What is Amazon Elastic Compute Cloud?
Amazon Elastic Compute Cloud (Amazon EC2) is one of the well-known AWS web service, that provides secure, resizable compute capacity in the cloud. It is designed for developers to have complete control on scaling, configuration, and computing environment.
Amazon EC2 reduces the time required to obtain and boot new server instances to minutes, allowing you to quickly scale capacity, both up and down, as your computing requirements change. Amazon EC2 changes the economics of computing by allowing you to pay only for capacity that you actually use.
Using Amazon EC2 eliminates your need to invest in hardware upfront, so you can develop and deploy applications faster. You can use Amazon EC2 to launch as many or as few virtual servers as you need, configure security and networking, and manage storage.
Components of EC2
- Elastic Block Storage (EBS): Amazon EBS is a storage service that allows to create storage volumes (hard disks) and attaching them to AWS EC2 instances. For more information check the tutorial of Amazon EBS.
- Amazon EC2 instance types: Instance type is your EC2 machine configuration, that you specify when you launch an instance. Each instance type offers different combinations of CPU, memory, storage, and networking capacity. You can select an instance type based on the requirements of the application or software that you plan to run on your instance. For more information check the tutorial on Amazon EC2 instance types.
- Amazon Machine Image (AMI): Amazon Machine Image (AMI) provides you with a preconfigured template with an Operating system, tools, software, and applications. You can choose different AMIs to launch instances based on your project requirement. For more information check the tutorial of Amazon Machine Image.
Features of EC2
- EC2 provides you a virtual servers called instances, you can use the instances just like an on-premises servers.
- Preconfigured templates (including the operating system and additional software) known as AMI (Amazon Machine Image), used to create an EC2 instance.
- EC2 instance type provides various configurations of CPU, memory, storage, and network configuration.
- EC2 provides a secure login for your instances using key pairs. During instance creation, you must create one Key Pair if not created already. AWS stores the public key, and the private key is given to you. Private key is required to access your instance.
- EC2 provides storage volumes for temporary data that are deleted when you stop or terminate your instance, known as instance store volumes.
- You can attach/mount Amazon Elastic Block Store (Amazon EBS) volumes for persistent storage. Amazon EBS provides block level storage and behaves like raw, unformatted block devices.
- You can define firewall security like protocols, ports, and source IP ranges that can reach your instances using security groups.
- AWS allocates one dynamic public IP and one private IP to your instance. Public IP can be changed if your instance is stopped or rebooted. You can use static IPv4, known as Elastic IP for dynamic cloud computing.
- You can choose a physical location for your instance using regions and availability zones.
- You can use AWS IAM roles to provide granular access management for your instances.
- Virtual networks you can create that are logically isolated from the rest of the AWS cloud and that you can optionally connect to your own network, known as virtual private clouds (VPCs)
Best practices for Amazon EC2
Security
- Manage access to AWS resources and APIs using identity federation, IAM users, and IAM roles.
- Establish credential management policies and procedures for creating, distributing, rotating, and revoking AWS access credentials.
- Implement the least permissive rules for your security group.
- Regularly patch, update, and secure the operating system and applications on your instance.
Storage
- All EC2 AMIs are categorized as either backed by Amazon EBS or backed by instance store. Understand the implications of the root device type for data persistence, backup, and recovery.
- Use separate Amazon EBS volumes for the operating system versus your data.
- Ensure that the volume of your data persists after instance termination.
- Use the instance store available for your instance to store temporary data. Remember that the data stored in instance store is deleted when you stop or terminate your instance.
- If you use instance store for database storage, ensure that you have a cluster with a replication factor that ensures fault tolerance.
Resource management
- Use instance metadata and custom resource tags to track and identify your AWS resources.
- View your current limits for Amazon EC2. Plan to request any limit increases in advance of the time that you’ll need them.
Backup and recovery
- Regularly back up your EBS volumes using Amazon EBS snapshots (For backup you can use a backup tool or automation script).
- Create an Amazon Machine Image (AMI) from your instance to save the configuration as a template for launching future instances.
- Deploy critical components of your application across multiple Availability Zones, and replicate your data appropriately.
- Design your applications to handle dynamic IP addressing when your instance restarts.
- Monitor your instance and respond to events.
- Ensure that you are prepared to handle failover. For a basic solution, you can manually attach a network interface or Elastic IP address to a replacement instance. For an automated solution, you can use Amazon EC2 Auto Scaling.
- Regularly test the process of recovering your instances and Amazon EBS volumes if they fail.
References:
For more information : Amazon EC2 UserGuide