TD 1 Cloud and Edge Infrastructures : Amazon EC2

Introduction

This lab provides instructions for creating, accessing, managing, and deleting Amazon Elastic Compute Cloud (EC2) service.

Amazon Elastic Compute Cloud (EC2)

This section provides you with a basic overview of launching, resizing, managing, and monitoring an Amazon EC2 instance. Amazon EC2 is a web service that provides resizable compute capacity in the cloud.

By the end of this section, you will be able to:

Create an EC2 instance (web server) with termination protection enabled
Monitor your EC2 instance
Modify the security group to allow HTTP access to the web server
Resize your EC2 instance to scale
Terminate your EC2 instance

Task 1: Create an EC2 instance

In the AWS Management Console, on the Search Bar type EC2
Before you launch the instance, you will create a Security Group. (a) What is a Security Group?
- Click on Security Groups at the left sidebar menu
- Click on Create security group
- Name the security group SSH and add a brief description
- Add a security rule by clicking on Add Rule in the Inbound rules section
- Specify the rule Type to be SSH and set the Source to Anywhere-IPv4
- Click on Create security group at the bottom right
Go back to the EC2 Dashboard (left sidebar menu), and click on Launch instance
In the Name, enter the name of your instance
In the Application and OS Images, select the image Amazon Linux 2023 AMI (a) What is an AMI? (b)What are the Free tier AMIs? (c) How many Free tier AMIs are available in AWS?
In Instance type select t2.micro (a) What are the characteristics of this instance? (b) What does EBS stand for? (c) What type of EBS volume is your AMI based on?

In the Key pair (login), select an existing key pair using the drop-down menu or Create new key pair if you do not have one yet

Give a name for your key pair
Select Key pair type as RSA

Choose the file format

.pem if you will use OpenSSH (Linux and MacOS)

.ppk if you will use PuTTY (Windows)

Important

Download and save in a safe location the key pair file because if you lose it you will not be able to connect to the instance anymore rendering it useless. There is no possibility to regenerate the key pair file.

Tip	For this TD, you must select the vockey for this lab because we are using the AWS Academy. In the commercial AWS, you will have to create a new key pair or use an existing one.

In the Network settings at Firewall, choose the option to Select existing security group
- Select the group SSH that you created earlier
In the Advanced details step look at the different options (a) What is the termination protection function? (b) What is the CloudWatch monitoring? Why is it useful? (c) True or False: monitoring is only available if you pay additional fees (d) What is the role of the Tenancy option?
- Set the Termination protection option to Enable
Click on Launch Instance

Task 2: Connect to the instance

Now you will connect to the instance. First using SSH, then using the web (HTTP).

SSH Connection

Select the created instance
Click on Connect at the top right side of the window

Select the SSH client section and follow the instructions given in the window

Note	For Linux and MacOS, the only thing you need to do before connecting to the instance is to change the access rights of myawskey.pem file so you can only read the file by running the command `chmod 400 myawskey.pem` in the terminal.

Note	For Windows, you will need to download and install PuTTY and follow the instructions given at Connect to your Linux instance from Windows using PuTTY

Tip	AWS Academy is a preset environment. The access key pair is created when you start the lab. To download the SSH key (.pem or .ppk), go to the Learners Lab console and select AWS Details

SFTP Connection To create an SFTP connection, you need an SFTP client like fileZilla or WinSCP. fileZilla works on Windows and Mac. WinSCP works only on Windows.
- For fileZilla, you need to convert the key from .pem to .ppk extension. To proceed on Mac, open a terminal
  - brew install putty
  - puttygen myawsley.pem -o myawskey.ppk
- Open Filezilla
- Select Edit → Settings
- From the left list click on SFTP
- Click on Add key file… and select the .ppk key associated to the EC2 instance
- Click on Open
- Click on OK
- Select Files → Site Manager
- Click on New Site. Name the site as amazon-ec2
- In the General tab, choose SFTP - SSH File Transfer Protocol for the Protocol field
- In the SSH client tab, copy the host DNS (item 4)
- Paste the host DNS value in the Host field
- Enter ec2-user in the User field
- Click on Connect

Task 3: Turn the instance into a Web Server

Now, you will install a web server to provide a web interface to your instance.

From EC2 Dashboard, choose your instance
- Go down to the Details section and copy the Public IPv4 address
- Paste Public IPv4 address in the address bar of your browser (a) Why does the browser show nothing?
Install Web Server. Before you start, check the Monitoring section. (a) What do you observe?
- SSH your instance, following the steps from Task 2: Connect to the instance
- Install Apache HTTP server: sudo yum install httpd
- Start Apache HTTP server: sudo service httpd start
- Paste the Public IPv4 address of the server in the address bar of your browser (b) Why cannot the browser connect to the web server?
Configure Security Group
- Click on Security Groups at the left sidebar menu
- Choose the SSH security group that you created earlier
- Click on Actions → Edit inbound rules
- Click on Add Rule
- Specify the rule Type to be HTTP and set the Source to Anywhere-IPv4
- Click on Save rules at the bottom right
- Refresh the page on which you pasted the IP address of your instance
It works but as you see, there is not homepage. Create a HTML home page. Use fileZilla to copy your page into your instance. It should go into /var/www/html/
Check your VMs logs (through the management console)
- In the Action → Monitor and troubleshoot → Get system log. The log contains all log messages that would be displayed on the monitor of your machine if you were running it on premises. This is a good tool for debugging a virtual machine by watching out for any log messages stating that an error occurred during startup for instance.