Amazon’s Elastic Cloud Computing (EC2 has changed quite a bit in the last five years, so whether you are new to EC2 or an old hand, it’s worth a look at how to launch your own EC2 instances today. (For a deeper , check out , but note he’s doing things the command-line way, whereas today you can do things the graphical way, as this post shows. Still, if you want to know what Route 53 and so on mean, read Hall’s article.)
As long as you use a small instance size and haven’t already signed up, you can . Not all of the instance types (which vary by processor and memory) and storage sizes are free, but the UI guides you on what is and isn’t free. If you haven’t signed up, do that now.
To get started, sign into the .
The Management Console is a kind of UI nightmare. It contains every conceivable Amazon Web Services product that you could possibly use. Some of the categories are a bit arbitrary. Fortunately, EC2 is at the very top. Click EC2.
. Doing so means you’ll bid on your instance, and if other people bid more but below the retail rate Amazon will shut you down. There’s not a lot of point to picking this when you’re using the free tier. Don’t check this, we’re bidding 0.
Network:This is the virtual private cloud. Basically, Amazon lets you have multiple isolated virtual networks. At the moment, we have only one. Leave that as it is.
Subnet: This is another way of isolating ranges of IPs. Let’s leave that alone too.
Auto-assign Public IP:We definitely need this enabled. Amazon instances can have two IPs: one that is a private IP that can only connect to other EC2 instances on the same VPC, and one public IP that you can connect to from anywhere on the internet. If you’re deploying a more intricate system, you’d have some instances that would only have private IPs. In this case, we need a public IP for sure; otherwise, we’d be unable to connect.
Shutdown Behavior:Here be dragons. Set this to Stop, which is the default. The Terminate option actually means delete or burn it all down with no fire insurance.
Enable Termination Protection:Leave this off for this example. Generally, I check this. It’s a safety that prevents you from deleting instances when you don’t mean to.
Monitoring:Amazon has a monitoring suite called CloudWatch. We do not need this for now.
Tenancy:What really makes the economics of EC2 work is that most of the time your instance is probably doing nothing. The Shared option makes the most sense for that, because you’re sharing the back-end resources with other users when your instance is not running, lowering your costs. However, if you’re trying to get maximum performance, you’d select Dedicated Host. There is also an option to have a Dedicated Instance, which means that it runs on a host dedicated for your use but multiple (of your) instances might run on the same hardware. In this example, choose Shared; we’re going for cheap.
Step 3: Configure instance details
Step 4: Add storage to your instance
Now, click Add Storage. Storage is disk space. You have the option of straight General Purpose (SSD), Provisioned IOPS (SSD), or Magnetic. Because the General Purpose storage is eligible for the free tier, pick that. If you need performance, you’d pick the Provisioned IOPS option. (I’m not sure why anyone would consider picking magnetic disks like the cave people used when I was little. We could have a big fat disk with a whopping 30GB, but here let’s stick with 8GB (the default). If we wanted, we could have more than one volume (disk partition), but we don’t, so click Next: Add Tags at the bottom.
Step 5: Add tags to your instance
Tags are just key-value pairs associated with the instance. You can use them for whatever. At my work, we use them for cost centers and management. There are even scripts that automatically shut down instances if people leave them on. AWS is expensive and doing the equivalent of leaving the light switch on can drain the old bank account pretty quickly.
In this example, we’re just doing a little test instance and not deploying a whole devops management suite, so you can just click Next: Configure Security Group.
Step 6: Configure your security group
Before we do anything on the security screen, go to another browser tab and type the literal
what is my ip. You’ll get an IP address like the fake one I just fudged on this screenshot (18.104.22.168). This is a 32-bit IP address. Copy it.
By default, Amazon firewalls off everything on your public instance IP. The default on this screen is to leave SSH open to 0.0.0.0/0, which means the whole world. Paste your IP into the text box and add
/32 on the end. The
/32 means the whole IP address and only this address.
If you put
22.214.171.124/24, any IP beginning with 73.181.91 would be able to get to the SSH port. If you put
/16, anyone with an IP beginning 73.181 would get to the SH port. If you put
/8, anyone whose IP started with 73 would get to the port. This is not to say they could log in; but they could connect to the TCP/IP port. Remember: Even .
It is possible to use IPv6 addresses as well (if your IP is much longer and has
:s, it is an IPv6 address). Just change the
Click Review and Launch.
Step 7: Review your instance
This almost-final screen gives you a chance to correct any mistakes. I don’t make mistakes, so I just click Launch. But you might want to review your own work.
Here, you create an SSH key pair and call it whatever you like (what you enter will be in its filename, so don’t go nuts). This lets you get to your instance using SSH.
Instead of a password you’ll use this file to login.
Step 8: Launch your instance
If it is your first time in EC2, you’ll have to create a new key pair. If you’ve been in EC2 before, you can select one you’ve already used.
You have to download the key before you can move on. Download the key, then click Launch Instance.
On the next screen, you’re told that your instance is in progress. Click on its instance ID (the long hex after “initiated”).
You’ll be taken to a status screen that shows the instance is pending. Either wait around or click the Refresh button until you get bored.
After a minute or so you’ll see that the machine is not only ready but has been assigned an IP.
Open a terminal or shell window or use a tool like Putty.
ssh ubuntu@INSTANCEIP -i YOURPEMFILE.pem and replace
INSTANCEIP with the IPv4 public IP (in this case, 126.96.36.199) and
YOURPEMFILE with the name you gave your SSH key-pair-name (in this case, infoworld-test).
The first time you log in, SSH will warn you:
The authenticity of host ‘188.8.131.52 (184.108.40.206)’ can’t be established.
ECDSA key fingerprint is SHA256:BFPzqvDdq5qC2ijy2p4/9G/4wAzovscdEaPmSMKnc4k.
Are you sure you want to continue connecting (yes/no)?
This just means that EC2 doesn’t know that server yet. If you get this message again later (and the IP hasn’t changed), it could indicate a man-in-the-middle attack. But this time, just say yes.
D’oh! Except when I downloaded my key file, its permissions were too open, so I got an ominous warning and it refused to connect. Change the permissions of the file by typing
chmod 600 YOURPEMFILE.pem. If you do
644 (as in the screenshot below), that is still too open. Basically the
6 means read/write for the owner of the file, but not readable for anyone else (except maybe the administrative root user).
ssh command again, and you should get in! Play around if you know Linux.
Let’s not keep that running. So, go back to the EC2 instances screen. Right-click the instance and go to
You’ll see an “are you sure?” screen. Click Yes, Stop.
Once the instance is stopped, it is as if the machine is off. However, it is still there eating up … well, nothing, because we picked the free tier, and you get 12 months free. But let’s terminate it anyhow for good hygiene. Right-click the instance, go to instance state, and click Terminate.
Once you do this, you get another “are you sure?” screen. Say Yes, Terminate. If that safety setting I mentioned earlier were on, you’d have to turn it off before you could actually terminate the instance.
Congratulations, you’ve created an instance, logged in to it, stopped it, and terminated it. Your journey has begun. Maybe next time, you can install some software on it and maybe create an AMI, but for now, enjoy your fun with EC2.
Remember not to run up a large bill!