172+198=370
37/370
EC2= Elastic Compute Cloud = Infrastructure as a Service
It mainly consists in the capability of :
- Renting virtual machines (EC2)
- we can choose OS of the virtual machine, how much compute power of a CPU, how much RAM
- we can choose how much storage space
- Network-attached (EBS & EFS)
- hardware (EC2 instance store)
- Network card: speed of the card, Public IP address
- Firewall rules: security group
- Bootstrap script (configure at first launch): EC2 User Data
- Storing data on virtual drives (EBS)
- Distributing load across machines (ELB)
- Scaling the services using an auto-scaling group (ASG)
EC2 User Data
- an EC2 User data script bootstrap our instances. Bootstrapping means launching commands when a machine starts. That script is only run once at the instance first start. EC2 user data is used to automate boot tasks such as:
- Installing updates
- Installing software
- Downloading common files from the internet
- Anything you can think of
- The EC2 User Data Script runs with the root user
EC2 Instance:
- an EC2 virtual machine
- can used to host a website
If you stop and then restart the instance, the assigned Public IPv4 address might change
EC2 Instance Types
example: m5.2xlarge
- m: instance class
- 5: generation (AWS improve its hardware over time)
- 2xlarge: size within the instance class, more memory
EC2 Instance Types - General Purpose
Great for a diversity of workloads such as web servers or code repositories. Balance between:
- Compute
- Memory
- Networking
In the course, we will be using the t2.micro which is a General Purpose EC2 instance
EC2 Instance Types- Compute Optimized
begin with c. Great for compute-intensive tasks that require high performance processors.
- Batch processing workloads
- Media transcoding
- High performance web servers
- High performance computing (HPC)
- Scientific modeling & machine learning
- Dedicated gaming servers
EC2 Instance Types-Memory Optimized
Start with R (R for RAM). Fast performance for workloads that process large data sets in memory
Use cases:
- High performance, relational/non-relational databases
- Distributed web scale cache stores
- In-memory databases optimized for Bl (business intelligence)
- Applications performing real-time processing of big unstructured data
EC2 InstanceTypes-Storage Optimized
Start with I / D / H1. Great for storage-intensive tasks that require high, sequential read and write access to large data sets on local storage
Use cases:
- High frequency online transaction processing (OLTP) systems
- Relational& NoSOL databases
- Cache for in-memory databases (for example, Redis)
- Data warehousing applications
- Distributed file systems
Security Groups
- Security Groups are the fundamental of network security in AWS.They control how traffic is allowed into or out of our EC2 Instances. Just like firewall.
- Security groups only contain allow rules and can reference by IP or by security group
- They regulate:
- Access to Ports
- Authorized IP ranges-lPv4 and lPv6
- Control of inbound network (from other to the instance)
- Control of outbound network (from the instance to other)
- they can be attached to multiple instances, locked down to a region/VPC combination
- it's good to maintain one separate security group for SSH access
- if you app is timed out, then it's security group issue, if it gives connection refused, then it's app error
- security groups can authorize each other
Classic Ports to know
22=SSH(Secure Shell) - log into a Linux instance
21= FTP (FileTransfer Protocol)- upload files into a file share
22= SFTP (Secure File Transfer Protocol)- upload files using SSH
80=HTTP-access unsecured websites
443=HTTPS-access secured websites
3389=RDP(Remote Desktop Protocol)-log into a Windows instance
SSH Overview
- can be used on Mac Linux and Windows >= 10
- if windows, can use Putty
- EC2 Instance Connect work for all OS
SSH on linux / Mac
- SSH allows you to control a remote machine, all using the command line
- pwd: show where you at
- ls: list all files in the folder you are
- cd filename: go to which file
- ssh -I filename 你的username@這裡寫IP地址: log into the EC2 machine
EC2 Instance Connect
Just click a button on AWS, voila you are in the EC2 machine. Be careful that you need to open your security group access