DEVELOPyo

[ 1. What is EC2? ]

EC2 인스턴스는 AWS에서 제공하는 대여형 가상머신

NAS 와 같은 역할을 하는 EBS, 로드밸런싱을 수행하는 ELB, 서버 트래픽에 따라 인스턴스 수를 증가/증감 시키는 ASG 등이 함께 사용된다

- EC2 is one of most popular of AWS offering

- It mainly consists in capability of :

  1) renting virtual machines(ec2)

  2) storing data on virtual drives(EBS)

  3) distributing load across machines(ELB)

  4) Scaling the services using an auto-scaling group(ASG)

* AMI (amazon machine image) : amazon linux2, redhat, Ubuntu, window ...

[ EC2 생성 후 접속 방법 (WINDOW10) ]

> ssh -i pem파일경로 EC2-user@EC2의공인IP

Permission denied(권한문제) 에러발생시 해결 방법(window 에서의 chmod 방법) :

techsoda.net/windows10-pem-file-permission-settings/

[ 2. Security Groups ]

EC2의 inbound/outbound 방화벽 정책으로 SG 를 한개 설정하여 여러개의 EC2 인스턴스에 동일하게 적용시킬 수 있다. (region 제약)

- Security Groups are the fundamental of network security in AWS

- They control how traffic is allowed into or out of our EC2 Machines

- acting as a "firewall" on EC2 instances

- They regulate :

  1) Access to Ports

  2) Authorised IP ranges (CIDR) - ipv4 and ipv6

  3) Control of inbound/outbound network

- can be attached to multiple EC2 instances

- locked down to a region /VPC combination

* if your application is not accessible (time out), then it's a security group issue (방화벽 문제)

* if your application gives a "connection refused" error, then it's an application error or it's not launched

- All inbound traffic is blocked by default

- All outbound traffic is authorised by default

[ # EC2 에 Apache 설치 ]

1) EC2 에 접속

2) > sudo su

    root 로 switch user

3) > yum update -y

force update machine

4) > yum install -y httpd.x86_64

아파치 설치

5) > systemctl start httpd.service

서비스 시작

6) > enable httpd.service

enabled across reboots

7) curl localhost:80

테스트

8) ec2publicip:80

외부에서 접속해보기 -> connection time out 발생

9) Security group 의 inbound 설정에 http 80 포트 추가

10) 재시도 성공 확인

security groups can communicate straight through to other instances

[ 3. Elastic IPs ]

고정된 공인 아이피, Elastic IP 설정시 EC2 인스턴스를 재기동해도 공인아이피가 바뀌는 현상이 나타나지 않는다

Elastic IP를 사용하기 보단, DNS (Route 53) 을 사용 하는게 구조적으로 낫다

- Elastic IP is a public IPv4 IP you own as long as you don't delete it

* if restart EC2 instance, it can change its public IP

- if you need to have a fixed public IP for your instance, you need an Elastic IP

- with an Elastic IP address, you can mask the failure of an instance or software by rapidly remapping the address to another instance in your account.

- you can only have 5 Elastic IP in your account (can increase if you ask AWS)

* try to avoid using Elastic IP :

  1) They often reflect poor architectural decisions

  2) Instead, use a random public IP and register a DNS name to it

[ 3. EC2 User Data ]

인스턴스 런칭시 실행되는 초기 스크립트로써 업데이트수행/프로그램설치 등을 EC2 런칭과 동시에 수행시키고자 할 때 사용한다 (AMI 를 사용하여 대체할 수 있다)

- It is possible to bootstrap our instances using an EC2 User data script 

- bootstrapping means launching commands when a machine starts

- That script is only run once at the instance first start (인스턴스 런칭과 동시에 스크립트 실행)

- EC2 user data is used to automate boot tasks such as:

  1) Installing updates

  2) Downloading common files from the internet 

* The EC2 User Data Script runs with the root user

* where to put/change user data

  생성시 : configure instance details step 의 advanced details 에서 설정

  생성후 : instance 우클릭 > instance settings > change user data

[ 4. EC2 Instance Launch Types ]

EC2 인스턴스는 아래와 같이 5가지 런치타입이 존재한다.

애플리케이션의 목적에 따라 런치타입을 바꾸어 비용절감을 할 수 있다.

1. On Demand Instances : short workload, predictable pricing

2. Reserved : (Minimum 1year)

  - Reserved Instances: long workloads

  - Convertible Reserved Instances: long workloads with flexible instances

  - Scheduled Reserved Instances: eg. every Thursday between 3 and 6 pm

3. Spot Instances : short workloads, for cheap, can lose instances (less reliable)

4. Dedicated Instances : no other customers will share your hardware

5. Dedicated Hosts : book an entire physical server, control instance placement

1. EC2 On Demand

필요시에만 사용, 비쌈

- Pay for what you use (billing per second, after the first minute)

- Has the highest cost but no upfront payment

- No long term commitment

- Recommended for short-term and un-interrupted workloads, where you can't predict how the application will behave.

2. EC2 Reserved Instances

일정 기간에 대한 선불제, 비교적 저렴

- Up to 75% discount compared to On-demand

- Pay upfront for what you use with long term commitment

- Reservation period can be 1 or 3 years

- Reserve a specific instance type

- Recommended for steady state useage applications(think database)

* Convertible Reserved Instance

  - can change the EC2 instance type

  - Up to 54% discount

* Scheduled Reserved Instances

  - launch within time window you reserve

  - When you require a fraction of day/week/month

3. EC2 Spot Instances

여유자원을 싸게 사용하는 방식으로 사용자가 최대 입찰 가격을 정해놓고 사용, 가격이 최대가격이상이 되면 중지

- Can get a discount of up to 90% compared to On-demand

- Instances that you can "lose" at any point of time if your max prices is less then the current spot price

- The Most cost-efficient instances in AWS

- Useful for workloads that are resilient(회복력있는/탄력적인) to failure

  eg. Batch jobs, Data analysis, Image processing

- Not great for critical jobs or databases

- Great combo : Reserved Instances for baseline + On-Demand & Spot for peeks

4. EC2 Dedicated Hosts

사용자 전용의 물리적 서버, 딮한 설정 가능

- Physical dedicated EC2 server for your use

- Full control of EC2 Instance placement

- Visibility into the underlying sockets/physical cores of the hardware

- Allocated for your account for a 3 year period reservation

- More expensive

- Useful for software that have complicated licensing model

  Or for companies that have strong regulatory or compliance needs

5. EC2 Dedicated Instances

계정에 귀속된 인스턴스

- Instances running on hardware that's dedicated to you

- May share hardware with other instances in same account

- No control over instance placement (can move hardware after Stop/Start)