MultiCloud Classroom notes 30/Jan/2025

AWS EC2 instance Creation

Network perspective

• AWS Regions and Availability Zones
  • Geographic locaion is region and in every region AWs identifies atleast 3 different sites/locations where they run Availability Zones where we have datacenters
• EC2 instances are created in AZ’s we can choose AZ via subnet
• EC2 gets a private ip and public ip is optional
• By default in every region we have a default vpc
• EC2 instance types can influence network speeds
  
• Security groups will have rules which open the necessary ports
• Network Decision points
  • which AZ => subnet
  • which ports should be opened => security group
  • Network performance => instance type
  • IPS:
    • public ip => yes/no

Azure VM Creation

Network Perspective

• Azure also has regions, Not all Azure regions have zones
• Zone selection is not a network decision in azure. For the region where zones are available, while creating vm we can select zone
• Azure doesnot have default networks, if the network is not available vm creation from portal will create a network
• Network Decision factors
  • virtual Network
  • subnet
  • public ip (optional)
  • Network security group
  • Accelarated networking

Use case 1

• my organization wants some softwares like wget, tree, jdk17 should be installed or updated during machine creation
• Options:
  • Create a Golden image (AMI/VM Image) with above packages installed and ask your teams to use this ami/vmimage
    • cons: AMI costs
    • pros: Creation is faster
  • Use UserData in AWS or custom Data in Azure to pass
    • linux scripts: convinient with existing automations.
    • cloud-init: This is a standard which is supported by multiple cloud providers where you input a yaml file
    • cons: creation time is increased
    • pros: no extra costs
  • Use Terraform/cloudformation/Azure Bicep to automated which in turn uses user data or custom data.
• Note: user data/custom data is executed only once during creation.
• Lets use user data in AWS to install wget, tree, jdk17. Userdata runs as a root user
• While creating Aws ec2 instance navigate to Advanced details => user data and enter the following script

#!/bin/bash
apt update
apt install wget tree openjdk-17-jdk -y

* The logs of execution will be in /var/log

* In Azure Navigate to Advanced tab and select user data and enter the above script


* Log locations are same as AWS

• Azure VMs will have a pre-installed agent in majortiy to vmimages
  • Windows
  • Linux
• This agent will help us running the commands without logging in from Azure Portal
  
  
• The default in Azure VM also helps in resetting passwords or keys