• The core functionality of the Amazon EC2 service is to provide compute facilities
• Comes under the category of Infrastructure as a Service
• A benefit of EC2 is that they come with Static Public IP, it provides the benefit of accessing the EC2 from anywhere in the world with ease.
• Also consists of the following functionalities
  • Storing data on drives ( EBS )
  • Distributing load across machines ( ELB )
  • Scaling the services using an auto-scaling group ( ASG )

• Naming Convention :

			m5.2xlarge
	

			m5.2xlarge
	

1. m : instance class
2. 5 : generation ( improves over the time )
3. 2xlarge : size within the instance class

• The service provides compute facilities in the form of Virtual Machines, according to your desired specs which includes

  • CPU
  • Memory ( RAM )
  • I/O ( Input / Output ) Speed
  • Storage ( Can be SSD or HDD )

• There are many use cases for EC2

  • Hosting websites ( static or dynamic )
  • Running workloads
  • Can also be used for development

• Since different use cases demand different hardware requirements, lets look at the instances types that are available.

Page of an EC2 instance

EC2 Instance Page

1. Menu on EC2 Instance Page to access all the instances
2. Option to connect to the EC2 instances
3. Option to Manage the state of the instance, the states are
   • Terminate : Delete the instance forever
   • Stop : Equivalent to shutdown
   • Start
   • Reboot
   • Hibernate : Store the contents of Ram to Storage, preserving the state of the instance

Ways to Connect to an EC2 Instance

EC2 Connection Options

1. EC2 Instance Connect : Uses temporary SSH Key to login to the server from within the browser
2. Session Manager : Doesn't use SSH Port ( We'll learn about this later )
3. SSH Client : This method is to connect from out ssh clients like Windows Terminal or Putty or any other SSH Client
4. EC2 Serial Console : Will learn about this later

Benfits of EC2 Instance Connect

• No need for manual management of SSH Keys
• Can be used within the browser

Instance Types

AWS provides us with various types of instances, each suited for different use case and the types are :

General Purpose

• Serves for multiple workloads such as web servers or code repositories
• Provides balance between :
  • Compute Power
  • Networking
  • Memory

Compute Optimized

• Great for compute intensive tasks that require high performance processors :
  • Batch processing workloads
  • Media transcoding
  • High performance web servers
• Naming convention : starts with C
  • For example :
    • C6g
    • C6gd

Memory Optimized

• Fast performance for workloads that process large data sets in memory
• Use cases :
  • High performance relational/non-relational databases
  • In memory databases optimized for BI ( business intelligence )

• Naming Convention: Starts with R, u, X or z
  • For example:
    • R7iz
    • X1e
    • X2gd

Storage Optimized

• Great for storage intensive tasks that require high speed of read and write operations to access large data sets
• Use cases :
  • High Frequency Online Transaction Processing Systems ( OLTP )
  • Relational and NoSQL databases
  • Cache for in memory databases ( for example, Redis )
• Naming Convention : Starts with I, G or H

• For example:
  • D3en
  • H1
  • I3en

Security Groups

• The layer of security ( also known as firewall ) around EC2
• It controls how traffic is allowed into or out of the EC2 instances
• Security groups only contain allow rules
• Security groups rules can reference by IP or by security group
• Contains Authorised IP ranges - IPv4 and IPv6
• All inbound traffic is blocked by default
• Inbound traffic is controlled using rules with Authorized IP ranges
• Outbound traffic is usually allowed to any IP address
• Can be attached to multiple instances
• Locked down to a region / VPC combination
• Lives outside the EC2.
  • If the traffic is blocked then the EC2 won't know about that
• Good to maintain separate security group for SSH access

Note about Security Groups

• If the application is not accessible ( timeout ), then its a security group issue
• If the application gives connection refused then its an application error

Components of a Security Group

Page of Default Security Group

1. Menu for Security Groups under EC2 Service
2. Option to Edit Inbound Rules
3. All allow rules for Inbound Rules are set here
4. All allow rules for Outbound Rules are set here

Storage for Instances

EBS

• Elastic Block Store is a network drive that can be attached to an instance
• Helps in data persistence ( preserve the data ) even when the instance is terminated
• Can be mounted to only one instance at a time
• Is bound to a specific AZ ( meaning it can be only used only in the AZ where it was created )
• Free Tier : 30GB of gp2 or gp3
• Benefit :
  • Since EBS is a network drive, it can be attached and detached from an instance
  • Can be also reattached to other instances
• To use the EBS in another AZ, first need to snapshot it and then move it across another AZ
• Latency is expected since it's a network drive
• We need to provision the required capacity, before we start using the EBS
• Bill is calculated on the Provisioned capacity
• Capacity of the EBS can be increased, even after the provision
• General behaviour when the EC2 instance is terminated, is the EBS volume also gets deleted
  • This behaviour can be changed using the Delete on Termination option
  • The above behaviour only applies to Root Volumes
• Only these type can be used as Boot Volumes
  • gp2
  • gp3
  • io1
  • io2

Hands On

This theory is enough for the upcoming Hands On. Follow this blog for a quick Hands On deploying a Simple Web Page using Apache Web Server on an EC2 Instance

Elastic IP

• When an instance is stopped / terminated and started again, the Public IP changes
• To have a static IP or same ip when an instance is stopped and started, an Elastic IP is needed
• An Elastic IP be attached only to one instance at a time.
• Once we have an Elastic IP, we can access our machines using that same IP even though the underlying machines may get terminated / changed
• An AWS account can have only 5 Elastic IP ( Can be increased )
• It is generally recommended to avoid using Elastic IP
  • Because it represents poor architectural decisions
  • Instead use a random IP which is allocated by AWS and register a DNS name to it
  • Use a load balancer
• Elastic IP is charged for as long as they are not associated with any instance or network service, meaning you have to keep the Elastic IP attached to an instance, otherwise you will be charged.