Chapter 4
IN THIS CHAPTER
Looking at AWS cloud service offerings
Signing up for an AWS account
Creating a virtual machine in AWS
Managing an AWS virtual machine instance
Connecting to an AWS virtual machine instance
Like Microsoft Azure, Amazon Web Services (AWS) is a cloud computing service that includes numerous ways to virtualize your IT infrastructure in the cloud. AWS is the grandfather of cloud-based infrastructure providers — it got its start way back in 2002. Since then, AWS has developed into the largest cloud provider in the world. Amazon’s online retail space itself is hosted on AWS, as are many other familiar services, including Netflix, Hulu, and Ancestry.com.
AWS provides services that span the full range of cloud-based services, including Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS). In this chapter, I give you a brief look at the range of cloud services that AWS provides. Then you’ll learn how to create and manage a virtual machine (VM) on AWS.
AWS has well over 2,000 distinct services available on its platform. They’re organized into several categories, including (but not limited to), the following:
Compute: Provides cloud-base virtual computing resources. The main service in this category is Amazon’s cloud-based virtualization platform, known as Amazon Elastic Compute Cloud (EC2). With EC2, you can create and manage VMs that run at Amazon’s data centers. You can select from several different pricing models, depending on your needs. Multiple operating system (OS) choices are available, including Windows Server 2016 and several variations of Linux. And you can configure VMs with a single processor and as little as 1GB of RAM to as many as 64 processors and 488GB of RAM.
Naturally, the larger the machine configuration and the more it is used, the more it will cost. The smallest server can be run for just a few dollars per month (in fact, free for 12 months) — perfect for experimenting with AWS to familiarize yourself with its features.
But wait, there’s more! AWS also includes Internet of Things (IoT) solutions for managing your coffee pots and toasters, features for game development features, and who knows what else!
Before you can use AWS, you must first set up an AWS account. The good news is that Amazon offers a free account you can use to experiment with AWS. Basic AWS services are free for 12 months, which gives you plenty of time to familiarize yourself with the many capabilities and features of AWS.
Setting up the free account is easy, but you’ll have to fork over a credit card number. So you’ll want to keep a good eye on your account, just in case you step over the line of what’s free and begin incurring monthly charges.
To set up your account, just browse to http://aws.amazon.com
and follow the links to set up a free account.
Here’s what you get your first year with the free account:
Note that all these services are free for a period of one year. After the first year, normal charges are incurred.
When you’ve created your free AWS account, you can access the AWS Console by following these steps:
Go to http://aws.amazon.com
.
The AWS home page appears, as shown in Figure 4-1.
Click the Sign In to the Console button.
You’re taken to a sign-in screen.
Enter your username and click Next.
You’re prompted for your password.
Enter your password and click Sign In.
The AWS Console appears, as shown in Figure 4-2.
Explore the console! Start by clicking Services in the menu bar at the top of the page. This reveals a menu of services you can access via the console, as shown in Figure 4-3.
You can click any of the services listed in this menu to view the dashboards for the various services. For example, Figure 4-4 shows the EC2 Dashboard, which shows information about EC2 VMs.
To create a VM, navigate to the EC2 Dashboard as described in the previous section (refer to Figure 4-4). Then follow these steps:
Click the Launch Instance button.
Step 1 of the Launch Instance Wizard is displayed, as shown in Figure 4-5. This page displays a list of machine images you can choose for your VM.
Scroll through the list to see the variety of images that are available for your VMs. You’ll find a wide array of both Linux- and Windows-based images.
Click the Microsoft Windows Server 2019 Base image.
This image provides a basic Windows Server 2019 VM.
You’re taken to Step 2 of the Launch Instance Wizard, which invites you to choose an instance type, as shown in Figure 4-6. The instance type determines the performance characteristics of the VM. Here, you’ll find various combinations of virtual CPUs, memory, storage, and network performance options.
For this example, we select the t2.micro type, which provides one CPU and 1GB of memory. This instance type is eligible for the AWS free-usage tier, which gives you 750 hours of usage per month for the first 12 months of your account.
Select the t2.micro instance type and click Next: Configure Instance Details.
This summons Step 3 of the wizard, which allows you to set a variety of options for the VM, as shown in Figure 4-7.
Select the configuration options you want.
The following options are available on this page:
Click Next: Add Storage.
This brings up Step 4 of the wizard, which lets you configure the storage for the VM (see Figure 4-8).
Configure the storage for the VM.
By default, a single disk volume called the root volume is created for the instance. You can change the amount of space allocated for the root volume (in Figure 4-8, 30GB has been allocated by default), and you can change the disk type. The default is General Purpose SSD, but you can change it to less expensive Magnetic Disk if you want.
You can add additional disk volumes by clicking the Add New Volume button. When you click this button, an additional disk volume is added; you can then specify the size and volume type for the new volume.
Click Next: Add Tags.
The page shown in Figure 4-9 is displays.
If you want, add one or more tags to the instance.
AWS tags let you add keywords and associated values to your instances, as well as to other types of resources, such as volumes.
For your first experimental VM instance, you don’t need to add tags. But if you end up using more than a few VMs in AWS, you may want to apply tags to help keep them organized. For example, you might create a keyword named Stack to indicate whether a machine is part of your production stack or your test stack. For production machines, you would specify Production for the Stack keyword; for test machines, you’d specify Test.
To add a tag, simply click the Add Tag button. Then enter the tag and value.
Click Next: Configure Security Group.
This brings up the Configure Security Group page, shown in Figure 4-10. This page lets you configure one or more firewall rules that limit access to the VM.
Configure the firewall rules.
The default security group provides a single firewall rule that allows Remote Desktop Protocol (RDP) access from any IP address. If you want, you can limit RDP access to a specific address by entering the address in the Source column.
Change the source drop-down from Anywhere to My IP; AWS will figure out the IP address of your computer and set the rule to allow access only from that IP address.
If you want to allow other types of traffic to the machine, you’ll need to add additional rules. For example, to enable HTTP or HTTPS traffic, you’ll need to add rules to allow HTTP and HTTPS.
Click Review and Launch.
This takes you to the final page of the wizard, which displays a summary of the instance settings that you can review before you create the instance (see Figure 4-11).
Review the settings.
You can click the Edit links to the right of each group of settings if you need to make any changes.
Click Launch.
AWS prompts you to select a key pair to provide security for your instance. A key pair is a combination of a public key that AWS keeps and a private key stored in a file that you’re responsible for storing. You must keep the private key file in a safe place; without it, you won’t be able to access your instance!
Initially, the key pair prompt tries to find existing key pairs. If you haven’t created any, you can select Create a New Key Pair instead of Use an Existing Key Pair from the drop-down list. Then, as shown in Figure 4-12, AWS asks you to enter a name for the key pair. You can then download the key pair file and save it on your computer.
Enter a name for the key pair.
Use whatever name you want, but make sure it’s memorable.
Click Download Key Pair.
Windows asks what you want to do with the downloaded file.
Save the key pair file to a safe location.
The procedure to do this depends on the web browser you’re using.
Click Launch Instances.
AWS displays a Launch Status page that indicates the status of your request, as shown in Figure 4-13.
You can manage your VM instances by opening the EC2 Dashboard and then clicking Instances in the menu that appears at the left side of the Dashboard page. This brings up a list of all EC2 VM instances, as shown in Figure 4-14.
To manage an instance, right-click anywhere in the row for the instance you want to manage. This brings up a context menu with the following commands:
When an AWS VM is up and running, you can connect to it remotely using Remote Desktop Connection, just as you can connect to any other VM. The easiest way to do so is to follow these steps:
In the EC2 Instance Dashboard, right-click the instance you want to connect to and choose Connect, and then click the RDP Client tab.
The Connect to Instance page appears (see Figure 4-15).
Click Download Remote Desktop File.
This downloads a remote desktop connection file (.rdp
).
Save the RDP file to your computer.
The procedure to do this varies depending on the browser you're using.
Back in the Connect to Your Instance dialog box, click Get Password.
AWS asks you to specify the key pair file you downloaded when you created the instance, as shown in Figure 4-16.
Click the Browse button, navigate to your key path file, select it, and click Open.
AWS shows the contents of the key path file in the text box.
Click Decrypt Password.
AWS decrypts the password and displays it, as shown in Figure 4-17. (Well, sort of — I airbrushed out the actual password. Don’t get all excited, though. I’ve already terminated this machine, so don’t waste your time trying to hack into it!)
Notice that the password generated by AWS consists of 32 random characters. You’ll never in a lifetime commit that to memory, and you should under no circumstances copy and paste this password into a document on your computer. My recommendation is that when you log in to the server, you change its Administrator password to something you can remember without writing down.
Notice also the Copy to Clipboard icon next to the decrypted password. Click this button to copy the password to the clipboard. Then, in Step 9 (coming up!), you can just paste the random password to log in to the server.
Navigate to the .rdp
file you saved in Step 4 and double-click to open it.
Remote Desktop Connection fires up, connects to the instance, and prompts you for credentials to log in.
Enter the username (Administrator) and password (see Step 7) and click OK.
Congratulations! You’ve successfully logged in to your first AWS EC2 instance, as shown in Figure 4-18!
18.221.53.5