Security and IAM

What is the Difference Between Dedicated Hosts and Dedicated Instances on AWS?

Josh von Schaumburg Featured
Josh von Schaumburg | Apr 17 2017

Way back in March of 2011, AWS announced the release of Dedicated Instances, which allows organizations to launch EC2 instances on dedicated infrastructure. This led to a lot of questions about AWS Dedicated Instances vs Dedicated Hosting. Typically, when an EC2 instance is launched in a VPC, the virtualized infrastructure is built from a pool of shared resources (e.g., CPU units) that is in use by all customers within a given Availability Zone. When an instance is turned off or terminated, those resources are then released back into the shared pool of available resources. This violates compliance regulations, such as the Health Insurance Portability and Accountability Act (HIPAA), for example, which requires completely dedicated infrastructure for any instances that process Protected Health Information (PHI).

Why Dedicated Hosts?

If Dedicated Instances already allow for compliance and increased performance, then what is the purpose of Dedicated Hosts, which were released more recently in November of 2015? Let’s start with the technical difference between Dedicated Instances and Dedicated Hosts. The AWS docs are not sufficiently clear on what the real differences are. The best summary found in the docs is:

“An important difference between a Dedicated Host and a Dedicated Instance is that a Dedicated Host gives you additional visibility and control over how instances are placed on a physical server, and you can consistently deploy your instances to the same physical server over time.”

Simply put, there are no apparent technical differences between Dedicated Instances and Dedicated Hosts from the physical host level. Both services give the option to launch instances to your own Dedicated Hosts with resources that will not be consumed by other customers. The real difference is in the visibility into the physical host that Dedicated Hosts gives you. While Dedicated Instances are extremely valuable from a compliance perspective, Dedicated Hosts also give you the visibility into the physical host that is required for a Bring Your Own License (BYOL) model — i.e., if you want to use your own Windows Server, SQL Server, SUSE, or RHEL licenses that are provided on a CPU core basis.

In addition to licensing visibility, Dedicated Hosts give you the same level of compliance as Dedicated Instances and also add one additional benefit in increased network performance. When all instances are on the same physical host, network latency is minimized (only within that physical host, of course). Dedicated Instances can all potentially launch on the same physical host, but there is no way to know for sure. With Dedicated Hosts, you get the visibility into physical hosts from the AWS console that you need.

Dedicated Host vs Dedicated Instance: Pricing Differences

Lastly, there are different and unique pricing models for each:

Dedicated Instances

  • You pay a flat fee of $2/hour for each region in which at least 1 Dedicated instance is running (this fee is the same regardless if you have 1 Dedicated Instance or 1,000)
  • You then pay hourly for each individual Dedicated Instance at a premium of around 10% from the cost of a shared, on-demand instance
  • You can purchase reserved Dedicated Instances to reduce cost further

Dedicated Hosts

  • You pay hourly for a single physical host based on instance type, which can then hold a certain number of instances. Pricing is based on the instance size, as seen on the Amazon EC2 Dedicated Hosts Pricing Page shown below
  • Each Dedicated Host that is allocated costs the same regardless of the number of instances launched on the host - a C4 instance (the latest generation of Compute-optimized instances), for example, costs $1.75 per hour
  • Each Dedicated Host must run the same instance type and instance size (no mixing and matching within a single Dedicated Host - not even different instance sizes of the same family)
  • For example, if you are using the C3 instance family, you must pay hourly for an entire physical C3 host that can launch up to 16 c3.large instances, 8 c3.xlarge instances, etc. If you need to launch 17 c3.large instances, you need to pay for 2 entire Dedicated Hosts, and you will have 15 open slots on the 2nd host
  • If you fill an entire on-demand Dedicated Host with instances, you will be paying around a 10% premium vs. on-demand instances
  • You can purchase reserved Dedicated Hosts to reduce cost

In summary, the differences between Dedicated Instances and Dedicated Hosts are:

  • Use Dedicated Hosts for more visibility into the physical host for BYOL. You should also try Dedicated Hosts if your app requires minimal latency between instances
  • Use Dedicated Instances if you are only concerned with compliance with regulations
  • In terms of pricing, if you are able to maximize the number of instances on a Dedicated Host, you will pay less vs. Dedicated Instances. The percentage savings depends on your scale due to the $2/hour flat fee. In our opinion, it’s not worth the headache. Unless BYOL or intranet network performance is a concern, Dedicated Instances is the way to go due to the flexibility of launching instances vs. Dedicated Hosts.
Josh von Schaumburg Featured
Josh von Schaumburg