1 00:00:06,893 --> 00:00:09,727 - Now let's run through a demo of launching a Linux instance 2 00:00:09,727 --> 00:00:10,894 in Amazon EC2. 3 00:00:12,957 --> 00:00:16,727 You can see, we're already logged into the AWS console. 4 00:00:16,727 --> 00:00:18,915 We're on the initial dashboard, and from here, 5 00:00:18,915 --> 00:00:20,582 I'm gonna go to EC2. 6 00:00:22,981 --> 00:00:26,358 It's important to make sure that you're in the right region. 7 00:00:26,358 --> 00:00:30,204 Here, we're using the US East two Ohio region. 8 00:00:30,204 --> 00:00:32,225 I can change that from here. 9 00:00:32,225 --> 00:00:33,870 Again, as we've talked about, 10 00:00:33,870 --> 00:00:36,531 whatever region you operate in is really according 11 00:00:36,531 --> 00:00:38,526 to the needs of your business. 12 00:00:38,526 --> 00:00:42,693 Are you trying to serve end-users in a particular area? 13 00:00:43,555 --> 00:00:45,254 Are you trying to meet some kind 14 00:00:45,254 --> 00:00:47,698 of data compliance regulations? 15 00:00:47,698 --> 00:00:50,838 Or are you simply trying to get the lowest cost? 16 00:00:50,838 --> 00:00:52,818 Whatever that answer is will determine 17 00:00:52,818 --> 00:00:54,492 what region you choose. 18 00:00:54,492 --> 00:00:56,902 For the sake of this demo, it doesn't really matter, 19 00:00:56,902 --> 00:00:59,166 but US East is one of the newer regions, 20 00:00:59,166 --> 00:01:00,618 so I just wanna try it out. 21 00:01:00,618 --> 00:01:04,146 I've seen this happen to folks, when you launch machines, 22 00:01:04,146 --> 00:01:05,557 and you launch different resources, 23 00:01:05,557 --> 00:01:07,478 and then you come back later and go, 24 00:01:07,478 --> 00:01:08,814 "Wait, where are they?" 25 00:01:08,814 --> 00:01:11,424 It's simply because you inadvertently switched 26 00:01:11,424 --> 00:01:12,814 to a different region. 27 00:01:12,814 --> 00:01:16,245 If that happens to you, if you can't find your resources, 28 00:01:16,245 --> 00:01:19,762 just make sure that you have the right region selected. 29 00:01:19,762 --> 00:01:21,959 From here, in the Ohio region, you can see 30 00:01:21,959 --> 00:01:25,089 that we don't have any instances running. 31 00:01:25,089 --> 00:01:28,745 In order to launch one, I going to go down here to AMIs. 32 00:01:28,745 --> 00:01:30,336 Remember what we talked about, 33 00:01:30,336 --> 00:01:34,503 that all EC2 instances start with the Amazon Machine Image, 34 00:01:35,727 --> 00:01:37,621 so I'm gonna click on that. 35 00:01:37,621 --> 00:01:40,714 You can see that I have this filtered. 36 00:01:40,714 --> 00:01:42,852 I'm gonna change this real quick to show you. 37 00:01:42,852 --> 00:01:46,487 Images owned by me: I don't have any yet. 38 00:01:46,487 --> 00:01:48,885 I'm gonna change this to Public Images. 39 00:01:48,885 --> 00:01:51,856 These are all of the images that have been made public 40 00:01:51,856 --> 00:01:56,015 by various publishers, namely being Amazon Web Services. 41 00:01:56,015 --> 00:01:59,305 Other folks like Canonical publishes Ubnutu. 42 00:01:59,305 --> 00:02:02,495 Red Hat publishes a number of things like, of course, 43 00:02:02,495 --> 00:02:06,521 Red Hat Enterprise Linux, CentOS Fedora. 44 00:02:06,521 --> 00:02:09,521 There's others, like Zend and VIATA. 45 00:02:11,802 --> 00:02:15,178 All kinds of public images are available here. 46 00:02:15,178 --> 00:02:16,578 For the sake of this demo, 47 00:02:16,578 --> 00:02:20,894 I want to launch an Amazon Linux-based machine. 48 00:02:20,894 --> 00:02:23,749 You can see, when I click here into the filter, 49 00:02:23,749 --> 00:02:25,750 I get a number of attributes 50 00:02:25,750 --> 00:02:29,321 by which I can filter our images on. 51 00:02:29,321 --> 00:02:32,170 The first thing that I wanna do is filter by, 52 00:02:32,170 --> 00:02:33,830 I know that this is Amazon Linux, 53 00:02:33,830 --> 00:02:37,747 so I'm gonna change the owner to Amazon Images. 54 00:02:38,855 --> 00:02:41,682 Now I can see that all of these images were published 55 00:02:41,682 --> 00:02:44,281 by Amazon Web Services. 56 00:02:44,281 --> 00:02:48,448 I'm going to, also, change the platform to Amazon Linux. 57 00:02:51,574 --> 00:02:55,741 I'm going to make sure that the architecture is 64-bit. 58 00:02:59,132 --> 00:03:01,814 From there, you can see, if we were to scroll through here, 59 00:03:01,814 --> 00:03:03,870 we could see that the list did get shorter. 60 00:03:03,870 --> 00:03:06,458 It's hard to see that, but we have narrowed it down. 61 00:03:06,458 --> 00:03:09,668 This is the one that I want; I want X86 64. 62 00:03:09,668 --> 00:03:12,197 The EBS that we see here means 63 00:03:12,197 --> 00:03:15,365 that the root volume is based 64 00:03:15,365 --> 00:03:18,001 on an elastic block-store volume. 65 00:03:18,001 --> 00:03:20,485 We'll talk more about that later. 66 00:03:20,485 --> 00:03:22,893 Now that I have the AMI that I want, 67 00:03:22,893 --> 00:03:25,382 I'm gonna go ahead and hit Launch. 68 00:03:25,382 --> 00:03:28,043 From here, you can see, we can choose 69 00:03:28,043 --> 00:03:31,224 from various types of machine sizes. 70 00:03:31,224 --> 00:03:34,292 We have different families, such as the t2 family, 71 00:03:34,292 --> 00:03:37,511 which is really great for development, testing, 72 00:03:37,511 --> 00:03:39,677 environments, experiments. 73 00:03:39,677 --> 00:03:43,665 It's potentially good for low-traffic applications 74 00:03:43,665 --> 00:03:45,530 in production as well. 75 00:03:45,530 --> 00:03:48,036 We have the M series, which is a mixed-use. 76 00:03:48,036 --> 00:03:52,360 They give us a good balance of CPU, here two cores 77 00:03:52,360 --> 00:03:55,512 and eight Gigs of RAM for the m4.large. 78 00:03:55,512 --> 00:03:59,450 If we compare that to the c4.large, you can see 79 00:03:59,450 --> 00:04:03,617 that we have two cores, but we have half the memory. 80 00:04:04,614 --> 00:04:08,562 The c4 is what we consider a compute-optimized instance. 81 00:04:08,562 --> 00:04:12,034 It has less memory, but essentially more compute power. 82 00:04:12,034 --> 00:04:14,283 We get into the R series, 83 00:04:14,283 --> 00:04:17,175 and that's going to give us much more memory. 84 00:04:17,175 --> 00:04:19,213 These are memory-optimized. 85 00:04:19,213 --> 00:04:22,455 We get into some really large storage capacity. 86 00:04:22,455 --> 00:04:24,525 These are high-performance computing. 87 00:04:24,525 --> 00:04:29,490 We can even get into the GPUs, and so on and so forth. 88 00:04:29,490 --> 00:04:31,231 For now, for the point of this, 89 00:04:31,231 --> 00:04:32,876 we don't really need a whole lot. 90 00:04:32,876 --> 00:04:36,574 In fact, the t2.micro is free-tier-eligible. 91 00:04:36,574 --> 00:04:39,358 You can see that certain instances, like this one here, 92 00:04:39,358 --> 00:04:43,288 Amazon Web Services will give us the first 12 months 93 00:04:43,288 --> 00:04:46,823 of this particular machine for free, that is, 94 00:04:46,823 --> 00:04:49,694 the first 12 months following your AWS sign-up date. 95 00:04:49,694 --> 00:04:52,166 My particular account is too old for that. 96 00:04:52,166 --> 00:04:54,516 I don't qualify for the free tier, but for those 97 00:04:54,516 --> 00:04:58,531 of you following this course, you probably will. 98 00:04:58,531 --> 00:05:01,725 Using the free tier services, a number of services come 99 00:05:01,725 --> 00:05:04,958 with a free tier, it's a really great way to get 100 00:05:04,958 --> 00:05:07,926 into Amazon Web Services and try things out, 101 00:05:07,926 --> 00:05:11,706 and get to know these services without spending any money. 102 00:05:11,706 --> 00:05:15,649 I'm gonna go ahead and choose the t2.micro. 103 00:05:15,649 --> 00:05:17,649 I'm going to click Next. 104 00:05:18,591 --> 00:05:22,179 From here, we can say, I want to launch one, 105 00:05:22,179 --> 00:05:23,814 maybe I wanna launch 10 machines. 106 00:05:23,814 --> 00:05:26,013 We can change that if I wanted to. 107 00:05:26,013 --> 00:05:29,174 For the sake of this demo, we're just gonna launch one. 108 00:05:29,174 --> 00:05:33,544 Here, we'll talk about Spot instances later on. 109 00:05:33,544 --> 00:05:36,150 We might wanna choose this; we wanna get a lower price. 110 00:05:36,150 --> 00:05:38,520 We'll save that for later. 111 00:05:38,520 --> 00:05:40,574 Here, we can choose the network. 112 00:05:40,574 --> 00:05:43,386 Here are the networks that we created earlier. 113 00:05:43,386 --> 00:05:47,553 For the sake of this demo, I'm gonna launch this into 10.2. 114 00:05:49,500 --> 00:05:52,408 Because I don't have a VPN established right now, 115 00:05:52,408 --> 00:05:56,034 I need these machines to be publicly available. 116 00:05:56,034 --> 00:06:00,201 I'm gonna choose one of our public subnets that we created. 117 00:06:01,346 --> 00:06:03,044 I'm also going to make sure 118 00:06:03,044 --> 00:06:06,406 that the auto-assign public IP is using the subnet setting 119 00:06:06,406 --> 00:06:08,316 that we turned on, so that, yes, 120 00:06:08,316 --> 00:06:12,279 these machines will automatically get a public IP. 121 00:06:12,279 --> 00:06:14,647 Can recall that we talked about roles. 122 00:06:14,647 --> 00:06:18,080 I'm going to choose the myApplication role that we created, 123 00:06:18,080 --> 00:06:21,268 so that later, if I want this particular instance 124 00:06:21,268 --> 00:06:25,538 to have the ability to communicate with other AWS services 125 00:06:25,538 --> 00:06:28,263 on my behalf, then it already has a role 126 00:06:28,263 --> 00:06:31,834 and I can just go in and add permissions to that role. 127 00:06:31,834 --> 00:06:36,752 It's important to know that you have to add the role 128 00:06:36,752 --> 00:06:38,860 at the time you launch the machine. 129 00:06:38,860 --> 00:06:41,556 If you launch a machine without a role, it's too late. 130 00:06:41,556 --> 00:06:45,698 You'll have to terminate that machine and start over. 131 00:06:45,698 --> 00:06:48,797 From here, you can see that we do have some control 132 00:06:48,797 --> 00:06:50,240 over our network interfaces. 133 00:06:50,240 --> 00:06:53,392 We could add more if we wanted to. 134 00:06:53,392 --> 00:06:55,831 There are some advanced options down here, 135 00:06:55,831 --> 00:06:59,326 such as user data that we'll talk about later. 136 00:06:59,326 --> 00:07:01,530 We're gonna click Add Storage. 137 00:07:01,530 --> 00:07:02,932 From here, you can see 138 00:07:02,932 --> 00:07:06,599 that our root volume is an eight-Gig volume. 139 00:07:07,939 --> 00:07:10,476 It's just a simple magnetic volume, 140 00:07:10,476 --> 00:07:13,816 and it will be hosted by the elastic block-store service 141 00:07:13,816 --> 00:07:15,343 that we'll talk about later. 142 00:07:15,343 --> 00:07:17,793 Now, if I wanted it to be faster, 143 00:07:17,793 --> 00:07:21,398 I might wanna choose a General Purpose SSD 144 00:07:21,398 --> 00:07:22,946 or a Provisioned IOPS SSD. 145 00:07:22,946 --> 00:07:25,048 Again, we'll talk about those later on. 146 00:07:25,048 --> 00:07:27,942 For the sake of this demo, magnetic is perfectly fine. 147 00:07:27,942 --> 00:07:31,818 We're gonna click Next and add some tags to my instance. 148 00:07:31,818 --> 00:07:34,157 Tagging is a really great way 149 00:07:34,157 --> 00:07:36,908 to keep your environment organized. 150 00:07:36,908 --> 00:07:40,147 As you get further into Amazon Web Services, 151 00:07:40,147 --> 00:07:43,067 as you start to deploy applications and services, 152 00:07:43,067 --> 00:07:45,661 you'll end up, perhaps, with dozens or hundreds 153 00:07:45,661 --> 00:07:49,245 of EC2 instances, security groups, VPCs. 154 00:07:49,245 --> 00:07:52,964 It's really important to be able to tag these resources 155 00:07:52,964 --> 00:07:55,563 in a consistent way, in a predictable way, 156 00:07:55,563 --> 00:07:57,452 so that you can come back and filter 157 00:07:57,452 --> 00:08:01,720 and find particular servers for particular needs. 158 00:08:01,720 --> 00:08:05,887 In this case, I'm going to name this one linux-demo. 159 00:08:06,769 --> 00:08:10,578 I might also want to create other tags, 160 00:08:10,578 --> 00:08:13,803 such as the environment that this machine belongs into. 161 00:08:13,803 --> 00:08:17,970 The environment might be dev, stage, production, and so on. 162 00:08:19,887 --> 00:08:24,054 I might also add an application tag, and call this one demo. 163 00:08:28,640 --> 00:08:29,900 Tags are up to you. 164 00:08:29,900 --> 00:08:31,731 They're pretty much arbitrary, but again, 165 00:08:31,731 --> 00:08:34,024 I would highly recommend that you leverage these 166 00:08:34,024 --> 00:08:38,024 as a way to keep your infrastructures organized. 167 00:08:39,391 --> 00:08:42,363 From here, I'm gonna leverage the security group. 168 00:08:42,363 --> 00:08:44,141 I'm going to select an existing one, 169 00:08:44,141 --> 00:08:46,906 because we already created one. 170 00:08:46,906 --> 00:08:49,413 I'm going to use the web server that we created. 171 00:08:49,413 --> 00:08:52,714 You can see here that we have our port 80 172 00:08:52,714 --> 00:08:56,072 and 443 is open from the Internet. 173 00:08:56,072 --> 00:08:58,716 I'm gonna go ahead and click Review and Launch. 174 00:08:58,716 --> 00:09:00,762 It's just telling me, you know what? 175 00:09:00,762 --> 00:09:03,223 Port 22, you don't have access to that, 176 00:09:03,223 --> 00:09:05,841 so we're going to fix that here in just a minute. 177 00:09:05,841 --> 00:09:08,672 It's also saying it's somewhat warning us 178 00:09:08,672 --> 00:09:11,741 that we are continuing with a magnetic drive. 179 00:09:11,741 --> 00:09:15,980 It's telling us that General Purpose SSD volumes 180 00:09:15,980 --> 00:09:18,912 will be faster, and it's giving us the choice 181 00:09:18,912 --> 00:09:22,731 to make our boot volume General Purpose 182 00:09:22,731 --> 00:09:27,337 for all instances going forward, or just for this one, 183 00:09:27,337 --> 00:09:30,405 or we could just continue with magnetic. 184 00:09:30,405 --> 00:09:33,125 Perhaps I'm just gonna say, you know what? 185 00:09:33,125 --> 00:09:35,546 General Purpose SSD is probably better. 186 00:09:35,546 --> 00:09:36,733 Let's go ahead and stick with that 187 00:09:36,733 --> 00:09:38,328 for all things moving forward. 188 00:09:38,328 --> 00:09:39,548 That'll be up to you. 189 00:09:39,548 --> 00:09:43,612 Whatever makes the most sense for your business. 190 00:09:43,612 --> 00:09:46,772 Now we get an opportunity to review this instance. 191 00:09:46,772 --> 00:09:48,557 I'm going to scan through here and make sure, 192 00:09:48,557 --> 00:09:52,380 yes, we're using an Amazon Linux, AMI. 193 00:09:52,380 --> 00:09:55,052 We're running on a t2.micro. 194 00:09:55,052 --> 00:09:58,052 We have the right security group attached, 195 00:09:58,052 --> 00:10:00,552 with the right rules in place. 196 00:10:01,397 --> 00:10:04,133 Just take a quick look at the storage. 197 00:10:04,133 --> 00:10:05,959 We don't really need any more than eight Gigs, 198 00:10:05,959 --> 00:10:07,579 so that's gonna be okay. 199 00:10:07,579 --> 00:10:09,845 Make sure that we have the right tags in place. 200 00:10:09,845 --> 00:10:13,076 We have our name, our environment, our application. 201 00:10:13,076 --> 00:10:15,505 I'm gonna go ahead and click Launch. 202 00:10:15,505 --> 00:10:19,088 Now, key pairs are necessary for logging in 203 00:10:21,011 --> 00:10:25,178 to the operating system of this particular machine. 204 00:10:26,544 --> 00:10:28,915 I don't have an existing key pair. 205 00:10:28,915 --> 00:10:30,365 You can see that I don't have any yet, 206 00:10:30,365 --> 00:10:31,978 so I need to create one. 207 00:10:31,978 --> 00:10:34,470 I'm going to say, create a new key pair. 208 00:10:34,470 --> 00:10:37,803 I'm gonna call this one aws-livelessons, 209 00:10:39,633 --> 00:10:43,329 so I can use this for other things. 210 00:10:43,329 --> 00:10:46,645 At this point, if I don't download the key pair 211 00:10:46,645 --> 00:10:48,696 at this point, then I will never be able to get it. 212 00:10:48,696 --> 00:10:52,209 Amazon Web Services only gives us this one opportunity 213 00:10:52,209 --> 00:10:55,417 to download the private half of that key pair. 214 00:10:55,417 --> 00:10:59,584 From that point, that private key is not kept by AWS. 215 00:11:01,339 --> 00:11:02,671 If we don't download it here, 216 00:11:02,671 --> 00:11:04,999 we'll have to go back and create a new key pair. 217 00:11:04,999 --> 00:11:07,924 If you lose the private half of that key pair, 218 00:11:07,924 --> 00:11:10,572 you won't be able to get into your instance, 219 00:11:10,572 --> 00:11:12,785 unless you have already configured your instance 220 00:11:12,785 --> 00:11:15,785 to allow login without private keys. 221 00:11:17,222 --> 00:11:20,623 So, I'm gonna go ahead and download this key pair. 222 00:11:20,623 --> 00:11:21,464 You can see, there it is. 223 00:11:21,464 --> 00:11:24,612 We have a .pim file that we're going to modify here 224 00:11:24,612 --> 00:11:26,008 in just a minute. 225 00:11:26,008 --> 00:11:29,319 Now that we have the key pair created and selected, 226 00:11:29,319 --> 00:11:32,447 I'm going to hit Launch Instances. 227 00:11:32,447 --> 00:11:33,922 There you go; now you can see 228 00:11:33,922 --> 00:11:36,888 that our instance has launched, and I can click here. 229 00:11:36,888 --> 00:11:38,940 This is the ID of the instance. 230 00:11:38,940 --> 00:11:42,044 I'm going to click that, and it will take us 231 00:11:42,044 --> 00:11:45,573 to the Instances Dashboard, where we can see 232 00:11:45,573 --> 00:11:48,240 that our t2.micro is now running 233 00:11:49,427 --> 00:11:52,094 in us-east-2a availability zone. 234 00:11:53,012 --> 00:11:56,129 From here, we can see that we have a public IP 235 00:11:56,129 --> 00:11:59,095 that was automatically granted to it. 236 00:11:59,095 --> 00:12:03,772 We can see that we also have a private IP in the 10.2 range. 237 00:12:03,772 --> 00:12:07,709 From here, what I need to do is make sure 238 00:12:07,709 --> 00:12:11,876 that this particular machine can be reachable over port 22. 239 00:12:14,377 --> 00:12:16,560 Really quickly, what I wanna do 240 00:12:16,560 --> 00:12:19,143 is create a new security group. 241 00:12:21,945 --> 00:12:24,278 I'm gonna call this one ssh. 242 00:12:27,643 --> 00:12:30,782 Make sure that it belongs to the right VPC. 243 00:12:30,782 --> 00:12:33,449 I'm going to add SSH from My IP, 244 00:12:41,148 --> 00:12:43,350 you can see here that it selected the right IP 245 00:12:43,350 --> 00:12:45,933 that I'm currently coming from. 246 00:12:47,585 --> 00:12:49,335 I need a description. 247 00:12:54,122 --> 00:12:56,869 Then I'm gonna create that. 248 00:12:56,869 --> 00:12:59,897 Now that we have our ssh security group, 249 00:12:59,897 --> 00:13:01,360 I'm gonna click this tag here 250 00:13:01,360 --> 00:13:04,062 and make sure that that also has that name. 251 00:13:04,062 --> 00:13:07,062 I'm gonna come back to our instance. 252 00:13:10,543 --> 00:13:12,090 I'm going to make sure 253 00:13:12,090 --> 00:13:14,560 that we have that instance highlighted. 254 00:13:14,560 --> 00:13:17,982 Going to go to Networking, Change Security Groups, 255 00:13:17,982 --> 00:13:20,815 and choose the ssh security group. 256 00:13:21,915 --> 00:13:23,773 Now that we have that, you can see here, 257 00:13:23,773 --> 00:13:25,721 here are our security groups. 258 00:13:25,721 --> 00:13:28,710 I'm gonna click those View Rules 259 00:13:28,710 --> 00:13:31,778 and make sure that port 22 is open, 260 00:13:31,778 --> 00:13:34,528 port 80 and 443 are open. 261 00:13:34,528 --> 00:13:38,695 From here, I'm going to copy this public IP address. 262 00:13:42,070 --> 00:13:45,487 I'm going to make sure that I have access 263 00:13:46,723 --> 00:13:49,723 to that PIM file that we downloaded. 264 00:13:54,616 --> 00:13:55,616 There we go. 265 00:13:56,870 --> 00:13:59,953 Now I'm going to ssh, using that key. 266 00:14:07,054 --> 00:14:10,105 Now that we have our key downloaded, 267 00:14:10,105 --> 00:14:12,648 I want to shell into that instance. 268 00:14:12,648 --> 00:14:15,431 I wanna make sure that I have the appropriate permissions 269 00:14:15,431 --> 00:14:19,514 on that key, so I'm going to change those to 400. 270 00:14:24,477 --> 00:14:26,301 Now that the key has the right permissions, 271 00:14:26,301 --> 00:14:28,134 I'm going to use that. 272 00:14:35,669 --> 00:14:39,836 In the case of Amazon Linux, the superuser is ec2-user@, 273 00:14:42,476 --> 00:14:46,643 there's the public IP of our instance, and there we go. 274 00:14:48,363 --> 00:14:49,386 Now we've logged in. 275 00:14:49,386 --> 00:14:53,066 You can see we have a shell into our t2.micro, 276 00:14:53,066 --> 00:14:56,684 running Amazon Linux, and that's it 277 00:14:56,684 --> 00:15:00,684 for launching a Linux instance on an Amazon EC2.