EC2 INSTANCE

FEATURES OF EC2
▪ Virtual computing environments, known as instances
▪ Preconfigured templates for your instances, known as Amazon Machine Images
(AMIs), that package the bits you need for your server (including the operating
system and additional software)
▪ Various configurations of CPU, memory, storage, and networking capacity for your
instances, known as instance types
▪ Secure login information for your instances using key pairs (AWS stores the public
key, and you store the private key in a secure place)
▪ Storage volumes for temporary data that's deleted when you stop or terminate
your instance, known as instance store volumes
▪ Persistent storage volumes for your data using Amazon Elastic Block Store (Amazon
EBS), known as Amazon EBS volumes
▪ Multiple physical locations for your resources, such as instances and Amazon EBS
volumes, known as Regions and Availability Zones
▪ A firewall that enables you to specify the protocols, ports, and source IP ranges that
can reach your instances using security groups
▪ Static IPv4 addresses for dynamic cloud computing, known as Elastic IP addresses
▪ Metadata, known as tags, that you can create and assign to your Amazon EC2
resources
▪ Virtual networks you can create that are logically isolated from the rest of the AWS
cloud, and that you can optionally connect to your own network, known as virtual
private clouds(VPCs)
 EC2 PURCHASE OPTIONS

▪ On-Demand Instances – Pay, by the second, for the instances that you launch.
▪ Reserved Instances – Purchase, at a significant discount, instances that are always
available, for a term from one to three years.
▪ Scheduled Instances – Purchase instances that are always available on the specified
recurring schedule, for a one-year term.
▪ Spot Instances – Request unused EC2 instances, which can lower your Amazon EC2 costs
significantly.
▪ Dedicated Hosts – Pay for a physical host that is fully dedicated to running your instances,
and bring your existing per-socket, per-core, or per-VM software licenses to reduce costs.
▪ Dedicated Instances – Pay, by the hour, for instances that run on single-tenant hardware.
 RESERVED INSTANCE
▪ Term Commitment
– You can purchase a Reserved Instance for a one-year or three-year commitment, with the three-year commitment
offering a bigger discount.
– One-year: A year is defined as 31536000 seconds (365 days).
– Three-year: Three years is defined as 94608000 seconds (1095 days).

▪ Payment Options
– The following payment options are available for Reserved Instances:
– All Upfront: Full payment is made at the start of the term, with no other costs or additional hourly charges incurred for
the remainder of the term, regardless of hours used.
– Partial Upfront: A portion of the cost must be paid upfront and the remaining hours in the term are billed at a
discounted hourly rate, regardless of whether the Reserved Instance is being used.
– No Upfront: You are billed a discounted hourly rate for every hour within the term, regardless of whether the Reserved
Instance is being used. No upfront payment is required.

▪ Offering Class
– If your computing needs change, you may be able to modify or exchange your Reserved Instance, depending on the
offering class.
– Standard: These provide the most significant discount, but can only be modified.
– Convertible: These provide a lower discount than Standard Reserved Instances, but can be exchanged for another
Convertible Reserved Instance with different instance attributes. Convertible Reserved Instances can also be modified.
SCHEDULED INSTANCE

▪ Scheduled Reserved Instances (Scheduled Instances) enable you

to purchase capacity reservations that recur on a daily, weekly,
or monthly basis, with a specified start time and duration, for a
one-year term.
▪ You reserve the capacity in advance, so that you know it is
available when you need it.
▪ You pay for the time that the instances are scheduled, even if
you do not use them.
▪ Scheduled Instances are a good choice for workloads that do
not run continuously, but do run on a regular schedule.
▪ For example, you can use Scheduled Instances for an application
that runs during business hours or for batch processing that runs
at the end of the week.
SPOT INSTANCE

▪ A Spot Instance is an unused EC2 instance that is available for less than the On-Demand price.
▪ Because Spot Instances enable you to request unused EC2 instances at steep discounts, you
can lower your Amazon EC2 costs significantly.
▪ The hourly price for a Spot Instance is called a Spot price.
▪ The Spot price of each instance type in each Availability Zone is set by Amazon EC2, and
adjusted gradually based on the long-term supply of and demand for Spot Instances.
▪ Your Spot Instance runs whenever capacity is available and the maximum price per hour for
your request exceeds the Spot price.
▪ Spot Instances are a cost-effective choice if you can be flexible about when your applications
run and if your applications can be interrupted.
▪ For example, Spot Instances are well-suited for data analysis, batch jobs, background
processing, and optional tasks.
DEDICATED HOST

An Amazon EC2 Dedicated Host is a physical server with EC2 instance

capacity fully dedicated to your use. Dedicated Hosts allow you to use
your existing per-socket, per-core, or per-VM software licenses,
including Windows Server, Microsoft SQL Server, SUSE, Linux
Enterprise Server, and so on.
DEDICATED INSTANCE

▪ Dedicated Instances are Amazon EC2 instances that run in a virtual

private cloud (VPC) on hardware that's dedicated to a single customer.
▪ Dedicated Instances that belong to different AWS accounts are
physically isolated at the hardware level.
▪ In addition, Dedicated Instances that belong to AWS accounts that are
linked to a single payer account are also physically isolated at the
hardware level.
▪ However, Dedicated Instances may share hardware with other
instances from the same AWS account that are not Dedicated
Instances.
AMI – AMAZON MACHINE IMAGE

▪ MY AMIs
▪ AWS MARKET PLACE
– The AWS Marketplace is an online store where you can buy software that runs
on AWS, including AMIs that you can use to launch your EC2 instance.
– Launching an instance from a paid AMI is the same as launching an instance
from any other AMI. No additional parameters are required.
– The instance is charged according to the rates set by the owner of the AMI.

▪ COMMUNITY AMIs
EC2 INSTANCE TYPES
EC2 INSTANCE LIFE CYCLE
EBS VS INSTANCE STORE
EBS VOLUME TYPES
 PLACEMENT GROUP

▪ When you launch a new EC2 instance, the EC2 service attempts to place the instance
in such a way that all of your instances are spread out across underlying hardware to
minimize correlated failures.
▪ Types:
– Cluster – packs instances close together inside an Availability Zone. This strategy enables workloads
to achieve the low-latency network performance necessary for tightly-coupled node-to-node
communication that is typical of HPC applications.
– Partition – spreads your instances across logical partitions such that groups of instances in one
partition do not share the underlying hardware with groups of instances in different partitions. This
strategy is typically used by large distributed and replicated workloads, such as Hadoop, Cassandra,
and Kafka.
– Spread – strictly places a small group of instances across distinct underlying hardware to reduce
correlated failures.

▪ There is no charge for creating a placement group.

ENHANCED NETWORKING

▪ Enhanced networking uses single root I/O virtualization (SR-IOV) to

provide high-performance networking capabilities on 
supported instance types.
▪ SR-IOV is a method of device virtualization that provides higher I/O
performance and lower CPU utilization when compared to traditional
virtualized network interfaces.
▪ Enhanced networking provides higher bandwidth, higher packet per
second (PPS) performance, and consistently lower inter-instance
latencies.
▪ There is no additional charge for using enhanced networking.
AMI CREATION FROM INSTANCE
COPY AMI FROM ONE REGION TO ANOTHER
 Store an AMI in an S3 bucket
▪ To store an AMI (AWS CLI)
aws ec2 create-store-image-task \
--image-id ami-1234567890abcdef0 \
--bucket myamibucket
▪ To describe the progress of an AMI store task (AWS CLI)
aws ec2 describe-store-image-tasks
▪ Restore an AMI from an S3 bucket
aws ec2 create-restore-image-task \
--object-key ami-1234567890abcdef0.bin \
--bucket myamibucket \
--name "New AMI Name"
▪ The following table shows encryption support for various scenarios. Note that
while it is possible to copy an unencrypted snapshot to yield an encrypted
snapshot, you cannot copy an encrypted snapshot to yield an unencrypted one.
 EBS Encryption - Supported Instance Types

▪ Amazon EBS encryption is available on the instance types listed below. You can
attach both encrypted and unencrypted volumes to these instance types
simultaneously.
– General purpose: A1, M3, M4, M5, M5a, M5ad, M5d, T2, T3, and T3a
– Compute optimized: C3, C4, C5, C5d, and C5n
– Memory optimized: cr1.8xlarge, R3, R4, R5, R5a, R5ad, R5d, X1, X1e, and z1d
– Storage optimized: D2, h1.2xlarge, h1.4xlarge, I2, and I3
– Accelerated computing: F1, G2, G3, P2, and P3
– Bare metal: c5.metal, i3.metal, m5.metal, m5d.metal, r5.metal, r5d.metal, u-6tb1.metal, u-
9tb1.metal, u-12tb1.metal, and z1d.metal

▪ Link for reference :

https://www.storagereview.com/aws_introduces_5_new_amazon_ec2_bare_metal
META DATA & USER DATA

▪ curl http://169.254.169.254/latest/meta-data/

▪ curl http://169.254.169.254/latest/meta-data/security-groups

▪ curl http://169.254.169.254/latest/user-data
USER DATA EXAMPLES

[ec2-user ~]$ curl http://169.254.169.254/latest/user-data

#!/bin/bash
yum update -y
yum install httpd -y
service httpd start
chkconfig httpd on
cd /var/www/html
echo “<html><h1> Hello from web server </h1></html>" > index.html
Amazon Data Lifecycle Manager (Amazon DLM)

▪ Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/.

▪ In the navigation pane, choose Elastic Block Store, Lifecycle Manager, Create
snapshot lifecycle policy.
▪ Provide the following information for your policy as needed:
– Description—A description of the policy.
– Target with tags—The resource tags that identify the volumes or instances to
back up.
– Schedule Name—A name for the backup schedule.
– Create snapshots every n Hours—The number of hours between policy runs. The
supported values are 2, 3, 4, 6, 8, 12, and 24.
– Snapshot creation start time hh:mm UTC—The time of day when policy runs are
scheduled to start. The policy runs start within an hour after the scheduled time.
 – Retention rule—The maximum number of snapshots to retain for each volume or
instance. The supported range is 1 to 1000. After the limit is reached, the oldest
snapshot is deleted when a new one is created.

– Copy tags—Copy all user-defined tags on a source volume to snapshots of the

volume created by this policy.
– Tag created snapshots—The resource tags to apply to the snapshots that are
created. These tags are in addition to the tags applied by Amazon DLM. You can
also choose variable tags that can automatically tag all of your snapshots with the
corresponding instance-id or timestamp.
– IAM role—An IAM role that has permissions to create, delete, and describe
snapshots, and to describe volumes. AWS provides a default
role, AWSDataLifecycleManagerDefaultRole, or you can create a custom IAM
role.
– Policy status after creation—Choose Enable policy to start the policy runs at the
next scheduled time or Disable policy to prevent the policy from running.
▪ Choose Create Policy.
Auto backup for Volumes and Images