Amazon EC2

  • It expands to Amazon Elastic Compute Cloud
  • It is AWS primary web service
  • It enables resizable compute capacity in cloud.

Compute Basics

  • compute is amount of computational power required to fulfill workload.
  • If workload is less, as website having few visitors, compute should be small.
  • For a large workload, huge deal of compute is needed
  • Amount of compute may change over time, as per need
  • EC2 provides compute by launching virtual servers called instances
  • As per need, we launch instance and are charged per hour while instance is running.

Concepts for launching instances on AWS

  • Two concepts
    • Amount of virtual hardware dedicated to the instance
    • Software loaded on the instance.
  • Above two concepts of new instances are controlled, respectively, by the instance type and the AMI.

Instance Types

  • Instance type is the virtual hardware of an EC2 instance.
  • some instance types are
    • Virtual CPU (vCPUs)
    • Memory, Storage Sze (size and type)
    • Network performance
  • Instance types are grouped into families based on ratio of these values to each other.
  • Sample instance type families are
    • c4 – Compute optimized—For workloads requiring significant processing
    • r3 – Memory optimized—For memory-intensive workloads
    • i2 – Storage optimized—For workloads requiring high amounts of fast SSD storage
    • g2 – GPU-based instances—Intended for graphics and general-purpose GPU compute workloads
  • network performance is important variable to consider
  • Most instance types, have a measure of network performance like low, moderate, or high.
  • Enhanced networking support in C3, C4, D2, I2, M4, and R3 families
  • Enabling enhanced networking involves ensuring correct drivers are installed
  • Enhanced networking is available only for instances in Amazon VPC

Amazon Machine Images (AMIs)

  • It defines initial software on instance when launched.
  • An AMI definition includes
    • The Operating System (OS) and its configuration
    • The initial state of any patches
    • Application or system software
  • Sources of AMIs
    • Published by AWS — AWS publishes AMIs with versions of many different OSS, both Linux and Windows
    • AWS Marketplace — It is an online store that assist customers find, buy, and immediately start using the software and services that run on Amazon EC2.
    • Existing Instances — An AMI can be created from an existing Amazon EC2 instance.
    • Uploaded Virtual Servers — Using AWS VM Import/Export service, customers can create images from various virtualization formats, including raw, VHD, VMDK, and OVA.
  • Addressing an Instance
  • Several ways as –
    • Public Domain Name System (DNS) Name — After launching AWS creates a DNS to access the instance. This DNS name is generated automatically and cannot be specified by the customer.
    • Public IP — A launched instance may also have a public IP address assigned. IP address is assigned from addresses reserved by AWS and cannot be specified.
    • Elastic IP — Elastic IP address is an address unique on the Internet that can be reserved independently and associate with an Amazon EC2 instance.
  • Amazon EC2 uses public-key cryptography to encrypt and decrypt login information.
  • Key pairs can be created through
    • AWS Management Console
    • CLI
    • API
  • Customers can upload their own key pairs.
  • AWS stores the public key, and the private key is kept by the customer.

Virtual Firewall Protection

  • traffic in and out can be controlled for instances through virtual firewalls called security groups.
  • Security groups control traffic based on
    • port
    • protocol
    • source/destination.
  • As AWS service dfferent security groups have different capabilities, as
  • For EC2 – Classic Security Groups Control outgoing instance traffic
  • For VPC – Security Groups Control outgoing and incoming instance traffic

Security group

  • has rules
  • default is deny
  • does not allow any traffic that is not explicitly allowed by a security group rule.
  • rule has 3 attributes.
  • For instance with multiple security groups, rules are aggregated and all traffic allowed by each of the individual groups is allowed.

Lifecycle of Instances

Instance management lifecycle  involves

  • Launching a Managing Instances
  • Monitoring Instances
  • Modifying Instances and Termination Protection

Launching an instance

Additional services in launching new Amazon EC2 instances, are

  • Bootstrapping – Process of providing code to be run on an instance at launch is called bootstrapping.
  • VM Import/Export – Enables you to easily import Virtual Machines (VMs) from your existing environment as an Amazon EC2 instance and export them back to your on-premises environment.
  • Instance Metadata – Instance metadata is data about your instance that you can use to configure or manage the running instance.

Managing Instances

  • Difficult to manage high number of instances
  • Tags helps managing EC2 instances andother AWS services.
  • Tags are key/value pairs can be associated with instance or other service.

Monitoring Instances

Amazon CloudWatch can monitor and alert for Amazon EC2 instances and other AWS service.

Modifying an Instance

Various aspects of an instance can be modified after launch, as

  • Instance types – Ability to change the instance type of an instance contributes greatly to the agility of running workloads in the cloud.
  • Security groups – If an instance is running in an Amazon VPC we can change which security groups are associated with an instance while the instance is running.
  • Termination Protection – When an Amazon EC2 instance is no longer needed, the state can be set to Terminated and the instance will be shut down and removed from the AWS infrastructure. In order to prevent termination via the AWS Management Console, CLI, or API, termination protection can be enabled for an instance. While enabled, calls to terminate the instance will fail until termination protection is disabled. This helps to prevent accidental termination through human error.

EC2 Pricing Options

  • EC2 instances are charged for each hour of running
  • Amount charged per hour vary as pricing options
  • On-Demand Instances – price is published on AWS website and is most flexible pricing option, as no up-front commitment, and control on instance launch and termination. Least cost.
  • Reserved Instances – customers make capacity reservations for predictable workloads upto 75% over the on-demand hourly rate. payment options for Reserved Instances – All upfront, Partial Upfront, No upfront
  • Spot Instances – offer greatest discount as customer specify price willing to pay for a instance type. If customer’s bid price is above current Spot price, customer gets the requested instance(s).

EC2 Tenancy Options

  • Tenancy options achieve security and compliance goals.
  • Shared Tenancy – default tenancy model for all EC2 instances. Single host machine has instances from different customers. AWS isolates instances from other instances on the same host.
  • Dedicated Instances – Run on hardware that’s dedicated to a single customer. More underlying hardware is dedicated to AWS account.
  • Dedicated Host – Physical server with EC2 instance capacity fully dedicated to a single customer’s use.

Instance Stores

  • Also called ephemeral storage
  • provides temporary block level storage for the instance.
  • It is located on disks physically attached to host computer.
  • Ideal for temporary storage of information that changes frequently, like buffers, caches, scratch data, etc.
Menu