Basics ofAmazon Web Services (AWS)PREPARED BY:Piyush AgrawalSr. Server AdministratorEbizon Netinfo Pvt. Ltd.
What is Amazon Web Services (AWS)?• A virtual platform on Clouds:• Provides a robust, scalable and affordable infrastructure for cloudcomputing• AWS cloud computing model allows you to pay for services on-demand• Amazon Web Services (AWS) delivers a set of services that togetherform a reliable, scalable, and inexpensive computing platform “in thecloud”
What is Cloud Computing?What is Cloud Computing?• Its a Service over the Internet, which provide flexible, secure, and costeffective IT infrastructure• Computing Resources like hardware and Software can be delivered as aservice.• Cloud based applications are accessible through a web-browser or desktop• Reduced upfront cost of IT Infrastructure• Improved Manageability & less Maintenance
Why Amazon Web Services (AWS)?• Flexible, Cost-Effective, Scalable, and easy-to-use cloud computing platform• Provides AWS cloud services which can be easily accessible via theInternet.• Service On Demand and pay for only what you use.• Variety of Services like EC2, S3 etc.• Instant Scalability with full control over the machine
ChallengesThere are few limitations as well:• No dedicated technical support, though free forums and paid support isavailable.• Also AWS have a vast online documentation for any technical support.– Online Documentation: http://docs.aws.amazon.com/– AWS Blogs: http://aws.typepad.com/
Get StartedAmazon Ec2 is a web service that provide resizable computing capacity inthe cloud.To get started using Amazon Elastic Compute Cloud (Amazon EC2) Linuxinstances, we need to do:1. Sign-Up for Amazon EC22. Launch an EC2 Instance3. Connect to the Instance4. Explore the Instance5. Clean UP
Sign UP at Amazon• Create an AWS account, if you havent done so already.• Once you create an AWS account, AWS automatically signs up the accountfor all AWS services, including Amazon EC2.• To create an AWS account1. Go to http://aws.amazon.com and click Sign Up Now.2. Follow the on-screen instructions.
Amazon AMIs• An AMI is a template of machines root volume, contains information to bootan EC2 instance.• Any number of instances can be launched by a single AMI.• Amazon provides large number of public AMIs and for no cost.
Launch an Amazon EC2 Instance (Part1)• An instance is a virtual server in the Cloud.• Sign in to the AWS Management Console and open the Amazon EC2console at https://console.aws.amazon.com/ec2/.• From the navigation bar, select the region for the instance.
Launch an Amazon EC2 Instance (Part-2)From the Amazon EC2 console dashboard, click Launch Instance.The Create a New Instance page includes these ways to launch aninstance:• The Classic Wizard offers you precise control and advanced settings forconfiguring your instance.• The Quick Launch Wizard automatically configures many selections for you,so that you can get started quickly. This tutorial guides you through the QuickLaunch Wizard.
Launch an Amazon EC2 Instance (Part-3)Here, we will look at the steps to create an instance using Classic WizardClick on Continue button to reach at Choose AN AMI Page.
Launch an Amazon EC2 Instance (Part-4)On Choose An AMI page, click on tab Community AMIs, select EBSImages from the image type list, and also search for the OS version insearch space, then click on Select button in front of the desired AMI, it willtake to Instance Details Page.
Launch an Amazon EC2 Instance (Part-5)On Instance Details page select the Instance Type, you want to create, andlet the rest of entries remains default and click on Continue button. It will takeyou to Advance Instance Options Page.
Launch an Amazon EC2 Instance (Part-6)On Advance Instance Options page check on Enable CloudWatch detailedmonitoring for this instance for enabling server monitoring, check on base64encoded option, and also check on Prevention against accidental termination,and let the other options remain as default. Click on Continue button which willtake you to Storage Device Configuration page.
Launch an Amazon EC2 Instance (Part-7)On Storage Device Configuration page, click on Edit button to change thedefault size of the root volume and save it and click on Continue button toreach at next page, It is the Tag Entry page.
Launch an Amazon EC2 Instance (Part-8)On Tag Entry Page, Create a Tag and its value and click on Continue button,it will take you to Create Key Pair page.
Launch an Amazon EC2 Instance (Part-9)Create a new public key for this instance to connect it securely. Download thekey files from here and save it at a secure place. It cant be downloadedagain. It will take you to Configure Firewall Page.
Launch an Amazon EC2 Instance (Part-10)On Security Firewall page, create a Security Group (It determine whether anetwork port is open or blocked), and immediately add a security rule to openport 22 to connect it through SSH, rest desired ports can be configured later.Now click on Continue button to reach at Review page.
Launch an Amazon EC2 Instance (Part-11)Finally at Review page, verify all the settings before pressing Continue button.Click on Continue button, it will start to save your configuration and build aninstance.
Launch an Amazon EC2 Instance (Part-12)Once you launch the instance it will prompt a Launch Instance WizardScreen, close this screen. Its just informational.
Launch an Amazon EC2 Instance (Part-13)Click on Launch button will take you to EC2 Instances page, where all theavailable instances are listed. Here it will take few minutes to establish a newlycreated instance.
Launch an Amazon EC2 Instance (Part-14)Now create a name for this newly created instance to distinguish it fromother listed.
Launch an Amazon EC2 Instance (Part-15)When you check the checkbox in front of this instance, it will show you allthe configurationally details for this instance.
Amazon EC2 FunctionalityPresents a virtual computing environment, allowing us, to use web serviceinterfaces to launch instances with a variety of operating systems, to load themwith custom application environment, and to manage network’s accesspermissions.To use EC2:• Create an AMI containing application and its associated configurations• Choose the correct instance type and monitor it.• Configure Security & Network Access on EC2• Connect it with static IP, to use it globally.
Firewall Configuration• Each EC2 instance is associated with a specific Security Group.• The rules of a security group control the inbound traffic, outbound traffic isallowed by default. Outbound behaviour cant be changed.• In each security group max 100 rules can be added, for more rules,multiple security groups can be assigned to an instance• Rules of a security group cant be modified, only can be added or removed• Security Group acts as a firewall that controls the traffic allowed to reach tothe instance.• When multiple security groups applied to an instance, then a virtualsecurity group comes into action with the effective aggregated rules of allthe security groups.
Creating a Security GroupTo create a security group for EC21. Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/.2. In the navigation pane, click Security Groups.3. Click Create Security Group.4. Specify a name and description for the security group. Select No VPC forVPC, and then click Yes, Create.5. To view your security groups6. Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/.7. In the navigation pane, click Security Groups.8. To view more information about a security group, including its rules, selectit. The information is displayed in the details pane.
Adding A Rule to Security Group (Part-1)When you add a rule to a security group, the new rule is automatically appliedto any instances in the group.To add a rule to a security group• Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/.• In the navigation pane, click Security Groups.• Select a security group.• Select the Inbound tab and add one or more inbound rules.1. Select an option from the Create a new rule list.2. [Custom protocol rule only] Specify a port or port range.
Adding A Rule to Security Group (Part-2)3. In the Source field, specify one of the following:An IP address range in CIDR notation (to allow access from that IP address range). OR the name orID of a security group (to allow access based on that security group). If the security belongs toanother AWS account, add the AWS account ID and a forward slash as a prefix (forexample, 111122223333/OtherSecurityGroup).4. Click Add Rule.• After adding all the rules for inbound traffic that you need, click Apply RuleChanges.
Deleting a Security Group RuleTo delete a security group rule1. Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/.2. In the navigation pane, click Security Groups.3. Select a security group.4. On the Inbound tab in the details pane, click the Delete button next to eachrule to delete.5. An asterisk appears on the Inbound tab to indicate that there are changesthat have not been applied.6. Click Apply Rule Changes.
Deleting a Security GroupThe security group must not be assigned to any instances. You cant deletethe default security group.To delete a security group1. Open the Amazon EC2 console athttps://console.aws.amazon.com/ec2/.2. In the navigation pane, click Security Groups.3. Select a security group and click Delete.4. Click Yes, Delete.
Elastic IPAddress (EIP)• A static IP Address, designed for dynamic cloud computing.• EIP is default associated with AWS account, not with any instance.• EIP remains associated with AWS account until explicitly released.• EIP can be associated to an instance and can be remap to anotherinstance at any point of time.• An EIP can be associated with a single instance at a time• Stopping the instance can disassociate the EIP from it.• An AWS accounts can hold max 5 EIPs
EIPAllocationTo allocate an EIP for use with EC2-Classic1. Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/.2. Click Elastic IPs in the navigation pane.3. Click Allocate New Address.4. Select EC2 from the EIP list, and then click Yes, Allocate.To view your Elastic IP addresses1. Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/.2. Click Elastic IPs in the navigation pane.3. To filter the displayed list, start typing part of the EIP or the ID of theinstance to which it is assigned in the search box.
EIPAssociation to an InstanceTo associate an Elastic IP address with a running instance1. Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/.2. Click Elastic IPs in the navigation pane.3. Select an EIP and click Associate Address.4. In the Associate Address dialog box, select the instance from the Instance list boxand click Yes, Associate.Associating an Elastic IP Address with a Different Running Instance1. Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/.2. Click Elastic IPs in the navigation pane.3. Select the EIP, and then click the Disassociate button.4. Click Yes, Disassociate when prompted.5. Select the EIP, and then click Associate.6. In the Associate Address dialog box, select the new instance from the Instance IDlist, and then click Yes, Associate.
Releasing an Elastic IPAddressIf an EIP is no longer in use then it should be released.To release an Elastic IP address1. Open the Amazon EC2 console athttps://console.aws.amazon.com/ec2/.2. Click Elastic IPs in the navigation pane.3. Select the Elastic IP address, and then click the Release Addressbutton.
Connect to an Instance (Part-1)To connect to your instance through a web browser• You must have Java installed and enabled in the browser. If you dont have Javaalready, you can contact your system administrator to get it installed, or follow thesteps outlined in these pages:o Install Javao Enable Java in your web browser• Sign in to the AWS Management Console and open the Amazon EC2 console athttps://console.aws.amazon.com/ec2/.• Click Instances in the navigation pane.• Right-click your instance, and then click Connect.• Click Connect from your browser using the Java SSH client (Java Required). AWSautomatically detects the public DNS address of your instance and the key pairname you launched the instance with.
Connect to an Instance (Part-2)• In User name, enter the user name to log in to your instance.• Note: For an Amazon Linux instance, the default user name is ec2-user. forUbuntu, the default user name is ubuntu. Some AMIs allow you to log in asroot. So in this example, you may need to change the user name from ec2-user to the appropriate user name.• The Key name field is automatically populated for you.• In Private key path, enter the fully qualified path to your .pem private keyfile.• Click Save key location, and then click Stored in browser cache to storethe key location in your browser cache. This ensures that the key locationwill be detected in subsequent browser sessions, until your clear yourbrowser’s cache.
Connect to an Instance (Part-3)To connect an Instance using Linux Terminal• Keep the server key (.pem) file at a secure location of the machine• Make it inaccessible to public• # chmod 400 serverkey.pem• Connect it through# ssh -i /path/serverkey.pem ubuntu@public-IP
To Create an EBS Volume (Part-1)To create and attach an Amazon EBS volume• Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/.• Select the region in which you created your instance in the navigation bar,and then click Instances in the navigation pane.• The console displays the list of current instances in that region. Select yourLinux instance. In the Description tab in the bottom pane note the Zone forthe instance.• In the navigation pane, in Elastic Block Store, click Volumes.• The console displays a list of current EBS volumes in that region. (Youshould see the EBS volume that serves as the root device volume for yourinstance.)• Click Create Volume.
To Create an EBS Volume (Part-2)• In the Create Volume dialog box, configure the following settings:o Leave the volume size blank. (Well let the snapshot we select determine the sizeof the volume.)o Select the same Availability Zone that you used when you created yourinstance. Otherwise, you cant attach the volume to your instance.o Select a snapshot that contains a public data set hosted by AWS. This enablesus to quickly and easily create a volume that is formatted and contains data.o Select the Standard volume type. This creates a standard EBS volume.• Now click Yes, Create. This creates a new volume• Right-click the newly created volume and select Attach Volume.• In the Attach Volume dialog box, click the following settings:o Select your Linux instance from the list.o Specify the device name /dev/sdf. (It is the device name where youwant to attach it)
Storage (Part-1)Storage options include the following:o Amazon Elastic Block Store (Amazon EBS)o Amazon EC2 instance storeo Amazon Simple Storage Service (Amazon S3)The following figure shows the relationship between these types of storage.
Storage (Part-2)Amazon EBS• All Amazon EBS volumes offer the following features:• Data availability from replication across an Availability Zone• Data persistence independent of the life of the instance• The ability to create snapshots and incremental backupsAmazon EC2 Instance Store• Instance store provides temporary block-level storage for Amazon EC2instances. The data on an instance store volume persists only during the lifeof the associated Amazon EC2 instance.
Storage (Part-3)Amazon Simple Storage Service (Amazon S3)• Amazon S3 is a repository for Internet data.• Amazon S3 provides access to reliable, fast, and inexpensive data storageinfrastructure.• Objects are the fundamental entities stored in Amazon S3. Objects consistof object data and metadata.• Every object stored in Amazon S3 is contained in a bucket. Bucketsorganize the Amazon S3 namespace at the highest level and identify theaccount responsible for that storage.
Creating Snapshots• Amazon provides a facility to create Snapshots of running volume, it can bestored as a backup of that volume for further use.• These snapshots are kind of restore point which can be used for datarecovery.• Amazon EBS Snapshots are incremental backupsTo create a snapshot1. Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/.2. Click Snapshots in the navigation pane.The console displays a list of currentsnapshots.3. Click Create Snapshot. The Create Snapshot dialog box appears.4. Select the volume to create a snapshot for and click Create. Amazon EC2 beginscreating the snapshot.
Create an AMI (Part-1)To create an AMI from a running Amazon EBS-backed instance• Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/.• In the navigation pane, click Instances to view a list of your instances.Right-click your running instance and select Create Image (EBS AMI).• The Create Image dialog box appears.
Create an AMI (Part-2)Fill in the requested information as follows, and click Yes, Create.• A unique name for the image.• [Optional] A description of the image (up to 255 characters).• By default, Amazon EC2 shuts down the instance, takes snapshots of anyattached volumes, creates and registers the AMI, and then reboots theinstance. Select No Reboot if you dont want your instance to be shut down.Warning• If you select the No Reboot option, the file system integrity of the createdimage cant be guaranteed.
Create an AMI (Part-3)• Click AMIs in the navigation pane to view the AMIs status. While the newAMI is being created, its status is pending. It takes a few minutes for thewhole process to finish.• After your new AMIs status is available, go to the Snapshots page andview the new snapshot that was created for the new AMI. Any instance youlaunch from the new AMI uses this snapshot for its root device volume.• Go back to the AMIs page, select the image, and click Launch.• The launch wizard opens.• Walk through the wizard to launch an instance of your new AMI.• You now have a new AMI and snapshot that you just created.
Delete an AMI and SnapshotTo delete an AMI and a snapshot1. Go to the AMIs page. Select the AMI, click Actions, then selectDeregister. When asked for confirmation, click Continue.2. The image is deregistered, which means it is deleted and can no longerbe launched.3. Go to the Snapshots page. Right-click the snapshot and select DeleteSnapshot. When asked for confirmation, click Yes, Delete.4. The snapshot is deleted.
Clean UPTo terminate an instance• Sign in to the AWS Management Console and open the Amazon EC2console at https://console.aws.amazon.com/ec2/.• Locate your instance in the list of instances on the Instances page.• Right-click the instance, and then click Terminate.• Click Yes, Terminate when prompted for confirmation.• Amazon EC2 begins terminating the instance.• Amazon EBS volumes can persist even after your instance goes away. youmust delete the volume.
Types of InstancesAmazon EC2 Instances has been categorized into three types:On-Demand Instances – Pay for compute capacity by the hour with nolong-term commitments.Reserved Instances – One-time payment for each instance you want toreserve and in turn receive a significant discount on the hourly charge forthat instance.Spot Instances – Allow customers to bid on unused Amazon EC2 capacityand run those instances for as long as their bid exceeds the current SpotPrice.
IAM enables you to securely control access to AWS services andresources, using IAM you can create and manage AWS users and groups.IAM Allows you to:• Manage IAM users and their access• Manage IAM roles and their permissions• Manage federated users and their permissionsIdentity Access Management (IAM)
Instance Monitoring (Part-1)• Amazon EC2 performs automated checks on every running Amazon EC2instance to identify hardware and software issues.• Status checks are performed every five minutes and each returns a passor a fail status• If all checks pass, the overall status of the instance is OK. If one or morechecks fail, the overall status is impaired.• Status checks are built into Amazon EC2, so they cannot be disabled ordeleted• There are two types of status checks: system status checks andinstance status checks.
Instance Monitoring (Part-2)System status checksThese checks detect problems with your instance that require AWSinvolvement to repair. When a system status check fails, you can chooseto wait for AWS to fix the issue or you can resolve it yourself (for example,by stopping and restarting or terminating and replacing an instance).Examples of problems that cause system status checks to fail include:• Loss of network connectivity• Loss of system power• Software issues on the physical host• Hardware issues on the physical host
Instance Monitoring (Part-3)Instance status checksMonitor the software and network configuration of your individual instance.When an instance status check fails, typically you will need to address theproblem yourself (for example by rebooting the instance or by makingmodifications in your operating system). Examples of problems that maycause instance status checks to fail include:• Failed system status checks• Misconfigured networking or startup configuration• Exhausted memory• Corrupted file system• Incompatible kernel
Instance Monitoring (Part-4)To view status checks• Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/.• In the Navigation pane, click Instances.• On the Instances page, the Status Checks column lists the operationalstatus of each instance.• To view an individual instance’s status, select the instance, and then clickthe Status Checks tab.
Instance Monitoring (Part-5)page, click on the instance on which you want to report status.Click the Status Checks tab and then click the Submit Feedback buttTo reportstatus feedback using the management console1. Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/.2. In the Navigation pane, click Instances.3. On the Instances on.1. Complete the information on the Report Instance Status page.
• Enables real-time monitoring of AWS resources• Few free metrics are auto enabled, custom metrics can be added• Basic Monitoring is already enabled automatically for all Amazon EC2instancesTo enable detailed monitoring of an existing EC2 instanceProvides data about your instance in 1-minute periods..1. Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/.2. In the Navigation pane, click Instances.3. In My Instances, select a running or stopped instance, click Instance Actions, andthen click Enable Detailed Monitoring.4. In the Enable Detailed Monitoring dialog box, click Yes, Enable.5. In the Enable Detailed Monitoring confirmation dialog box, click Close.Amazon CloudWatch
Create Status Check AlarmTo create a status check alarm• Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/.• In the Navigation pane, click Instances.• In My Instances, select an instance, and then on the Status Checks tab, clickCreate Status Check Alarm.• In the Create Alarm for dialog box, select the Send a notification to checkbox, and then choose an existing Amazon Simple Notification Service (SNS)topic or create a new SNS topic to use for this alarm.
http://docs.aws.amazon.com/http://aws.typepad.com/aws/Reference & Help