Skip to main content

EC2: The Backbone of Cloud Computing

What is EC2?​

Amazon Elastic Compute Cloud (EC2) is a web service that provides resizable compute capacity in the cloud. In simpler terms, EC2 allows you to launch virtual servers, known as instances, in the AWS cloud that you can resize as needed.

Note

Think of EC2 as similar to your personal devices (like laptops or desktops) but owned and managed by Amazon. It’s like having your own computer that you can access from anywhere in the world, but you don’t have to worry about the physical hardware.

Instances, servers, machines, EC2β€”they all refer to the same thing. From now on, I'll use these terms interchangeably.

Key Components of EC2​

Understanding the main components of EC2 will help you make the most out of this powerful service. Let’s break it down into simple, relatable terms.

Regions: The Geographic Foundation​

A Region is a geographical area where AWS has multiple data centers (think of them as huge buildings filled with computers). Each AWS Region is isolated and independent of others, which means if one Region has an issue, others are unaffected. This setup provides reliability and stability.

  • Examples of regions: us-east-1 (Northern Virginia), eu-west-1 (Ireland), ap-south-1 (Mumbai).

  • Why it matters: You choose a Region based on factors like data residency requirements (where your data is legally required to be stored), cost, and how close it is to your users to minimize delay.

Availability Zones (AZ): Ensuring Resilience​

An Availability Zone is like a separate data center within a Region. Each AZ is independent, with its own power supply, cooling, and networking, ensuring that a problem in one AZ doesn't affect others.

  • High Availability: By spreading instances across multiple AZs, your application can stay online even if one data center fails.

  • Low Latency: Keeping resources close together (in the same AZ) can reduce delays, which is crucial for performance-sensitive applications.

AMI (Amazon Machine Image): The Blueprint for Your Instances​

An Amazon Machine Image (AMI) is like a blueprint or template for creating your EC2 instances. It’s pre-configured with the operating system and software you need.

Just like a new computer can come with just an operating system or with additional software (like Microsoft Office), an AMI can include:

  • Operating System (like Windows, Linux)

  • Installed Software (like web servers, databases)

  • Configuration Settings

Prebuilt AMIs are available for different use cases. You can also create custom AMIs tailored to your specific needs.

Instance Types: Matching Resources to Your Needs​

Different tasks require different types of computing power. AWS offers a variety of instance types, each optimized for different tasks:

Instance TypeDescriptionNaming ConventionUse Case
Compute OptimizedHigh processing power for compute-intensive tasks.cRunning a high-performance web server or batch processing jobs.
Memory OptimizedOptimized for tasks that require a lot of memory.r, x, uRunning a large in-memory database or real-time big data processing.
Storage OptimizedHigh I/O performance, ideal for storage-heavy tasks.i, d, hManaging a high-transaction database or big data analytics.
General PurposeBalanced compute, memory, and networking resources.t, mHosting a low-traffic website or development environment.
Accelerated ComputingIncludes GPU for high-performance graphics or machine learning.p, g, fTraining a machine learning model or handling video processing.

EBS (Elastic Block Store): Persistent Storage for Your Instances​

Amazon Elastic Block Store (EBS) is like a hard drive that you can attach to your EC2 instances. It's durable, scalable, and can be used to store data that persists even after the instance is stopped or terminated.

  • General Purpose SSD (gp3 and gp2): Offers a good balance of price and performance, suitable for most applications.

  • Provisioned IOPS SSD (io2 and io1): Provides high input/output operations per second (IOPS), ideal for databases requiring fast, consistent performance.

  • Throughput Optimized HDD (st1): Optimized for streaming large datasets or big data analytics.

  • Cold HDD (sc1): Low-cost option for less frequently accessed data storage.

Key Pairs: Secure Access to Your Instances​

AWS uses a key pair system to ensure that only authorized users can access your instances. This is like having a lock and key for your virtual servers.

  • AWS keeps the public key.

  • You keep the private key on your local device, which is needed to securely connect (SSH) to your instances.

User Data​

User Data in Amazon EC2 allows you to run scripts and perform automated tasks when an instance starts.

Example: Setting up a web server when the instance starts

Script
#!/bin/bash
sudo apt-get update
sudo apt-get install -y apache2
echo "<html><body><h1>Hello, World from EC2!</h1></body></html>" | sudo tee /var/www/html/index.html
sudo systemctl start apache2
sudo systemctl enable apache2

In this script:

  • The Apache2 web server is installed.

  • An HTML file is created in the web server's directory.

  • The web server is started and set to start automatically on boot.

These scripts can be written in the User Data section to automate setup tasks, saving us from having to log in and manually run commands.

Security Groups: Controlling Traffic​

Security groups act like a virtual firewall for your EC2 instances, controlling incoming and outgoing traffic based on defined rules.

Rule TypePort/ProtocolDescriptionAllowed IPs
HTTPSPort 443Allows secure web traffic (HTTPS) to your instance.0.0.0.0/0 (accessible from anywhere on the internet)
SSHPort 22Allows secure SSH access, usually restricted to specific IP addresses for security.Specific IP address or range (e.g., 203.0.113.1/32)
HTTPPort 80Allows standard web traffic (HTTP) to your instance.0.0.0.0/0 (accessible from anywhere on the internet)

VPC & Subnets: Organizing Your Network​

A Virtual Private Cloud (VPC) is like your own private network within AWS. Subnets are smaller networks within your VPC that allow you to organize your resources more effectively.

  • VPC: Your private, isolated section of the AWS cloud where you can launch AWS resources in a virtual network.

  • Subnets: Smaller divisions within your VPC, used to organize resources based on security or performance needs.

For a more detailed exploration, check out VPC & Subnets.

ACL (Access Control List): An Extra Layer of Security​

Access Control Lists (ACLs) provide an additional layer of security by controlling inbound and outbound traffic at the subnet level. They act as a firewall for controlling traffic in and out of one or more subnets.

FeatureACLsSecurity Groups
StatefulnessStateless (requires explicit rules for both inbound and outbound traffic)Stateful (automatically allows return traffic for allowed inbound requests)
ScopeOperates at the subnet levelOperates at the instance level
RulesAllows or denies traffic based on rules for inbound and outbound separatelyAllows or denies traffic based on rules for inbound and outbound as part of the same group

Auto Scaling Groups: Keeping Up with Demand​

Auto Scaling Groups ensure that the number of Amazon EC2 instances increases seamlessly during demand spikes to maintain performance, and decreases automatically during demand lulls to minimize costs.

  • Launch Configuration: Specifies the AMI, instance type, key pair, security groups, and other settings for the instances.

  • Scaling Policies: Define how and when the Auto Scaling Group should add or remove instances:

    • Dynamic Scaling: Responds to real-time demand, such as increasing CPU usage.

    • Predictive Scaling: Anticipates needs based on historical data, allowing proactive scaling.

    • Scheduled Scaling: Adjusts instance counts based on a schedule (e.g., scaling up during business hours).

  • Scaling Triggers: CloudWatch Alarms monitor key metrics and trigger scaling activities.