BLOGS ON AWS RESOURCES

Author: wpuser

  • Launching EC2 Instance

    EC2 Instance

    Elastic Compute Cloud (Amazon EC2) is one of the most well-known services or one of the most used services on Amazon. An EC2 instance is simply a virtual server used for running applications on cloud infrastructure. AWS can serve an unlimited set of EC2. It enables on-demand, scalability, and computing capacity in the AWS cloud.

    It is a web Server offered by Amazon and also provides a scalability option to resizable compute service, you can scale up and scale down the total number of instance you are running

    EC2 Instance type

    There are different types of AWS instances with different configurations, and they are divided into five types these are

    • General purpose
    • Compute-optimized
    • Memory-optimized
    • Accelerated Computing
    • Storage optimized

    1. General-purpose instances: A general-purpose instance is basically a balanced compute option i.e. a balance of compute, memory, and networking resources. It can be used for handling a wide range of workloads.

    2. Compute optimized: Compute-optimized is useful for compute-bound applications that require a large amount of processing power. 

    They are well suited for :

    • High-performance web servers
    •  high -performance computing 
    • Batch processing workloads 
    • Dedicated gaming servers.

    3. Memory-optimized: A memory-optimized is used for delivering fast performance for workloads that process large datasets in memory. These are ideal for applications that require more memory and less CPU.

    4. Accelerated Computing: Accelerated Computing are latest general-purpose instances that help you to provide accelerated performance when the CPU clock rate increases.

    5. Storage optimized: Storage optimized is basically designed for workloads that require high read and write access to a very large set of data in local storage. They are optimized for delivering tens of thousands of I/O operations per second to applications.

    Amazon EC2 instance Feature

    Amazon EC2 provides a wide range of instance choices to match your workload’s needs. Many of the features in Amazon EC2 instances are customizable such as virtual processor, memory, storage, etc. Some features are mentioned below

    • OS support: EC2 instances support many OS like Linux, Windows, and many more. Amazon also provides its own OS to the users.
    • Security: AWS EC2 provide the user a security system to create a group of instance as per their requirement
    • Scalability: AWS provides an option to scale up and down your instance Also provides an option of auto-scaling the running instances.
    • Persistence storage: AWS provides a feature of block-level storage volume that you will attach to your EC2 instance and can be used as a hard drive for the service named Amazon Elastic Block Storage (EBS).
    • Elastic IP addresses: A static IP address designed for dynamic cloud computing. A static IP address is assigned with your EC2 instance or can be moved from instance to instance.
    • Pricing: Different pricing options are provided by AWS according to the type of application, resource, and database used. Pay-as-you-go pricing options are available

    Getting started with Amazon EC2 

    • If you have an AWS account then log in to your account, if not then you have to create your AWS account to access the services of AWS. You can create your AWS account by using the link given below.

    ( https://portal.aws.amazon.com/)

    • In your AWS account on the top left search for EC2 and use the following procedure to create an EC2 Instance.
    • In the EC2 dashboard, you can see the status of the instances you made like the number of instances running, security groups attached to EC2, Volume attached, and many more
    • Below resources there is an option for Launch Instance click on Launch Instance.
    • After that you can write the name of your instance, just below that you have an option to choose Application and OS Image according to your need (Amazon Machine Image) just like I chose Ubuntu as shown below:
    • Just below that you have an option to choose the Instance type according to your need you can choose the Instance type.
    • You can choose a key pair to securely connect to your instance. Ensure that you have access to the selected key pair before you launch the instance.
    • You can use your existing key, or you can create your own key pair. Name your key pair so that you can find You can adjust your network security if you have your own VPC.
    • You must create Security groups to connect your EC2 to the outer network.
    • Allow SSH for access to your EC2 instance, Allow HTTPS and HTTP for internet traffic
    • Finally configure storage for your EC2 instance you can also add new volume to your EC2 by the help of Amazon Elastic Block Storage (EBS)
    • If you want to add additional settings to your EC2 like domain name, instance recovery, and many more than configure additional settings.
    • You can check your configuration summary from the right side and then click on launch instance.

    Connect your EC2 instance From terminal

    • Go to instance and wait for some time until status check is initialized.
    • yourYou can also check details of your instance below. After that click on instance and in their top click on connect
    • Open terminal in your physical machine and Write ssh command for connect to your instance.

    ssh -i “demo.pem” [email protected]

    Here demo.pem is the key pair you made to access your instance Ubuntu- name of your machine and @172.31.0.8- IP address of your instance

  • Introduction to AWS VPC (Virtual Private Cloud)

    Introduction

    A VPC stands for Virtual Private Cloud (VPC). It serves as a foundational pillar within the realm of cloud computing infrastructure, a pivotal offering presented by major cloud services providers such as Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP), and others. This essential component empowers organizations to forge their own private, segregated, and tailorable network environments within the expansive cloud landscape. With a focus on AWS VPC, Amazon Virtual Private Cloud facilitates the creation and deployment of AWS resources within a logically segregated virtual network, meticulously crafted to meet your precise specifications. This includes wielding full authority over your virtual networking ecosystem, encompassing the freedom to handpick your IP address range, establish subnets, and configure route tables and network gateways. Furthermore, you gain the capability to enforce multiple layers of security, incorporating security groups and network access control lists, to assert stringent control over access to Amazon Elastic Compute Cloud (EC2) instances dwelling within each subnet.

    VPC Vs On-premises

    VPC is a private cloud within a public cloud, it provides a layer of isolation within a public cloud, whereas a private cloud is built in a local environment, or we can say a dedicated cloud environment hosted on-premises.

    The below table shows the difference between private cloud and VPC

    Feature On-premisesAWS VPC
    ScalabilityNo need to worry about infrastructure all are maintained by AWSHighly scalable just need to tell the requirement to the provider
    Data SecurityOffer less security chances of data loss are moreNo need to Worry about infrastructure all are maintained by AWS
    MaintenanceInfrastructure maintenance and its costCapital cost, maintenance cost
    PricingNo need to worry about infrastructure all are maintained by AWSPay-as-you-go pricingCreating AWS VPC
    Creating AWS VPC

    How Amazon VPC works

    As defined above a VPC is a virtual network AWS provides a platform to create VPCs. It is logically isolated from other virtual networks in the AWS cloud. The virtual network that you created resembles a traditional network that you’d operate in your own data center, with the scalable infra of AWS 

    The above visual represents a VPC and Preview panel showing the created VPC when you create a VPC using the AWS Management console. You can access these visuals on your Resource Map tab. This shows a created VPC with its subnet that you created with your VPC and also shows the Route table attached with your subnet and more info. Regarding your VPC 

    Key Component

    A VPC isolated computing resources available from the other computing resources available in the public cloud. The key uses for this are:

    1. Subnets 

    Each VPC network consists of one or more IP address ranges called Subnets i.e. a Subnet is a range of IP addresses in your VPC. You can create AWS resources, such as EC2 instances, in specific subnets.

    There are different types you can configure in routing for your subnets, these are:

    • Public subnet – A public subnet is a subnet that is associated with a route table that has a route to an Internet Gateway. This route allows access from the public subnet to the internet
    • Private subnet – A private subnet is a subnet that is associated with a route table that doesn’t have a route to the internet gateway. Resources in public subnets cannot communicate with the public internet.

    2. IP Addressing

    In VPC IP helps your resources to communicate with each other, and with other resources over the internet. You can assign both IPv4 and IPv6 to your VPCs and subnets. You can also attach your IP GUA (Global Unicast Address) to AWS resources in your VPC such as EC2 instances, and NAT Gateway.

    3. Routing

    You use Route Table to determine where the network traffic is directed from your subnet or gateway.

    4. Gateway and Endpoints

    A Gateway in a VPC helps you to connect to another network. For example, use an internet gateway to connect your VPC to the internet. The use of a VPC endpoint helps you to connect to AWS services privately, without the use of NAT devices or an internet gateway.

    5. Peering Connections

    To route traffic between the resources in two VPCs you use VPC peering connection.

    6. Transit gateway 

    A central hub, to route traffic between your VPCs, AWS Direct Connection, and VPN connection.

    7. VPN connection

    Help you to connect on-premises networks to your VPCs with the help of AWS VPN ( AWS virtual private network).

    Creating AWS VPC

    • If you have an AWS account then login to your account, if not then you have to create your AWS account to access the services of AWS. You can create your AWS account by using the link given below.

    ( https://portal.aws.amazon.com/

    • In your AWS account search for VPC and use the following procedure to create a VPC. A VPC must have additional resources such as a subnet, route table, and gateway, before you create AWS resources in the VPC
    • In the Amazon VPC dashboard choose Create VPC.

     

    • You will find two ways to create VPC as shown below either you choose VPC only or you can choose VPC and more options.
    • VPC and more will provide you an option to configure subnet AZs and more while creating a VPC. we will create using VPC and more.
    • .In VPC and more Amazon will provide an auto-generated name for your VPC that is suitable for your VPC. 
    • Enter a value for the CIDR block (10.0.0.0/16 in this example) and use the default setting for Tenancy. You can also use IPv6 if you want to. 
    • Creating AWS VPC Now you have to choose the number of AZs in which you want to provision your subnet. Amazon will recommend you to choose at least 2 AZs for high availability. 
    • You can also customize your AZs
    • Select the number of private subnets and public subnets you want to use for your VPC. You can also customize your subnet CIDR block from here as shown in the picture
    • Now you have to choose the availability zone in which you want to create a NAT gateway you can choose a single NAT gateway in an AZ or every AZ contains a NAT gateway 
    • Basically, a NAT gateway is a service that helps you connect your instance in a private subnet to a service outside your VPC.
    • Select the endpoint for your VPC that helps you to reduce NAT gateway charges and improve security by accessing S3 directly from the VPC.
    • You also have the option to enable or disable DNS hostname and resolution. If you want to add some additional tags to your VPC you can go to the Additional Tags option
    • You can also preview your VPC as below shown 
    • Click on Create VPC. This will automatically create your subnet route table, subnets, internet gateway, NAT gateway 
    • Now, in your VPC dashboard, you will see your created VPC by clicking in it, you will see the details of your VPC as shown below.
    • On the left side select the subnets option, and you will see the created Subnets two Public Subnets, and two Private Subnets. 

    How Amazon VPC works

    • Here in the public subnet, we create a Bastion Host to connect with resources present in the private subnet
    • On the left-hand side just below Subnets, you will find the Route table click on Route table and in this Route Table dashboard, you will find the Route table created by the VPC. 
    • Route Table will help your VPC to determine where network traffic will be routed. This table will consist of a security group that will define the subnets to route the traffic When you create a VPC it will create a default route table automatically. When a subnet doesn’t have a route table associated with it the main route table will be used by default.