Best Practices
Web server A approach:
- Launch with user data script
- Run additional commands manually
- Update user data script to retain configuration record
- Can copy user data to new instances with same configurations
Other Ec2 Config
Other EC2 Configuration Considerations
Section titled “Other EC2 Configuration Considerations”EC2 Instance User Data
Section titled “EC2 Instance User Data”When you launch an EC2 instance, you can specify user data to run an initialization script (shell script or cloud-init directive):
Key Characteristics:
Section titled “Key Characteristics:”- Execution timing: Runs with root or Administrator privileges after instance starts, but before it’s accessible on the network
- Implementation: Script containing shell commands or cloud-init directives
- Purpose: Initialize the instance with custom configurations
Common User Data Tasks:
Section titled “Common User Data Tasks:”- Update all packages installed on the instance
- Start installed services (e.g., Apache HTTP web server)
- Configure services to automatically start when instance boots
- Install additional software
- Fetch and install software license keys
- Patch and update software from the AMI
User Data Logs:
Section titled “User Data Logs:”- Linux instances:
/var/log/cloud-init-output.log - Windows instances:
C:\ProgramData\Amazon\EC2-Windows\Launch\Log\UserdataExecution.log
Retrieving Instance Metadata
Section titled “Retrieving Instance Metadata”Instance metadata is information about your instance accessible from the instance at:
URL http://169.254.169.254/latest/meta-data/
Available Metadata Examples:
Section titled “Available Metadata Examples:”| Metadata | Value |
|---|---|
| instance-id | i-1234567890abcdef0 |
| mac | 00-1B-63-84-45-E6 |
| public-hostname | ec2-203-0-113-25.compute-1.amazonaws.com |
| public-ipv4 | 67.202.51.223 |
| local-ipv4 | 10.251.50.12 |
Working with User Data on Running Instances
Section titled “Working with User Data on Running Instances”- Stop the instance
Current user data example:
original-userdata.sh #!/bin/bashyum update -y - Modify the user data script
Modified user data example:
modified-userdata.sh #!/bin/bashyum update -yyum install httpdservice httpd startchkconfig httpd on - Remove the config_scripts_user file
Command to remove config_scripts_user file:
remove-sem.sh sudo rm /var/lib/cloud/instances/*/sem/config_scripts_user - Re-run the user data script
Options:
- Restart the instance (user data runs automatically)
- Run command without restarting:
run-userdata.sh /var/lib/cloud/instance/scripts/part-001
Critical If you skip step 3, your modified user data script won’t run.
Manually Running Commands Best Practices
Section titled “Manually Running Commands Best Practices”Not Best Practices
Web server B approach:
- Launch with user data script
- Run additional commands manually
- Don’t update user data script
- Cannot replicate full configuration when copying user data
Benefits of Updating User Data:
Section titled “Benefits of Updating User Data:”- Maintain a record of the configuration for the instance (version control)
- Copy user data from one instance to new instances requiring same configurations
AMI Deployment Models
Section titled “AMI Deployment Models”Base AMIs:
- AMIs configured with OS-only
- Fully configurable and upgradeable
- Shorter build time
- Slower boot time
Used as base AMI from which to create silver or golden AMIs
AWS Managed Services (AMS) provided mutable AMIs:
- Configurations half baked into the AMI
- Some configurations need to be done manually or by user data scripts
- Provides a balance between boot speed and build time
- Good choice for instances used for different purposes with same prerequisite software
Customized immutable AMIs:
- Configurations fully baked into the AMI
- All instances using the same golden AMI behave the same
- Shorter boot times but increases build times
- Shorter lifespan of the AMI
- Good choice for instances performing same functions and behaviors
The model you choose impacts how these configurations are provisioned:
- Security updates
- New versions of your applications
- Application configuration changes
- Updates to dependencies
Placement Groups
Section titled “Placement Groups”Placement groups give you control of where a group of interdependent instances run in an Availability Zone:
Placement Benefits:
Section titled “Placement Benefits:”- Increase network performance between instances
- Reduce correlated or simultaneous failure
Placement Limitations:
Section titled “Placement Limitations:”- An instance can be launched in only one placement group at a time
- Instances with a tenancy of host can’t be launched in a placement group
Placement Strategies:
Section titled “Placement Strategies:”Cluster
Packs instances close together inside an Availability Zone
Benefits: Helps workloads achieve low-latency network performance
Partition
Spreads instances across logical partitions
Benefits: Groups of instances in one partition do not share underlying hardware with groups in different partitions
Spread
Strictly places small group of instances across distinct underlying hardware
Benefits: Reduces correlated failures
User data lets you configure an EC2 instance when you launch it. Information about a running instance can be accessed through an instance metadata URL. There are three main AMI deployment models: Basic AMIs, Silver AMIs and Golden AMIs. Placement groups give you control of where a group of interdependent instances run in an Availability Zone.