Amazon Elastic Compute Cloud User Guide for Linux Instances Amazon Elastic Compute Cloud User Guide for Linux Instances Amazon Elastic Compute Cloud: User Guide for Linux Instances Amazon Elastic Compute Cloud User Guide for Linux Instances Table of Contents What is Amazon EC2? ......................................................................................................................... 1 Features of Amazon EC2............................................................................................................. 1 How to get started with Amazon EC2 ........................................................................................... 1 Related services......................................................................................................................... 2 Access Amazon EC2 .................................................................................................................... 3 Pricing for Amazon EC2 .............................................................................................................. 3 PCI DSS compliance.................................................................................................................... 4 Set up.............................................................................................................................................. 5 Sign up for Amazon................................................................................................................... 5 Create a key pair ........................................................................................................................ 5 Create a security group ............................................................................................................... 6 Get started tutorial ............................................................................................................................ 9 Overview................................................................................................................................... 9 Prerequisites............................................................................................................................ 10 Step 1: Launch an instance ........................................................................................................ 10 Step 2: Connect to your instance ............................................................................................... 11 Step 3: Clean up your instance.................................................................................................. 11 Next steps............................................................................................................................... 12 Best practices.................................................................................................................................. 13 Tutorials.......................................................................................................................................... 15 Install LAMP on Amazon Linux 2022.......................................................................................... 15 Step 1: Prepare the LAMP server ........................................................................................ 16 Step 2: Test your LAMP server ........................................................................................... 18 Step 3: Secure the database server ..................................................................................... 20 Step 4: (Optional) Install phpMyAdmin ................................................................................ 21 Troubleshoot................................................................................................................... 23 Related topics.................................................................................................................. 23 Install LAMP on Amazon Linux 2................................................................................................ 24 Step 1: Prepare the LAMP server ........................................................................................ 24 Step 2: Test your LAMP server ........................................................................................... 28 Step 3: Secure the database server ..................................................................................... 29 Step 4: (Optional) Install phpMyAdmin ................................................................................ 30 Troubleshoot................................................................................................................... 33 Related topics.................................................................................................................. 33 Install LAMP on the Amazon Linux AMI ....................................................................................... 34 Step 1: Prepare the LAMP server ........................................................................................ 34 Step 2: Test your Lamp server ........................................................................................... 37 Step 3: Secure the database server ..................................................................................... 38 Step 4: (Optional) Install phpMyAdmin ................................................................................ 40 Troubleshoot................................................................................................................... 42 Related topics.................................................................................................................. 43 Configure SSL/TLS on Amazon Linux 2022 .................................................................................. 43 Prerequisites.................................................................................................................... 44 Step 1: Enable TLS on the server ....................................................................................... 45 Step 2: Obtain a CA-signed certificate ................................................................................. 47 Step 3: Test and harden the security configuration ............................................................... 51 Troubleshoot................................................................................................................... 54 Certificate automation: Let's Encrypt with Certbot on Amazon Linux 2022 ............................... 54 Configure SSL/TLS on Amazon Linux 2 ....................................................................................... 58 Prerequisites.................................................................................................................... 59 Step 1: Enable TLS on the server ....................................................................................... 45 Step 2: Obtain a CA-signed certificate ................................................................................. 61 Step 3: Test and harden the security configuration ............................................................... 66 Troubleshoot................................................................................................................... 68 iii Amazon Elastic Compute Cloud User Guide for Linux Instances Certificate automation: Let's Encrypt with Certbot on Amazon Linux 2 .................................... 69 Configure SSL/TLS with the Amazon Linux AMI ............................................................................ 73 Prerequisites.................................................................................................................... 74 Step 1: Enable TLS on the server ....................................................................................... 74 Step 2: Obtain a CA-signed certificate ................................................................................. 76 Step 3: Test and harden the security configuration ............................................................... 81 Troubleshoot................................................................................................................... 83 Increase size of Amazon EBS volume .......................................................................................... 83 Step 1: Launch an instance with added volume .................................................................... 84 Step 2: Make the data volume available for use ................................................................... 86 Step 3: Increase the size of the data volume ........................................................................ 87 Step 4: Extend the file system ........................................................................................... 89 Step 5: Clean up.............................................................................................................. 90 Host a WordPress blog on Amazon Linux 2022 ............................................................................ 91 Prerequisites.................................................................................................................... 91 Install WordPress.............................................................................................................. 91 Next steps....................................................................................................................... 98 Help! My public DNS name changed and now my blog is broken ............................................. 99 Host a WordPress blog on Amazon Linux 2 ................................................................................ 100 Prerequisites.................................................................................................................. 101 Install WordPress............................................................................................................ 101 Next steps..................................................................................................................... 106 Help! My public DNS name changed and now my blog is broken ........................................... 107 Amazon Machine Images ................................................................................................................. 109 Use an AMI............................................................................................................................ 109 Create your own AMI .............................................................................................................. 110 Buy, share, and sell AMIs ......................................................................................................... 110 Deregister your AMI ................................................................................................................ 111 Amazon Linux 2 and Amazon Linux AMI .................................................................................... 111 AMI types.............................................................................................................................. 111 Launch permissions......................................................................................................... 111 Storage for the root device .............................................................................................. 112 Virtualization types................................................................................................................. 114 Boot modes........................................................................................................................... 116 Launch an instance ......................................................................................................... 117 AMI boot mode parameter.............................................................................................. 118 Instance type boot mode ................................................................................................. 119 Instance boot mode ........................................................................................................ 120 Operating system boot mode........................................................................................... 121 Set AMI boot mode........................................................................................................ 122 UEFI variables................................................................................................................ 124 Find a Linux AMI.................................................................................................................... 125 Find a Linux AMI using the Amazon EC2 console ................................................................ 125 Find an AMI using the Amazon CLI ................................................................................... 126 Find the latest Amazon Linux AMI using Systems Manager ................................................... 126 Use a Systems Manager parameter to find an AMI .............................................................. 127 Shared AMIs........................................................................................................................... 130 Verified provider............................................................................................................. 130 Find shared AMIs ............................................................................................................ 131 Make an AMI public ........................................................................................................ 133 Share an AMI with specific Amazon accounts ..................................................................... 135 Cancel having an AMI shared with your account ................................................................. 137 Use bookmarks.............................................................................................................. 138 Guidelines for shared Linux AMIs ...................................................................................... 139 Paid AMIs.............................................................................................................................. 143 Sell your AMI ................................................................................................................. 144 Find a paid AMI.............................................................................................................. 144 iv Amazon Elastic Compute Cloud User Guide for Linux Instances Purchase a paid AMI ....................................................................................................... 145 Get the product code for your instance ............................................................................. 145 Use paid support ............................................................................................................ 146 Bills for paid and supported AMIs ..................................................................................... 146 Manage your Amazon Web Services Marketplace subscriptions ............................................. 146 AMI lifecycle.......................................................................................................................... 147 Create an AMI ................................................................................................................ 147 Copy an AMI .................................................................................................................. 183 Store and restore an AMI ................................................................................................ 189 Deprecate an AMI ........................................................................................................... 195 Deregister your AMI ........................................................................................................ 200 Recover AMIs from the Recycle Bin ................................................................................... 206 Automate the EBS-backed AMI lifecycle ............................................................................ 209 Use encryption with EBS-backed AMIs ....................................................................................... 209 Instance-launching scenarios............................................................................................ 210 Image-copying scenarios.................................................................................................. 212 Monitor AMI events ................................................................................................................ 214 AMI events.................................................................................................................... 214 Create Amazon EventBridge rules ..................................................................................... 216 Understand AMI billing........................................................................................................... 218 AMI billing fields............................................................................................................ 218 Find AMI billing information............................................................................................ 220 Verify AMI charges on your bill ........................................................................................ 221 Amazon Linux........................................................................................................................ 222 Amazon Linux availability ................................................................................................ 222 Connect to an Amazon Linux instance ............................................................................... 222 Identify Amazon Linux images ......................................................................................... 223 Amazon command line tools ............................................................................................ 224 Package repository......................................................................................................... 225 Extras library (Amazon Linux 2) ........................................................................................ 227 Amazon Linux 2 supported kernels ................................................................................... 228 Access source packages for reference ................................................................................ 229 cloud-init....................................................................................................................... 229 Subscribe to Amazon Linux notifications ........................................................................... 231 Run Amazon Linux 2 on premises ..................................................................................... 232 Kernel Live Patching ....................................................................................................... 236 User provided kernels ............................................................................................................. 242 HVM AMIs (GRUB) .......................................................................................................... 242 Paravirtual AMIs (PV-GRUB) ............................................................................................. 243 Configure the MATE desktop connection ................................................................................... 247 Prerequisite.................................................................................................................... 248 Configure the RDP connection ......................................................................................... 248 AMI quotas............................................................................................................................ 250 Request a quota increase for AMIs .................................................................................... 250 Instances....................................................................................................................................... 252 Instances and AMIs ................................................................................................................. 252 Instances....................................................................................................................... 253 AMIs............................................................................................................................. 255 Instance types........................................................................................................................ 255 Instance type names ....................................................................................................... 255 Available instance types .................................................................................................. 256 Hardware specifications................................................................................................... 262 AMI virtualization types ................................................................................................... 263 Instances built on the Nitro System .................................................................................. 263 Networking and storage features ...................................................................................... 264 Instance limits................................................................................................................ 268 General purpose............................................................................................................. 268 v Amazon Elastic Compute Cloud User Guide for Linux Instances Compute optimized ........................................................................................................ 318 Memory optimized .......................................................................................................... 331 Storage optimized.......................................................................................................... 350 Accelerated computing.................................................................................................... 360 Find an instance type ...................................................................................................... 399 Get recommendations..................................................................................................... 401 Change the instance type ................................................................................................ 404 Instance purchasing options ..................................................................................................... 412 Determine the instance lifecycle ....................................................................................... 413 On-Demand Instances..................................................................................................... 414 Reserved Instances......................................................................................................... 417 Scheduled Instances........................................................................................................ 462 Spot Instances................................................................................................................ 463 Dedicated Hosts............................................................................................................. 526 Dedicated Instances........................................................................................................ 554 On-Demand Capacity Reservations ................................................................................... 560 Instance lifecycle.................................................................................................................... 595 Instance launch.............................................................................................................. 597 Instance stop and start (Amazon EBS-backed instances only) ................................................ 597 Instance hibernate (Amazon EBS-backed instances only) ...................................................... 597 Instance reboot.............................................................................................................. 598 Instance retirement......................................................................................................... 598 Instance termination....................................................................................................... 598 Differences between reboot, stop, hibernate, and terminate ................................................. 599 Launch.......................................................................................................................... 600 Stop and start ................................................................................................................ 638 Hibernate...................................................................................................................... 645 Reboot.......................................................................................................................... 662 Retire............................................................................................................................ 663 Terminate...................................................................................................................... 666 Recover......................................................................................................................... 672 Connect................................................................................................................................. 676 Connect to your instance ................................................................................................. 677 Connect your instance to a resource ................................................................................. 705 Configure instances................................................................................................................. 744 Common configuration scenarios ...................................................................................... 744 Manage software............................................................................................................ 745 Manage users................................................................................................................. 750 Processor state control .................................................................................................... 753 I/O scheduler................................................................................................................. 760 Set the time.................................................................................................................. 761 Optimize CPU options ..................................................................................................... 768 Change the hostname..................................................................................................... 797 Set up dynamic DNS....................................................................................................... 800 Run commands at launch ................................................................................................ 802 Instance metadata and user data ...................................................................................... 809 Elastic Inference..................................................................................................................... 865 Identify instances................................................................................................................... 865 Inspect the instance identity document ............................................................................. 865 Inspect the system UUID ................................................................................................. 865 Inspect the system virtual machine generation identifier ..................................................... 866 Fleets............................................................................................................................................ 871 EC2 Fleet............................................................................................................................... 871 EC2 Fleet limitations ....................................................................................................... 872 Burstable performance instances ...................................................................................... 872 EC2 Fleet request types ................................................................................................... 873 EC2 Fleet configuration strategies .................................................................................... 891 vi Amazon Elastic Compute Cloud User Guide for Linux Instances Work with EC2 Fleets ...................................................................................................... 914 Spot Fleet.............................................................................................................................. 932 Spot Fleet request types ................................................................................................. 932 Spot Fleet configuration strategies ................................................................................... 932 Work with Spot Fleets ..................................................................................................... 956 CloudWatch metrics for Spot Fleet ................................................................................... 977 Automatic scaling for Spot Fleet...................................................................................... 979 Monitor fleet events ............................................................................................................... 985 EC2 Fleet event types ..................................................................................................... 985 Spot Fleet event types .................................................................................................... 990 Create EventBridge rules ................................................................................................. 994 Tutorials.............................................................................................................................. 1001 Tutorial: Use EC2 Fleet with instance weighting ................................................................ 1001 Tutorial: Use EC2 Fleet with On-Demand as the primary capacity ........................................ 1004 Tutorial: Launch On-Demand Instances using targeted Capacity Reservations ........................ 1005 Tutorial: Use Spot Fleet with instance weighting ............................................................... 1010 Example configurations......................................................................................................... 1012 EC2 Fleet example configurations ................................................................................... 1012 Spot Fleet example configurations.................................................................................. 1025 Fleet quotas......................................................................................................................... 1037 Request a quota increase for target capacity .................................................................... 1038 Monitor....................................................................................................................................... 1039 Automated and manual monitoring........................................................................................ 1040 Automated monitoring tools.......................................................................................... 1040 Manual monitoring tools............................................................................................... 1041 Best practices for monitoring ................................................................................................. 1041 Monitor the status of your instances ....................................................................................... 1042 Instance status checks................................................................................................... 1042 State change events ...................................................................................................... 1049 Scheduled events.......................................................................................................... 1050 Monitor your instances using CloudWatch ................................................................................ 1071 Enable detailed monitoring............................................................................................ 1072 List available metrics..................................................................................................... 1074 Get statistics for metrics................................................................................................ 1086 Graph metrics.............................................................................................................. 1094 Create an alarm............................................................................................................ 1094 Create alarms that stop, terminate, reboot, or recover an instance ....................................... 1096 Automate using EventBridge .................................................................................................. 1107 Amazon EC2 event types ............................................................................................... 1107 Monitor memory and disk metrics .......................................................................................... 1108 Collect metrics using the CloudWatch agent ..................................................................... 1108 Deprecated: Collect metrics using the CloudWatch monitoring scripts .................................. 1108 Log API calls with Amazon CloudTrail ...................................................................................... 1116 Amazon EC2 and Amazon EBS information in CloudTrail .................................................... 1116 Understand Amazon EC2 and Amazon EBS log file entries .................................................. 1117 Audit users that connect via EC2 Instance Connect ............................................................ 1118 Networking .................................................................................................................................. 1120 Regions and Zones ................................................................................................................ 1120 Regions....................................................................................................................... 1121 Availability Zones.......................................................................................................... 1125 Local Zones.................................................................................................................. 1129 Wavelength Zones........................................................................................................ 1130 Amazon Outposts......................................................................................................... 1132 Instance IP addressing ........................................................................................................... 1134 Private IPv4 addresses................................................................................................... 1134 Public IPv4 addresses.................................................................................................... 1135 Elastic IP addresses (IPv4) .............................................................................................. 1136 vii Amazon Elastic Compute Cloud User Guide for Linux Instances IPv6 addresses.............................................................................................................. 1136 Work with the IPv4 addresses for your instances ............................................................... 1136 Work with the IPv6 addresses for your instances ............................................................... 1139 Multiple IP addresses.................................................................................................... 1141 EC2 instance hostnames ................................................................................................ 1149 Instance hostname types ....................................................................................................... 1149 Types of EC2 hostnames ................................................................................................ 1149 Where you see Resource name and IP name ..................................................................... 1151 How to decide whether to choose Resource name or IP name ............................................. 1152 Modify Hostname type and DNS Hostname configurations ................................................. 1152 Bring your own IP addresses .................................................................................................. 1153 BYOIP definitions.......................................................................................................... 1154 Requirements and quotas .............................................................................................. 1154 Onboarding prerequisites............................................................................................... 1155 Onboard your BYOIP ..................................................................................................... 1160 Work with your address range ........................................................................................ 1163 Validate your BYOIP ...................................................................................................... 1164 Assigning prefixes................................................................................................................. 1166 Basics for assigning prefixes ........................................................................................... 1167 Considerations and limits for prefixes .............................................................................. 1168 Work with prefixes........................................................................................................ 1168 Elastic IP addresses ............................................................................................................... 1178 Elastic IP address pricing ............................................................................................... 1178 Elastic IP address basics ................................................................................................. 1178 Work with Elastic IP addresses....................................................................................... 1179 Elastic IP address limit .................................................................................................. 1190 Network interfaces................................................................................................................ 1190 Network interface basics ................................................................................................ 1191 Network cards.............................................................................................................. 1192 IP addresses per network interface per instance type ........................................................ 1193 Work with network interfaces ........................................................................................ 1214 Best practices for configuring network interfaces .............................................................. 1222 Scenarios for network interfaces ..................................................................................... 1223 Requester-managed network interfaces........................................................................... 1225 Network bandwidth.............................................................................................................. 1226 Available instance bandwidth......................................................................................... 1227 Monitor instance bandwidth........................................................................................... 1228 Enhanced networking ............................................................................................................ 1228 Enhanced networking support ........................................................................................ 1228 Enable enhanced networking on your instance................................................................. 1229 Elastic Network Adapter (ENA) ....................................................................................... 1229 ENA Express................................................................................................................. 1238 Intel 82599 VF............................................................................................................. 1245 Operating system optimizations..................................................................................... 1251 Network performance metrics ........................................................................................ 1251 Troubleshoot ENA......................................................................................................... 1256 Placement groups................................................................................................................. 1264 Placement group strategies ............................................................................................ 1264 Placement group rules and limitations ............................................................................ 1267 Working with placement groups..................................................................................... 1268 Share a placement group ............................................................................................... 1276 Placement groups on Amazon Outposts .......................................................................... 1280 Network MTU....................................................................................................................... 1280 Jumbo frames (9001 MTU)............................................................................................ 1281 Path MTU Discovery ...................................................................................................... 1282 Check the path MTU between two hosts .......................................................................... 1282 Check and set the MTU on your Linux instance ................................................................. 1283 viii Amazon Elastic Compute Cloud User Guide for Linux Instances Troubleshoot................................................................................................................ 1283 Virtual private clouds ............................................................................................................ 1284 Your default VPCs......................................................................................................... 1284 Create additional VPCs .................................................................................................. 1285 Access the internet from your instances ........................................................................... 1285 SSH access to your instances .......................................................................................... 1285 EC2-Classic........................................................................................................................... 1286 Detect supported platforms ........................................................................................... 1286 Instance types available in EC2-Classic ............................................................................ 1286 Differences between instances in EC2-Classic and a VPC .................................................... 1287 Share and access resources between EC2-Classic and a VPC ................................................ 1290 ClassicLink................................................................................................................... 1291 Migrate from EC2-Classic to a VPC .................................................................................. 1302 Security....................................................................................................................................... 1310 Infrastructure security........................................................................................................... 1310 Network isolation......................................................................................................... 1311 Isolation on physical hosts ............................................................................................. 1311 Controlling network traffic ............................................................................................. 1311 Resilience............................................................................................................................. 1312 Data protection.................................................................................................................... 1312 Amazon EBS data security............................................................................................. 1313 Encryption at rest ......................................................................................................... 1313 Encryption in transit..................................................................................................... 1314 Identity and access management ............................................................................................ 1315 Network access to your instance ..................................................................................... 1315 Amazon EC2 permission attributes .................................................................................. 1316 IAM and Amazon EC2 .................................................................................................... 1316 IAM policies................................................................................................................. 1318 Amazon managed policies............................................................................................. 1372 IAM roles..................................................................................................................... 1373 Network access............................................................................................................. 1384 Key pairs............................................................................................................................. 1388 Create key pairs............................................................................................................ 1388 Tag a public key........................................................................................................... 1393 Describe public keys...................................................................................................... 1395 Delete a public key ....................................................................................................... 1399 Add or remove a public key on your instance ................................................................... 1399 Verify keys................................................................................................................... 1401 Security groups.................................................................................................................... 1402 Security group rules ...................................................................................................... 1404 Connection tracking ...................................................................................................... 1405 Default and custom security groups ................................................................................ 1407 Work with security groups ............................................................................................. 1408 Security group rules for different use cases ...................................................................... 1418 Amazon PrivateLink.............................................................................................................. 1423 Create an interface VPC endpoint ................................................................................... 1423 Create an endpoint policy .............................................................................................. 1424 Update management............................................................................................................ 1425 Compliance validation........................................................................................................... 1425 Storage....................................................................................................................................... 1426 Amazon EBS ........................................................................................................................ 1427 Features of Amazon EBS ................................................................................................ 1428 EBS volumes................................................................................................................ 1429 EBS snapshots.............................................................................................................. 1476 Amazon Data Lifecycle Manager ..................................................................................... 1560 EBS data services.......................................................................................................... 1609 EBS volumes and NVMe ................................................................................................ 1637 ix Amazon Elastic Compute Cloud User Guide for Linux Instances EBS optimization.......................................................................................................... 1641 EBS performance.......................................................................................................... 1672 EBS CloudWatch metrics ................................................................................................ 1688 EBS EventBridge events................................................................................................. 1694 Instance store....................................................................................................................... 1704 Instance store lifetime ................................................................................................... 1705 Instance store volumes.................................................................................................. 1706 Add instance store volumes ........................................................................................... 1717 SSD instance store volumes ........................................................................................... 1720 Instance store swap volumes .......................................................................................... 1722 Optimize disk performance ............................................................................................ 1724 File storage.......................................................................................................................... 1725 Amazon S3.................................................................................................................. 1725 Amazon EFS................................................................................................................. 1727 Amazon FSx................................................................................................................. 1728 Instance volume limits ........................................................................................................... 1732 Nitro System volume limits ............................................................................................ 1732 Linux-specific volume limits ........................................................................................... 1733 Bandwidth versus capacity ............................................................................................. 1733 Root device volume .............................................................................................................. 1733 Root device storage concepts......................................................................................... 1733 Choose an AMI by root device type ................................................................................. 1735 Determine the root device type of your instance ............................................................... 1736 Change the root volume to persist .................................................................................. 1736 Change the initial size of the root volume ....................................................................... 1739 Device names....................................................................................................................... 1740 Available device names.................................................................................................. 1740 Device name considerations........................................................................................... 1741 Block device mappings .......................................................................................................... 1742 Block device mapping concepts...................................................................................... 1742 AMI block device mapping ............................................................................................. 1745 Instance block device mapping ....................................................................................... 1747 Torn write prevention ............................................................................................................ 1751 Pricing......................................................................................................................... 1751 Supported block sizes and block boundary alignments ...................................................... 1752 Requirements............................................................................................................... 1752 Check torn write prevention support and configuration ..................................................... 1752 Configure your software stack for torn write prevention .................................................... 1753 Resources and tags....................................................................................................................... 1755 Recycle Bin.......................................................................................................................... 1755 How does it work? ........................................................................................................ 1756 Supported resources..................................................................................................... 1756 Considerations.............................................................................................................. 1756 Quotas........................................................................................................................ 1758 Related services............................................................................................................ 1758 Pricing......................................................................................................................... 1758 Required IAM permissions .............................................................................................. 1759 Work with retention rules .............................................................................................. 1762 Work with resources in the Recycle Bin ............................................................................ 1772 Monitor Recycle Bin...................................................................................................... 1772 Resource locations................................................................................................................ 1785 Resource IDs........................................................................................................................ 1786 List and filter your resources .................................................................................................. 1786 List and filter resources using the console ........................................................................ 1786 List and filter using the CLI and API................................................................................ 1791 List and filter resources across Regions using Amazon EC2 Global View ................................ 1793 Tag your resources ................................................................................................................ 1794 x