Skip to main content

EC2: Elastic Compute Cloud

EC2: Elastic Compute Cloud

Amazon Elastic Compute Cloud (EC2) is a web service that provides resizable compute capacity in the cloud. EC2 enables you to launch virtual servers, configure security and networking, and manage storage. It is designed to make web-scale cloud computing easier for developers.

What is EC2?

EC2 provides virtual computing environments, known as instances, that run on Amazon's computing infrastructure. Each instance includes a virtual server with CPU, memory, storage, and networking capacity. You have full control over your instances, including root access and the ability to choose your operating system.

Instance Types

EC2 offers a variety of instance types optimized for different use cases:

General Purpose Instances

  • t3/t4g series: Burstable performance instances ideal for workloads with variable CPU usage
  • m5/m6i series: Balanced compute, memory, and networking resources for a wide range of applications
  • Use cases: Web servers, small to medium databases, development environments

Compute Optimized Instances

  • c5/c6i series: High-performance processors ideal for compute-bound applications
  • Use cases: Batch processing, high-performance web servers, scientific modeling, gaming servers

Memory Optimized Instances

  • r5/r6i series: High memory-to-vCPU ratio for memory-intensive workloads
  • x1/x2 series: Very large memory instances for in-memory databases
  • Use cases: High-performance databases, in-memory caching, real-time big data analytics

Storage Optimized Instances

  • i3/i4i series: High random I/O performance for storage-intensive workloads
  • d2/d3 series: Dense storage instances for data warehouse and Hadoop workloads
  • Use cases: NoSQL databases, data warehousing, distributed file systems

Accelerated Computing Instances

  • p3/p4 series: GPU instances for machine learning and graphics
  • f1 series: Field-programmable gate array (FPGA) instances
  • Use cases: Machine learning, high-performance computing, video encoding

AMI (Amazon Machine Image)

An AMI is a template that contains the software configuration (operating system, application server, and applications) required to launch an instance.

AMI Types

  • Public AMIs: Provided by AWS or the community
  • Your own AMIs: Custom AMIs created from your instances
  • AWS Marketplace AMIs: Pre-configured software stacks from third-party vendors

Creating Custom AMIs

  1. Launch an instance from a base AMI
  2. Install and configure your software
  3. Create an AMI from the instance
  4. Use the AMI to launch new instances with your configuration

Instance Storage

Instance Store

  • Ephemeral storage: Temporary block-level storage physically attached to the host computer
  • Lost on instance stop/termination: Data is not persistent
  • High performance: Very low latency and high IOPS
  • Use cases: Temporary data, buffers, caches, scratch files

Elastic Block Store (EBS)

  • Persistent storage: Network-attached storage volumes that persist independently from instance lifetime
  • Backup and snapshots: Create point-in-time backups of your volumes
  • Volume types: gp3 (general purpose), io1/io2 (provisioned IOPS), st1 (throughput optimized), sc1 (cold HDD)
  • Use cases: Database storage, application logs, boot volumes

Security Groups

Security groups act as virtual firewalls for your EC2 instances, controlling inbound and outbound traffic.

Key Features

  • Stateful: Return traffic is automatically allowed, regardless of outbound rules
  • Instance-level: Applied at the instance level, not the subnet level
  • Default deny: By default, all inbound traffic is denied, all outbound traffic is allowed
  • Multiple groups: Instances can belong to multiple security groups

Best Practices

  • Follow the principle of least privilege
  • Use specific port ranges instead of allowing all traffic
  • Create separate security groups for different tiers (web, app, database)
  • Document security group rules for audit purposes

Elastic IP Addresses (EIPs)

An Elastic IP address is a static, public IPv4 address designed for dynamic cloud computing.

Benefits

  • Persistence: Maintain the same IP address even if you stop and restart your instance
  • Reassociation: Quickly remap an address to another instance in case of failure
  • No charge: No charge for an Elastic IP address when associated with a running instance

Considerations

  • Charges apply if you have an EIP not associated with a running instance
  • Limited number of EIPs per region (5 by default, can be increased)
  • EIPs are region-specific

Key Pairs

Key pairs consist of a public key that AWS stores and a private key that you store. You use the private key to securely connect to your instances.

EC2 Instance Connect

  • Connect to instances using SSH in the browser
  • No need to manage SSH keys on your local machine
  • Temporary key pair that expires after 60 seconds

Best Practices

  • Use different key pairs for different environments
  • Rotate key pairs regularly
  • Never share private keys
  • Use IAM roles instead of access keys when possible

Instance Lifecycle

Instance States

  • pending: Instance is being launched
  • running: Instance is running and available for use
  • stopping: Instance is in the process of being stopped
  • stopped: Instance is stopped and can be restarted
  • shutting-down: Instance is in the process of being terminated
  • terminated: Instance is permanently deleted

Stop vs Terminate

  • Stop: Instance is shut down but can be restarted; EBS volumes persist; you continue to pay for EBS storage
  • Terminate: Instance is permanently deleted; default behavior is to delete EBS volumes unless configured otherwise

Auto Scaling

EC2 Auto Scaling helps you maintain application availability and automatically scale your EC2 capacity.

Benefits

  • Fault tolerance: Automatically replace unhealthy instances
  • Cost optimization: Automatically scale in during low demand
  • Performance: Automatically scale out during high demand

Components

  • Launch Configuration or Launch Template: Defines the configuration of instances
  • Auto Scaling Group: Defines when and where to launch instances
  • Scaling Policies: Define how to scale (manual, scheduled, or dynamic)

Pricing Models

On-Demand Instances

  • Pay by the hour or second with no long-term commitments
  • Best for short-term, irregular workloads
  • No upfront costs or minimum fees

Reserved Instances

  • Significant discount (up to 75%) compared to On-Demand pricing
  • Commit to 1-year or 3-year terms
  • Payment options: All Upfront, Partial Upfront, No Upfront

Spot Instances

  • Up to 90% discount compared to On-Demand pricing
  • Available capacity at a lower cost
  • Can be interrupted with 2-minute notice
  • Best for fault-tolerant, flexible applications

Dedicated Instances

  • Physical EC2 servers dedicated for your use
  • Compliance and regulatory requirements
  • Higher cost but complete isolation

Best Practices

Cost Optimization

  • Use Reserved Instances for steady-state workloads
  • Use Spot Instances for fault-tolerant applications
  • Right-size instances based on actual utilization
  • Terminate unused instances
  • Use Auto Scaling to match capacity to demand

Security

  • Use security groups with least privilege principles
  • Enable CloudTrail for API logging
  • Use IAM roles instead of access keys
  • Regularly update AMIs and patch instances
  • Encrypt EBS volumes for sensitive data

Performance

  • Choose the right instance type for your workload
  • Use Enhanced Networking for higher network performance
  • Place instances in the same Availability Zone for low latency
  • Use EBS-optimized instances for storage-intensive workloads

By understanding EC2's capabilities and best practices, you can build scalable, secure, and cost-effective applications in the AWS cloud. Always refer to AWS documentation for the most current instance types, pricing, and features.