Amazon EC2 is AWS primary web service that provides resizable compute capacity in the cloud.
you are charged per hour while the instance is running. When you stop the
instance, you are no longer charged.
Instance Types
Thereare dozens of instance types available, varying in the following dimensions:
Virtual CPUs (vCPUs)
Memory
Storage (size and type)
Network performance
For workloads requiring greater network performance, many instance types supportenhanced networking. Enhanced networking reduces the impact of virtualization on networkperformance by enabling a capability called Single Root I/O Virtualization (SR-IOV). This results in more Packets Per Second (PPS), lower latency, and less jitter.
Amazon Machine Images (AMIs)
The Amazon Machine Image (AMI) defines the initial software that will be on an instance when it is launched. An AMI defines every aspect of the software state at instance launch,including:
The Operating System (OS) and its configuration
The initial state of any patches
Application or system software
There are four sources of AMIs:
Published by AWS
The AWS Marketplace
Generated from Existing Instances
Uploaded Virtual Servers
Addressing an Instance
There are several ways that an instance may be addressed over the web upon creation:
Public Domain Name System (DNS) Name
Public IP
Elastic IP An elastic IP address is an address unique on the Internet that you reserveindependently and associate with an Amazon EC2 instance
This IP address persists until the customer releases itand is not tied to the lifetime or state of an individual instance
Initial Access
Amazon EC2 uses public-key cryptography to encrypt and decrypt login information.
Linux distribution initial user is ec2-user.
Initial access to the instance is obtained by using the ec2-user and the private key to log in via SSH.
Virtual Firewall Protection
Security groups allow you to control traffic based on port, protocol, and
source/destination.
A security group is default deny;
it does not allow any traffic that is not explicitly allowed by a security group rule.
When
an instance is associated with multiple security groups, the rules are aggregated and all traffic allowed by each of the individual groups is allowed.
A security group is a stateful firewall.
an outgoing message is remembered so that the response is allowed through the security group without an explicit inbound rule being required.
Bootstrapping
The process of providing code to be run on an instance at launch is called bootstrapping.
UserData
One of the parameters when an instance is launched is a string value called UserData.
UserData is stored with the instance and is not encrypted, so it is important to not include any secrets such as passwords or keys in the UserData.
VM Import/Export
In addition to importing virtual instances as AMIs, VM Import/Export
enables you to easily import Virtual Machines (VMs) from your existing environment as an Amazon EC2 instance and export them back to your on-premises environment. You can only export previously imported Amazon EC2 instances. Instances launched within AWS from AMIs cannot be exported.
Modifying an Instance
Instance Type
Security Groups
Pricing Options
On-Demand Instances its flexibility allows customers to save by provisioning a variable level of compute for unpredictable workloads.
Reserved Instances The term commitment is the duration of the reservation and can be either one or three years
three different payment options All Upfront,Partial Upfront,No Upfront
Spot Instances Spot Instances offer the greatest discount
The instances will run until:
The customer terminates them.
The Spot price goes above the customer’s bid price.
There is not enough unused capacity to meet the demand for Spot Instances.
Amazon EC2 needs to terminate a Spot Instance, the instance will receive a termination notice providing a two-minute warning prior to Amazon EC2 terminating the instance.
Spot Instances should only be used for workloads tolerant of interruption.
This could include analytics, financial modeling, big data, media encoding, scientific computing, and testing.
Tenancy Options
Shared Tenancy Shared tenancy is the default tenancy model for all Amazon EC2 instances.
Dedicated Instances Dedicated Instances run on hardware that’s dedicated to a single customer.
Dedicated Host An Amazon EC2 Dedicated Host is a physical server with Amazon EC2 instance capacity fully dedicated to a single customer’s use.
This differs from Dedicated Instances in that a Dedicated Instance can
launch on any hardware that has been dedicated to the account.
Placement Groups
A placement group is a logical grouping of instances within a single Availability Zone.
Placement groups enable applications to participate in a low-latency, 10 Gbps network.
Placement groups are recommended for applications that benefit from low network latency, high network throughput, or both.
Instance Stores
An instance store (sometimes referred to as ephemeral storage) provides temporary block level storage for your instance.
Data in the instance store is lost when:
The underlying disk drive fails.
The instance stops (the data will persist if an instance reboots).
The instance terminates.