Step 3: Launch an instance into your subnet

sebastiantorres86

Sebastian Torres

Posted on April 17, 2022

Step 3: Launch an instance into your subnet

To test that your subnet is public and that instance in the subnet are accesible over the internet, launch an instance into your public subnet and connect to it. First, you must create a security group to associate with your instance, and a key pair with which you'll connect to your instance. For more information about security groups, see Control traffic to resources using security groups. For more information about key pairs, see Amazon EC2 key Pairs on the Amazon EC2 User Guide for Linux Instances.

To launch and connect to an instance in your public subnet.

  • Create a key pair and use the --query option and the --output text option to pipe your private key directly into a file with the .pem extension.
$ aws ec2 create-key-pair --key-name MyKeyPair --query "KeyMaterial" --output text > MyKeyPair.pem
Enter fullscreen mode Exit fullscreen mode

In this example, you launch an Amazon Linux instance. If you use an SSH client on a Linux or Mac OS X operating system to connect to your instance, use the following command to set the permissions of your private key file so that only you can read it.

$ chmod 400 MyKeyPair.pem
Enter fullscreen mode Exit fullscreen mode
$ aws ec2 create-security-group --group-name SSHAndHTTPccess --description "Security group for SSH and HTTP access" --vpc-id vpc-2f09a348
Enter fullscreen mode Exit fullscreen mode
{

 "GroupId": "sg-e1fb8c9a"
}
Enter fullscreen mode Exit fullscreen mode

Add a rule that allow SSH access from anywhere using the authorize-security-group command.

$ aws ec2 authorize-security-group-ingress --group-id sg-e1fb8c9a --protocol tcp --port 22 --cidr 0.0.0.0/0
Enter fullscreen mode Exit fullscreen mode

Add another rule that allows inbound HTTP traffic from anywhere.

$ aws ec2 authorize-securty-group-ingress --group-id sg-e1fb8c9a --protocol tcp --port 80 --cidr 0.0.0.0/0
Enter fullscreen mode Exit fullscreen mode

Note
If you use 0.0.0.0/0, you enable all IPv4 addresses to access your instance using SSH. This is acceptable for this short exercise, but in production, authorize only a specific IP address or range of addresses.

  • Launch an instance into your public subnet, using the security group and key pair you've created. In the output, take note of the instance ID for your instance. You must perform the same steps to launch at least one more instance.

When you launch an instance in Amazon EC2, you have the option of passing user data to the instance that can be used to perform common automated configuration tasks and even run scripts after the instance starts. You can pass two types of user data to Amazon EC2: shell scripts and cloud-init directives.

You can also pass this data into the launch wizard as plain text, as a file (this is useful for launching instances using the command line tools), or as base64-encoded text (for API calls). Create a shell file with the following script that creates and configures our simple web server.

#!/bin/bash
# User data for new EC2 instances
# install httpd (Linux 2 version)
yum update -y
yum install -y httpd
systemctl start httpd
systemctl enable httpd
echo "<h1>Hello World!</h1> <h1>This is $(hostname -f)</h1>" > /var/www/html/index.html
Enter fullscreen mode Exit fullscreen mode

The following command show how to specify the script using the shell file. Be sure to use the file:// prefix to specify the file.

$ aws ec2 run-instances --image-id ami-03ededff12e34e59e --count 1 --instance-type t2.micro --key-name MyKeyPair --security-group-ids sg-e1fb8c9a --subnet-id subnet-b46032ec --user-data file://my_script.sh
Enter fullscreen mode Exit fullscreen mode

Note
In this example, the AMI is an Amazon Linux 2 AMI in the US East (N. Virginia) Region. If you're in a different Region, you'll need the AMI ID for a suitable AMI in your Region. For more information, see Finding a Linux AMI in the Amazon EC2 User Guide for Linux Instances.

  • Your instance must be in the running state in order to connect to it. Allow enough time for the instance to launch and run the directives in your user data, and then check to see that your directives have completed the tasks you intended. Use the following command to describe the state and IP address of your instance.
$ aws ec2 describe-instances --instance-id i-0146854b7443af453 --query "Reservations[*].Instances[*].{State:State.Name,Address:PublicIpAddress}"
Enter fullscreen mode Exit fullscreen mode

The following is example output

[
   [
      {
        "State": "running",
        "Address": "52.87.168.235"
      }
   ]
]
Enter fullscreen mode Exit fullscreen mode

For our example, in a web browser, enter the public IP address.

http://52.87.168.235
Enter fullscreen mode Exit fullscreen mode

You should see the "Hello World" message and the IP address of your instance.

  • When your instance is in the running state, you can connect to it using an SSH client on a Linux or Mac OS X computer by using the following command:
$ ssh -i "MyKeyPair.pem" ec2-user@52.87.168.235
Enter fullscreen mode Exit fullscreen mode

If you're connecting from a Windows computer, use the following instructions: Connecting to your Linux instance from Windows using PuTTY.

💖 💪 🙅 🚩
sebastiantorres86
Sebastian Torres

Posted on April 17, 2022

Join Our Newsletter. No Spam, Only the good stuff.

Sign up to receive the latest update from our blog.

Related

What was your win this week?
weeklyretro What was your win this week?

November 29, 2024

Where GitOps Meets ClickOps
devops Where GitOps Meets ClickOps

November 29, 2024