Getting Started with AWS
Martin Elwin
Compute
Vertical Scaling
From $0.02/hr
Elastic Compute Cloud (EC2)
Basic unit of compute capacity
Range of CPU, memory & l...
256
128
64
32
16
8
4
2
1
1 2 4 8 16 32 64 128 256
EC2 instance types
High I/O 4XL 60.5 GB
35 EC2 Compute Units
16 virtual ...
EC2 instance types
EC2 Compute Units
Memory(GB)
Special
Storage
Light
Spiky
AMI
Amazon Machine
Image
Instance
Running or
Stopped
machine
AZ Availability Zone
S3
EBS EBS EBS EBS EBS EBS
EBS
Snapshots...
5 steps to getting
started
1 2 3 4 5
Sign up:
aws.amazon.com
1 2 3 4 5
Sign up
1 2 3 4 5
Sign up
1 2 3 4 5
Sign up
1 2 3 4 5
Sign up
You will need
Credit card information – you won’t pay unless you use resources
A telephone – on which to...
1 2 3 4 5
Sign up
You will need
Best practice
Setup billing alerts so you can be notified when levels of spend are
reached...
1 2 3 4 5
Sign up
750 hours of Amazon EC2 Linux/RedHat/Suse Micro Instance usage
750 hours of Amazon EC2 Microsoft Windows...
1 2 3 4 5
Sign up
1 2 3 4 5
Sign up
Create IAM users
IAM users
1 2 3 4 5
Sign up IAM users
Identity and Access Management:
Securely control access to AWS
services and resources for your...
1 2 3 4 5
Sign up IAM users
Account owner
Access to all subscribed services
Access to billing reports
Access to console, R...
1 2 3 4 5
Sign up IAM users
Account owner
Access to all subscribed services
Access to billing reports
Access to console, R...
1 2 3 4 5
Sign up IAM users
Account
Administrators Developers Applications
Bob
Kevin
Tomcat
Jim Brad
Mark
Susan
Reporting
...
1 2 3 4 5
Sign up IAM users
Account
Administrators Developers Applications
Bob
Kevin
Tomcat
Jim Brad
Mark
Susan
Reporting
...
AWS system entitlements
Roles
1 2 3 4 5
Sign up IAM users
Account
Administrators Developers Applications
Bob
Kevin
Tomcat
...
1 2 3 4 5
Sign up IAM users
{
"Statement": [
{
"Effect": "Allow",
"Action": [
"elasticbeanstalk:*",
"ec2:*",
"elasticloadb...
1 2 3 4 5
Sign up IAM users
1 2 3 4 5
Sign up IAM users
Generate a key pair
Key pairs
1 2 3 4 5
Sign up IAM users Key pairs
Public Key
Inserted by Amazon into each
EC2 instance that you launch
Private Key
Dow...
1 2 3 4 5
Sign up IAM users Key pairs
Public Key
Inserted by Amazon into each
EC2 instance that you launch
Private Key
Dow...
1 2 3 4 5
Sign up IAM users Key pairs
AWS generated keys
Import your own keys
Select your region
Create keys
Give them a n...
1 2 3 4 5
Sign up IAM users Key pairs
ssh –I eu-west.pem
ec2-user@publicdns.amazonaws.com
1. Linux Launch (First Boot)
2. ...
1 2 3 4 5
Sign up IAM users Key pairs
ssh –I eu-west.pem
ec2-user@publicdns.amazonaws.com
1. Linux Launch (First Boot)
2. ...
1 2 3 4 5
Sign up IAM users Key pairs
ssh –I eu-west.pem
ec2-user@publicdns.amazonaws.com
1. Linux Launch (First Boot)
2. ...
1 2 3 4 5
Sign up IAM users Key pairs
1. Windows Launch (First Boot Sequence)
2. Public Key made available through metadat...
1 2 3 4 5
Sign up IAM users Key pairs
Keep
secure
Do not
share
Rotate Need to
know
1 2 3 4 5
Sign up IAM users Key pairs
1 2 3 4 5
Sign up IAM users Key pairs Launch
Launch an instance
1 2 3 4 5
Sign up IAM users Key pairs Launch
Region
Regions
Region
US-WEST (N.
California) EU-WEST (Ireland)
ASIA PAC
(Tokyo)
ASIA PAC
(Singapore)
US-WEST (Oregon)
SOUTH AMER...
1 2 3 4 5
Sign up IAM users Key pairs Launch
Wizard
1 2 3 4 5
Sign up IAM users Key pairs Launch
Choose
key pair
1 2 3 4 5
Sign up IAM users Key pairs Launch
Choose
machine
image
1 2 3 4 5
Sign up IAM users Key pairs Launch
What’s this?
1 2 3 4 5
Sign up IAM users Key pairs Launch
Security groups
Security
Group
EC2 Classic EC2 VPC (virtual private cloud)
In...
1 2 3 4 5
Sign up IAM users Key pairs Launch
Launch!
1 2 3 4 5
Sign up IAM users Key pairs Launch
1 2 3 4 5
Sign up IAM users Key pairs Launch
Instance
DNS name
1 2 3 4 5
Sign up IAM users Key pairs Launch
Instance
DNS nameKey file EC2 Linux
username
1 2 3 4 5
Sign up IAM users Key pairs Launch
1 2 3 4 5
Sign up IAM users Key pairs Launch
sudo yum -y install httpd
sudo chkconfig httpd on
sudo /etc/init.d/httpd star...
1 2 3 4 5
Sign up IAM users Key pairs Launch
Added port 80
to group
Security
groups
Open our security group
1 2 3 4 5
Sign up IAM users Key pairs Launch
Test it by hitting the public DNS name of
the instance
1 2 3 4 5
Sign up IAM users Key pairs Launch
1 2 3 4 5
Sign up IAM users Key pairs Launch
Create an image
Image
1 2 3 4 5
Sign up IAM users Key pairs Launch Image
Makes a snapshot of the instance
Creates an image that is private to yo...
1 2 3 4 5
Sign up IAM users Key pairs Launch Image
Create
image
1 2 3 4 5
Sign up IAM users Key pairs Launch Image
Name it
and
create
1 2 3 4 5
Sign up IAM users Key pairs Launch Image
Your
AMI
1 2 3 4 5
Sign up IAM users Key pairs Launch Image
…and
launch a
new
instance
from the
AMI
1 2 3 4 5
Sign up IAM users Key pairs Launch Image
Next Steps
Elastic Load Balancing
Create highly scalable applications
Distribute load across EC2 instances in
multiple ava...
Next Steps
aws.amazon.com
get started with the free tier
Upcoming SlideShare
Loading in …5
×

AWS Summit Nordics - Getting Started With AWS

729
-1

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
729
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
31
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

AWS Summit Nordics - Getting Started With AWS

  1. 1. Getting Started with AWS Martin Elwin
  2. 2. Compute Vertical Scaling From $0.02/hr Elastic Compute Cloud (EC2) Basic unit of compute capacity Range of CPU, memory & local disk options 18 Instance types available, from micro to cluster compute Feature Details Flexible Run Windows or Linux distributions Scalable Wide range of instance types from micro to cluster compute Machine Images Configurations can be saved as machine images (AMIs) from which new instances can be created Full control Full root or administrator rights Secure Full firewall control via Security Groups Monitoring Publishes metrics to Cloud Watch Inexpensive On-demand, Reserved and Spot instance types VM Import/Export Import and export VM images to transfer configurations in and out of EC2
  3. 3. 256 128 64 32 16 8 4 2 1 1 2 4 8 16 32 64 128 256 EC2 instance types High I/O 4XL 60.5 GB 35 EC2 Compute Units 16 virtual cores 2*1024 GB SSD-based local instance storage Memory(GB) Small 1.7 GB, 1 EC2 Compute Unit 1 virtual core Micro 613 MB Up to 2 ECUs (for short bursts) Large 7.5 GB 4 EC2 Compute Units 2 virtual cores Hi-Mem XL 17.1 GB 6.5 EC2 Compute Units 2 virtual cores Hi-Mem 2XL 34.2 GB 13 EC2 Compute Units 4 virtual cores Hi-Mem 4XL 68.4 GB 26 EC2 Compute Units 8 virtual cores High-CPU Med 1.7 GB 5 EC2 Compute Units 2 virtual cores High-CPU XL 7 GB 20 EC2 Compute Units 8 virtual cores Medium 3.7 GB, 2 EC2 Compute Units 1 virtual core M3 XL 15 GB 13 EC2 Compute Units 4 virtual cores EBS storage only M3 2XL 30 GB 26 EC2 Compute Units 8 virtual cores EBS storage only Extra Large 15 GB 8 EC2 Compute Units 4 virtual cores Cluster GPU 4XL 22 GB 33.5 EC2 Compute Units, 2 x NVIDIA Tesla “Fermi” M2050 GPUs Cluster Compute 4XL 23 GB 33.5 EC2 Compute Units Cluster Compute 8XL 60.5 GB 88 EC2 Compute Units High Storage 8XL 117 GB 35 EC2 Compute Units, 24 * 2 TB ephemeral drives 10 GB Ethernet Hi-Mem Cluster Compute 8XL 244 GB 88 EC2 Compute Units 16 virtual cores 240 GB SSD EC2 Compute Units
  4. 4. EC2 instance types EC2 Compute Units Memory(GB) Special Storage Light Spiky
  5. 5. AMI Amazon Machine Image Instance Running or Stopped machine AZ Availability Zone S3 EBS EBS EBS EBS EBS EBS EBS Snapshots S3 Buckets Region EC2 terminology
  6. 6. 5 steps to getting started 1 2 3 4 5
  7. 7. Sign up: aws.amazon.com 1 2 3 4 5 Sign up
  8. 8. 1 2 3 4 5 Sign up
  9. 9. 1 2 3 4 5 Sign up
  10. 10. 1 2 3 4 5 Sign up You will need Credit card information – you won’t pay unless you use resources A telephone – on which to receive an automated security call
  11. 11. 1 2 3 4 5 Sign up You will need Best practice Setup billing alerts so you can be notified when levels of spend are reached If you have existing accounts, consider using consolidated billing to bring them together under one payment Credit card information – you won’t pay unless you use resources A telephone – on which to receive an automated security call
  12. 12. 1 2 3 4 5 Sign up 750 hours of Amazon EC2 Linux/RedHat/Suse Micro Instance usage 750 hours of Amazon EC2 Microsoft Windows Server Micro Instance usage 750 hours of an Elastic Load Balancer 30 GB of Amazon Elastic Block Storage 5 GB of Amazon S3 standard storage 100 MB of storage, 5 units of write capacity, and 10 units of read capacity for Amazon DynamoDB* 25 Amazon SimpleDB Machine Hours and 1 GB of Storage 1,000 Amazon SWF workflow executions* 1,000,000 Requests of Amazon Simple Queue Service* 1,000,000 Requests, 100,000 HTTP and 1,000 email notifications for Amazon Simple Notification Service* 10 Amazon CloudWatch metrics, 10 alarms, and 1,000,000 API requests* 15 GB of bandwidth out aggregated across all AWS services 750 hours of Amazon RDS for SQL Server Micro DB Instance usage 20 GB of RDS database storage 10 million RDS I/Os 20 GB of backup storage for your automated RDS database backups and any user-initiated DB Snapshots 20 minutes of SD transcoding or 10 minutes of HD transcoding in Amazon Elastic Transcoder* Free tier http://aws.amazon.com/free/
  13. 13. 1 2 3 4 5 Sign up
  14. 14. 1 2 3 4 5 Sign up Create IAM users IAM users
  15. 15. 1 2 3 4 5 Sign up IAM users Identity and Access Management: Securely control access to AWS services and resources for your users
  16. 16. 1 2 3 4 5 Sign up IAM users Account owner Access to all subscribed services Access to billing reports Access to console, REST and SOAP APIs IAM users/groups Access to specific services Access to console and/or REST APIs and/or SOAP APIs
  17. 17. 1 2 3 4 5 Sign up IAM users Account owner Access to all subscribed services Access to billing reports Access to console, REST and SOAP APIs IAM users/groups Access to specific services Access to console and/or REST APIs and/or SOAP APIs Master user account – owns payment method Regular users
  18. 18. 1 2 3 4 5 Sign up IAM users Account Administrators Developers Applications Bob Kevin Tomcat Jim Brad Mark Susan Reporting Console
  19. 19. 1 2 3 4 5 Sign up IAM users Account Administrators Developers Applications Bob Kevin Tomcat Jim Brad Mark Susan Reporting Console Multi-factor authentication Groups
  20. 20. AWS system entitlements Roles 1 2 3 4 5 Sign up IAM users Account Administrators Developers Applications Bob Kevin Tomcat Jim Brad Mark Susan Reporting Console
  21. 21. 1 2 3 4 5 Sign up IAM users { "Statement": [ { "Effect": "Allow", "Action": [ "elasticbeanstalk:*", "ec2:*", "elasticloadbalancing:*", "autoscaling:*", "cloudwatch:*", "s3:*", "sns:*" ], "Resource": "*" } ] } Policy driven Declarative definition of rights for groups Policies control access to AWS APIs
  22. 22. 1 2 3 4 5 Sign up IAM users
  23. 23. 1 2 3 4 5 Sign up IAM users Generate a key pair Key pairs
  24. 24. 1 2 3 4 5 Sign up IAM users Key pairs Public Key Inserted by Amazon into each EC2 instance that you launch Private Key Downloaded and stored by you Standard SSH RSA Key pair Public/Private Keys Public key provided by AWS to EC2 instance for secure, personalized, initial, non-generic access Supports NIST and other security standards for providing non-default user access Instance key pairs EC2 Instance Comms secured with private key
  25. 25. 1 2 3 4 5 Sign up IAM users Key pairs Public Key Inserted by Amazon into each EC2 instance that you launch Private Key Downloaded and stored by you Instance key pairs EC2 Instance Comms secured with private key Private keys are not stored by AWS Standard SSH RSA Key pair Public/Private Keys Public key provided by AWS to EC2 instance for secure, personalized, initial, non-generic access Supports NIST and other security standards for providing non-default user access
  26. 26. 1 2 3 4 5 Sign up IAM users Key pairs AWS generated keys Import your own keys Select your region Create keys Give them a name Private key is generated and downloaded by your browser immediately Create 1 key pair for all resources or as many as you like (e.g 1 per server type) You supply only the public key to AWS
  27. 27. 1 2 3 4 5 Sign up IAM users Key pairs ssh –I eu-west.pem ec2-user@publicdns.amazonaws.com 1. Linux Launch (First Boot) 2. Public Key made available through metadata 3. Instance initialization scripts insert public key into ~/.ssh/authorized_keys 4. User connects with SSH using their Private Key
  28. 28. 1 2 3 4 5 Sign up IAM users Key pairs ssh –I eu-west.pem ec2-user@publicdns.amazonaws.com 1. Linux Launch (First Boot) 2. Public Key made available through metadata 3. Instance initialization scripts insert public key into ~/.ssh/authorized_keys 4. User connects with SSH using their Private Key You can’t log into a Linux instance without key
  29. 29. 1 2 3 4 5 Sign up IAM users Key pairs ssh –I eu-west.pem ec2-user@publicdns.amazonaws.com 1. Linux Launch (First Boot) 2. Public Key made available through metadata 3. Instance initialization scripts insert public key into ~/.ssh/authorized_keys 4. User connects with SSH using their Private Key Don’t lose it
  30. 30. 1 2 3 4 5 Sign up IAM users Key pairs 1. Windows Launch (First Boot Sequence) 2. Public Key made available through metadata 3. Windows runs Sysprep (reboots) 4. Instance initialization scripts: a) Creates a random Administrator password b) Encrypts random password with Public Key c) Reports encrypted password to Windows System Log 5. User retrieves the encrypted password and decrypts it with their Private Key (using AWS Console or API Call)
  31. 31. 1 2 3 4 5 Sign up IAM users Key pairs Keep secure Do not share Rotate Need to know
  32. 32. 1 2 3 4 5 Sign up IAM users Key pairs
  33. 33. 1 2 3 4 5 Sign up IAM users Key pairs Launch Launch an instance
  34. 34. 1 2 3 4 5 Sign up IAM users Key pairs Launch Region
  35. 35. Regions Region US-WEST (N. California) EU-WEST (Ireland) ASIA PAC (Tokyo) ASIA PAC (Singapore) US-WEST (Oregon) SOUTH AMERICA (Sao Paulo) US-EAST (Virginia) GOV CLOUD ASIA PAC (Sydney)
  36. 36. 1 2 3 4 5 Sign up IAM users Key pairs Launch Wizard
  37. 37. 1 2 3 4 5 Sign up IAM users Key pairs Launch Choose key pair
  38. 38. 1 2 3 4 5 Sign up IAM users Key pairs Launch Choose machine image
  39. 39. 1 2 3 4 5 Sign up IAM users Key pairs Launch What’s this?
  40. 40. 1 2 3 4 5 Sign up IAM users Key pairs Launch Security groups Security Group EC2 Classic EC2 VPC (virtual private cloud) Inbound only Inbound and outbound TCP, UDP, ICMP only Any protocol Assigned at launch Assigned at launch or when running Modify anytime Modify anytime instance Port 80 (HTTP) Port 22 (SSH) Name Description Protocol Port range IP Address, range, or another security group
  41. 41. 1 2 3 4 5 Sign up IAM users Key pairs Launch Launch!
  42. 42. 1 2 3 4 5 Sign up IAM users Key pairs Launch
  43. 43. 1 2 3 4 5 Sign up IAM users Key pairs Launch Instance DNS name
  44. 44. 1 2 3 4 5 Sign up IAM users Key pairs Launch Instance DNS nameKey file EC2 Linux username
  45. 45. 1 2 3 4 5 Sign up IAM users Key pairs Launch
  46. 46. 1 2 3 4 5 Sign up IAM users Key pairs Launch sudo yum -y install httpd sudo chkconfig httpd on sudo /etc/init.d/httpd start Let’s install something Install apache web server Set it to run as a service Start the web server
  47. 47. 1 2 3 4 5 Sign up IAM users Key pairs Launch Added port 80 to group Security groups Open our security group
  48. 48. 1 2 3 4 5 Sign up IAM users Key pairs Launch Test it by hitting the public DNS name of the instance
  49. 49. 1 2 3 4 5 Sign up IAM users Key pairs Launch
  50. 50. 1 2 3 4 5 Sign up IAM users Key pairs Launch Create an image Image
  51. 51. 1 2 3 4 5 Sign up IAM users Key pairs Launch Image Makes a snapshot of the instance Creates an image that is private to you Saves time in deployments and system setup
  52. 52. 1 2 3 4 5 Sign up IAM users Key pairs Launch Image Create image
  53. 53. 1 2 3 4 5 Sign up IAM users Key pairs Launch Image Name it and create
  54. 54. 1 2 3 4 5 Sign up IAM users Key pairs Launch Image Your AMI
  55. 55. 1 2 3 4 5 Sign up IAM users Key pairs Launch Image …and launch a new instance from the AMI
  56. 56. 1 2 3 4 5 Sign up IAM users Key pairs Launch Image
  57. 57. Next Steps Elastic Load Balancing Create highly scalable applications Distribute load across EC2 instances in multiple availability zones Auto Scaling Automatic re-sizing of compute clusters based upon demand Relational Database Service Database-as-a-Service No need to install or manage database instances Scalable and fault tolerant configurations
  58. 58. Next Steps
  59. 59. aws.amazon.com get started with the free tier

×