Amazon Elastic Compute Cloud (Amazon EC2) provides resizable compute capacity in the cloud and is often the starting point for your first week using AWS. This session will introduce these concepts, along with the fundamentals of EC2, by employing an agile approach that is made possible by the cloud. Attendees will experience the reality of what a first week on EC2 looks like from the perspective of someone deploying an actual application on EC2. You will follow them as they progress from deploying their entire application from an EC2 AMI on day 1 to more advanced features and patterns available in EC2 by day 5. Throughout the process we will identify cloud best practices that can be applied to your first week on EC2 and beyond.

1. Ryan Shuttleworth, Technical Evangelist
Your first week with EC2
(and other AWS things…)

2. things you should know/think about up front
some best practices for getting started
essential technologies to dive into and get familiar with
architectural principles you should immerse yourself in
What are we going to cover?
Your first 5 days with EC2…

3. hear a ‘looking back at our first year’ customer story
compressed into 5 days
What are we going to cover?
Your first 5 days with EC2…

4. organise your
house1DAY

5. Users & Roles
Start as you mean to go on
Secure your console with IAM
roles
A little time spent now will save
headaches later

6. Users & Roles
Start as you mean to go on
Secure your console with IAM
roles
A little time spent now will save
headaches later
Accounts & Billing
Create a structure that makes sense
Dev & Test accounts vs production
Consolidated billing
Resource tagging

7. Master Account
aws.invoices@mycompany.com

8. Division B
admin@divisionB.com
User2
Dev2
Admin2
IAM
Master Account
aws.invoices@mycompany.com
consolidated billing information

9. Division B
admin@divisionB.com
User2
Dev2
Admin2
IAM
Tags:
Own=Div
Proj=P
Tags:
Own=Div
Proj=Q
Tags:
Own=Div
Proj=R
Master Account
aws.invoices@mycompany.com
consolidated billing information Tags: (key-
value)
e.g Own=Div
Proj=R

10. Operating Co. A
admin@opcoa.com
User1
Dev1
Admin1
IAM
Tags:
Own=OpCo
Proj=A
Tags:
Own=OpCo
Proj=B
Tags:
Own=OpCo
Proj=C
Division B
admin@divisionB.com
User2
Dev2
Admin2
IAM
Tags:
Own=Div
Proj=P
Tags:
Own=Div
Proj=Q
Tags:
Own=Div
Proj=R
Business Unit C
admin@busUnitC.com
User3
Dev3
Admin3
IAM
Tags:
Own=BusC
Proj=X
Tags:
Own=BusC
Proj=Y
Tags:
Own=BusC
Proj=Z
Master Account
aws.invoices@mycompany.com
consolidated billing information

11. Operating Co. A
admin@opcoa.com
User1
Dev1
Admin1
IAM
Tags:
Own=OpCo
Proj=A
Tags:
Own=OpCo
Proj=B
Tags:
Own=OpCo
Proj=C
Division B
admin@divisionB.com
User2
Dev2
Admin2
IAM
Tags:
Own=Div
Proj=P
Tags:
Own=Div
Proj=Q
Tags:
Own=Div
Proj=R
Business Unit C
admin@busUnitC.com
User3
Dev3
Admin3
IAM
Tags:
Own=BusC
Proj=X
Tags:
Own=BusC
Proj=Y
Tags:
Own=BusC
Proj=Z
Master Account
aws.invoices@mycompany.com
consolidated billing information

12. Master Account
aws.invoices@mycompany.com
consolidated billing information
Programmatic billing access
S3 CSV
Operating Co. A
admin@opcoa.com
User1
Dev1
Admin1
IAM
Tags:
Own=OpCo
Proj=A
Tags:
Own=OpCo
Proj=B
Tags:
Own=OpCo
Proj=C
Division B
admin@divisionB.com
User2
Dev2
Admin2
IAM
Tags:
Own=Div
Proj=P
Tags:
Own=Div
Proj=Q
Tags:
Own=Div
Proj=R
Business Unit C
admin@busUnitC.com
User3
Dev3
Admin3
IAM
Tags:
Own=BusC
Proj=X
Tags:
Own=BusC
Proj=Y
Tags:
Own=BusC
Proj=Z

13. Operating Co. A
admin@opcoa.com
User1
Dev1
Admin1
IAM
Tags:
Own=OpCo
Proj=A
Tags:
Own=OpCo
Proj=B
Tags:
Own=OpCo
Proj=C
Division B
admin@divisionB.com
User2
Dev2
Admin2
IAM
Tags:
Own=Div
Proj=P
Tags:
Own=Div
Proj=Q
Tags:
Own=Div
Proj=R
Business Unit C
admin@busUnitC.com
User3
Dev3
Admin3
IAM
Tags:
Own=BusC
Proj=X
Tags:
Own=BusC
Proj=Y
Tags:
Own=BusC
Proj=Z
Master Account
aws.invoices@mycompany.com
consolidated billing information
Programmatic billing access
S3 CSV

14. Secrets & Keys

15. Secrets & Keys
Your front door keys

16. Secrets & Keys
Your front door keys
Control access to
your instances
Key management
strategy

17. Secrets & Keys
Control access to
your APIs
Your front door keys
Use IAM Roles to
distribute to instances
Control access to
your instances
Key management
strategy

18. learn the
basics2DAY

19. What is EC2?
Elastic capacity Flexible
Complete control
Reliable
Inexpensive
Secure

20. Disposable compute

21. Instance

22. Instance Unit of scale
Unit of resilience
Unit of control

23. Instance Unit of scale
Unit of resilience
Unit of control
Your stack

24. Instance
Instance
Instance
Instance
Unit of scale
Unit of resilience
Unit of control
Scaleout

25. Instance
Instance
Instance
Instance
Unit of scale
Unit of resilience
Unit of control

26. Instance
Instance
Instance
Unit of scale
Unit of resilience
Unit of control

27. Instance
Instance
Instance
Unit of scale
Unit of resilience
Unit of control
Instance

28. Think differently
Compute is transient

29. Programmatic
resources
Treat your datacentre
resources like code

30. Distributed
systems
Programmatic
resources
Design for decoupled
systems up front
Treat your datacentre
resources like code

31. Late binding
Distributed
systems
Programmatic
resources
Decide what it will
run on at point of
deployment
Design for decoupled
systems up front
Treat your datacentre
resources like code

32. go wild with
tools3DAY

33. Compute
Storage
Security Scaling
Database
Networking
Monitoring
Messaging
Workflow
DNS
Load Balancing
BackupCDN
Access everything
via CLI, API or
Console
Achieve the highest levels
of automation
sophistication with ease
Everything is programmable

34. ec2-run-instances ami-54cf5c3d
--instance-count 2
--group webservers
--key mykey
--instance-type m1.small
$>

35. >>> import boto.ec2
>>> conn = boto.ec2.connect_to_region("us-east-1")
>>> conn.run_instances(
'ami-54cf5c3d',
key_name='mykey',
instance_type='m1.small',
security_groups=['webservers'])

36. Resources created programmatically

37. Resources created programmatically
Configure automatically

38. Bake an AMI
Start an instance
Configure the
instance
Create an AMI from
your instance
Start new ones from
the AMI
Bootstrapping

39. Bake an AMI
Start an instance
Configure the
instance
Create an AMI from
your instance
Start new ones from
the AMI
Bootstrapping
ec2-run-instances
<your ami-id>
$>

40. Bake an AMI Configure dynamically
Start an instance
Configure the
instance
Create an AMI from
your instance
Start new ones from
the AMI
Bootstrapping
Launch an instance
Use metadata service
and cloud-init to
perform actions on
instance when it
launches
vs
Bootstrapping

41. Bake an AMI
Build your base
images and setup
custom initialisation
scripts
Maintain your ‘golden’
base
Bootstrapping
Use bootstrapping to
pass custom
information in and
perform post launch
tasks like pulling
code from SVN
+
Bootstrapping
Configure dynamically

42. Bake an AMI
Bootstrapping
Time consuming configuration
(e.g startup time)
Static configurations
(e.g less change management)
Bootstrapping
Configure dynamically

43. Bake an AMI
Bootstrapping
Continuous deployment
(e.g latest code)
Environment specific
(e.g dev-test-prod)
Bootstrapping
Configure dynamically

44. Goal is bring an instance up in a
useful state
The balance will vary depending upon your
application

45. Instance
request
User
data

46. Instance
request
User
data
Meta-data
service

47. Instance
request
User
data
Instance
Meta-data
service

48. #!/bin/sh
yum -y install httpd php mysql php-mysql
chkconfig httpd on
/etc/init.d/httpd start
Shell script in user-data will be executed on launch:

49. Amazon Windows EC2Config Service executes user-
data on launch:
<script>dir > c:test.log</script>
<powershell>any command that you can run</powershell>
<powershell>
Read-S3Object -BucketName myS3Bucket
-Key myFolder/myFile.zip
-File c:destinationFile.zip
</powershell>
AWS Powershell Tools

50. Why do this?
Automation
Less fingers, less mistakes
Availability
Drive higher
availability with
self-healing
Security
Instances
locked down by
default
Flexible
Shell,
Powershell,
CloudFormation
,Chef, Puppet,
OpsWorks
Scale
Manage large scale
deployments and drive
autoscaling
Efficiency
Audit and manage
your estate with
less time & effort

51. try something
new4DAY

52. Unconstrained
EC2 resources

53. Unconstrained
Complimentary services

54. My little instance
(created programmatically)

55. A bit of S3 code
(pulled down automatically from S3)
>>> from boto.s3.key import Key
>>> k = Key(bucket)
>>> k.key = 'foobar'
>>> k.set_contents_from_string('This is a test of S3')
My little instance
(created programmatically)

56. A bit of S3 code
(installed automatically)
>>> from boto.s3.key import Key
>>> k = Key(bucket)
>>> k.key = 'foobar'
>>> k.set_contents_from_string('This is a test of S3')
My little instance
(created programmatically)
UNLIMITED storage
from my little instance

57. Services instead of software
Removes undifferentiated heavy lifting

58. Services instead of software
Removes undifferentiated heavy lifting
S3 for object storage
SQS for queues
RDS for databases
CloudWatch for monitoring

59. put something
together5DAY

60. 1. Use multiple
availability zones

61. 2. Use RDS with replicas
and slaves

62. 3. Use auto-scaling
groups

63. 4. Use Elastic Load
Balancing

64. 5. Use Route53 to host
DNS zones

65. Find out more about model architectures in:
Building Web Scale Applications session

66. Get set up right from the start
Understand programmable compute
Use the tools and have a play
Explore the services beyond EC2
Build something! (you can always throw it away)
Summary
Lessons learned…
aws.typepad.com

67. Thank you