Junyi's blog

Elastic Compute Cloud

Posted on In
Symbols count in article: 4.3k Reading time ≈ 4 mins.

Amazon Elastic Compute Cloud (Amazon EC2) provides virtual machines (VM) where you can host the same kinds of applications that you might run on a traditional on-premises server. This blog is to record what I learned about EC2 recently.

EC2 use cases

The use cases include Application servers, Web servers, Database servers, Game servers, Mail servers, Media servers Catalog servers, File servers, Computing servers, Proxy servers, and so on.

Choices for EC2 instance launch

It includes AMI, Instance type, Network settings, IAM role, User data, Storage options, Tags, Security group, and Key pair.

AMI

An Amazon Machine Image (AMI) provides information that is required to launch an EC2 instance (i.e. a virtual machine that runs in the AWS Cloud). You must specify a source AMI when you launch an instance. AMI contains a Windows or Linux OS. It also often has some software pre-installed.

An AMI is created from an EC2 instance. Details are shown below.

Instance Type

The instance type that you choose determines - Memoery (RAM), Prcessing power (CPU), Disk space and disk type (Storage), and Network performance

EC2 instance type naming and sizes: (Of course large size costs more money)

T3 instances: Use cases include websites and web applications, development environments, build servers, code repositories, microservices, test and staging environments, and line-of-business applications.

C5 instances: Use cases include scientific modeling, batch processing, ad serving, highly scalable multiplayer gaming, and video encoding.

R5 instances: Use cases include high-performance databases, data mining and analysis, in-memory databases, distributed web-scale in-memory caches, applications that perform real-time processing of unstructured big data, Apache Hadoop or Apache Spark clusters, and other enterprise applications

Specify network settings

After you have chosen an AMI and an instance type, you must specify the network location where the EC2 instance will be deployed.

When you launch an instance in a default VPC (i.e. you do not specify a VPC for the instance), AWS will assign it a public IP addressby default. When you launch an instance into a nondefault VPC (you got one), the subnet has an attribute that determines whether instances launched into that subnet receive a public IP address from the public IPv4 address pool.

Attach IAM role

It is common to use EC2 instances to run an application that must make secure API calls to other AWS services. To support these use cases, AWS enables you to attach an AWS Identity and Access Management (IAM) role to an EC2 instance

Note that you should never store AWS credentials on an EC2 instance. It is highly insecure. Instead, attach an IAM role to the EC2 instance. Also, note that IAM roles are used for short-term credentials and IAM group is used for permanent credentials.

Storage options

Amazon Elastic Block Store (Amazon EBS) is an easy-to-use, high-performance durable block storage service that is designed to be used with Amazon EC2 for both throughput- and transaction-intensive workloads.

Amazon EC2 Instance Store provides ephemeral, or temporary, block-level storage for your instance. This storage is located on disks that are physically attached to the host computer. Instance Store works well when you must temporarily store information that changes frequently, such as buffers, caches, scratch data, and other temporary content.

Amazon Elastic File System (Amazon EFS) provides a simple, scalable, fully managed elastic Network File System (NFS) file system for use with AWS Cloud services and on-premises resources. It is built to scale on-demand to petabytes without disrupting applications. It grows and shrinks automatically as you add and remove files, which reduces the need to provision and manage capacity to accommodate growth.

Amazon Simple Storage Service (Amazon S3) is an object storage service that offers scalability, data availability, security, and performance.

Tags

A tag is a label that you assign to an AWS resource. Each tag consists of a key and an optional value, both of which you define. Tags enable you to categorize AWS resources, such as EC2 instances, in different ways. For example, you might tag instances by purpose, owner, or environment. Tagging is how you can attach metadata to an EC2 instance.

Security group settings

A security group is a set of firewall rules that control traffic to the instance.

Create the key pair

Amazon EC2 uses public–key cryptography to encrypt and decrypt login information. The technology uses a public key to encrypt a piece of data, and then the recipient uses the private key to decrypt the data. The public and private keys are known as a key pair. Public-key cryptography enables you to securely access your instances by using a private key instead of a password.

Elastic Beanstalk with EC2

When you create a web server environment, AWS Elastic Beanstalk creates one or more Amazon Elastic Compute Cloud (Amazon EC2) virtual machines, known as Instances.

Reference: AWS Academy

Thank you for reading!