Monday, 5 June 2017

AWS ENI - Query from Viewers -- 005

Hi guys, 

I have got following doubts from one of our viewers on this video -- 


So by adding multiple ENI to AN INSTANCE 
1. Still its a single point of failure, Where in if the instance fails, all the attached ENI also fails right? 
ANS: Yes, if instance fails all the ENIs attached to that instance would not be of any use. Mutiple ENIs do not increase Availability or Bandwidth of the machine. Rather, they are there for the isolation purpose.

2. Normally in an ON-PREM INFRA, we used to have muti NIC for the webserver not to have a single point of failure in case of one NIC CARD fails? Where as in AWS its a virtual world and I assume its a managed service right? we don't have to worry about the Primary failing at all ? 
ANS: On AWS, we handle that scenario via Auto-scaling Group. So that if a machine becomes unreachable, another instance takes its place. 

3. Why should we disable the SOURCE/DESTINATION CHECK FLAG for the ENI? I think we disable the "SOURCE/DESTINATION" only when we create a NAT INSTANCE, that's right? 
ANS: That's correct. Other than NAT, you do not have to disable it. 

4. The primary ENI can't be detached, Becoz that's the one which makes the instance to have a public and/or private IP right? 
ANS: Not so. It is more of a restriction from AWS implementation perspective. In future, they might start allowing it (as you can detach ROOT EBS volume for a stopped machine).

5. So the best use case for multi eni would be, Where in a. In a single large instance with multi ENI, that one instance can be part of both private and public subnet b. Having said that, I can have web server facing the internet in the public ENI and the database also in the same instance in the private ENI and configure the security group accordingly. 
ANS: Sorry, Incorrect! When you create ENI, you can see that its scope is a Subnet (same way scope of an EC2 is also Subnet). Hence, an EC2 and an ENI would be there only in one subnet (not two). 
You can use multi ENI to give 2 different IPs to 2 different user groups. E.g. On an EC2 open port 8080 on IP1 and port 22 on IP2. Also, attach different security groups in above ENIs. Hence, the users would never know they are accessing the same machine. 

 6. So with multiNIC, I can have multiple websites on the same server, with each Nic attached to one website?
ANS: You can have multiple websites on one machine even without multi-NIC. Different webservers (like IIS) support the same. 

0 comments:

Post a comment

Note: only a member of this blog may post a comment.

Most Popular Posts