

attached volumes

Tag snapshots with

expire date

1. 2. 3. 4.

Best Practice: Automate Snapshot Expiration

AWS Lambda

scheduled event:

daily expire

Search for snapshots

tagged to “Expire On”

today

Delete expired

snapshots

1. 2.

EBS

snapshots

BackupExpireOn

Date

EBS Best Practices

Performance

Management

Security

Best Practice: Security

EBS

encryption

• Attach both encrypted and unencrypted

• No volume performance impact

• Any current generation instance

• Supported by all EBS volume types

• Snapshots also encrypted

• No extra cost

Best Practice: Security

EBS encryption:

data volumes

Best Practice: Security

Create a new AWS KMS Master key for EBS

• Define key rotation policy

• Enable AWS CloudTrail auditing

• Control who can use key

• Control who can administer key

Best Practice: Security

EBS encryption:

data volumes

Best Practice: Security

EBS

volume

EBS

master

key

AWS KMS

EBS

volume

EBS

volume

Data key 1

Data key 2

Data key 3Envelope encryption

• Limits exposure risk

• Performance

• Simplifies key management

Best Practice: Security

EBS encryption:

boot volumes

Summary

Use encryption if

you need it

Take snapshots,

tag snapshotsSelect the right

instance for your

workload

Select the right

volume for your

workload

Thank you!