Amazon EC2- Infrastructure as a Service

Amazon Web Services, allows users to rent virtual computers on which to run their own computer applications.

Amazon EC2 (Elastic Compute Cloud) offers a variety of instance types to suit different use cases. These instances are categorized into several families, each designed for specific applications.

Here are the main types of EC2 instances:

General Purpose:

• T Series (T3, T3a, T4g): Burstable performance instances for general-purpose workloads.
• M Series (M5, M5a, M6g): Balanced CPU-to-memory ratio for general-purpose applications.

Compute Optimized:

• C Series (C5, C5a, C6g): High-performance processors for compute-intensive applications.

Memory Optimized:

• R Series (R5, R5a, R6g): High memory-to-CPU ratio for memory-intensive applications.
• X Series (X1, X1e, X2gd): Extreme memory optimization for large in-memory databases.
• z1d: High single-threaded performance and high memory.

Accelerated Computing:

• P Series (P3, P4): Instances with GPUs for machine learning and computational workloads.
• Inf1: Optimized for inference workloads.
• G Series (G4, G5): GPU instances for graphics-intensive applications and machine learning inference.

Storage Optimized:

• I Series (I3, I3en, I4i): High local storage for high I/O performance.
• D Series (D2, D3, D3en): Dense storage instances for data-intensive workloads.
• H1: High disk throughput.

Mac:

• Mac1: Instances for macOS environments.

These instances can be further customized with various options for CPU, memory, storage, and network capabilities to match the specific requirements of different applications.

Security Group

A security group is a virtual firewall that controls the traffic to and from resources in a cloud environment, such as instances in Amazon Web Services (AWS) or virtual machines in other cloud platforms. Security groups allow you to define rules that specify allowed and denied inbound and outbound traffic.

Advantages of Security Groups

1. You can specify exactly which types of traffic are allowed.
2. They automatically handle return traffic, making management easier.
3. Changes apply to all connected resources instantly.
4. Can be combined with other security tools for better protection.
5. Keeps different types of traffic and resources separate and secure.

Disadvantages of Security Groups

1. Managing many rules can be tricky and prone to mistakes.
2. There are limits on the number of rules you can set.
3. They don’t provide detailed information on traffic for troubleshooting.
4. Too many rules can impact performance.
5. They can’t look into the details of the data being transferred.

Advanced Features of Security Groups

• Modify rules without rebooting instances.
• Organize and manage using tags.
• Use security groups across multiple regions.
• Control inbound and outbound traffic separately.
• Reference other security groups in rules.
• Assign to specific network interfaces.
• Track changes and access with logging tools.
• Set up metrics and alerts for activity.
• Control access with role-based policies.
• Use code tools for consistent deployment.

Classic Ports

1. HTTP (Port 80): Used for unsecured web traffic.
2. HTTPS (Port 443): Used for secured web traffic with SSL/TLS encryption.
3. FTP (Port 21): Used for File Transfer Protocol, transferring files between systems.
4. SSH (Port 22): Used for Secure Shell, providing secure remote login and command execution.
5. Telnet (Port 23): Used for remote login services, unencrypted.
6. SMTP (Port 25): Used for Simple Mail Transfer Protocol, sending emails.
7. DNS (Port 53): Used for Domain Name System, resolving domain names to IP addresses.
8. POP3 (Port 110): Used for Post Office Protocol 3, retrieving emails from a server.
9. IMAP (Port 143): Used for Internet Message Access Protocol, managing and retrieving emails.
10. RDP (Port 3389): Used for Remote Desktop Protocol, accessing remote desktops.

SSH Troubleshooting

1. There’s a connection timeout

This is a security group issue. Any timeout (not just for SSH) is related to security groups or a firewall. Ensure your security group (port22 ) is correctly assigned to your EC2 instance.
A corporate firewall or a personal firewall may be blocking the connection.

2. SSH does not work on Windows

• If it says: ssh command not found, that means you have to use Putty

3. There’s a connection refused

This means the instance is reachable, but no SSH utility is running on the instance

• Try to restart the instance
• If it doesn’t work, terminate the instance and create a new one. Make sure you’re using Amazon Linux 2

4. Error: Permission denied (publickey,gssapi-keyex,gssapi-with-mic)

• You are using the wrong security key or not using a security key. Please look at your EC2 instance configuration to make sure you have assigned the correct key to it.
• You are using the wrong user. Make sure you have started an Amazon Linux 2 EC2 instance, and make sure you’re using the user ec2-user. This is something you specify when doing ec2-user@<public-ip> (ex: ec2-user@35.180.242.162) in your SSH command or your Putty configuration

EC2 Instances Purchasing Options

On-Demand Instances:

• Run instances as needed.
• Ideal for short workloads with predictable pricing.
• Pay by the second.

Reserved Instances:

• Long-term commitment (1 or 3 years).
• Suitable for predictable, long-running workloads like databases.
• Offers significant discounts (up to 72%).

Convertible Reserved Instances:

• Flexibility to change instance types.
• Slightly lower discounts (up to 66%).

Savings Plan:

• Commit to a specific amount of usage in dollars for 1 or 3 years.
• Offers flexibility across instance families and operating systems.
• Provides discounts similar to reserved instances.

Spot Instances:

• Very short workloads with significant cost savings (up to 90%).
• Instances can be terminated anytime, making them less reliable.
• Suitable for batch jobs and other non-critical tasks.

Dedicated Hosts:

• Book an entire physical server.
• Useful for compliance requirements and specific licensing needs.
• Most expensive option due to exclusive hardware use.

Dedicated Instances:

• Instances run on hardware dedicated to you.
• No control over instance placement, unlike dedicated hosts.

Capacity Reservations:

• Reserve capacity in a specific availability zone.
• No time commitment; pay on-demand rates.
• Ensures instance availability when needed.

Summary

• On-Demand: Pay full price for flexibility, ideal for unpredictable short-term workloads.
• Reserved: Plan ahead for long-term usage to get discounts.
• Savings Plan: Commit to spending a specific amount for discounts with some flexibility.
• Spot: Bid for unused capacity at lower prices, suitable for interruptible tasks.
• Dedicated Host: Book entire servers for compliance and specific licensing.
• Capacity Reservation: Reserve capacity without billing discounts, ensuring availability.

EC2 Spot Instances

Cost Savings:

• Up to 90% discount compared to On-Demand instances.

Max Spot Price:

• Define the maximum price you are willing to pay.
• Instance runs if the current spot price is below the maximum price.

Instance Interruption:

• Two options when the spot price exceeds the max price: stop or terminate the instance.
• Two-minute grace period to handle interruptions.

Spot Block:

• Block a spot instance for 1 to 6 hours without interruptions.

Usage Scenarios:

• Ideal for batch jobs, data analysis, and resilient workloads.
• Not suitable for critical jobs or databases.

Pricing Variability:

• Spot prices vary by availability zone and over time.

Spot Requests:

• There are two types: one-time and persistent.
• One-time launches instances once; persistent maintains the desired instance count.

Canceling Spot Requests:

• Cancel the request before terminating instances to prevent relaunch.

Spot Fleets:

• Combine spot + On-Demand instances.
• Meet target capacity with defined price constraints.
• Multiple strategies: lowest price, diversified, capacity-optimized, price-capacity optimized.

Spot Fleet Benefits:

• Automatically selects the best pool for cost savings.
• Provides flexibility and additional savings by using various instance types and availability zones.

Key Takeaways

• Spot instances offer significant savings for non-critical, interruptible workloads.
• Spot fleets provide advanced cost optimization by selecting the best instances from multiple pools based on defined strategies.

Check Pricing History

Request Spot Instance >>

Spot Instances:

• Utilize Spot Requests for cost-effective EC2 instance launches.
• View pricing history to predict costs and savings compared to on-demand pricing.
• Request Spot Instances by configuring launch parameters and specifying capacity needs.

Spot Fleet Requests:

• Configure launch templates or manual parameters (like Amazon Linux 2, key pair).
• Define request details including maximum price, validity period, and termination behavior.
• Specify target capacity in terms of instances, vCPUs, or memory.

Networking and Instance Types:

• Specify network settings (AZs, VPC) and instance type restrictions or attributes.
• Choose an allocation strategy based on capacity optimization or cost savings.

Persistent Requests and Interruption Behavior:

• Choose between one-time or persistent Spot Instance requests.
• Define actions upon interruption (terminate, hibernate, stop).

Other Launch Options:

• Reserved Instances: Options to purchase specific instance types for fixed terms (standard or convertible).
• Savings Plans: Flexible pricing plans based on hourly spending with instance-type flexibility.
• Dedicated Hosts: Launch instances on dedicated hardware for better licensing and performance, managed via License Manager.
• Capacity Reservations: Ensure instance capacity availability within a specified region and instance type, regardless of launch time.

If you found this guide helpful then do click on 👏 the button.

Follow for more Learning like this 😊

If there’s a specific topic you’re curious about, feel free to drop a personal note or comment. I’m here to help you explore whatever interests you!

Thanks for spending your valuable time learning to enhance your knowledge!