Amazon EC2 for Linux

Linux on Amazon EC2

Getting Started with Linux on Amazon EC2

This lab will walk you through launching, configuring, and customizing a web server on Amazon EC2 Linux using the AWS Management Console.

Create a new Key Pair

In this lab, you will create an EC2 instance as your web server. To manage the instance, you need to be able to connect to it via SSH. The following steps outline how to create a unique SSH keypair for this purpose.

1. Navigate to the Amazon EC2 Service

2. Click on Key Pairs in the NETWORK & SECURITY section near the bottom of the leftmost menu. This will display a page to manage your SSH key pairs.

3. To create a new SSH key pair, click the Create Key Pair button at the top of the browser window.

4. In the resulting pop up window, type [First Name]-[Last Name]-ImmersionDay into the Key Pair Name text box. Select the “pem” file format and click Create key pair.

5. The key pair you created should automatically download to your laptop. Follow any browser instructions to save the file to the default download location. Verify that the file has downloaded and you can locate it. Remember the full path to this .pem file you just downloaded. This file contains your private key for future SSH connections.

6. You will see a message appear at the top of the screen that says “Successfully created key pair”. You will see the key pair you created listed.

   You will use the Key Pair you just created to manage your EC2 instances for the rest of the lab.

Create an IAM role

You will create an IAM role to use as an EC2 Instance Profile. This allows the server to assume a role that has access to other AWS services, in this case we want to give it access to Amazon S3 (will be used in a later lab).

1. Go to the IAM Console at https://console.aws.amazon.com/iam/home#/home

2. Select “Roles” from the left hand menu, and then choose “Create Role”.

3. Select “AWS Service”, EC2 and select “Next: Permissions”

4. Type “S3Full” into the filter box, and then select the checkbox next to “AmazonS3FullAccess”. Select “Next: Tags”

5. Choose “Next:Review” and then enter the Role name as “S3EC2AccessRole”. Click “Create Role”.

Launch a Web Server Instance

In this example, we will launch an Amazon Linux 2 instance, bootstrap Apache/PHP, and install a basic web page that will display information about our instance.

1. Choose EC2 from the Services menu
2. Click on and choose Launch Instance
3. In the Quick Start section, select the first Amazon Linux 2 AMI for 64-bit (x86) architecture and click Select. Note that the ami-xxxxxxxxx label and specific versions of the installed package may be different than in the image below.
4. In the Step 2. Choose an Instance Type, select the t2.micro instance size and click Next: Configure Instance Details.

5. On Step 3. Configure Instance Details - Select “S3EC2AccessRole” from the “IAM Role” dropdown.

6. Expand the Advanced Details section located at the bottom of the page, then, copy/paste the script below into the User Data field. This shell script will install Apache & PHP, start the web service, and deploy a simple web page. Click Next: Add Storage.

Copy and Paste the script in the User Data box:

#include https://s3.amazonaws.com/immersionday-labs/bootstrap.sh

7. On this page you have the ability to modify or add storage and disk drives to the instance. For this lab, we will simply accept the storage defaults and click Next: Add Tags.
8. Here, you can choose a “friendly name” for your instance by clicking ‘Add Tag’, and entering “Name” for the Key part and “[Your Name] Web Server” for the Value part. This Name key, more correctly known as a tag, will appear in the console once the instance launches. It makes it easy to keep track of running machines in a complex environment. Click Next: Configure Security Group.
9. You will be prompted to create a new security group, which will be your firewall rules. On the assumption that we are building out a Web server, name your new security group “[Your Name] Web Tier”.
10. Confirm an existing SSH rule exists which allows TCP port 22 from Anywhere. Click Add Rule. Add another rule with HTTP from the ‘Type’ dropdown menu, and confirm TCP port 80 is allowed from Anywhere (you willl notice, that “Anywhere” is the same as ‘0.0.0.0/0’).
11. Click the Review and Launch button after configuring the security group.
12. Review your cofiguration and choices, and then click Launch.
13. Select the key pair that you created in the beginning of this lab from the drop-down and check the “I acknowledge” checkbox. Then click the Launch Instances button. Your instance will now be starting, which may take a moment.
14. Click the View Instances button in the lower right hand portion of the screen to view the list of EC2 instances. The instance will go through and initialization process. Once your instance has launched, you will see your Web Server as well as the Availability Zone the instance is in, and the publicly routable DNS name.
15. Click the checkbox next to your web server to view details about this EC2 instance.

Browse the Web Server

1. Wait for the instance to pass the Status Checks to finish
2. Open a new browser tab and browse the Web Server by entering the EC2 instance’s Public DNS name into the browser. The EC2 instance’s Public DNS name can be found in the console by reviewing the “Public DNS” name line highlighted above. You should see a website that looks like the following:

Great Job! You have deployed a server and launched a web site in a matter of minutes!!

Cleaning up Your Resources

Typically you would delete the EC2 instance once you no longer need it, but we will use it in a later lab.