AWS EC2 Service - JU-DEV-Bootcamps/ERAS GitHub Wiki

What is AWS EC2?

Amazon Elastic Compute Cloud (EC2) is a scalable and secure cloud computing service that allows developers to run virtual servers, known as instances. It provides resizable compute capacity, making it suitable for a variety of workloads such as web hosting, application development, and big data analytics

Key Features

Compute Options:
- Multiple instance types optimized for different use cases
- Spot Instances for cost savings and Reserved Instances for long-term commitments
Storage:
- Elastic Block Store (EBS): Persistent, block-level storage
- Instance Store: Temporary local storage
- Elastic File System (EFS): Scalable file storage for shared data
Networking:
- Virtual Private Cloud (VPC): Customizable network settings
- Elastic IPs: Static public IPv4 addresses
Security:
- IAM roles for secure access control
- Security Groups as virtual firewalls for instances
Monitoring and Management:
- Amazon CloudWatch for metrics and alarms
- Auto Scaling for managing demand fluctuations

Pricing Models

On-Demand Instances:
- Pay for compute capacity by the hour with no long-term commitments
- Suitable for applications with short-term, spiky, or unpredictable workloads
Reserved Instances:
- Make a one-time, up-front payment for substantial discounts
- Ideal for applications with steady-state or predictable usage
Spot Instances:
- Purchase unused EC2 capacity at a reduced rate
- Best for flexible, interruption-tolerant applications
Savings Plans:
- Commit to a consistent amount of usage for a 1 or 3-year term and save up to 72% on your bill
- Flexible across instance types and regions

Free Tier for New Accounts

750 hours/month of usage for t2.micro or t3.micro instances for 12 months
Operating Systems: Linux/Unix or Windows
Storage: Includes 30 GB of EBS (SSD or Magnetic), 2 million I/Os, and 1 GB of snapshot storage

Free Tier Limitations

Exceeding the Free Tier limits will incur standard charges
Monitor usage through the AWS Management Console to avoid unexpected costs
Set up billing alerts to notify you when usage approaches the Free Tier limits

Common Use Cases

Web Hosting: Scalable solutions for static and dynamic websites
Development and Testing: Isolated environments for application development
Big Data Processing: Run large-scale analytics and machine learning workloads
High-Performance Computing (HPC): For research simulations and intensive tasks
Backup and Disaster Recovery: Reliable infrastructure for failover and recovery

Best Practices

Use Auto Scaling to handle variable demand efficiently
Monitor Free Tier usage to avoid exceeding limits
Secure instances using IAM, key pairs, and security group configurations
Optimize costs by leveraging Spot Instances and terminating unused instances
Backup data regularly using EBS snapshots
Implement least privilege principles for IAM roles and policies
Regularly review and update security group rules to minimize attack surfaces
Use AWS Trusted Advisor to identify cost optimization opportunities

Example Architecture for Angular and .NET Core

High-Level Architecture

Frontend (Angular):
- Deployed on an EC2 instance.
- Served via an Nginx or Apache web server.
- Load balanced using an Application Load Balancer (ALB).
Backend (.NET Core):
- Deployed on an EC2 instance.
- Served via Kestrel or IIS.
- Load balanced using an Application Load Balancer (ALB).
Database:
- Amazon RDS for relational databases.
- Amazon DynamoDB for NoSQL databases.
Security:
- Security Groups configured to allow traffic only from the ALB.
- IAM roles for secure access to AWS services.

Deployment Steps

Deploying Angular on EC2

Launch an EC2 Instance:
- Choose an AMI (e.g., Ubuntu).
- Select t2.micro or t3.micro for Free Tier eligibility.
Install Nginx:
```
sudo apt update
sudo apt install nginx
```
Deploy Angular Application:
- Build the Angular application: ng build --prod.
- Transfer the build files to the EC2 instance.
- Configure Nginx to serve the Angular application.

Deploying .NET Core on EC2

Launch an EC2 Instance:
- Choose an AMI (e.g., Windows Server or Ubuntu).
- Select t2.micro or t3.micro for Free Tier eligibility.

Install .NET Core Runtime:

For Ubuntu:

wget https://packages.microsoft.com/config/ubuntu/20.04/packages-microsoft-prod.deb -O packages-microsoft-prod.deb
sudo dpkg -i packages-microsoft-prod.deb
sudo apt-get update
sudo apt-get install -y apt-transport-https
sudo apt-get update
sudo apt-get install -y dotnet-runtime-5.0

Deploy .NET Core Application:
- Publish the .NET Core application: dotnet publish -c Release.
- Transfer the published files to the EC2 instance.
- Configure Kestrel or IIS to serve the .NET Core application.

Security Best Practices

IAM Roles:

Create IAM roles with the least privilege required for your applications.

Example IAM policy for S3 access:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": "s3:ListBucket",
      "Resource": "arn:aws:s3:::your-bucket-name"
    },
    {
      "Effect": "Allow",
      "Action": "s3:GetObject",
      "Resource": "arn:aws:s3:::your-bucket-name/*"
    }
  ]
}

Security Groups:

Allow inbound traffic only from the ALB.

Example Security Group rules:

Type        Protocol    Port Range    Source
HTTP        TCP         80            ALB Security Group
HTTPS       TCP         443           ALB Security Group

Performance Optimization

Caching:
- Use Amazon ElastiCache for in-memory caching.
- Implement browser caching for static assets.
CDN:
- Use Amazon CloudFront to distribute content globally.
- Configure CloudFront to cache static assets and reduce load on your EC2 instances.

Getting Started with AWS EC2

Sign Up for AWS: Create an AWS account to access the Free Tier.
Launch an Instance:
- Choose an Amazon Machine Image (AMI) for your operating system.
- Select t2.micro or t3.micro for Free Tier eligibility.
Connect to the Instance:
- Use an SSH client or EC2 Instance Connect for access.
Deploy Applications: Configure your software or services on the instance.