AWS - How to EC2 (2024)

EC2= Elastic Compute Cloud= Infrastracture as a service

It mainly consists in the capability of:

• renting virtual machines(EC2)
• Storing data on virtual drives(EBS)
• Distributing load across machines (ELB)
• Scaling the services using an Auto-scaling group(ASG)

EC2 user data is used to automate boot tasks such as:

• Installing updates
• installing software
• Downloading common files from the internet
• anything you can think of it

Running EC2
launch EC2 --> Instances> launch intances

1. Name it and click on additional tag
2. Amazon linux amazon linux 2 ami(free tier) 64-bit
3. t2.micro is free every month
4. Create a new key pair name it key pair type: RSA private key file format: .pem click on "create key pair".

If you have windows and it's from before windows10(8,7,xp) you should choose ".ppk".

5.click on "Advanced deatils" then scroll all over down to "user data" then write this on textbox bellow:

#!/bin/bash
# Use this for your user data (script from top to bottom)
# install httpd (Linux 2 version)
yum update -y
yum install -y httpd
systemctl start httpd
systemctl enable httpd
echo "<h1>Hello World from $(hostname -f)</h1›"> /var/www/html/index.html

6.click on "launch intances"

EC2 Security Group

Most of problems with timeout connects with EC2 Security Groups.
Network & security> security groups
you can click on "edit inbound rules" in detal tab of the instance, to make changes.

most of problems with timeout connects with EC2 security groups.

Security Groups, Good to know
• Can be attached to multiple instances.
• Locked down to a region / VPC combination.
• Does live “outside” the EC2 – if traffic is blocked the EC2 instance won’t see it.
• It’s good to maintain one separate security group for SSH access.
• If your application is not accessible (time out), then it’s a security group issue.
• If your application gives a “connection refused“ error, then it’s an application error or it’s not launched.
• All inbound traffic is blocked by default.
• All outbound traffic is authorised by default.

The security group does not be deleted? Follow these steps:

Select the security group that you want to be deleted
Go on in bound rules tap then click on "Edit inbound rules"
then delete all the rules.

Classic Ports to know
• 22 = SSH (Secure Shell) - log into a Linux instance.
• 21 = FTP (File Transfer Protocol) – upload files into a file share.
• 22 = SFTP (Secure File Transfer Protocol) – upload files using SSH.
• 80 = HTTP – access unsecured websites.
• 443 = HTTPS – access secured websites.
• 3389 = RDP (Remote Desktop Protocol) – log into a Windows instance.

SSH

Allow you to control pysicaly a machine or a setver, all using te terminal or command.

windows OS before windows10, there not supporting SSH. they supporting putty insted.

when you create EC2-key you will be downloaded a .pem file automaticaly, this file helps you to connect via SSH.

how to give a Role to instance
In instance section click on "Action" button> security> modify IAM role.

you can write commands on SSH like this:

aws iam list-users
ping google.com
whoami

How to Running .pem file
open terminal/power shell and write this command:

ssh -i [file name] ec2-user[public-ip]

you can filed public ip in information of instance that you created.

Linux simple commands
ls & ll: List of files that i'm in it.
cd.. : Go a folder back.
pwd: Where you are.
chmod 0400 [file name]: Change the promotion of the key file.

EC2 Instance Purchasing option
On demand: no timing to buy and it's will get on full price.

Reserved: it's for those one who planes to get for long term and for that you will get a good discount.(1 or 3 year)
and Convertible Reserved Instances is for long workloads with flexible instances

saving plans: you gonna commit to a specfic spending in your server.

Spot instance: last minuts discount for an unknown range of time, and you gonna lose it on anytime.

Dedicated Host: It's like you buy oit insted of reserve it.

Dedicated Hosts are good for companies with strong compliance needs or for software that have complicated licensing models. This is the most expensive EC2 Purchasing Option available.

Capacity Reservations: It's like preordering for a long term use but in period of preordering you can cancell your order.

Strategies to allocate Spot Instances:
• lowestPrice: from the pool with the lowest price (cost optimization, short workload)
• diversified: distributed across all pools (great for availability, long workloads)
• capacityOptimized: pool with the optimal capacity for the number of instances
• priceCapacityOptimized (recommended): pools with highest capacity available, then select
the pool with the lowest price (best choice for most workloads)

Spot Fleets allow us to automatically request Spot Instances with the lowest price

Compute Optimized EC2 instances are great for compute-intensive workloads requiring high-performance processors (e.g., batch processing, media transcoding, high-performance computing, scientific modeling & machine learning, and dedicated gaming servers).

EC2 User Data is used to bootstrap your EC2 instances using a bash script. This script can contain commands such as installing software/packages, download files from the Internet, or anything you want.

Spot Fleet
Spot Fleet is a set of Spot Instances and optionally On-demand Instances. It allows you to automatically request Spot Instances with the lowest price.

Ultimate way to save money

Intences> Spot requests

• In this section you can click on "pricing history" button, youcan see the chart of history.

• For creating it, click on "Request Spot Insteces"
  In target capacity you can give it a target via CPUs, Memorys or Instaces; and you can check the maintain capacity and give it the option of when you kicked out, what it should do: Terminate, Stop or Hibernate

Lets talk about IPs

IPV4: most common format used online.
IPV6: most for IOT.

-If you need to have a fixed public IP for your instance, you need on Elastic IP.

-you can only have 5 Elastic IP in your account.
for more you have to ask AWS to increase it.

Try to avoid using Elastic IP.
try to use a random public IP and register a DNS name to it insted.

-you can use a load Balancer insted of public IP.

when we use SSH into our EC2 machines we can not use private IP unless you have VPN.

Creating Elastic IP

network & security > Elastic IPs
-In Elastic IP Section click on "Allocate Elastic IP adress" button
-Then Click on "Alocate" button.
-click on "action"> Associate Elastic IP address
In the section:
check instance => choose the instance that you want run
write the private IP of instance.
then click on "Associate" button.

When you do that the public IP and Elastic IP will be the same.

To Remove Elastic IP
In Elastic Section:
Action> Disassociate Elastic IP> Disase Action> Release Elastic IP> Release.

Placment groups

-How EC2 instances going to placed

-It comes with strategy:

1. Cluster: Fast with high risk.
2. Spread: low risk with limited size
3. Partition: unlimited size and low risk

How to run placment groups
Network&Security> Placment groups
click on "create placment group" button.
Name it the give a strategy for example we use it as a cluster
then click create group
but if you give a diffrent strategy like "spread". you can set spread level Rack or Host.

How to launch instance with placment group
instance> instances click on launch instances
then scroll down to "advanced detail"
on this tab you can fined placment group name.
then you can select between groups that you created before.

How to create instances with Hibernate feature
I launching instances section:
choose proper machin and OS and proper instance type

• Give it a keyPair
• In network setting tab click "Edit" button click on select existing security group(normaly launch wizard 1)

• In configure storage section it has to be bigger than your machin's room.
  -on Advanced detail section; scroll down to stop-Hibernate behavior-Enable.

• If you Enable Hibernation, the EBS must be encrypted to do so:
  Go back to storage tab and click on "Advanced".
  choose your EBS volume and yes to encrypted and choose the default AWS/EBS for KMS key.

Instance store volume != EBS volume(this is encrypted)

EC2 Instance Storage

It's like network USB Stick.
Elastic Block Storage> volumes
click on "create volume"
In Availabiity Zon you have to choose same one where your EC2 instance is.

-No to attach volume to the instance:
click on "Actions" and then "Attach volume"
choose your instance that you want to attach and click on "attach volume" button.

Snapshot
Elastic Block store> volumes
click on "Action" and then "create Snapshot" give it a "Description" and done. you got a snapshot of volume.

now go to Elastic block store> snapshot to recreate a volume from snapshot go to "Action" and then click on "create volume from snapshot" choose the storage and in the AZ dosen't have to be on the same AZ as instance.

Createing image from instances
Right click on your instance in the instance section and cick on image and template and then click on create image.

to see your image list go to images> AMIs

To running a instance from custom image
when you are in the launching instance section on "application and OS image" tab click my AMIs tab and shoose your AMI.