1 00:00:06,570 --> 00:00:10,630 - Now let's talk about single versus multi-tenant instances. 2 00:00:10,630 --> 00:00:15,630 Within AWS within EC2, we have the ability to achieve 3 00:00:15,700 --> 00:00:18,510 either a single tenant or multi-tenant environment 4 00:00:18,510 --> 00:00:21,620 at least when it comes within the context 5 00:00:21,620 --> 00:00:23,483 of our actual instance. 6 00:00:24,588 --> 00:00:28,340 Keep in mind that the rack in the data center those 7 00:00:28,340 --> 00:00:31,980 will always be multi tenant there will always be more 8 00:00:31,980 --> 00:00:34,810 than one customer using the actual rack 9 00:00:34,810 --> 00:00:36,100 in the data center. 10 00:00:36,100 --> 00:00:39,900 But the actual compute we do have the ability to limit 11 00:00:39,900 --> 00:00:42,450 that to a single tenant environment. 12 00:00:42,450 --> 00:00:45,330 So in this particular diagram, 13 00:00:45,330 --> 00:00:48,970 we have a physical host 14 00:00:48,970 --> 00:00:51,550 that's running EC2 instances right? 15 00:00:51,550 --> 00:00:54,930 So within AWS we have 16 00:00:54,930 --> 00:00:58,500 here the physical host right? 17 00:00:58,500 --> 00:01:02,820 The Rack, the Chassis, the Motherboard, the Processor 18 00:01:02,820 --> 00:01:05,750 being Intel Xeon memory and network cards 19 00:01:05,750 --> 00:01:08,750 and all those things that make up that physical server. 20 00:01:08,750 --> 00:01:11,400 And then of course we have the Hypervisor. 21 00:01:11,400 --> 00:01:16,400 Now all of these things are Amazon's responsibility. 22 00:01:17,250 --> 00:01:20,100 In terms of the shared responsibility model, 23 00:01:20,100 --> 00:01:24,660 AWS is responsible for building and supplying 24 00:01:24,660 --> 00:01:28,470 and maintaining and securing this physical host. 25 00:01:28,470 --> 00:01:31,613 When it comes to launching EC2 instances, 26 00:01:32,558 --> 00:01:37,270 AWS is responsible for installing the operating system 27 00:01:37,270 --> 00:01:40,610 on these instances but once it's running, 28 00:01:40,610 --> 00:01:43,500 we as customers are responsible for maintaining 29 00:01:43,500 --> 00:01:45,020 that operating system. 30 00:01:45,020 --> 00:01:49,740 And so the default environment for these EC2 instances 31 00:01:49,740 --> 00:01:52,160 if we don't choose something else. 32 00:01:52,160 --> 00:01:56,110 The default environment would be that 33 00:01:56,110 --> 00:01:57,980 each one of these may very well 34 00:01:57,980 --> 00:01:59,790 be a different customer right? 35 00:01:59,790 --> 00:02:02,070 So we may have customer one over here, 36 00:02:02,070 --> 00:02:05,470 we may have customer two and over here 37 00:02:05,470 --> 00:02:09,010 we may have customer three right? 38 00:02:09,010 --> 00:02:11,020 So the default behavior might be that 39 00:02:11,020 --> 00:02:15,130 we have different customers all running 40 00:02:15,130 --> 00:02:19,740 and essentially sharing the same underlying physical host 41 00:02:19,740 --> 00:02:22,350 and from many cases that's perfectly fine. 42 00:02:22,350 --> 00:02:26,120 In fact PCI in HIPAA recently 43 00:02:26,120 --> 00:02:28,680 within the last, I'm not sure exactly when 44 00:02:28,680 --> 00:02:33,120 but within the last year or two, PCI and HIPAA both updated 45 00:02:33,120 --> 00:02:36,930 their policies to allow multi-tenant environments 46 00:02:36,930 --> 00:02:38,890 in many cases right? 47 00:02:38,890 --> 00:02:42,550 So if you do need a single tenant environment, 48 00:02:42,550 --> 00:02:44,180 we have two options. 49 00:02:44,180 --> 00:02:48,320 If you need to be the only customer 50 00:02:48,320 --> 00:02:51,980 that is essentially running across this physical host, 51 00:02:51,980 --> 00:02:55,500 if you need to be the only customer with these 52 00:02:56,390 --> 00:02:59,000 managing any instances on this host. 53 00:02:59,000 --> 00:03:02,940 Then we could leverage what we call Dedicated Instances. 54 00:03:02,940 --> 00:03:05,500 And Dedicated Instances simply means that 55 00:03:05,500 --> 00:03:08,130 even though we're running a virtual instance 56 00:03:08,130 --> 00:03:11,810 on that physical host, we are the only customer. 57 00:03:11,810 --> 00:03:15,220 In some other cases we may need to actually 58 00:03:15,220 --> 00:03:19,870 have some type of affinity with the physical host 59 00:03:19,870 --> 00:03:23,520 and so especially for enterprises who need 60 00:03:23,520 --> 00:03:28,420 to migrate applications whose licenses 61 00:03:28,420 --> 00:03:32,470 are somehow tied to the physical host, 62 00:03:32,470 --> 00:03:34,990 we gain access to that as well. 63 00:03:34,990 --> 00:03:38,840 And so with a Dedicated Host right? 64 00:03:38,840 --> 00:03:42,350 I'm just gonna write DH here for Dedicated Host. 65 00:03:42,350 --> 00:03:46,660 With a Dedicated Host AWS essentially assigns one 66 00:03:46,660 --> 00:03:49,360 of these physical hosts to us 67 00:03:49,360 --> 00:03:52,260 and they give us the IDs they give us the core counts 68 00:03:52,260 --> 00:03:55,990 and any information we would need about that host 69 00:03:55,990 --> 00:03:59,630 in order to satisfy the licensing requirements 70 00:03:59,630 --> 00:04:02,343 for our software that were migrating. 71 00:04:03,250 --> 00:04:08,250 And then later when we go to launch EC2 instances 72 00:04:08,250 --> 00:04:10,230 we can choose an affinity. 73 00:04:10,230 --> 00:04:13,870 If we had multiple dedicated hosts, we could choose 74 00:04:13,870 --> 00:04:16,490 which host we wanted that virtual machine 75 00:04:16,490 --> 00:04:18,550 to be launched on right? 76 00:04:18,550 --> 00:04:20,750 So let's keep that in mind for those of us 77 00:04:20,750 --> 00:04:25,470 who may have a need to run in a single tenant environment 78 00:04:25,470 --> 00:04:30,470 within EC2 the default behavior is multi tenant. 79 00:04:30,820 --> 00:04:33,540 We have the option to go to single tenant 80 00:04:33,540 --> 00:04:37,773 with either Dedicated Instances or Dedicated Hosts.