Setting up a server on EC2
Set up a server on EC2 when tasks require substantial memory, CPU, or disk space. EC2 provides more flexibility than ECS or Fargate, allowing you to run various task types. Keep in mind that it demands more effort for setup and maintenance.
This document provides guides for various use cases, walking you through the steps to set up a server on EC2 using Terraform as part of your Golden Path setup.
Prerequisites
- You have a working Golden Path (Terraform) deployment. If you don't, follow the Golden Path guide to set one up.
- You must have the AWS CLI installed and configured with the correct credentials.
- You must have
session-manager-plugin
installed and configured. See AWS Session Manager for more information.
EC2 bastion in private subnet with access to RDS
This guide shows how to use Terraform to deploy a server on EC2 that:
- Is configured to run in a private subnet
- Is accessible through AWS Systems Manager Session Manager.
- Can access a RDS database
Step 1: Download and configure the EC2 template
-
Locate the stack directory in your IaC repository for the environment you want to work with. For example, if you want to work with the
dev
environment and you have followed the Golden Path step-by-step guide, the stack directory isdev/infra
. -
Download the
ec2_instance
template fromgolden-path-iac
repository
Step 2: Edit the template
-
Open the
ec2_bastion.tf
file in your preferred editor. -
Edit the variables inside the
locals
block. They should be either self explanatory or documented in line.
Step 3: Deploy the template
-
Run
terraform init
to initialize the Terraform configuration. -
Run
terraform plan
to see what changes will be made. -
Run
terraform apply
to apply the changes.
Step 4: Verify deployment
Verify that the EC2 instance is running by running the following command, replacing my-bastion-server
with the name of the EC2 instance name specified in step #2.
aws ec2 describe-instances --filters "Name=tag:Name,Values=my-bastion-server" | jq -r '.Reservations[].Instances[] | [.State.Name, .InstanceId] | @tsv'
Example output:
Take note of the InstanceId
value (i-xxxxxxxx). You will need it in the next step.
Step 5: Connect to the EC2 instance using SSM
-
Run the following command, replacing
i-xxxxxxxx
with theInstanceId
value from the previous step. -
You should be presented with a shell prompt on the EC2 instance.
To exit the shell session, type
exit
and pressEnter
. -
Install the PostgreSQL client on the EC2 instance.
-
Verify that the EC2 instance can connect to the RDS database.
If you are prompted for a password, you have confirmed that EC2 instance can connect to the RDS database.
Depending on how you have configured the user you want to authenticate with, you may need to specify a username and password or generate a valid token for IAM authentication.