EC2
If you’ve just landed here, we’re doing a “Become a Cloud Architect” Unicorn Workshop by building a Unicorn Pursuit Web App step by step, and you’re more then welcome to join!
About EC2
Elastic Compute Cloud, or EC2 is AWS IaaS offer, which is where AWS dominates the market.
Cool: You pay Linux by Second, and Windows by the Hour.
Instance types (the most typical) are:
- P, graphic
- G3, graphic intensive
- I for IOPS
- H1, high DISK throughout
- T2, Low Cost General Purpose (like Web Servers)
- M5, General Purpose, for App Servers
- C5, Compute Optimized
- R for RAM optimized.
- X1, huge (extreme) amount of RAM, like SAP HANA
Code
Deep Dive
AMI
An Amazon Machine Image (AMI) is a template that contains a software configuration (for example, an operating system, an application server, and applications). From an AMI, you launch an instance, which is a copy of the AMI running as a virtual server in the cloud. You can choose between:
- HVM, Hardware Virtual Machine, that gives more options due to the advanced hardware drivers
- PV, Para-Virtual, which is basically and old gen.
There are basically 3 pricing options in EC2:
- On Demand Instances, pay per use
- Reserved Instances, reserve for a period of time and get discount
- Spot Instances, where you bid on UNUSED resources. This requires some additional engineering, but you can save a lot of money on expensive compute. If SPOT is terminated by AWS, you’re not charged for the last hour (if you terminate them, you DO pay for this last hour)
VM Import Connector: Import from vSphere or Hyper-V or Citrix XEN to copy the images to AWS as AMIs. This also works the other way around.
Elastic IP
Elastic IP Addresses are static IP addresses which are associated with your AWS account, they can be used to mask the failure of an instance by automatically remapping your address to another working instance in your account.
A disassociated Elastic IP address remains allocated to your account until you explicitly release it.
ENI
Elastic Network Interface, which EC2 is attached to, but has an independent lifetime, and it´s truly elastic. This way you can associate an ENI with a VPC, and a EC2 instance can be “free” to roam the region. A ENI has:
- Description
- Private IP Address
- Elastic IP Address (from the public IP range)
- MAC Address
- Security Group(s)
- Source/Destination Check Flag
- Delete on Termination Flag
EBS
AWS EBS (Elastic Block Store) provides persistent block-level data storage. It’s basically a VIRTUAL DISK. Block storage stores files in multiple volumes called blocks, which act as separate hard drives; block storage devices are more flexible and offer higher performance than regular file storage. You need to mount EBS onto an Amazon EC2 instance. Use cases include business continuity, software testing, and database management.
EBS snapshot is encrypted if a EBS volume is encrypted. EBS snapshot has an SLA of 11 9-s.
Each Amazon EBS volume is automatically replicated within its Availability Zone to protect you from component failure, offering high availability and durability.
EBS comes in different volume types:
- General Purpose SSD, under 10.000 IOPS
- Provisioned IOPS SSD, over 10.000 IOPS, up to 20.000
- Throughput Optimized HDD (cannot be boot volume)
- Cold HDD, low cost, something like a File System
- Magnetic… lowest cost, infrequent access, but it CAN be used as a boot volume, unlike other HDDs.
Authentication
To authenticate users to their instances, AWS employs a key pair method (private and public key). The keys that Amazon EC2 uses are 2048-bit SSH-2 RSA keys. You can have up to five thousand key pairs per region. A key pair consists of a public key that AWS stores and a private key file that you store (downloaded as PEM file). PEM stands for Privacy Enhanced Mail and is a widely used X.509 encoding format used for security certificates. Together, the two keys enable you to securely connect to your EC2 instance using SSH
Create a Key Pair on AWS when creating an instance. Download a .PEM file. Try SSH:
MatBook-Pro:~ mjovanovic$ ssh root@ec2-34-251-238-113.eu-west-1.compute.amazonaws.com
The authenticity of host ‘ec2-34-251-238-113.eu-west-1.compute.amazonaws.com (34.251.238.113)’ can’t be established. ECDSA key fingerprint is SHA256:wRJiPc5zBOXH+xdqwQ18zShfsR9360pGFH4OYKEfBTU. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added ‘ec2-34-251-238-113.eu-west-1.compute.amazonaws.com,34.251.238.113’ (ECDSA) to the list of known hosts. root@ec2-34-251-238-113.eu-west-1.compute.amazonaws.com: Permission denied (publickey,gssapi-keyex,gssapi-with-mic). MatBook-Pro:~ mjovanovic$
Auto Scaling
Two main benefits are Availability and Reliability.
Where to find more info
Feedback
Was this page helpful?
Awesome! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.