My article “Linux Amazon EC2 tutorial: How to set up an EC2 instance” shows you how to set up Amazon Web Services’ compute service if you use Linux (specifically, Ubuntu Linux). But what if you are a Microsoft Windows shop? That’s what this article explains.
As long as you use a small instance size and haven’t already signed up, you can try EC2 for free. Not all of the instance types (which vary by processor and memory) and storage sizes are free, but the UI guides you on what is and isn’t free. If you haven’t signed up, do that now.
(For a deeper primer on EC2, check out Sean Hall’s EC2 tutorial at InfoWorld from 2012, but note he’s doing things the command-line way, whereas today you can do things the graphical way, as this post shows. Still, if you want to know what Route 53 and so on mean, read Hall’s article.)
To get started, sign into the EC2 Management Console.
The Management Console is a kind of UI nightmare. It contains every conceivable Amazon Web Services product that you could possibly use. Some of the categories are a bit arbitrary. Fortunately, EC2 is at the very top. Click EC2.
After you click EC2, you’ll find yourself at the EC2 Dashboard. It tells you, among other things, if you have any running instances. There is also a big blue Launch Instance button. Click on that.
Step 1: Pick an Amazon machine image
From here, AWS asks you to pick an Amazon machine image (AMI). Think of that as a type of virtual machine template. It comes pre-installed with an operating system. Scroll down a bit.
Pick the Windows Server 2016 free tier eligible image by clicking the blue Select button next to it.
Step 2: Pick an instance type
AWS now asks you to pick an instance type. Note that instances differ in the number of virtual CPUs (vCPU), memory, available storage, and network performance. This example’s needs are meager, so pick the default free-tier t2.micro instance (note the names change sometimes; pick the free one). Click the Next Configure Instance Details button.
This takes you to another one of Amazon’s less-savory UIs. From here you can change:
Number of Instances:The number of instances you’re launching, meaning launch two VMs at once. The default is 1, leave it.
Purchasing Option:Don’t click Request Spot Instances. Doing so means you’ll bid on your instance, and if other people bid more but below the retail rate Amazon will shut you down. There’s not a lot of point to picking this when you’re using the free tier. Don’t check this, we’re bidding 0.
Network:This is the virtual private cloud. Basically, Amazon lets you have multiple isolated virtual networks. At the moment, we have only one. Leave that as it is.
Subnet: This is another way of isolating ranges of IPs. Let’s leave that alone too.
Auto-assign Public IP:We definitely need this enabled. Amazon instances can have two IPs: one that is a private IP that can only connect to other EC2 instances on the same VPC, and one public IP that you can connect to from anywhere on the internet. If you’re deploying a more intricate system, you’d have some instances that would only have private IPs. In this case, we need a public IP for sure; otherwise, we’d be unable to connect.
Shutdown Behavior:Here be dragons. Set this to Stop, which is the default. The Terminate option actually means delete or burn it all down with no fire insurance.
Enable Termination Protection:Leave this off for this example. Generally, I check this. It’s a safety that prevents you from deleting instances when you don’t mean to.
Monitoring:Amazon has a monitoring suite called CloudWatch. We do not need this for now.
Tenancy:What really makes the economics of EC2 work is that most of the time your instance is probably doing nothing. The Shared option makes the most sense for that, because you’re sharing the back-end resources with other users when your instance is not running, lowering your costs. However, if you’re trying to get maximum performance, you’d select Dedicated Host. There is also an option to have a Dedicated Instance, which means that it runs on a host dedicated for your use but multiple (of your) instances might run on the same hardware. In this example, choose Shared; we’re going for cheap.
Step 3: Configure instance details
Step 4: Add storage to your instance
Now, click Add Storage. Storage is disk space. You have the option of straight General Purpose (SSD), Provisioned IOPS (SSD), or Magnetic. Because the General Purpose storage is eligible for the free tier, pick that. If you need performance, you’d pick the Provisioned IOPS option. (I’m not sure why anyone would consider picking magnetic disks like the cave people used when I was little. We could have a big fat disk with a whopping 30GB, but here let’s stick with 8GB (the default). If we wanted, we could have more than one volume (disk partition), but we don’t, so click Next: Add Tags at the bottom.
Step 5: Add tags to your instance
Tags are just key-value pairs associated with the instance. You can use them for whatever. At my work, we use them for cost centers and management. There are even scripts that automatically shut down instances if people leave them on. AWS is expensive and doing the equivalent of leaving the light switch on can drain the old bank account pretty quickly.
In this example, we’re just doing a little test instance and not deploying a whole devops management suite, so you can just click Next: Configure Security Group.
Step 6: Configure your security group
Before you do anything on the security screen, go to another browser tab and type the literal
what is my ip. You’ll get an IP address like the fake one I just fudged on this screenshot (188.8.131.52). This is a 32-bit IP address. Copy it.
In Windows, the terminal services protocol you use to do a remote login is called RDP (Remote Desktop Protocol). So, in the EC2 console’s Configure Security Group screen, RDP should be the Type that is selected.
By default, Amazon firewalls off everything on your public instance IP. The default on this screen is to leave SSH open to 0.0.0.0/0, which means the whole world. Paste your IP into the text box and add
/32 on the end. The
/32 means the whole IP address and only this address.
If you put
184.108.40.206/24, any IP beginning with 71.182.95 would be able to get to the SSH port. If you put
/16, anyone with an IP beginning 7.182 would get to the SH port. If you put
/8, anyone whose IP started with 71 would get to the port. This is not to say they could log in; but they could connect to the TCP/IP port. Remember: Even SSH has vulnerabilities.
It is possible to use IPv6 addresses as well (if your IP is much longer and has
:s, it is an IPv6 address). Just change the
/128. Click Review and Launch to continue.
Step 7: Review your instance
This almost-final screen gives you a chance to correct any mistakes. I don’t make mistakes, so I just click Launch. But you might want to review your own work.
Step 8: Launch your instance
As a Windows user, you probably aren’t as used to downloading these key files like you do for SSH. However, definitely create a new key pair and download it and don’t lose it ever for Windows on EC2. You’ll need it to log in.
After you download the key, click the Launch Instances button.
If this is your first time in EC2, you’ll have to create a new key pair. If you’ve been in EC2 before, you can select one you’ve already used.
You have to download the key before you can move on. Download the key, then click Launch Instance.
On the next screen, you’re told that your instance is in progress. Click on its instance ID (the long hex after “initiated”).
You’ll be taken to a status screen that shows the instance is pending. Either wait around or click the Refresh button until you get bored.
Once the instance finally comes up, right click it and select Get Windows Password.
Remember that key file? Choose it and click Decrypt Password.
The Retrieve Default Windows Administrator Password screen in EC2 is proof that Amazon hates Windows users and wants to torture them. You’re going to want to copy and paste that password because it’s on the long and random side. Unfortunately, the font in EC2 is such that you won’t notice that Amazon has put a space after the final character when you highlight it and copy it. If Windows tells you you have the wrong password, that is is probably why. (You can get to this screen again and ponder your hatred for the developer that did this to you.)
Now it’s time to use the Remote Desktop Protocol client. There are clients for MacOS, various versions of Linux (such as for Red Hat Linux), and of course for Windows. In this tutorial, I’m using the Mac version, but they’re all similar.
Create a new connection.
You’ll end up at a screen with a bunch of properties. Call it something, fill in the IP address (click on the instance on the EC2 console if you didn’t record it), and set Administrator as the user. Paste that password from the Decrypt Password screen. I hate having it in full-screen mode so I uncheck that.
Now find this new connection in the menu, select it, then click the Start button (right-arrow icon) at the top.
You should see a screen with some ominous warning that something couldn’t be verified. This only shows up the first time. If it shows up next time then something is wrong. Click Continue.
If all goes well, you should see the shiny Windows screen.
But let’s not keep that running. So, go back to the EC2 instances screen. Right-click the instance and choose Instance State > Stop.
You’ll see an “are you sure?” screen. Click Yes, Stop.
Once the instance is stopped, it is as if the machine is off. However, it is still there eating up … well, nothing, because we picked the free tier, and you get 12 months free. But let’s terminate it anyhow for good hygiene. Right-click the instance and choose Instance State > Terminate.
Once you do this, you get another “are you sure?” screen. Say Yes, Terminate. If that safety setting I mentioned earlier were on, you’d have to turn it off before you could actually terminate the instance.
Congratulations, you’ve created an instance, logged in to it, stopped it, and terminated it. Your journey has begun. Maybe next time, you can install some software on it and maybe create an AMI, but for now, enjoy your fun with EC2.
Remember not to run up a large bill!