EC2: Virtual Servers in the Cloud
Amazon Elastic Compute Cloud (EC2) is one of the oldest and most fundamental AWS services. It provides resizable virtual servers in the cloud, giving you complete control over your computing resources. In this lesson, we'll explore how EC2 works and launch your first instance.
What You'll Learn
By the end of this lesson, you'll understand EC2 concepts, instance types, pricing models, and how to launch, connect to, and manage EC2 instances.
What is EC2?
EC2 lets you run virtual servers (called instances) in AWS data centers. Think of it as renting a computer in the cloud that you can configure however you want.
Why Use EC2?
- Flexibility - Choose the exact CPU, memory, and storage you need
- Scalability - Launch more instances in seconds when demand increases
- Control - Full root/admin access to your virtual servers
- Cost-effective - Pay only for what you use, by the second
- Global - Launch instances in any AWS region
Common Use Cases
- Web servers and application servers
- Development and testing environments
- Batch processing and data analysis
- Machine learning model training
- Game servers
- Database servers (though managed options like RDS are often better)
EC2 Instance Components
An EC2 instance consists of several components:
Amazon Machine Image (AMI)
An AMI is a template that contains the operating system and software for your instance. AWS provides:
- Amazon Linux 2/2023 - AWS's own Linux distribution
- Ubuntu - Popular Linux distribution
- Windows Server - Various versions
- Red Hat Enterprise Linux - Enterprise Linux
- macOS - For building Apple applications
You can also create custom AMIs from your configured instances.
Instance Type
The instance type determines the hardware specifications:
t3.micro
│ │
│ └─ Size (nano, micro, small, medium, large, xlarge, 2xlarge, etc.)
└─── Family (general purpose, compute, memory, storage, accelerated)
Common Instance Families
| Family | Optimized For | Example Use Case |
|---|---|---|
| t3, t3a | General purpose, burstable | Web servers, small databases |
| m6i, m6a | General purpose, balanced | Application servers |
| c6i, c6a | Compute intensive | Batch processing, gaming |
| r6i, r6a | Memory intensive | In-memory databases, caching |
| p4, g5 | GPU/Accelerated | Machine learning, graphics |
| i3, d2 | Storage intensive | Data warehousing |
Free Tier Instance
For learning, use t2.micro or t3.micro - these are Free Tier eligible (750 hours/month for 12 months).
Storage (EBS)
Amazon Elastic Block Store (EBS) provides persistent storage for EC2 instances. Think of it like a virtual hard drive.
EBS Volume Types:
| Type | Description | Use Case |
|---|---|---|
| gp3, gp2 | General Purpose SSD | Most workloads |
| io2, io1 | Provisioned IOPS SSD | Databases requiring high IOPS |
| st1 | Throughput Optimized HDD | Big data, data warehouses |
| sc1 | Cold HDD | Infrequently accessed data |
Security Groups
Security groups act as virtual firewalls controlling inbound and outbound traffic to your instances.
Key concepts:
- By default, all inbound traffic is blocked
- By default, all outbound traffic is allowed
- Rules are stateful - responses to allowed inbound traffic are automatically allowed out
- You specify rules by protocol, port, and source/destination
Example rules:
| Type | Protocol | Port | Source | Purpose |
|---|---|---|---|---|
| SSH | TCP | 22 | My IP | Connect via SSH |
| HTTP | TCP | 80 | 0.0.0.0/0 | Web traffic (anyone) |
| HTTPS | TCP | 443 | 0.0.0.0/0 | Secure web traffic |
| RDP | TCP | 3389 | My IP | Windows remote desktop |
Key Pairs
Key pairs provide secure SSH access to Linux instances (and encrypted password retrieval for Windows).
- Public key - Stored on the EC2 instance
- Private key - Downloaded by you, never shared
Keep your private key secure! Anyone with it can access your instances.
Launching Your First EC2 Instance
Let's launch a Linux instance step by step.
Step 1: Open EC2 Console
- Go to the EC2 dashboard
- Click "Launch instance"
Step 2: Name and Tags
- Give your instance a name (e.g., "my-first-instance")
- Add additional tags if needed (optional)
Step 3: Choose an AMI
- Select "Amazon Linux 2023 AMI" (Free Tier eligible)
- Verify it says "Free tier eligible"
Step 4: Choose Instance Type
- Select "t2.micro" or "t3.micro" (Free Tier eligible)
- Note the specs: 1 vCPU, 1 GB memory
Step 5: Key Pair
- Click "Create new key pair"
- Name it (e.g., "my-key-pair")
- Choose key pair type: RSA
- Choose format: .pem (Linux/Mac) or .ppk (Windows with PuTTY)
- Click "Create key pair" - the file downloads automatically
Important: Store this file securely. You can't download it again.
Step 6: Network Settings
- Keep the default VPC
- Enable "Allow SSH traffic from My IP"
- Optionally enable HTTP/HTTPS if running a web server
Step 7: Configure Storage
- Default 8 GB gp3 is fine for learning
- Can increase up to 30 GB in Free Tier
Step 8: Launch
- Review your settings
- Click "Launch instance"
- Wait for the instance to start (Instance State: running)
Connecting to Your Instance
Connecting via SSH (Linux/Mac)
# Set correct permissions on key file
chmod 400 my-key-pair.pem
# Connect to instance
ssh -i my-key-pair.pem ec2-user@<public-ip-address>
Replace <public-ip-address> with your instance's public IP (found in the EC2 console).
Connecting via EC2 Instance Connect
AWS provides a browser-based SSH connection:
- Select your instance in the EC2 console
- Click "Connect"
- Choose "EC2 Instance Connect"
- Click "Connect"
A terminal opens in your browser - no key file needed!
Connecting via Session Manager
For instances without public IPs or SSH access:
- Ensure the instance has an IAM role with
AmazonSSMManagedInstanceCorepolicy - Select your instance
- Click "Connect"
- Choose "Session Manager"
- Click "Connect"
Instance Lifecycle
EC2 instances have several states:
| State | Description | Billing |
|---|---|---|
| pending | Instance is starting | No charge |
| running | Instance is active and accessible | Charges apply |
| stopping | Instance is shutting down | Charges may apply |
| stopped | Instance is off but can be restarted | No compute charge (EBS charges apply) |
| terminated | Instance is permanently deleted | No charge |
Managing Instance State
From the EC2 console, select your instance and use the "Instance state" dropdown:
- Start - Boot a stopped instance
- Stop - Shut down but preserve the instance
- Reboot - Restart the instance
- Terminate - Permanently delete the instance
Warning: Termination is permanent. The instance and its root volume are deleted.
EC2 Pricing Models
AWS offers several pricing options for EC2:
On-Demand
Pay by the second (or hour) with no commitment.
- Best for: Development, testing, unpredictable workloads
- Pricing: Highest rate but most flexible
- Commitment: None
Spot Instances
Bid on unused EC2 capacity at up to 90% discount.
- Best for: Flexible, fault-tolerant workloads
- Pricing: Up to 90% off On-Demand
- Risk: Instances can be terminated with 2-minute notice
Reserved Instances
Commit to 1 or 3 years for significant discounts.
- Best for: Steady-state, predictable workloads
- Pricing: Up to 72% off On-Demand
- Commitment: 1 or 3 years
Savings Plans
Flexible pricing model with commitment to usage amount.
- Best for: Flexible commitments across instance types
- Pricing: Up to 72% off On-Demand
- Commitment: 1 or 3 years, $/hour
Elastic IP Addresses
By default, public IPs change when you stop/start an instance. Elastic IPs are static public IPs you can associate with instances.
Key points:
- Elastic IPs are free while associated with a running instance
- Charged if allocated but not used (to prevent hoarding)
- Can move between instances
Best Practices
- Use the smallest instance that meets your needs - Resize later if needed
- Stop instances you're not using - Avoid unnecessary charges
- Use Security Groups wisely - Only open ports you need
- Don't use default VPC for production - Create custom VPCs
- Back up important data - Use EBS snapshots
- Monitor costs - Use Cost Explorer and Budgets
- Use IAM roles, not access keys - More secure for instances accessing AWS services
Key Takeaways
- EC2 provides virtual servers in the cloud with flexible configuration
- AMIs are templates containing the OS and software
- Instance types determine CPU, memory, and networking capabilities
- Security groups control inbound and outbound traffic
- Key pairs enable secure SSH access
- On-Demand pricing is flexible; Reserved and Savings Plans offer discounts
- Stop instances to save money while preserving them; terminate to delete permanently
What's Next
EC2 gives you full control over your compute resources, but sometimes you want even simpler compute without managing servers at all. In the next lesson, we'll explore AWS Lambda - serverless computing where you just upload your code and AWS handles everything else.