Amazon EC2 - Virtual Servers
90 minAmazon EC2 (Elastic Compute Cloud) provides resizable compute capacity in the cloud, enabling you to launch virtual servers on demand. EC2 instances can be quickly provisioned, scaled up or down based on demand, and terminated when no longer needed. This elasticity enables cost optimization by paying only for compute capacity you actually use, making EC2 ideal for applications with variable workloads.
EC2 offers a wide variety of instance types optimized for different use cases. General-purpose instances (like t3, m5) provide balanced compute, memory, and networking. Compute-optimized instances (c5, c6) are ideal for CPU-intensive applications. Memory-optimized instances (r5, x1) are designed for memory-intensive workloads. Storage-optimized instances (i3, d2) provide high I/O performance for databases and data processing.
Amazon Machine Images (AMIs) are templates that contain the software configuration (operating system, application server, applications) needed to launch an instance. You can choose from AWS-provided AMIs, create custom AMIs from existing instances, or use AMIs from the AWS Marketplace. AMIs enable you to quickly launch instances with pre-configured software, reducing setup time and ensuring consistency across deployments.
Security groups act as virtual firewalls that control inbound and outbound traffic for EC2 instances. Each security group contains rules that specify allowed protocols, ports, and source/destination IP addresses. Security groups are stateful—if you allow inbound traffic, the corresponding outbound traffic is automatically allowed. Multiple security groups can be attached to an instance, and rules are evaluated together.
EC2 instances can be launched in different purchasing options: On-Demand instances provide maximum flexibility with no upfront costs, Reserved Instances offer significant discounts for predictable workloads, and Spot Instances provide up to 90% savings for fault-tolerant applications. Understanding these options helps optimize costs based on your application's requirements and usage patterns.
EC2 integrates with many other AWS services, including Elastic Load Balancing for distributing traffic, Auto Scaling for automatic capacity adjustment, Elastic Block Store (EBS) for persistent storage, and Virtual Private Cloud (VPC) for network isolation. Understanding these integrations enables you to build robust, scalable applications on AWS infrastructure.
Key Concepts
- EC2 provides scalable virtual servers in the cloud.
- Instance types are optimized for different workloads (compute, memory, storage).
- AMIs are templates containing software configuration for instances.
- Security groups control network traffic to and from instances.
- EC2 offers multiple purchasing options for cost optimization.
Learning Objectives
Master
- Launching and configuring EC2 instances
- Choosing appropriate instance types for workloads
- Configuring security groups for network security
- Understanding EC2 pricing models and cost optimization
Develop
- Understanding cloud computing infrastructure
- Designing scalable application architectures
- Optimizing cloud costs and resource utilization
Tips
- Start with t2.micro or t3.micro for learning (eligible for free tier).
- Use security groups to restrict access - don't open ports unnecessarily.
- Create custom AMIs for consistent deployments across environments.
- Use tags to organize and track EC2 resources for cost management.
Common Pitfalls
- Leaving security groups too open, exposing instances to security risks.
- Not stopping/terminating unused instances, incurring unnecessary costs.
- Choosing wrong instance type, wasting money or causing performance issues.
- Not backing up data, losing data when instances are terminated.
Summary
- EC2 provides scalable virtual servers with flexible configuration options.
- Instance types are optimized for different workload requirements.
- Security groups control network access to instances.
- Understanding EC2 options enables cost-effective cloud deployments.
Exercise
Launch an EC2 instance, configure security groups, and connect to it.
# Create a key pair for SSH access
aws ec2 create-key-pair --key-name my-key-pair --query 'KeyMaterial' --output text > my-key-pair.pem
chmod 400 my-key-pair.pem
# Create a security group
aws ec2 create-security-group --group-name my-web-sg --description "Security group for web servers"
# Add rules to security group
aws ec2 authorize-security-group-ingress --group-name my-web-sg --protocol tcp --port 22 --cidr 0.0.0.0/0
aws ec2 authorize-security-group-ingress --group-name my-web-sg --protocol tcp --port 80 --cidr 0.0.0.0/0
# Launch an EC2 instance
aws ec2 run-instances \
--image-id ami-0c02fb55956c7d316 \
--count 1 \
--instance-type t2.micro \
--key-name my-key-pair \
--security-groups my-web-sg \
--tag-specifications 'ResourceType=instance,Tags=[{Key=Name,Value=MyWebServer}]'Exercise Tips
- Use EC2 Instance Connect for browser-based SSH access.
- Configure user data scripts for automatic instance configuration on launch.
- Use Elastic IPs for static IP addresses that persist across instance restarts.
- Monitor instance metrics with CloudWatch for performance optimization.