Changyi's Blog

AWS EC2

AWS EC2

AWS EC2 (Elastic Compute Cloud)

Overview

Amazon EC2 (Elastic Compute Cloud) is one of the most popular AWS offerings.
It provides scalable computing capacity in the cloud — allowing you to rent virtual machines (instances) instead of maintaining physical servers.

EC2 = Elastic Compute Cloud = Infrastructure as a Service (IaaS)

Key Capabilities

  • Renting virtual machines (EC2)
  • Storing data on virtual drives (EBS)
  • Distributing load across instances (ELB)
  • Scaling services automatically (Auto Scaling Group / ASG)

EC2 Sizing & Configuration Options

When launching an EC2 instance, you can configure the following:

  • Operating System (OS): Linux, Windows, or macOS
  • Compute Power & Cores (CPU): Determines processing performance
  • Memory (RAM): Affects how much data can be processed simultaneously
  • Storage Options:
    • Network-attached: EBS (Elastic Block Store) & EFS (Elastic File System)
    • Hardware-attached: EC2 Instance Store (ephemeral local storage)
  • Network Settings:
    • Network card performance (bandwidth)
    • Public / Private IP addressing
  • Firewall Rules: Managed through Security Groups
  • Bootstrap Script: Run commands at first boot using EC2 User Data

EC2 User Data

You can bootstrap an EC2 instance by using EC2 User Data, which allows automation when the machine starts.

Key Points

  • The user data script runs only once during the first startup.
  • “Bootstrapping” means executing custom commands (e.g. yum install, apt update, etc.) automatically.

Common Uses

  • Installing updates or dependencies
  • Installing applications or software packages
  • Downloading configuration files or scripts from the internet
  • Setting up logging or monitoring agents
  • Any one-time setup operation you can think of

Example (Linux EC2 User Data)

#!/bin/bash
yum update -y
yum install -y httpd
systemctl start httpd
systemctl enable httpd
echo "Hello from EC2" > /var/www/html/index.html

Security Groups

Security Groups act as virtual firewalls for EC2 instances — controlling inbound and outbound traffic.

Key Characteristics

  • Can be attached to multiple instances
  • Scoped to a specific region/VPC
  • Operates outside the EC2 instance (if blocked here, EC2 won’t even see the request)
  • Good practice: maintain one separate security group for SSH access

Troubleshooting

  • Timeout error: Security group issue (inbound rules missing)
  • Connection refused: Application issue (service not running)

Default Behavior

  • All inbound traffic is blocked by default
  • All outbound traffic is allowed by default

Referencing Other Security Groups

Security Groups can reference other groups to control communication between instances.

Elastic IPs (EIP)

When you stop and start an EC2 instance, its public IP may change.
To retain a consistent IP, AWS provides Elastic IPs.

Key Facts

  • Elastic IP = Fixed public IPv4 address you own until you release it.
  • You can attach an Elastic IP to one instance at a time.
  • Useful when you need a static IP for external access (e.g., DNS, APIs).

Elastic IP Best Practices

  • Each AWS account gets 5 Elastic IPs by default (limit can be increased).
  • Elastic IPs allow remapping — quickly reassign the IP to another instance in case of failure.
  • However, avoid using Elastic IPs when possible:
    • They often indicate poor architecture design.
    • Instead, use random public IPs and register a DNS name (via Route 53).
← PreviousNext →