Udemy AWS SAA - EC2

172+198=370

37/370

EC2= Elastic Compute Cloud = Infrastructure as a Service
It mainly consists in the capability of :

• Renting virtual machines (EC2)
  • we can choose OS of the virtual machine, how much compute power of a CPU, how much RAM
  • we can choose how much storage space
    • Network-attached (EBS & EFS)
    • hardware (EC2 instance store)
  • Network card: speed of the card, Public IP address
  • Firewall rules: security group
  • Bootstrap script (configure at first launch): EC2 User Data
• Storing data on virtual drives (EBS)
• Distributing load across machines (ELB)
• Scaling the services using an auto-scaling group (ASG)

EC2 User Data

• an EC2 User data script bootstrap our instances. Bootstrapping means launching commands when a machine starts. That script is only run once at the instance first start. EC2 user data is used to automate boot tasks such as:
  • Installing updates
  • Installing software
  • Downloading common files from the internet
  • Anything you can think of
• The EC2 User Data Script runs with the root user

EC2 Instance:

• an EC2 virtual machine
• can used to host a website

If you stop and then restart the instance, the assigned Public IPv4 address might change

EC2 Instance Types
example: m5.2xlarge

• m: instance class
• 5: generation (AWS improve its hardware over time)
• 2xlarge: size within the instance class, more memory

EC2 Instance Types - General Purpose
Great for a diversity of workloads such as web servers or code repositories. Balance between:

• Compute
• Memory
• Networking
  In the course, we will be using the t2.micro which is a General Purpose EC2 instance

EC2 Instance Types- Compute Optimized
begin with c. Great for compute-intensive tasks that require high performance processors.

• Batch processing workloads
• Media transcoding
• High performance web servers
• High performance computing (HPC)
• Scientific modeling & machine learning
• Dedicated gaming servers

EC2 Instance Types-Memory Optimized
Start with R (R for RAM). Fast performance for workloads that process large data sets in memory
Use cases:

• High performance, relational/non-relational databases
• Distributed web scale cache stores
• In-memory databases optimized for Bl (business intelligence)
• Applications performing real-time processing of big unstructured data

EC2 InstanceTypes-Storage Optimized
Start with I / D / H1. Great for storage-intensive tasks that require high, sequential read and write access to large data sets on local storage
Use cases:

• High frequency online transaction processing (OLTP) systems
• Relational& NoSOL databases
• Cache for in-memory databases (for example, Redis)
• Data warehousing applications
• Distributed file systems

Security Groups

• Security Groups are the fundamental of network security in AWS.They control how traffic is allowed into or out of our EC2 Instances. Just like firewall.
• Security groups only contain allow rules and can reference by IP or by security group
• They regulate:
  • Access to Ports
  • Authorized IP ranges-lPv4 and lPv6
  • Control of inbound network (from other to the instance)
  • Control of outbound network (from the instance to other)
• they can be attached to multiple instances, locked down to a region/VPC combination
• it's good to maintain one separate security group for SSH access
• if you app is timed out, then it's security group issue, if it gives connection refused, then it's app error
• security groups can authorize each other

Classic Ports to know
22=SSH(Secure Shell) - log into a Linux instance
21= FTP (FileTransfer Protocol)- upload files into a file share
22= SFTP (Secure File Transfer Protocol)- upload files using SSH
80=HTTP-access unsecured websites
443=HTTPS-access secured websites
3389=RDP(Remote Desktop Protocol)-log into a Windows instance

SSH Overview

• can be used on Mac Linux and Windows >= 10
• if windows, can use Putty
• EC2 Instance Connect work for all OS

SSH on linux / Mac

• SSH allows you to control a remote machine, all using the command line
  • pwd: show where you at
  • ls: list all files in the folder you are
  • cd filename: go to which file
  • ssh -I filename 你的username@这里写IP地址: log into the EC2 machine

EC2 Instance Connect
Just click a button on AWS, voila you are in the EC2 machine. Be careful that you need to open your security group access