I have always hosted my websites on a local (self managed) Linux or Microsoft web server. Lately I have taken great interest in Amazon's Cloud platform -- Elastic Compute Cloud(EC2). Although we have a T1 for internet access, I have been somewhat leery of the "fault tolerance" and "scalability" of our setup. I had heard a number of people talk about how cheap the Amazon EC2 solution was, but the stated characteristics of Amazon EC2 instances "lacking persistent storage" made running a dynamic database (such as MySQL) infeasible (changes such as database rows inserted, updated, or deleted -- in the event of an EC2 instance going down -- would be lost forever).

This post is part of a series of posts detailing the steps required to host a LAMP installation on Amazon's Elastic Computing Cloud. Steps in this post may depend on actions taken in previous posts. Amazon's Web Cloud Services are a pay-as-you-go service so please realize anything you do may result in charges to your Amazon account.

Then along came Amazon's Elastic Block Storage(EBS). EBS brought the idea of persistent volumes -- storage that would persist after an EC2 instance terminated. So the idea was -- run your operating system and static files on an EC2 instance and then store your dynamic files, databases, etc. on an EBS volume.

So Amazon offers a workable solution for me. But what really brings value are some of the tools that Amazon provides:

• Persistent storage in the event of instance failure - If an EBS volume is used as the storage for a MySQL database, then the data is protected from instance termination or failure. You can simply attach/mount the volume on another instance and MySQL will run its normal recovery procedures to bring the database up to date with the binary logs.
• Safety & Replication - According to Amazon, "EBS volume data is replicated across multiple servers". This makes your data safer than the default instance storage.
• Improved performance - Early reports from studies on EBS disk IO performance indicate that EBS IO rates can be multiple times faster than ephemeral storage and even local disk IO. This has obvious benefits for databases which are often IO bound.
• Large data storage capacity - EBS volumes can be up to 1TB in size. In theory you could go larger with LVM or RAID across EBS volumes, or by placing different databases or table files on different EBS volumes.
• Instance type portability - If you find that your current small EC2 instance is not able to handle your growing demand, you could switch the EBS volume holding your MySQL database to a running extra large instance in a matter of seconds without having to copy the database across the network. Downgrade instance types later to save money.
• Fast and easy backups - EBS snapshots alone could be a sufficiently attractive reason to move a database server to Amazon EC2. Being able to take live, consistent, binary snapshots of the database in just a few seconds is a thing of beauty. Add in the ability to create a new EBS volume from a snapshot so another EC2 instance can run against an exact copy of that database... and you've opened up new worlds of possibilities.

Setting up an Amazon Web Services Account

If you don't have one already, you will have to setup an Amazon account with a valid credit card so that they can get their $$$. Once your active, you can setup a Amazon Web Services Account. Then follow the link to the Access Identifiers Page. Your Access Key ID and your Secret Access Key should be displayed. You may have to use the supplied Generate button to generate your Secret Access Key. Write these down or print this out -- you will need these later. Good news is you can come back to this page to get this info in the future.

Lower on this page, use the Create New button to generate an X.509 certificate. Use the Download button to save this certificate locally and write down/print your private key.

Next, go to the Elastic Compute Cloud page and use the Sign up for Amazon EC2 button to sign up for EC2 and S3.

You can download a Firefox browser plug-in called Elasticfox or you can use Amazon's most excellent AWS Management Console. Currently the plug-in is at version 1.6. To complete the setup of the Elasticfox plug-in, you will need to click on the Credentials button and use the Access Key and Secret Access Key from our previous steps. Add the keys and click Close.

Setting up a Key Pair

The next step is to configure a key pair for use when starting up your linux instances. This public / private key pair will allow you to log in as root to a new instance generated off of a public machine image without the use of a password. From the AWS Management Console, select Key Pairs from the left-hand Navigation column. The Key Pairs tab will be displayed. Click on the Create Key Pair button. Give this new key pair a name and click on the Create button. You should receive a message, something like "A key pair has been created for you with the name xxxxxxx. Your private key should begin downloading in a few seconds". You should then be given the opportunity to save the key file (with a *.prm file extension) to your local hard drive. Save it to a safe but memorable place because you will need to use this file later for remotely connecting to your instance (via SSH).

Setting up a Security Group

A Security Group in Amazon's Web Service is basically a firewall. By default all network ports are blocked. You have to specifically allow access to your instance via port and ip (or group of ip) address. First select the Security Group tab and then click on the green plus button to add a new security group. Enter an appropriate Group Name and Description. Remember this group will most likely contain all of the allowed network ports for accessing this instance.

Although it is beyond the scope of this post, you will want to make sure and enable SSH, HTTP, and most likely HTTPS for the IP address of your client PC. Eventually you will also want to allow access (especially HTTP access) for other IP address ranges (hint: you will want to add IP group 0.0.0.0/0 for HTTP once your site goes "production", otherwise people will not be able to access it).