My ec2 instance is getting charged for data transfer from almost every available AWS region (Tokyo, Seoul, Singapore, Paris, London, Germany, Ireland, Ohio, Oregon, Sydney, Canada Central, Sao Paulo, Cloud Front, INCLUDING AWS GovCloud (US)). our 99.99% users are from India. As per recommendations of AWS representative have checked no other script are running on our instance and have changed rules for security group inbound rule having only SSH connection on port 22 to static IP. But still, there is data transfer of almost 600GB+. And the documentation for security group doesn't help much is there any other way to stop this data transfer?
Please note that EC2 instance runs the php code and java api tomcat7 service & RDS is on other instance.
First, your question looks like you mention data transfer to other EC2 instances in another region. Perhaps you meant traffic to internet users in other regions?
Second, according to pricing you'll be billed for Data Transfer OUT From Amazon EC2 To Internet whichever region you are and regardless whether the endpoint is in internet or AWS region. So, even if you have users in Mumbai you'll be billed for outbound traffic anyway.
Third, if you want to block transfer on country basis use CDN with proper capability, e.g. CloudFlare.
Please elaborate your question if you meant something else.
Related
I looked at the pricing pages for both EC2 and Lightsail but could not find anything.
I am more concerned about data bills on EC2 side as EC2 data is much more expensive.
I can relocate servers to be in the same region if that helps reduce cost.
Data between Regions is definitely charged at full Data Transfer prices.
Data within the same Region but in different AZs would be charged at 1c/GB (possibly 2c/GB since it might be charged from both ends).
The lowest-cost option would be to establish VPC Peering between Lightsail and your VPC, and having the resources in the same AZ. This should (?) eliminate any Data Transfer charge.
This might be helpful: Understanding Data Transfer in AWS - The Duckbill Group
I've deployed an EKS cluster, each of the EC2 instances has its own public ip and all attached to the same VPC.
The routing table for each of the EC2 instances subnets looks as follows:
Destination | Target
----------------------------------------
192.168.0.0/16 | local
0.0.0.0/0 | igw-06d8c484aaba8d136
So if I understand correctly, every time I read from an S3 bucket (in the same region or not), it should be routed using the internet gateway to the internet, and if that's the case, I should see charges for it.
However, I don't see any charges for it, I tough that maybe AWS network magically taking care of these routings but they actually provide another solution and these rules aren't in any of the routing tables.
Not that I'm against free services, but I prefer to understand this before reading lots of data
Perhaps you are still in the AWS free tier (12 months free) with 20,000 get requests free and 2,000 put requests free source
EDIT:
As you say the free stuff does appear in cost explorer.
However, if EC2 instance and S3 bucket are in the same region, the requests should be free regardless of endpoints, if you have this setup, I think that's the explanation.
This article summarises it quite nicely.
I would recommend setting up an s3 endpoint if you wish to keep internal transfer costs down after your free tier expires though, it's also great for performance.
To design a system I need to decide on where to deploy the instances (suppose that I don't really care where they are but only want to optimize costs).
The on-demand page mentions several billing items:
Data Transfer IN To Amazon EC2 From Internet
Data Transfer OUT From Amazon EC2 To Internet
Data Transfer OUT From Amazon EC2 To (a list of regions)
Data Transfer Across AZ within this Region
My questions:
About item 1 - they say this is free, is it? does it make sense that from Internet to Amazon is free while from Amazon to Amazon is not free? (I'm talking on the inbound data here, not the outbound).
In items 2-3: does "Amazon" refer to all AWS services, including another EC2 instance?
Regarding item 4: it is written "Data transferred "in" to and "out" of Amazon EC2, Amazon RDS, Amazon Redshift , Amazon DynamoDB Accelerator (DAX), and Amazon ElastiCache instances or Elastic Network Interfaces across VPC peering connections in the same AWS region is charged at $0.01/GB." Is that meaning that if I run a process between 2 EC2 instances on the same region then I pay for each GB twice? first for outbound from one instance and second for the inbound on the other instance.
The simple rules-of-thumb are:
Inbound traffic from the Internet to the AWS Cloud is free.
Outbound traffic from the AWS Cloud to the Internet is charged at the applicable rates in each region (this is the majority of the cost). This applies to anything that sends traffic out to the Internet from your AWS services.
Outbound traffic from the AWS Cloud to Amazon CloudFront has a lesser rate
Traffic within a region but between Availability Zones is 1c/GB in each direction. In fact, the wording on the EC2 Instance Pricing page now shows this.
To answer your specific questions:
Inbound is free
Outbound is for any AWS service that sends traffic to the Internet
Traffic between AZs or via VPC Peering is charged in "each direction"
I want to create an AWS EC2 instance with an IP address specific to a region. For example if it is Jackson, Mississippi, I want the instance to have an IP which belongs to that same region. If I use that IP as Proxy and go to whatismyip, it should always show Jackson, Mississippi area.
You cannot. An EC2 instance is created in a region, and AWS has 12 regions as of now. See more about regions and endpoints here:
http://docs.aws.amazon.com/general/latest/gr/rande.html
The closest region to Jackson, Mississippi is probably Ohio (us-east-2) or us-east-1, where you could provision your instances.
You can use AWS DirectConnect to link your data center to AWS and can probably achieve what you want, but I believe you don't wish to get there.
I'm fairly new to Amazon services and wondering what some of the best practices are for clustering/load balancing?
I have a load balancer in my colo (NJ) which may potentially be upgraded to Netscaler.
The application we're hosting on Amazon is nothing crazy and don't expect too much traffic. We're looking at 2 linux instances that would run a Node JS application with a MongoDB replica set. From what I understand, Amazon will evenly divide the traffic amongst the zones. The end-users location has no effect on where they'll be distributed (ie if I have a server in the west coast and one in the east coast, the user in the east coast could be directed to either east or west).
If I wanted to direct users traffic based on location, a global DNS solution would make more sense?
One server would be the master db and the other would be slave with data replicating to each other.
Anybody have any experience with this and how is the network performance?
A question about EC2/S3
EC2 Instances and S3 buckets can only communicate if they are in the same region, correct?
The load balancer only works within one region. If you want to balance traffic between different regions you will need to look at latency based routing in Route 53. Keep in mind that availability zone and region have different meanings within EC2
MongoDB replica set is a flexible master/slave configuration. If the primary instance fails, a secondary, based on configured priority can automatically become primary. Network within a region is fast, you will have some latency if you use multiple regions.
EC2 instance can access an s3 bucket in any region, you wont pay for outgoing bandwidth if both are in the same region.