Basic computer components:
- OS (linux, osx)
- CPU (processing power, brains)
- Hard Drive (local storage)
- Network card (internet access, ethernet or wifi)
- Firewall (security, help block unauthorized things from accessing your computer)
- RAM (short term memory, data loaded into this memory before processed)
Elastic Compute Cloud (EC2)
- 💻 EC2 = basic computer, scalable (vertically and horizontally), config security and networking, and manage storage, elastic.
In EC2 terminology:
- OS = AMI
- CPU = Instance type
- Hard drive = EBS (local storage)
- Network card = IP Address (internet access)
- Firewall = Security groups
- RAM = RAM
How are we charged?
- Purchase instances on demand, or reserved basis (cheaper but locked into a longer term contract for the instance duration)
- Spot instances = only pay for instance when price is at or below a price threshold — gives you discount for unused instances (charged by the minute)
- Instance Types: general purpose, compute optimized, accelerated computing, memory optimized, and storage optimized.
- EBS optimized = option for higher IOPS performance
- AMI type = which OS you want with diff prices for diff OS’s / versions
- Data transfer = charged for how much data moving in/out of the instance
- Region = where the instance is provisioned (priced differently per region)
AMIs and EBS
- Amazon Machine Image (AMI) = OS = pre configured package required to launch EC2 instance.
- AMI is like a template with the desired server environment (and can spin up as many instances as you want/need from any template AMI)
- Community AMIs = free to use, usually just the OS
- AWS marketplace AMIs = pay to use, comes packaged with additional software you want to use usually
- My AMIs = custom created AMIs
- AMI components: 1. Root Volume template (OS and software), 2. Launch Permissions, 3. Block device mapping (EBS or hard drive mapping for storage)
- Can add storage to EC2 instances using Elastic Block Store (EBS)
- EBS = storage volume for instances, like a hard drive. Highly available, must be in the same AZ as the instance. Can persist past the life of the instance.
Security Groups (SGs)
- SGs = allow or deny traffic
- SGs are on the instance level.
- Different from NACLs
- SGs are like virtual firewalls that controls the traffic for instances. When you launch an instance you associate one or more SGs with the instance.
- SGs start with all deny traffic rules, and add rules to allow traffic.
- Remember, NACLs are at the subnet level.
Connecting to your EC2 Instances:
1. Create key pair (.pem) when launching instance and save to your local machine.
2. Run ‘chmod 400 sshkeypair.pem’ to change permissions on a mac
3. Connect to instance using DNS name or public IP address: run command ‘ssh -i “sshkeypair.pem” ec2-user@ec2–54–196–0–138.compute-1.amazonaws.com’
Now you are connected to instance on the CLI
Once connected you will see the private IP on the command line.