Last updated on January 22, 2021 by Dan Nanni
Amazon EC2 (Amazon Elastic Compute Cloud) is a part of AWS product offerings, where users can rent virtual servers in the AWS public cloud. You pay for rented compute resources (CPU, memory, hard drive) at per-second granularity on a "pay-as-you-go" basis. As the name "Elastic Compute Cloud" implies, EC2 allows you to spin off as many or as few virtual servers as you want, across multiple geographic regions, and to dynamically resize resources of deployed instances as needed.
Amazon EC2 maintains a catalogue of virtual server images, called Amazon Machine Images (AMI), for you to choose from for your EC2 instances. The AMI catalogue covers a mix of different OS environments (Linux, Windows, MacOS) and hardware architectures (X86 and ARM). There is already a huge ecosystem of open-source tools developed to support application deployment and automation on AWS platforms. But for those of you who have just started with AWS EC2, this tutorial covers a step-by-step procedure to create a Linux instance on AWS EC2 platform using AWS management console interface. The demonstration will focus on creating an EC2 instance with Ubuntu 20.04 LTS on 64-bit x86 architecture AMI.
Amazon EC2 relies on public key cryptography to authorize and authenticate your access to EC2 instances. So the first step is to create your own public/private key pair for Amazon EC2 if you don't have one.
To create an EC2 key pair, go to your EC2 Dashboard and click on
Key pairs link.
.pem file format for your key pair, since we are going to use OpenSSH to access an EC2 instance. Once you create a key pair, your private key file (e.g.,
xmodulo.pem) will automatically be downloaded to your computer. Note that once the private key is downloaded this time, there is no other way to retrieve this private key file later. So be careful not to lose it.
Move the private key to your SSH directory. You will need to use this key (
~/.ssh/xmodulo.pem) later when accessing your EC2 instance.
$ chmod 400 xmodulo.pem $ mv xmodulo.com ~/.ssh
The next step is to define default firewall rule settings for your EC2 instance. In Amazon EC2, incoming/outgoing traffic of each EC2 instance is regulated by a security group, which represents firewall rule settings for a group of EC2 instances. Without any security group, all inbound traffic to your EC2 instance is blocked, while all outbound traffic from your EC2 instance is allowed. Especially if you need to allow some inbound traffic (e.g., SSH) to your EC2 instance, you need to define a custom security group with appropriate inbound rules.
Similar to key pair creation, you can create a new security group from the main EC2 dashboard.
When configuring inbound rules, you can choose from well-known TCP/UDP services (e.g., SSH, DNS, HTTP, HTTPS) or define custom TCP/UDP services by filling out corresponding port number(s) yourself (e.g., 5901, 6000-6010). For each type of traffic, also fill out the source network from which you want to allow the traffic. If you want to only allow traffic from your current computer, choose
My IP as the source. Then the public IP address of your computer will automatically be detected and filled in as source. You can add one more more inbound rules by clicking on
Add Rule button.
Now you are ready to launch an EC2 instance. For that, choose
Instances menu from the EC2 dashboard, and click on
Launch Instance button.
Choose an OS image to use for your EC2 instance. We select Ubuntu server 20.04 LTS (x86) image.
Next, we choose an instance type for the chosen AMI image. An instance type determines among other things the number of vCPUs and the amount of memory and storage for your EC2 instance. If you have just started with AWS, you are eligible for AWS free tier, which includes 750 EC2 hours of micro instances during the first 12 months.
Once you have chosen an instance type, click on
Next: Configure Instance Details button at the bottom to adjust the instance details.
Here you can fine-tune the configurations of your instance. In most common cases you do not need to touch the default settings, and click on
Next: Add Storage button to move ahead.
In storage settings, you can adjust the size of the root storage, and optionally add additional EBS volume (persistent storage). With AWS free tier, you are eligible for upto 30GB free EBS during the 12 months. Click on
Next: Add Tags.
Next, you can add a list of arbitrary key-value pairs as metadata of your EC2 instance. If you don't want to, move ahead by clicking on
Next: Configure Security Group.
Here you configure a security group of your instance. Since we have already created a custom security group at the beginning, simply choose the existing security group (e.g.,
xmodulo). Click on
Review and Launch button to finalize.
Review the settings and click on
Before the EC2 instance is launched, you will be prompted to choose an existing key pair. Since we have already created one at the beginning, simply choose it (e.g.,
xmodulo) and launch the instance.
Once the EC2 instance is up and running, the instance status will be changed to
running in the EC2 dashboard. In order to access the instance, you need to use the public IP address (or DNS name) of the instance, which you can find in the dashboard.
Since the EC2 instance only allows SSH key authentication, you need to use the private key you specified during the EC2 launch step. In our example, the private key exists in
~/.ssh/xmodulo.pem. So use
-i option in
ssh command as follows. Note that the default user for Ubuntu AMI is
$ ssh -i ~/.ssh/xmodulo.pem [email protected]<instance-ip-address>
Instead of specifying the key and the instance IP address manually, it is often recommended to specify them in your SSH configuration file as follows.
$ vi ~/.ssh/config
Host ubuntuaws HostName <instance-ip-address> IdentityFile ~/.ssh/xmodulo.pem User ubuntu
Host field above, you can use any descriptive name (e.g.,
.ssh/config has been updated, you can SSH to your EC2 instance simply by running:
$ ssh ubuntuaws
Congratulations! You are now on your first EC2 instance!
In this tutorial, I presented a step-by-step guide on setting up your first EC2 instance using Ubuntu server AMI. Depending on your use case, you may want to add a desktop environment on this bare-minimal server instance.
In this guide the chosen EC2 instance was "EBS-only" type, which means the instance's root volume is backed by persistent EBS storage. Thus, if you stop the instance and restart it later, any data created or packages installed on the Ubuntu instance will not be lost. But note that when you have stopped your instance, while you are not charged for the instance, you will still be charged for the EBS storage that remains provisioned for the instance (if it exceeds the free tier limit). Keep that in mind while playing with your instance.
What is your experience with Amazon EC2? Share it in the comments.