2. Profile
Sabir Mustafa
►19 Years of Experience
►Heading AWS Cloud Business Unit
in Royal Cyber
►AWS Certified Solution Architect –
Professional
►AWS Certified SysOps
Administrator – Associate
►RedHat Certified Engineer
►Microsoft Certified Systems
Administrator
5. Amazon EC2
Introduction
• “An EC2 instance is a virtual server in Amazon's Elastic Compute Cloud (EC2) that run
applications on the Amazon Web Services (AWS) infrastructure.” Each EC2 instance may have all
or some of below settings applied:
• Processor
• Memory
• EBS Volume
• One or more EIPs
• IAM Role
• Security Groups
• SSH Keys
6. Amazon EC2
Features
• EC2 based compute machines are known as instances
• Instances are provisioned from preconfigured templates known as Amazon
Machine Images (AMI)
• Instances are categorized based on processor capacity, memory, storage, and
networking, known instance types.
• Secure login to the instances is achieved by using key pairs or recently added AWS
Session Manager.
7. Amazon EC2
Features
• Disk storage volumes achieved using Amazon Elastic Block Storage (EBS)
• Limited access through Security Groups
• Risk of data loss if Instance store volumes are used
• Metadata, known as tags, that can be create and assign to Amazon EC2
resources
• Common actions i.e. start/stop, security scans etc can be performed in bulk
using Tags
8. Amazon EC2
Benefits
• Elasticity enables to increase or decrease capacity within minutes
• User have complete control of the instances including root access and the ability to
interact
• Wide choice of multiple instance types, operating systems, and software packages
available
• Offers a highly reliable environment where replacement instances can be rapidly
and predictably commissioned
• Fully manageable through AWS Management Console, the AWS Command Line
Tools (CLI), or AWS SDKs.
9. Amazon EC2
EC2 Elastic IP Addresses
• An Elastic IP address is a static IPv4 address designed for dynamic cloud computing
• An Elastic IP address is associated with AWS account
• With an Elastic IP address, User can mask the failure of an instance or software by rapidly
remapping the address to another instance
• EIP have fix mac address hence useful for tracking
• Recently Amazon allowed to bring custom IP addresses to cloud
NOTE:
AWS currently do not support Elastic IP addresses for IPv6.
11. Amazon EC2
Amazon Machine Image (AMI)
• An Amazon Machine Image (AMI) provides the information required to launch an instance, which is a
virtual server in the cloud. You must specify a source AMI when you launch an instance
An AMI includes the following:
1. A template for the root volume for the instance (for example, an operating system, an application server,
and applications)
2. Launch permissions that control which AWS accounts can use the AMI to launch instances
3. A block device mapping that specifies the volumes to attach to the instance when it's launched
12. Amazon Machine Image (AMI)
• Common AMIs
• Amazon Linux
• RedHat Enterprise Linux
• Suse Linux Enterprise
• Ubuntu Server 18
• Windows Server 2019
• Deep Learning AMIs
• Windows Server with SQL Server
Instance
Instances
AMI Image
Create AMI
Create Multiple
Instances
• Marketplace AMIs
• OpenVPN
• Trendmicro
• Juniper
• Barracuda cloudgen Firewall
• etc
13. Amazon EC2
Amazon Elastic Block Store (EBS)
• EBS provides persistent, highly available, consistent, low-latency block storage volumes for use with
Amazon EC2 instances
• Each Amazon EBS volume is automatically replicated within its Availability Zone to protect you from
component failure, offering high availability and durability.
• It is designed for an application managers who need to tune workloads for capacity, performance and
cost
• EBS are available in:
• General purpose SSD (gp2)
• Provisioned IOPS (io2)
• Throughput optimized HDD (st1)
• Cold HHD (sc1)
• Magnetic (Previous generation)
14. Amazon EC2
• EBS Features
• Whether its SSD-backed or HDD-backed volumes, EBS deliver High Performance Volumes that
needed the most demanding applications
• EBS volume is designed for 99.999% Availability
• EBS Encryption provides seamless support for data-at-rest and data-in-transit between EC2
instances and EBS volumes
• Protect the data by creating point-in-time Snapshots of EBS volumes
• Dynamically increase capacity, tune performance, and change the type of live EBS volumes
• Once a VM is destroyed, the EBS are sent to SCRUB pool before they are made available again
to the customers
16. Amazon EC2
EC2SecurityGroups
• A security group acts as a virtual firewall that controls the traffic for one or more
instances
• When instance has launched, it associate with one or more security groups
• User can add rules to each security group that allow traffic to or from its associated
instances
• User can modify the rules for a security group at any time
• Applied to all instances that are associated with the security group running in any AZ
• Security Groups are stateful. If an incoming rule is allowed, it will open outgoing
automatically
17. Amazon EC2
• Amazon EC2 Pricing
• Amazon EC2 is free to try. There are four ways to pay for Amazon EC2 instances:
• With On-Demand instances, user can pay for compute capacity by
per hour or per second depending on which instances you run. No
longer-term commitments or upfront payments are needed.
On-Demand
• Amazon EC2 Spot instances allow user to request spare Amazon
EC2 computing capacity for up to 90% off the On-Demand price.
Spot Instances
18. Amazon EC2
• Amazon EC2 Pricing
• Reserved Instances provides a significant discount (up to 75%)
compared to On-Demand instance pricing.
Reserved Instances
• A Dedicated Host is a physical EC2 server dedicated for use.
Dedicated Hosts can helps to reduce costs by allowing user to use
existing server-bound software licenses, including Windows Server,
SQL Server, and SUSE Linux Enterprise Server.
Dedicated Hosts
19. Amazon EC2
• With per-second billing, pay for only what is in use. It
takes cost of unused minutes and seconds in an hour
off of the bill.
• EC2 usage are billed on one second increments, with
a minimum of 60 seconds. Similarly, provisioned
storage for EBS volumes will be billed per-second
increments, with a 60 second minimum.
Per Second Billing
• Amazon EC2 Pricing
20. EC2 Business Flow Example
Developer 1
Developer (n)
AWS Code
Commit
AWS
CodePipeline
UAT Machine
Load Balancer• Compile and deploy
• Integration tests
• style checker
• code metrics
• UI Tests
• Pen Tests
• Load Tests
• Hosted in AWS
Autoscaling Group
Application Tier
Autoscaling Group
Web Tier
Security Group Security Group
53
EC2 Instances
Michael Kent - CTO
Michael Kent serves as Chief Technology Officer for RiverMeadow. A 25-year technology veteran with expertise in virtualization, cloud, and SaaS, Michael designs the RiverMeadow's technology roadmap and works closely with customers and partners. In his career, Michael served as Chief Architect for CenterBeam, an MSP/ASP, and was responsible for the entire SaaS Product Line. There, he was responsible for driving CenterBeam's most advanced and innovative offerings and for developing strategies to bridge the gap between traditional on-premise services and Cloud. Known for his ability to address a prospect’s needs in a language they can understand, Michael was instrumental in bringing dynamic and productivity-enhancing solutions to the marketplace. In addition to his role at RiverMeadow, Michael teaches technology classes to companies throughout the bay.