In this video, Jeff Winesett demonstrates accessing a newly created Amazon Linux EC2 instance via SSH.
- [Instructor] The instance is launched, running, correctly configured as an Apache web server for PHP and associated with a load balancer. Now, I'm going to access the instance via SSH. When I launch the instance, you may recall that I got a warning from AWS telling me that the security group I configured for the instance did not allow SSH access. At the time, I chose to ignore that warning and continued. But now that I want to access via SSH, I need to alter the security group to allow that.
So let me show you how to do that. Go into the EC2 services again. Go down to Security Groups. Choose the security group that was associated with the instance launched. In this case, that was web tier. Let me make this a little bigger. And go to the Inbound traffic tab. Right now, I'm reminded that the rule that we have is to allow HTTP traffic on Port 80 only in from the load balancer. We showed that that was accurate and working. What I want to do now is I wanna add a new rule, and I wanna choose SSH, because that's the protocol that I want.
On Port 22 is great. And in this case, I wanna just allow it for me, so I'm gonna let it just be from my IP address. So I'll save that. And just as a reminder, that allowing direct SSH into an instance, may not be allowed by every company or your security policies. Another approach is setting up a bastion host from which SSH is allowed, and that was covered back in the chapter on keeping things secure. For the purposes of this demonstration, I'm gonna go ahead and allow direct access on Port 22 for SSH.
With this rule in place, I can actually try to SSH into the instance. For that, I'm going to get the IP address. So, if I go back over to Instances, choose the instance that I want, the only one that I have, and in the Description tab, I can go over here and get the public IP address. I can copy that. Now I can toggle to the terminal and I can give it a whirl. For that, I'll use SSH, and I need to specify the PIM file that was downloaded when initially creating the key pair, which we called test-3-17.
And because I launched this AMI from an Amazon Linux AMI, the special user that is installed on every single instance for access is a user called ec2-user. Now I need to specify the IP address of the instance, and I give it a go. It then asks about the authenticity of the host, which I'll accept. It take a minute for SSH. And great, I'm in! Now that I'm on the box, I'm gonna add a file to the Apache document root that will return a successful error code so that the load balancer views the instance as healthy.
I'm also gonna add in that file something to make use of the instance metadata that was introduced back in Chapter Five, in Understanding Bootstrapping. At the moment, I only launched one web server, but soon, I'm going to launch a second one. Once we have multiple web server instances, it might be nice to be able to see which instance is actually responding to the request being made to the load balancer. Okay, since I want this to be in the Apache document root, lemme go there first, var www html.
Now I need to create a index.php file, that's gonna be the root file. And that is also part of the Apache default settings, so I won't have to mess with that. Let me quickly just use vim to edit this right on the box. Let me add in here the needed PHP code that I want to have as my index file. So this snippet of code is available in the exercise file as index.php.
First of all, I'm just setting up a variable using the file get contents PHP function, specifying the endpoint for getting the instance metadata for the instance id. Then I do a quick check to ensure the value is not empty before displaying it, and then I simply echo out the results. So let me write that out. Now I have a new index.php file in the document root for Apache. So now, if I go and hit the load balancer instead of the default Apache page, I should now see what I just added in here.
Which should just show me the instance id for this instance. Let's get back over to where we did that. Here we had the Apache Test Page. If I refresh. All right! What I've got now is just the ID for that instance. And we could check it. I could go back over here. I see the instance ID running, is i013ef60, and go back over here, i013ef60. It's the same instance. Great! Now that I've added the index.php file and it's returning HTTP response code 200, I want to make sure that the load balancer is now seeing this instance as healthy.
To do that, I go back down here under Load Balancers. Go back to my Target Groups, which includes the instance. I go to Targets. And look at that, it's healthy now! The EC2 instance is currently passing target group's health checks. That's because our index.php file is now being returned with an HTTP code of 200. Things are coming along in our architecture. The next step is to create an RDS instance and set up our database tier.
- Benefits of cloud services
- Making architectures scalable
- Examining cloud constraints
- Virtual servers, EC2, and Elastic IP
- Using the Amazon machine image
- Elastic load balancing
- Using CloudWatch for monitoring
- Security Models
- Elastic block storage
- S3, CloudFront, and Elastic Beanstalk
- Handling queues, workflows, and notifications
- Caching options and services
- Identity and access management
- Creating a custom server image
- Application deployment strategies
- Serverless architectures