What is EC2?
EC2 is a secure and resizable virtual machine completely controlled by you. It’s lets you install an OS like Ubuntu and log in to it using SSH. In EC2 you pay for what you use, which implies idle EC2 instances wont cost much. Further, EC2 enables you to automatically scale if demand on the application grows. It comes in four different pricing options.
- On-Demand - Pay by the hour or second depending on the type of instance
- Reserved - Reserve a certain amount of capacity for 1 to 3 years
- Spot - Purchase unused capacity at a discount of up to 90%. Prices changes with supply and demand.
- Dedicated - A physical EC2 server dedicated for your use only. This is the most expensive option.
On-Demand Instances are flexible and low cost. It allows you to use EC2 without any upfront payment or long-term commitment. It expects applications with short-term and fluctuating workloads that can’æt be interrupted. On-Demand-instances are typically used for testing EC2 for the first time.
Reserved Instances is the more or less the opposite of On-Demand instances. If you have predictable usage and specific capacity requirement this is a good option. Further, you can pay up front in order to reduce the total computing cost. Standard Reserved Instances gives you up to 72% off the on-demand price, while Convertible Reserved Instances gives you up to 54% off the on-demand price. This version has the ability to change to a different RI-type of equal or greater value. Scheduled Reserved Instances launch withing the time window you define. It is useful if you have a clear and predictable capacity schedule. Reserved instances operate at a regional level.
Spot Instances is good for applications that have a flexible start and end times. It would not be good for a web server for example. Spot instances enables you to use EC2 at a very low compute price, but it is sensitive to the fluctuations in the EC2-cloud in a region. Typical usecases for spot instances can be image rendering, algorithmic trading engines or any application that occasionally has a high compute demand.
Dedicated hosts is useful when you have regulatory requirements that may not be compatible with multi-tenant virtualization. For example you would not want to have banking data on a shared host in case there is a slight chance of leakage (think for example Spectre/Meltdown). Dedicated hosts are the most expensive option.
AWS has a pricing calculator in order to determine the cost of different usecases
Creating an EC2 instance
EC2 dashboard
Each EC2 instance is created from an AMI. Amazon Machine Images or AMIs provides the information required to launch an instance. AMIs includes the following.
- At least one Amazon Block Store snapshots (Amazon EBS), or a template for the root volume of the instance (ie. an operating system, application server or applications)
- Launch permissions
- A block device mapping that specifies which volumes to attach to the instance once launched.
Once an AMI has been chosen, you’ll choose memory and CPU configurations as well as what type of instance you are launching (T3, M5, C5 etc.. It is a lot to chose from). From there you chose the instance configuration which includes the following partial list.
- Number of instances
- Purchasing options (spot pricing for example)
- Network, subnet and IP settings which I’ll describe later
- Host settings
- IAM Role
- Shutdown behaviour
After this you can attach storage to the instance. The storage is a virtual disk on the cloud. This will be described later. Next is tags which is basically a key-value map.
Lastly you will configure security groups which is more or less a firewall in the cloud. If you add SSH firewall rule (22) you will be able to access the isntance via SSH. Further for a webserver you will typically add HTTP and HTTPS rules for serving webpages. In the security group setup you will also be able to specify CIDR blocks. This controls who will be able to connect to the instance.
For connecting to an EC2 instance you’ll need an SSH key. With this you’ll be able to connect securely to the instance through SSH.