# Understanding AWS in detail

Let us understand AWS as IaaS (Infrastructure as a Service). We will see all the basic concepts important to understand for provisioning instances on AWS.
* Overview of Web Console
* Regions
* Key Pairs
* Networking (private ip, elastic ip, VPC)
* Security Groups
* Storage (Instance Store, EBS, EFS, S3 with different levels)
* Understanding Pricing
* Launching EC2 instances
* Amazon Machine Images
* Volumes and Snapshots
* Community AMIs and Marketplace
* Pricing Calculator
* Different categories of Services
    * RDS
    * Analytics
    * and many more
* Overview about AWS CLI
* Concept of bastion server
* Port Forwarding and FoxyProxy

***What is AWS?***

* Amazon Web Services (AWS) is a secure cloud services platform, offering computing power, database storage, content delivery and other functionality to help businesses scale and grow.
* 

Explore how millions of customers are currently leveraging AWS cloud products and solutions to build sophisticated applications with increased flexibility, scalability and reliability.

***Key Pairs***

***Storage***
* When we create a machine a storage will allocate to our machine.
* By default, the storage is 20G for one machine
* Once shout down or terminate the machine our instance store will be disconnect from our machine, We can’t reuse for other machines
* EBS (Elastic Block Storage) is a external storage from the data center.
* If we lost our VM, We can mount EBS based storage to other VM without losing any data.
* S3 (Simple Storage Service) is cloud-based storage

# *Understand the EC2 Pricing, Create and Connect to EC2 instance*
* Amazon Web Services (AWS) offers a range of cloud computing services.
* For each service, you pay for exactly the amount of resources you actually need.
* To Know pricing details, click here.
* For learning purposes, we go through on-demand pricing.
* EC2 is CPU, Memory, and storage.
* Based on what you want to do with EC2 in AWS, the price varies.
* It’s better to choose the free version of Linux instead of Enterprise Linux.
* Once you create the cluster, if you use it or not, charges are applicable on an hourly basis.
* To check the pricing, click here.

E.g.: If we want to build 6 nodes and spend 300 hours of running over a period of 2 months. For 6 instances, total hours will be 1800 hours. If we take m4.Large machines with vanilla Linux configuration which 10 cents as per below image. So the cost will be 1800 * 0.10 = $180 for EC2 machines. If we run the cluster 24 hours in the 2 months (60 days) it will cost us $864 for 1440 (60 * 24) hours.

In the next video, we will see how to create or connect ec2 instance for our requirement.

***Create your first EC2 Instance***
* Login AWS console
* Understand the which region you are.
* Search or choose EC2 from the services
* Click on the launch instance to create ec2 instance
* Choose an Amazon Machine Image(AMI)–You can choose Free Tier or Enterprise based Linux EC2 instance, as per your requirement.
    * Search on AWS marketplace (E.g: Centos)
* Choose an Instance Type (CPU and Memory)
    * Select your instance type, and click next.
        * E.g: General Purpose (t2.large), Compute Optimizes (c5.large) etc.
    * Based on the instance type, machine CPU, memory and storage will be configured for the machine.
* Configure Instance details (Networking)
    * Two important things for server on top of memory and cpu is networking and storage.
    * Choose number of instances that you want to launch and network (default VPC created by amazon).
        * You will get your own VPC (Virtual Private Cloud Name) within ec2 machines
* Add Storage
    * By default, will get 8 GB as part if free tier storage, change the size according to your requirement
    * Choose volume type – Magnetic or SSD
* Add tags
    * Just for your reference, generally Name key will be added.
    * E.g.: Key: Name – Value: centos7freetier
* Configure Security Group or Firewall
    * Choose Create a new security group
    * Enter Security Group Name (E.g:centos7freetierdemo)
    * Only SSH is made available to connect to the system remotely.
* Review
    * If you want to do any changes , you can change any configuration of your machine at this step based on suggestions or requirement.
* Launch the Instance
    * Whenever we provision machine, it will ask you create new keypair.
    * Important to connect the machine, Give the name (E.g: freetierdemo)
    * Download the key pair with .pem extension (Only at this step you can download this file)
    * And then click on Launch instance.
    
**Note:** Understand cost associated with each instance before provisioning any instance.

### Connecting to EC2 Instance
* Go to AWS Management Console, Choose the instance you want to connect, make sure it is running without any issues and click connect which prompts a window asking Open any available SSH Client.
* In this video, we will be connecting to the instance using the Cygwin (SSH client) which we configured in the previous step.
* Copy the key pair and paste it in C:\Cygwin\home\username
* Open the Cygwin, change the permissions as per instructions.

* Use the given command or below sample command to connect the instance.

* You should access the instance command shell, and validate the configuration by the below sample commands.

### Understanding EC2 dashboard left Menu
* Once login to the console, Go to EC2 dashboard.
* On EC2 Dashboard, you can see the below details on the left panel.
    * Events – It shows what are the things we did in EC2 Instance.
    * Tags – To represent information about EC2 instances.
    * Reports – A set of reports that shows cost and usage for your usage of EC2.Use these reports to analyze your usage of EC2.
    * Limits – How many instances you are provisioning at any point in time and use up to 20.
    * Images: AMI -Amazon Machine Image-If you want to re-create instances, have to create AMI.
    * Elastic Block Store
    * Snapshot -Image of a volume at a given point in time.
    * Volumes
    * Keypair
    * Security Groups

### Different EC2 Instance states
We have different states for EC2 instance, To get the instance states of EC2, go to Actions-> Instance state.
* Start – To start EC2 machine if it is in the stop state, doesn’t work if the instance is running.
* Stop – To stop the running EC2 instance
* Reboot – To restart the instance, it will typically happen in minutes
* Terminate – To completely remove or destroy the instance, it will remove all the resources with respect to EC2.

The two main impacts when you restart instance are:
* Public DNS will be changed – We can overcome these using elastic IPs topic, which will be explained in the next topic.
* Storage – Once you stop and start the instance, all the information in the instance storage will be deleted. So we will be allocating EBS storage for the root file system where all OS related and required software files will be stored.

### Describing EC2 Instance
There are two ways to get the description or details of an EC2 instance.
* One is in a Tabular format where you can see the selected instance information in a single row like state, public DNS etc.
* The second one is by selecting a particular single instance, the details will appear at the bottom of Description tab.
* If multiple numbers of Instances are there, we can choose multiple of them, but we cant able to see all the details of instances at a time. So, we have to choose one instance to get the EC2 Instance details.
* In the description tab, we can get the following the details

In the description tab, we can get the following the details
* Unique instance id
* State – running or stopped
* Instance type – E.g.: m4.large
* Elastic IPs
* Availability Zones – In each region, there can be multiple subnets within the data center, called as Availability Zones.
* Security groups- will be generated at the time of instance creation
* AMI ID – Associated AMI ID gets generated from when we procured from Marketplace.
* Keypair Name – keypair associated with the selected instance
* Public DNS – Used to connect instance from remote using ssh, Public DNS is derived from Public IP.
* Private DNS is derived from Private IP. Private DNS will not change and used as a fully qualified hostname.
* VPC ID – Virtual Private Cloud iD, used to create a network of computers.
* The storage information can be seen at Root and device fields and type of the storage. You can click on the storage or volume id to know more about information.

There is much more information about instance which is not at this stage, and all this information will help us to troubleshoot any issues with the server or cluster.

# *Using elastic ips to connect to EC2 Instance*
* Each EC2 Instance will have a private and public IP.
* From private IP, Private DNS will be created and from public IP, public DNS will be created.
* When you stop and start the instance, the public DNS will be re-assigned.

Registering IP address:
* Go to Network & Security on EC2 dashboard, in the Elastic IP menu, click on allocate the new address to get the IP address registered with your account.
* You can also give the name to IP address.

Associating the IP address to the instance:
* To allocate registered IP address with an instance, Select the IP, click on Actions and then “Associate Address”.
* Select the instance to which IP address should be allocated and Click on “Associate”.
* Now, you are associated with rented Elastic IP to EC2 instance, You can stop and start EC2 Instance, the public DNS or IP will not be changed.


### Using security groups to provide security to EC2 Instance
A security group acts as a virtual firewall that controls the traffic for one or more instances. You can modify the rules for a security group at any time; the new rules are automatically applied to all instances that are associated with the security group.
* We can create a security group with certain rules and apply one security group to multiple servers.
* Each account will have a default security group created.
* By default, security groups allow all outbound traffic.

To create a new security group using the console
* Open the Amazon EC2 dashboard
* In the left navigation pane, choose Security Groups and Create Security Group.
* Specify a name and description for the security group.
* You can start adding rules once it is created.E
* Each Security group will have description, inbound, outbound and tags information at the bottom which displays necessary information.
    * Description – name, id, description and VPC id information will be shown.
    * Inbound – What ports are open to connecting to the server
    * Outbound – What or how an instance can connect to the other servers
    * To update a security group, choose the instance and click on Actions–>Edit Inbound Rules/Edit Outbound Rules

Troubleshooting the connection issues
* To check, whether the port number is connected or not, we can use Telnet.
* To connect telnet, we can use the below command

### Understanding the concept of bastion server
As the number of EC2 instances in your AWS environment grows, so does the number of administrative access points to those instances.
A bastion is a special purpose server instance To give the controlled access to all remaining servers, that is designed to be the primary access point from the Internet and acts as a proxy to your other EC2 instances.
* Bastion Server is also known as Gateway node or Client node.
* If the number of servers is going to increase, then there are security issues.
* To resolve that issue is, give access to some servers, from there we can access the others.
* If anyone wants to access the rest of servers, needs to connect to bastion server.

### What is AWS CLI?
* The AWS Command Line Interface (CLI) is a unified tool to manage your AWS services.
* Using AWS CLI, we can manage the resources and delete the resources.

### Setting up AWS CLI in Windows
For AWS CLI, [click here](https://docs.aws.amazon.com/cli/latest/userguide/install-windows.html).

To install AWS CLI in windows, please follow the below.
* MSI Installer
* Install Python, pip and AWS CLI on Windows.
* Adding the AWS CLI Executable to your command line path.

***MSI Installer***
* MSI is Microsoft Installer.
* The MSI installation package offers a familiar and convenient way to install the AWS CLI without installing any other prerequisites.
* To download the MSI Installer, [click here](https://docs.aws.amazon.com/cli/latest/userguide/install-windows.html#install-msi-on-windows).
* Run the downloaded MSI Installer.

**Install Python, pip and AWS CLI on Windows.**
* Download Python.
* Choose Add Python 3.6 to PATH.
* Choose Install Now.

**To install the AWS CLI with pip (Windows)**
Verify the Python and pip are installed or not.

C:\Windows\System32> <mark>python --version</mark> Python 3.6.2 C:\Windows\System32> <mark>pip --version</mark>. pip 9.0.1 from c:\users\myname\appdata\local\programs\python\python36\lib\site-packages (python 3.6)

***CLI Executable to your Command Line Path***
* Install the AWS CLI using pip using the below.

    <mark>C:\Windows\System32> pip install awscli</mark>
* To verify the AWS,

    C:\Windows\System32> <mark>aws --version</mark>
* Check the configure of AWS CLI, use,$ aws configure, then it prompts for AWS Access key id and AWS Secret ID.

***Adding the AWS CLI Executable to your Command Line Path***

To modify your PATH variable (Windows)
* Choose Edit environment variables for your account.
* Choose PATH and then choose Edit.
* Add paths to the Variable value field, separated by semicolons.
* Close any running command prompts and re-open.

Here is the playlist to learn AWS in detail: