My very first AWS EC2 instance

In this blogpost I will quickly take you through the process of spinning up my very first EC2 instance in my AWS Free Tier lab environment. I will be using T2.micro instances which are eligible for the Free Tier. The first step is to go to the EC2 service and select Launch Instance:

1. Choose AMI

The wizard provides you with a extensive list of Amazon Machine Images (AMIs). These are the AWS equivalent of VMware templates. Amazon provides you with a broad selection of images. You can store AMIs in your own repository called My AMIs, you can select AMIs from the AWS Marketplace or from the Community AMIs repository. I will be selecting the Amazon Linux AMI for my very first instance:

2. Choose Instance Type

The Instance Type screen lets you choose a Family and an instance type. I won’t be explaining all the different options in this practical blogpost but it basically comes down to different families of EC2 instances being optimized for specific use cases (heavy graphics, high performance, etc.). The Instance Type specifies which T-shirt size instance you want. I don’t want to get charged on my creditcard so I will be using a humble t2.micro general purpose instance:

3. Configure Instance

I am using the London region which is called “eu-west”. This region has two availability zones and each availability zone has one subnet by default. I will be using the default subnet for my first instance. I will also be using the default created VPC (Virtual Private Cloud) which can be seen as a single logical/virtual data center:

4. Add Storage

By default the t2.micro general purpose instance comes with a General Purpose SSD EBS (Elastic Block Storage) volume of 8GiB. That’s fine for this instance. You can specify if AWS needs to retain or delete the EBS volume whenever the EC2 instance is terminated. This option is enabled by default:

5. Add Tags

Using tags is really useful in a cloud environment. I have to honestly admit I don’t yet have a good enough understanding of how to effectively and efficiently using tags from an architecture viewpoint. How do you prevent clutter and unstructured use of tags? I’ll have to read some more… For now it seems logical to provide a simpel name tag:

6. Configure Security Group

Security Groups are basically inbound firewall rules. All outgoing traffic is allowed by default. Incoming traffic is blocked by default and needs to be opened up. What’s really cool is that you can choose “My IP” as a source. Your public client IP is automatically detected and used as a source. This way you can easily protect your SSH admin interface. Just to provide some firewall rules, I opened incoming HTTP and HTTPs from anywhere:

7. Review

The final step before launch is to review and validate all settings:

Key pair

To interactively logon to the instance using SSH, a keypair is required. A keypair consists out of a secret private key and a shared public key. The combination of these two specific keys will allow access. I created a new keypair and downloaded the private key to my MacBook:

Connect To Your Instance

When the instance is succesfully launched, you can select “Connect”. The following instructions appear:

I executed all steps in a Terminal window The chmod 400 command sets the required permissions to the private key file. Using SSH I remote into my EC2 instance:

Testing Outgoing traffic

As you can see, outgoing traffic is allowed:

Testing Incoming Traffic

I used yum update to install the latest updates and patches and installed and enabled Apache (httpd) to test connectivity from the internet to my EC2 instance:

The installation of Apache is just two simple commands: yum install httpd and service httpd start

Succes!!

Conclusion

That’s it for now. My very first EC2 instance is successfully running in the London region of AWS. That was easy … but of course, clicking around in the AWS management console GUI should be a no-go for any cloud engineer. The ultimate goal in a public cloud environment would be adopting concepts such as ‘infrastructure as code’ and ‘immutable infrastructure’ … but let’s first learn to crawl before running 🙂

PS. Don’t forget to stop your EC2 instance when you are not using it!