Key Characteristics of EBS
- Persistent Storage: EBS volumes are independent of the running life of an EC2 instance. You can stop and restart the instance, and the data on the volume will remain intact.
- Block-Level Storage: Presents to the instance as a raw, unformatted block device that you can use as a hard drive.
- EC2 Integration: An EBS volume can only be attached to one EC2 instance at a time in the same Availability Zone (with the exception of EBS Multi-Attach).
- Detachable: You can detach a volume from one instance and attach it to another in the same AZ.
- Boot and Storage: You can use EBS volumes as boot volumes for your EC2 instances or as storage volumes for data. The root device for an instance launched from an AMI is an EBS volume.
- Dynamic Modifications: You can dynamically increase size, change the volume type, and adjust the IOPS performance of your volumes without detaching them.
EBS Volume Types
Amazon EBS provides different volume types that allow you to balance price and performance. They are divided into two main categories: SSD-backed and HDD-backed.
SSD-Backed Volumes
Optimized for transactional workloads involving frequent read/write operations with small I/O size, where the dominant performance attribute is IOPS.
| Feature | General Purpose SSD (gp3) | General Purpose SSD (gp2) | Provisioned IOPS SSD (io2 Block Express) | Provisioned IOPS SSD (io1) |
|---|---|---|---|---|
| Use Case | Most workloads, dev/test, virtual desktops | Broad range of transactional workloads | Mission-critical, low-latency workloads | I/O-intensive database & large transactional workloads |
| Volume Size | 1 GiB - 16 TiB | 1 GiB - 16 TiB | 4 GiB - 64 TiB | 4 GiB - 16 TiB |
| Durability | 99.8% - 99.9% durability | 99.8% - 99.9% durability | 99.999% durability | 99.8% - 99.9% durability |
| Baseline IOPS | 3,000 IOPS | 3 IOPS/GiB, burstable to 3,000 IOPS | 1,000 IOPS/GiB | 50 IOPS/GiB |
| Max IOPS/Volume | 16,000 IOPS | 16,000 IOPS | 256,000 IOPS | 64,000 IOPS |
| Max Throughput | 1,000 MiB/s | 250 MiB/s | 4,000 MiB/s | 1,000 MiB/s |
| Multi-Attach | No | No | Yes | Yes |
HDD-Backed Volumes
Optimized for large streaming workloads where the dominant performance attribute is throughput (MiB/s).
| Feature | Throughput Optimized HDD (st1) | Cold HDD (sc1) |
|---|---|---|
| Use Case | Big data, data warehouses, log processing | Less frequently accessed data, lowest cost |
| Volume Size | 125 GiB - 16 TiB | 125 GiB - 16 TiB |
| Max IOPS/Volume | 500 IOPS | 250 IOPS |
| Max Throughput | 500 MiB/s | 250 MiB/s |
EBS Snapshots
EBS Snapshots are a point-in-time copy of your EBS volume, which are backed up to Amazon S3 for durability.
- Incremental Backups: Snapshots are incremental; they only save the blocks on the device that have changed since your most recent snapshot. This minimizes the time required to create the snapshot and saves on storage costs.
- Full Copy: When you delete a snapshot, only the data exclusive to that snapshot is removed. The first snapshot of a volume is always a full copy of the data.
- Cross-Region Copy: You can copy snapshots to other AWS Regions for disaster recovery.
- Cross-Account Sharing: You can share snapshots with other AWS accounts.
- Create Volumes: You can create a new EBS volume from an existing snapshot. The new volume is an exact replica of the original volume at the time the snapshot was taken.
- Fast Snapshot Restore (FSR): You can enable FSR on snapshots to ensure that EBS volumes created from them are fully-initialized at creation and instantly deliver all their provisioned performance.
EBS Encryption
Amazon EBS encryption offers a straightforward encryption solution for your EBS volumes.
- Encryption at Rest: Data at rest on the volume, disk I/O, and snapshots created from the volume are all encrypted.
- AWS KMS: Encryption is handled using AWS Key Management Service (KMS) and customer master keys (CMKs).
- Seamless: Encryption is seamless to the user and has a minimal impact on performance.
- Enable by Default: You can enable EBS encryption by default for your AWS account on a per-region basis. This ensures all new EBS volumes created in your account are encrypted.
- Encrypting Unencrypted Volumes: There is no direct way to encrypt an existing unencrypted volume. The process is:
- Create a snapshot of the unencrypted volume.
- Copy the snapshot and enable encryption on the new snapshot.
- Create a new EBS volume from the encrypted snapshot.
- Attach the new encrypted volume to your EC2 instance.
Amazon Data Lifecycle Manager (DLM)
DLM provides a simple, automated way to back up data stored on EBS volumes.
- Automate Snapshots: You can define policies to automate the creation, retention, and deletion of EBS snapshots.
- Backup & Retention Schedules: Policies can define backup schedules (e.g., every 12 or 24 hours) and retention rules (e.g., keep for 7 days).
- Simplify Management: DLM helps you manage your snapshots, ensuring that you have regular backups and that old, unneeded snapshots are pruned to save costs.
- Cross-region Copy Automation: Policies can also automate the copying of snapshots to other AWS regions for disaster recovery purposes.
- Supports EBS-backed AMIs: You can also use DLM to create and manage EBS-backed AMIs.
EBS Performance & RAID
To get more performance out of EBS, you can use multiple volumes in a RAID configuration (Redundant Array of Independent Disks). This is handled at the operating system level.
- RAID 0 (Striping): Spreads data across multiple volumes. It offers higher performance (IOPS and throughput) by combining the performance of each volume. If one volume fails, all data is lost. Use for high-performance needs where data loss is not a concern, or data is backed up elsewhere.
- RAID 1 (Mirroring): Duplicates data across two or more volumes. It provides redundancy and increased read performance. Write performance is limited to the speed of a single volume. Use for applications that require high availability.
Monitoring EBS
You can monitor the health and performance of your EBS volumes using Amazon CloudWatch.
- CloudWatch Metrics: EBS sends metrics to CloudWatch automatically. Key metrics include:
VolumeRead/WriteOps: The total number of read/write operations.VolumeQueueLength: The number of pending I/O requests. A high queue length can indicate that the volume cannot keep up with the application's demand.VolumeThroughputPercentage: Used for HDD volumes to monitor throughput utilization.VolumeConsumedReadWriteOps: Used for Provisioned IOPS SSD volumes.
- Volume Status Checks: These checks help you understand the health of your volumes. Statuses include:
- Ok: The volume is operating normally.
- Warning: The volume is degraded or performance is not optimal.
- Impaired: The volume is stalled and may be unavailable.
- Insufficient-data: Not enough information to determine the status.
Sources