Open in app

Sign in

Write

Sign in

EC2 Fundamentals-AWS

Mahedi Hasan Jisan
6 min readJul 1, 2021
EC2

Before going to work with EC2, you should always set up your budget. Different service requires money while using them. It needs to be done from the root account, under the “IAM User and Role Access to Billing Information” section. Go to the budgets section and create a cost recommended budget. Good practice would be creating a monthly and forecasting budget setup. Don’t forget to use your email so that you get notifications on time.

Budget Setup!

EC2 Basics

Now, let’s talk about EC2. EC2 aka. Elastic Compute Cloud. While learning about EC2, you will learn about how the actual cloud works. Some important things that EC2 offering are:

  • Virtual Machines (EC2)
  • Data storage on virtual drives (EBS)
  • Distributing load across machines (ELB)
  • Scaling the services using an auto-scaling group (ASG)

Now, in order to use EC2, you need to configure some stuff as well. Those are CPU, RAM, Storage space, Network card: speed of the card, public IP address, security group, and Bootstrap script: EC2 user data which only runs at launch.

The bootstrap: boot task while launching the instances. EC2 user data or bootstrapping runs with the root user. You would be able to do:

  • Installing updates
  • Installing software and other tasks.

Launching EC2 Instance:

It’s time to create an EC2 instance. Remember what we said that needs to be done to create an instance? Let’s see them.

AMI & Instance Type & User Data!

EC2 Instance Type:

→ m5.2xlarge
m: instance class
5: generation
2xlarge: size within the instance class

Initially, you have to select the amazon machine image. We have selected the Linux OS (64bit)for that. Then you have to choose instance type which includes: CPU, RAM, Storage, IP address, etc. For now, select the free one. 😉Then, you will have to configure the instance details. Since this is a basic example, leave everything as it is. But, we have talked about User Data and from the right side of the figure, you can see that there are some lines that install updates and software as well as an echo statement. When you will hit the IP address, the instance will return the echo message.

Storage & Tags & Security Groups!

In this example, we have 8 Gigs of storage which is the basic one and free. Okay, what is delete on termination? That means if you delete your instance then this storage space will be freed. Tags are pretty useful to make the instance interactive. That being said, we configured the instance name as My First EC2 Instance. Security groups, now remember this section is important, where you will set who is going to access this instance from the outside world. For this example, we will set the HTTP on port 80 and make it open to the whole world. Yes “0.0.0.0/0, ::/0” it meant exactly that. Now, your instance is ready to be reviewed and deployed. Yeah, go ahead and do that!

The instance is launched!

From the above example, you can see that our first EC2 instance is running now. It has a public IP and a private IP. Another important thing is, private IP is fixed but not the public IP. Public IP will change every time you stop running the instance and make it live again.

Instance Reply via public IP!

So, if you take the public IP from the descriptions and hit it on the web. The instance will reply to you with a msg with private IP and location.

EC2 User data →
#!/bin/bash
yum update -y
yum install -y httpd
systemctl start httpd
systemctl enable httpd
echo “<h1> Hello World from $(hostname -f)</h1>” > /var/www/html/index.html

Security Groups (SG):

Security groups are the fundamental of network security in AWS. SG will allow how the traffic will come in and out of the instances. In another word, you can say that the security group is kind of a firewall:

  • Access to ports
  • Manage IP ranges (IPv4 and IPv6)
  • Control inbound network
  • Control outbound network

Can you visualize this firewall in your head? Try it!

Some other important stuff about security groups:

  • SG can be attached to multiple instances.
  • Can be locked down to a region.
  • SG lives outside of EC2. If SG blocked something, then EC2 will not see it.
  • Maintain one SG for SSH access.
  • If the application is not accessible (time out). then it’s a security group issue.
  • Connection refused, then it’s an application error.
  • All outbound traffic is authorized by default.

Some classic ports that you need to know:

  • 22 (SSH) to log into a Linux instance
  • 21 (FTP) file transfer protocol to upload files into a file share
  • 22 (SFTP) secure file transfer protocol to upload files using SSH
  • 80 (HTTP) to access secured websites
  • 443 (HTTPS) to access secured websites
  • 3389 (RDP) remote desktop protocol to log into a windows instance.
Security Group!

This security group is attached to the instance that we have created. In this example, the inbound rules or firewall is set up with HTTP for both IPv4 and IPv6 along with SSH. The outbound firewall is open to all as well.

One more thing, do you guys remember that we downloaded a key file? Yeah, you are going to need it if you want to use SSH to connect to your machine. The following command is an example that can be used to access the instances using the Linux platform! The example is based on dummy data.

chmod 0400 EC2Learning.pem

ssh -i EC2Learning.pem ec2-user@39.500.365.125

EC2 Instance Connect:

Another way to connect to your instance is to use EC2 instance connect. It’s pretty simple. Do you want to see the example? Given below:

EC2 Instance Connect and Accessed!

IAM Roles for EC2 instance: Use IAM role to grant access (minimal)

EC2 Instance Purchasing options:

  • On-Demand Instances: short workload, predictable pricing
    — pay for what you use
    — Linux and windows — pay per second
    — other OS — pay per hour
    — No commitment
    — Pay high per use
  • Reserved (Minimum 1 year): Up to 75% discount compared to On-Demand (1 year to 3 years)
    — Reserved Instance: long workloads(Reserve a specific instance type: for a database)
    — Convertible Reserved Instances: long workloads with flexible instances (Can change EC2 instance)
    — Scheduled Reserved Instances: Example — every Monday between 3–6 pm
  • Spot Instances (highest discount on AWS -95% compared to On-demand)
    — Spot price can change and if you don’t pay then you will lose
    — Not suitable for critical jobs and databases
  • Dedicated Hosts:
    — An Amazon EC2 dedicated host is a physical server with EC2 instance capacity fully dedicated to your use. That helps with compliance requirements and reduces costs by allowing you to use your existing server-bound software license.
    — Allocated for your account for a 3-year reservation.
    — Costly
  • Dedicated Instances
    — Instances running on hardware dedicated to you.
    — May share hardware with other instances in the same account
    — No control over instance placement (can move hardware after stop/start)

Also, don’t forget to check out the EC2 Instance Pricing! That’s it for today! Cheers 😃

Ec2
Ec2 Instance
Ec2 Instance Type Pricing
AWS
Ec2 Instance Connect

--

--

Mahedi Hasan Jisan

Written by Mahedi Hasan Jisan

124 Followers

Python Developer

Help

Status

About

Careers

Blog

Privacy

Terms

Text to speech

Teams