What is EC2 in Amazon Web Services?
Amazon EC2 (Elastic Compute Cloud) is one of the most widely used web services that provides elastic compute capacity in the cloud by launching and renting virtual Servers known as Instances.
Millions of users (business) across the globe are moving towards hybrid cloud infrastructure. This involves securing critical data on-premise while running other workloads in public cloud environments. This strategy is more efficient in terms of setting up, scaling, and maintaining powerful server machines that otherwise have to be purchased and maintained.
Amazon Web Services is the most widely used public cloud for computing workloads and storage for business applications. In this blog, we will get started with the basics of AWS EC2.
Advantages of using AWS EC2 instances
- We can increase and decrease the capacity of these instances to run our own applications thereby removing the need to own a physical server machine that requires space and maintenance. You get control over the platforms to be used, where the instances need to be launched and along with storage optimization options. Amazon EC2 lets you completely configure and manage your computing workloads.
- The instances that are launched across the multiple regions and availability zones have many built-in security features provided by Amazon. With options like Virtual Private Cloud, Security Group, and Web Access configuration, your instances are secure from external threats.
- It is on-demand and easy to use. By renting the servers as and when required, your IT budget becomes more efficiently utilized. The billing is based on usage, which also means, you can reduce the expenditure by terminating instances that are no longer required. A new instance can be created and launched within minutes.
Basics of EC2 instances
AWS provides the infrastructure to run your applications, workloads, and store your data. To run our critical workloads on AWS, we need to understand the basics of the components involved.
An instance is just the virtual machine (servers) in the cloud. You will specify the Amazon Machine Image (AMI) from which an instance needs to be launched. This AMI determines the configuration of the instance at launch. There are different instance types, each offering different computing and memory capabilities.
- General Purpose – Can be used for applications that use compute, networking, and storage equally
- Compute optimized – Workloads that require high-performance processors
- Memory optimized – Workloads that require large memory utilization
- Accelerated computing – Workloads with extra hardware processors for better performance than that can be achieved through software
- Storage optimized – Workloads that required higher I/OPS on local storage
Types of instances that you can launch
- On-demand: Pay for compute capacity by per hour/per second depending upon which instances we are running. With on-demand instances, there are no long term commitments or any upfront payments required and are best suited for applications with short-term or unpredictable workloads
- Spot: Request spare Amazon EC2 compute capacity for up to 90% off the on-demand price and are recommended for applications that have flexible start and end times
- Reserved: Provides capacity reservations and are assigned to specific availability zones. They are suitable for applications that have steady state or predictable usage
- Dedicated: A physical EC2 server dedicated to our users and can help us to reduce cost by allowing us to use our existing server-bound software licenses. Amazon EC2 also provides us with Per Second Billing wherein the EC2 usage is billed in one-second increments with a minimum of 60 seconds.
Region and availability zone
AWS EC2 is hosted in data centers that are set up in 20+ regions across the globe. AWS also has AWS GovCloud (US) that is designed to host sensitive data and comply with US regulations. Some regions have multiple data centers each called Availability Zones. When you choose to launch an instance, you can determine in which region and AZ you want your critical workloads to operate in.
Amazon Machine Image: AMI is the image file template that is preconfigured with the operating system, application, or application servers. To launch an instance, you need to use this AMI.
If your AMI has the root device (system data volume) in an EBS volume, then it is said to be backed by Amazon EBS. If your AMI’s root device is from a template stored in S3, it is said to be backed by instance store.
IP Addressing: You can use Private or Public IPv4 addressing schemes to access your EC2 instances. The private IPv4 addressing is used for communication between EC2 instances of the same VPC. It is not reachable over the internet. Public IPv4 addressing is used if you want to access the instances over the internet. You can associate a specific IP address (IPv4) for your instance using Elastic IP addresses. These IP addresses, unlike the other, will not change every time you restart the machine.
Key Pair: Amazon encrypts the data with a public key while you hold the private key in a secure location. You will use the private key to decrypt the encrypted data.
Virtual Private Clouds: You can create a network for your EC2 instances that is similar to your traditional network for your on-premise data center. You can do this by creating a virtual network isolated for your instances called Virtual Private Cloud (VPC) by leveraging the highly scalable and manageable AWS Networking features. Like a traditional network, you can create divisions of your network (Subnet) in your VPC.
Security groups: Security groups can be compared to your traditional firewall, where you can define inbound and outbound rules to restrict access to the machine. The same happens in AWS, where you can create security groups apart from the default group available. You can define the access restrictions for traffic to and from your EC2 instances.
Tags: You can give labels for your AWS resources for easier management from your console. These resources can be instances, application databases, storage, etc. By tagging your resources you can categorize your similar resources that will help in easier identification as opposed to relying on resource-id.
How to get started with AWS EC2
- Log in to your AWS account and navigate to EC2 services
- Select the region in which you wish to launch an EC2 instance
- In the EC2 Dashboard, click Launch Instance to open the Instance Creation wizard
- Choose the preferred AMI and Instance type
- Select the security group for this instance
- Launch the instance
Protecting your AWS EC2 Instances
There are many features available in AWS that allow you to better protect your instances from data loss. But, as Amazon puts it in its Shared Responsibility Model, AWS protects the security of the cloud (the infrastructure) while we should take responsibility for the security in the cloud. That is why, it is up to you to protect your EC2 instances from accidental deletion, malware, or any other data loss events.
Vembu BDR Suite offers an agentless and cloud-native backup solution to protect your instances across any AWS account and region while ensuring instant recovery options.
To learn more about Vembu Backup for AWS, click here.
Experience modern data protection with this latest Vembu BDR Suite v.4.2.0 FREE edition. Try the 30 days free trial here.