Guided Lab: How to launch an Amazon EC2 Linux instance
Description
Amazon Elastic Compute Cloud (Amazon EC2) is a web service that allows you to easily create and manage virtual servers in the cloud. With Amazon EC2, you can set up and configure your own operating system and applications as per your requirements.
An Amazon EC2 instance is a virtual server that can be launched on AWS Cloud. When you launch an instance, it is secured with a key pair, which is used to prove your identity, and a security group that works as a virtual firewall to control incoming and outgoing traffic. When connecting to your instance, you must provide the private key of the key pair that you specified while launching the instance.
In this lab, you will be using Amazon EC2 to launch a virtual server with a Linux operating system. This hands-on experience with cloud computing will help you understand how to use Amazon EC2 as a start for your own projects.
Objectives
In this lab, you will learn how to:
- Create an EC2 instance (t2.micro)
- Configure a security group for SSH access
- Connect to the instance through SSH
- Learn about the Stop, Reboot, and Terminate operations
Lab Steps
Creating an Amazon EC2 instance (Linux)
1. Navigate to the search bar, type “EC2”, and click to open the EC2 Dashboard.
2. Click on the ‘Launch Instance’ button.
3. In the “Name and tags” section, you can add a name and create tags as key/value pairs. It’s recommended to tag AWS resources in production environments to stay organized, but it’s not mandatory. You can skip this section if you don’t want to create any tags for this lab.
4. You will need to select an Amazon Machine Image (AMI), which is basically a template of an Operating System platform that you can use as a foundation to create your instance.
For this lab, choose Ubuntu.
5. For the EC2 instance type, choose t2.micro.
6. In the Key pair section, you can create a new key pair by clicking on the “Create new key pair” button. Once you do this, enter “MyKeyPair” as the name of the key pair, keep the default values for Key pair type and Private key file format, and then click the “Create key pair” button. This will initiate the download of the key pair as a file named “MyKeyPair.pem” on your local system. This file contains a private key which you can use to connect to the EC2 instance via SSH.
7. In the Network Settings section, ensure that Allow SSH traffic from the checkbox is checked and Anywhere is selected under Security groups (Firewall).
AWS Warning: The default configuration for the security group that is about to be created will allow SSH access from any source IP address (0.0.0.0/0). This warning is to remind you that production environments should have more restrictive security controls. However, for the purposes of this lab, this configuration is acceptable.
8. In the Configure storage section, ensure the default values of 8 GiB and gp2 Root volume are selected.
9. Expand the section by clicking on Advanced Details, and take a moment to review the available configurations.
10. Before clicking on the ‘Launch instance’ button to create your instance, make sure to review all of your settings.
11. After clicking on the ‘Launch instance’ button, a confirmation page will appear to let you know that the process has started.
Configuring a security group for SSH access
1. Go to EC2 Dashboard and click the “Instances (running)” under Resources.
2. Select the instance you want to set up Security groups for by clicking the checkbox.
3. Navigate to the Security tab. Then, click on the security group ID, which typically begins with “sg-“.
4. To connect to your Linux instance using SSH from your IP address, you can add rules to a security group.
To enhance the security of your instance, it is important to only authorize a specific IP address or range of addresses when setting up a rule to access it. Using 0.0.0.0/0 will allow all IPv4 addresses to access your instance via SSH. Similarly, using ::/0 will enable all IPv6 addresses to access your instance. To avoid these two options and provide a more secure solution, it is recommended to specify a particular IP address or range of addresses.
Connecting to the instance through SSH
1. After launching an instance, it may take a few minutes for it to be ready for connection.
2. Find the public DNS name or IP address of your instance to connect to it.
3. Ensure that an SSH client is installed on your local computer by typing ‘ssh’ in the command line. If the command is not recognized, install an SSH client.
4. To connect to your instance using SSH, open a terminal and use the ssh command. Specify the path and file name of the private key (.pem), the username for your instance, and the public DNS name or IPv6 address for your instance.
ssh -i "path/to/your/key.pem" ubuntu@your-instance-public-dns
PEM (Privacy Enhanced Mail) and PPK (PuTTY Private Key) are both formats for storing private keys, which are used in public key cryptography. Here’s a comparison of the two:
PEM:
- It is a base64 container format for encoding keys and certificates.
- It is kind of the de facto standard for Linux, Mac, and Windows PowerShell users.
- The .pem file is what you download from AWS when you create your key pair. This is a one-time download, and you cannot download it again.
- To use a PEM file with SSH, you can use the -i option followed by the path to your PEM file. For example:
ssh -i mykey.pem myusername@mydomain.example
.
PPK:
- PPK is a format used by PuTTY, a Windows SSH client.
- It does not support the .pem format. Hence, you have to convert it to .ppk format using PuTTYgen.
- To use a PPK file with PuTTY, you need to load the PPK file in PuTTYgen and then save it as a private key. You can then use this private key to log into your server.
It’s crucial to keep private keys secure and never share them with unauthorized individuals as they are essential for secure communication over networks.
Stop, Reboot, and Terminate operations
Stopping an EC2 instance
Steps:
- Navigate to the EC2 dashboard.
- Select the instance you want to stop.
- Click the “Instance state” dropdown menu.
- Click “Stop” from the dropdown menu.
Effects:
When you stop an instance, the following is lost:
- Data stored on the RAM.
- Data stored on the instance store volumes.
- The public IPv4 address that Amazon EC2 automatically assigned to the instance upon launch or start. To retain a public IPv4 address that never changes, you can associate an Elastic IP address with your instance.
When you stop an instance, the following persists:
- Any attached Amazon EBS volumes.
- Data is stored on the attached Amazon EBS volumes.
- Private IPv4 addresses.
- IPv6 addresses.
- Elastic IP addresses associated with the instance. Note that when the instance is stopped, you are charged for the associated Elastic IP addresses.
Rebooting an EC2 instance
Steps:
- Navigate to the EC2 dashboard.
- Select the instance you want to reboot.
- Click the “Instance state” dropdown menu.
- Click “Reboot” from the dropdown menu.
Effects:
An instance reboot is equivalent to an operating system reboot. In most cases, it takes only a few minutes to reboot your instance.
When you reboot an instance, it keeps the following:
- Public DNS name (IPv4)
- Private IPv4 address
- Public IPv4 address
- IPv6 address (if applicable)
- Any data on its instance store volumes
Rebooting an instance doesn’t start a new instance billing period (with a minimum one-minute charge), unlike stopping and starting your instance.
Terminating an EC2 instance:
Steps:
- Navigate to the EC2 dashboard.
- Select the instance you want to terminate.
- Click the “Instance state” dropdown menu.
- Click “Terminate” from the dropdown menu.
Effects:
- The instance will be shut down, and the virtual machine that was provisioned for you will be permanently taken away, and you will no longer be charged for instance usage.
- Any data that was stored locally on the instance will be lost.
- Any attached EBS volumes will be detached and deleted unless they are set to persist after termination.