Detailed information about these items are available from the AWS EC2 online user guide for Linux instances.
Amazon EC2 uses a public key to encrypt a piece of data like a password, and the recipient (you, the user) uses a private key to decrypt the data. So the use of the public/private keys is known as a key pair - and you must specify the name of the key pair for your instance at launch, and have that same key pair to log into your instance.
Ryft-enabled instances run in a Linux environment, so your public key will be stored in your computer's default download folder when you launch your instance. Copy the public key file to the "~/.ssh/" folder on your computer.
Follow these steps to create a new key pair:
- Go to the Amazon EC2 Console.
- In the left-hand navigation pane, scroll down to the NETWORK & SECURITY section, and click Key Pairs.
- Click Create Key Pair.
- Enter a unique Key pair name and click Create.
- Your new key pair is displayed, along with it's unique Fingerprint. Once created, the PEM file for that key (for this example, "Ryft-F1-Elastic.pem") downloads to the default download location of your computer.
- Once you have your PEM file, copy it to your "~/.ssh" directory on your computer for your SSH client, such as Cygwin.
See: Amazon EC2 Key Pairs for more information about Key Pairs.
Per AWS documentation, it describes Security Group as "a virtual firewall that controls the traffic for one or more instances. When you launch an instance, you associate one or more security groups with the instance. You add rules to each security group that allow traffic to or from its associated instances. You can modify the rules for a security group at any time; the new rules are automatically applied to all instances that are associated with the security group. When we decide whether to allow traffic to reach an instance, we evaluate all the rules from all the security groups that are associated with the instance."
Follow these steps to create a new security group
- From the EC2 Dashboard, scroll down the left-hand menu and select Security Groups. The Security Groups information displays in the body of the page. A list of your defined security groups displays.
- Click Create Security Group.
- Enter your security group name and description, select your VPC, and then add your rules.
In our example, we’ll add 2 inbound rules; one for SSH on TCP port 22, and another one for Kibana on TCP port 5601.
- Finally, click Create. It's created and listed on the page. Select your new Security Group, and then click the Inbound tab at the bottom of the page to see the inbound ports you specified.
A Virtual Private Cloud or VPC allows your enterprise network administrators to create your internal IP addresses, which you can share between multiple servers and network devices. One of the internal IP addresses on your VPC will be assigned to your Ryft server. This is unique to your organization.
Follow these steps to create a new VPC:
- Go to the VPC Dashboard and select your VPCs
- Click Create VPC, and then enter the VPC name and the IP block.
In this example, the VPC name is “Training VPC – Internal” and we then assign a /24 block on your network.
- Finally, click Yes Create.