Mike Culver: Hi, I'm Mike Culver, a web services evangelist from Amazon Web Services. The purpose of this tutorial is to walk through setting up Amazon EC2 in order that you can understand what's involved before you try it yourself.

We will not go beyond getting an instance up and running. And I promise only a few PowerPoint slides before we roll up our sleeves. By the way, this tutorial is for a Windows environment. We also support Linux desktops, and the online documentation tells you how to get started in that environment.

Before showing you how to set up Amazon EC2, I'd like to spend a moment reviewing what we see as the business benefits.

Amazon EC2 is short for Amazon Elastic Compute Cloud. Amazon EC2 is a web service that provides resizable computing capacity in the cloud. Like all of Amazon's web services, Amazon EC2 is designed to make web-scale computing easy.

One way we do that is by providing a web service interface that provides complete control of your computing resources through any administrative tool that you choose to build.

You are in control of a world where your application can automatically scale your virtual server farm up or down automatically as your computing requirements change. We call this "elastic computing".

Imagine competing on ideas, not on resources. Amazon EC2 allows you to do just that, because you pay only for the capacity that you actually use.

I like to say that computing is represented by the formula A + BC, where A represents fixed costs such as servers, and BC represents incremental costs such as bandwidth and monthly rack space in the data center.

Well, Amazon EC2 completely changes the economics of computing by eliminating A altogether. That is, there are no fixed costs at all and by dramatically reducing BC compared to historical industry averages.

With EC2, you pay only 10 cents per clock hour that you use the servers, plus 15 cents per gigabyte per month to store your server images, and finally 20 cents per gigabyte that moves in or out of Amazon's data centers.

So if you use your servers only one hour per month, you'll pay just 10 cents plus storage and traffic. There's no setup costs and no monthly fees, as I mentioned previously.

Finally, you have root access to each server, and you can interact with them as you would with any machine. Each instance is the equivalent of an Intel system with a 1.7 gigahertz X86 processor, 1.75 gigabytes of RAM, 160 gigs of local disk, and 250 megabytes per second of network bandwidth.

Okay, let's roll up our sleeves. You'll need to sign up at aws.amazon.com for a developer account. You can do that by hovering over this link here and clicking to sign up. Then you'll need to go to the Amazon Elastic Compute Cloud link and sign up for the Amazon EC2 web service.

You'll be automatically signed up for Amazon S3 if you're not already signed up for it. I'm not going to walk through the sign-up process here. However, you will need to retrieve an access key and a secret access key.

Okay. We need to create a directory to hold the command-line tools and other programs associated with the environment we're setting up, so I'll minimize Internet Explorer and go over here to the root of the C drive and right-click, choose "New Folder", EC2.

You could place this directory wherever you want and name it whatever you want. I chose to place it, however, under the root of the C drive and name it EC2.

Now let's go back to the Internet Explorer window. And if we were to scroll to the bottom of this screen, you can see here that you can click on "Technical Documentation", and download a "Getting Started Guide with API" documentation.

However, for the moment, what I want to show you is how to download certificates, an X.509 certificate. We do that by going back to the top of the screen and hovering over "Your Web Services Account", choose "View Access Key Identifiers". It's going to ask me to verify who I am as I log in. And one of the things I can do is view my access key id and my secret access key.

But what I want to show you right now is how to download an X.509 certificate. So I'm going to click here, and I'm going to choose, "Create New". Now I already have one created because I have an established account. I'm creating a new one to show you how to do it.

So it's warning me that I already have one, do I really want to do this, because it's going to blow away my old access key, you can only have one 509 certificate per account, so I'll say yes.

And it's generated two keys for me, a private key right here and an X.509 certificate down here. I'm going to start by downloading the private key file. I'll choose "Save", go to EC2, and I will call this "privatekey.pem". Then we'll download the certificate file. I'm going to call this "509certificate.pem"

You'll see in a second that it's important that I name them these for a batch file I'm about to use. You can name them whatever you want, as long as you modify your batch file to match. Ok. So we'll close out here, and next thing we need to do is go into the EC2 directory, and you can see that we have these two files here.

Next I'm going to copy a BAT file I'd created previously and placed it here on my desktop. And I'll paste it into the EC2 directory. Let's send this to Notepad so that you can see what I've done here.

So it's a pretty standard batch file. What we've done is turned off echo, we've set a bunch of environment variables including a reference to this private key as well as the 509 certificate. You can see why I named them these.

And in addition it references a Java runtime environment. Now you need to make certain that you have downloaded at least Java version 1.5 or higher, and in addition we need to download some command-line tools.

We'll do that by going back here to the Internet Explorer window. We'll click on the Amazon EC2 link just to take us back here, we'll go down to the Resource Center, click on "Resource Center", and then we want to click on "Developer Tools".

The one we want here is Amazon EC2 command-line tools. We'll click here to download these. I want to download the tools, and I'll tell them to save this to my desktop. So I've already downloaded them once. I'll just override them here.

Take a moment to download them, and we'll unzip them. Double-click here to unzip, and this is what I would like to extract, and I want to extract this to my EC2 directory.

Close out the zip file and you can see that there's this directory created under EC2, let me scroll down here so that we can expand the EC2 directory, and under it are two directories, a bin directory and a lib directory. I'm going to highlight both of these and move them up one level so that they hang directly under my EC2 directory.

I'll just get rid of this clunky directory name here. Okay. So you can see now that we have a BAT file, we have two certificates; we have this bin and this lib directory. We're going to click on "Start", "Run CMD", we'll change to C drive, change directory to the EC2 directory, and I'm just simply going to run this BAT file. So type "EC2", and you can see that it confirms that I'm running Java 1.5 or higher. Remember, that's important.

Now if I've done everything correctly, I should be able to type "EC2-describeimages xall", and it'll show me all shared images that are available to me as an EC2 user. And you see it came back with a list of them. The ones that are factory default, if you will, or the ones that start here with EC2 public images. You can see that there's a wide variety of them.

So it looks like our environment is up and running, and we're able to access the EC2 environment without any problems.

Next we need to add a keypair so that we can access the server image from our environment. And the way that I'll do this is I will type "ec2-addkeypair". And now I have to give it a name. It could be any name. I'm going to call it "mc", which is my initials, "-keypair". And notice that there's no suffix there. It's just "mc-keypair".

It'll take a moment. And what it'll return to me is the private key associated with this keypair. So here in the command window I'm just simply going to highlight the entire selection and press "Enter", which copies it to the clipboard.

And then over here I am going to create a new text document, and I'm going to call it "mc-keypair" with no suffix, that's fine. And then I'll right-click and send to Notepad, I have Notepad set up in my "Send To..." in Windows, so you might have to do "Open With". And I will paste it in here.

Now this is important. We're going to use PuTTY. And PuTTY is a SSH client. And PuTTY has a bug in it. I have to append a new line to the end of this file or we aren't going to be able to read this key. It took a long time to find that, but I'm passing that little tidbit on to you.

So we'll just do "File...Save" and close the file, and we're set to go here.

So let's describe the images again. So we'll do ec2-describeimages-xall to see the list of shared images again. We're going to start up one of the factory ones. And I think that the one I'll start is this one with Apache right here. That's got an image name right here, so I'll just copy that to the clipboard, or I can just type it in.

And now I'm going to say "ec2-run-instances" and I'll just type it in. "ami-23b6534a". And then, this is very important, "-kmckeypair". The reason this is important is that when I go to access the image through SSH, if I haven't assigned this keypair, I'm not going to be able to access it. The reason is there's no root password provided over the wire. We're going to use an SSH certificate.

So I'll run this instance. This could take up to ten minutes to initialize, you see it says, "pending". So we'll go off and do a few other things while we're waiting here.

The first thing we'll do is we need to open up a couple firewall ports. And the two ports I'm going to open are port 80 for http and port 22 which is SSH access.

So I'm going to say "ec2-authorize", the default security group, "-p" for port, "22" opens it up for SSH, and we'll do the same thing for port 80.

It's important to remember that the meter is running now, and at any time that you leave the meter running, you're accruing ten cents per hour runtime. That's about 72 bucks a month if you forget for a really long time.

Let's get PuTTY set up while we're waiting for this to launch. We'll just right-click on "Start", choose "Explore All Users", I'll "Find Program Files Tree", go find "PuTTY" which is the client I downloaded previously that I'm going to use as my SSH client. You can certainly use whatever you want.

So here's PuTTY, and there's a program in here called "PuTTYgen". It turns out that PuTTY by default can't use the key we just created, the one that I named "mckeypair". So we'll run this, we'll click on "Conversions", "Import Key", we'll import this "mckeypair", then we'll simply save it out as a private key.

PuTTY is warning me that I didn't create a passphrase to protect it. That's okay. I'm just doing a demo here. And so I will call this "puttykey.ppk". Okay. And we'll close out of this.

Let's start up PuTTY itself first and get it set up. So the first thing we're going to do is go down here to the auth node on the left tree and we'll browse for a key, we'll import this PuTTY key, and then we'll go back up over to "Session" and we're going to need to return the URL to the instance here.

Let's see how we're doing with this. So we'll type "ec2-describeinstances", that's plural, and it'll tell us whether or not we're up and running, and sure enough, we are. Let me expand this out a little so you can see it. It says, "Running", so what I'm going to do is highlight this big, long, nasty URL and press "Enter" to copy it to the clipboard.

Now, you could certainly put a C name into your own DNS records to point to this so that www.yourdomain.com actually resolved over to this, and you'd be up and running as a website on www. And in fact, let's go over here once, paste this into the browser tree, and sure enough, here's the Fedora default Apache page. So I know that we're up and running.

Go back over here to PuTTY. I'll paste this in, we're using port 22 and of course I already set up that auth section, and at this point if I click "Open", okay, PuTTY's warning me that it's never seen this hostkey in the registry, that's fine, I'll click yes, I want to log in as root. Don't need a password, that's all on the certificate. And look at that. We are in, and if I want to type some command, let's type in some arbitrary command, sure enough, I am root on a machine and we are up and running.

Finally, we can't forget to shut these down. So go back over here to my command window and that's fairly straightforward to do, we just type "ec2-terminateinstances" and give it the instance name, and that's this "i-8517f3ec" and press "Enter", and I got that name out of this image name right here.

Okay. So this'll take a moment or two to terminate, and of course as I wait for it to terminate, I can check by doing "ec2-describeinstances", and it'll tell me if it's still shutting down, which is what it's telling me over here on the right right now, or it'll say "terminated" once it is shut down. But obviously it's important that I not forget that unless I intend my instance to run seven by 24.

There's a lot more information available in the documentation at aws.amazon.com as well as developer forms and information on what others have done. Be certain to sign up for Amazon Web Services and try them out on your own ideas.

And if you create an application around Amazon Web Services, we'd love to add it to our solutions catalog. Getting it added is as simple as a few clicks. Simply click on "Solutions Catalog", and then submit your solution to the solutions catalog.

Finally, be sure to visit our blog at aws.typepad.com. Among the many interesting posts are dates and locations where we'll be presenting to local user groups. If you'd like us to present in your area, please email us at evangelism@amazon.com.

So thanks for watching, and I wish you the best of luck as you build on Amazon Web Services.