How To Deploy and Connect to an Elastic Compute Cloud (EC2) Instance in 4 Steps.

Introduction

The Elastic Compute Cloud or simply EC2 provides secure and scalable compute platform. The EC2 forms one of the core of Amazon Web Services, together with Simple Storage Service (S3), and Relational Database Service (RDS).

The AWS Elastic Compute Cloud (EC2) offers broad and deep range of cloud compute features including over 500 choice of instance (t class, c class, m class, and more), various machine type (Ubuntu, MacOS, Windows, CentOS, Fedora, and many more), diverse option of processors (Intel, ARM, AMD, and so on), storage capacity (Elastic Block Storage), networking (with Ethernet speed that is up to 400Gps), and much more features. The EC2 is undoubtedly one of the go to choice when it comes to High Performance Computing (HPC).

In this post, we will walk through how to deploy an EC2 instance. Note that the word machine, server, EC2 or instance will be used interchangeably to mean Elastic Compute Cloud.

Requirements:

To follow this walkthrough, you will need:

  1. A laptop machine. Though a mobile device will do, I strongly recommend a Laptop for better experience especially when connecting to the server.
  2. A good internet. You sure want to rule out the frustration that comes with slowpoke internet when you are learning a vital skill as this one.
  3. An Amazon Web Service (AWS) account. You sure cannot get into a house without a key, so is the AWS account to deploy an EC2.
  4. An IAM user with EC2 full access.

Step 1: Deploy The Elastic Compute Cloud (EC2) Machine.

We will start by first deploying the EC2 machine.
Log in to your AWS console and type Elastic Compute Cloud or EC2 in the search bar.
Then select the EC2 option.

In your EC2 dashboard you very likely will have no instance deployed, so, click on fine orange Launch Instance button.
You will be provided a windows to enter the configuration details of your EC2 machine. This is where the fun begins.

Deploy EC2 instance in easy steps launch button
  • Provide the name for your EC2 instance. Best practice is to use “-” or “_” to separate each words the name.
  • Next, select your preferred Machine type. This can be Amazon Linux 2, or Ubuntu.
  • In the Instance Type, select the Free tier eligible ones. E.g t2.micro or t1.micro
Deploy EC2 instance input name and select instance type

Step 2: Create Your Keypair For Elastic Compute Cloud (EC2)

At this point, you will need to create your keypair here. The keypair is your key to going into your server which will be done in later step. Download the keypair to your local machine. Note the download path. Don’t skip this part if you want to have a hassle free SSH into your server.

Deploy EC2 instance select keypair in oxla.io
  • In the Network Settings, at the right hand side, click the Edit to choose your Virtual Private Cloud (VPC) if you created a custom one. Else, leave at default to use the default VPC.
  • Select a Security Group if you created one, else, leave at the AWS default. However, make sure the SSH rule 22 is allowing either to your IP address (prefered though) or the the public 0.0.0.0/0 (not advisable, but can work for this tutorial)

You should also allow for HTTP 80 and HTTPS 443. It does not hurt.

Select security group for EC2 instance

Step 3: Configure Storage for EC2 Instance

  • In the Configure Storage, you can leave the Elastic Block Storage (EBS) parameters as default or adjust to your taste.
Select EBS for EC2 instance

Step 4: Create IAM Instance Profile For S3

Click the Advanced Details tab. Here you will configure your Instance Profile (i.e Role) for your server. The function of this role is to allow your machine communicate with other services that you allow in the Service Policy, without you necessarily doing such.

Scroll to IAM Instance Profile section of the EC2 instance configuration. Click on the drop down to select from the list of Roles. You need to create a new Role and attach policies, so, click Create New IAM Profile. This will open in a new tab. You can follow my post here on How to create IAM role.

In the new tab, click the blue button New Role, select EC2 service under the AWS Service. Click Next.

  • In this window, select the policies you will want the role to have. Here I allowed the EC2 have permissions for S3 bucket and SNS notifications, we can select the S3FullAccess policy.
  • Click Next to review your configuration. Click Create.
    Read how to create SNS topic.
Select instance profile for the instance

Now, go back to your EC2 instance configuration tab, refresh the Instance Profile, and then click the dropdown to reveal your newly created role. Select the new role to attach to your EC2.

Step 5: Shutdown Behavior and user data bash script

In the Shutdown Behavior, select Terminate from the dropdown list. This will ensure the instance terminates when you click the Terminate. Also, in production, you want to select Enable under CloudWatch and Stop protection option. However, for this demo, we will leave as Disable.

Leave the other settings as default for now.

Select Terminate in the shutdown behaviour.

In the User Data text box, you should paste bash script to install the Nginx web server when your server boots.

#!/bin/bash
sudo apt update
sudo apt upgrade
sudo apt install nginx

Click the Launch.

Add bash script to the instance

Step 6: Confirming that EC2 Instance Is Deployed Successfully

Navigate to your EC2 dashboard, Instance.
Take note of the instance status. Wait to get the 2/2 checked status.
You can explore the information while you wait.
Once that is done, you can connect to your newly created EC2 server.

Confirmed deployment

Connect To Elastic Compute Cloud (EC2) Instance

Congratulations on making it to this point. Now, you have your shining server ready to go.

Session Manager:

To connect simply check the box beside the instance name to select it, then click on Connect located in the top of the dashboard.
You can connect to your server either of the following ways:

If you will use the SSM to connect, the server will need the SSM access in the role created. Add the policy to the EC2 role you created earlier. I also created a post on how to install SSM with terraform in previous post.
Find the Role under the instance Action > Security > IAM role.
Once the permission is attached to the server, you will be able to click Connect in the SSM option. The SSM will give you the AWS managed console for your server.

Modify role in actions EC2
eidt IAM role for ssm
SSH Client:

This is using any bash enabled terminal to connect to your instance. GitBash, CMD, Powershell, Terminal will work.

To connect using any SSH client, navigate to the path where the key pair you downloaded from the previous step is.
$cd /path/to/the/downloaded/keypair
Then, chmod the file to allow it readable.
$chmod 0400 [keypairFileName] i.e chmod 400 "oxla-demo-keypair"

Copy the public DNS or IP from the instance details. Then run the command below in the path where you have the keypair file.
$ssh -i "keypairFile.pem" ami_User@public_DNS_or_IP
e.g ssh -i "demo-oxla-keypair.pem" ec2-user@ec2-52-205-239-244

You will get a prompt to confirm adding the keys to your environment, type yes.

Using the EC2 Instance connect:

To connect to the EC2 instance machine using this method, you will simply click on the Connect button under the EC2 instance connect. You can also grab the machine AMI user, and the server public IP address and navigate to your terminal or command line. However, you need to make sure you are in the directory where you have your downloaded keypair, otherwise, you should configure a password for your machine.
Run ssh user@ipaddress e.g ssh [email protected]

You will get a prompt to confirm adding the keys to your environment, type YES.

And you should be in your server to run your codes.

Conclusion

Congratulations, you have deployed you Elastic Compute Cloud (EC2) machine in the Amazon Web Service.

Please share this information with your network to help them learn too.

You can also drop questions in the comment section too.


Posted

in

by

Tags:

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *