The Amazon EC2 instances for your Elastic Beanstalk environment - AWS Elastic Beanstalk

The Amazon EC2 instances for your Elastic Beanstalk environment

When you create a web server environment, AWS Elastic Beanstalk creates one or more Amazon Elastic Compute Cloud (Amazon EC2) virtual machines, known as Instances.

The instances in your environment are configured to run web apps on the platform that you choose. You can make changes to various properties and behaviors of your environment's instances when you create your environment or after it's already running. Or, you can already make these changes by modifying the source code that you deploy to the environment. For for more information, see Configuration options.

Note

The Auto Scaling group in your environment manages the Amazon EC2 instances that run your application. When you make configuration changes that are described on this page, the launch configuration also changes. The launch configuration is either an Amazon EC2 launch template or an Auto Scaling group launch configuration resource. This change requires replacement of all instances. It also triggers either a rolling update or immutable update, depending on which one is configured.

Elastic Beanstalk supports several Amazon EC2 instance purchasing options: On-Demand Instances, Reserved Instances, and Spot Instances. An On-Demand Instance is a pay-as-you-go resource—there's no long-term commitment required when you use it. A Reserved Instance is a pre-purchased billing discount applied automatically to matching On-Demand instances in your environment. A Spot Instance is an unused Amazon EC2 instance that is available for less than the On-Demand price. You can enable Spot Instances in your environment by setting a single option. You can configure Spot Instance usage, including the mix of On-Demand and Spot Instances, using additional options. For more information, see Auto Scaling group.

Amazon EC2 instance types

When you create a new environment, you choose an instance type. The instance type determines the host hardware that's used to run your instances. Elastic Beanstalk regularly adds support for new compatible instance types after Amazon EC2 introduces them. For information about instance types that are available, see Instance types in the Amazon EC2 User Guide for Linux Instances or Instance types in the Amazon EC2 User Guide for Windows Instances.

Graviton (Arm based) instance types

Elastic Beanstalk has introduced a gradual rollout of support for Graviton (Arm based) instance types. At this time, Elastic Beanstalk only supports Graviton instance types for a specific set of AWS Regions and platform branches. However, we plan to add support for more Regions on subsequent rollouts.

Graviton instances use different OS images than the ones that x86 instances use. For this first wave of Graviton support rollout, the Graviton configuration functionality differs slightly from the base functionality provided by Elastic Beanstalk for x86 based instances. We plan to add base functionality for Graviton instance types in subsequent rollouts.

To configure an environment with Graviton instance types during the present release, you must do the following:

  • Work with an environment in one of the following Regions that supports Graviton instance types: US East (Ohio) (us-east 2), US East (N. Virginia) (us-east-1), US West (Oregon) (us-west-2), US West (N. California) (us-west-1), Europe (Frankfurt) (eu-central-1), and South America (São Paulo) (sa-east-1).

  • Use one of the platform branches that supports Graviton instances. For a list of Regions and platform branches that support Graviton instance types, see Graviton gradual rollout in the AWS Elastic Beanstalk Release Notes.

  • Choose the appropriate image and provide the image ID for your platform branch and Region. Standard Elastic Beanstalk functionality for x86 based instances defaults the image ID for your chosen platform version and Region. However, for this current release of Graviton support, you must manually locate and enter the image ID that corresponds to your platform branch and Region. For a list of image IDs that are associated with specific Regions and platform branches, see Graviton image ids in the AWS Elastic Beanstalk Release Notes.

This topic provides Graviton specific sections that guide you when you need to take specific actions to configure your environment with a Graviton instance type. Expand the Graviton-specific sections as you continue reading through this topic.

Note

To learn more about Graviton Arm based instance types, see these AWS resources:

Configuring Amazon EC2 instances for your environment

You can modify your Elastic Beanstalk environment's Amazon EC2 instance configuration in the Elastic Beanstalk console.

To configure the Amazon EC2 instance for your environment as a Graviton instance type, you must select a Region that supports Graviton instance types. Then, continue with one of the following actions:

  • Create a new environment. You must select a platform version that supports Graviton instance types.

  • Configure an existing environment. You must update your environment to a platform version that supports Graviton instance types. For more information, see Updating your Elastic Beanstalk environment's platform version.

For a list of Regions and platform branches that support Graviton instance types, see Graviton gradual rollout in the AWS Elastic Beanstalk Release Notes.

After your environment is running on a Region and platform version that support Graviton instance types, continue with the following procedure. You configure the instance type for the Capacity configuration category in Step 5.

To configure Amazon EC2 instances in the Elastic Beanstalk console

  1. Open the Elastic Beanstalk console, and in the Regions list, select your AWS Region.

  2. In the navigation pane, choose Environments, and then choose the name of your environment from the list.

    Note

    If you have many environments, use the search bar to filter the environment list.

  3. In the navigation pane, choose Configuration.

  4. In the Instances configuration category, choose Edit. Make changes to settings in this category, and then choose Apply. For setting descriptions, see the section Instances category settings on this page.

  5. In the Capacity configuration category, choose Edit. Make changes to settings in this category, and then choose Continue. For setting descriptions, see the section Capacity category settings on this page.

Instances category settings

The following settings related to Amazon EC2 instances are available in the Instances configuration category.


          Amazon EC2 instance settings on Elastic Beanstalk instances configuration window

Monitoring interval

By default, the instances in your environment publish basic health metrics to Amazon CloudWatch at five-minute intervals at no additional cost.

For more detailed reporting, you can set the Monitoring interval to 1 minute to increase the frequency that the resources in your environment publish basic health metrics to CloudWatch at. CloudWatch service charges apply for one-minute interval metrics. For more information, see Amazon CloudWatch.

Root volume (boot device)

Each instance in your environment is configured with a root volume. The root volume is the Amazon EBS block device attached to the instance to store the operating system, libraries, scripts, and your application source code. By default, all platforms use general-purpose SSD block devices for storage.

You can modify Root volume type to use magnetic storage or provisioned IOPS SSD volume types and, if needed, increase the volume size. For provisioned IOPS volumes, you must also select the number of IOPS to provision. Throughput is only applicable to gp3 SSD volume types. You might enter the desired throughput to provision. It can range between 125 and 1000 mebibytes per second (MiB/s). Select the volume type that meets your performance and price requirements.

For more information, see Amazon EBS Volume Types in the Amazon EC2 User Guide for Linux Instances and Amazon EBS Product Details.

Instance metadata service

The instance metadata service (IMDS) is an on-instance component that code on the instance uses to securely access instance metadata. Code can access instance metadata from a running instance using one of two methods. They are Instance Metadata Service Version 1 (IMDSv1) or Instance Metadata Service Version 2 (IMDSv2). IMDSv2 is more secure. Disable IMDSv1 to enforce IMDSv2. For more information, see Configuring the instance metadata service on your environment's instances.

Note

The IMDS section on this configuration page appears only for platform versions that support IMDSv2.

Security groups

The security groups that are attached to your instances determine which traffic is allowed to reach the instances. They also determine which traffic is allowed to leave the instances. Elastic Beanstalk creates a security group that allows traffic from the load balancer on the standard ports for HTTP (80) and HTTPS (443).

You can specify additional security groups that you have created to allow traffic on other ports or from other sources. For example, you can create a security group for SSH access that allows inbound traffic on port 22 from a restricted IP address range. Otherwise, for additional security, create one that allows traffic from a bastion host that only you have access to.

Note

To allow traffic between environment A's instances and environment B's instances, you can add a rule to the security group that Elastic Beanstalk attached to environment B. Then, you can specify the security group that Elastic Beanstalk attached to environment A. This allows inbound traffic from, or outbound traffic to, environment A's instances. However, doing so creates a dependency between the two security groups. If you later try to terminate environment A, Elastic Beanstalk can't delete the environment's security group, because environment B's security group is dependent on it.

Therefore, we recommend that you instead first create a separate security group. Then, attach it to environment A, and specify it in a rule of environment B's security group.

For more information about Amazon EC2 security groups, see Amazon EC2 Security Groups in the Amazon EC2 User Guide for Linux Instances.

Capacity category settings

The following settings related to Amazon EC2 instances are available in the Capacity configuration category.


          Amazon EC2 instance settings on Elastic Beanstalk capacity configuration window

Instance types

The Instance types setting determines the type of Amazon EC2 instance that's launched to run your application. Choose an instance that's powerful enough to run your application under load, but not so powerful that it's idle most of the time. For development purposes, the t2 family of instances provides a moderate amount of power with the ability to burst for short periods of time.

This configuration page shows a list of Instance types. You can select one or more instance types. For large-scale, high-availability applications, use a pool of instances to ensure that capacity isn't too strongly affected if any single instance goes down. Start with an instance type that you can use to run five instances under moderate loads during normal hours. If any instance fails, the rest of the instances can absorb the rest of the traffic. The capacity buffer also allows time for the environment to scale up as traffic begins to rise during peak hours.

At this time Elastic Beanstalk only supports Amazon EC2 Graviton (Arm based) instance types for a specific set of Regions and platform branches. We have introduced a gradual rollout and plan to add support for more Regions on subsequent rollouts. For a list of Regions and platform branches that support Graviton instance types, see Graviton gradual rollout in the AWS Elastic Beanstalk Release Notes. For instructions to configure your environment with Graviton instance types, expand the Graviton specific sections throughout this topic.

For more information about Amazon EC2 instance families and types, including Graviton (Arm based), see Instance types in the Amazon EC2 User Guide for Linux Instances or Instance types in the Amazon EC2 User Guide for Windows Instances. To determine which instance types meet your requirements and their supported Regions, see Available instance types in the Amazon EC2 User Guide for Linux Instances or Available instance types in the Amazon EC2 User Guide for Windows Instances.

AMI ID

The Amazon Machine Image (AMI) is the Amazon Linux or Windows Server machine image that Elastic Beanstalk uses to launch Amazon EC2 instances in your environment. Elastic Beanstalk provides machine images that contain the tools and resources required to run your application.

For x86-based instances Elastic Beanstalk selects a default AMI for your environment based on the Region, platform, and instance type that you choose. If you have created a custom AMI, replace the default AMI ID with yours.

You must manually enter the AMI ID when you configure a Graviton instance type. To locate the Graviton AMI ID for your specific Region and platform version, see Graviton gradual rollout in the AWS Elastic Beanstalk Release Notes. At this time Elastic Beanstalk does not select a default Graviton AMI for you. We plan to add this functionality for Graviton instance types in subsequent rollouts.

If you decide to change your environment to an x86-based instance, you must select an x86-based instance type and enter the x86-based AMI ID for your specific Region and platform version. For a list of AMI IDs, see Graviton gradual rollout in the AWS Elastic Beanstalk Release Notes.

Configuring AWS EC2 instances for your environment using the AWS CLI

Use the AWS Command Line Interface (AWS CLI) to create and configure Elastic Beanstalk environments using commands in your command-line shell. This section provides examples of the create-environment and update-environment commands. The following examples uses the basic configuration options that are shown in this topic.

The four examples that follow create an environment and update the Amazon EC2 instances for an existing environment. The InstanceTypes and ImageId parameter values apply to a Graviton (Arm based) instance type in these examples. The same four examples can be used for environments with x86 based instance types, using applicable x86 values for InstanceTypes and ImageId.

These next four examples set the InstanceTypes option value to t4g.small, which is a Graviton instance type. At this time, Elastic Beanstalk only supports Amazon EC2 Graviton (Arm based) instance types for a specific set of Regions and platform branches. We have introduced a gradual rollout and plan to add support for more Regions on subsequent rollouts.

Use the following guidelines when you configure your environment with Graviton instance types:

  • Set --region-- and --solution-stack-name parameters to one of the Regions and platform versions listed in the Graviton gradual rollout section of the AWS Elastic Beanstalk Release Notes. The --solution-stack-name parameter refers to platform version.

  • Set the ImageId namespace option to one of the image IDs that are listed in Graviton image ids in the AWS Elastic Beanstalk Release Notes. The image ID must correspond to the value for solution-stack-name. Platform version is also referred to as solution-stack-name. For this current release of Graviton support, you must enter an image ID from the table. We plan to add base functionality for Graviton support in subsequent rollouts. The standard Elastic Beanstalk base functionality defaults the image ID based on your Region and platform version.

Example 1 — create a new Graviton Arm based environment (namespace options inline)

aws elasticbeanstalk create-environment \ --region us-east-1 \ --application-name my-app \ --environment-name my-env \ --solution-stack-name "64bit Amazon Linux 2 v3.4.7 running Docker" \ --option-settings \ Namespace=aws:autoscaling:launchconfiguration,OptionName=IamInstanceProfile,Value=aws-elasticbeanstalk-ec2-role \ Namespace=aws:ec2:instances,OptionName=InstanceTypes,Value=t4g.small \ Namespace=aws:autoscaling:launchconfiguration,OptionName=ImageId,Value=ami-0fbdb88ce139244bf

As an alternative, use an options.json file to specify the namespace options instead of including them inline.

Example 2 — create a new Graviton Arm based environment (namespace options in options.json file)

aws elasticbeanstalk create-environment \ --region us-east-1 \ --application-name my-app \ --environment-name my-env \ --solution-stack-name "64bit Amazon Linux 2 v3.4.7 running Docker" \ --option-settings file://options.json
### example options.json ### [ { "Namespace": "aws:autoscaling:launchconfiguration", "OptionName": "ImageId", "Value": "ami-0fbdb88ce139244bf" }, { "Namespace": "aws:autoscaling:launchconfiguration", "OptionName": "IamInstanceProfile", "Value": "aws-elasticbeanstalk-ec2-role" }, { "Namespace": "aws:ec2:instances", "OptionName": "InstanceTypes", "Value": "t4g.small" } ]

Similar examples show how to update the configuration for an existing environment with the update-environment command.

Example 3 — update an existing Graviton Arm based environment (namespace options inline)

aws elasticbeanstalk update-environment \ --region us-east-1 \ --application-name my-app \ --environment-name my-env \ --solution-stack-name "64bit Amazon Linux 2 v3.4.7 running Docker" \ --option-settings \ Namespace=aws:autoscaling:launchconfiguration,OptionName=IamInstanceProfile,Value=aws-elasticbeanstalk-ec2-role \ Namespace=aws:ec2:instances,OptionName=InstanceTypes,Value=t4g.small \ Namespace=aws:autoscaling:launchconfiguration,OptionName=ImageId,Value=ami-0fbdb88ce139244bf

As an alternative, use an options.json file to specify the namespace options instead of including them inline.

Example 4 — update an existing Graviton Arm based environment (namespace options in options.json file)

aws elasticbeanstalk update-environment \ --region us-east-1 \ --application-name my-app \ --environment-name my-env \ --solution-stack-name "64bit Amazon Linux 2 v3.4.7 running Docker" \ --option-settings file://options.json
### example options.json ### [ { "Namespace": "aws:autoscaling:launchconfiguration", "OptionName": "ImageId", "Value": "ami-0fbdb88ce139244bf" }, { "Namespace": "aws:autoscaling:launchconfiguration", "OptionName": "IamInstanceProfile", "Value": "aws-elasticbeanstalk-ec2-role" }, { "Namespace": "aws:ec2:instances", "OptionName": "InstanceTypes", "Value": "t4g.small" } ]

The next two examples show more create-environment commands. These examples don't provide values for InstanceTypes and ImageId. When these values aren't specified, Elastic Beanstalk defaults an x86 based instance type and image ID. It does this , based on the Region and platform version that you provide. If you only provide an x86-based instance type, Elastic Beanstalk defaults an image ID based on your chosen platform version and Region.

Example 5 — create a new x86 based environment (namespace options inline)

aws elasticbeanstalk create-environment \ --region us-east-1 \ --application-name my-app \ --environment-name my-env \ --solution-stack-name "64bit Amazon Linux 2 v3.4.7 running Docker" \ --option-settings \ Namespace=aws:autoscaling:launchconfiguration,OptionName=IamInstanceProfile,Value=aws-elasticbeanstalk-ec2-role

As an alternative, use an options.json file to specify the namespace options instead of including them inline.

Example 6 — create a new x86 based environment (namespace options in options.json file)

aws elasticbeanstalk create-environment \ --region us-east-1 \ --application-name my-app \ --environment-name my-env \ --solution-stack-name "64bit Amazon Linux 2 v3.4.7 running Docker" \ --option-settings file://options.json
### example options.json ### [ { "Namespace": "aws:autoscaling:launchconfiguration", "OptionName": "IamInstanceProfile", "Value": "aws-elasticbeanstalk-ec2-role" } ]

The aws:autoscaling:launchconfiguration namespace

You can use the configuration options in the aws:autoscaling:launchconfiguration namespace to configure the instances for your environment, including additional options that aren't available in the console.

The following configuration file example uses the basic configuration options that are in this topic. For example, it uses the DisableIMDSv1 option, which is discussed in IMDS. It also uses the EC2KeyName and IamInstanceProfile options that are discussed in Security, and the BlockDeviceMappings option, which isn't available in the console.

option_settings: aws:autoscaling:launchconfiguration: InstanceType: m1.small SecurityGroups: my-securitygroup MonitoringInterval: "1 minute" DisableIMDSv1: false EC2KeyName: my-keypair IamInstanceProfile: "aws-elasticbeanstalk-ec2-role" BlockDeviceMappings: "/dev/sdj=:100,/dev/sdh=snap-51eef269,/dev/sdb=ephemeral0"

You can use BlockDeviceMappings to configure additional block devices for your instances. For more information, see Block Device Mapping in the Amazon EC2 User Guide for Linux Instances.

Note

The InstanceType option is obsolete. It's replaced by the newer and more powerful InstanceTypes option in the aws:ec2:instances namespace. You can use this new option to specify a list of one or more instance types for your environment. The first value on that list is equivalent to the value of the InstanceType option that's included in the aws:autoscaling:launchconfiguration namespace that's described here. We recommend that you specify instance types by using the new option. If specified, the new option takes precedence over the previous one. For more information, see The aws:ec2:instances namespace.

The EB CLI and Elastic Beanstalk console apply recommended values for the preceding options. You must remove these settings if you want to use configuration files to configure the same. See Recommended values for details.