AWS Summit Nordics - Getting Started With AWS

Getting Started with AWS
Martin Elwin

Compute
Vertical Scaling
From $0.02/hr
Elastic Compute Cloud (EC2)
Basic unit of compute capacity
Range of CPU, memory & local disk options
18 Instance types available, from micro to cluster compute
Feature Details
Flexible Run Windows or Linux distributions
Scalable Wide range of instance types from micro to cluster compute
Machine Images Configurations can be saved as machine images (AMIs) from which new instances can be created
Full control Full root or administrator rights
Secure Full firewall control via Security Groups
Monitoring Publishes metrics to Cloud Watch
Inexpensive On-demand, Reserved and Spot instance types
VM Import/Export Import and export VM images to transfer configurations in and out of EC2

256
128
64
32
16
8
4
2
1
1 2 4 8 16 32 64 128 256
EC2 instance types
High I/O 4XL 60.5 GB
35 EC2 Compute Units
16 virtual cores
2*1024 GB SSD-based local instance
storage
Memory(GB)
Small 1.7 GB,
1 EC2 Compute
Unit
1 virtual core
Micro 613 MB
Up to 2 ECUs (for
short bursts)
Large 7.5 GB
4 EC2 Compute
Units
2 virtual cores
Hi-Mem XL 17.1 GB
6.5 EC2 Compute
Units
2 virtual cores
Hi-Mem 2XL 34.2 GB
13 EC2 Compute
Units
4 virtual cores
Hi-Mem 4XL 68.4 GB
26 EC2 Compute
Units
8 virtual cores
High-CPU Med 1.7
GB
5 EC2 Compute
Units
2 virtual cores
High-CPU XL 7 GB
20 EC2 Compute
Units
8 virtual cores
Medium 3.7 GB,
2 EC2 Compute
Units
1 virtual core
M3 XL 15 GB
13 EC2 Compute
Units 4 virtual
cores
EBS storage only
M3 2XL 30 GB
26 EC2 Compute
Units 8 virtual
cores
EBS storage only
Extra Large 15 GB
8 EC2 Compute
Units
4 virtual cores
Cluster GPU 4XL 22 GB
33.5 EC2 Compute Units,
2 x NVIDIA Tesla “Fermi”
M2050 GPUs
Cluster Compute 4XL 23 GB
33.5 EC2 Compute Units
Cluster Compute 8XL 60.5
GB
High Storage 8XL 117 GB
35 EC2 Compute Units,
24 * 2 TB ephemeral
drives
10 GB Ethernet
Hi-Mem Cluster Compute 8XL
244 GB
16 virtual cores
240 GB SSD
EC2 Compute Units

EC2 instance types
EC2 Compute Units
Memory(GB)
Special
Storage
Light
Spiky

AMI
Amazon Machine
Image
Instance
Running or
Stopped
machine
AZ Availability Zone
S3
EBS EBS EBS EBS EBS EBS
EBS
Snapshots
S3 Buckets
Region
EC2 terminology

5 steps to getting
started
1 2 3 4 5

Sign up:
aws.amazon.com
1 2 3 4 5
Sign up

1 2 3 4 5
Sign up
You will need
Credit card information – you won’t pay unless you use resources
A telephone – on which to receive an automated security call

1 2 3 4 5
Sign up
You will need
Best practice
Setup billing alerts so you can be notified when levels of spend are
reached
If you have existing accounts, consider using consolidated billing to
bring them together under one payment
Credit card information – you won’t pay unless you use resources
A telephone – on which to receive an automated security call

1 2 3 4 5
Sign up
750 hours of Amazon EC2 Linux/RedHat/Suse Micro Instance usage
750 hours of Amazon EC2 Microsoft Windows Server Micro Instance usage
750 hours of an Elastic Load Balancer
30 GB of Amazon Elastic Block Storage
5 GB of Amazon S3 standard storage
100 MB of storage, 5 units of write capacity, and 10 units of read capacity for Amazon DynamoDB*
25 Amazon SimpleDB Machine Hours and 1 GB of Storage
1,000 Amazon SWF workflow executions*
1,000,000 Requests of Amazon Simple Queue Service*
1,000,000 Requests, 100,000 HTTP and 1,000 email notifications for Amazon Simple Notification Service*
10 Amazon CloudWatch metrics, 10 alarms, and 1,000,000 API requests*
15 GB of bandwidth out aggregated across all AWS services
750 hours of Amazon RDS for SQL Server Micro DB Instance usage
20 GB of RDS database storage
10 million RDS I/Os
20 GB of backup storage for your automated RDS database backups and any user-initiated DB Snapshots
20 minutes of SD transcoding or 10 minutes of HD transcoding in Amazon Elastic Transcoder*
Free tier http://aws.amazon.com/free/

1 2 3 4 5
Sign up
Create IAM users
IAM users

1 2 3 4 5
Sign up IAM users
Identity and Access Management:
Securely control access to AWS
services and resources for your
users

1 2 3 4 5
Sign up IAM users
Account owner
Access to all subscribed services
Access to billing reports
Access to console, REST and SOAP APIs
IAM users/groups
Access to specific services
Access to console and/or REST APIs and/or SOAP APIs

1 2 3 4 5
Sign up IAM users
Account owner
Access to all subscribed services
Access to billing reports
Access to console, REST and SOAP APIs
IAM users/groups
Access to specific services
Access to console and/or REST APIs and/or SOAP APIs
Master user
account – owns
payment method
Regular users

1 2 3 4 5
Sign up IAM users
Account
Administrators Developers Applications
Bob
Kevin
Tomcat
Jim Brad
Mark
Susan
Reporting
Console

1 2 3 4 5
Sign up IAM users
Account
Bob
Kevin
Tomcat
Jim Brad
Mark
Susan
Reporting
Console
Multi-factor authentication
Groups

AWS system entitlements
Roles
1 2 3 4 5
Sign up IAM users
Account
Bob
Kevin
Tomcat
Jim Brad
Mark
Susan
Reporting
Console

1 2 3 4 5
Sign up IAM users
{
"Statement": [
{
"Effect": "Allow",
"Action": [
"elasticbeanstalk:*",
"ec2:*",
"elasticloadbalancing:*",
"autoscaling:*",
"cloudwatch:*",
"s3:*",
"sns:*"
],
"Resource": "*"
}
]
}
Policy driven
Declarative definition of
rights for groups
Policies control access to
AWS APIs

1 2 3 4 5
Sign up IAM users
Generate a key pair
Key pairs

1 2 3 4 5
Sign up IAM users Key pairs
Public Key
Inserted by Amazon into each
EC2 instance that you launch
Private Key
Downloaded and stored by
you
Standard SSH RSA Key pair
Public/Private Keys
Public key provided by AWS to EC2 instance
for secure, personalized, initial, non-generic
access
Supports NIST and other security standards
for providing non-default user access
Instance key pairs
EC2
Instance
Comms secured
with private key

1 2 3 4 5
Public Key
Inserted by Amazon into each
EC2 instance that you launch
Private Key
Downloaded and stored by
you
Instance key pairs
EC2
Instance
Comms secured
with private key
Private keys are not
stored by AWS
Standard SSH RSA Key pair
Public/Private Keys
Public key provided by AWS to EC2 instance
for secure, personalized, initial, non-generic
access
Supports NIST and other security standards
for providing non-default user access

1 2 3 4 5
AWS generated keys
Import your own keys
Select your region
Create keys
Give them a name
Private key is generated and downloaded by your browser immediately
Create 1 key pair for all resources or as many as you like (e.g 1 per server type)
You supply only the public key to AWS

1 2 3 4 5
ssh –I eu-west.pem
ec2-user@publicdns.amazonaws.com
1. Linux Launch (First Boot)
2. Public Key made available through metadata
3. Instance initialization scripts insert public key
into ~/.ssh/authorized_keys
4. User connects with SSH using their Private
Key

1 2 3 4 5
Key
You can’t log into a Linux
instance without key

1 2 3 4 5
Key
Don’t lose it

1 2 3 4 5
1. Windows Launch (First Boot Sequence)
3. Windows runs Sysprep (reboots)
4. Instance initialization scripts:
a) Creates a random Administrator password
b) Encrypts random password with Public Key
c) Reports encrypted password to Windows System Log
5. User retrieves the encrypted password and decrypts it with their Private Key (using
AWS Console or API Call)

1 2 3 4 5
Keep
secure
Do not
share
Rotate Need to
know

1 2 3 4 5

1 2 3 4 5
Sign up IAM users Key pairs Launch
Launch an instance

1 2 3 4 5
Region

Regions
Region
US-WEST (N.
California) EU-WEST (Ireland)
ASIA PAC
(Tokyo)
ASIA PAC
(Singapore)
US-WEST (Oregon)
SOUTH AMERICA (Sao
Paulo)
US-EAST (Virginia)
GOV CLOUD
ASIA PAC
(Sydney)

1 2 3 4 5
Wizard

1 2 3 4 5
Choose
key pair

1 2 3 4 5
Choose
machine
image

1 2 3 4 5
What’s this?

1 2 3 4 5
Security groups
Security
Group
EC2 Classic EC2 VPC (virtual private cloud)
Inbound only Inbound and outbound
TCP, UDP, ICMP only Any protocol
Assigned at launch Assigned at launch or when running
Modify anytime Modify anytime
instance
Port 80
(HTTP)
Port 22
(SSH)
Name
Description
Protocol
Port range
IP Address, range, or another security group

1 2 3 4 5
Launch!

1 2 3 4 5

1 2 3 4 5
Instance
DNS name

1 2 3 4 5
Instance
DNS nameKey file EC2 Linux
username

1 2 3 4 5
sudo yum -y install httpd
sudo chkconfig httpd on
sudo /etc/init.d/httpd start
Let’s install something
Install apache web server
Set it to run as a service
Start the web server

1 2 3 4 5
Added port 80
to group
Security
groups
Open our security group

1 2 3 4 5
Test it by hitting the public DNS name of
the instance

1 2 3 4 5
Create an image
Image

1 2 3 4 5
Sign up IAM users Key pairs Launch Image
Makes a snapshot of the instance
Creates an image that is private to you
Saves time in deployments and system setup

1 2 3 4 5
Create
image

1 2 3 4 5
Name it
and
create

1 2 3 4 5
Your
AMI

1 2 3 4 5
…and
launch a
new
instance
from the
AMI

1 2 3 4 5

Next Steps
Elastic Load Balancing
Create highly scalable applications
Distribute load across EC2 instances in
multiple availability zones
Auto Scaling
Automatic re-sizing of compute clusters
based upon demand
Relational Database
Service
Database-as-a-Service
No need to install or manage database instances
Scalable and fault tolerant configurations

aws.amazon.com
get started with the free tier

AWS Summit Nordics - Getting Started With AWS

Recomendados

Recomendados

Más contenido relacionado

La actualidad más candente

La actualidad más candente (20)

Similar a AWS Summit Nordics - Getting Started With AWS

Similar a AWS Summit Nordics - Getting Started With AWS (20)

Más de Amazon Web Services

Más de Amazon Web Services (20)

Último

Último (20)

AWS Summit Nordics - Getting Started With AWS