Troubleshooting

Here are some scenario-based EC2 interview questions with answers to help you prepare:

Scenario 1: High CPU Utilization on EC2 Instance

Question: You have an EC2 instance running a web application, and users report slow response times. After checking CloudWatch, you notice CPU utilization is consistently at 90%. How do you troubleshoot and fix this issue?

Answer:

1. Analyze the Workload:

   • Use htop or top to check which processes are consuming high CPU.

   • If a specific application is consuming excessive CPU, optimize it (e.g., adjust configurations, enable caching, or optimize database queries).

2. Scale the Instance:

   • Upgrade to a larger instance type with more vCPUs (e.g., M5.large → M5.xlarge).

   • Move to a Compute Optimized instance (e.g., C5 series).

3. Enable Auto Scaling:

   • Configure an Auto Scaling Group to launch additional instances when CPU exceeds a threshold (e.g., CPU > 80% for 5 minutes).

4. Use Load Balancing:

   • Distribute traffic using an Elastic Load Balancer (ELB) to multiple instances.

5. Optimize the Application:

   • Enable caching (e.g., use Redis, Memcached).

   • Reduce background tasks or move them to AWS Lambda for event-driven execution.

Scenario 2: EC2 Instance Not Accessible via SSH

Question: A developer reports that they cannot SSH into an EC2 instance. What steps would you take to troubleshoot this issue?

Answer:

1. Check Security Group Rules:

   • Ensure port 22 (SSH) is open to your IP (0.0.0.0/0 is not recommended for security).

2. Verify Key Pair:

   • Ensure you're using the correct private key (.pem) to authenticate.

   • Run:

   • If the key pair is lost, create a new key pair, attach a new volume to another instance, and copy the new key into ~/.ssh/authorized_keys.

3. Check Network ACLs:

   • Ensure the VPC Network ACLs allow inbound and outbound traffic on port 22.

4. Restart SSH Service:

   • If you have access via EC2 Instance Connect (Amazon Linux 2, Ubuntu), restart the SSH service:

5. Verify Instance Status:

   • Check EC2 instance status checks in AWS Console. If it has failed, reboot the instance.

Scenario 3: EC2 Instance Stopped Unexpectedly

Question: An EC2 instance running a production application was stopped unexpectedly. How do you investigate and prevent this issue?

Answer:

1. Check AWS CloudTrail Logs:

   • Look for StopInstances API calls to see if a user manually stopped it.

2. Check Auto Scaling Termination Policy:

   • If the instance is part of an Auto Scaling Group, it might have been terminated due to scaling policies.

3. Verify Spot Instance Interruption:

   • If it's a Spot Instance, AWS might have reclaimed it due to pricing fluctuations.

   • Solution: Use Spot Fleet or switch to On-Demand/Reserved Instances for stability.

4. Check Billing Issues:

   • If your AWS account has exceeded free tier limits or lacks funds, AWS might have stopped the instance.

5. Enable Termination Protection:

   • If the instance is critical, enable termination protection to prevent accidental termination.

Scenario 4: Data Loss After EC2 Termination

Question: You terminated an EC2 instance and lost all the application data. How can you prevent this from happening in the future?

Answer:

1. Use EBS Volumes Instead of Instance Store:

   • Instance Store data is lost when the instance is terminated.

   • Solution: Attach an EBS volume (gp3, io1, etc.), which persists after termination.

2. Enable EBS Volume Snapshots:

   • Schedule automated snapshots using AWS Backup or Lambda.

   • Restore data from a snapshot in case of failure.

3. Use AMIs for Backups:

   • Create a custom Amazon Machine Image (AMI) of your instance for easy restoration.

4. Use S3 for Persistent Storage:

   • Store important data in Amazon S3 to avoid loss during instance termination.

5. Check "Delete on Termination" Setting:

   • Modify the EBS volume attribute to prevent automatic deletion on termination.

Scenario 5: EC2 Instance Taking Too Long to Boot

Question: A newly launched EC2 instance is taking a long time to boot. How would you troubleshoot this?

Answer:

1. Check Instance System Logs:

   • View logs using:

   • Check AWS Console System Logs (EC2 → Actions → Monitor & Troubleshoot → Get System Log).

2. Verify Boot Volume Size and Type:

   • Ensure the root EBS volume has enough space.

   • Upgrade from gp2 to gp3 for better performance.

3. Check Startup Services:

   • If there are too many startup scripts or services, disable unnecessary ones:

4. Network Issues:

   • If the instance is waiting for a DHCP lease, manually assign a static private IP.

5. Try Another AMI:

   • The AMI might be outdated or corrupted. Use a different Amazon Linux 2 or Ubuntu AMI.

Here are more advanced EC2 scenario-based interview questions with detailed answers:

Scenario 6: Application Running on EC2 Becomes Unresponsive

Question: Your web application running on an EC2 instance suddenly becomes unresponsive. The instance is running, but you cannot access it via HTTP or SSH. How do you diagnose and fix this issue?

Answer:

1. Check Instance Status Checks:

   • Go to EC2 Console → Instance → Status Checks.

   • If a System Status Check has failed, restart the instance or move to a new AZ.

2. Check CPU and Memory Usage:

   • Connect using EC2 Instance Connect (if supported).

   • Run:

3. Check Disk Space:

   • If disk usage is 100%, clear logs or extend the volume:

4. Verify Security Group & NACL Rules:

   • Ensure port 80 (HTTP)/443 (HTTPS) is open for web access.

   • Ensure port 22 (SSH) is open for admin access.

5. Check Web Server Logs:

   • If Apache/Nginx crashed, restart it:

6. Restore from Snapshot:

   • If the instance is corrupted, create a new instance and attach an EBS snapshot of the original volume.

Scenario 7: EC2 Instance with High Disk Read/Write Latency

Question: Your EC2 instance is experiencing high disk latency, slowing down the database and application. How would you investigate and fix this?

Answer:

1. Check Disk Utilization:

   • Use iostat to check IOPS and latency:

2. Check EBS Volume Type:

   • If using gp2, upgrade to gp3 or io1/io2 for better performance.

   • Increase provisioned IOPS if using io1/io2.

3. Optimize Application Reads/Writes:

   • Enable database indexing and caching.

   • Use Amazon RDS if a managed database is needed.

4. Enable EBS Optimization:

   • Ensure instance type supports EBS-optimized volumes for better throughput.

Scenario 8: EC2 Instance Running Out of Private IPs in VPC

Question: You have an EC2 instance in a private subnet that needs to make outbound internet calls, but it cannot resolve domain names or connect externally. What is the issue and how do you resolve it?

Answer:

1. Check if a NAT Gateway is Set Up:

   • Private instances cannot access the internet unless a NAT Gateway or NAT Instance is set up in the public subnet.

2. Verify Route Table Configuration:

   • Route table should have a route like:

3. Check Security Group & NACL Rules:

   • Allow outbound access for HTTP (80), HTTPS (443).

4. Use VPC Endpoints (For AWS Services):

   • Instead of public internet access, use VPC Endpoints for services like S3, DynamoDB.

Scenario 9: EC2 Auto Scaling Group Not Launching New Instances

Question: You have an Auto Scaling Group (ASG) with a desired count of 3 instances, but it is stuck at 1 instance. What could be the issue?

Answer:

1. Check ASG Activity Logs:

   • In AWS Console:

     • EC2 → Auto Scaling Groups → Activity History

2. Verify Launch Template or Launch Configuration:

   • Ensure the AMI exists and the IAM role allows instance creation.

3. Check VPC & Subnet Availability:

   • If the selected subnet has no free IPs, instances won't launch.

   • Try launching a test instance in the same subnet.

4. Check Spot Instance Availability (If Used):

   • If using Spot Instances, AWS may not have capacity at the bid price.

   • Switch to On-Demand Instances temporarily.

5. Increase Service Quotas:

   • Check EC2 instance limits for your AWS region.

   • Request an increase if needed.

Scenario 10: EC2 AMI Deployment Results in Misconfigured Instances

Question: You created an AMI from a working EC2 instance and launched multiple new instances from it. However, the new instances are misconfigured and not working properly. How do you troubleshoot?

Answer:

1. Check AMI Customization:

   • Verify that the AMI retains necessary configurations (e.g., SSH keys, network settings).

   • Manually test the AMI by launching a single instance before scaling.

2. Ensure User Data Scripts Execute Correctly:

   • If your instance setup relies on a User Data script, check logs:

3. Verify Static Configuration Issues:

   • If the old instance had hardcoded IPs, hostnames, or certificates, update them dynamically.

   • Use EC2 metadata service to fetch instance-specific details:

4. Check IAM Role and Instance Profile:

   • If the new instance needs AWS service access, assign the correct IAM role.

Scenario 11: AWS EC2 Instance Costs Are Too High

Question: Your AWS bill is higher than expected, and you suspect EC2 costs are a major factor. How do you reduce costs without affecting performance?

Answer:

1. Use Reserved or Spot Instances:

   • Convert On-Demand instances to Reserved Instances (RI) for savings.

   • Use Spot Instances for non-critical workloads.

2. Right-size Instances:

   • Use AWS Compute Optimizer to find cost-effective instance types.

   • If CPU and RAM are underutilized, downgrade (m5.large → m5.medium).

3. Use Auto Scaling to Optimize Costs:

   • Configure ASG to scale down during off-peak hours.

4. Terminate Unused Instances:

   • Use AWS Trusted Advisor to find idle instances.

   • Set up Auto Stop for dev/test instances using AWS Lambda.

5. Optimize Storage:

   • Move infrequent-access data to S3 Glacier instead of keeping large EBS volumes.

   • Use gp3 instead of gp2 for better price-performance ratio.

Scenario 12: EC2 Instance with Long-running Background Processes Fails After Reboot

Question: You have an EC2 instance running a background job that needs to restart automatically after reboot, but it does not start. What steps would you take?

Answer:

1. Use Systemd Services:

   • Create a systemd service file:

   • Add:

   • Enable and start the service:

2. Use AWS Systems Manager (SSM):

   • If manual SSH access is unreliable, use SSM Session Manager for automatic management.

These real-world EC2 interview scenarios cover performance, security, networking, cost optimization, and automation. Let me know if you need even more complex cases! 🚀