Udemy AWS SAA - EC2

MiraMira發表於2024-04-01

172+198=370

37/370

EC2= Elastic Compute Cloud = Infrastructure as a Service
It mainly consists in the capability of :

  • Renting virtual machines (EC2)
    • we can choose OS of the virtual machine, how much compute power of a CPU, how much RAM
    • we can choose how much storage space
      • Network-attached (EBS & EFS)
      • hardware (EC2 instance store)
    • Network card: speed of the card, Public IP address
    • Firewall rules: security group
    • Bootstrap script (configure at first launch): EC2 User Data
  • Storing data on virtual drives (EBS)
  • Distributing load across machines (ELB)
  • Scaling the services using an auto-scaling group (ASG)

EC2 User Data

  • an EC2 User data script bootstrap our instances. Bootstrapping means launching commands when a machine starts. That script is only run once at the instance first start. EC2 user data is used to automate boot tasks such as:
    • Installing updates
    • Installing software
    • Downloading common files from the internet
    • Anything you can think of
  • The EC2 User Data Script runs with the root user

EC2 Instance:

  • an EC2 virtual machine
  • can used to host a website

If you stop and then restart the instance, the assigned Public IPv4 address might change

EC2 Instance Types
example: m5.2xlarge

  • m: instance class
  • 5: generation (AWS improve its hardware over time)
  • 2xlarge: size within the instance class, more memory

EC2 Instance Types - General Purpose
Great for a diversity of workloads such as web servers or code repositories. Balance between:

  • Compute
  • Memory
  • Networking
    In the course, we will be using the t2.micro which is a General Purpose EC2 instance

EC2 Instance Types- Compute Optimized
begin with c. Great for compute-intensive tasks that require high performance processors.

  • Batch processing workloads
  • Media transcoding
  • High performance web servers
  • High performance computing (HPC)
  • Scientific modeling & machine learning
  • Dedicated gaming servers

EC2 Instance Types-Memory Optimized
Start with R (R for RAM). Fast performance for workloads that process large data sets in memory
Use cases:

  • High performance, relational/non-relational databases
  • Distributed web scale cache stores
  • In-memory databases optimized for Bl (business intelligence)
  • Applications performing real-time processing of big unstructured data

EC2 InstanceTypes-Storage Optimized
Start with I / D / H1. Great for storage-intensive tasks that require high, sequential read and write access to large data sets on local storage
Use cases:

  • High frequency online transaction processing (OLTP) systems
  • Relational& NoSOL databases
  • Cache for in-memory databases (for example, Redis)
  • Data warehousing applications
  • Distributed file systems

Security Groups

  • Security Groups are the fundamental of network security in AWS.They control how traffic is allowed into or out of our EC2 Instances. Just like firewall.
  • Security groups only contain allow rules and can reference by IP or by security group
  • They regulate:
    • Access to Ports
    • Authorized IP ranges-lPv4 and lPv6
    • Control of inbound network (from other to the instance)
    • Control of outbound network (from the instance to other)
  • they can be attached to multiple instances, locked down to a region/VPC combination
  • it's good to maintain one separate security group for SSH access
  • if you app is timed out, then it's security group issue, if it gives connection refused, then it's app error
  • security groups can authorize each other

Classic Ports to know
22=SSH(Secure Shell) - log into a Linux instance
21= FTP (FileTransfer Protocol)- upload files into a file share
22= SFTP (Secure File Transfer Protocol)- upload files using SSH
80=HTTP-access unsecured websites
443=HTTPS-access secured websites
3389=RDP(Remote Desktop Protocol)-log into a Windows instance

SSH Overview

  • can be used on Mac Linux and Windows >= 10
  • if windows, can use Putty
  • EC2 Instance Connect work for all OS

SSH on linux / Mac

  • SSH allows you to control a remote machine, all using the command line
    • pwd: show where you at
    • ls: list all files in the folder you are
    • cd filename: go to which file
    • ssh -I filename 你的username@這裡寫IP地址: log into the EC2 machine

EC2 Instance Connect
Just click a button on AWS, voila you are in the EC2 machine. Be careful that you need to open your security group access

相關文章