Set up AWS EC2 instance in less than 10 minutes

Today I will be talking about how to start up your ec2 instance up and running.

For those of you who are new to Amazon web services, AWS is subsidiary of amazon that provides you on demand cloud computing platforms to individuals and to companies on a paid subscription basis.

AWS provides you with multiple web services and EC2 (Elastic cloud compute) is one of the most used web service. Using EC2 you can setup your virtual machine on cloud with various plugins or managed services like RDS (database systems), SNS (Notification service), firewall, security etc. You can access you EC2 instance by SSH or can use the public & private keys to access the machine. And since its on cloud its accessible from anywhere and you have your setup done in a matter of minutes.

Let’ begin on how to setup an EC2 instance. For people who do wish to try AWS there is a free 12 months package available by Amazon. Create a free account.

AWS Free Tier

For creating a EC2, first we need to create a VPC (Virtual Private Network). This requires a a basic knowledge of networking. We need to create a private network and subnets where the instance will be running.

Chose the Region as per your wish on the top right corner. It is this region your virtual machine will be set up. You can later create a replica of your machine in a different region for disaster recovery.

In our example, we will be running one private and one public network inside a single availability zone (AZ’s). The EC2 instance will run on the public network (connected to internet gateway) and the private network would have any service running that you want to protect from direct access. In this example we would be adding a RDS (relation database). Any service running on a private subnet would require to connect to a public subnet via a NAT gateway. Have a look at the architecture diagram.

Creating a Virtual Private Network

1. Go the AWS icon, and click on the service VPC.
2. Click on the create VPC button on the top left.
3. Select the second option to create a VPC with public and private subnet (You could choose as per your requirement, keep all the secure services on private network that you would want to protect from direct access to the internet)
4. You need to provide a CIDR range(Classless Inter domain range), public subnet and private subnet range.
5. Give a name to your VPC, Public and private subnet.
6. Ensure that the Public and private subnet are in the same availbility zone. If you need to create a high availbility architecture then you should create two more public and private subnet (post the VPC creation) manually. I would cover that in a seperate story.
7. Select the option, Select an NAT instance instead. Key pair is optional. You can create a key pair from VPC dashboard later and attach to your VPC. We would create our NAT instance without a key pair.

Once your VPC is created, go to the VPC dashboard and check the details of your machine.

1. Under VPC, you would be now seeing a new VPC by the name the you created.
2. The subnet tab would now have 2 subnets, the private and the public subnet with the name that you created.
3. Route Table would have 2 new tables, one for each of private and public subnet.
4. Here under one of the route tables, you would see a table with one subnet associated. This is a public subnet. Under the routes, you would see that all the traffic (0.0.0.0/0) is routed to a newly created internet gateway. You can give the table a name, say public route table.
5. The second table, would be a private route table. Under the routes tabs you can see that all the traffic (0.0.0.0/0) is routed to a NAT instance (present on the public subnet). This way any communication from this subnet would go through the NAT instance to the public subnet. From public subnet it goes to the internet gateway.
6. You would need to associate your private subnet to this route table. Click on subnet association, and select your subnet CIDR, that you provided when creating VPC.
7. Check out the security group tab. A new security group is created while creating a VPC. By default All ports are open. You can control to restrict the open ports. (Lets say only SSH(22) and HTTP(80)). Note that security group is associated to each VPC. Provide a name to this group.

Private Route Table

Once your VPC is all set, we can now create a EC2 instance. Click on the aws icon and open the EC2 service.

Public Route Table

Creating an EC2 instance

1.Click on Launch EC2 instance.
2.Select the type of AMI (Amazon machine Image). There are some choice to select the market place AMI or a community AMI (amazon), or you can customize your own as per your requirement.
3. Once selected, now you need to select the machine hardware type. This is again as per your requirement. In this example, I have selected a general purpose t2 micro. Click on Next: Configure Instance
4. Select the number of instances as 1 and then select MY VPC as your network. Note each EC2 instance is chargeable, so select as per your requirement. 
5. Ensure that the selected subnet is a public subnet, else you would not be directly able to access this machine. Click Next: Add storage.
6. By default a 8 GB volume is added, which is marked as delete on termination. You can chose not to delete the data on termination in case you wish to attach this storage(EBS storage only) to a different EC2 instance later. You can add more EBS storage as per your requirement. 
7. Click on Review and Launch.
When launching you would be asked to create a new key pair (if you don’t have already). Give your key pair a name and then click on download key pair. Note that this key pair can be downloaded only one time. If you lose this you cannot download the key pair again. You would need to go through the recovery process (in a different story).
8. Click on launch instance.

Your instance would take 2 to 3 minutes to launch. Go to the EC2 dashboard and check for the status. Once the status is running you can use that machine.

That’s it. You just created a compute machine in a matter of minutes. Imagine the burden you would need to do to buy and configure your PC. AWS makes it ready in less than 3 minutes.

You can try doing ssh to this machine, to test if this machine is working okay. To do so you need to attach an elastic public IP to this machine.

1. Click on Elastic IP tab.
2. Click on Allocate new address

You Elastic IP is ready now. Go to the elastic IP dashboard and select the elastic IP created.
Click on Actions > Associate address. Select the ec2 instance that you created.

Elastic IP association

Now Head back to EC2 dashboard. Under the instance summary you would see the public IP associated this instance.

Do a ssh to test this machine

ssh ec2-user@<Elastic-IP> -i <My_Key.pem>

SSH Machine

Note: My_Key.pem is the key that you generated while creating ec2 instance.