Coding

EC2 for Humans | Amazon Web Services BASICS

  • 00:00:01 well I can fit this video great to have
  • 00:00:03 you here my name is Maximilian and in
  • 00:00:05 this video I want to get you started
  • 00:00:08 with AWS ec2 what is that actually how
  • 00:00:12 can we use it and how does it work let's
  • 00:00:15 take a closer look
  • 00:00:19 on my channel I already got some videos
  • 00:00:22 on AWS and there we mainly used elastic
  • 00:00:25 beanstalk a service provided by AWS to
  • 00:00:28 quickly get started with hosting web
  • 00:00:30 applications behind the scenes and I did
  • 00:00:33 mention that in these videos elastic
  • 00:00:36 beanstalk spins up some virtual servers
  • 00:00:39 using AWS ec2 easy-to stands for Elastic
  • 00:00:43 Compute cloud and what this actually is
  • 00:00:46 is a service by AWS which allows you to
  • 00:00:48 bring up your own servers you could say
  • 00:00:50 now not of course complete machines
  • 00:00:53 though you could rent complete machines
  • 00:00:55 too but typically smaller fractions of
  • 00:00:58 these machines virtual machines running
  • 00:01:01 on the physical servers though and
  • 00:01:03 that's important each virtual server you
  • 00:01:05 bring up is totally isolated from all
  • 00:01:08 the other software basically all the
  • 00:01:11 other machines are running on the same
  • 00:01:12 physical machine and that is of course
  • 00:01:14 key from a security perspective but
  • 00:01:16 let's take a closer look on the AWS
  • 00:01:19 console we can find ec2 under the
  • 00:01:22 compute section the constants we launch
  • 00:01:24 our own server our own machine are on
  • 00:01:27 computer basically we can of course do
  • 00:01:30 all sorts of calculations or
  • 00:01:32 computations on it so let's click ec2
  • 00:01:35 here and we're taking to the ec2 console
  • 00:01:37 now this console can be overwhelming the
  • 00:01:40 first time you view it you get a lot of
  • 00:01:42 options here on the left but the most
  • 00:01:45 important option for us is to launch
  • 00:01:47 instance button here so let's click it
  • 00:01:49 because here we can bring up a new
  • 00:01:52 virtual machine a new instance as it's
  • 00:01:55 called which will be like a computer or
  • 00:01:58 a machine old bus just sitting in a
  • 00:02:00 cloud on some other physical machine the
  • 00:02:03 first thing we have to do here is well
  • 00:02:05 the same you have to do on your own
  • 00:02:07 machine in your own room if you get a
  • 00:02:11 new computer and want to set it up you
  • 00:02:12 need to choose which operating system
  • 00:02:15 and which software to install on it and
  • 00:02:17 you do this by choosing an Amazon
  • 00:02:19 machine image as they are called there
  • 00:02:21 are loads of images to choose from
  • 00:02:23 different operating systems and
  • 00:02:26 different packages of software which are
  • 00:02:29 installed right from the start you can
  • 00:02:31 choose Linux and
  • 00:02:32 for an Linux distributions you can
  • 00:02:34 choose Windows now I'll choose the first
  • 00:02:37 image here the MS Linux distribution
  • 00:02:39 which already includes the LDS
  • 00:02:41 command-line tools pipes in the Ruby and
  • 00:02:44 packages we can install for PHP as on so
  • 00:02:47 let's click select now and what we're
  • 00:02:49 telling AWS hey we want to launch a new
  • 00:02:52 virtual machine running Linux with the
  • 00:02:55 other software which was mentioned here
  • 00:02:56 now we need to decide which kind of
  • 00:02:59 machine do we actually want to run
  • 00:03:01 because of course we can decide how
  • 00:03:03 powerful it should be and there are
  • 00:03:05 loads of options to choose from as you
  • 00:03:08 can see from this list now there's less
  • 00:03:10 the next step where you can get
  • 00:03:12 overwhelmed what is the right choice for
  • 00:03:14 you now basically all these versions all
  • 00:03:19 these instance types you see here differ
  • 00:03:21 by the power they offer but not just by
  • 00:03:24 the power in terms of memory or CPUs but
  • 00:03:28 all the in the relation these different
  • 00:03:30 components have to each other so for
  • 00:03:32 example we got the M instance type here
  • 00:03:37 all these instances starting with M and
  • 00:03:39 for in this case these are the general
  • 00:03:42 purpose machines you could say
  • 00:03:44 multi-purpose M stands for multi-purpose
  • 00:03:46 indeed and here we got this ratio of
  • 00:03:49 four-to-one so 16 gigabytes of RAM and 4
  • 00:03:54 V CPU cores and V CPU is a workshop CPU
  • 00:03:58 core because of course you don't have
  • 00:03:59 the real physical machine you get a part
  • 00:04:02 a portion of that CPU which is actually
  • 00:04:05 installed on a machine assigned to your
  • 00:04:07 machine so you get that and other
  • 00:04:10 machines have a different ratio for
  • 00:04:12 example there are machines which are
  • 00:04:14 optimized on memory these feature much
  • 00:04:16 more RAM compared to the CPUs they have
  • 00:04:19 and that basically is a difference that
  • 00:04:22 also leads us to that strange naming
  • 00:04:25 which kind of tells you which ratio you
  • 00:04:27 have between the different assets or
  • 00:04:31 factors on each machine I already told
  • 00:04:34 you that M stands for multi-purpose C
  • 00:04:37 stands for compute so these feature a
  • 00:04:40 lot of CPUs as you can see the CPU to
  • 00:04:43 RAM ratio is different than for the M
  • 00:04:45 instance family that by the way is how
  • 00:04:48 it is called this first letter describes
  • 00:04:51 the instance family which in turn
  • 00:04:53 describes how RAM and CPU and SSD
  • 00:04:58 storage or storage in general is related
  • 00:05:00 to each other so we got C instance
  • 00:05:04 family instances which are more heavily
  • 00:05:07 focusing on CPUs M which is really
  • 00:05:10 multi-purpose has a good relation for
  • 00:05:13 all kinds of different tasks and then we
  • 00:05:15 get our machines or other instances like
  • 00:05:18 for example storage optimized ones so
  • 00:05:21 where we have a lot of storage on these
  • 00:05:23 machines like up to here 8 x q terabytes
  • 00:05:27 of SSD storage almost and here you can
  • 00:05:31 really choose which type of machine you
  • 00:05:33 need for which type of task you want to
  • 00:05:35 run on this machine do you want to run a
  • 00:05:38 web server of a web host or do you want
  • 00:05:40 to host your website on the machine
  • 00:05:42 basically well then multi-purpose all
  • 00:05:44 these T machines here actually might be
  • 00:05:46 interesting the key instance family
  • 00:05:49 stands for burst and this actually works
  • 00:05:51 a bit different there you can basically
  • 00:05:53 earn bursts credits at times where the
  • 00:05:56 machine is not utilized that much and
  • 00:05:58 then you can pull or use these credits
  • 00:06:00 if you got spikes traffic spikes which
  • 00:06:02 makes this reusable for spikey
  • 00:06:04 application spiky web applications M as
  • 00:06:08 a said multi-purpose all the good web
  • 00:06:10 server a storage optimized one probably
  • 00:06:13 not so much might be bare is better for
  • 00:06:15 our test where you need a lot of storage
  • 00:06:17 temporary storage may be or might be
  • 00:06:20 better or other machines like with a lot
  • 00:06:23 of CPUs or RAM or GPUs optimized
  • 00:06:26 machines are existing too which are
  • 00:06:28 better for big data analysis and machine
  • 00:06:30 learning these are all things you have
  • 00:06:33 to decide when picking instance now all
  • 00:06:35 go with the web server is approach and I
  • 00:06:37 also want to stay in the free tier which
  • 00:06:40 allows me to use this instance for one
  • 00:06:44 year all the time running for one year
  • 00:06:46 for free and check the free tier
  • 00:06:49 information on the alias pricing page to
  • 00:06:51 learn more about this this is only true
  • 00:06:53 if you have one of these instances if
  • 00:06:54 you launch ten of them well only one
  • 00:06:56 three so I choose to keep you micro
  • 00:07:00 instance which has one V CPU one
  • 00:07:02 gigabyte of RAM no special storage
  • 00:07:05 attached to it does have internal
  • 00:07:07 storage but we would have to add another
  • 00:07:09 service to get persistent storage which
  • 00:07:12 isn't removed once we shut the instance
  • 00:07:14 down and that basically is it we could
  • 00:07:17 already launch it and just to review the
  • 00:07:19 other configuration but to really
  • 00:07:21 understand what ec2 is about we should
  • 00:07:23 go through the configuration so let's
  • 00:07:25 click on configure instance details on
  • 00:07:28 this page we can now decide how many of
  • 00:07:30 these instances do we want to launch
  • 00:07:32 I'll go with one we could add more and
  • 00:07:34 we could automatically put them into
  • 00:07:35 your auto scaling group which manages
  • 00:07:38 the amount of instances depending on
  • 00:07:39 incoming traffic and so on we could
  • 00:07:41 request the spot instance and there's a
  • 00:07:43 different pricing thing or a different
  • 00:07:46 way of of paying for them you could say
  • 00:07:49 of getting the instance to normally what
  • 00:07:52 we're doing here is on the Mount
  • 00:07:53 we're bringing the census up it is
  • 00:07:55 available is always available and we
  • 00:07:57 paid a fixed price which you can see on
  • 00:08:00 the AWS pricing page however there are
  • 00:08:03 two other pricing options you could
  • 00:08:05 reserve an instance which means you
  • 00:08:07 can't shut down or you can shut it down
  • 00:08:08 but then you will still pay for it which
  • 00:08:10 you don't in the on-demand
  • 00:08:11 usage we're setting up here so you could
  • 00:08:14 reserve it which is a bit keeper but you
  • 00:08:16 always have to pay it or use the spot
  • 00:08:18 instance here which means you bid for
  • 00:08:21 instances which are not required right
  • 00:08:23 now but you only get them if the price
  • 00:08:26 basically approaches your bid price and
  • 00:08:29 you're not guaranteed that this instance
  • 00:08:32 will stay can stick with you you can
  • 00:08:34 also lose it again so this might be good
  • 00:08:36 for tasks which are not really time
  • 00:08:39 critical you don't need an instance
  • 00:08:42 which is up all the time but you
  • 00:08:43 occasionally ritu need to run some
  • 00:08:45 calculation then this might be an option
  • 00:08:47 so there's the pricing what else do we
  • 00:08:50 have here a couple of network settings
  • 00:08:52 and I actually will have a separate
  • 00:08:54 videos on V PC and what that this is
  • 00:08:56 about generally this is your own network
  • 00:08:59 in the cloud you'll launch your instance
  • 00:09:02 into you you can that also specify
  • 00:09:04 subnets in this network and that is
  • 00:09:06 what's happening here you can also
  • 00:09:08 assign a
  • 00:09:09 public IP and use the subnet subnet
  • 00:09:12 specific settings here or you could set
  • 00:09:15 this to enable directly to make sure
  • 00:09:17 that this instance does receive a public
  • 00:09:19 IP it of course needs one if you plan on
  • 00:09:21 reaching it from the web otherwise if it
  • 00:09:23 doesn't have a public IP no way of
  • 00:09:25 reaching that instance you can assign an
  • 00:09:29 I am role I am as this instance and
  • 00:09:32 access management thing on AWS and with
  • 00:09:34 the role you can control what you'll be
  • 00:09:37 doing or what you'll be able to do from
  • 00:09:39 this instance so for example if on this
  • 00:09:41 instance you run some code to access
  • 00:09:43 another AWS service you need to give
  • 00:09:46 that instance to permission to do so and
  • 00:09:48 you can do this by assigning the right
  • 00:09:49 role shutdown behavior well what do you
  • 00:09:52 want to do if you shut instance down do
  • 00:09:54 you want to stop it which basically will
  • 00:09:56 not remove it or do you want to
  • 00:09:57 terminate it which removes it from your
  • 00:09:59 instant list you can serve some
  • 00:10:02 monitoring details and you can move on
  • 00:10:04 to storage now here is some storage
  • 00:10:07 which is automatically attached to the
  • 00:10:09 instance this uses AWS EBS and our
  • 00:10:12 service and then some storage which will
  • 00:10:14 also be available if you shut your
  • 00:10:17 instance down the instance itself is a
  • 00:10:20 virtual machine and therefore it also
  • 00:10:21 has some internal storage some internal
  • 00:10:24 hard drive storage but if you ever shut
  • 00:10:27 the instance down that will be lost too
  • 00:10:30 and therefore attaching some external
  • 00:10:32 storage to it also makes sense because
  • 00:10:34 if you want to save some data which you
  • 00:10:36 want to keep even in the case that you
  • 00:10:38 shut the instance down you need that
  • 00:10:40 extra storage and here is one storage
  • 00:10:42 device with eight gigabytes
  • 00:10:44 automatically attached to it you could
  • 00:10:46 add more volumes but you're going to pay
  • 00:10:48 for that queue and check out the AWS EBS
  • 00:10:51 pages pricing pages to learn more about
  • 00:10:53 that you can also learn more about
  • 00:10:55 storage options here on that page next
  • 00:10:58 you can assign some tags which allows
  • 00:11:00 you to trace your instance feed on the
  • 00:11:02 build so basically to manage your
  • 00:11:03 instance and then we have to configure
  • 00:11:06 the security group and that's important
  • 00:11:08 of course the security group decides
  • 00:11:11 which kind of security rules are applied
  • 00:11:14 to the instance and you have to attach
  • 00:11:16 security groups to each instance now
  • 00:11:18 here we can create a new one or choose
  • 00:11:20 an existing one I already got a couple
  • 00:11:23 of
  • 00:11:23 as you can see basically what you do in
  • 00:11:26 a security group is you decide which
  • 00:11:28 traffic is allowed to enter the instance
  • 00:11:31 in which traffic may leave the instance
  • 00:11:33 which kind of requests so security group
  • 00:11:35 is a firewall basically you can decide
  • 00:11:38 which ports may be accessed from the
  • 00:11:40 outside and which traffic can well as I
  • 00:11:42 said leave the instance for example here
  • 00:11:44 what we're setting up as a rule is that
  • 00:11:46 we can SSH into the instance so we use
  • 00:11:50 port 22 the SSH port and then which
  • 00:11:55 source may do that not that strange
  • 00:11:58 notation here basically is a range of
  • 00:11:59 IPs
  • 00:12:00 I'll come back to that range of IPs in
  • 00:12:02 the V PC video what this means here is
  • 00:12:05 everyone the entire internet is able to
  • 00:12:08 SSH into your instance and you don't
  • 00:12:10 want that you don't want to get the
  • 00:12:12 entire internet access to your instance
  • 00:12:14 yes there will be a password protection
  • 00:12:17 but still this is extremely dangerous
  • 00:12:20 so instead choose my IP to get your IP
  • 00:12:24 automatically entered into this field
  • 00:12:26 and now only your IP will be able to
  • 00:12:30 access this instance and no one else and
  • 00:12:32 this of course is super important
  • 00:12:34 because now only you from your machine
  • 00:12:36 can access the instance now if your IP
  • 00:12:38 changes and isn't static you ever need
  • 00:12:41 to adjust this every time you want to
  • 00:12:42 access the instance you can adjust it
  • 00:12:44 after the instance was launched or you
  • 00:12:46 need to set up a range here which
  • 00:12:49 basically is the range of IPs you might
  • 00:12:52 potentially get now setting up ranges
  • 00:12:54 here you can simply google for it Sider
  • 00:12:57 CIDR translator or tool and you will
  • 00:13:01 find a tool or you can enter IP ranges
  • 00:13:03 and get the right side or block again I
  • 00:13:05 will explain this in DB PC video so with
  • 00:13:09 that we can now review and launch this
  • 00:13:11 so let's clip a glimpse over the details
  • 00:13:14 here again and launch this instance and
  • 00:13:17 we're prompted to Eirik use a key pair
  • 00:13:20 or create a new one now this key pair is
  • 00:13:22 required for us to log into the instance
  • 00:13:25 we can't log into it without a keeper so
  • 00:13:28 make sure to download it and store it
  • 00:13:30 safely if you ever lose it you can't get
  • 00:13:33 it again and you'll be locked out from
  • 00:13:35 your instance that's super important
  • 00:13:37 you know so here I will create a new key
  • 00:13:39 pair and now give it a name demo easy
  • 00:13:44 too and download it again you need to
  • 00:13:46 store this I already got this so let me
  • 00:13:49 name it demo to you I'll save it here
  • 00:13:51 and now with that saved you can now
  • 00:13:54 launch the instances with the instance
  • 00:13:57 in this case now this will take a couple
  • 00:13:59 of seconds you can go back to the ec2
  • 00:14:02 console and actually see how it's
  • 00:14:04 getting launched here under running
  • 00:14:06 instances you see oh it's already
  • 00:14:09 running so that was really fast you
  • 00:14:10 might still see pending there but it
  • 00:14:12 really launches fast and this is your
  • 00:14:15 instance your own virtual machine
  • 00:14:16 running in the cloud now that's super
  • 00:14:19 awesome but what can we do with it well
  • 00:14:22 we can do anything we want with it you
  • 00:14:24 can install whichever software you want
  • 00:14:25 to install on it you can turn it into a
  • 00:14:28 web server it does have a public IP as
  • 00:14:31 you can tell down there this is its
  • 00:14:32 public IP and that is what you can do
  • 00:14:35 with it now of course if you take this
  • 00:14:37 public dns here which is like
  • 00:14:39 automatically and automatically
  • 00:14:41 generated to main you may also use if
  • 00:14:43 you enter this into your browser you
  • 00:14:46 actually will see that nothing happens
  • 00:14:48 and that makes sense because we have
  • 00:14:51 that able port 80
  • 00:14:52 we only enabled port 22 on that security
  • 00:14:55 group so we're not actually able to send
  • 00:14:58 HTTP request to that instance but it
  • 00:15:00 does have a public eye view so turning
  • 00:15:03 it into a web server is only one thing
  • 00:15:05 though you could run big data analytics
  • 00:15:06 on the instance you could convert your
  • 00:15:09 vacation images into different file
  • 00:15:12 formats you can basically do whatever
  • 00:15:14 you want the only limitation of course
  • 00:15:16 is you won't have a desktop you will
  • 00:15:18 have to connect to it over the command
  • 00:15:20 line over SSH or use some other tool for
  • 00:15:24 doing that connections like putty on
  • 00:15:26 windows which takes us to the next step
  • 00:15:29 let's connect to this instance here now
  • 00:15:32 how can we connect
  • 00:15:33 I just set it over a command line over
  • 00:15:36 the terminal on Mac or Linux basically
  • 00:15:39 so let's open it and make sure to
  • 00:15:42 navigate into the folder where you
  • 00:15:44 stored this key file you just download
  • 00:15:46 it because we're going to meet this now
  • 00:15:49 I want to connect to this
  • 00:15:50 instance Oh and as a sign of course
  • 00:15:52 store just keep on a secure location on
  • 00:15:54 your machine and don't delete it don't
  • 00:15:56 accidentally delete it so now I want to
  • 00:15:58 connect to the server to that instance
  • 00:16:01 and on Mac and Linux is super easy you
  • 00:16:04 can use the SSH command on your command
  • 00:16:07 line on your terminal on Windows you
  • 00:16:09 don't have that now in Windows there are
  • 00:16:10 other options and I actually have a link
  • 00:16:12 about connecting to it on Windows in the
  • 00:16:14 video description you can use or it can
  • 00:16:17 install OpenSSH to always be able to use
  • 00:16:20 SSH from the command line and or you can
  • 00:16:23 use a tool named putty to also connect
  • 00:16:26 via SSH to that instance so it's super
  • 00:16:29 easy to connect from Windows to so with
  • 00:16:31 that here we always no matter if you're
  • 00:16:34 using Windows or Linux we need to pass
  • 00:16:36 some information cue our our instance
  • 00:16:41 basically we need to has the user with
  • 00:16:44 which you want to connect and AWS
  • 00:16:46 automatically created one for us and the
  • 00:16:48 password for this user now the password
  • 00:16:50 is our key file here this top temple
  • 00:16:55 this is our key pair we have for
  • 00:16:57 connecting to the database at three
  • 00:16:58 instance the username depends on which
  • 00:17:02 kind of image you chose for MSN Linux
  • 00:17:04 it's going to be easy to user now the
  • 00:17:08 exact command to connect is the
  • 00:17:10 following SSH as you see – I then the
  • 00:17:15 path to your key pair so in this case in
  • 00:17:18 some is the same folder it's just the
  • 00:17:20 name of the keeper but it would be the
  • 00:17:21 full path to that keeper if you execute
  • 00:17:24 this command from outside this folder
  • 00:17:25 then your username easy to user for the
  • 00:17:29 MS gnu/linux distribution at and then
  • 00:17:32 this Public DNS we already copied and
  • 00:17:34 then this is actually it now if you hit
  • 00:17:36 enter you can click or enter yes here to
  • 00:17:41 confirm the fingerprint of the instance
  • 00:17:42 and now you see that the private key
  • 00:17:46 file was unprotected and therefore we
  • 00:17:50 weren't allowed to connect to the
  • 00:17:52 instance this is a security mechanism we
  • 00:17:55 can't connect as long as our key falls
  • 00:17:58 this top temple is not protected so as
  • 00:18:01 long as everyone can basically over
  • 00:18:04 now you can change the permissions of
  • 00:18:06 that key file to read only to change
  • 00:18:10 mode command chmod then 400 this is the
  • 00:18:15 the shortcut for read-only and it is
  • 00:18:17 totally new to use some research for
  • 00:18:19 change models for chmod and you'll find
  • 00:18:23 detailed descriptions I'll also put a
  • 00:18:25 link in the video description and then
  • 00:18:27 the file name so demo to ezq p.m. now
  • 00:18:31 again for Windows users there also be a
  • 00:18:33 link in the video description about how
  • 00:18:34 to connect to the AWS ec2 instance with
  • 00:18:38 that file here at adjusted now we can
  • 00:18:42 now rerun this SSH command connect to
  • 00:18:45 the database and now you should
  • 00:18:47 successfully connect to it and now it
  • 00:18:49 might look just like it did before but
  • 00:18:51 actually you see here this is now a
  • 00:18:53 different user this is a different
  • 00:18:55 machine this is us on our own ec2
  • 00:18:58 instance if you will list this you see
  • 00:19:00 in that directory we doesn't don't have
  • 00:19:02 any files but if you go to the root
  • 00:19:04 directory off the machine you see there
  • 00:19:07 are a couple of folders and files here
  • 00:19:08 this is definitely not my machine I can
  • 00:19:10 tell you that this is this Linux insects
  • 00:19:12 we're running in the cloud and we were
  • 00:19:15 able to connect to it because we opened
  • 00:19:17 the 22 port for our IP now this is the
  • 00:19:21 instance running and we are connected to
  • 00:19:24 it and as I said you can now do whatever
  • 00:19:26 you want to do it is like our own
  • 00:19:28 machine you can install whichever
  • 00:19:29 software you want to install run
  • 00:19:31 whichever code you want to run it is
  • 00:19:34 your machine now at least until you shut
  • 00:19:36 the instance down and you can turn it
  • 00:19:38 into a simple web server convert any
  • 00:19:40 images to smaller images there do big
  • 00:19:43 data analysis whatever you like now in
  • 00:19:47 the video description you'll also find a
  • 00:19:48 link how you could turn this into a web
  • 00:19:51 server it's a process which involves
  • 00:19:53 multiple steps you have to change some
  • 00:19:55 permissions but this is something you
  • 00:19:57 can do might be a nice next practice
  • 00:20:00 this is how you can log into your ec2
  • 00:20:03 instance now let's go back to that
  • 00:20:05 management console here we see all
  • 00:20:08 running instances the one we just
  • 00:20:10 launched is the only one I have here
  • 00:20:12 actually what about all these settings
  • 00:20:14 here on the left though well you
  • 00:20:17 basically
  • 00:20:17 some rumors reserved instances and spot
  • 00:20:20 requests these are the different pricing
  • 00:20:22 options I managed I mentioned you see
  • 00:20:24 some general Vance tagged some logging
  • 00:20:27 information about your running instances
  • 00:20:29 here is a section about all the images
  • 00:20:34 you might add to your own image
  • 00:20:36 collection so the image we used or
  • 00:20:38 setting up this just instance basically
  • 00:20:40 we can manage our block storage tests
  • 00:20:43 businesses EBS serve as I mentioned
  • 00:20:46 regarding the storage we have attached
  • 00:20:47 to our instances there's only this one
  • 00:20:49 volume we did attach to the instance
  • 00:20:51 we're running right now we also have
  • 00:20:53 this security group setting which is
  • 00:20:55 about all the security groups and this
  • 00:20:57 is what I actually also want to take a
  • 00:20:59 look at right now here this is the
  • 00:21:02 security group we created last and if we
  • 00:21:04 increase this here in size with a short
  • 00:21:07 description which isn't too meaningful
  • 00:21:09 there is this VPC thing but I'll come
  • 00:21:11 back to we've receive a separate video
  • 00:21:12 as I said and then here inbound and
  • 00:21:15 outbound is interesting especially
  • 00:21:16 inbound inbound is how you manage what
  • 00:21:19 is able to access your instance and this
  • 00:21:21 should be as strict as possible of
  • 00:21:23 course here only SSH access is possible
  • 00:21:28 you can't access this instance from the
  • 00:21:29 web for example and even the SSH access
  • 00:21:32 is restricted to our IP here this of
  • 00:21:35 course should be as secure and as strict
  • 00:21:37 as possible to protect your instance the
  • 00:21:39 outbound rules on the other end are very
  • 00:21:41 relaxed here all traffic is allowed to
  • 00:21:43 access anything you may restrict this to
  • 00:21:46 but in general this is not as critical
  • 00:21:49 here and we definitely want to give our
  • 00:21:51 instance here access to the Internet in
  • 00:21:53 some way of code at least because we
  • 00:21:56 want to ensure that we can update
  • 00:21:57 install updates and so on this is our
  • 00:22:00 firewall the security group attached to
  • 00:22:02 our instance and definitely port
  • 00:22:04 definitely important to understand that
  • 00:22:06 inbound rules should be as strict as
  • 00:22:08 possible elastic IP it here are an
  • 00:22:12 interesting concept your instance here
  • 00:22:15 if you have a look at it click on it
  • 00:22:17 does have a public IP address here now
  • 00:22:20 this public IP for address here changes
  • 00:22:24 each time you shut the instance down and
  • 00:22:26 bring it back up so you can't rely on
  • 00:22:28 getting the same in IPA
  • 00:22:30 and of course if you have a website
  • 00:22:32 where you route your traffic to that IP
  • 00:22:34 that might not be the behavior you want
  • 00:22:37 actually as long as you stay in AWS
  • 00:22:39 world there are ways you work with
  • 00:22:44 dynamic public IP SKU but it might still
  • 00:22:48 be something you want to look into
  • 00:22:49 elastic IPS even though the name is
  • 00:22:52 deceiving elastic sounds very dynamic
  • 00:22:54 but actually these are fixed IPs you can
  • 00:22:58 allocate to your account and you do have
  • 00:23:00 to allocate them because ipv4 addresses
  • 00:23:03 are a rare resource it's changing with
  • 00:23:06 the ipv6 of course but we're running out
  • 00:23:08 of ipv4 instance a IPS so you can
  • 00:23:12 allocate some to your account only a
  • 00:23:13 limited in limited amount and then you
  • 00:23:15 can assign these IPS which now really
  • 00:23:18 belong to you to your account two
  • 00:23:21 instances and even if you shut the
  • 00:23:23 instance down and bring it back up you
  • 00:23:25 will still get the same elastic fixed IP
  • 00:23:28 address so that is really an interesting
  • 00:23:31 concept and really something you have to
  • 00:23:32 keep in mind if you are running
  • 00:23:34 applications web applications on these
  • 00:23:37 instances now a load balancing and auto
  • 00:23:40 scaling is something I already touched
  • 00:23:41 on in my elastic Beanstalk video
  • 00:23:43 basically it allows you to distribute
  • 00:23:45 incoming traffic across all instances or
  • 00:23:47 bring up or shut down additional
  • 00:23:49 instances as to traffic changes and then
  • 00:23:53 you get some well advanced management
  • 00:23:55 options here to get an overview over
  • 00:23:58 your instances and so on so I won't go
  • 00:24:01 into too much detail here this is what
  • 00:24:04 you can do with ec2 now I'll conclude
  • 00:24:06 this by shutting this instance sound by
  • 00:24:08 clicking on it and then either
  • 00:24:09 right-clicking instance state terminate
  • 00:24:12 you could also just stop it
  • 00:24:14 which won't get rid of it or reboot it
  • 00:24:17 but I want to get rid of it
  • 00:24:18 so terminate would be the right choice
  • 00:24:20 or if you just select it and click on
  • 00:24:23 actions and then you have the same menu
  • 00:24:25 instance eight-state terminate now we're
  • 00:24:28 warned that the EBS volume is configured
  • 00:24:32 to also be shut down you could now
  • 00:24:34 change this but I will also shut down
  • 00:24:37 the block storage which means of course
  • 00:24:39 that everything I stored there is lost
  • 00:24:41 everything here is lost
  • 00:24:42 instance will be removed and I can't
  • 00:24:44 exercise anymore this is how you bring
  • 00:24:46 it down and I hope that in this video I
  • 00:24:48 could give you a brief introduction
  • 00:24:51 relatively brief introduction qec to how
  • 00:24:54 to work with it again we already worked
  • 00:24:57 with it indirectly through elastic
  • 00:24:59 Beanstalk in an earlier video but it is
  • 00:25:02 really important to understand what's
  • 00:25:03 happening behind the scenes and I hope
  • 00:25:05 that this works with this video see you
  • 00:25:07 in other videos bye