USA: +1(669)289-8683 
Sign in
flow the steps to solve the lab questions
Lab 1:
Launching Instances
Overview:
In this lab you’ll learn the basics of working in the Amazon cloud. You’ll learn about: AMIs, Key Pairs, Security Groups, Instance types, launching Instances, connecting to your instances, and stopping instances.
Amazon Machine Instances
Amazon EC2 has specific terms that it uses to describe its environment. An instance is essentially a virtual machine that is running inside of Amazon’s web services. Every machine that you will launch in the labs for this class is an instance of a base image. Amazon calls these Amazon Machine Images (AMIs) and are templates that users can use to launch their servers.
There are 3 different categories of AMIs. The Quick Start tab will show you AMIs that are mostly blank and have only been optimized to run within EC2 but other than that are standard images. The My AMIs tab shows images that you have created and saved to relaunch at another time. This can be beneficial to users if they create a setup of a server that they only need to use once in a while or want to save as a future template. The Community AMIs tab shows AMIs that were customized by other people in Amazon EC2. These can be created by anyone and often have descriptions of the type of modifications that have been made or the purpose of the image. For example a community AMI could be available that has everything you need to test Java applications, saving you the time of having to launch an image from scratch and installing all of the software.
Key Pairs
Because cloud environments are often shared by large organizations and not just by a single individual, certain security considerations must be addressed. A key pair works the way it sounds, your image has part of a key embedded in it when it launches that will only allow access to users who have the other half of the key. A key pair can only be downloaded once – at the time of the creation of the key. When you launch a new instance Amazon will ask which key pair you will be using to access the machine. In the real world you should not share your key pairs with other individuals but because the labs will be performed in groups you will have to send out a copy of the .pem (key pair) file that you download to your other team members. Only create one key pair per team if working in teams.
Create a key pair
After you have logged in to Amazon Web Services, go to the EC2 tab.
1. On the navigation menu on the left go to Network & Security > Key Pairs.
2. Now go to Create Key Pair.
3. A new pop up opens asking for the name of the key pair. Give it the name of your team.
NOTE
If you accidentally delete or lose your key pair (.pem file) creating another key pair with the same name will not give you the same key pair!
4. The file download will begin and you will get a .pem file. This is the file that you do not want to lose because you will be using it to access all of your images!
Deliverable:
· Screenshot of key pair download
Security Groups
In Amazon EC2 Security Groups work as your firewalls. These security groups will identify what type of traffic is and isn’t allowed for machines that are associated with it. Instances can only be associated with one Security Group at a time. You can identify the security group when you are first launching an instance and then change it after it has been created as well.
Creating a Security Group
1. To create a security group log on to your AWS console and go to EC2.
2.
From the Navigation select Security Groups
3. Go to Create a Security Group
4. Give it a name that includes either your name or your team name if working in teams, as well as a description. For now you will not select a VPC. But in the future this is where you can associate a VPC with your security group.
5. Once created select your security group from the list and go to the Inbound tab.
6. Clicking on ‘Custom TCP rule’ will let you select the kind of rule that you want to create. Select SSH. For Windows instances you would allow RDP instead of SSH.
7. The next line asks for a source. This is a good way to limit who is able to access your instances and from what address. If you want to only allow connection from the office you can specify that IP address range here. Since you will be working from different places leave it as 0.0.0.0/0 and this will allow connections from any IP address.
8. Click Add Rule to add this to your rule list.
9. After you create one rule you can keep adding more rules if necessary. However none of them go into effect until you select Apply Rule Changes.
10. Once you apply the changes they go into effect immediately.
Deliverable:
· Screenshot of the newly created Security group along with the rules you created
Instance Types, Regions, and availability Zones
Instance types in Amazon EC2 tell the system the type of hardware you want the virtual machine to run on. Think about this as selecting all the specifications on a server that you’re about to purchase. In the figure to the right you will see the type of CPU Units, CPU cores, and RAM that is associated with each instance type. You can launch an instance as one type and then change it later if you would like. So if you find that the number for applications in one machine has increased and you need more processing power, you can change the instance type to a larger type. However there is a price increase between each instance type.
To learn more about the billing for each type you can go to
http://aws.amazon.com/ec2/pricing/
Regions refer to geographical areas where Amazon has data centers. These are independent of other regions and so a failure in one region will not affect another region. Within the US there are 3 regions: East (Virginia), West (Oregon), West (N. California). There are also other zones available in other parts of the world like Europe and Japan. For global companies this is important because they may be subject to legal regulations about the location and type of information they are allowed to store.
Availability Zones are data centers within a region where your data is actually hosted. In a real-world production environment you want to assure that your systems will be available even if there is some sort of failure in one of your data centers. Availability zones allow you to set up your systems to provide fail over so if an availability zone suffers from an outage the other zones can pick up the load and continue without interruption.
Launching, Starting, Stopping, Rebooting, and Terminating Images
There are 5 actions that you can do with images
· Launching
· This means creating a new instance of an image from a base AMI
· Starting
· Once a machine has been launched it can be stopped and it can be started. Think of this as going up to a server and hitting the power button to boot the machine up
· Stopping
· Just like starting the machine this is the equivalent of going up to a server and hitting the power button to kill the power to the machine. This is NOT a safe shutdown. In order to stop a machine correctly you should log on to the machine and shut it down through boot menu. Stopping an image stops your account from being charged for the running instance, but it does not stop charges for Elastic Block Storage if it is connected to any EBS
· Rebooting
· This essentially does both stopping and starting an image. This is also NOT a safe shutdown.
· Terminating
· Terminating an instance tells Amazon that you no longer need the machine and that the resources allocated to it can now be freed up
Launching an instance
1. On the navigation menu on the left go to Network & Security > Instances
2.
Go to Launch Instance
3. A new pop up comes up asking if you want to use the Classic Wizard or the Quick Launch Wizard. Choose Classic Wizard.
4. For this lab select Ubuntu Server 12.04 LTS (64 bit)
5. The following screen asks for instance types, number of instances, the availability zone, or the VPC that you want to connect your instance to. For this exercise Select 1 Micro Instance Launched into the Availability Zone of your choice.
6. The following screen asks for more information about the instance. From here you can select a Kernel ID and a RAM Disk ID. These two options allow you to select customized versions of the kernel for the OS that you selected and RAM disks accordingly. This can be important if your applications only run on certain kernels and RAM disks.
This is also where you can enable cloud watch (the amazon monitoring system) for your instance.
Most of these settings are outside of the scope of this class and the only setting that you should be concerned with for now is Shutdown Behavior. Select Stop. This means that if you shutdown the machine from the inside the instance will stop and not terminate (i.e. in a windows machine if you go to Start > Shutdown the instance will stop and not erase any of your information).
7. The following option allows you to create metadata about your image. Metadata is information about your instance. You are allowed to specify your ‘key’ and the ‘value’ for the specific image. For example your key could be “server type” and the value could be “web server”. In order to take best advantage of this you need to create consistent tags that you will apply to all of your images. This will help you better identify images in the future.
8. The next step is selecting a Key Pair. You have already created one earlier in this lab so all you need to do is select it from the list.
Note If you don’t select a Key Pair you will NOT be able to access your image
9. Next you will configure the firewall. If you recall we have already created our Security Group (Firewall) in a previous exercise. Select it from the list.
10. The last page is a review of all the settings you selected. Make sure everything is correct. There are a lot of settings that you will not be able to change in the future if you launch the instance with the incorrect settings.
11. After you Launch the image you will get a confirmation page. Your instance will take a couple of minutes to launch.
12. While it launches you can roll over the name field and a green pencil appears that will let you add a name to your instance. Give it a distinguishable name.
Now that your image has been launched we will connect to it. The process for launching images of other kinds is the same with the exception of images that are based off your own AMIs that you saved. When you launch those AMIs they are dependent on their initial key pair. So if you save an AMI based off one of the instances that you have customized, make sure you also save the copy of the key pair so that you can connect to it when you relaunch it later.
Deliverable:
· Screenshot of your instance in the Instance Library
Connecting to your instance
Once your instance is running and the Status checks are all green:
1. Select the checkbox next to your instance
2. On the menu bar at the top go to Instance Actions
3. From the drop down menu select Connect
4. The new pop up will let you connect to the instance in two ways: you can use a java terminal inside of your web browser, or you can open an SSH client to connect to your instance. For this exercise we’re going to use an independent SSH client. This way if you want to connect to your instance in the future you don’t have to log on through Amazon to do it. Select Connect with a standalone SSH Client.
5. The pop-up gives you the command that you will have to issue in order to connect to the instance. You are using the key pair file to authenticate to the system so your key pair name will be different than the example shown here. The name of your instance will also be different. Every time that you stop the instance the name of it will also change. This is because the public IP address (which is used to create the name of the instance) is lent out to instances once an image is stopped.
6. This example is using the terminal on Mac OS X. For windows you can look up Putty.
7. Once you have put in the command your prompt will ask you if you want to trust the connection. Say yes.
8. Upon login the system will give you information about the instance.
9. Once you have connected to the instance go ahead and ping google.com using the command “ping google.com –c 5.” If you are unable to get a response check your firewall settings and see if you misconfigured something.
Deliverables:
· Screenshot showing the system information once you have succesfully logged in to the instance
· Screenshot of ping command and responses
After you are done with the lab create a word document with the screenshots of the deliverables. Once you are finished stop your images don’t terminate them in case you need to use them in the future.
Stop your instance
1. Navigate to your list of instances again
2. Check the box next to the instance that you are going to stop
3. On the menu bar select Instance Actions and go to Stop. Your instance will show as stopping.
