Day 01 || AWS Elastic Cloud Compute (EC2) step by step all details in one blog
As part of my AWS journey, I recently dived deep into the fundamentals of Amazon EC2 (Elastic Compute Cloud). This blog will walk you through everything I learned about EC2, from setting up instances to understanding the critical concepts of IP addressing, security, user data scripts, and instance protection.
What is EC2?
Amazon EC2 is a web service that provides resizable compute capacity in the cloud. It allows you to launch virtual machines (instances) to run applications, which behave much like physical servers but with the flexibility to scale up or down depending on your needs.
Why Use EC2?
Scalability: You can easily scale your infrastructure by launching more instances as demand increases.
Cost-Effective: You pay only for the compute time you use, making it ideal for businesses of any size.
Flexibility: EC2 offers a wide range of instance types to suit different workloads.
How to Create an EC2 Instance
To get started, the first step is launching an EC2 instance. Here’s a detailed breakdown of how to create one:
Go to the AWS Management Console and navigate to the EC2 dashboard.
Click ‘Launch Instance’. This will start the process of creating a new virtual machine in the cloud.
Select an Amazon Machine Image (AMI): An AMI is a template that contains the operating system (OS) and application server. I chose a free-tier eligible Linux AMI.
Choose an Instance Type: I selected the
t2.micro
instance, which is suitable for small applications and testing. It’s part of the free tier, which means you won’t be charged if you stay within limits.Configure Instance Details: Here, you can choose the number of instances, configure network settings, enable auto-scaling, etc. For my setup, I stuck with the default settings.
Add Storage: You can add additional storage volumes to your instance if needed. The default is 8 GB, but this can be adjusted based on your application’s needs.
Configure a Security Group: Security groups act as firewalls that control traffic to and from your instance. I created a rule to allow SSH (port 22) access only from my IP address to enhance security.
Review and Launch: After reviewing all configurations, I clicked on 'Launch' and used an existing key pair to connect securely to the instance via SSH.
Connecting to Your EC2 Instance via SSH
Once the instance was running, I used an SSH client to connect:
ssh -i your-key-pair.pem ec2-user@your-public-ip
This allowed me to manage my instance from the terminal, just like working on a regular server.
Understanding Public and Private IPs in EC2
EC2 instances come with two types of IP addresses: Public and Private. Understanding the difference between them is crucial for configuring your instance’s networking.
Public IP: This is a globally unique IP address assigned to your instance, making it accessible over the internet. It is dynamic and changes if the instance is stopped and started.
Private IP: This is an internal IP address used for communication within a Virtual Private Cloud (VPC). It is not routable over the internet, meaning it can only be used for private networking within your cloud environment.
Practical Usage:
A public IP is ideal for instances that need to be accessed by users over the internet (e.g., web servers).
A private IP is perfect for backend servers or databases that should only communicate within a secure network.
Securing EC2 Instances with Security Groups
Securing an EC2 instance is one of the most critical steps in the deployment process. AWS provides Security Groups, which are essentially virtual firewalls that control both inbound and outbound traffic.
How Security Groups Work:
You can define inbound rules to control the types of traffic allowed to reach your instance (e.g., HTTP, SSH, etc.).
Similarly, outbound rules determine the traffic allowed to leave your instance.
For example, in my case:
I configured an inbound rule to allow SSH (port 22) access only from my IP address for added security.
I also set up HTTP (port 80) to allow access to the web server running on the instance.
Steps to Create a Security Group:
Navigate to the Security Groups section in the EC2 dashboard.
Create a New Security Group and specify the necessary rules.
Assign the group to your EC2 instance.
This ensures that only authorized traffic can access your machine, minimizing the risk of unauthorized access.
Automating Tasks with User Data Scripts
AWS EC2 provides a powerful feature known as User Data Scripts, which allow you to automate the execution of commands when an instance is launched. This can be particularly useful for tasks like installing software, configuring services, or setting up the environment.
Example:
I used the following script to automatically install the Apache web server and start the service upon instance launch:
bashCopy code#!/bin/bash
sudo yum update -y
sudo yum install httpd -y
sudo systemctl start httpd
sudo systemctl enable httpd
This way, as soon as my instance was up and running, Apache was installed and ready to go without any manual intervention.
Protecting EC2 Instances from Accidental Termination
To avoid accidentally terminating an EC2 instance, you can enable Termination Protection. When this feature is activated, the instance cannot be terminated from the console unless termination protection is explicitly disabled.
How to Enable Termination Protection:
In the EC2 dashboard, select the instance you want to protect.
Click Actions > Instance Settings > Change Termination Protection.
Enable the protection option and save changes.
This feature adds an extra layer of safety, especially when working with important or production-level instances.
Understanding AWS Placement Groups
Lastly, I explored AWS Placement Groups, which control how EC2 instances are placed on underlying hardware. There are three types of placement groups you can choose from, depending on your workload’s requirements:
Cluster Placement: Instances are placed close together on the same physical server to minimize latency. This is ideal for high-performance computing tasks.
Spread Placement: Instances are spread across different physical hardware to reduce the risk of failure.
Partition Placement: Instances are divided into partitions, where each partition is isolated from others, making this a good option for large distributed systems.
Choosing the Right Placement Group:
Cluster: Best for applications that require low latency and high throughput.
Spread: Ideal when you want to reduce the risk of hardware failure affecting multiple instances.
Partition: Useful for workloads like HDFS, HBase, and Cassandra, where you need failure isolation.
Conclusion
Learning about AWS EC2 has been an eye-opening experience. From creating virtual machines to understanding the intricacies of networking and security, EC2 offers powerful tools for deploying scalable applications in the cloud. As I continue my AWS journey, I’m excited to delve deeper into more advanced features and share what I learn along the way. Stay tuned for more upda