Shane Conder's Whateveritis of Nothing

So, I finally got a chance to play with Amazon EC2, or Amazon's Elastic Computing Cloud.  The experience largely went how I thought it would. However, there were a couple of interesting things that I noticed.  These things revolved around security, the virtual machine environment, and the billing of usage.

First off, EC2 has a firewall around it.  This is controlled via an API that allows you to authorize or revoke privileges based on many different rules all combined in to named rule sets.  The rules are applied immediately, too, which is great.  Compared to many normal data centers where the firewall might not even be accessible to you for your dedicated servers, this is particularly useful.  Not only can you defined traffic from IP and IP ranges to specific ports but you can also defined traffic by security group and user.  So, for instance, you could have a backend machine in the cloud that an only be accessed by a web server group you defined.  Or, instead of that, you can just specific your username and all instances running as your username will have access to that machine.  This is fast, flexible, powerful, and very easy to maintain.  For higher security, other software firewalls can be put in place and you could even dedicate an entire instance to being a firewall, should you choose to.

Second, the environment that the OS is running in is basically as described.  However, it's listed as being equivalent to a 1.7Ghz processor, but the procinfo shows it being an AMD processor running at 2.4Ghz.  I haven't done any tests on the performance of the machine, but the response times are nice and snappy.  Even if the compute power isn't fully that of the processor listed, the virtual configuration is running on top of high quality components so all parts are sufficiently fast.  I'd be curious how hard to would be to create FlashMob networks with a handful of instances, although it doesn't look like much has been happening within that community of years.  There really doesn't seem to be anything preventing a group from signing up to use more than 20 instances and going forward within bringing up any form of high performance computing cluster for science or profit.  The ability to do so, even if it's just to test the software and proof of concept, without having to dedicate hardware is wonderful.

Finally, a couple of items about billing surprised me a little.  Now, this has to all be taken into context.  My little experiment ended up costing me maybe a dozen cents more than I thought it would.  The billing for EC2 is listed as such: 10 cents per hour per instance being on, plus 20 cents per GB transferred in our out of Amazon (but not between S3), and 15 cents per GB per month for the storage of instances on S3 (billed by S3). 

The first surprise was that the 10 cents per hour used isn't pro-rated.  That is, 1 minute costs 10 cents, as does 59 minutes.  So, just to boot an instance will cost you 10 cents.  The impact of this is that booting 60 machines for one minute would actually cost 6 bucks not 10 cents like I may have implied before.  It's still cheap, but it has implications for the above mentioned performance cluster tests; that is, assume anything you want to experiment with will cost up to an hour and thus you might as well use up to an hour.  This is also true for machines that are on 61 minutes; you will pay for two hours or 20 cents.  Don't get me wrong, though.  This is still cheap for experimentation.  It just might not be the pennies you thought to bring up a machine for 10 minutes a day.

The second surprise turns out to not be a surprise.  At first, I thought that S3 was billing for the transfer in and out of S3 and that EC2 wasn't, so it wasn't double-billed.  However, the original assumption that no traffic between S3 and EC2 is billed is correct.  See, after creating the AMI that you'll be offered to create during the "getting started" document, I saw a charge appear on my S3 activity in the bandwidth.  However, I didn't do the math on it.  The charge was for a penny and I thought maybe it was for the transfer.  As it turns out, it was likely just a round-up from other usage (still shows 0.000GB of bandwidth).  The AMI is about 227MB, which does show up in the usage detail of the transfer (one time, though), but clearly wasn't charged for.  See, if it had been for transfer like I was thinking, the fee would have been 5 cents.

Now, again, keep in mind that although the billing of the instances is rounded up to the nearest hour, we're still talking pennies.  Even for non-business use, which is how I'm currently experimenting with it, this is cheap.  So far, I have 20 cents in instance usage, a penny for S3 storage usage, and another penny for bandwidth usage.  I've learned a lot about it without even spending a quarter.

My next tasks with Amazon EC2 are to run some performance tests to try to determine what kind of compute performance is really meant by 1.7Ghz.  That is, is it like a 1.7Ghz Core 2 (solo, of course) or like a 1.7Ghz Pentium 4?  There's a huge difference between the two and it might actually be more like a 2.4Ghz modern AMD processor, which would also be great.  Another task I want to do is see if I can turn my current server into an instance.  I've been a little confused by some of the AMI creation documents without actually doing them, so I've just got to roll forward with it.  That's a topic for another post, though.

Until next time, compute on!

Posted by Shane on February 26, 2007 10:02 PM | Permalink