Modify AWS EC2 Instance

Modify AWS EC2 Instance !!!

EC2 stands for Elastic Compute Cloud Server. It is the compute service offering from the IaaS (Infrastructure as a Service) area of AWS.

Once an EC2 instance is provisioned, it is very handy to update/modify many of the instances configuration parameters using AWS Management Console.

Let’s look at each of them.

In this tutorial, you will learn-

Login and access to AWS services

Checking the modification parameters

Viewing the connection details

Launching multiple instances with the similar configuration

Changing the instance state

Changing instance settings

Creating tags

Attaching to Auto Scaling Group

Changing instance type

Enabling termination protection

Changing User Data

Changing the shutdown behavior

Viewing System Log

Creating an instance AMI

Changing the instance network settings

Changing the Security Group

Adding a Network Interface

Dissociating EIP

Changing Source/Destination check

Managing private IP addresses

Enabling/disabling ClassicLink to a VPC

Enabling detailed CloudWatch monitoring

Login and access to AWS services

Step 1) In this step, you will do

Login to your AWS account and go to the AWS Services tab at the top left corner.

Here, you will see all of the AWS Services categorized as per their area viz. Compute, Storage, Database, etc. For creating an EC2 instance, we have to choose Computeà EC2 as in the next step.

Open all the services and click on EC2 under Compute services. This will launch the dashboard of EC2.

Here is the EC2 dashboard. Here you will get all the information in gist about the AWS EC2 resources running.

Step 2) On the top right corner of the EC2 dashboard, choose the AWS Region in which you want to provision the EC2 server.

Here we are selecting N. Virginia. AWS provides 10 Regions all over the globe.

Step 3) Once your desired Region is selected, come back to the EC2 Dashboard.

Checking the modification parameters

Step 1) On the EC2 Dashboard, select the instance whose configuration parameters you want to modify and Click on the “Actions” button as shown below.

Step 2) As you click the button, the drop- down will show us all the areas where we can modify the instance characteristics.

Viewing the connection details

Connect option below will show us ways in which we can connect to an EC2 instance.

Step 1) Click on option ‘Connect.’

You may choose to connect with a standalone SSH client or a java client. You will get a step-by-step procedure on how you can connect to your instance.

For this tutorial, we can see the connection methods for a Linux instance.

Launching multiple instances with the similar configuration

If you have a single EC2 instance running with a particular configuration, and you wish to quickly launch another instance in a one-click deployment, then ‘Launch More Like This’ option helps us do that.

Step 1) Click on ‘Launch More Like This.’

You will be straightaway directed to the review instance details page of the launch instance wizard. Here we can verify all the details once more.

Step 2) On review instance details page Click on button ‘Launch.’

Step 3) In this window,

Select an existing key pair

Click on “Launch Instance.”

Instance launch progress can be seen as below.

You can see below that a new instance is in a pending state before creation.

You can see that the new instance has the same tag as well.

Changing the instance state

You can change the instance state on the fly from the Management Console on a single click.

Step 1) In this step, Click on ‘Instance State’ under actions.

Stop – you can stop the running instance

Reboot – you can reboot the instance

Terminate – you can delete the instance permanently

Changing instance settings

Here you can change a lot of instance settings like security groups, termination protection, etc.

Let’s us see each one in detail.

Creating tags

Add/Edit Tags – You can add or edit the tags assigned to the instance. Tagging makes it easier for the business owner of the AWS account to keep a track of the instances especially if there are multiple environments.

AWS admins should assign each instance a tag based on the segregation e.g.: tagging all the instances in the production environment as ‘Prod’ or tagging the instances belonging to a department with the department initials etc. Tagging is a very effective method to track the costing of the instances as well.

Let’s see how to change tags

Step 1) In this step,

Click on instance setting

Click on ‘Add/Edit Tags.’

Step 2) A tag is just a key-value pair.

So we have assigned a new tag as Department and added its value as Cloud.

Click on Save

Step 3) Come back to the EC2 Dashboard and

Select your instance again

Select the tab of ‘Tags’

Note that the new tag as “Department” with value as Cloud has appeared under Tags.

Attaching to Auto Scaling Group

An EC2 instance can be attached to an Auto Scaling Group on the fly.

Step 1) In this step, we do following things

Click on ‘Instance Settings’

Click on ‘Attach to Auto Scaling Group.’

Step 2) In this step,

Attach an instance to an existing AS group. You can also create a new AS group in this step.

Select one AS group from the list of already existing groups.

Click on ‘Attach’.

This action will attach your instance to an auto-scaling group in your environment.

Changing instance type

You can change the instance-type of your instance if you desire higher configuration instance as per your application requirement. This can be done to vertically scale your instance and provide you with more compute/memory capacity.

Let’s see how to do this.

You cannot change an instance type if it’s a running server. You have to stop it before doing so.

Step 1) In this step,

Go to ‘Instance State’

Click on ‘Stop’. This will stop the instance.

Note that the instance state is now in “stopping” mode on the EC2 Dashboard. You change an instance type now.

Step 2) In this step,

Go to ‘Instance Settings’

Click on ‘Change Instance Type’

A Change Instance Type pop-up will appear.

Step 3) You can select from a range of EC2 available instance types. For this tutorial, we are changing it to t2.nano just for the sake of demonstration.

Step 4) Select t2.nano and hit ‘Apply’.

Notice on the EC2 Dashboard, your instance type has been changed to the said type automatically.

You can now start your instance and continue on the operations on that. There will be no change in other configuration parameters and also your existing installations on the server will remain intact.

Enabling termination protection

An instance should always have termination protection enabled especially on production servers. This will ensure that your EC2 instance is not getting accidentally terminated.

AWS will add an additional level of security in case you happen to accidentally hit the instance terminate option.

Let’s see how to enable termination protection.

Step 1) In this step,

Go to ‘Instance Settings.’

Click on ‘Change Termination Protection.’

Step 2) Notice that the current setting on our instance is disabled. Click on “Yes,Enable”.

This has enabled Termination protection on our instance. We’ll check to see if our instance gets deleted when we hit Terminate.

Step 3) In this step,

Select option ‘Instance State’ and then

Click on ‘Terminate.’

AWS will immediately notify you that the EC2 instance has “termination protection enabled” and you will not be able to delete it. The ‘Terminate’ button below is disabled.

Changing User Data

When you launch a new EC2 instance, you have the option to pass user data to an instance to run tasks at boot time automatically e.g. common configuration tasks, init scripts, etc.

You can pass the user data in the form of shell scripts or cloud-init directives. This can be either plain text, as a file or as base64 encoded text for API calls.

Here we will see how we can edit these scripts.

You will have to stop the instance first, you will not be able to edit the instance userdata if it’s running. On a stopped instance, perform below steps.

Step 1) In this step, do the following things

Go to ‘Instance Settings’.

Click on ‘View/Change User Data’.

Here for the purpose of demonstration, we have a shell script which installs LAMP stack on the server.

Step 2) In this step,

View/ modify your user data field.

Click on “Save” tab.

Changing the shutdown behavior

If ever you have accidentally shutdown the instance via the OS console, you don’t want AWS EC2 to actually terminate the instance.

For that, we can set up the shutdown behavior as ‘Stop’ instead of ‘Terminate’. We can also do vice versa if the application requirement is as such.

Let’s see how to achieve this.

Step 1) In this step,

Go to ‘Instance Settings’.

Click on ‘Change Shutdown Behavior.’

Step 2) In this step, click on ‘Stop’ and then hit apply. The setting will be applied to the instance accordingly.

Step 3) Now when “stop” shutdown is initiated in the instance console via putty, it will not get terminated. It will simply shutdown normally.

Viewing System Log

You can see the system log for any EC2 instance for troubleshooting purposes etc.

Step 1) In this step,

Go to ‘Instance Settings’.

Click on ‘Get System Log’.

You can see a separate window depicting the instance log details. Here we can see a snap of log when the instance was restarted.

Creating an instance AMI

You can create an AMI of your EC2 instance for backup.

Step 1) In this step,

Go to ‘Image’.

Click on ‘Create Image’.

An image creation wizard will open.

Step 2) In this step,

Add the image name

Give some friendly description for the AMI

Check the volumes and then hit ‘Create Image’ button.

AWS will receive your create image request and will send a notification immediately.

You can check the status of the request on the EC2 dashboard as ‘pending’ just like what is shown below.

After a while the status is “available” and you will have your AMI ready as a backup.

You can also de-register it from the dashboard once the backup is old.

Changing the instance network settings

Changing the Security Group

You can change the SG (Security Group) of an instance anytime. If you have another security group with different firewall rules, you can easily do so using the console.

Let’s see how.

Step 1 ) In this step,

Go to ‘Networking’.

Click on ‘Change Security Groups’.

Step 2) In the change security groups wizard, it will show the already existing SG on the instance along with a list of all the security groups in the region.

Step 3) In this step,

Tick the box against your desired SG

Click on ‘Assign Security Groups’ button.

Step 4) On the EC2 Dashboard, you can see that the SG of the instance has been changed. The instance will now send/receive traffic based on the new SG settings.

You can also add multiple security groups.

Adding a Network Interface

A network interface is like another NIC card to an instance. It will have another set of IPs additional to the already existing primary Network Interface.

Step 1) In this step,

Go to ‘Networking’.

Click on ‘Attach Network Interface’.

You will get an error prompt if you don’t have a Network Interface already created.

Let’s see how to create a Network Interface quickly.

Step 2) In this step,

Go to EC2 Dashboard, and click on ‘Network Interfaces’ on the left pane.

Click on ‘Create Network Interface’ button.

Step 3) In this step,

Add a description for your network interface

Select the subnet where you want to create your network interface. Keep the auto assign the private IP option default

Security groups are applied to a network interface of an instance, so here you will get an option for the same. Select your desired SG

Once you’re done entering the details, click on ‘Create.’

Now you can come back to the EC2 Dashboard and check that your network interface is getting created.

Now come back on Step 2) and go ahead with selecting your available interface which we just created and attach it to the instance.

Now as you can see the network interface which we just created is enlisted below automatically.

Your network interface will be attached to the instance immediately.

We can come back to the EC2 Dashboard and check our instance now. Note that the instance has 2 private IPs belonging to 2 network interfaces.

Dissociating EIP

An Elastic IP is a static Public IP.

You can dissociate an EIP directly from the instance dashboard.

Step 1) In this step

Click on ‘Networking.’

Click on ‘Dissociate Elastic IP Address.’

Step 2) Click on the button of dissociate, once we have verified the instance id and the EIP.

Check below that the instance dashboard now shows the EIP field blank.

Changing Source/Destination check

The Source/Destination Check attribute controls whether source/destination checking is enabled on the instance. Disabling this attribute enables an instance to handle network traffic that isn’t specifically destined for the instance. For example, instances running services such as network address translation, routing, or a firewall should set this value to disabled.

Step 1) In this step,

Click on ‘Networking.’

Click on ‘change Source/Dust. Check’

Step 2) Click on ‘Disable’. If it is disabled already, you can enable it in this step.

Managing private IP addresses

You can assign multiple private IP addresses to a single instance if that is your application architecture’s design. The maximum no of IPs you can assign of course depends on the EC2 instance type.

Step 1) In this step,

Click on ‘Networking.’

Click on ‘Manage Private IP addresses.’

You will be redirected to a new window to assign a secondary IP address to your instance.

Step 2) In this step,

Here we are leaving the field blank. This will enable AWS to auto-assign any available private IP to our instance.

Click on ‘Update.’

Note that an IP has been automatically assigned here.

Also, come back to the EC2 dashboard and notice the 2 private IPs assigned. These are 2 IPs on a single network interface.

Enabling/disabling ClassicLink to a VPC

If your instance is provisioned in EC2 – Classic, which is a deployment mode in AWS where resources are provisioned out of a VPC; then you can link your instance to a VPC environment as shown below.

The options below are disabled for us as our instance is already in a VPC.

Enabling detailed CloudWatch monitoring

AWS will by default have basic CloudWatch monitoring enabled on all its resources. However, if our instances are production instances, we may wish to enable detailed monitoring on them with additional costs of course.

Step 1) In this step,

Click on ‘CloudWatch Monitoring’

Click on ‘Enable Detailed Monitoring’

You can also add/edit alarms to alert you for attributes in your CloudWatch monitoring metrics.

Summary

Thus, we saw in this tutorial, how to enable/modify various attributes in AWS for the instance configuration from the Management Console after it is launched.

AWS provides many more configuration options via CLI/API.

Amazon EC2 Instance creation step by step

Amazon EC2 Instance creation step by step

An EC2 instance is nothing but a virtual private server in Amazon Web Services terminology. It stands for Elastic Compute Cloud server. It is a web service where an AWS subscriber can request and provision a compute server in AWS cloud.

An on-demand EC2 instance is an offering from AWS where the subscriber/user can rent the virtual server per hour and use it to deploy his/her own applications.

The instance will be charged per hour with different rates based on the type of the instance chosen. AWS provides multiple instance types for the respective business needs of the user.

Thus, you can rent an instance based on your own CPU and memory requirements and use it if you want. You can terminate the instance when it’s no more used and save on costs. This is the most striking advantage of an on-demand instance – you can drastically save on your CAPEX.

In this tutorial, you will learn-

Login and access to AWS services

Choose AMI

Choose Instance Types

Configure Instance

Add Storage

Tag Instance

Configuring Security Groups

Review Instances

Creating a EIP and connecting to your instance

Let us see in detail how to launch an on-demand EC2 instance in AWS Cloud.

Login and access to AWS services

Step 1) In this step,

Login to your AWS account and go to the AWS Services tab at the top left corner.

Here, you will see all of the AWS Services categorized as per their area viz. Compute, Storage, Database, etc. For creating an EC2 instance , we have to choose Computeà EC2 as in the next step.

Open all the services and click on EC2 under Compute services. This will launch the dashboard of EC2.

Here is the EC2 dashboard. Here you will get all the information in gist about the AWS EC2 resources running.

Step 2) On the top right corner of the EC2 dashboard, choose the AWS Region in which you want to provision the EC2 server.

Here we are selecting N. Virginia. AWS provides 10 Regions all over the globe.

Step 3) In this step

Once your desired Region is selected, come back to the EC2 Dashboard.

Click on ‘Launch Instance ‘ button in the section of Create Instance (as shown below).

Instance creation wizard page will open as soon as you click ‘Launch Instance ‘.

Choose AMI

Step 1) In this step we will do,

You will be asked to choose an AMI of your choice. (An AMI is an Amazon Machine Image. It is a template basically of an Operating System platform which you can use as a base to create your instance ). Once you launch an EC2 instance from your preferred AMI, the instance will automatically be booted with the desired OS. (We will see more about AMIs in the coming part of the tutorial).

Here we are choosing the default Amazon Linux (64 bit) AMI.

Choose Instance Types

Step 1) In the next step, you have to choose the type of instance you require based on your business needs.

We will choose t2.micro instance type, which is a 1vCPU and 1GB memory server offered by AWS.

Click on “Configure Instance Details” for further configurations

In the next step of the wizard, enter details like no. of instance s you want to launch at a time.

Here we are launching one instance .

Configure Instance

Step 1) No. of instance s- you can provision up to 20 instance s at a time. Here we are launching one instance .

Step 2) Under Purchasing Options, keep the option of ‘Request Spot Instance s’ unchecked as of now. (This is done when we wish to launch Spot instance s instead of on-demand ones. We will come back to Spot instance s in the later part of the tutorial).

Step 3) Next, we have to configure some basic networking details for our EC2 server.

You have to decide here, in which VPC (Virtual Private Cloud) you want to launch your instance and under which subnets inside your VPC. It is better to determine and plan this prior to launching the instance . Your AWS architecture set-up should include IP ranges for your subnets etc. pre-planned for better management. (We will see how to create a new VPC in Networking section of the tutorial.

Subnetting should also be pre-planned. E.g.: If it’s a web server you should place it in the public subnet and if it’s a DB server, you should place it in a private subnet all inside your VPC.

Below,

Network section will give a list of VPCs available in our platform.

Select an already existing VPC

You can also create a new VPC

Here I have selected an already existing VPC where I want to launch my instance .

Step 4) In this step,

A VPC consists of subnets, which are IP ranges that are separated for restricting access.

Below,

Under Subnets, you can choose the subnet where you want to place your instance .

I have chosen an already existing public subnet.

You can also create a new subnet in this step.

Once your instance is launched in a public subnet, AWS will assign a dynamic public IP to it from their pool of IPs.

Step 5) In this step,

You can choose if you want AWS to assign it an IP automatically, or you want to do it manually later. You can enable/ disable ‘Auto assign Public IP’ feature here likewise.

Here we are going to assign this instance a static IP called as EIP (Elastic IP) later. So we keep this feature disabled as of now.

Step 6) In this step,

In the following step, keep the option of IAM role ‘None’ as of now. We will visit the topic of IAM role in detail in IAM services.

Step 7) In this step, you have to do following things

Shutdown Behavior – when you accidentally shut down your instance , you surely don’t want it to be deleted but stopped.

Here we are defining my shutdown behavior as Stop.

Step 8) In this step,

In case, you have accidently terminated your instance , AWS has a layer of security mechanism. It will not delete your instance if you have enabled accidental termination protection.

Here we are checking the option for further protecting our instance from accidental termination.

Step 9) In this step,

Under Monitoring- you can enable Detailed Monitoring if your instance is a business critical instance . Here we have kept the option unchecked. AWS will always provide Basic monitoring on your instance free of cost. We will visit the topic of monitoring in AWS Cloud Watch part of the tutorial.

Under Tenancy- select the option if shared tenancy. If your application is a highly secure application, then you should go for dedicated capacity. AWS provides both options.

Step 10) In this step,

Click on ‘Add Storage’ to add data volumes to your instance in next step.

Add Storage

Step 1) In this step we do following things,

In the Add Storage step, you’ll see that the instance has been automatically provisioned a General Purpose SSD root volume of 8GB. ( Maximum volume size we can give to a General Purpose volume is 16GB)

You can change your volume size, add new volumes, change the volume type, etc.

AWS provides 3 types of EBS volumes- Magnetic, General Purpose SSD, Provisioned IOPs. You can choose a volume type based on your application’s IOPs needs.

Tag Instance

Step 1) In this step

you can tag your instance with a key-value pair. This gives visibility to the AWS account administrator when there are lot number of instance s.

The instance s should be tagged based on their department, environment like Dev/SIT/Prod. Etc. this gives a clear view of the costing on the instance s under one common tag.

Here we have tagged the instance as a Dev_Web server 01

Go to configure Security Groups later

Configuring Security Groups

Step 1) In this next step of configuring Security Groups, you can restrict traffic on your instance ports. This is an added firewall mechanism provided by AWS apart from your instance ‘s OS firewall.

You can define open ports and IPs.

Since our server is a webserver=, we will do following things

Creating a new Security Group

Naming our SG for easier reference

Defining protocols which we want enabled on my instance

Assigning IPs which are allowed to access our instance on the said protocols

Once, the firewall rules are set- Review and launch

Review Instances

Step 1) In this step, we will review all our choices and parameters and go ahead to launch our instance .

Step 2) In the next step you will be asked to create a key pair to login to you an instance . A key pair is a set of public-private keys.

AWS stores the private key in the instance , and you are asked to download the public key. Make sure you download the key and keep it safe and secured; if it is lost you cannot download it again.

Create a new key pair

Give a name to your key

Download and save it in your secured folder

When you download your key, you can open and have a look at your RSA private key.

Step 3) Once you are done downloading and saving your key, launch your instance .

You can see the launch status meanwhile.

You can also see the launch log.

Click on the ‘ Instances’ option on the left pane where you can see the status of the instance as ‘Pending’ for a brief while.

Once your instance is up and running, you can see its status as ‘Running’ now. Note that the instance has received a Private IP from the pool of AWS.

Creating a EIP and connecting to your instance

An EIP is a static public IP provided by AWS. It stands for Elastic IP. Normally when you create an instance , it will receive a public IP from the AWS‘s pool automatically. If you stop/reboot your instance , this public IP will change- it’dynamic. In order for your application to have a static IP from where you can connect via public networks, you can use an EIP.

Step 1) On the left pane of EC2 Dashboard, you can go to ‘Elastic IPs’ as shown below.

Step 2) Allocate a new Elastic IP Address.

Step 3) Allocate this IP to be used in a VPC scope.

Your request will succeed if you don’t have 5 or more than 5 EIPs already in your account.

Step 4) Now assign this IP to your instance .

Select the said IP

Click on Actions -> Associate Address

Step 5) In the next page,

Search for your instance and

Associate the IP to it.

Step 6) Come back to your instance s screen, you’ll see that your instance has received your EIP.

Step 7) Now open putty from your programs list and add your same EIP in there as below.

Step 8) In this step,

Add your private key in putty for secure connection

Go to Auth

Add your private key in .ppk (putty private key) format

Once done click on “Open” button

Once you connect, you will successfully see the Linux prompt.

Please note that the machine you are connecting from should be enabled on the instance Security Group for SSH (like in the steps above).

Once you become familiar with the above steps for launching the instance, it becomes a matter of 2 minutes to launch the same!

You can now use your on-demand EC2 server for your applications.

Summary:

Thus, we saw in detail how to create an on-demand EC2 instance in this tutorial. Because it is an on-demand server, you can keep it running when in use and ‘Stop’ it when it’s unused to save on your costs.

You can provision a Linux or Windows EC2 instance or from any of the available AMIs in AWS Marketplace based on your choice of OS platform.

If your application is in production and you have to use it for years to come, you should consider provisioning a reserved instance to drastically save on your CAPEX.