Amazon Elastic Compute Cloud (EC2)
Amazon Web Services (AWS) is a cloud computing platform that offers a wide range of services to customers, including computing, storage, and databases, among others. One of the most popular services provided by AWS is the Elastic Compute Cloud (EC2), which allows customers to rent virtual servers and run applications on them.
EC2 instances are virtual servers in the cloud that can be created, launched, and managed easily. In this article, we’ll discuss the basics of EC2 instances and how they work.
What is an EC2 Instance?
An EC2 instance is a virtual server in the AWS cloud that provides compute capacity. It is a scalable computing resource that can be easily launched, configured, and managed. Each instance is created from an Amazon Machine Image (AMI), which is a pre-configured virtual machine image that contains an operating system, applications, libraries, and other necessary components.
EC2 instances can be created in various sizes and configurations, depending on the customer’s requirements. They can run a variety of operating systems, including Linux, Windows, and macOS.
How EC2 Instances Work
EC2 instances are launched from an AMI and can be configured with various settings, including the instance type, storage, and security settings. Once launched, the instance runs on a virtual machine in the cloud, and customers can access it using various methods, including the AWS Management Console, the AWS Command Line Interface (CLI), or the AWS SDKs.
EC2 instances can be launched in various sizes, ranging from small, low-cost instances to large, high-performance instances with specialized capabilities. Customers can choose an instance type based on the specific needs of their application. For example, they can choose an instance type with high compute power for running CPU-intensive workloads, or an instance type with high memory for running memory-intensive applications.
EC2 instances can also be configured with various storage options, including Amazon Elastic Block Store (EBS), which provides persistent block-level storage, or Amazon Elastic File System (EFS), which provides scalable, network file storage.
Security is also an important consideration when launching EC2 instances. Customers can configure security settings, including virtual private cloud (VPC) settings, security groups, and access control policies, to ensure that their instances are secure.
Links
Demo
This is a YAML code block that outlines an Ansible playbook for creating an EC2 instance on Amazon Web Services (AWS). The playbook consists of three tasks, each of which performs a specific action:
The first task creates a security group for the EC2 instance named “{{ name }}_server_sg”. The security group allows incoming traffic on port 80 (for LB HTTP healthcheck) and port 443 (for LB HTTPS traffic) from the load balancer security group specified by “{{ lb_security_group_id }}”. The security group is also tagged with the name “server_sg”.
The second task creates a separate security group for remote access to the EC2 instance named “{{ name }}_server_remote_sg”. This security group only allows incoming traffic on port 22 (SSH) from a specific CIDR block “{{ remote_ssh_cidr }}”. This security group is also tagged with the name “server_remote_sg”. However, this task is only executed when the “deployment_environment” variable is set to “dev”.
The third task creates the actual EC2 instance named “server” in the specified subnets. The instance is created with the specified instance type, image ID, and key name. It is also assigned the security groups created in the first two tasks. This task is only executed when the “deployment_environment” variable is set to “dev”. The “wait” parameter is set to “no” to ensure that the task does not wait for the instance to be fully created before moving on to the next task.
Overall, this Ansible playbook creates an EC2 instance on AWS with appropriate security groups and settings for a development environment.
---
- name: Create AWS EC2 server
hosts: all
vars:
name: "server"
deployment_environment: "dev"
instance_type: "t2.nano"
image_id: "ubuntu/images/hvm-ssd/ubuntu-jammy-22.04-amd64-server-20220420"
key_name: "luca"
subnets: "development"
tasks:
- name: Create Server Security Group
amazon.aws.ec2_group:
state: present
name: "{{ name }}_server_sg"
description: Security group for {{ name }}
region: "{{ region }}"
vpc_id: "{{ vpc_id }}"
purge_rules: yes
purge_tags: yes
rules:
- rule_desc: Allow LB HTTP healthcheck
proto: tcp
from_port: 80
to_port: 80
group_id: "{{ lb_security_group_id }}"
- rule_desc: Allow LB HTTPS traffic
proto: tcp
from_port: 443
to_port: 443
group_id: "{{ lb_security_group_id }}"
rules_egress:
tags:
Name: server_sg
register: server_sg
- name: Create Server Remote Access Security Group
amazon.aws.ec2_group:
state: present
name: "{{ name }}_server_remote_sg"
description: Only for dev environments
region: "{{ region }}"
vpc_id: "{{ vpc_id }}"
purge_rules: yes
purge_tags: yes
rules:
- rule_desc: Allow Inbound SSH Traffic
proto: tcp
from_port: 22
to_port: 22
cidr_ip: "{{ remote_ssh_cidr }}"
rules_egress:
tags:
Name: server_remote_sg
register: server_remote_sg
when: deployment_environment == "dev"
- name: Create EC2 instances for 'dev' environment
amazon.aws.ec2_instance:
name: server
instance_type: "{{ instance_type }}"
image_id: "{{ image_id }}"
vpc_subnet_id: "{{ item }}"
key_name: "{{ keypair_name }}"
security_groups:
- "{{ server_sg.group_id }}"
- "{{ server_remote_sg.group_id }}"
network:
assign_public_ip: true
wait: no
with_items:
- "{{ subnets }}"
register: server_instances
when: deployment_environment == "dev"
Conclusion
Amazon EC2 instances are a powerful and flexible computing resource that allows customers to rent virtual servers and run applications on them. With various configurations and settings available, customers can choose an instance type and storage option that best suits their application’s requirements. Security settings also ensure that the instances are secure and protected from unauthorized access.
As a cloud-based service, EC2 instances are scalable and can be easily launched, managed, and configured from anywhere in the world. AWS provides a wide range of resources and support to help customers get started with EC2 instances, including documentation, tutorials, and support forums. Subscribe to the YouTube channel, Medium, and Website, X (formerly Twitter) to not miss the next episode of the Ansible Pilot.
Academy
Learn the Ansible automation technology with some real-life examples in my Udemy 300+ Lessons Video Course.
My book Ansible By Examples: 200+ Automation Examples For Linux and Windows System Administrator and DevOps
Donate
Want to keep this project going? Please donate