Launching AWS EC2 Instance

In this Article we will see some concepts before creating an aws ec2 instance.

What is a computer?

• any IP enabled device can be called as a computer because it will have some os, ram, cpu and storage in it.

• Regular Computer - Used for general usage like browsing, gaming etc.,

• Smart TV - Used to watch online streaming contents.

• Mobile Phone - Used for multiple activities using Wi-Fi.

• Server - Used to host the applications which we use.

What is Client?

• The tool or the software which we use to send the request is called as client.

What is Server?

• The application which gives us response back from the machine is called as server.

What is Client Server Architecture?

• Let us assume our daily life application as an example

• I’m considering the LinkedIn application.

• When you try to login to the LinkedIn Application first u need to open login page, let us take the URL.

  

  As you can see in the image the https is called as a protocol for web servers or web applications.

  • the www.linkedin.com is a dns which is linked to the public ip of the LinkedIn Hosted Servers.

  • There is a Port as well which is 443 is the default for https protocol.

  • you need to have a username and password to login to this account.

  • In this whole part the client is your browser which is able to send this https request to the LinkedIn server.

  • If the details are valid the server will send back the response as valid, and you will be able to login to your account.

  • If the details are invalid the server will send back the response as invalid, and you will be getting an error in login page stating that the entered details are invalid.

  • This is how a general user uses the LinkedIn page but if there is an error while loading the page there might be issue in either network or in server to troubleshoot that they need to login to the server. only authorized persons can login to it.

  • Next let me explain how they can login to server.

  • Before understanding shell let me explain the different types of authentication methods.

Authentication Methods

• There are three main types of authentications they are:

  1. What you know: In this method the user has the information of login username and password

  2. What you have: In this method the user may have tokens, key-pairs, authenticators etc.,

  3. What you are: In this method the user’s fingerprints, iris etc., are used to authenticate

• the security is high in third level and less in first Level

Secure Shell (ssh)

• Secure Shell is nothing but a protocol which is used to connect to Linux servers using shell.

• there are different types of ssh clients some of them are git bash, putty, cmd etc.,

• SSH uses port 22 as default port.

• Mostly in Linux servers we use a key-pair concept to authenticate to the server or login to the server.

• to create a ssh key we can use below command:

    ssh-keygen -f <filename>
  

• when you use this command 2 files will be generated one is public key and other is private key.

• Public is nothing but which is visible to any person and private key is hidden, public key should be attached to the server.

Firewall

• Firewall is nothing but a security system attached to your server. It decides who can access your server or your application.

• There are two rules in this Firewall, they are:

  1. Inbound Traffic:

     • This is used to decide who can access the server and which protocol he can access.

  2. Outbound Traffic:

     • This is used to decide who can leave the servers.

• Client Server Architecture along with firewall.

Linux is an OS or Not?

• Linux is not an Operating System it was a Kernel.

• Kernel is nothing but the software which is used to interact with our hardware. It is like heart and brain of the OS.

• If we add some UI to the Kernel, then it is an Operating System.

• So, the companies took the Linux Kernel and developed there Operating Systems which we are calling today as distros.

• Some of the examples are:

  • RedHat, Ubuntu, Fedora, Suse, Mint, Rocky Linux, Amazon Linux Image, Alma Linux and many more.

Setting up all of the above things in AWS cloud

• Pre-requisites are:

  1. AWS Account

  2. Git Bash

• Steps to perform:

1. Create a ssh key-pair

2. import public key to aws.

3. Create a firewall in aws (security groups).

4. Launch Instance.

5. Attach the Firewall and Key while Launching instance.

Step 1: Create a key-pair

• To create a key-pair you need to use a command:

    ssh-keygen -f <file-name>
  

• Before Generating the Key, I’m changing the directory.

• I have given command ssh-keygen -f linux-aws

• While creating it will prompt for passphrase, press enter to leave it empty, you need to press enter two times.

• As you can see in the screenshot two files are created with name linux-aws.

Step 2: Importing the public key to aws key pairs

• Login to your aws account and open EC2 Service.

  

• As shown in the image the dashboard is highlighted in blue that says that you are in dashboard view.

• I have highlighted key pairs button with yellow underline, click on that you will be redirect to key-pairs page-view.

• As shown in the image click on import Key pair.

• Now open your public key which you have generated in step 1 in notepad or any text editor

• As shown in the image the key should be same in the content box and your key file. you can give any name of your choice

• The format of the key is ssh long-random-code laptop-details-from-where-key-is-created.

• As you can see key pair is successfully imported. now let us move to next step.

Step 3: Creating a Firewall

• To create a firewall in aws you need to create a security group, in aws they call firewall as security groups.

• We are going to create a basic firewall with no restrictions any traffic can connect to our instance.

• If you click on that security groups, you will redirect to security group's view.

• There will be a default security group ignore it and click on create security group.

• Give name of your choice for security group name

• Give description of your choice

• In Inbound rules there will be no rules click on Add Rule, then select:

  • Type - All traffic

  • Source - Anywhere-IPV4

• In Outbound rules if there is a rule already change the:

  • Type to - All traffic

  • Destination - Anywhere IPV4

• Click on Create security group

• Security group was successfully created.

• Now we will go to next step.

Step 4: launching an ec2 instance

• Now go back to the dashboard.

• If you are new to aws Launch instance option will be shown, click on any of the highlighted part to go to Instance page.

• Click on the Launch Instance.

• Give the name of your choice leave the Application and OS as it is, aws automatically selects amazon linux.

• In the Instance type click on the dropdown and select t3.micro it has 2cpu and 1gb of ram.

• In Key pair in the dropdown select the key pair which you have imported in step 2.

• In Network click on select existing security group and form the dropdown select the security group created in step 3.

• Leave the storage to 8 gb.

• click on the Launch Instance.

• Click on the link.

• you will be redirected to below page.

Step 5: Connecting to instance

• first open your git bash and change pwd to the private key stored location.

• use ls command to confirm the file is located in your pwd.

• next use the command ssh -i <private-key> user@public-ip

• by default, the user will be ec2-user so my command will be ssh -i linux-aws ec2-user@34.236.243.167

• you can check from where you can get the public ip in the above image.

• As you see in the above image it will ask are you sure to connect type yes and click on enter.

• with this we have successfully created our ec2 instance.

• Please check below for full architecture.

Full Architecture Diagram for all the steps which we have performed.