Images on the Amazon Elastic Compute Cloud
Elastic Compute Cloud (EC2) is a unique beast; its operation is dictated by the design approach taken by Amazon while creating the service, and that design carries far-reaching implications for how EC2 applications should be architected and managed.
The difference between success and failure with EC2 is dictated by how well you understand the service's characteristics and how well you align your applications with those characteristics.
An image is the collection of bits needed to create a running instance. This collection includes the elements described in this list:
At minimum, the operating system that will run on the instance: That means it can be Windows or Linux.
Any software packages you've chosen to install: The package can be software that you've written or a package from a third-party provider (assuming, of course, that the software license supports this type of use). For example, you may include the Apache web server along with the load balancer HAProxy — both are open source products that can be freely included in your image.
Any configuration information needed for the instance to operate properly: For example, in an image containing Linux, Apache, and HAProxy, you may include configuration information for HAProxy to communicate with the Apache server located on the same instance. Adding this information to the image prevents having to configure the packages every time you launch the image.
An image carries access rights: Someone owns it, and the owner can control who may launch (or even see) the image. The following list describes the image-ownership categories, which are listed on the drop-down menu:
Owned by me: Images created by your account, whether you are its sole user or you share it with others; may include both public and private images
Amazon images: Images created by Amazon and made available to anyone who wants to use them
Public images: Images owned by other accounts but made available to anyone who wants to use them
Private images: Images owned by you and made available only to you or to other accounts you specify
EBS images: Images that use Elastic Block Storage (EBS) as the storage for the AMI
Instance-store images: Images that are stored in Simple Storage Service (S3)
32-bit: Images built on 32-bit operating systems (can be either instance- or EBS-backed)
64-bit: Images built on 64-bit operating systems (can be either instance- or EBS-backed)
AWS Marketplace: Images, created by third parties, that are available for a fee
Commercial software companies that offer images containing their software commonly make this type available. Marketplace images address the issue of commercial software licensing: If you're a user, you don't want to pay a full perpetual license fee for an instance that you may run for only a few hours or days; on the other hand, the software creator wants to be paid for the value its software offers.
Marketplace images allow software companies to offer their software on a pay-per-use basis, allowing both vendor and user a payment mode that aligns with the overall AWS approach.
Be extremely careful about which AMIs you use. When you launch an instance from a public image, you're launching whatever software packages the creator placed on the image. It doesn't take much imagination to envision the kinds of malicious software that can end up on an AMI.
For any task beyond prototyping, use images only from sources you trust. Even better, create your own images so that you know exactly what's on the AMI.
A closer look at the figure reveals a cornucopia of other AMI information:
AMI ID: Peeking out from the AMI Type drop-down menu to identify every AMI, this AWS-assigned number is unique for every AMI.
Source: The description of the AMI typically includes information about the AMI creator's name, the operating system, and the software components installed on the AMI.
Owner: This long number is the image owner's AWS account number.
The following image information isn't visible in the screenshot in the figure, but if you scroll to the right, you can see it:
Visibility: Tells you who can see the AMI
Platform: Points out which operating system is installed on the AMI
Root device: Indicates whether the image is an S3-backed instance or an EBS-backed instance
Virtualization: Specifies how the instance interacts with the virtualization hypervisor in EC2 (information that you generally don't need to be concerned about or, indeed, have control of)