π»
EC2 - Elastic Compute Cloud
Instances, AMIs, Auto Scaling & Load Balancers
β±οΈ Estimated reading time: 20 minutes
Introduction to EC2
Amazon EC2 (Elastic Compute Cloud) provides scalable compute capacity in the AWS cloud. It allows you to launch virtual server instances with different configurations of CPU, memory, storage, and networking.
Key Features:
- Instant scalability: launch instances in minutes
- Pay-as-you-go: only pay for compute time you use
- Multiple instance types optimized for different use cases
- Full integration with other AWS services
- Complete control over OS configuration
Key Features:
- Instant scalability: launch instances in minutes
- Pay-as-you-go: only pay for compute time you use
- Multiple instance types optimized for different use cases
- Full integration with other AWS services
- Complete control over OS configuration
π― Key Points
- β EC2 is the foundation of AWS computing
- β Configurable instances with different sizes and families
- β Flexible pricing: On-Demand, Reserved, Spot
- β Region and availability zone determine latency and resilience
- β User Data enables automated initial configuration
EC2 Instance Types
AWS offers different instance families optimized for specific use cases:
Main Families:
- General Purpose (T3, T4g, M5, M6i): Balance between compute, memory, and network. Ideal for web apps and small databases
- Compute Optimized (C5, C6i, C7g): High CPU performance. For batch processing, gaming, machine learning
- Memory Optimized (R5, R6i, X2): Large amounts of RAM. Ideal for in-memory databases, analytics
- Storage Optimized (I3, I4i, D3): High IOPS and throughput. For data warehousing, Hadoop, NoSQL
- Accelerated Computing (P4, G5, Inf1): GPUs and FPGAs. For machine learning, graphics, video processing
Main Families:
- General Purpose (T3, T4g, M5, M6i): Balance between compute, memory, and network. Ideal for web apps and small databases
- Compute Optimized (C5, C6i, C7g): High CPU performance. For batch processing, gaming, machine learning
- Memory Optimized (R5, R6i, X2): Large amounts of RAM. Ideal for in-memory databases, analytics
- Storage Optimized (I3, I4i, D3): High IOPS and throughput. For data warehousing, Hadoop, NoSQL
- Accelerated Computing (P4, G5, Inf1): GPUs and FPGAs. For machine learning, graphics, video processing
π― Key Points
- β Naming follows pattern: Family + Generation + Size (e.g., t3.medium)
- β T3/T4g have burstable performance with CPU credits
- β Graviton (g in name) uses ARM processors with better price/performance
- β Instances with 'n' have enhanced networking (e.g., m6in)
- β Instances with 'd' include local NVMe storage
EC2 Pricing Models
EC2 offers several payment models to optimize costs based on your needs:
On-Demand:
- Pay per second (Linux) or per hour (Windows)
- No long-term commitments
- Ideal for unpredictable or short-term workloads
Reserved Instances:
- 40-60% discount vs On-Demand
- 1 or 3-year commitment
- Types: Standard (maximum discount), Convertible (change type), Scheduled (specific schedules)
Savings Plans:
- 40-66% discount by committing to hourly spend
- More flexibility than Reserved: allows changing family, size, OS, region
Spot Instances:
- 50-90% discount vs On-Demand
- AWS can terminate instance with 2-minute notice
- Ideal for interruption-tolerant workloads: batch, data analysis
On-Demand:
- Pay per second (Linux) or per hour (Windows)
- No long-term commitments
- Ideal for unpredictable or short-term workloads
Reserved Instances:
- 40-60% discount vs On-Demand
- 1 or 3-year commitment
- Types: Standard (maximum discount), Convertible (change type), Scheduled (specific schedules)
Savings Plans:
- 40-66% discount by committing to hourly spend
- More flexibility than Reserved: allows changing family, size, OS, region
Spot Instances:
- 50-90% discount vs On-Demand
- AWS can terminate instance with 2-minute notice
- Ideal for interruption-tolerant workloads: batch, data analysis
π― Key Points
- β On-Demand: maximum flexibility, highest cost
- β Reserved: best for stable and predictable loads
- β Savings Plans: balance between flexibility and savings
- β Spot: maximum savings for fault-tolerant workloads
- β Dedicated Hosts/Instances: for regulatory compliance
π» Launching instances with AWS CLI
# Launch On-Demand instance
aws ec2 run-instances \n --image-id ami-0c55b159cbfafe1f0 \n --instance-type t3.micro \n --key-name my-keypair \n --security-group-ids sg-0123456789abcdef0
# Create Spot Instance request
aws ec2 request-spot-instances \n --spot-price "0.05" \n --instance-count 1 \n --type "one-time" \n --launch-specification file://specification.jsonSecurity Groups
Security Groups act as virtual firewalls that control network traffic to and from EC2 instances.
Features:
- Stateful: If you allow inbound traffic, outbound response is automatically allowed
- Allow rules only: You cannot create explicit deny rules
- Instance level: Applied at ENI (Elastic Network Interface) level
- Multiple SGs: You can assign up to 5 security groups to an instance
Inbound vs outbound rules:
- Inbound: Controls incoming traffic to the instance
- Outbound: Controls outgoing traffic from the instance (default all allowed)
Features:
- Stateful: If you allow inbound traffic, outbound response is automatically allowed
- Allow rules only: You cannot create explicit deny rules
- Instance level: Applied at ENI (Elastic Network Interface) level
- Multiple SGs: You can assign up to 5 security groups to an instance
Inbound vs outbound rules:
- Inbound: Controls incoming traffic to the instance
- Outbound: Controls outgoing traffic from the instance (default all allowed)
π― Key Points
- β Security Groups are stateful (NACL is stateless)
- β Default: all inbound denied, all outbound allowed
- β You can reference other SGs in rules
- β SG changes apply immediately
- β One SG can apply to multiple instances
π» Security Groups management
# Create security group
aws ec2 create-security-group \n --group-name web-server-sg \n --description "Security group for web server" \n --vpc-id vpc-0123456789abcdef0
# Add inbound rule (HTTP)
aws ec2 authorize-security-group-ingress \n --group-id sg-0123456789abcdef0 \n --protocol tcp \n --port 80 \n --cidr 0.0.0.0/0
# Add rule referencing another SG
aws ec2 authorize-security-group-ingress \n --group-id sg-0123456789abcdef0 \n --protocol tcp \n --port 3306 \n --source-group sg-9876543210fedcba0EC2 Storage
EC2 instances can use different storage types:
EBS (Elastic Block Store):
- Persistent network volumes
- Can be detached and reassigned to other instances
- Backups via snapshots to S3
- Types: gp3 (general), io2 (high IOPS), st1 (throughput), sc1 (cold storage)
Instance Store:
- Ephemeral local storage physically attached
- Maximum performance (low latency)
- Data lost when stopping/terminating instance
- Ideal for buffers, cache, temporary data
EFS (Elastic File System):
- Shared file system compatible with NFS
- Multiple instances can mount simultaneously
- Auto-scaling, pay per use
EBS (Elastic Block Store):
- Persistent network volumes
- Can be detached and reassigned to other instances
- Backups via snapshots to S3
- Types: gp3 (general), io2 (high IOPS), st1 (throughput), sc1 (cold storage)
Instance Store:
- Ephemeral local storage physically attached
- Maximum performance (low latency)
- Data lost when stopping/terminating instance
- Ideal for buffers, cache, temporary data
EFS (Elastic File System):
- Shared file system compatible with NFS
- Multiple instances can mount simultaneously
- Auto-scaling, pay per use
π― Key Points
- β EBS is persistent, Instance Store is ephemeral
- β EBS is limited to one AZ, EFS is multi-AZ
- β EBS volumes can be resized on the fly
- β EBS snapshots are incremental and stored in S3
- β Root volume can be EBS or Instance Store
Amazon Machine Images (AMI)
An AMI is a template containing the software configuration needed to launch an instance (operating system, applications, settings).
AMI Types:
- Public AMI: Provided by AWS or community
- AWS Marketplace AMI: Preconfigured commercial software
- Custom AMI: Created by you from configured instances
Benefits of creating custom AMIs:
- Faster boot time (preinstalled software)
- Standardized and reproducible configuration
- Complete system backups
- Consistent deployments across multiple regions
AMI Types:
- Public AMI: Provided by AWS or community
- AWS Marketplace AMI: Preconfigured commercial software
- Custom AMI: Created by you from configured instances
Benefits of creating custom AMIs:
- Faster boot time (preinstalled software)
- Standardized and reproducible configuration
- Complete system backups
- Consistent deployments across multiple regions
π― Key Points
- β AMIs are region-specific (but can be copied)
- β Stored in S3 (but you don't see them directly)
- β You can share AMIs between accounts
- β AMI from instance store cannot be stopped
- β Creating AMI doesn't require stopping instance (but recommended)
π» AMI management
# Create AMI from instance
aws ec2 create-image \n --instance-id i-0123456789abcdef0 \n --name "My-Web-Server-AMI" \n --description "AMI with Apache and PHP configured" \n --no-reboot
# Copy AMI to another region
aws ec2 copy-image \n --source-region us-east-1 \n --source-image-id ami-0123456789abcdef0 \n --region eu-west-1 \n --name "My-Web-Server-AMI-EU"