EC2 is one of the most widely used services within AWS. As an Infrastructure as a Service (IaaS) product, it's responsible for providing long-running compute as a service. An EC2 host consists of EC2 Instance (CPU, RAM (root drive)) and an optional Instance Store Volume (ephemeral)).
Now back to EC2 and launch an Instance.
We are not billed if an instance is in pending, stopping (if preparing to stop), stopped, shutting down, or terminated state (excludes reserved instances). EBS volumes incur charges regardless of the instance's state.
EC2 instances are grouped into families, which are designed for a specific broad type workload. The type determines a certain set of features and sizes decide the level of workload they can cope with.
The current EC2 families are general purpose, compute optimized, memory optimized, storage optimized and accelerated computing.
Instance type include:
Instance sizes include nano, micro, small, medium, large, x.large, 2x.large, and larger.
Special Cases:
Need to be aware of CPU credits which consist of an instance's CPU being utilized as per recommended values (e.g. recommended value of CPU utilization for T3 instance is 20-30%. If a CPU runs higher than that then, it starts consuming CPU credits and once all CPU credits are gone, CPU will face throttling.
Instance Store Volume are optional volumes that are directly attached to the EC2 host in addition to root storage. To check the Instance Store Volume, launch an M5 instance with an extra EBS and run the following commands.
df -h (displays all the file systems of the system)lsblk (lists all of the block devices, here we will be able to see the additional instance store volume)sudo mkdir /ephemeral (creating a directory named ephemeral)sudo mkfs -t ext4 /dev/nvmeln1 (create file system for instance store volume - nvmeln1)sudo mount /dev/nvmeln1 /ephemeral (mount the file system on directory ephemeral)df -h (will show the newly created file system-dev/nvmeln1 mounted on folder -/ephemeral)cd /ephemeral (change directory to ephemeral)sudo nano important.txt (create important.txt file via text editor-nano)Type some text in the file and save the file
ls -la (will show the important.txt in the ephemeral directory)sudo reboot (this will reboot the OS of the instance)Once OS is rebooted and we are logged back in
df -k (to see the mounted file systems, the ephemeral file is not visible and we have to mount the file system again)sudo mount /dev/nvmeln1 /ephemeralcd /ephemeral/ls -la (will show our important.txt file)cat important.txt (will show the text inside the file)Now we will reboot the instance from AWS EC2 console and once rebooted, logged into the instance.
df -k (to see the mounted file systems, the ephemeral file is not visible and we have to mount the file system again)sudo mount /dev/nvmeln1 /ephemeralcd /ephemeral/ls -la (will show our important.txt file)cat important.txt (will show the text inside the file)However, if we stop and instance, it will detach the instance store volume and once we start the instance, a new instance store volume will be allocated so our file important.txt is lost.
Elastic Block Storage (EBS) is a storage service that creates and manages volumes based on four underlying storage types. Volumes are persistent, can be attached and removed from EC2 instances, and are replicated within a single AZ.
Volume Types:
To protect against AZ failure, EBS snapshots (to S3) can be used. Data is replicated across AZs in the region and (optionally internationally.
We can also create EBS volume via EC2 dashboard, left hand menu-->Create Volume. Make sure that the EBS is created in the same AZ as the EC2 instance so that the EBS can be attached to the EC2 instance.
Storage performance is measured in two main ways.
IOPS - Number of Input-Output Operations Per Second.
Throughput - data rate in Mbps
Block Size - For example 256 Kb
Storage performance = 256 Kb x 400 IOPS = 102 Mbps throughput
Storage performance = 100 Gb x 3 IOPS = 300 Gbps throughput
We should be careful about selecting throughput demanding workload OR IOPS demanding workload.
EBS supports a maximum per instance throughput of 1750 MB/s and 80K IOPS.
General Purpose (gp2): (SSD)
Provisioned IOPS SSD (io1):(SSD)
Throughput Optimized (st1):(HDD)
Cold HDD (sc1):(HDD)
EBS snapshots are a point in time backup of an EBS volume stored in S3. The initial snapshot is a full copy of the volume. Future snapshots only store the data changed since the last snapshot.
Snapshots can be used to create new volumes and are a great way to move or copy instances between AZs. When creating a snapshot of the root/boot volume of an instance or busy volume its recommended the instance is powered off (in stop state), or disks are flushed.
Snapshots can be copied between regions, shared and automated using Data Lifecycle Manager (DLM).
Snapshots can be copied between regions. Snapshots work on incremental backup mechanism with the difference with any snapshot missing in the chain does not hamper the data retrieval and no data is lost.
Security groups are software firewalls that can be attached to network interfaces and (by association) products in AWS. Security groups each have inbound rules and outbound rules. A rule allows traffic to or from a source (IP, network, named AWS entity) and protocol. There can be a maximum of 5 security groups for each Elastic Network Interface.
Security groups have a hidden implicit/default deny rule but cannot explicitly deny traffic. By default, a security group does not allow inbound traffic until a rule is set and they include an outbound rule that allows all outbound traffic.
Security Groups are stateful - meaning for any traffic allowed in/out, the return traffic is automatically allowed. Security groups can reference AWS resources, other security groups, and even themselves. Several instances can belong to the same security group even across different Availablity Zones in a VPC.
Instance metadata is data relating to the instance that can be accessed from within the instance itself using a utility capable of accessing HTTP and using the URL:
http://169.254.169.254/latest/meta-data
AMI used to create the instance:
http://169.254.169.254/latest/meta-data/ami-id
Instance ID:
http://169.254.169.254/latest/meta-data/instance-id
Instance type:
http://169.254.169.254/latest/meta-data/instance-type
Instance metadata is a way that scripts and applications running on EC2 can get visibility of data they would normally need API calls for.
The metadata can provide the current external IPv4 address for the instance, which is not configured on the instance itself but provided by the internet gateway in the VPC. It provides the Availability Zone the instance was launched in and the security groups applied to the instance. In the case of spot instances, it also provides the approximate time the instance will terminate.
To retrieve a Public IP of a linux instance;
curl -s http://169.254.169.254/latest/meta-data/public-ipv4Lab: Launching a linux instance, connecting via SSH (openSSH) and installing webserver (httpd) on that instance.
#!/bin/bashsudo yum update -ysudo yum install -y httpdsudo yum install -y wgetchkconfig httpd onsudo service httpd startWe can now put index.html file in /var/www/html folder using below commands
cd /var/www/htmlwget http://file locationNow copy the Public IPv4 URL from Instance details and paste in a new browser window and press Enter to see the new website loaded.
Next: Compute Intermediate