Contents

Introduction .................................................................................................................................................. 2
EC2 Scenarios ................................................................................................................................................ 3
Optimizing costs for virtual servers .............................................................................................................. 5

EC2: Using Virtual Servers

Instances – virtual computing environment (VM / virtual server)

Regions and Availability zones – Multiple physical locations for resources
Amazon machine Images (AMIs) – Preconfigured templates (os, hardware, capacity)
Instance types – various configurations of CPU, memory, storage, network
Instance store volumes – storage volumes for temporary data that’s deleted on termination of instance.
like buffers, caches
EBS Volumes – Persistence storage volumes using EBS
Security groups – virtual firewalls where you specify protocols, ports, source IP ranges
Key Pairs – secure login info for instances (AWS public key and private key)
Elastic IP address - static IPv4 address for dynamic cloud computing
Tags – metadata, which can be assigned to EC2 instances
Roles – set of permissions that grant access to actions and resources in AWS
Placement groups – logical grouping of instances within single availability zones
ELB and Auto scaling - enables load balancing and Auto scaling

Notes:
- On AWS, virtual servers are offered by the service called Elastic Compute Cloud ( EC2).
- Provides secure, resizable compute capacity in AWS cloud like virtual compute environment
- By launching instances in separate Availability Zones, you can protect your applications from failure
of a single location

- A stopped virtual server isn’t billed and can be started later. If you terminate a virtual
server, you delete it (difference between stopping and terminating a virtual server)
- Metrics (CPU/Network/Disk Usage) and logs will help you monitor and debug your virtual
servers. Both tools
can help ensure that you’re providing high-quality services

Introduction
 Server Virtualization

- A virtual server is part of a physical server that’s isolated by software from other virtual
servers on the same physical server; it consists of CPUs, memory, networking interfaces, and
storage.
- The physical server is also called the host server, and the virtual servers running on it are
called guests.
- A hypervisor is responsible for isolating the guests from each other and for scheduling
requests to the hardware

- Use cases for a virtual server are as follows:

■ Hosting a web application
■ Executing enterprise applications
■ Transforming or analyzing data

 AMI (Amazon Machine Image) - – Preconfigured templates

- AMIs (including the OS, additional software, and configuration ) are offered by AWS, by thirdparty
providers, and by the community
- AWS offers the Amazon Linux AMI, which includes a Red Hat Enterprise Linux derivative
optimized for use with EC2.

 CHOOSING THE SIZE OF YOUR VIRTUAL SERVER – Instance Type

- It’s now time to choose the computing power needed for your virtual server
- An instance type Determines hardware of servers, Each instance type offers different compute,
memory, and storage capabilities
Below table shows examples of instance types for different use cases

** There are also instance types and families optimized for compute-intensive workloads,
workloads with high networking I/O, and storage-intensive workloads.

 Access Key
- Logging in to your virtual server requires a key. You use a key instead of a password
to authenticate yourself.
- A key is much more secure than a password, and using keys for SSH is enforced for Linux
virtual servers running on AWS

Note:
From Linux machine: chmod 400 mykey.pem , ssh –i mykey.pem ec2-user@ipaddress
Windows only: Putty, Convert .pem file to .ppk using PuttyGen and Load key file to Putty to
login.

EC2 Scenarios

 Security groups: virtual firewall which control traffic. Multiple security groups can be associated
 - Rules of security group controls inbound and outbound traffic out of instance
- Be default, security group allow NO inbound traffic and allow all outbound traffic
- Security groups are stateful –

 Changing the size of a virtual server – Scale Vertically

- Gives you the ability to scale vertically. If you need more computing power, increase the size
of the server.
- Execute cat /proc/cpuinfo and free -m to gain information about the server’s CPU and
memory.
- You can even change the virtual server’s instance family and version. To increase the size of
your virtual server, you first need to stop

- Post change, your virtual server starts with more CPUs, more memory, and more networking
capabilities. The public and private IP addresses have changed. Grab the new public IP address
to reconnect via SSH

Now, your virtual server can use two CPU cores and offers 7,479 MB of memory

 Starting a virtual server in another data center (Regions)

- AWS offers data centers all over the world. To achieve low latency for requests over the
internet, it’s important to choose the closest data center for the majority of your users
- As regions are independent, so you have to create a new key pair for the New region.
- After establishing a SSH session, you can install a default web server by executing
sudo yum install httpd -y. To start the web server, type sudo service httpd start

 Allocating a public IP address

- Every time you launched or stopped a virtual server, the public IP address changed. If you
want to
host an application under a fixed IP address, this won’t work.
- AWS offers a service called Elastic IP addresses for allocating fixed public IP addresses.

- You can also connect multiple public IP addresses with a virtual server by using multiple
network interfaces
- To replace VM with elastic IP, execute below steps without interruption.
1 Start a new virtual server B to replace running server A.
2 Install and start applications and all dependencies on virtual server B.
3 Disassociate the Elastic IP from virtual server A, and associate it with virtual
server B.
Requests using the Elastic IP address will now be routed to virtual server B without
interruption.

 Adding an additional network interface to a virtual server

- Possible to add multiple network interfaces to a virtual server and control the private and
public IP addresses associated with those network interface
- Your virtual server is now reachable under two different public IP addresses. This enables you
to serve two different websites, depending on the public IP address. You need to configure
the web server to answer requests depending on the public IP address.
- After connecting to your virtual server via SSH and insert ifconfig into the terminal, you can
see your new networking interface attached to the virtual server

 Optimizing costs for virtual servers

- You can save on costs by reserving virtual servers or bidding for unused capacity
on the virtual server spot market.

Provisioning EC2 Instances (Using Ansible)

https://www.youtube.com/watch?v=v5EGu9HKKfo
[root@awsmgmt ansible]# cat ec2creation.yml
## Demo Playbook for Setting up First EC2 Instance
# 1) creates a custom security group
# 2) Spins up new EC2 Instances
# 3) waits for ssh to become active on Instance
#
# Version 1.0 Yogesh Mehta 11/06/2016
#
- hosts: localhost

tasks:

- name: Setting up Security/Firewall Group

ec2_group:
name: AWS_Security_Grp
description: Rules Allowing Traffic on port 22 and 80
region: us-west-2
rules:
- proto: tcp
from_port: 80
to_port: 80
cidr_ip: 0.0.0.0/0
- proto: tcp
from_port: 22
to_port: 22
cidr_ip: 0.0.0.0/0
rules_egress:
- proto: all
cidr_ip: 0.0.0.0/0

- name: Provision a EC2 Instance

ec2:
key_name: Yogesh-AWSKey
region: us-west-2
instance_type: t2.micro
image: ami-775e4f16
wait: yes
wait_timeout: 500
count: 1
instance_tags:
Name: awslabserver
Owner: Yogesh
volumes:
- device_name: /dev/xvda
 volume_type: gp2
volume_size: 6
monitoring: no
vpc_subnet_id: subnet-920b30f6
assign_public_ip: yes
group: Yogesh_AWS_Security_Grp
register: ec2_out

- name: Wait for SSH to come up

wait_for: host={{ item.public_dns_name }} port=22 delay=60 timeout=320 state=started
with_items: '{{ec2_out.instances}}'

 Manage EC2 Instances – Gather facts about EC2

Group instances by:
• region and availability zone
• security groups
• tags
• keypairs

Boto python library

# Note: These examples do not set authentication details, see the AWS Guide for details.

# Gather facts about all instances

- ec2_instance_facts:

# Gather facts about all instances in AZ ap-southeast-2a

- ec2_instance_facts:
filters:
availability-zone: ap-southeast-2a

# Gather facts about a particular instance using ID

- ec2_instance_facts:
instance_ids:
- i-12345678

# Gather facts about any instance with a tag key Name and value Example
- ec2_instance_facts:
filters:
"tag:Name": Example