Note: Please go to to access the current RightScale documentation set. Also, feel free to Chat with us!
Home > Clouds > AWS > Overview


logo_aws.gifTable of Contents


Elastic Compute Cloud (EC2)

EC2 introduces a new paradigm for web hosting. By allowing developers to scale their number of machines up or down within minutes, it offers the capability to create distributed and scalable applications that run in the cloud. EC2 is flexible, reliable, secure, and, most importantly, inexpensive. By only paying for the resources that you actually use, you can bring your multi-server application to market much more cheaply than ever before, and maintain an extremely high level of quality and availability. Let's take a look at some of the basic concepts of how this service works. 

Amazon Machine Images

An Amazon Machine Image (AMI) is a packaged environment that contains a configured operating system--for example, Linux, Unix, or Microsoft Windows. RightScale supports and suggests using our own custom RightImagesTM. RightImages are designed specifically for use on EC2 through RightScale, and each contain a lightweight server installation with a suite of necessary tools prepackaged.  We publish the scripts we use so that you can see how they work and even modify them, building your own to suit your particular needs.

Instance Types

Amazon provides a number of different instance types, representing varying degrees of computing power and so on. For example, a small instance runs on a 32-bit platform, while large and extra-large instances run on a 64-bit platform. Different instance types have different levels of computing power and hardware resources. See EC2 Instance Types.

Reserved Instances

EC2 Reserved Instances is an additional pricing offering from Amazon which can help you reduce computing costs by paying a one-time payment to reserve compute capacity at a lower pricing rate. Reserved Instances are valid for one year from the time of purchase. When purchasing a Reserved Instance, you must select a specific availability zone and instance type. You must have 'admin' role privileges on a non-subaccount RightScale account to view and purchase Reserved Instances.

SSH Keys

When you launch an image, you specify a particular SSH key to associate with that image. This allows you to gain access to your machines without using passwords. This is the recommended and most secure way to communicate with your instances. RightScale uses this key to configure and monitor your instances. You should not modify this key or your instances will no longer be able to communicate with the RightScale Dashboard and you won't be able to use key features.

Access Key IDs

Amazon issues two kinds of access key IDs to authenticate requests between instances. Your public access key identifies you as the originator of a request, but is not encrypted. Your secret access key is used to calculate a specific request signature that authenticates you as the true user for services that require authentication on your instances. As the name suggests, this key should be kept private.

X.509 Certificates

Amazon also issues two kinds of X.509 certificates to digitally sign bundled images in AWS. The private certificate is used to verify that a signature could only have come from you. You can request X.509 certificates from the AWS site.

Security Groups

To provide the highest level of security possible, Amazon has implemented security groups. Security groups provide functionality similar to a traditional firewall, but have some additional features. You have the ability to filter traffic based on IP address (either a specific address or subnet), packet types (TCP, UDP or ICMP), and ports (or ranges of ports). You can also grant access to an entire security group, allowing your trusted machines to access each other without having to open ports to the public.

Elastic IPs

An Elastic IP (EIP) is an IP address that you can reserve from AWS for your account. Once you've created an Elastic IP, you can assign it to any instance of your choice. Once you reserve an Elastic IP, nobody else can use that IP address. Elastic IPs are unique because they are dynamically remappable IP addresses that make it easier to manage servers and make global changes in the cloud. Whereas static IPs are associated to a particular machine, EIPs can be reassigned to different instances when necessary as you launch and terminate servers. Typically, you will associate EIPs to your frontend servers. You can assign an EIP to a running instance or associate an EIP when an instance is launched. Be careful, you can also "steal" an EIP from one of your instances. As a best practice, you should age any new EIP before you assign it to one of your public facing servers because that IP address may still be temporarily cached and mapped to its previous instance. You do not want to accidentally inherit unintended traffic from its predecessor.

Elastic Block Store

The Elastic Block Store (EBS) provides persistent, high-performance, and high-availability block-level storage which you can attach to a running EC2 instance (in the same availability zone) in the form of volumes. There are two types of volumes you can create: Standard and Provisioned IOPS. A Standard volume is best suited for boot volumes and provides roughly 100 IOPS (Input/Output Per Second) on average. Provisioned IOPS volumes are designed to provide predictable, high performance I/O workloads that range up to 2,000 IOPS and are best suited for database workloads. Each EBS volume can be formatted and mounted as a file system. An EBS Volume can only be attached to a single instance at a time. Attach EBS Volumes to instances at run-time or boot-time. Multiple volumes can be mounted to the same instance. Take EBS Snapshots of a volume at a particular point in time and then create multiple volumes from a snapshot and place them into any zone. You can also see the lineage of a volume/snapshot to see when it was created, as well as any parent/child relationships.

EBS Snapshots

An EBS Snapshot represents an EBS volume at a particular point in time. You can create a snapshot regardless of whether or not a volume is attached to an instance. When a snapshot is saved to S3, it receives a timestamp and a unique AWS ID (e.g. snap-9cea0df5). Snapshots consist of a series of data blocks that are incrementally saved to S3. Create clones of volumes from any snapshot. You cannot attach the same volume to multiple instances. Instead, you must first take a snapshot of the volume. Then create a clone of the volume from the snapshot and specify the appropriate availability zone.

Similar to AMIs, you can also share EBS Snapshots with other AWS accounts or make them publicly available. Do not be alarmed if you see snapshots listed that do not belong to your account. Snapshots that were created from your account will be labeled "me" under the Owner column. You will also see several publicly available Snapshots from Amazon. In all other cases, the AWS Account Number of the sharing account will be listed.

Placement Groups

EC2 Placement Groups are logical groupings or clusters of instances in the selected AWS region. Placement groups are specifically used for launching cluster compute instance types. (e.g. cc2.8xlarge)

Public Access

For even more security, Amazon provides the option of completely removing public access to an instance. This will ensure that you are safe from any outsiders gaining access to your machine, and even prevents denial-of-service attacks.

Simple Storage Service (S3)

Amazon S3 provides a simple web services interface that can be used to store and retrieve any amount of data, at any time, from anywhere on the web. It gives any developer access to the same highly scalable, reliable, fast, inexpensive data storage infrastructure that Amazon uses to run its own global network of web sites. The service aims to maximize benefits of scale and to pass those benefits on to developers.

Pricing for S3 is usage and location based, meaning that charges vary according to the amount of storage space consumed (measured in 1-GB increments) and corresponding transfers and get/put requests acting on the data, as well as the physical location (regional cloud) where data is stored. As part of the free usage tier, new AWS customers receive a 5 GB allocation of free S3 storage for one year.

Simple Queue Service (SQS)

Amazon Simple Queue Service (Amazon SQS) offers a reliable, highly scalable hosted queue for storing messages as they travel between computers. By using Amazon SQS, developers can simply move data between distributed application components performing different tasks, without losing messages or requiring each component to be always available. 

Pricing for SQS is usage based. New and existing AWS customers receive a set quantity of SQS queuing requests for free each month.

To add this service to the Dashboard, see Upgrade Your Account.

SQS Queues Beta

Simple Queue Service (SQS)  is intended to represent a single queue and its corresponding properties, permissions, and messages. It is an Amazon web service that provides a distributed queue messaging service. It allows for the movement of data between distributed components of applications that perform different tasks without losing messages or requiring each component to be continuously available.

The RightScale Dashboard makes creating and managing AWS SQS queues very simple.  It is currently beta.

CloudFront (CF)

Amazon CloudFront is a web service for content delivery. It integrates with other Amazon Web Services to give developers and businesses an easy way to distribute content to end users with low latency, high data transfer speeds, and no commitments.Amazon CloudFront delivers your content using a global network of edge locations. Requests for your objects are automatically routed to the nearest edge location, so content is delivered with the best possible performance. 

CloudFront is priced based on usage (according to the quantity of data requests and size of the content transfered) and is not included in the AWS free usage tier.

To add this service to the Dashboard, see Upgrade Your Account.

AWS Import/Export

AWS Import/Export accelerates moving large amounts of data into and out of AWS using portable storage devices for transport. AWS transfers your data directly onto and off of storage devices using Amazon’s high-speed internal network and bypassing the Internet. For significant data sets, AWS Import/Export is often faster than Internet transfer and more cost effective than upgrading your connectivity.

AWS Import/Export supports importing and exporting data into and out of Amazon S3 buckets in the US Standard, US West (Northern California), EU (Ireland), and Asia Pacific (Singapore) Regions. AWS Import/Export is priced based on usage and is not included in the AWS free usage tier.

SimpleDB (SDB) (beta)

Amazon SimpleDB is a web service for running queries on structured data in real time. This service works in close conjunction with EC2 and S3, collectively providing the ability to store, process, and query data sets in the cloud. These services are designed to make web-scale computing easier and more cost-effective for developers.

Traditionally, this type of functionality has been accomplished with a clustered relational database that requires a sizable upfront investment, brings more complexity than is typically needed, and often requires a DBA to maintain and administer. In contrast, Amazon SimpleDB is easy to use and provides the core functionality of a database--real-time lookup and simple querying of structured data--without the operational complexity. Amazon SimpleDB requires no schema, automatically indexes your data, and provides a simple API for storage and access. This eliminates the administrative burden of data modeling, index maintenance, and performance tuning. SDB is intentionally feature poor, and specific architecture considerations must be made before adopting SDB. 

Pricing for SDB is usage based. New and existing AWS customers receive a set quantity of SDB machine hours and storage for free each month.

Relational Database Service

Amazon Relational Database Service (Amazon RDS) is a web service that that allows you to quickly create a relational database instance in the cloud. Amazon RDS manages the database instance on your behalf by performing backups, handling failover, and maintaining the database software.  RightScale supports Amazon RDS as part of our overall management platform. Customers can choose to either use Amazon RDS (MySQL or Oracle) or our own MySQL solution.

RDS Security Groups

Amazon Relational Database Service (RDS) Security Groups control who has authorized access to the RDS Instance. The two types of authorizations are IP ranges and EC2 security groups. IP range ingress authorizations allow access to DB Instances from the Internet. EC2 security group ingress authorizations allow access to DB Instances from EC2 instances.

RDS Subnet Groups

Below is a list of all RDS Subnet Groups in the selected EC2 region. An RDS Subnet Group is a collection of subnets that you can use to designate for your RDS database instance in a VPC. The database within your VPC will use the Subnet Group and the preferred Availability Zone to select a subnet and an IP address within that subnet. An Elastic Network Interface will be associated to the database instance with that IP address. Note that each DB Subnet Group should have at least one subnet for every Availability Zone in a given Region.

RDS Parameter Groups

An RDS Parameter Group is a container for engine parameter values that can be applied to one or more DB Instances. Once you create an RDS Parameter Group, you'll be able to specify values for each parameter. Create multiple parameter groups in order to define different sets of parameter values.  A default RDS Parameter Group (e.g. default.mysql5.1) will automatically be created for you if you launch an RDS Instance for the first time (and you haven't already created a parameter group).

RDS Snapshot

You can manually create an RDS Snapshot of a running RDS Instance at any time. An RDS Snapshot is also created automatically when an RDS Instance is terminated. The final snapshot will be denoted as such in its name (e.g. myrds-final-snapshot-timestamp). You can launch any of the archived RDS Snapshots to recreate a specific RDS Instance as it existed when the snapshot was created.

Virtual Private Cloud

Amazon Virtual Private Cloud (Amazon VPC) is a secure and seamless bridge between an existing company IT infrastructure and the AWS cloud. Amazon VPC enables enterprises to connect their existing infrastructure to a set of isolated AWS compute resources via a Virtual Private Network (VPN) connection, and to extend their existing management capabilities such as security services, firewalls, and intrusion detection systems to include their AWS resources. Amazon VPC enables you to use your own isolated resources within the AWS cloud, and then connect those resources directly to your own datacenter using industry-standard encrypted IPsec VPN connections.

Important!  AWS network infrastructure changes announced on 3.11.13 regarding all AWS users. Go here for more information.

VPC DHCP Options

Instances you launch within your VPC utilize private (not public) IP addresses. By default, all instances launched within your VPC receive an unresolvable hostname assigned by AWS. You can however specify your own Domain name (e.g. and use up to four of your own domain name servers. In order to do so, you must create DHCP options. DHCP options are treated as a "set" of information.

VPC Internet Gateway

The Internet gateway is an object that allows for the instances in a VPC to be publicly exposed. It facilitates traffic between the Internet and your VPC instances through route tables.

Elastic Load Balancing

Elastic Load Balancing automatically distributes incoming application traffic across multiple EC2 instances. It enables you to achieve even greater fault tolerance in your applications, seamlessly providing the amount of load balancing capacity needed in response to incoming application traffic.

Elastic Load Balancing is priced based on usage (that is, hours during which your Elastic Load Balancer is running and the size of the data transfers) and is not included in the AWS free usage tier.

Route 53

Amazon Route 53 is a highly available and scalable Domain Name System (DNS) web service. It effectively connects user requests to infrastructure running in AWS--such as an EC2 instance, an Amazon Elastic Load Balancer, or an Amazon S3 bucket--and can also be used to route users to infrastructure outside of AWS.

Amazon Route 53 is priced based on usage (that is, the quantity of "hosted zones" used to store DNS records as well as the volume of DNS queries handled) and is not included in the AWS free usage tier.


Overview Evaluation FAQs Runbooks Technical Details Tutorials AWS Site Map
You must to post a comment.
Last modified
07:55, 7 Aug 2013



This page has no classifications.



© 2006-2014 RightScale, Inc. All rights reserved.
RightScale is a registered trademark of RightScale, Inc. All other products and services may be trademarks or servicemarks of their respective owners.