EC2 - elastic Compute - on demand, disposable.
Is a shared environment - physical machines shared by multiple customers.these are the tech layers
- customer instances
- vpn using Zen Hypervisor
- virtual interfaces
- Security groups
- firewall
- physical interfaces
AMI - amazon machine instance (virtual machine)
can be running or stoppedECS is more public
VPC - Virtual private cloud - more control of network layers - better for high security companies -eg bank
Globally there are Regions - you pick one
then in each region there are AZ - Availability zonesSSS - S3 Simple Storage Service
S3 buckets (buckets of storage - logical term)snapshots/backups are made to S3 - in a region
Instance - AMI
unit of control/ unit of scale / unit of resilienceyou can bundle, spread for ha, add and remove, control cost
scale out multiples of this
large variety of instances.
easy to size up from small..
AMI can be Amazon maintained, community maintained, your own images for your company
e.g. Linux, Enterprise Linux, windows
this in an on demand service
Launching an Instance
set region, instance size, AMI. key pair, security Groups
Key pairs
Public key is auto inserted into new running instanceyou get a private-
only you can access your instance due to this.
eg use RDP to get onto the instance.
Credentials - access key and secret key for API
used with all API usage provided by EC2X.509
used to authenticate against some old API's
Security groups
set name, desc, protocol, port range , ip address, or another security groupHow do I launch an ECS AMI instance ?
Windows- Can use powershell commands / script to launch an instanceLinux - from scripting language - commands available
also can use python libraries to run instances.
IAM roles and EC2 tools
After creating a an instance - assign a IAM role.Create a role with plus instance with an automatic installation of all tools
Also ensures all secret keys automatically set up.
Can revoke roles.
Costing
price per hourReserved instance for x years - discounts
spot instances - bid for excess capacity - cheaper, but not reliable
ELB - elastic load balancer
EPH - epherial non persistent storageCloudWatch -
monitoring tool,with alarms -
thresholds - can triggers to scale up, scale down - eg cpu power
uses policies to enable.
Additional actions - eg fire to http, email, queue - so we can programmatically
take advantage of alerts
Write metrics
Can see billing details etc.
Route 53 - control of dns - eg rolling deployments
Beanstalk - autoscaling for popular tools eg ruby and python
OpsWorks - automate configuration
Cloud formation - make templates for everything
Need to stop thinking of resources as fixed.