aws

A Beginner's Guide to Understanding AWS EC2 -(Elastic Compute Cloud)

borhanitrash

Md. Abdur Rahman

Posted on November 7, 2024

A Beginner's Guide to Understanding AWS EC2 -(Elastic Compute Cloud)

Introduction

Amazon EC2 (Elastic Compute Cloud) is a web service that provides secure and resizable compute capacity in the AWS cloud. It is one of the most fundamental and widely used services offered by AWS. Amazon EC2 eliminates the need to invest in hardware upfront, so you can develop and deploy applications faster.

You can use Amazon EC2 to launch as many or as few virtual servers as you need. You can configure security and networking, and manage storage. Amazon EC2 enables you to have complete control over your web-scaling and computing resources. It is a widely used service that can meet the needs of those hosting a small website or running large-scale applications.

What are EC2 Instances?

EC2 instances are virtual servers that run in the AWS cloud. They can be launched in any AWS region, allowing you to choose the region that is closest to your users or that best meets your needs.

EC2 instances offer several advantages over traditional physical servers, including:

  • Scalability: You can quickly scale your compute resources up or down based on demand.
  • Flexibility: Choose from a variety of instance types optimized for different use cases.
  • Cost-effectiveness: Pay only for the resources you use.
  • Security: Benefit from AWS's robust security features to protect your instances and data.

Key Features of AWS EC2

Amazon Machine Images (AMIs)

Amazon Machine Images (AMIs) are pre-configured templates that contain the software configuration (operating system, application server, and applications) required to launch your instance. They are the foundation for launching EC2 instances. AWS provides a variety of AMIs, including ones with pre-installed software. You can also create your own custom AMI.

There are two types of AMIs:

  • S3-backed AMIs: These AMIs store their data in Amazon S3.
  • EBS-backed AMIs: These AMIs store their data on Amazon EBS volumes. EBS-backed AMIs offer faster boot times and the ability to take snapshots.

Security in AWS EC2

Security is a vital aspect of cloud computing. AWS uses a key pair method to authenticate users to their instances.

What is a key pair?

A key pair consists of a public key and a private key. The public key is used to encrypt data, and the private key is used to decrypt data. The public key is stored on your EC2 instance, while the private key is stored locally.

Key pairs can be used to:

  • Connect to your instance using SSH (for Linux instances) or RDP (for Windows instances)
  • Log in to your Windows instance remotely
  • Retrieve the password for your instance

It is important to keep your private key secure. If you lose your private key, you will not be able to connect to your instance.

Security Groups

Security groups are like virtual firewalls that control inbound and outbound traffic for your instances. You can use security groups to specify which protocols and ports are allowed to access your instances.

Network Access Control Lists (NACLs)

NACLs are an additional layer of security that can be applied to your subnets. NACLs are stateless, meaning they examine each packet individually, regardless of previous packets. Like security groups, NACLs allow you to control inbound and outbound traffic; however, they operate at the subnet level, while security groups operate at the instance level.

EBS Volumes

EBS, or Elastic Block Storage, is a block storage service that can be used to store persistent data for your EC2 instances. EBS volumes are like virtual hard drives that can be attached to and detached from instances as needed. They are used to store data that needs to persist even when the instance is stopped or terminated.

Types of EBS Volumes

AWS offers several different types of EBS volumes, each optimized for different performance and cost requirements. You can choose the type of volume that best suits your needs based on the type of workload you are running.

Some common EBS volume types include:

  • General Purpose SSD (gp2): These volumes offer a balance of price and performance for a variety of workloads.
  • Provisioned IOPS SSD (io1): These volumes are designed for I/O-intensive workloads that require high performance and consistent, low-latency storage.
  • Throughput Optimized HDD (st1): These volumes are designed for frequently accessed, throughput-intensive workloads that require low cost.
  • Cold HDD (sc1): These volumes are designed for less frequently accessed workloads that can tolerate higher latency.
  • io2: These volumes are designed for I/O-intensive workloads that require extremely high performance with very low latency.
  • io1: These volumes are designed for transaction-intensive workloads with a sustained IOPS performance.

EBS Snapshots

EBS snapshots are point-in-time copies of your EBS volumes that can be used to create new volumes. They are a cost-effective and efficient way to back up your EBS volumes and protect your data. Snapshots are incremental, meaning that only the blocks that have changed since the last snapshot are copied.

Snapshot Flow

The following illustrates the process of creating and using an EBS snapshot:

  1. Create a snapshot: Take a snapshot of your EBS volume.
  2. Create a new volume from the snapshot: Create a new EBS volume using the snapshot.
  3. Attach the volume: Attach the new volume to a different EC2 instance.

EC2 Instance Types

EC2 instances come in a wide variety of types, each optimized for different workloads. When choosing an instance type, you should consider the following factors:

  • Workload requirements: What kind of application or workload will you be running?
  • Performance needs: How much CPU, memory, and storage do you need?
  • Cost: How much are you willing to spend?

Instance Families

Instance types are grouped into families based on their use cases. Some common instance families include:

  • General purpose: These instances offer a balance of compute, memory, and networking resources and are suitable for a wide range of applications.
  • Compute optimized: These instances are designed for compute-intensive workloads that require high processing power, such as high-performance computing (HPC), gaming, and video encoding.
  • Memory optimized: These instances are designed for memory-intensive workloads that require large amounts of RAM, such as databases, in-memory caches, and real-time big data analytics.
  • Accelerated computing: These instances are equipped with hardware accelerators, such as GPUs and FPGAs, to provide high performance for machine learning, deep learning, and other specialized workloads.
  • Storage optimized: These instances are designed for workloads that require high sequential read and write performance to large datasets, such as data warehousing, log processing, and media transcoding.

Instance Sizes

Each instance family includes multiple size options with varying levels of CPU, memory, and storage capacity. You can choose the instance size that best fits your workload needs and budget.

Example:

T2 instances are general purpose instances that are not recommended for production environments. These instances have CPU credits, which are earned over time and can be used to burst above the instance's baseline performance. However, if the instance runs out of CPU credits, its performance will be throttled.

T2 instances are well-suited for testing environments, development environments, and low-traffic websites.

User Data

User data allows you to run scripts on your EC2 instances when they start. User data can be used to:

  • Install software packages
  • Update the package manager
  • Configure the operating system
  • Start services

User data scripts are run with root privileges, so you can use them to perform any task that you would normally perform as root.

Debugging User Data Scripts

If a user data script is not working as expected, you can check the logs to see what went wrong. You can find the user data logs in the following location:

/var/log/cloud-init-output.log

AWS EC2 Launch Templates

AWS EC2 Launch Templates allow you to create and manage templates for launching EC2 instances. You can define all of the settings for your instances in a launch template, such as:

  • AMI ID
  • Instance type
  • Key pair
  • Network settings
  • Storage settings
  • Security groups
  • User data

Launch templates are a good way to ensure that your instances are launched with consistent settings. They can also help to simplify the process of launching multiple instances.

Benefits of Launch Templates
  • Save time and effort: You don't need to manually enter the same configuration details each time you launch an instance.
  • Ensure consistency: All instances launched from a template will have the same configuration, reducing errors and ensuring predictability.
  • Version control: You can create multiple versions of a template to track changes over time.
  • Automation: Integrate launch templates with other AWS services, such as Auto Scaling, to automate instance provisioning.

Placement Groups

Placement groups allow you to group your EC2 instances together for low-latency networking and high network throughput. There are three types of placement groups:

  • Cluster placement groups: Pack instances close together for high network performance.
  • Spread placement groups: Spread instances across underlying hardware to reduce the likelihood of correlated failures.
  • Partition placement groups: Divide instances into logical partitions, each with its own set of underlying hardware.

Purchasing Options for EC2 Instances

AWS offers several different purchasing options for EC2 instances. You can choose the option that best meets your needs based on the length of time you need the instance and your budget.

On-Demand Instances

On-demand instances are ideal for short-term, spiky, or unpredictable workloads that require immediate access to compute resources. You pay for on-demand instances by the hour or second, with no long-term commitments.

Reserved Instances

Reserved instances provide a significant discount compared to on-demand instances, in exchange for making a one- or three-year commitment. Reserved instances are a good choice for steady-state workloads that you know you will need for a long period.

There are three types of reserved instances:

  • Standard: Offer the highest discount
  • Convertible: Allow you to change the instance type or operating system
  • Scheduled: Allow you to reserve instances for specific time periods

Spot Instances

Spot instances allow you to bid on spare EC2 capacity at a discounted rate. However, your instance can be terminated if your bid price falls below the current spot price. Spot instances are a good option for fault-tolerant, flexible workloads that can be interrupted. For example, if your bid price falls below the current spot price, you will have two minutes to finish your work before the instance is terminated.

Savings Plans

Savings plans are a flexible pricing model that allows you to commit to a certain amount of compute usage over a one- or three-year term. Savings plans offer a discount compared to on-demand instances, and they can be applied to a variety of instance families and sizes.

You can choose from two types of Savings Plans:

  • Compute Savings Plans: These plans provide the most flexibility and can be applied to any EC2 instance family, size, region, or operating system.
  • EC2 Instance Savings Plans: These plans provide the highest discount but require you to commit to a specific instance family and size in a particular region.

Dedicated Hosts

Dedicated hosts allow you to rent a physical server that is dedicated to your use. This can be beneficial for workloads that require compliance with specific regulatory requirements or that need to maintain a high level of isolation from other tenants.

Launching an EC2 Instance

Follow these steps to launch your first EC2 instance:

  1. Log in to the AWS Management Console: Go to the AWS website and log in to your AWS account.
  2. Navigate to the EC2 service: In the AWS Management Console, click on the "Services" dropdown menu and select "EC2." This will take you to the EC2 dashboard.
  3. Click "Launch Instance": On the EC2 dashboard, click on the blue "Launch Instance" button to begin the instance launch process.
  4. Choose an AMI: Select an Amazon Machine Image (AMI) that contains the operating system and software you need for your instance. AWS provides a wide range of pre-built AMIs, including ones with popular operating systems like Amazon Linux, Ubuntu, Windows Server, and Red Hat Enterprise Linux. You can also choose to use a custom AMI if you have specific requirements.
  5. Choose an Instance Type: Choose an instance type based on your performance and resource requirements. Consider factors such as the number of vCPUs, memory, storage capacity, and network performance you need. AWS offers a variety of instance types, each optimized for different workloads, such as general purpose, compute-optimized, memory-optimized, and storage-optimized instances.
  6. Configure Instance Details: This step involves specifying various configuration details for your instance, including the number of instances you want to launch, the network settings, IAM roles, VPC, subnet, and placement groups. You can also configure shutdown behavior, enable termination protection, and specify a monitoring strategy.
  7. Add Storage: Configure the storage options for your instance. By default, most AMIs come with a root volume that uses the General Purpose SSD (gp2) storage type. You can adjust the size of the root volume or choose a different storage type. You can also add additional EBS volumes to store data separately from the root volume.
  8. Tag Instance: Assign meaningful tags to your instance to help you organize and identify it later. Tags are key-value pairs that you can use to categorize your resources based on purpose, environment, or other criteria.
  9. Configure Security Groups: Configure the security groups for your instance to control incoming and outgoing network traffic. Security groups act as virtual firewalls that allow you to specify rules for which protocols and ports are allowed to access your instance. It's crucial to properly configure security groups to ensure the security of your instance and data.
  10. Review and Launch: Review all the configuration settings you've made, choose a key pair for authentication, and launch your instance.

Once you've launched your instance, it will take a few minutes for it to become available. You can then connect to your instance using SSH for Linux instances or RDP for Windows instances.

Connecting to Your Instance

After your instance has launched and passed its status checks, you can connect to it using SSH (for Linux) or RDP (for Windows). Make sure you have the private key associated with the key pair you selected during the launch process.

Connecting to a Linux Instance Using SSH

  1. Locate your private key file: The private key file is typically downloaded to your computer when you create a key pair. It usually has a ".pem" file extension.

  2. Set the appropriate permissions for your private key file: Use the following command in your terminal to restrict access to your private key file:

    chmod 400 your-key-pair.pem

  3. Use an SSH client: You can use a terminal application on your computer, such as Terminal on macOS or Linux, or PuTTY on Windows.

  4. Connect to your instance: In your terminal, use the following SSH command to connect to your Linux instance:

    ssh -i your-key-pair.pem ec2-user@your-instance-public-ip

- Replace `your-key-pair.pem` with the path to your private key file.
- Replace `your-instance-public-ip` with the public IP address of your EC2 instance.
- The default username for Amazon Linux 2 and Ubuntu instances is `ec2-user`.
Enter fullscreen mode Exit fullscreen mode

Connecting to a Windows Instance Using RDP

  1. Obtain the Administrator password: You can get the password for your Windows instance by following these steps in the AWS Management Console:
- Go to the EC2 dashboard.
- Select the instance you want to connect to.
- Click on the "Connect" button.
- Select the "RDP client" tab.
- Click on the "Get password" button.
- You will be prompted to upload the private key file associated with your key pair.
- Once the private key is uploaded, the Administrator password will be displayed.
Enter fullscreen mode Exit fullscreen mode
  1. Open the Remote Desktop Connection application on your Windows computer.

  2. Enter your instance's public IP address and click "Connect."

  3. Enter the Administrator username and password when prompted.

  4. Click "OK" to connect to your instance.

AWS EC2 Use Cases

The flexibility, scalability, and cost-effectiveness of AWS EC2 make it suitable for a variety of applications and workloads, including:

  • Hosting websites and web applications: EC2 is a popular choice for hosting websites and web applications of all sizes.
  • Running big data analytics: EC2 instances can handle the large datasets and complex processing tasks involved in big data analytics.
  • Machine learning and artificial intelligence: EC2 offers instance types with specialized hardware accelerators, such as GPUs and FPGAs, to accelerate machine learning and artificial intelligence workloads.
  • Development and testing environments: EC2 provides a cost-effective way to set up development and testing environments without having to invest in physical hardware.
  • Batch processing: EC2 is well-suited for running batch processing jobs, such as image processing, video transcoding, and scientific simulations.
  • Databases: EC2 can be used to host various databases, including relational databases, NoSQL databases, and in-memory databases.

Monitoring and Management

AWS provides tools for monitoring and managing your EC2 instances.

Amazon CloudWatch

Amazon CloudWatch is a monitoring service that collects and tracks metrics from your EC2 instances and other AWS resources. You can use CloudWatch to:

  • Monitor instance performance: Track metrics such as CPU utilization, memory usage, disk I/O, and network traffic.
  • Set alarms: Configure alarms to notify you when specific metrics exceed predefined thresholds.
  • Create dashboards: Visualize and analyze your metrics using custom dashboards.

AWS Management Console

The AWS Management Console is a web-based interface for managing your EC2 instances and other AWS resources. You can use the console to launch instances, configure security settings, manage storage, monitor performance, and more.

AWS Command Line Interface (CLI)

The AWS Command Line Interface (CLI) is a powerful tool for managing your AWS resources from the command line. You can use the CLI to automate tasks, script deployments, and integrate with other tools.

AWS SDKs

AWS Software Development Kits (SDKs) provide libraries and code samples for various programming languages, allowing you to interact with AWS services programmatically. You can use SDKs to build applications that leverage EC2 and other AWS services.

Conclusion

Amazon EC2 is a foundational service in the AWS ecosystem. It empowers users with a flexible, scalable, and cost-effective platform to run a wide range of applications and workloads. By understanding the key concepts, features, and use cases of EC2, individuals and organizations can unlock the immense potential of cloud computing and drive innovation in their respective domains.

💖 💪 🙅 🚩
borhanitrash
Md. Abdur Rahman

Posted on November 7, 2024

Join Our Newsletter. No Spam, Only the good stuff.

Sign up to receive the latest update from our blog.

Related