[AWS] 2. EC2 (Elastic Compute Cloud) Instance Fundamentals, SSH

Source: Dev.to

Amazon EC2 Overview

• EC2 (Elastic Compute Cloud) – Infrastructure as a Service (IaaS)
• Core capabilities:
  • Renting virtual machines (가상 머신 임대)
  • Storing data on virtual drives (EBS – 가상 드라이브에 데이터 저장)
  • Distributing load across machines (ELB – 여러 머신에 부하 분산)
  • Scaling services with an Auto‑Scaling Group (ASG – 오토 스케일링 그룹)

Understanding EC2 fundamentals is essential for grasping how the cloud works.

EC2 Sizing & Configuration Options (EC2 크기 및 구성 옵션)

• Operating System (OS): Linux, Windows, or macOS
• Compute Power & Cores (CPU): 선택 가능한 코어 수와 성능
• Memory (RAM): 랜덤 액세스 메모리 용량
• Storage:
  • Network‑attached: EBS & EFS (네트워크 연결형)
  • Instance Store (local hardware) (하드웨어, 인스턴스 스토어)
• Network:
  • Network card speed, Public IP address (네트워크 카드: 카드 속도, 퍼블릭 IP 주소)
• Firewall rules: Security groups (보안 그룹)
• Bootstrap script: EC2 User Data (부트스트랩 스크립트, 최초 실행 시 구성)

EC2 User Data

• EC2 User Data allows you to bootstrap an instance by running a script once at the first start.
• Typical uses: installing updates, installing software, downloading files, or any other initialization tasks.
• The script runs with root privileges.

EC2 Instance Types – Overview

AWS uses a naming convention such as m5.2xlarge:

• m – instance class (인스턴스 클래스)
• 5 – generation (세대)
• 2xlarge – size within the class (인스턴스 클래스 내 크기)

Instance Families

1. General Purpose
2. Compute Optimized
3. Memory Optimized
4. Accelerated Computing
5. Storage Optimized
6. HPC Optimized
7. Instance Feature
8. Measuring Instance Performance

General Purpose (범용)

• Balanced compute, memory, and networking resources.
• Ideal for diverse workloads such as web servers or code repositories.
• Example used in the course: t2.micro.

Compute Optimized (컴퓨팅 최적화)

• Suited for compute‑intensive tasks requiring high‑performance processors.
• Use cases: batch processing, media transcoding, high‑performance web servers, HPC, scientific modeling, machine learning inference, dedicated gaming servers.

Memory Optimized (메모리 최적화)

• Designed for workloads that process large data sets in memory.
• Use cases: high‑performance relational/non‑relational databases, distributed web‑scale caches, in‑memory BI databases, real‑time processing of big unstructured data.

Storage Optimized (스토리지 최적화)

• Optimized for storage‑intensive tasks with high sequential read/write on local storage.
• Use cases: high‑frequency OLTP systems, relational & NoSQL databases, cache for in‑memory databases (e.g., Redis), data warehousing, distributed file systems.

Security Groups (보안 그룹)

Introduction

• Security groups are the fundamental building block of network security in AWS.
• They control inbound and outbound traffic for EC2 instances.
• Only allow rules are permitted; no deny rules.
• Rules can reference IP ranges or other security groups.

Deeper Dive

• Act as a virtual firewall on each EC2 instance.
• Regulate:
  • Port access
  • Authorized IPv4/IPv6 ranges
  • Inbound traffic (from outside to the instance)
  • Outbound traffic (from the instance to outside)

• Can be attached to multiple instances.
• Scoped to a specific region/VPC combination.
• Operate outside the EC2 instance; blocked traffic never reaches the instance.
• Recommended practice: maintain a separate security group for SSH access.