Launch Your Amazon EC2 Instance labs

 

Task 1: Launch Your Amazon EC2 Instance

In this task, you will launch an Amazon EC2 instance with termination protection. Termination protection prevents you from accidentally terminating an EC2 instance. Your instance will include a User Data script that will install a simple web server.

3. From the AWS Management Console, use the AWS search bar to search for 

EC2

 and then choose the service from the list of results.

4. At the top left of the screen, if you see New EC2 Experience in the top-left of the screen, ensure  New EC2 Experience is selected.

5. Choose the Launch instance  drop down menu and choose Launch instance.

6. In the Name and tags section, enter 

Web Server

 in the Name box.

7. For Amazon Machine Image (AMI), select Amazon Linux 2 AMI.

This lab will only work with an Amazon Linux 2 AMI.

 An Amazon Machine Image (AMI) provides the information required to launch an instance, which is a virtual server in the cloud. An AMI includes:

• A template for the root volume for the instance (for example, an operating system or an application server with applications)
• Launch permissions that control which AWS accounts can use the AMI to launch instances
• A block device mapping that specifies the volumes to attach to the instance when it is launched

The Quick Start list contains the most commonly-used AMIs. You can also create your own AMI or select an AMI from the AWS Marketplace, an online store where you can sell or buy software that runs on AWS.

8. In the Instance Type section, choose the Instance type drop down menu and choose 

t3.micro

.

 Amazon EC2 provides a wide selection of instance types optimized to fit different use cases. Instance types comprise varying combinations of CPU, memory, storage, and networking capacity and give you the flexibility to choose the appropriate mix of resources for your applications. Each instance type includes one or more instance sizes, allowing you to scale your resources to the requirements of your target workload.

A t3.micro instance type has 2 virtual CPUs and 1 GiB of memory.

9. In the Key pair (login) section, locate the Key pair name drop down menu and choose Proceed without a key pair (Not recommended).

 Amazon EC2 uses public–key cryptography to encrypt and decrypt login information. To log in to your instance, you must create a key pair, specify the name of the key pair when you launch the instance, and provide the private key when you connect to the instance.

In this lab you will not log into your instance, so you do not require a key pair.

10. In the Network settings section, choose the Edit button. Make the following selections:

• VPC: Choose the VPC with the name that contains 

Lab VPC

• Subnet: Choose the Subnet with the name that contains 

Public Subnet 1

 The Network indicates which Virtual Private Cloud (VPC) you wish to launch the instance into. You can have multiple networks, such as different ones for development, testing and production.

The Lab VPC was created using a CloudFormation template during the setup process of your lab. This VPC includes two public subnets in two different Availability Zones.

11. In the Firewall (security groups) section, choose  Create security group

• Security group name = 

Web Server security group

• Description = 

Security group for my web server

 A security group acts as a virtual firewall that controls the traffic for one or more instances. When you launch an instance, you associate one or more security groups with the instance. You add rules to each security group that allow traffic to or from its associated instances. You can modify the rules for a security group at any time; the new rules are automatically applied to all instances that are associated with the security group.

In this lab, you will not log into your instance using SSH. Removing SSH access will improve the security of the instance.

12. Choose the Remove button to remove the existing SSH rule. You should have no security group rules.

13. The Configure storage section default choices can be left alone.

 Amazon EC2 stores data on a network-attached virtual disk called Elastic Block Store.

You will launch the Amazon EC2 instance using a default 8 GiB disk volume. This will be your root volume (also known as a ‘boot’ volume).

14. Expand the Advanced details section. Scroll down to the Termination protection drop down menu and set to Enable.

 When an Amazon EC2 instance is no longer required, it can be terminated, which means that the instance is stopped and its resources are released. A terminated instance cannot be started again. If you want to prevent the instance from being accidentally terminated, you can enable termination protection for the instance, which prevents it from being terminated.

15. Scroll all the way to the bottom until you see a field for User data.

 When you launch an instance, you can pass user data to the instance that can be used to perform common automated configuration tasks and even run scripts after the instance starts.

Your instance is running Amazon Linux, so you will provide a shell script that will run when the instance starts.

16. Copy the following text and paste it into the User data field:

#!/bin/bash

yum -y install httpd

systemctl enable httpd

systemctl start httpd

echo '<html><h1>Hello From Your Web Server!</h1></html>' > /var/www/html/index.html

The script will:

• Install an Apache web server (httpd)
• Configure the web server to automatically start on boot
• Activate the Web server
• Create a simple web page

17. Choose Launch instance .

 Expected output:

 Success

18. Choose Instances from the collapsible menu on the left pane. You may need to expand the menu to see this option.

The instance might appear in a pending state, which means it is being launched. It will then change to running, which indicates that the instance has started booting. When creating a new instance, there will usually be a short time before you can access the instance.

19. Wait for your instance to display the following:

• Instance state:  Running .
• Status check:  2/2 checks passed .

Periodically refresh the page if you don’t see a change in the Instance state or Status check values.

Select the  for your newly-created Web Server and the Details tab displays detailed information about your instance.

 To view more information in the Details tab, drag the window divider upwards.

Review the information displayed in the Details tab. It includes information about the instance type, security settings, network settings, and more. The instance receives a Public IPv4 DNS name that you can use to communicate with the instance from the Internet.

 Congratulations! You have successfully launched your first Amazon EC2 instance.

---

Task 2: Monitor Your Instance

Monitoring is an important part of maintaining the reliability, availability, and performance of your Amazon Elastic Compute Cloud (Amazon EC2) instances and your AWS solutions.

20. Select the Status checks tab.

With instance status monitoring, you can quickly determine whether Amazon EC2 has detected any problems that might prevent your instances from running applications. Amazon EC2 performs automated checks on every running EC2 instance to identify hardware and software issues.

Notice that both the System reachability and Instance reachability checks have passed.

21. Select the Monitoring tab.

This tab displays CloudWatch metrics for your instance. Currently, there are not many metrics to display because the instance was recently launched.

You can choose a graph to see an expanded view.

 Amazon EC2 sends metrics to Amazon CloudWatch for your EC2 instances. Basic (five-minute) monitoring is enabled by default. You can enable detailed (one-minute) monitoring.

22. Select the Actions  menu (in the upper right of the console), choose Monitor and troubleshoot  and select Get system log.

 Expected output:

 Note: If you do not see a system log, wait a couple of minutes and refresh the log screen until it appears.

The System Log displays the console output of the instance, which is a valuable tool for problem diagnosis. It is especially useful for troubleshooting kernel problems and service configuration issues that could cause an instance to terminate or become unreachable before its SSH daemon can be started.

23. Scroll through the output and note that the httpd package was installed from the user data that you added when you created the instance.

24. Scroll down to the bottom of the browser window and select Cancel.

25. Select the  for Web Server, then select the Actions  menu, choose Monitor and troubleshoot  and select Get instance screenshot.

 Expected output:

This shows you what your Amazon EC2 instance console would look like if a screen were attached to it.

 If you are unable to reach your instance via SSH or RDP, you can capture a screenshot of your instance and view it as an image. This provides visibility as to the status of the instance, and allows for quicker troubleshooting.

26. Scroll down to the bottom of the browser window and select Cancel.

 Congratulations! You have explored several ways to monitor your instance.

---

Task 3: Update Your Security Group and Access the Web Server

When you launched the EC2 instance, you provided a script that installed a web server and created a simple web page. In this task, you will access content from the web server.

27. Select the  for Web Server, then choose the Details tab.

28. Copy the Public IPv4 address of your instance to your clipboard.

29. Open a new tab in your web browser, paste the IP address you just copied, then press Enter.

 Consider:

Are you able to access your web server? Why not?

You are not currently able to access your web server because the security group is not permitting inbound traffic on port 80, which is used for HTTP web requests. This is a demonstration of using a security group as a firewall to restrict the network traffic that is allowed in and out of an instance.

To correct this, you will now update the security group to permit web traffic on port 80.

30. Keep the browser tab open, but return to the EC2 Management Console tab.

31. In the left navigation pane, select Security Groups.

32. Select the  for the Security group ID with the Security group name Web Server security group.

The security group currently has no rules.

33. Choose the Inbound rules tab.

34. Choose Edit inbound rules.

35. Choose Add rule then configure:

• Type: HTTP
• Source: Anywhere-IPv4

36. Choose Save rules .

The new Inbound HTTP rule will create an entry for both IPV4 IP address (0.0.0.0/0) as well as IPV6 IP address (::/0).

 Note: using “Anywhere”, or more specifically, using 0.0.0.0/0 or ::/0 is not a recommended best practice for production workloads.

37. Return to the web server tab that you previously opened and refresh  the page.

 Expected output:

You should see the message Hello From Your Web Server!

 Congratulations! You have successfully modified your security group to permit HTTP traffic into your Amazon EC2 Instance.

---

Task 4: Resize Your Instance: Instance Type and EBS Volume

As your needs change, you might find that your instance is over-utilized (too small) or under-utilized (too large). If so, you can change the instance type. For example, if a t3.micro instance is too small for its workload, you can change it to an t3.small instance. Similarly, you can change the size of a disk.

STOP YOUR INSTANCE

Before you can resize an instance, you must stop it.

 When you stop an instance, it is shut down. There is no charge for a stopped EC2 instance, but the storage charge for attached Amazon EBS volumes remains.

38. On the EC2 Management Console, in the left navigation pane, choose Instances.

39. If it is not already selected, select the  for Web Server .

40. Select Instance state , then Stop instance.

41. Choose Stop .

Your instance will perform a normal shutdown and then will stop running. This may take a couple minutes.

42. Wait for the Instance State to display: Stopped .

CHANGE THE INSTANCE TYPE

43. If it is not already selected, select the  for Web Server .

44. Select the Actions  menu, select Instance settings  and Change instance type, then configure:

• Instance type: t3.small

45. Choose Apply .

When the instance is started again it will be a t3.small, which has twice as much memory as a t3.micro instance.

RESIZE THE EBS VOLUME

46. In the left navigation pane, select Volumes from the  Elastic Block Store section.

47. Select  the volume there.

48. In the Actions  menu, select Modify volume.

The disk volume currently has a size of 8 GiB. You will now increase the size of this disk.

49. Change the size (GiB) to: 

10

50. Choose Modify .

51. Choose Modify to confirm and increase the size of the volume.

START THE RESIZED INSTANCE

You will now start the instance again, which will now have more memory and more disk space.

52. In left navigation pane, select Instances.

53. Select  the Web Server.

54. Select Instance state  and then Start instance.

Note: An EBS volume being modified goes through a sequence of states: Modifying, Optimizing, and finally Complete.

 Congratulations! You have successfully resized your Amazon EC2 Instance. In this task you changed your instance type from t3.micro to a t3.small. You also modified your root disk volume from 8 GiB to 10 GiB.

---

Task 5: Test Termination Protection

You can delete your instance when you no longer need it. This is referred to as terminating your instance. You cannot connect to or restart an instance after it has been terminated.

In this task, you will learn how to use termination protection.

55. In left navigation pane, select Instances.

56. Select  the Web Server.

57. Select Instance state  and then Terminate instance.

58. Choose Terminate .

At this point you see the following error message on top of the page:

Failed to terminate an instance: The instance ‘i-xxxxxxxx’ may not be terminated. Modify its ‘disableApiTermination’ instance attribute and try again.

The above error is expected, and this is a safeguard to prevent the accidental termination of an instance. If you really want to terminate the instance, you will need to disable the termination protection.

59. Select Actions , choose Instance settings , and Change termination protection.

60. Unselect  Enable.

61. Choose Save .

You can now terminate the instance.

62. Refresh  the instance console screen.

63. Select  the Web Server

64. Choose Instance state  , and Terminate instance .

65. Choose Terminate .

 Expected output:

The Instance state of the Web Server instance should change to Terminated after about 30 seconds. You may have to refresh the page a few times

 Congratulations! You have successfully tested termination protection and terminated your instance.

---

Conclusion

You have successfully done the following:

• Launched a web server with termination protection enabled.
• Monitored Your EC2 instance.
• Modified the security group that your web server is using to allow HTTP access.
• Resized your Amazon EC2 instance to scale.
• Tested termination protection.
• Terminated your EC2 instance.

End lab

Follow these steps to close the console and end your lab.

66. Return to the AWS Management Console.

67. At the upper-right corner of the page, choose AWSLabsUser, and then choose Sign out.

68. Choose End lab and then confirm that you want to end your lab.

Additional resources

• Launch Your Instance
• Amazon EC2 Instance Types
• Amazon Machine Images (AMI)
• Amazon EC2 - User Data and Shell Scripts
• Amazon EC2 Root Device Volume
• Tagging Your Amazon EC2 Resources
• Security Groups
• Amazon EC2 Key Pairs
• Status Checks for Your Instances
• Getting Console Output and Rebooting Instances
• Amazon EC2 Metrics and Dimensions
• Resizing Your Instance
• Stop and Start Your Instance
• Amazon EC2 Service Limits
• Terminate Your Instance
• Termination Protection for an Instance