Containers and VMs

Question 1

Why would a developer choose to use a Virtual Machine over a container solution?

Answer 1

A VM is necessary when the application requires:

1. OS Control
2. Security/Compliance
3. Statefulness
4. Simplicity (It’s too hard to break it up into microservices)

Question 2

Can you develop your own container specific to your application need?

Answer 2

Yes, via a Dockerfile

Question 3

What does VM stand for?

Answer 3

Virtual Machine

Question 4

What does a VM virtualize?

Answer 4

The hardware

Question 5

What does a container virtualize?

Answer 5

The OS Layer of a machine

Question 6

Which has a faster startup time between VMs and Containers?

Answer 6

Containers (secs/ms) are faster than VMs (mins), because VMs have to start up the OS

Question 7

What does a hypervisor do?

Answer 7

A hypervisor creates and runs VMs on physical machines and enforces the VM’s isolation.

Question 8

How do containers use the hypervisor?

Answer 8

They don’t. Containers bypass the hypervisor and go directly to the OS kernel

Question 9

What primary container advantage makes it ideal for microservices and Auto Scaling on AWS?

Answer 9

Speed and Density. The rapid seconds-to-milliseconds startup time (no OS boot) allows for much faster horizontal scaling (agility) and higher density (cost efficiency) compared to VMs.

Question 10

What AWS service is used to store and manage your custom container images?

Answer 10

Amazon ECR (Elastic Container Registry). Think of it as Docker Hub managed by AWS.

Question 11

What does Amazon ECR stand for?

Answer 11

Elastic Container Registry

Question 12

What does Amazon ECS stand for?

Answer 12

Elastic Container Service

Question 12

What types of EC2 instances are Virtual Machines?

Answer 12

All of them!

Question 13

What does Amazon EKS stand for?

Answer 13

Elastic Kubernetes Service

Question 14

What is the difference between the Control Plane and the Data Plane of a container system?

Answer 14

The control plane is the “brain” or management layer of an orchestration system that makes decisions on scheduling, scaling, and maintaining the desired state of the cluster.

The data plane is the “muscle” (worker) that does the actual running of a task

Question 15

What is a container image?

Answer 15

A standalone, executable software package that includes everything needed to run an application: code, runtime, system tools, and libraries. It is a static, read-only blueprint.

Question 16

What is the relationship between a container image and a container?

Answer 16

The container is a running instance of a container image.

The image is the static, read-only blueprint.

Question 17

Does a container image include your specific application code or just infrastructure specs?

Answer 17

Both

It packages the application code on top of the necessary infrastructure

Question 18

What AWS service is the primary type of VM?

Answer 18

Amazon EC2 instances.

Question 19

What AWS services are used to deploy and run containers?

Answer 19

ECS & EKS.

Question 20

What AWS service is used to store and manage your custom container images?

Answer 20

ECR

Question 21

What is the role of Kubernetes?

Answer 21

It is an open-source Control Plane

Question 22

What is the primary difference between ECS and EKS?

Answer 22

The Control Plane.
- ECS is AWS proprietary (simpler, integrated).
- EKS uses the open-source Kubernetes standard (high portability).

Question 23

What is the main advantage of choosing EKS over ECS?

Answer 23

Portability.

K8s can be moved to other cloud providers

Question 24

What is the input you provide to Fargate?

Answer 24

You provide a **Container Image** (and Task Definition).

Question 25

In which AWS container services does _AWS_ manage the control plane?

Answer 25

AWS Manages Control Plane for: ECS and EKS

Question 26

How do you define the contents of a container image?

Answer 26

**Dockerfile**

Question 27

What does **K8s** stand for?

Answer 27

Kubernetes

Question 28

What is the difference between Fargate and ECS (EC2 Launch Type)?

Answer 28

Fargate is **serverless.** With the ECS EC2 launch type, you must manage the EC2 VMs yourself. | Container as a service, not like Lambda which is function as a service

Question 29

# In the context of AWS What does AWS **A2C** stand for?

Answer 29

**A**pp **to** **C**ontainer

Question 30

What does AWS A2C do?

Answer 30

Itis a CLI tool that converts your application into a container image

Question 31

What does AWS Copilot do?

Answer 31

It is a CLI tool that manages the deployment and running of container instances

Question 32

What is the recommended method for granting AWS permissions to a container running in ECS or EKS?

Answer 32

Use an **IAM Task Role** | This grants permissions directly to the container/task.

Question 33

What AWS service should you use for persistent, shared file storage with ECS and EKS?

Answer 33

Amazon **EFS**

Question 34

How do containerized microservices in an ECS cluster find and communicate with each other?

Answer 34

Via **AWS Cloud Map** (for service discovery) _or_ using an **Application Load Balancer (ALB) with target groups**.

Question 35

In which AWS Service does AWS manage the data plane?

Answer 35

Fargate

Question 36

Suppose you wanted to have a fully managed serverless container setup. What AWS Services could you use to do this?

Answer 36

ECS for the control plane Fargate for the data plane ECR to store the image

Question 37

What are the 2 types of IAM roles a developer must configure when using ECS/EKS Fargate? and what is the key difference between them?

Answer 37

1. **Task Role** (grants permissions to the application code running in the container). 2. **Task Execution Role** (grants permissions to the _ECS agent_ to pull the image and publish logs/metrics).