14 Steps to Launching an Application, part 2

Step 6: Creating and Configuring Your Amazon EC2 Security Group

The traffic allowed into any group of instances is controlled by an Amazon EC2 security group, which acts like a firewall. One can assign an instance to one or more Amazon EC2 Security Groups. Specific rules can be added to each security group to govern the inbound traffic allowed towards instances in a group. Every other kind of inbound traffic is disallowed and discarded. These rules can be modified at any time. The new set of rules is automatically enforced upon all existing, and also future, instances in the group.

Click on the links given below for information regarding:

• Creating an Amazon EC2 Security Group
• Configuring an EC2 Security Group

Step 7: Creating a Key Pair

To connect to all your Amazon EC2 instances, you need to create a key pair. Instead of a password, Public AMI instances use a public-private key pair. The public half of the key is embedded into your instances, thus enabling you to log in securely without using a password. After the creation of one’s AMIs, other mechanisms can also be chosen to log in securely to the instances. You can learn how to create a key pair using AWS Management Console.

Step 8: Launching Amazon EC2 Instances Using Auto-Scaling

Auto-Scaling has been designed as a service that automatically terminates Amazon EC2 instances based on the schedules, policies and alarms defined by the user. In this way, Auto-Scaling can be used to manage a host of Amazon EC2 instances, capable of handling any load that is presented. As the name itself implies, Auto-Scaling automatically responds to the ever changing conditions.

The only thing you need to do is to specify how those changes should be handled by it. For example: Auto-Scaling can be instructed to launch an additional instance when CPU usage is exceeding 70% for 15 minutes, or you can instruct Auto-Scaling to kill, or terminate, over 50% of your instances over a given weekend when the traffic is expected to be low.

Auto-Scaling can also be used to ensure that an application is running efficiently, by ensuring that all instances in a fleet are showing optimal performance. Auto-Scaling groups have the ability to work across all Availability Zones, so that if a particular zone is unavailable, Auto-Scaling can redistribute all applications to another Availability Zone automatically. In this manner, Auto-Scaling can ensure that there is always at least one healthy instance that is running. For further information on this subject, please refer to the Auto-Scaling section.

In the following example, you will learn how to setup a basic infrastructure in order to get Auto-Scaling to start for most of the applications. We will setup an Amazon EC2 application, which will be load-balanced and also auto-scaled with one instance, so that you are only charged for that particular instance. However, once your actual website has been created, you should have a sufficient number of instances across all Availability Zones to survive the sudden loss of any one Availability Zone.

Also, you should increase the maximum number of instances, so as to make them greater than your specified minimum, to fully make use of the Auto-Scaling feature. The fleet size can also be controlled by specifying the maximum number of instances allowed. In this example, Auto-Scaling has been configured to scale itself out by one, when there is any change in the capacity. We will define a usage policy in this section, and subsequently create a CloudWatch alarm in the following section, to enable taking action on the said policy when the CPU usage exceeds the threshold of 60% for 10 minutes. Auto-Scaling and CloudWatch work in tandem to launch, or terminate, any instance based on the policies made by you. We will only create one policy to save time, but you can later create more such policies (such as a scale-in policy).

Auto-Scaling command tools are needed for Auto Scaling to work. Click here to learn how to setup Auto-Scaling using command line tools.

Step 9: Creating a CloudWatch Alarm

CloudWatch is a web service offered by Amazon, which enables the monitoring, managing and publishing of various metrics. You can also use CloudWatch to configure all alarm actions based on the data from those metrics.

Amazon CloudWatch can help you collect, view and analyze system and application metrics, so as to enable you to make business-related operational decisions quickly and efficiently. CloudWatch automatically collects metrics of your AWS resources (such as performance of your Amazon EC2 instances), and these metrics can be published to Amazon CloudWatch directly.

Amazon CloudWatch alarms help in the easy implementation of decisions, by enabling you define a set of rules, based on which notifications can be sent to you, or automatic changes can be made to the resources monitored by you. For example: Alarms can be created to initiate Auto-Scaling and the Amazon Simple Notification Service (Amazon SNS) on your behalf.

A very common use of CloudWatch is to keep applications and services running efficiently. For example: CloudWatch can be used to discover that a website runs most efficiently when network traffic is below a certain threshold level on the Amazon EC2 instances owned by you. An automated procedure can then be created for ensuring that you always have the right number of instances corresponding to the amount of traffic. CloudWatch can also be used to diagnose problems in the system, by monitoring and analyzing system performance before and after the problem has occurred. CloudWatch thus identifies the cause of the problem and also verifies your solution by tracking real time system performance. For example: Amazon CloudWatch can be configured to send you an e-mail immediately when an application slows down. It can discover when a particular database was overloaded, and can later monitor the response times coming back to normal speeds.

In the previous step, an Auto-Scaling policy was created to efficiently scale out a number of instances. In this step, we will learn how to associate that Auto-Scaling policy with an alarm action to make changes to your resources. This section will teach you how to create a CloudWatch alarm to alert an application when a set threshold is breached. We will create only one alarm in this walk-through to save time. However, the same procedure can be applied to create other alarms (For example: An alarm can be created to scale-in your instances). For more information about CloudWatch, please refer to the “Amazon CloudWatch Details Page” section.

>>14 Steps to Launching an Application, part 1

>>14 Steps to Launching an Application, part 3