In this lab:
Amazon Virtual Private Cloud (VPC) can be used to create your own VPC and add additional components to it to produce a customized network. Security groups will be created for your EC2 instance. You customize and configure the EC2 instance to run a web server and launch it into the VPC.
Requirements

  • AWS Educate account or AWS account
  • AWS Academy account

Introduction to Amazon EC2:


Amazon Elastic Compute Cloud (Amazon EC2) provides scalable computing capacity in the AWS cloud, where you will be able to launch virtual servers, configure security and networking, and manage storage. 

Features of Amazon EC2:

  • Availability of Virtual computing environments, known as instances
  • AMIS or Amazon Machine images which are Preconfigured templates for your instances
  • Various configurations of CPU, memory, storage, and networking capacity for your instances, known as instance types
  • Usage of key pairs to Secure login information for your instances
  • Instance store volumes-availability of  Storage volumes for temporary data
  • Amazon EBS Volumes-Persistent storage volumes for data using Amazon EBS
  • Availability of Multiple physical locations for your resources
  • Availability of a  firewall that enables you to specify accordingly
  • Static IPv4 addresses for dynamic cloud computing, known as Elastic IP addresses
  • Tags or Metadata, that you are able to create and assign to your Amazon EC2 resources
  • Virtual networks you can create, known as virtual private clouds (VPCs). 

Accessing the AWS Management Console:

1. At the top of these instructions, click  Start lab Launch your lab.

2. Click the X to close the Start Lab panel after you see the message "Lab status: ready".





3. At the top of these instructions, click AWS.

AWS Management Console will be opened in a new browser tab, the system would log you in automatically.

Task 1: Launch Your Amazon EC2 Instance:

What is EC2 Instance?
An EC2 instance is a virtual server in EC2 to run applications on the AWS infrastructure.
(TechTarget, AmazonEC2 instanc, Margeret Rouse,2014, https://searchaws.techtarget.com/definition/Amazon-EC2-instances )

4. Click EC2 in the AWS Management Console on the Services menu.
5. Click Launch Instance.

  


Step 1: Choose an Amazon Machine Image (AMI):

An AMI provides the information required to launch an instance, the AMI should be specified before launching an instance and you are able to launch multiple instances from a single AMI with the same configurations and you will only have to use different AMIs to launch instances when you require different configurations.

An AMI includes the following:
  • One or more EBS snapshots
  • A template for the root volume of the instance for instance-store-backed AMIs,  
  • Launch permissions that control as to which AWS accounts could utilize the AMI to launch instances.
  • A block device mapping that specifies the volumes to attach to the instance when it's launched.(AWS, Amazon Machine Images(AMI), 2020, https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AMIs.html)


What is Quick start?

AWS Quick Starts are automated reference deployments that launches, configures, and runs the AWS compute, storage, network, and other services that are required to deploy a specific workload on AWS, through using AWS best practices for security and availability.
(AWS, AWS quick starts frequently asked questions, https://aws.amazon.com/quickstart/faq/)

6. The Quick Start list,Click select next to Amazon Linux 2 AMI.




Step 2: Choose an Instance Type:

7. A t2.micro instance should be selected by default, this instance type is eligible for the free tier.
Instance type has 1 virtual CPU and 1 GiB of memory. 

8. Click configure Instance Details.



Step 3: Configure Instance Details:

The Network indicates as to which VPC you wish to launch the instance into.
9. Select Lab VPC for Network.

During the setup process of your lab, The Lab VPC was created using an AWS Cloud Formation template. This VPC includes two public subnets in two different Availability Zones.

10.   For Enable termination protection


How do I protect my data against accidental EC2 instance termination?

When an Amazon EC2 instance is terminated the resources are stopped and cannot be started again, hence termination protection should be enabled in order to prevent an instance from being accidently termintaed. 
(AWS, How do I protect my data against accidental EC2 instance termination?, Quisar, 2020, https://aws.amazon.com/premiumsupport/knowledge-center/accidental-termination/)


11. Scroll down, then expand Advanced Details.
A field for User data will appear.
When an instance is launched, user data can be passed to the instance which could be used to perform common automated configuration tasks and also even run scripts after the instance had started.

Your instance is running Amazon Linux, hence you will provide a shell script that runs when the instance starts.
12. the following commands should be copied and pasted into the User data field:
#!/bin/bash    
 yum -y install httpd
 systemctl enable httpd
 systemctl start httpd
 echo '<html><h1>Hello From Your Web Server!</h1></html>' > /var/www/html/index.html


The script will:
  • Install an Apache web server (httpd)
  • Configure the web server to automatically start on boot
  • Activate the Web server
  • Create a simple web page


13. Click Add Storage

Step 4: Add Storage:

The Amazon EC2 instance will be launched using a default 8 GB disk volume. This will be your root volume  which is also known as a 'boot' volume.

Amazon EC2 provides cost effective flexible and easy-to-use data storage options for your instances. 
AWS,Storage, (2020), https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Storage.html       

Block level storage volumes are provided by Amazon Elastic Block Store for use with EC2 instances. EBS volumes behave like raw, unformatted block devices. Multiple volumes can be mounted on the same instance, and a volume can be mounted to multiple instances at a time. These can be used as a hard drive or block device or a file system can be created on top of these volumes.
AWS,User Guid for Linux instances, (2020) https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AmazonEBS.html

14. Next click To Add Tags


Step 5: Add Tags:

A tag is a label that consists of a customer defined key and an optional value which makes it easier to search, manage, and filter resources. Customers are also allowed to assign metadata into the AWS resources in the form of tags
AWS, Tagging best Practices,(December2018), https://aws.amazon.com/answers/account-management/aws-tagging-strategies/ 

Specify tags by providing key and value combinations on the Add Tags page and you are able to tag the volumes, the instance, or both.you are only able to tag the spot instance for  Spot Instances.
AWS, User Guide for windows instances, (2020)https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/launching-instance.html

15. Click on Add Tag and then configure:
·       Key: Name
·       Value: Web Server

16. Click Next Configure Security Group





Step 6: Configure Security Group:

In order to control inbound and outbound traffic a security group acts as a virtual firewall for your instance.upto 5 security groups can be assigned and act only at the instance level and not the subnet hence, a different set of security groups can be assigned to each instance in a subnet in your VPC.
AWS, Security groups for your VPC, (2020), https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html

17. On Step 6: Configure Security Group

configure:
  • Security group name: Web Server security group
  • Description: Security group for my web server



In this lab, SSH will not be used to log into your instance using SSH. The security of the instance would be increased through removing SSH access.
18.    Delete by clicking X left corner the existing SSH rule.
19.    click Review and launch.

Step 7: Review Instance Launch:

Check the details of your instance on the Review Instance Launch page,
The configuration for the instance you are about to launch will be displayed on the review page.

20. Click launch.          


Choose an existing key pair:

21.select Proceed without a key pair  on the Choose an existing key pair drop-down.

choose an AMI that is configured to allow users another way to log in when proceeding with option proceed without key pair or you will not be able to connect to the instance.


22.Select I acknowledge that.
23.Click Launch Instances.
·       
The instance will appear in a pending state, which means it is being launched.




·       The state will change to running,where the instance would have started to boot. It will take a while before you can access the instance.

Wait for your instance to display the following:

  • Instance State:  running
  • Status Checks:  2/2 checks passed



The Amazon EC2 Instance would be launched successfully.



Task 2: Monitor Your Instance:


It is important to monitor inorder to maintain the availability ,reliability, and performance of Amazon EC2 instances and AWS solutions.
AWS, monitoring AmazonEC2, (2020)https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/monitoring_ec2.html

24.Click the Status Checks tab:


·       The System reachability and Instance reachability checks have been passed.




25. Click the Monitoring tab.
Amazon CloudWatch metrics are been displayed in this tab for your instance, not many metrics are been displayed at the moment since the instance was launched recently.


26. Select Instance Settings in the Action menu, Get System Log.

the console output of the instance is displayed in the System Log which is specially used for troubleshooting kernel problems and configuration issues that could resultin the termination of an instance or  to become unreachable before its SSH daemon can be started.





27. Scroll through the output and take a note that the HTTP package was installed from user data that were added when the instance was created.



28.Click Close.




 29. In the Action menu 

Select Instance Settings Get Instance Screenshot.





30.Click Close.
 Several ways have been explored to monitor the instance.


Task 3: Update Your Security Group and Access the Web Server:


When the EC2 instance was launched, a script was provided that installed a web server and created a simple web page. You will be accessing the contents from the web server.

31.Click the Description tab.
32.the IPv4 Public IP of your instance should be copied to your clipboard.
paste the IP address you just copied into a new tab , then press Enter



·       If you are not able to access your web server:

  • as the security group is not allowing permission for inbound traffic on port 80, which is used for HTTP web requests you are unable to access web server. This is a result of  using a security group as a firewall to restrict the network traffic.this can be solved by upgrading the security group to permit web traffic on port 80.



33.Return to the EC2 Management Console tab while keeping the browser key open.
34.Select Web Server security group.
35.Click the Inbound tab.
Currently the security group will not have any rules.




 36.Click Edit and configure:
  • Type: HTTP
  • Source: Anywhere





37.Click Save Rules.
38.Refresh the  web server tab that you previously opened.
There will be message sowing a Hello From Your Web Server!



The security group would have been successfully modified to permit HTTP traffic into theAmazon EC2 Instance.

Task 4: Resize Your Instance: Instance Type and EBS Volume:

You are able to change the type of your instance when you feel that is either over or under utilized and Similarly, you can change the size of a disk.


Stop Your Instance:

Before you can resize an instance, you must stop it.
 An instance is shut down when its stopped there is no charge for stopping an instance but, but the storage charge for attached Amazon EBS volumes remains.

39.Click Instances In the EC2 Management Console .
          Web Server should already be selected.
40.Select Instance State – Stop in the Action menu.
41.Click Yes, Stop






42.Your instance  will stop running after performing a normal shutdown.
43.Wait untill the Instance State  displays:  stopped.








Change The Instance Type:

44. Select Instance Settings in the action menu and  Change Instance Type, then configure:
·    
  • Instance Type: t2.small
  • Click Apply




Resize the EBS Volume:

Click Volume. In the left navigation menu
45. select Modify Volume .in the action menu

the current disk volume is 8 GiB. the size of this disk  will be increased now.

46.Click Modify.




46.Change the size to: 10 
NOTE: there may be restrictions in creating large Amazon EBS volumes in this lab.


47.to confirm and increase the size of the volume click yes.


48.Click Close.



Start the Resized Instance:

The instance will be started again where you will now have more memory and more disk space.
49.click Instances.in the left panel
50.select Instance State, Start.in the action menu


51.Click Yes Start.



  • The Amazon EC2 Instance has been resized from t2.micro to t2.small.
  • The  root disk volume has been modified from 8 GiB to 10 GiB.




Task 5: Explore EC2 Limits


Amazon EC2 provides different resources such as images, instances, volumes, and snapshots which have limits based on per-region basis when you create an AWS account.

52.         click Limits.on the left navigation panel




Task 6: Test Termination Protection:

If you no longer need your instance you can terminate it and you will not be able to connect  or restart an instance after termination.
 you will learn how to use termination protection in this task
53.click Instances.in the left navigation panel
54.select  Instance State – Terminate in the action menu


55.         the termination button would be dimmed and unable to click



56Click Cancel.


57. Select Instance Settings Change Termination Protection in the action menu:





58.Click Disable. 





59.You will now be able to terminate the instance









Termination protection has been tested and your instance has been terminated successfully.



Comments

Post a Comment