Deploy an EC2 server

README

Create your AWS account

Select the option "Create a free account" from here to create your AWS account. You will need your mobile phone and a credit card. Remember to create a very strong password and store it in KeePass2.

Initialize your server ("EC2 instance")

  1. Log into the AWS console at http://aws.amazon.com/console/
  2. You will see a list of AWS services. Choose "EC2 - Virtual Servers in the Cloud"
  3. You will see your dashboard. The servers are known within EC2 as "instances". Click the button "Launch Instance"
  4. You will see a list of Amazon Machine images. This is where you select the operating system, which is then "imaged" onto the new server, like how computer shops image Windows onto new PCs. Choose "Ubuntu Server 14.04 LTS (HVM)" 64-bit
  5. You will see a list of Instance Types. This is where you choose the virtual hardware of the server. Cost is a factor here, the most powerful instance types can be expensive. So choose "t2.small", which is under 3 cents per hour, then click "Next: Configure Instance Details"
  6. You will see the Instance Details which you can configure. You can mouseover the little "i" buttons to get more information. Leave the default settings as they are, and click "Next: Add Storage"
  7. You will see the Storage which your server will have, and you have the opportunity to add more if you wish. You will see that we have a "Root" volume which is an 8Gb SSD. This is fine for holding our programs and the little data we will need, so don't change anything, just click "Next: Tag Instance"
  8. Now we can give a name to the server. This is most useful when you run many servers, but we should do it anyway. Make sure the key column says "Name", and in the value column type "MyServer1", then click on "Next: Configure Security Group"
  9. Now we see the security options for the server. It is very important to lock down your server as much as possible. For now, we only want to enable SSH access to our own computer, so we can configure the server via the terminal. Ensure the radio button "Create a new security group" is selected, enter "my-security-group" under "Security group name" and "Description", ensure there is only one row in the list below, which is of Type "SSH", and change the "Source" dropdown to "My IP", then click "Review and Launch"
  10. You will now see all the details you have chosen for the new server. Take a minute to look through them, then click "Launch"
  11. You will see a pop-up called "Select an existing key pair or create a new key pair". The key pair is vital, without it you can't SSH into your server. Choose "Create a new key pair", then enter "my-key-pair" under key pair name, then click "Download Key Pair"
  12. The key pair has downloaded. It is simply a text file called "my-key-pair.pem". Go now into your file manager and move it from your Downloads folder into a secure location
  13. Now we reduce access to this file. Open your terminal and enter sudo chmod 0600 /path/to/my-key-pair.pem
  14. Return to the AWS console and click "Launch Instances".
  15. Congratulations! Your server is deployed. Click on "View Instances" to take a look at it
  16. There it is, your shiny new virtual server!

Assign a fixed IP to your server ("Elastic IP")

We can see under the instance details that the server already has a public IP. However this IP may change if we restart the instance, which is undesirable. To prevent this from happening, we need to assign an "Elastic IP", which is what AWS calls an IP that remains attached to the server until it is removed or the instance is terminated. At the time of writing, attaching an Elastic IP to a running instance is free. However, if you stop the instance and don't intend to use it again, remember to remove the Elastic IP too, or else you will incur a small charge.

The reason we need the IP to remain consistent is that when our website is live, we will map the website's domain name to the IP address using the ISP's DNS configuration. If the IP keeps changing, we would need to keep changing the DNS settings, which would be a real pain. In the future it is also possible that our server IP gets recorded and whitelisted by a client or a partner, and it is unreasonable to expect a 3rd party to keep changing their recorded IP.

  1. On the menu on the left, under "Network & Security", choose "Elastic IPs"
  2. You will see that you have no Elastic IPs in this region. Click "Allocate New Address"
  3. You will get a pop-up asking you to allocate the IP in EC2 or VPC. Choose VPC, then click "Yes, Allocate"
  4. Now you have a fixed IP address. To associate it with your server, click "Assocate Address"
  5. You will see a pop-up. Click in the Instance and your instance should automatically appear as a selectable option. Select it, then click "Associate"
  6. On the menu on the left, click on Instances to see your server again. Now you will see that the public IP is the same as the Elastic IP, which is now filled in

SSH into your server

  1. Open the terminal and enter ssh -i /path/to/my-key-pair.pem ubuntu@{Elastic IP}, replacing the path and the elastic IP
  2. You will see a message about "The authenticity of host {IP} can't be established". This will happen the first time you log into a server. Enter "yes"
  3. You now see a page with server information and the prompt has changed to ubuntu@{internal IP}. Congratulations, you're in, and ready to configure the server.

Troubleshooting

  1. Trying to access your server the day after you entered the Security settings above? Remember, we locked down the server by only allowing SSH access from your IP address. But because your home ISP will probably give you a new IP address each time you restart your computer, you will need to go back into the AWS console, pick "My IP" again in the "Security Options" section above, and save the changes


comments powered by Disqus