How to understand AWS EC2 in simple language?
Web server setup and configuration is specially a task of system admin but as a web developer in smaller companies often developers have to do all work from website development to server setup and deployment. Mainly, we have options to choose a shared hosting server or cloud server provider but for more control cloud hosting is preferred. We have Digital Ocean and Amazon web services (AWS) which provided cloud services but we will focus on AWS EC2 because of its popularity in website deployment.
This article is basically for the users who are either new to AWS EC2 or have used it but don’t understand it very well. So let’s get started
- EC2 can be seen as virtual computers:
EC2 stand for Elastic Compute Cloud and it provides virtual machines which has everything which a physical machine have like hard disc, RAM, CPU, connected to high speed internet and Operating system but without Monitor. Because it don’t have monitor, you can access it using SSH and do whatever you want to do. In AWS world we call virtual machine an Instance. When you create instance you chose the resources like operating system, RAM, Hard Disc, network etc.
- Amazon VPC is a private network which connects all your instances:
Amazon VPC stands for virtual private cloud and can be visualize as a physical network between computer machines. It is network which works between your instances to communicate like a real network connects real computers. VPC has subnets which can be public or private working right above your instances. You can specify all security concepts of a network here on VPC and subnet.
- Every instance is secured by security group attached to your VPC:
When you create an instance then a default VPC, subnet and security groups are created by default. Security groups are the rules which govern the in-flow and out-flow of requests. Rules related to request access from outside like requesting a website on port 80 are called In-bound rules and responding. Rules related to access something in network from outside like Internet access are called outbound rules. Outbound rules are by default allowed to access the internet and download resources. Other than this you can also implement all networking concepts for security whether on VPC level or on OS level.
- Private IPs, public IPs and elastic IPs to make inbound requests:
By default Private IP, public IP(optional), VPC, subnet are generated with instance. Public IPs are not static ones and it can change with instance power down and up. So these IPs are not good for configuring with your domain. You can choose elastic IP which is the static public IP provided by AWS which always remain static and you can use this in your domain to link to webserver.
- Regions shows geographical areas and availability zones are available places:
Regions are the geographical areas for the datacentres and datacentres have some place for resources which are called availability zones. Every instance you create in wrapped by subnet. Subnet wrapped by VPC. VPC wrapped by Availability Zone. Availability Zone wrapped by Regions. You should choose region which is close to your target audience geographic area for better accessibility.
I hope above content will help you to understand the AWS EC2 terms and flow. Please share if you like the content.