Linux Amazon EC2 tutorial: How to set up an EC2 instance

EC2 has changed quite a bit in the last five years, so whether you are new to EC2 or an old hand, it’s worth a look at how to launch your own EC2 instances today

Linux Amazon EC2 tutorial: How to set up an EC2 instance
Thinkstock

Amazon’s Elastic Cloud Computing (EC2 has changed quite a bit in the last five years, so whether you are new to EC2 or an old hand, it’s worth a look at how to launch your own EC2 instances today. (For a deeper primer on EC2, check out Sean Hall’s EC2 tutorial at InfoWorld from 2012, but note he’s doing things the command-line way, whereas today you can do things the graphical way, as this post shows. Still, if you want to know what Route 53 and so on mean, read Hall’s article.)

As long as you use a small instance size and haven't already signed up, you can try EC2 for free. Not all of the instance types (which vary by processor and memory) and storage sizes are free, but the UI guides you on what is and isn't free. If you haven't signed up, do that now.

To get started, sign into the EC2 Management Console.

The Management Console is a kind of UI nightmare. It contains every conceivable Amazon Web Services product that you could possibly use. Some of the categories are a bit arbitrary. Fortunately, EC2 is at the very top. Click EC2.

After you click EC2, you'll find yourself at the EC2 Dashboard. It tells you, among other things, if you have any running instances. There is also a big blue Launch Instance button. Click on that.

ec2 how to screen 01 IDG

Step 1: Pick an Amazon machine image

From here, AWS asks you to pick an Amazon machine image (AMI). Think of that as a type of virtual machine template. It comes pre-installed with an operating system. Scroll down a bit.

ec2 how to screen 02 IDG

Pick the Ubuntu free tier eligible image by clicking the blue Select button next to it.

Step 2: Pick an instance type

AWS now asks you to pick an instance type. Note that instances differ in the number of virtual CPUs (vCPU), memory, available storage, and network performance. This example’s needs are meager, so pick the default free-tier t2.micro instance (note the names change sometimes; pick the free one). Click the Next Configure Instance Details button.

ec2 how to screen 03 IDG

This takes you to another one of Amazon's less-savory UIs. From here you can change:

  • Number of Instances: The number of instances you're launching, meaning launch two VMs at once. The default is 1, leave it.
  • Purchasing Option: Don’t click Request Spot Instances. Doing so means you'll bid on your instance, and if other people bid more but below the retail rate Amazon will shut you down. There’s not a lot of point to picking this when you’re using the free tier. Don't check this, we’re bidding 0.
  • Network: This is the virtual private cloud. Basically, Amazon lets you have multiple isolated virtual networks. At the moment, we have only one. Leave that as it is.
  • Subnet: This is another way of isolating ranges of IPs. Let's leave that alone too.
  • Auto-assign Public IP: We definitely need this enabled. Amazon instances can have two IPs: one that is a private IP that can only connect to other EC2 instances on the same VPC, and one public IP that you can connect to from anywhere on the internet. If you’re deploying a more intricate system, you'd have some instances that would only have private IPs. In this case, we need a public IP for sure; otherwise, we’d be unable to connect.
  • Shutdown Behavior: Here be dragons. Set this to Stop, which is the default. The Terminate option actually means delete or burn it all down with no fire insurance.
  • Enable Termination Protection: Leave this off for this example. Generally, I check this. It's a safety that prevents you from deleting instances when you don't mean to.
  • Monitoring: Amazon has a monitoring suite called CloudWatch. We do not need this for now.
  • Tenancy: What really makes the economics of EC2 work is that most of the time your instance is probably doing nothing. The Shared option makes the most sense for that, because you’re sharing the back-end resources with other users when your instance is not running, lowering your costs. However, if you're trying to get maximum performance, you'd select Dedicated Host. There is also an option to have a Dedicated Instance, which means that it runs on a host dedicated for your use but multiple (of your) instances might run on the same hardware. In this example, choose Shared; we're going for cheap.

Step 3: Configure instance details

ec2 how to screen 04 IDG

Step 4: Add storage to your instance

Now, click Add Storage. Storage is disk space. You have the option of straight General Purpose (SSD), Provisioned IOPS (SSD), or Magnetic. Because the General Purpose storage is eligible for the free tier, pick that. If you need performance, you’d pick the Provisioned IOPS option. (I'm not sure why anyone would consider picking magnetic disks like the cave people used when I was little. We could have a big fat disk with a whopping 30GB, but here let's stick with 8GB (the default). If we wanted, we could have more than one volume (disk partition), but we don't, so click Next: Add Tags at the bottom.

ec2 how to screen 05 IDG

Step 5: Add tags to your instance

Tags are just key-value pairs associated with the instance. You can use them for whatever. At my work, we use them for cost centers and management. There are even scripts that automatically shut down instances if people leave them on. AWS is expensive and doing the equivalent of leaving the light switch on can drain the old bank account pretty quickly.

In this example, we're just doing a little test instance and not deploying a whole devops management suite, so you can just click Next: Configure Security Group.

ec2 how to screen 06 IDG

Step 6: Configure your security group

Before you do anything on the security screen, go to another browser tab and type the literal what is my ip. You'll get an IP address like the fake one I just fudged on this screenshot (73.181.91.4). This is a 32-bit IP address. Copy it.

By default, Amazon firewalls off everything on your public instance IP. The default on this screen is to leave SSH open to 0.0.0.0/0, which means the whole world. Paste your IP into the text box and add /32 on the end. The /32 means the whole IP address and only this address.

ec2 how to screen 07 IDG

If you put 73.181.91.4/24, any IP beginning with 73.181.91 would be able to get to the SSH port. If you put /16, anyone with an IP beginning 73.181 would get to the SH port. If you put /8, anyone whose IP started with 73 would get to the port. This is not to say they could log in; but they could connect to the TCP/IP port. Remember: Even SSH has vulnerabilities.

It is possible to use IPv6 addresses as well (if your IP is much longer and has :s, it is an IPv6 address). Just change the /32 to /128.

Click Review and Launch.

Step 7: Review your instance

This almost-final screen gives you a chance to correct any mistakes. I don't make mistakes, so I just click Launch. But you might want to review your own work.

ec2 how to screen 08 IDG

Here, you create an SSH key pair and call it whatever you like (what you enter will be in its filename, so don't go nuts). This lets you get to your instance using SSH.

Instead of a password you'll use this file to log in.

Step 8: Launch your instance

If it is your first time in EC2, you’ll have to create a new key pair. If you've been in EC2 before, you can select one you've already used.

You have to download the key before you can move on. Download the key, then click Launch Instance.

ec2 how to screen 09 IDG

On the next screen, you're told that your instance is in progress. Click on its instance ID (the long hex after “initiated”).

ec2 how to screen 10 IDG

You'll be taken to a status screen that shows the instance is pending. Either wait around or click the Refresh button until you get bored.

ec2 how to screen 11 IDG

After a minute or so you'll see that the machine is not only ready but has been assigned an IP.

ec2 how to screen 12 IDG

Open a terminal or shell window or use a tool like Putty.

Type ssh ubuntu@INSTANCEIP -i YOURPEMFILE.pem and replace INSTANCEIP with the IPv4 public IP (in this case, 54.43.248.41) and YOURPEMFILE with the name you gave your SSH key-pair-name (in this case, infoworld-test).

The first time you log in, SSH will warn you:

The authenticity of host '52.43.248.41 (52.43.248.41)' can't be established.
ECDSA key fingerprint is SHA256:BFPzqvDdq5qC2ijy2p4/9G/4wAzovscdEaPmSMKnc4k.
Are you sure you want to continue connecting (yes/no)?

This just means that EC2 doesn't know that server yet. If you get this message again later (and the IP hasn't changed), it could indicate a man-in-the-middle attack. But this time, just say yes.

D’oh! Except when I downloaded my key file, its permissions were too open, so I got an ominous warning and it refused to connect. Change the permissions of the file by typing chmod 600 YOURPEMFILE.pem. If you do 644 (as in the screenshot below), that is still too open. Basically the 6 means read/write for the owner of the file, but not readable for anyone else (except maybe the administrative root user).

ec2 how to screen 13 IDG

Rerun the ssh command again, and you should get in! Play around if you know Linux.

ec2 how to screen 14 IDG

Let's not keep that running. So, go back to the EC2 instances screen. Right-click the instance and choose Instance State > Stop.

ec2 how to screen 15 IDG

You'll see an “are you sure?” screen. Click Yes, Stop.

ec2 how to screen 16 IDG

Once the instance is stopped, it is as if the machine is off. However, it is still there eating up … well, nothing, because we picked the free tier, and you get 12 months free. But let's terminate it anyhow for good hygiene. Right-click the instance and choose Instance State > Terminate.

ec2 how to screen 17 IDG

Once you do this, you get another “are you sure?” screen. Say Yes, Terminate. If that safety setting I mentioned earlier were on, you'd have to turn it off before you could actually terminate the instance.

ec2 how to screen 18 IDG

Congratulations, you've created an instance, logged in to it, stopped it, and terminated it. Your journey has begun. Maybe next time, you can install some software on it and maybe create an AMI, but for now, enjoy your fun with EC2.

Remember not to run up a large bill!

Related: