EC2 for Humans | Amazon Web Services BASICS

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
well I can fit this video great to have you here my name is Maximilian and in this video I want to get you started with AWS ec2 what is that actually how can we use it and how does it work let's take a closer look on my channel I already got some videos on AWS and there we mainly used elastic beanstalk a service provided by AWS to quickly get started with hosting web applications behind the scenes and I did mention that in these videos elastic beanstalk spins up some virtual servers using AWS ec2 easy-to stands for Elastic Compute cloud and what this actually is is a service by AWS which allows you to bring up your own servers you could say now not of course complete machines though you could rent complete machines too but typically smaller fractions of these machines virtual machines running on the physical servers though and that's important each virtual server you bring up is totally isolated from all the other software basically all the other machines are running on the same physical machine and that is of course key from a security perspective but let's take a closer look on the AWS console we can find ec2 under the compute section the constants we launch our own server our own machine are on computer basically we can of course do all sorts of calculations or computations on it so let's click ec2 here and we're taking to the ec2 console now this console can be overwhelming the first time you view it you get a lot of options here on the left but the most important option for us is to launch instance button here so let's click it because here we can bring up a new virtual machine a new instance as it's called which will be like a computer or a machine old bus just sitting in a cloud on some other physical machine the first thing we have to do here is well the same you have to do on your own machine in your own room if you get a new computer and want to set it up you need to choose which operating system and which software to install on it and you do this by choosing an Amazon machine image as they are called there are loads of images to choose from different operating systems and different packages of software which are installed right from the start you can choose Linux and for an Linux distributions you can choose Windows now I'll choose the first image here the MS Linux distribution which already includes the LDS command-line tools pipes in the Ruby and packages we can install for PHP as on so let's click select now and what we're telling AWS hey we want to launch a new virtual machine running Linux with the other software which was mentioned here now we need to decide which kind of machine do we actually want to run because of course we can decide how powerful it should be and there are loads of options to choose from as you can see from this list now there's less the next step where you can get overwhelmed what is the right choice for you now basically all these versions all these instance types you see here differ by the power they offer but not just by the power in terms of memory or CPUs but all the in the relation these different components have to each other so for example we got the M instance type here all these instances starting with M and for in this case these are the general purpose machines you could say multi-purpose M stands for multi-purpose indeed and here we got this ratio of four-to-one so 16 gigabytes of RAM and 4 V CPU cores and V CPU is a workshop CPU core because of course you don't have the real physical machine you get a part a portion of that CPU which is actually installed on a machine assigned to your machine so you get that and other machines have a different ratio for example there are machines which are optimized on memory these feature much more RAM compared to the CPUs they have and that basically is a difference that also leads us to that strange naming which kind of tells you which ratio you have between the different assets or factors on each machine I already told you that M stands for multi-purpose C stands for compute so these feature a lot of CPUs as you can see the CPU to RAM ratio is different than for the M instance family that by the way is how it is called this first letter describes the instance family which in turn describes how RAM and CPU and SSD storage or storage in general is related to each other so we got C instance family instances which are more heavily focusing on CPUs M which is really multi-purpose has a good relation for all kinds of different tasks and then we get our machines or other instances like for example storage optimized ones so where we have a lot of storage on these machines like up to here 8 x q terabytes of SSD storage almost and here you can really choose which type of machine you need for which type of task you want to run on this machine do you want to run a web server of a web host or do you want to host your website on the machine basically well then multi-purpose all these T machines here actually might be interesting the key instance family stands for burst and this actually works a bit different there you can basically earn bursts credits at times where the machine is not utilized that much and then you can pull or use these credits if you got spikes traffic spikes which makes this reusable for spikey application spiky web applications M as a said multi-purpose all the good web server a storage optimized one probably not so much might be bare is better for our test where you need a lot of storage temporary storage may be or might be better or other machines like with a lot of CPUs or RAM or GPUs optimized machines are existing too which are better for big data analysis and machine learning these are all things you have to decide when picking instance now all go with the web server is approach and I also want to stay in the free tier which allows me to use this instance for one year all the time running for one year for free and check the free tier information on the alias pricing page to learn more about this this is only true if you have one of these instances if you launch ten of them well only one three so I choose to keep you micro instance which has one V CPU one gigabyte of RAM no special storage attached to it does have internal storage but we would have to add another service to get persistent storage which isn't removed once we shut the instance down and that basically is it we could already launch it and just to review the other configuration but to really understand what ec2 is about we should go through the configuration so let's click on configure instance details on this page we can now decide how many of these instances do we want to launch I'll go with one we could add more and we could automatically put them into your auto scaling group which manages the amount of instances depending on incoming traffic and so on we could request the spot instance and there's a different pricing thing or a different way of of paying for them you could say of getting the instance to normally what we're doing here is on the Mount we're bringing the census up it is available is always available and we paid a fixed price which you can see on the AWS pricing page however there are two other pricing options you could reserve an instance which means you can't shut down or you can shut it down but then you will still pay for it which you don't in the on-demand usage we're setting up here so you could reserve it which is a bit keeper but you always have to pay it or use the spot instance here which means you bid for instances which are not required right now but you only get them if the price basically approaches your bid price and you're not guaranteed that this instance will stay can stick with you you can also lose it again so this might be good for tasks which are not really time critical you don't need an instance which is up all the time but you occasionally ritu need to run some calculation then this might be an option so there's the pricing what else do we have here a couple of network settings and I actually will have a separate videos on V PC and what that this is about generally this is your own network in the cloud you'll launch your instance into you you can that also specify subnets in this network and that is what's happening here you can also assign a public IP and use the subnet subnet specific settings here or you could set this to enable directly to make sure that this instance does receive a public IP it of course needs one if you plan on reaching it from the web otherwise if it doesn't have a public IP no way of reaching that instance you can assign an I am role I am as this instance and access management thing on AWS and with the role you can control what you'll be doing or what you'll be able to do from this instance so for example if on this instance you run some code to access another AWS service you need to give that instance to permission to do so and you can do this by assigning the right role shutdown behavior well what do you want to do if you shut instance down do you want to stop it which basically will not remove it or do you want to terminate it which removes it from your instant list you can serve some monitoring details and you can move on to storage now here is some storage which is automatically attached to the instance this uses AWS EBS and our service and then some storage which will also be available if you shut your instance down the instance itself is a virtual machine and therefore it also has some internal storage some internal hard drive storage but if you ever shut the instance down that will be lost too and therefore attaching some external storage to it also makes sense because if you want to save some data which you want to keep even in the case that you shut the instance down you need that extra storage and here is one storage device with eight gigabytes automatically attached to it you could add more volumes but you're going to pay for that queue and check out the AWS EBS pages pricing pages to learn more about that you can also learn more about storage options here on that page next you can assign some tags which allows you to trace your instance feed on the build so basically to manage your instance and then we have to configure the security group and that's important of course the security group decides which kind of security rules are applied to the instance and you have to attach security groups to each instance now here we can create a new one or choose an existing one I already got a couple of as you can see basically what you do in a security group is you decide which traffic is allowed to enter the instance in which traffic may leave the instance which kind of requests so security group is a firewall basically you can decide which ports may be accessed from the outside and which traffic can well as I said leave the instance for example here what we're setting up as a rule is that we can SSH into the instance so we use port 22 the SSH port and then which source may do that not that strange notation here basically is a range of IPs I'll come back to that range of IPs in the V PC video what this means here is everyone the entire internet is able to SSH into your instance and you don't want that you don't want to get the entire internet access to your instance yes there will be a password protection but still this is extremely dangerous so instead choose my IP to get your IP automatically entered into this field and now only your IP will be able to access this instance and no one else and this of course is super important because now only you from your machine can access the instance now if your IP changes and isn't static you ever need to adjust this every time you want to access the instance you can adjust it after the instance was launched or you need to set up a range here which basically is the range of IPs you might potentially get now setting up ranges here you can simply google for it Sider CIDR translator or tool and you will find a tool or you can enter IP ranges and get the right side or block again I will explain this in DB PC video so with that we can now review and launch this so let's clip a glimpse over the details here again and launch this instance and we're prompted to Eirik use a key pair or create a new one now this key pair is required for us to log into the instance we can't log into it without a keeper so make sure to download it and store it safely if you ever lose it you can't get it again and you'll be locked out from your instance that's super important you know so here I will create a new key pair and now give it a name demo easy too and download it again you need to store this I already got this so let me name it demo to you I'll save it here and now with that saved you can now launch the instances with the instance in this case now this will take a couple of seconds you can go back to the ec2 console and actually see how it's getting launched here under running instances you see oh it's already running so that was really fast you might still see pending there but it really launches fast and this is your instance your own virtual machine running in the cloud now that's super awesome but what can we do with it well we can do anything we want with it you can install whichever software you want to install on it you can turn it into a web server it does have a public IP as you can tell down there this is its public IP and that is what you can do with it now of course if you take this public dns here which is like automatically and automatically generated to main you may also use if you enter this into your browser you actually will see that nothing happens and that makes sense because we have that able port 80 we only enabled port 22 on that security group so we're not actually able to send HTTP request to that instance but it does have a public eye view so turning it into a web server is only one thing though you could run big data analytics on the instance you could convert your vacation images into different file formats you can basically do whatever you want the only limitation of course is you won't have a desktop you will have to connect to it over the command line over SSH or use some other tool for doing that connections like putty on windows which takes us to the next step let's connect to this instance here now how can we connect I just set it over a command line over the terminal on Mac or Linux basically so let's open it and make sure to navigate into the folder where you stored this key file you just download it because we're going to meet this now I want to connect to this instance Oh and as a sign of course store just keep on a secure location on your machine and don't delete it don't accidentally delete it so now I want to connect to the server to that instance and on Mac and Linux is super easy you can use the SSH command on your command line on your terminal on Windows you don't have that now in Windows there are other options and I actually have a link about connecting to it on Windows in the video description you can use or it can install OpenSSH to always be able to use SSH from the command line and or you can use a tool named putty to also connect via SSH to that instance so it's super easy to connect from Windows to so with that here we always no matter if you're using Windows or Linux we need to pass some information cue our our instance basically we need to has the user with which you want to connect and AWS automatically created one for us and the password for this user now the password is our key file here this top temple this is our key pair we have for connecting to the database at three instance the username depends on which kind of image you chose for MSN Linux it's going to be easy to user now the exact command to connect is the following SSH as you see - I then the path to your key pair so in this case in some is the same folder it's just the name of the keeper but it would be the full path to that keeper if you execute this command from outside this folder then your username easy to user for the MS gnu/linux distribution at and then this Public DNS we already copied and then this is actually it now if you hit enter you can click or enter yes here to confirm the fingerprint of the instance and now you see that the private key file was unprotected and therefore we weren't allowed to connect to the instance this is a security mechanism we can't connect as long as our key falls this top temple is not protected so as long as everyone can basically over now you can change the permissions of that key file to read only to change mode command chmod then 400 this is the the shortcut for read-only and it is totally new to use some research for change models for chmod and you'll find detailed descriptions I'll also put a link in the video description and then the file name so demo to ezq p.m. now again for Windows users there also be a link in the video description about how to connect to the AWS ec2 instance with that file here at adjusted now we can now rerun this SSH command connect to the database and now you should successfully connect to it and now it might look just like it did before but actually you see here this is now a different user this is a different machine this is us on our own ec2 instance if you will list this you see in that directory we doesn't don't have any files but if you go to the root directory off the machine you see there are a couple of folders and files here this is definitely not my machine I can tell you that this is this Linux insects we're running in the cloud and we were able to connect to it because we opened the 22 port for our IP now this is the instance running and we are connected to it and as I said you can now do whatever you want to do it is like our own machine you can install whichever software you want to install run whichever code you want to run it is your machine now at least until you shut the instance down and you can turn it into a simple web server convert any images to smaller images there do big data analysis whatever you like now in the video description you'll also find a link how you could turn this into a web server it's a process which involves multiple steps you have to change some permissions but this is something you can do might be a nice next practice this is how you can log into your ec2 instance now let's go back to that management console here we see all running instances the one we just launched is the only one I have here actually what about all these settings here on the left though well you basically some rumors reserved instances and spot requests these are the different pricing options I managed I mentioned you see some general Vance tagged some logging information about your running instances here is a section about all the images you might add to your own image collection so the image we used or setting up this just instance basically we can manage our block storage tests businesses EBS serve as I mentioned regarding the storage we have attached to our instances there's only this one volume we did attach to the instance we're running right now we also have this security group setting which is about all the security groups and this is what I actually also want to take a look at right now here this is the security group we created last and if we increase this here in size with a short description which isn't too meaningful there is this VPC thing but I'll come back to we've receive a separate video as I said and then here inbound and outbound is interesting especially inbound inbound is how you manage what is able to access your instance and this should be as strict as possible of course here only SSH access is possible you can't access this instance from the web for example and even the SSH access is restricted to our IP here this of course should be as secure and as strict as possible to protect your instance the outbound rules on the other end are very relaxed here all traffic is allowed to access anything you may restrict this to but in general this is not as critical here and we definitely want to give our instance here access to the Internet in some way of code at least because we want to ensure that we can update install updates and so on this is our firewall the security group attached to our instance and definitely port definitely important to understand that inbound rules should be as strict as possible elastic IP it here are an interesting concept your instance here if you have a look at it click on it does have a public IP address here now this public IP for address here changes each time you shut the instance down and bring it back up so you can't rely on getting the same in IPA and of course if you have a website where you route your traffic to that IP that might not be the behavior you want actually as long as you stay in AWS world there are ways you work with dynamic public IP SKU but it might still be something you want to look into elastic IPS even though the name is deceiving elastic sounds very dynamic but actually these are fixed IPs you can allocate to your account and you do have to allocate them because ipv4 addresses are a rare resource it's changing with the ipv6 of course but we're running out of ipv4 instance a IPS so you can allocate some to your account only a limited in limited amount and then you can assign these IPS which now really belong to you to your account two instances and even if you shut the instance down and bring it back up you will still get the same elastic fixed IP address so that is really an interesting concept and really something you have to keep in mind if you are running applications web applications on these instances now a load balancing and auto scaling is something I already touched on in my elastic Beanstalk video basically it allows you to distribute incoming traffic across all instances or bring up or shut down additional instances as to traffic changes and then you get some well advanced management options here to get an overview over your instances and so on so I won't go into too much detail here this is what you can do with ec2 now I'll conclude this by shutting this instance sound by clicking on it and then either right-clicking instance state terminate you could also just stop it which won't get rid of it or reboot it but I want to get rid of it so terminate would be the right choice or if you just select it and click on actions and then you have the same menu instance eight-state terminate now we're warned that the EBS volume is configured to also be shut down you could now change this but I will also shut down the block storage which means of course that everything I stored there is lost everything here is lost instance will be removed and I can't exercise anymore this is how you bring it down and I hope that in this video I could give you a brief introduction relatively brief introduction qec to how to work with it again we already worked with it indirectly through elastic Beanstalk in an earlier video but it is really important to understand what's happening behind the scenes and I hope that this works with this video see you in other videos bye
Info
Channel: Academind
Views: 69,222
Rating: undefined out of 5
Keywords: aws, amazon web services, ec2, elastic compute cloud, tutorial, simple, getting started
Id: lZMkgOMYYIg
Channel Id: undefined
Length: 25min 12sec (1512 seconds)
Published: Thu Jun 22 2017
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.