Linux | Cloud | DevOps | Scripting

Breaking

EC2


EC2 (Elastic Compute Cloud) is a web service inside AWS infrastructure, which is capable of providing us Virtual Servers and these virtual serves inside cloud are known as instances. EC2 enables us to launch and manage server instances at any time, for as long as we need and for any legal purpose. By default, EC2 is not redundant. Ec2 is AZ specific service. EC2 cannot be used for hosting Desktop. For this there is a different application named VDI in AWS.

Q. What is the difference between S3 web service and EC2 web service?
A. S3 is a web service which provides 'object storage' whereas EC2 is a web service which provides 'Virtual Servers'.

Q. If we can get Hardware Server and Virtual Machine, then why we go for an EC2 instance?
A. Cost and Flexibility (in terms of size, location, moving instances) are two main features to move towards the instance apart from buy a server. Cloud is providing same thing in much more cost effective mechanism and vast flexibility. In future we can resize the instance also.

In AWS, Cost matters on below mentioned three things:
  1. Tenancy Model (Cost Saving Part) 
  2. Billing Model (Cost Saving Part)
  3. Instance Type (Flexibility Part)
1. TENANCY MODEL

Tenancy Model helps us to control the cost, as we are the tenant for AWS.

Types of Tenancy Model:
  1. Shared Tenancy (default)
  2. Dedicated Tenancy
    1. Instance
    2. Host

1. SHARED TENANCY MODEL (e.g. to test our website code):

Shared Tenancy is the default tenancy model, used by AWS. In Shared Tenancy, our instance can be placed on any hardware in AWS. Many companies can share their servers on the same hardware.

AWS has hardware and a hypervisor layer over that hardware. If a company (e.g TCS) wants to create its instance, EC2 will allow to create the instance on top of the Hypervisor layer. Secondly, another company (e.g. HCL) wants to launch their instance, then EC2 will allow them also to launch an instance on top of that Hypervisor. This is Shared Tenancy Model, which is the default tenancy model in AWS.

DISADVANTAGE: If a company is very sensitive about security or about the government rules and regulations, in this case, Shared Tenancy Model will not work because these types of companies will not like another company to share their hardware. Here, Dedicated Model comes into the picture.

2. DEDICATED TENANCY MODEL:
In Dedicated Tenancy Model, Physical Server will be dedicated to us to create an instance for our company. In this case, only our company’s instance will run ON THE BLOCK OF THAT HARDWARE. Here, we are getting ensured by the AWS that, that particular block on which our instance is running, no other company's instance will be started. AWS is giving proper SLA for the same.

Q. Who is providing security-related assurance in AWS?
A. Security in AWS is taking care of by PCI (Payment Card Industry) and DSS (Data Standard Security).

Q. What is the difference between Shared Tenancy Model and Dedicated Tenancy Model?
A. In Shared Tenancy Model, n number of companies instances can be started on the same hardware but in Dedicated Tenancy Model, only our company's instance will be run on that particular hardware.

DISADVANTAGE OF DEDICATED TENANCY MODEL:

If we reboot our instance, only OS service restarts. So after reboot, we will be on the same hardware. But if we perform 'stop and start' activity, it means our instance is fully stopped and our connection with the hardware is fully disconnected. So, there is no guarantee that when we start our instance, it will start on the same hardware.

There are two types of Dedicated Tenancy Model:

(i) DEDICATED INSTANCE (e.g. to do data encryption on medical records):
In this case, EC2 will pick up the keyword that this person is using Dedicated Tenancy, then EC2 finds the location where our instance can run as a Dedicated Instance. We use Dedicated Instance for compliance, security and company policy.
Even though the hardware is dedicated for our instance, then too apart from entire hardware, we need to pay only for the instance.

ISSUE: In this case also, if we stop and then start again our instance, then EC2 can start our instance on other hardware also. We will get the instance, access, and all settings but hardware may be changed from one system to another system. But if we reboot the system, then we can get our instance on the same system. We need to pay more than Shared Tenancy.

(ii) DEDICATED HOST (e.g. to run Cad Cam software):
In this case, complete hardware of the physical server is dedicated to us. Here, we need to pay the entire cost of the physical server, whether we create one instance or use full hardware. We go for Dedicated Host if we want to have a license for our hardware.

AWS will provide hardware + Bring your own license

SCHEDULER SERVICE:

The moment we make any request, the scheduler knows everything about the infrastructure, also it has a database, based on that it will make a request to place the instance on specific hardware. Scheduler exist inside EC2 service of AWS.

Scheduler first checks on which tenancy we are working, then it will check how much hardware resource is free and according to that this will launch the instance.

DISADVANTAGES OF DEDICATED HOST:
  1. Cost effectively
  2. In this case, If the host fails then the server will also be fail
  3. We have reserved hardware to us but we all remaining resources are useless and we have to pay.

2. BILLING MODEL

There are three types of billing options:
  1. On-Demand Instances
  2. Reserved Instances
  3. Spot Instances
1. ON DEMAND INSTANCES (good for testing):

Whenever we want the instance, we will get the instance. On-Demand Instances are most expensive instances. No Previous commitment is required to launch these instances. Billing is at per second per minute basis for Linux instances and per hour basis for Windows instances. The reason for these differences is that Linux OS starts within seconds, whereas Windows system takes some time. There is no need to sign an agreement with AWS. This is the default billing option in AWS.

Per month, we have 750 hours for running an instance. Comparatively, if there are 2 instances then the time will be divided equally for both and as 750 hours will be completed or 12 months are completed, we need to pay.

DISADVANTAGE: 
  1. This is the most expensive instance.
  2. There is no discount and no commitment in On-Demand Instances.
  3. There is a possibility that this is not available for a huge number of services.
  4. If AWS infra is saturated then there is a possibility that we are not allowed to log in to our instance (Basically, it doesn’t happen because AWS provision a lot of hardware).
2. RESERVED INSTANCES (good for production infrastructure):

In this case, we can reserve the instance for approx one to three years. We need to pay before starting the instance for this and we need to provide the info that we want to run this instance 24*7*365. If we choose Reserve instances, we can save approx 40% cost for one year (here, the minimum reservation is for one yearand approx 60% cost for three years. If we extend this up to five years, then we can save the cost up to 70%.

    SCHEDULE INSTANCES:
   Schedule Instance is a part of Reserved Instance. For example, if we reserve the instance for one year but our company is closed down on Saturday & Sunday and timings for Monday to Friday is from 8:00 am to 5:00 pm. In this case, the Reserved Instance will be expensive for us because we are paying for a full year. Here, Schedule Instance comes into the picture.

3. SPOT INSTANCES (good for fluctuating workload):

Spot Instances are free AWS infrastructure which can be used for Happy Hours. At the time when AWS infrastructure is free, then AWS release them as Happy Hours for us. Happy Hours instances are not always available. We can get the instance with the discounted amount up to 90%.

In this case, AWS releases an amount for the instance, then everyone is going to bid for that. Whoever is doing better bid, AWS will provide that instance to him. 

ADVANTAGE:
Very high compute is available with 90% cheaper cost.

DISADVANTAGE:
As AWS get the load, we need to shut down our happy hours instance within 2 minutes. We will get a notification from AWS to shut down our instance within 2 minutes. If we do not shut it down, AWS will shut down our happy hours' instance.
Q. My application can be stop and resume, which instance is better for me as per cost point of view?
A. Spot Instances

3. INSTANCE TYPE

Cost also depends on the capacity of the hardware. So, we must select the hardware flavor sincerely. There are many types of Instances we have in AWS:
  1. General Purpose Workload (T & M): T for Tiny and M for Medium. CloudWatch is a feature, which tells us that there is an issue with performance or RAM etc. (In traditional data center we know this service as Nagios).
  2. Compute Optimized Instances (C): CPU% high
  3. Memory Optimized Instances (R): Ram% high
  4. Disk Optimized Instances (D): SSD / RAID, high Disk
  5. Graphical Optimized Instances (P): Graphics
  6. Extra Large Instance (X): CPU up to 128 & RAM 4TB
Sometimes we see that there is a numeric value and 'x'. For e.g. C4x or C5x; here 4 & 5 are generation and x represents the size.

In 'C4 Large'; C is Instance Family, 4 is Instance Generation and Large is Instance Size.

AMI

AMI (Amazon Machine Instance) is a readymade OS with apps, users and readymade settings. We just need to map with EC2 service and launch the instance. AMI is compatible with AWS infrastructure.


Amazon Marketplace is the location where we can get each and everything related to AWS.

Q. How can we get our own PC to AWS?

A. AMI is Amazon readymade Operating System. But if we want to use our own operating system in AWS, then first we need to use P2V and then V2C.

- P2V: For this, we need to use a software named VMWare Converter. Now our OS is converted into a vmdk file with extension .vmdk.

- V2C: There is no need for any software in V2C. For this we just need to open VMWare > (VM should be shut down) > File > Export to ovf. This will convert .vmdk file into .ovf.

- Now we need to send this file to the storage in AWS, which is a bucket in S3.

- Taking a Virtual Machine from a data center to AWS S3 bucket is known as Migration.

- There is one more last step that we need to convert .ovf file to AMI.

- Now, we have AMI but we need to download it on the hard disk of EC2, which is known as EBS (Elastic Block Store).

- As AMI will expand on EBS, we can use this.

- To reach this instance we need internet which has Public IP, Private IP, Net Card, Router, DNS. But as we are not expert in all this, AWS is providing all of these things as VPC (Virtual Private Cloud). AWS has created a default VPC in every region. We should never delete default VPC, otherwise, we need to call to AWS and then we need to create this again.

- To protect our instance over the internet, we use firewalls. In AWS firewall is known as SG (Security Group).

- We need to allow two ports: for Linux, we need to open port 22 for SSH and if this is a Windows, then we need to open port number 3389 for rdp.

- We need to use a valid username and password. AWS designed AMI images uses ec2-user as a username for Linux and Administrator as a username for Windows. Its password is inside the OS. But to get the password we need to use a Public Key and a Private Key, which will be generated during the process of instance creation. Public Key is always with AWS and Private key is always with the user. 



As we launch an instance, we need to provide details on some fields:

There are some fields like 1. Choose AMI, 2. Choose Instance Type, 3. Configure Instance, 4. Add Storage 5. Add Tags 6. Configure Security Groups and 7. Review.

1. Choose AMI:

We need to choose an AMI, which is a pre-build template. As we are using a free account, we need to go only for Free Tier Images, otherwise, it will be charged.

2. Choose Instance Type:

There are a lot of options to select Instance Type. These Instances are virtual servers that can run applications. Instance Type provides combinations of CPU, memory, storage, and networking capacity, and give you the flexibility to choose the appropriate mix of resources for your applications. So, we can select any instance type as per our application requirement.

3. Configure Instance:

Number of Instances: We can choose to launch more than one instance at a time.


Purchasing option: We have the option to request Spot Instances and specify the maximum price we are willing to pay per instance hour. If our bid is higher than the current Spot Price, our Spot Instance will be launched and also it will be charged at the current Spot Price.

Network: We can launch our instance by using AWS default Virtual Private Cloud (VPC). We can create our own VPC and select our provided IP address, subnets, route tables, and network gateways.

Subnet: A range of IP addresses in our VPC that can be used to isolate different EC2 resources from each other or from the Internet.

Auto-assign Public IP: We need to Enable it to make our instance reachable from the Internet.

Placement group: We launch our instance in a placement group to get the benefit from greater redundancy or higher networking throughput.

Capacity Reservation: Capacity Reservations reserve capacity for our EC2 instances in a specific Availability Zone. We can launch instances into a Capacity Reservation if they have matching attributes (instance type, platform, and Availability Zone), and available capacity.

IAM Role: *****

Shutdown behavior: Specify the instance behavior when an OS-level shutdown is performed. Instances can be either terminated or stopped.

Enable termination protection: We can protect instances from being accidentally terminated.

Monitoring: Monitor, collect, and analyze instance metrics through Amazon CloudWatch. The default is free, basic monitoring, where data is available in 5-minute periods. You can enable detailed monitoring, where data is available in 1-minute periods.

Tenancy: We can choose to run your instances on physical servers fully dedicated for your use. We can go for Shared, Dedicated Instance or Dedicated Host Tenancy models.

Elastic Inference: Elastic Inference provides cost efficient hardware acceleration for all EC2 instance types.

T2/T3 Unlimited: Enabling T2/T3 Unlimited allows applications to burst beyond the baseline for as long as needed at any time. If the average CPU utilization of the instance is at or below the baseline, the hourly instance price automatically covers all usage. Otherwise, all usage above baseline is billed.

User Data: We can specify user data to configure an instance or run a configuration script during launch.

4. Add Storage:

We can see default Volume is selected as per our provided instance type. But we can add a new volume also by clicking on ADD NEW VOLUME. As we click on this we get a new volume having Volume Type 'EBS'.




5. Add Tags:

Here we need to provide Name Tag because instance inside AWS is identified by an instance ID. If we created 10-15 instances and we did not provide any name tag then we will not be sure that which instance is doing which job. This is not the hostname, this Name Tag is only to identify the Instance inside AWS environment.

6. Configure Security Group:

Here, by default SSH is selected, because for administration in Linux we use SSH (port no. 22). Apart from SSH if we want to add another rule, we need to click on 'Add Rule'. Now, either we can use an existing Security Group or we can create a new Security Group. We can use this by choosing the radio button in front of Assign a Security Group:

1. ( ) Create a new security group. Now, we need to provide Security Group Name with some Description.



2. ( ) Select an existing security group. This will list all Existing Security Groups and we just need to click on selected one, having every rule provided in that Security Group > Next.










4 comments:

Pages