4/? for Cloud Certified Practitioner

Connect EC2 via SSH

ssh -i EC2Tutorial.pem ec2-user@13.59.5.116 

If it complains like “key is too open”, then:

chmod 0400 EC2Tutorial.pem

EC2 Instance Connect

use temporary ssh key to connect (Not the one you have)

** Never put IAM Access key secret key on EC2. Instead, modify IAM role (IAMReadOnlyAccess) (Attach it to the instance)

EC2 Instances Purchasing Options

• On-Demand Instances: short workload, predictable pricing
• Reserved: (Minimym 1 year)
  - Reserved instances: long workloads
  - Convertible Reversed Instances: long workloads with flexible instances
  - Scheduled Reversed Instances: example — every Thursday between 3 and 6pm
• Spot instances: short workloads, cheap, can lose instances (less reliable)
• Dedicated Hosts: book an entire physical server, control instance placement

EC2 On-Demand

• Pay for what you use:
  - Linux — biling per second, after the minute
  - All other operating system (ex windows) — biling per hour
• Has the highest cost but no upfront payment
• No long-term commitment
• Recommended for short-term and un-interrupted workloads, where you can’t predict how the application will behave

EC2 Reserved Instances

• Up to 75% discount compared to On-Demand
• Reservation period: 1 year = + discount | 3years = +++discount
• Purchasing options: no upfront | partial upfront + | All upfront ++discount
• Reserve a specific instance type
• Recommended for steady-state usage applications (think database)
• Convertible Reserved Instance
  - can change the EC2 instance type
  - Up to 54% discount
• Scheduled Reserved Instances
  - launch within time window you reserve
  - when you require a fraction of day / week / month
  - still commitment over 1 to 3 years

EC2 Sport Instances

• Can get a discount of up to 90% comparted to On-Demand
• Instances that you can ‘lose’ at any point of time if your max price is less than the current spot price
• The MOST cost-efficient instances in AWS
• Useful for workloads that are resilient to failure
  - Batch jobs
  - Data analysis
  - Image processing
  - Any distributed workloads
  - Workloads with a flexible start and end time
• Not sutiable for critical jobs or database

EC2 Dedicated Instances

• Instances running on hardware that’s dedicated to you
• May share hardware with other instances in same account
• No control over instance placement (can move hardware after stop/start)

Shared Responsibility Model for EC2

EC2 Section — Summary

• EC2 Instance: AMI(OS) + Instance Size (CPU + RAM) + Storage + security groups + EC2 User data
• Security Groups: Firewall attached to the EC2 instance
• EC2 User Data: Script launched at the first start of an instance
• SSH: Start a terminal into our EC2 instances (port22)
• EC2 Instance Role: link to IAM roles
• Purchasing Options: On-Demand, Spot, Reserved (Standard, Convertible, Scheduled), Dedicated Host, Dedicated Instance