Slide 01/13

Cloud Computing Power

VIRTUAL MACHINES & AMAZON EC2

PROVISIONING • SIZING • REMOTE ACCESS

Slide 02/13

Virtual Machines (VMs)

The digital emulation of a physical computer.

Hardware Abstraction: Multiple "guest" operating systems run on a single physical "host" machine.
Isolation: Each VM has its own virtual CPU, RAM, and Storage—independent of other VMs on the same host.
Portability: VMs are essentially files. They can be snapshotted, copied, and moved across regions instantly.

Slide 03/13

What is Amazon EC2?

Elastic Compute Cloud

EC2 provides resizable compute capacity in the cloud. It reduces the time required to obtain and boot new server instances to minutes.

Provisioning: Boot servers with your choice of OS (Linux, Windows, macOS).
Elasticity: Increase or decrease capacity within minutes, not weeks.
Control: You have full 'Root' or 'Administrator' access to the virtual hardware.

99.99%

Available Service Level Agreement (SLA) per Region.

Slide 04/13

Understanding Instance Families

General Purpose

Balanced CPU, Memory, and Networking. Ideal for standard web servers, small databases, and development workspaces.

t3.micro, m5.large

Compute Optimized

High-performance processors. Ideal for batch processing, media transcoding, scientific modeling, and dedicated gaming backends.

c6g.xlarge, c5.2xlarge

Memory Optimized

Fast performance for workloads that process large data sets in memory. Ideal for high-performance databases (Redis, SAP HANA).

r6i.large, r5.4xlarge

// INSTANCE TYPING PARSING

t3.micro

[t] ➔ Instance Family (Burstable)
[3] ➔ Generation Model
[micro] ➔ Operational Size (vCPU/RAM)

Slide 05/13

EC2 Sizing & Resources

How Instance Sizing Proportions Scale:

Linear Resource Scaling: Every step up in size (e.g., from large to xlarge) typically doubles the allocated vCPU and RAM.
Networking Bandwidth: Larger instances get assigned higher gigabit networking lanes and EBS bandwidth allocations natively.
Cost Allocation: Costs double linearly alongside resource sizes, allowing highly predictable budgeting.

Size	vCPUs	Memory (GiB)	Network Speed
t3.nano	2	0.5	Up to 5 Gbps
t3.micro	2	1.0	Up to 5 Gbps
t3.small	2	2.0	Up to 5 Gbps
t3.medium	2	4.0	Up to 5 Gbps

Slide 06/13

EC2 Purchasing Model Matrix

1. On-Demand: Pay strictly for what you use by the second. No upfront costs or lock-in. Ideal for development environments.

2. Reserved Instances / Savings Plans: Commit to 1 or 3 years of steady usage. Up to 72% discount compared to On-Demand rates.

3. Spot Instances: Bid on spare AWS server capacity. Up to 90% savings. Reclaimed by AWS with a 2-minute warning.

Type	Discount	Best Use Case
On-Demand	0%	Short Term / Spikes
Reserved	Up to 72%	Steady-State Prod
Spot	Up to 90%	Fault-Tolerant Jobs

Slide 07/13

Amazon Machine Image (AMI)

AMIs are the "Golden Templates" for your servers.

The Blueprint: Contains the OS, pre-configured application runtimes, and boot volume specifications.
Standardization: Spin up 100 identical server instances instantly from a single custom AMI.
Community & Marketplace: Choose from official AWS images, verified vendor stacks, or open-source software.

AMI PACKAGING

[ Root Volume Config ]
[ Operating System Kernel ]
[ Embedded Software Stack ]
[ Launch Permission Matrix ]

Slide 08/13

Key Pairs & Secure Access

Public-Key Cryptography for Login.

Private Key (.pem): Stored securely on your local computer. Set strict permissions: chmod 400 key.pem.
Public Key: Injected automatically into the server's ~/.ssh/authorized_keys path at boot.
Asymmetric Handshake: SSH protocol verifies your identity without ever transmitting passwords.

⚠️ CRITICAL SECURITY RULE

"AWS does not save your private key. If you lose your downloaded .pem keypair file, you will be permanently locked out of your virtual server."

Slide 09/13

Elastic Block Store (EBS)

The "Hard Drive" of your Cloud Server.

Data Persistence: Storage volumes persist even when your EC2 instance is stopped or restarted.
Network Attached: EBS is connected via high-speed, sub-millisecond private networking lanes (independent of CPU lifecycle).
Point-in-Time Snapshots: Incremental block-level backups stored directly in S3 for high durability.

🔥 Volume Categories

gp3: General Purpose SSD (Balances price & speed; default boot storage)
io2: Provisioned IOPS (Extreme I/O performance for core databases)

Slide 10/13

EC2 Security Groups

The Virtual Firewall for your Instance.

Default Rule: All INBOUND traffic is blocked. All OUTBOUND traffic is allowed.
Whitelisting: You specify the Protocol (TCP), Port (22/80/443), and Source (IP/CIDR).
Dynamic: Changes to SG rules take effect immediately for all running instances.

★ SSH ACCESS RULE

Port: 22
Protocol: TCP
Source: MyIP/32

Note: Opening Port 22 to 0.0.0.0/0 (the world) is a security risk.

Slide 11/13

Instance Bootstrapping (User Data)

Automate server setup at launch.

Run Once: Scripts only execute during the very first boot cycle.
Automation: Install software, download code, or update configurations without manually SSHing in.
Root Context: Scripts run with full administrative privileges.

# EXAMPLE USER DATA (BASH)

#!/bin/bash
apt update -y
apt install -y nginx
systemctl start nginx
systemctl enable nginx
echo "Hello from AWS!" > /var/www/html/index.html

Slide 12/13

Instance Metadata (IMDS)

Data about your instance that you can access from INSIDE.

Access the "Magic IP" to retrieve details about the machine's identity.

http://169.254.169.254/latest/meta-data/

Retrieve Public/Private IP addresses.
Check Instance ID and Hostname.
Verify IAM Role credentials assigned to the box.

V1 vs V2

IMDSv2 is the modern, token-based secure version. Always prefer V2 in production.

Slide 13/13

HANDS-ON LAB

DEPLOYING VIRTUAL FLEETS

LAUNCH EC2 • MANAGE KEYS • SSH TERMINAL ACCESS