Best Practices
Here are some suggestions for making the best use of the Amazon's EC2 instances.
Do not rely on an instance's local storage for valuable, long-term data . Instances can fail, and when
they fail, the data on the local disk is lost. You should use a replication strategy across multiple
instances to keep your data safe or store your persistent data in Amazon S3.
Define images based on the type of work your instances perform. For "internet applications" you may
choose to define one image for database instances and one image for your webservers. Image creation
and storage are cheap and easy operations. Individualize and customize as necessary. Keeping your
images specialized will mean that the resulting AMIs can be smaller. Smaller AMIs will boot
considerably faster.
Monitor the health of your instances. Make your instances work for you by monitoring each other.
You may choose to create an image which contains one of the various open-source monitoring tools
such as Nagios or OpenNMS. Each worker instance, based on your other images, might then report its
health to your monitoring instance.
Keep your Amazon EC2 firewall permissions as restrictive as possible. Only open up permissions you
need to open. Use separate groups to deal with instances that have different network ingress
requirements. Consider using additional security measures inside your instance including your own
firewall. If you need to login interactively (ssh), consider creating a bastion security group that allows
external login, while the remainder of your instances are in a group that does not allow external login.
Amazon EC2
Developer Guide
21
Command Line Tool Reference
Amazon EC2
Developer Guide
22
Previous Page Next Page