This tutorial will guide you on how to provision VM instances on Amazon cloud. It is assumed that you have an AWS account. If you do not have one, now is the time to create it. You can use the free tier, micro-instances in this tutorial.
All the resources you provision in Amazon AWS are always associated with a specific region. It’s important to consider the region you are adding your resources to in EC2. This is because EC2 instances created in one region are not visible in other regions. Create all EC2 instances for the purpose of this project in one AWS region (for e.g., N. Virginia, as shown below).
Log in with your AWS account and from the Services menu open the EC2 page as shown below:
Click on the “Launch Instance” button.
Now you can choose the image you want to have in your instances. Search for “Ubuntu Server 16.04 LTS (HVM), SSD Volume Type” and click “Select”
In the next page, you should choose an instance type. The only instance available for free tier is the “t2.micro” instance which is selected by default.
Press “review and launch”
For the purpose of this tutorial, you don’t need to change anything in the last page. Just click “launch”
In the next step, you need to create a key pair for secure access to your instance. Select the “create a new key pair” and name it as you like. Then click on the “download key pair.”
Keep the download .pem file somewhere secure. You can only download it once. If you lose it, you no longer can have access to instances created using this key pair.
Click the “launch instance” and wait for the state to become “running”. It shouldn’t take more than one minute.
From the Instances tab, you can see all of your instances in that region. By selecting an instance, you can see the information about that instance, for example, the public IP of the instance, as shown below.
By default, all EC2 instances are protected by a firewall. The firewall only allows the SSH port by default. We can change it by assigning a different security group to our instances. Security groups in AWS are just simply a set of rules which can whitelist the inbound and outbound traffic based on their source and port numbers.
Our instances need to talk to each other using different ports than just port 22 (SSH port). The easiest way is to assign all the instances to one security group and configure that security group in a way that allows all traffic from instances in that security group.
To create a security group, go to Security Groups tab and click “Create Security Group” as shown below:
Leave the outbound tab as it is and in the inbound tab click “Add Rule.”
To add a security group as a source we need to add its id inside the source text field. When creating a security group for the first time you don’t know its id yet. So first create the security group and then copy its id. then edit the same security group and add the rules.
Don’t forget that we still want to ssh into our instances so allow the ssh access from port 22 from everywhere (0.0.0.0/0). Since in our case we want to also have a webserver we should allow the public address to port 80 of our instances. Your final list should be like this:
Now that we have our security group ready, we just need to assign it to our instance. To assign a security group to an instance go to the “Network Interfaces” tab; select your instance and click on the “Change Security Groups” inside the Actions menu.
Select our newly created security group and click “save”
Your instance is now ready to use.
You can repeat the previous steps so you have 3 instances (swarm-manager, swarm-node-01, and swarm-node-02) for this tutorial. You should be able to ssh into your instances remotely. (
ssh -i <path/to/your/pem/file> [email protected]<instance.public.ip>)
At this point, your instances in EC2 should be able to ping each other.
You can stop and restart the instances and still be able to ping each other.
At the end of the tutorial, you can stop the instances.