What is EC2 ?
A broken down explanation
How does AWS define EC2?
Amazon Elastic Compute Cloud (Amazon EC2) is a web service that provides secure, resizable compute capacity in the cloud. It is designed to make web-scale cloud computing easier for developers. Amazon EC2’s simple web service interface allows you to obtain and configure capacity with minimal friction.
Let’s break it and redefine -
AWS EC2 is a virtual server (Linux, windows e.t.c) that you could rent it on the cloud and remotely connect to it. Anyone of us could request a server of the required feature (size, os, network bandwidth) and then start using it as a normal computer. You could host websites, databases, run scripts, run batch jobs, or anything else that you could possibly think of.
Capabilities of EC2 service -
• Renting virtual machines (EC2)
• Storing data on virtual drives (EBS)
• Distributing load across machines (ELB)
• Scaling the services using an auto-scaling group (ASG)
* if you don't understand it now, it's okay we will discuss it in detail later on.
What are Security Groups?
Security groups are acting as a “firewall” on EC2 instances. They control how traffic is allowed into or out of our EC2 Machines.
• Access to Ports
• Authorised IP ranges — IPv4 and IPv6
• Control of inbound network (from other to the instance)
• Control of outbound network (from the instance to other)
• Can be attached to multiple instances
• Locked down to a region / VPC combination
• Does live “outside” the EC2-if traffic is blocked the EC2 instance won’t see it
• It’s good to maintain one separate security group for SSH access
• If your app is not accessible (time out), then it’s a security group issue
• All inbound traffic is blocked by default
• All outbound traffic is authorized by default
• If your application gives a “connection refused“ error, then it’s an application error or it’s not launched
Security Group in-depth
Security groups could take in another security group as authorization. In the below diagram the SG1 can have inbound parameters and take another SG as a parameter. That means you could allow the communication from one Ec2 instance to another provided they have the authorized SG groups.
Public, Private and Elastic IPs
Networking has two sorts of IPs. IPv4 and IPv6:
• IPv4: 22.214.171.124 • IPv6: 3ffe:1900:4545:3:200:f8ff:fe21:67cf
• IPv4 is still the most common format used online.
• IPv6 is newer and solves problems for the Internet of Things (IoT).
• IPv4 allows for 3.7 billion different addresses in the public space
• IPv4: [0–255].[0–255].[0–255].[0–255].
• Public IP means the machine can be identified on the internet (WWW)
• Must be unique across the whole web
• Can be geo-located easily
• Private IP means the machine can only be identified on a private network
• The IP must be unique across the private network
• BUT two different private networks (2 companies) can have the same IPs.
• Machines connect to WWW using a NAT + internet gateway (a proxy)
• Only a specified range of IPs can be used as private IP
• When you stop and then start an EC2 instance, it can change its public IP.
• If you need to have a fixed public IP for your instance, you need an Elastic IP • An Elastic IP is a public IPv4 IP you own as long as you don’t delete it
• You can attach it to one instance at a time
• You can only have 5 Elastic IP in your account
Why don't we Host a Linux server -
To keep this article short please follow this article on hosting an EC2 server.