EC2 - elastic Compute - on demand, disposable.Is a shared environment - physical machines shared by multiple customers.
these are the tech layers
- customer instances
- vpn using Zen Hypervisor
- virtual interfaces
- Security groups
- physical interfaces
AMI - amazon machine instance (virtual machine)can be running or stopped
ECS is more public
VPC - Virtual private cloud - more control of network layers - better for high security companies -eg bank
Globally there are Regions - you pick onethen in each region there are AZ - Availability zones
SSS - S3 Simple Storage ServiceS3 buckets (buckets of storage - logical term)
snapshots/backups are made to S3 - in a region
Instance - AMIunit of control/ unit of scale / unit of resilience
you can bundle, spread for ha, add and remove, control cost
scale out multiples of this
large variety of instances.
easy to size up from small..
AMI can be Amazon maintained, community maintained, your own images for your company
e.g. Linux, Enterprise Linux, windows
this in an on demand service
Launching an Instance
set region, instance size, AMI. key pair, security Groups
Key pairsPublic key is auto inserted into new running instance
you get a private-
only you can access your instance due to this.
eg use RDP to get onto the instance.
Credentials - access key and secret key for APIused with all API usage provided by EC2
used to authenticate against some old API's
Security groupsset name, desc, protocol, port range , ip address, or another security group
How do I launch an ECS AMI instance ?Windows- Can use powershell commands / script to launch an instance
Linux - from scripting language - commands available
also can use python libraries to run instances.
IAM roles and EC2 toolsAfter creating a an instance - assign a IAM role.
Create a role with plus instance with an automatic installation of all tools
Also ensures all secret keys automatically set up.
Can revoke roles.
Costingprice per hour
Reserved instance for x years - discounts
spot instances - bid for excess capacity - cheaper, but not reliable
ELB - elastic load balancerEPH - epherial non persistent storage
CloudWatch -monitoring tool,
with alarms -
thresholds - can triggers to scale up, scale down - eg cpu power
uses policies to enable.
Additional actions - eg fire to http, email, queue - so we can programmatically
take advantage of alerts
Can see billing details etc.
Route 53 - control of dns - eg rolling deployments
Beanstalk - autoscaling for popular tools eg ruby and python
OpsWorks - automate configuration
Cloud formation - make templates for everything
Need to stop thinking of resources as fixed.