Creating an AMI & Launching an EC2 from the CLI
Let’s expand our EC2 knowledge by getting a little more familiar with AWS CLI. AWS CLI is a Command Line Interface. With a simple download and configure, you will be able to control multiple AWS services from your PowerShell/Terminal command line and automate them through scripts.
We have three goals for today:
1️⃣Install AWS CLI to our operating system
2️⃣Create an Amazon Machine Image of our previously created EC2 from project: https://medium.com/@mel.foster/utilizing-an-aws-ec2-to-create-install-nginx-server-at-launch-eb5b45c90fee
3️⃣ Launch an EC2 Instance & Install a NGINX Webserver all from the AWS CLI.
Know this will be a decent amount of steps compared to my previous projects, but ultimately we will have the capability to achieve our goals, and be able to access so much more in the future.
To follow along with this project you will need:
- AWS User Account with privileges (not recommended to complete in ROOT)
- PowerShell/Terminal
- Patience
1️⃣Installing AWS CLI //
The first step will be to install AWS CLI onto your OS. If you are operating on a Windows OS you can follow along with me. (If you are using a MAC or another OS you can refer to the directions found here: https://docs.aws.amazon.com/cli/v1/userguide/cli-chap-install.html)
msiexec.exe /i https://awscli.amazonaws.com/AWSCLIV2.msiConfirm AWS CLI Installation //
With our Access key info in hand and our AWS CLI completed downloading in our PowerShell; we return to back to PowerShell to confirm installation and then configure.
To confirm run the command:
aws --version
To configure run the command:
aws configureYou will then be prompted to complete the following:
AWS Access Key ID [****************AUSD]: ENTER YOUR ACCESS KEY
AWS Secret Access Key [****************LXv9]: ENTER YOUR SECRET ACCESS KEY
Default region name: ENTER YOUR CLOSET REGION
Default output format: jsonJSON stands for JavaScript Object Notation: a lightweight format for storing and transporting data; used to send data from a server to a web page.
2️⃣Creating an AMI Amazon Machine Image //
Logged into our AWS Console we will view our previous EC2 to gather information to create an AMI Image.
Amazon Machine Image: is a type of virtual appliance used to create a virtual machine within the Amazon Elastic Compute Cloud.
Enter the following command into your PowerShell/Terminal:
aws ec2 create-image --instance-id i-0a2c363d433ce57ad --name "NGINXWK6 Server" --description "An AMI Image for my NGINX server"
Back on your AWS Console, on the left hand pane you can select AMI to verify you in fact created an Amazon Machine Image.
3️⃣ Launch an EC2 Instance & Install a NGINX Webserver all from the AWS CLI //
For this portion our AWS User will need to have an Access Key. If you haven’t had experience creating an Access Key you can follow along with these steps.
🔐Creating an Access Key //
From your AWS Console you will click on your profile name on the far right.
Scroll down till you find the section titled Access keys
Choose Command Line Interface (CLI)
Your final screen will show your Access Key (Blocked for Security). Copy and store in a secure location. When you are ready, click done and you will be redirected to your Security Credential page.
With our Access key created and stored safely, we can move onto the next portion to prepare for our EC2 Launch from AWS CLI.
With our AWS CLI configured, we will start the process of gathering information from our previous instance’s AMI by running the command:
aws ec2 describe-instancesWe will see a lot of information surround our EC2. We will want to make note of the highlighted ImageID as we will need that information in a few steps.
We also need to know our VPC ID in order to create our Security Group. To know this we will run the command:
aws ec2 describe-vpcs
🛡️Creating Security Group //
With our VpcID info obtained, we can now create our Security Group by running the command below. I provided an example as well as a screen shot for reference. Make note of your GroupId as you will need it in a few more steps.
aws ec2 create-security-group --group-name <value> --description <value> --vpc-id <your vpc>
Example:
aws ec2 create-security-group --group-name NGINXWK6 --description "Nginx Project WK6" --vpc-id vpc-0791b00e8c58b8abc
Open Ports //
We need to Open the following ports to allow inbound traffic from all IPv4 and SSH access from IPv4 in your network.
- SSH — 22 is the OpenSSH server port used by default on most Unix/Linux installations.
- HTTP — 80 is the port assigned to web servers and directly associated with the Hypertext Transfer Protocol.
Open port 22 & 80 run the commands separately:
aws ec2 authorize-security-group-ingress --group-name your_group_name --protocol tcp --port 80 --cidr 0.0.0.0/0
aws ec2 authorize-security-group-ingress --group-name your_group_name --protocol tcp --port 22 --cidr 0.0.0.0/0
Example:
aws ec2 authorize-security-group-ingress --group-name NGINXWK6 --protocol tcp --port 80 --cidr 0.0.0.0/0
aws ec2 authorize-security-group-ingress --group-name NGINXWK6 --protocol tcp --port 22 --cidr 0.0.0.0/0
🔐Creating our Key pair //
Just like we did in our previous project we created a key pair, except now we are going to create from our AWS CLI by running the command:
aws ec2 create-key-pair --key-name <KeyPairName>
Example:
aws ec2 create-key-pair --key-name keypair-melfoster-Wk6-NGINX
🔑Verify our Key is Created:
aws ec2 describe-key-pairs --key-name <KeyPairName>
Example:
aws ec2 describe-key-pairs --key-name keypair-melfoster-Wk6-NGINX
We are getting closer to our Launch!! You getting excited? Feeling overwhelmed? All natural feelings. I will say going through these steps has me gaining confidence. The more you practice, and gain hands on experience the less foreign this will all feel. I am glad you’re still with me, let’s continue on and obtain our AMI.
Obtain AMI ID & Launch Time //
Back on the AMS Console
➡️Search for EC2
➡️Images
➡️ AMIs
➡️Copy the AMI ID that we created earlier
Get READY to Launch we will run the following command with our AMI pasted into the ami portion from PowerShell/Terminal:
aws ec2 run-instances --image-id ami-xxxxxxxx --count 1 --instance-type t2.micro --key-name KeyPairName --security-group-ids sg-[ENTER YOUR SECURITY GROUP]
Example:
aws ec2 run-instances --image-id ami-06ee83c337f5b25ed --count 1 --instance-type t2.micro --key-name keypair-melfoster-Wk6-NGINX --security-group-ids sg-00261afc43e35ca71 If it was successful, your PowerShell/Terminal will show you a screen with command help. Just hit q to exit or enter to keep going through the pages. We now can go check our AWS Console Under our EC2 Instances to see if we in fact were successful!
Whoop! Whoop! We did it!! We used the AMI to launch a NEW EC2 Instance!!
A deeper look:
Finally, let’s check our Auto-assigned IP address to see if our website install from our INITIAL EC2 copied into our AMI and is active.
We achieved all three goals!! Thank you for joining me on this complex addition to our EC2 Instance Week 6 Foundation Project. I see bright things in our future being a little more familiar with using the AWS CLI. Keep pushing yourself to learn more!
Join me on https://www.linkedin.com/in/melissafoster08/ or follow me at https://github.com/mel-foster
