Rationale

AWS EC2 (Elastic Compute Cloud) is the service we use for running computing machines on the cloud. It provides the required infrastructure for services like our CI, Kubernetes Cluster, among others. The main reasons why we chose it over other alternatives are the following:

• It seamlessly integrates with other AWS services we use like ECS, EKS, Batch, Elastic Load Balancing, etc.
• It complies with several certifications from ISO and CSA. Many of these certifications are focused on granting that the entity follows best practices regarding secure cloud-based environments and information security.
• It provides a wide range of machine types from 2 Vcpus and 0.5 GB RAM, to 224 Vcpus and 24,576 GB RAM. It gives us the capability of vertical scaling.
• Machine types are also divided into different specializations. There are general-purpose, compute-optimized, memory-optimized, storage-optimized and accelerated-computing instances. By having all these types of machines, we can easily select which ones to work with depending on the nature of the problem we are trying to solve.
• It supports Spot Instances, which are unused instances available for less than the on-demand price. Spot Instances can be up to 90% cheaper than on-demand instances. Spot Instances can be terminated by AWS if capacity is no longer available, making them a perfect fit for interruptible tasks like CI/CD jobs, Batch tasks and horizontally-scaled applications like our Platform.
• It supports Auto Scaling, which allows us to automatically scale up and down the number of machines running our applications. This is especially useful when combined with our Kubernetes Cluster running on EKS, as multiple instances of our ARM can be turned on and off based on specific parameters.
• It supports advanced networking features that allow assigning public IP addresses, having multiple network interfaces, connecting to virtual private clouds, among others.
• It supports advanced security configurations like setting security groups to specify what ports can be accessed, filtered by both IP ranges and network protocols, network isolation, connecting to instances using SSH keys, among others.
• It supports many operating systems, including the most common Linux distributions, macOS, Raspbian and Windows Server. It gives total flexibility when implementing solutions that require a specific OS.
• It supports amazon machine images; such virtualization images allow us to turn on preconfigured instances without having to worry about setting things up.
• It provides a dynamic resource limiting approach, which gives us the capability of horizontal scaling. Sending quota increase requests is also possible.
• Instance resources and state can be easily monitored using CloudWatch.
• Instances can have external disks by using EBS, meaning that all data within an instance persists in case it ceases to exist.

Alternatives

Note: Google Compute Engine and Azure Compute are alternatives that did not exist at the time we migrated to the cloud. A review of each of them is pending.

Usage

We use AWS EC2 for running

• CI workers and bastion;
• Kubernetes Cluster workers and autoscaling;
• Batch workers;
• Okta RADIUS agent;
• ERP;
• Jumpcloud LDAP agents (this is currently being deprecated).