Skip to Content

How to Launch a Ubuntu Server 20.04 in AWS EC2?

By: Author Saifudheen Sidheeq

Posted on  - Last updated:

If you want to start any web application or any application for that matter, the cloud has made our life much easier, you don’t have to spend anything for your infrastructure rather you pay someone else to manage the infra and you pay for what you use. Which is awesome.

Most of the applications are built on top of Linux operating systems, and in this blog, we are going to take a look at Ubuntu operating system, specifically the Ubuntu server.

The ubuntu is one of the popular Linux distribution operating systems out there, I have been using the Ubuntu Desktop for a long time as a virtual machine also as my main operating system. And there is a server operating system from Ubuntu called Ubuntu server.

I have covered plenty of articles on how you can install Ubuntu on local hypervisors.

In this blog, we are going to take a look at how you can launch an Ubuntu server in Ec2 on an AWS VPC, and secure the SSH access to get into the VM.

To make this tutorial simple I am going to use the default VPC that you get when you start using the AWS free tier. So based on your network you might need to adjust the settings accordingly.

We will launch an Ubuntu ec2 instance, enable internet access so that we can ssh into the client, we also secure SSH access so only we can ssh into the machine.

Below is the diagram for your reference.

I have default VPC with the subnet 172.31.0.0/16, which already has the routing table that points to the internet for internet traffic.

Before you begin.

  • Make sure you already have SSH Keypair enabled for you to access the VM, without which you cannot log in to the VM.
    • To create an SSH keypair, log in to your AWS dashboard. It is recommended to login to the aws account with IAM user, To login, to the IAM user you need to have
      • Account ID.
      • Username
      • Password
    • Under services click on EC2, or you the search option and find the EC2.
    • You will get multiple options on the left side.
    • Under Network & Security click on Keypair.
    • Click on Create Keypair.
    • Provide a name and choose the private key format as .pem and click on Create Key Pair.
  • Once created you will be prompted to download the key pair file.
    • Save the file to a secure location on your machine.
  • Decide on the Availability zone where you want to launch the VM.

Sometimes you launch the VM and realize that you launched them in the wrong az.

On the top right-hand corner choose the AZ which is nearest to your location.

Steps by steps to launch Ubuntu server on AWS EC2.

1. Launch the instance.

Goto EC2 services, under instance, click on instances.

On the right top corner click on Launch Instance.

2. Choose the Ubuntu server AMI.

In the list of Amazon machine images, you will see the Ubuntu server when you scroll down.

Choose the version you would like to launch and click on select on the right.

I am choosing the Ubuntu Server 20.04.However you still have the option to choose the Ubuntu Server 18.04 version as well.

3. Choose the instance type.

If you are running AWS free tier then you will have to choose the free tier eligible instance type, t2.Micro for example.

Only if you have enough budget and you have different requirements in terms of VM resources you may choose a different instance type.

I have chosen t2.micro and clicked on Next: Configure instance details.

4. Configure the Ubuntu server instance details.

You can pretty much leave everything default, however, I would take a look at below before I continue so that I will have more control over my instance.

  • Network: Choose your desired VPC, if you have multiple VPC’s you will have to choose the one where you want to deploy the VM.
  • Subnet: I am keeping my Test VM’s under Subnet B which is 172.31.16.0/20, hence choose the subnet of your choice.

Below is the sneak peek of my subnet allocation, which is pretty much default, just that I have the name given to identify each of the subnets.

You have to also make a note that, each subnet will be in a different availability zone, which is a good thing.

  • Auto-assign the public IP – I am choosing the default, which is enabled.

Sometimes while playing with the subnet you may have disabled the public IP allocation, so you must assign the public IP at this time. If you don’t assign the public IP to the host you cannot SSH into the host, unless you have another jump server in the same VPC that has public access.

You can leave everything else default and click on Next: Add storage.

5. Add storage.

I am leaving the default option, if you would like you can increase or decrease the storage size, encrypt the disk, and so on.

The option delete on Termination, if it is checked, whenever you terminate the instance the storage will get deleted as well. If you uncheck that, the EBS volume assigned to the VM will not be deleted.

I am leaving the default and clicking on Next: Tags.

6. Add Tags.

Adding the tags is not so important, but it will be easy to identify the VM if you add the tags before the deployment.

I have given the tags below.

Click on Next: Configure Security Group.

 7. Configure the security group.

There are two rules we need to configure here.

  1. Enable ICMP: Enabling the ICMP will allow us to ping the VM from outside the VPC, for example on the internet. It is common to enable ICMP access across the internet, so add the rule as below.

The rule says anybody trying to ping from the internet to the Virtual machine it will be allowed.

  • Enable SSH: Many people will leave the SSH access to everywhere 0.0.0.0/0 which is not a good practice.

Instead what I recommend is, whenever you enable the SSH access, provide your static public IP as the source, meaning only from the provided static IP you should be able to get in, the rest all will be denied.

The enterprise network will have static IP enabled, which you can check by clicking here.

If you are performing these steps from Home and don’t have Static public IP from your ISP don’t worry, you can check here to find out your dynamic public IP and choose that IP as the source to restrict the SSH public Access.

As you can see below, in my rule, I modified anywhere statement to custom and chose my static IP.

Note: The dynamic IP address will be changed at times based on how your ISP is configured the DHCP lease, so in case if you lose the SSH connectivity to the aws ec2 host, it must be due to the IP address getting changed. So you will have to check your public IP address again and update your rule replacing the old IP with the new one.

  • Other ports.

If you are planning to use this VM as a web server, where you want to allow all the internet users to be able to access the machine via 80 or 443 you may create that rule here, that says from everywhere port 80 and 443 are allowed.

Since I will not be configuring this as a web server I should be okay not to use the rule above.

8. Click on Review and Launch.

Just review the configuration and make sure everything is correct then click on Launch.

Choose the keypair.

Remember, we have created key pair earlier, we are going to associate the key pair with the VM and Acknowledge.

And click on Launch instance, this will launch the instances now.

9. Validate the instance status.

Click on View instances to go back to your EC2 dashboard where you will be able to see the current instances that are running in EC2.

As you can see, my Ubuntu VM is currently running

Since we have allowed the ICMP from everywhere, you should be able to ping the VM now.

Select the VM, and under details, you will be able to see the public IP as well as the private IP address of your VM.

The Private IP you will be able to reach within the VPC, so copy the Public IP and from your terminal or CMD on your machine try to ping the machine.

You can either ping using the public IP or the DNS name, as you can see below.

10. SSH into the Machine.

I am going to use the windows command prompt to ssh into the Ubuntu machine.

Goto the keypair downloaded location, and open CMD here.

You can either type CMD on the windows explorer address bar, or press the shift key and right-click to open PowerShell here.

Either the CMD or Powershell will work.

To ssh into the Ubuntu type the below.

ssh -i aws-key1.pem [email protected]

or

ssh -i aws-key1.pem [email protected]

Click on Yes on the security prompt and that’s it you will be able to login to the Ubuntu machine via the internet.

Categories AWS