         | Did this page help you? Yes No Tell us about it... |
Using EC2 Dedicated Instances Within Your VPC
When you need to launch instances that are physically isolated at the host hardware level, you can use Amazon Elastic Compute Cloud (Amazon EC2) Dedicated Instances. Launched within your Amazon Virtual Private Cloud (Amazon VPC), Dedicated Instances let you take advantage of Amazon VPC and the AWS cloud while isolating your Amazon EC2 compute instances at the hardware level.
This section discusses the basics of Dedicated Instances, identifies the tools you need to use them, and walks you through the processes of implementing them.
We assume you are familiar with the following concepts:
Dedicated Instance Basics
Amazon EC2 instances launched into a VPC have a tenancy attribute. Setting the instance's tenancy attribute to
dedicated specifies that your instance will run on single-tenant hardware. Amazon VPCs
have a related attribute called instance tenancy. Setting this instance tenancy
attribute to dedicated specifies that only Dedicated Instances
can be launched into the VPC.
![[Note]](http://docs.amazonwebservices.com/docs-common/images/note.png) | Note |
|---|---|
We have a separate pricing model for running instances that have dedicated tenancy. For more information, go to the Amazon EC2 Dedicated Instances product page. |
In planning your VPC and the instances you want to launch into the VPC, consider these two approaches to implementing Dedicated Instances:
Specify that only Dedicated Instances are launched into your VPC.
To do this, you create your VPC with the instance tenancy set to Dedicated. When you launch instances into this VPC, the tenancy will be automatically set to Dedicated.
Note If you plan to implement Auto Scaling on your Dedicated Instances, the Dedicated Instances must be launched into VPCs that have instance tenancy set to Dedicated.
Specify that a specific instance launched into your VPC is a Dedicated Instance.
To do this, you leave the instance tenancy of your VPC set to Default when you create it. This way, you can launch instances with dedicated tenancy and instances with default tenancy into that VPC. You specify the tenancy of the instance when you launch it.
![[Important]](http://docs.amazonwebservices.com/docs-common/images/important.png) | Important |
|---|---|
You set the tenancy of instances and the instance tenancy of VPCs when you first launch or create them. You cannot change their tenancy or instance tenancy after you set them. If you want your VPC to be dedicated and you didn't specify dedicated as its tenancy value when you created the VPC, you'll have to delete the VPC, recreate it, and relaunch the instances. Likewise, if you want your instance to run on single-tenant hardware and you didn't specify dedicated tenancy when you launched the instance, you must stop the running instance and relaunch it as dedicated. |
| Note |
|---|---|
Although you can launch Amazon EBS-backed Dedicated Instances, the EBS volume will not run on hardware dedicated to your account. |
Reserved Instances with Dedicated Tenancy
To guarantee that sufficient capacity will be available to launch Dedicated Instances, you can purchase Dedicated Reserved Instances. For more information about Reserved Instances, go to On-Demand and Reserved Instances.
When you purchase a Dedicated Reserved Instance, you are purchasing the capacity to launch a Dedicated Instance into a VPC at a much reduced usage fee; the price break in the hourly charge applies only if you launch an instance with dedicated tenancy. However, if you purchase a Reserved Instance with a default tenancy value, you won't get the price break in the hourly charge if you later launch a Dedicated Instance.
In addition, you can't change the tenancy of a Reserved Instance after you've purchased it. So, if you purchase a Reserved Instance and later you want to use that capacity for launching a Dedicated Instance, you cannot change that Reserved Instance into a Dedicated Reserved Instance.
Dedicated Tenancy Options in the AWS EC2 Tools
You can launch Dedicated Instances or create VPCs with an instance tenancy of dedicated using the AWS Management Console, the API, or the command line tools. In the AWS Management Console, you specify the Dedicated option using the Tenancy drop-down box.
If you use the API or command line tools, you specify the dedicated tenancy option when you create the VPC using the
CreateVPC call or the ec2-create-vpc command. You specify the instance you
launch as dedicated using the RunInstances call or the ec2-run-instances command.
The following table lists the new API actions and commands for Dedicated Instances, and describes them.
For more information, go to:
| Command and API Actions | Description |
|---|---|
|
|
The supported tenancy of instances launched into the VPC.
A value of |
|
|
Returns a tenancy value of default or dedicated. |
|
|
Returns a tenancy value of default or dedicated. |
|
|
Returns a tenancy value of default or dedicated. |
|
|
Includes the supported tenancy options for instances
launched into the VPC. If the tenancy value is set to |
|
|
Includes a tenancy value that you specify for the instances you launch into your VPC. |
Using Dedicated Instances
In this section, we walk you through launching Dedicated Instances, changing the tenancy of an instance or the instance tenancy of a VPC, and getting tenancy information using the different AWS EC2 tools.
Creating a VPC with an Instance Tenancy of Dedicated
When you create an Amazon VPC, you have the option of specifying its instance tenancy. You can accept the default, or you can specify an instance tenancy of dedicated for your VPC. In this section, we show you how to create a VPC with an instance tenancy of dedicated.
AWS Management Console
To create a VPC with an instance tenancy of dedicated
Open the Amazon VPC console at https://console.aws.amazon.com/vpc/.
Here, you create a VPC either through the Create an Amazon Virtual Private Cloud wizard or the Create VPC button.
When you use the wizard, after selecting your VPC configuration, you will get a confirmation page showing the CIDR blocks, subnets, the size of the NAT instance, key pair, and the instance hardware tenancy of the VPC. You can change any of these values if you want.
Click Edit Hardware Tenancy and select Dedicated.
Alternatively, use the Create VPC button, which you can find when you select Your VPCs in the Navigation pane.
In the Create VPC dialog box, click the Tenancy drop-down box, and then select Dedicated.
Specify the CIDR Block and click Yes, Create. For information on specifying CIDR block, go to the Wikipedia article about Classless Inter-Domain Routing.
Proceed with the rest of the wizard as you would when creating a VPC with an instance tenancy of default. For more information, go to Task 2: Create the VPC and Subnet.
Command Line Tools
To create a VPC with an instance tenancy of dedicated
Use
ec2-create-vpcand specifydedicatedfor the optionaltenancyoption.Your request will look like this:
ec2-create-vpc 10.0.0.0/16 --tenancy dedicated
The command returns a table that includes the new VPC's instance tenancy. The response will look similar to the following example.
VPC vpc-1773ec7e pending 10.0.0.0/16 dopt-eb73ec82 dedicated
API
To create a VPC with an instance tenancy of dedicated
Use
createvpcand specifydedicatedfor the optionalinstancetenancyoption.Your request will look like this:
https://ec2.amazonaws.com/ ?SignatureMethod=HmacSHA256 &SignatureVersion=2 &Version=2011-02-28 &Expires=2011-03-26T07:43:41Z &Action=CreateVpc &CidrBlock=10.32.0.0/16 &InstanceTenancy=dedicated &AWSAccessKeyId=YOUR_ACCESS_ID &Signature=YOUR_SIGNATURE
The following is an example response.
<CreateVpcResponse xmlns="http://ec2.amazonaws.com/doc/2011-02-28/"> <requestId>a9e49797-a74f-4f68-b302-a134a51fd054</requestId> <vpc> <vpcId>vpc-11a63c78</vpcId> <state>pending</state> <cidrBlock>10.32.0.0/16</cidrBlock> <dhcpOptionsId>dopt-27fd624e</dhcpOptionsId> <instanceTenancy>dedicated</instanceTenancy> </vpc> </CreateVpcResponse>
Launching Dedicated Instances into a VPC
You can launch Dedicated Instances into a VPC that has an instance tenancy of either default or dedicated. Dedicated Instances and instances that have default tenancy can be launched into VPCs that have default instance tenancy. In contrast, all instances launched into dedicated tenancy VPCs will be launched as dedicated instances, regardless of the tenancy assigned to the instance at launch.
AWS Management Console
To launch Dedicated Instances into a VPC
Sign in to the AWS Management Console, open the VPC console, and create a VPC or use a VPC that you previously created.
Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/.
Click the Launch Instance button.
In the Request Instances Wizard, select an AMI from My AMIs, if you have AMIs of your own, or one of the available AMIs in the Community AMIs tab.
On the INSTANCE DETAILS page, select the Launch Instances Into Your Virtual Private Cloud radio button.
Select a Subnet ID you want to attach the instance to and click Continue.
The INSTANCE DETAILS page shows an Advanced Instance Options section.
Select Dedicated from the Tenancy drop-down box and click Continue.
Proceed with the rest of the wizard as you would when launching an instance. For information about launching instances, go to Running an Instance.
Command Line Tools
To launch Dedicated Instances into a VPC
Create your VPC using the
ec2-create-vpccommand or use a VPC that you previously created.To launch a Dedicated Instance, you specify the
tenancyvalue asdedicated.Your request will look something like this example.
ec2-run-instances ami-546c983d --tenancy dedicated -s subnet-726cf31b
API
To launch Dedicated Instances into a VPC
Create your VPC using the
CreateVpcAPI function or use a VPC that you previously created.Launch a Dedicated Instance by specifying the
Placement.Tenancyvalue asdedicated.Specify the
SubnetIdof the dedicated VPC you want to launch the instance into.Your request will look something like this example.
https://ec2.amazonaws.com/ ?SignatureMethod=HmacSHA256 &SignatureVersion=2 &Version=2011-02-28 &Expires=2011-03-26T07:53:11Z &Action=RunInstances &ImageId=ami-2a1fec43 &SubnetId=subnet-dea63cb7 &Placement.Tenancy=dedicated &MinCount=1 &MaxCount=1 &AWSAccessKeyId=YOUR_ACCESS_ID &Signature=YOUR_SIGNATURE
The response will look something like this example.
<RunInstancesResponse xmlns="http://ec2.amazonaws.com/doc/2011-02-28/"> <requestId>65c0a512-c9ae-4022-9f83-f596fcd002fd</requestId> <reservationId>r-a4337bc9</reservationId> <ownerId>YOUR_OWNER_ID</ownerId> <groupSet/> <instancesSet> <item> <instanceId>i-aca17cc3</instanceId> <imageId>ami-2a1fec43</imageId> <instanceState> <code>0</code> <name>pending</name> </instanceState> <privateDnsName/> <dnsName/> <reason/> <amiLaunchIndex>0</amiLaunchIndex> <productCodes/> <instanceType>m1.small</instanceType> <launchTime>2011-03-26T07:48:13.000Z</launchTime> <placement> <availabilityZone>us-east-1a</availabilityZone> <groupName/> <tenancy>dedicated</tenancy> </placement> <kernelId>aki-407d9529</kernelId> <monitoring> <state>disabled</state> </monitoring> <subnetId>subnet-dea63cb7</subnetId> <vpcId>vpc-11a63c78</vpcId> <privateIpAddress>10.32.16.192</privateIpAddress> <sourceDestCheck>true</sourceDestCheck> <groupSet> <item> <groupId>sg-d39e8dbf</groupId> <groupName>default</groupName> </item> </groupSet> <stateReason> <code>pending</code> <message>pending</message> </stateReason> <rootDeviceType>instance-store</rootDeviceType> <blockDeviceMapping/> <clientToken/> <hypervisor>xen</hypervisor> </item> </instancesSet> </RunInstancesResponse>
Changing Tenancy
You set the tenancy of your instance when you launch it; you set the instance tenancy of your VPC when you create it. The following procedures outline what to do if you must change the tenancy of your instance, or the instance tenancy of your VPC.
To change the tenancy of your instance
Stop the running instance, if it's EBS-backed, using
ec2-stop-instances.Or terminate it, if it's S3-backed, using
ec2-terminate-instances.Launch the instance using
ec2-run-instances.
To change the instance tenancy of your VPC
Terminate all running instances, using the previous procedure.
Delete or detach all objects that are dependent on the VPC. Such objects include security groups and route tables.
Note Understand that deleting your VPC involves deleting all other components related to it. For more information, go to Deleting Your VPC.
Delete the VPC, using
ec2-delete-vpc.
Obtaining Tenancy Information
You can determine the tenancy of the instances and the instance tenancy of the VPCs that you have access to by using the AWS Management Console, the API, or the command line tools.
AWS Management Console
To obtain tenancy information
Open the Amazon VPC console at https://console.aws.amazon.com/vpc/.
In the Navigation pane, click Your VPCs.
A row showing information about your VPC displays Tenancy information.
Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/.
In the Navigation pane, click Instances.
A table showing information about your instances displays Tenancy information.
If Tenancy or other information is not showing up in the VPC or Instances table, click the Show/Hide button on the top-right of the right pane and select the items in the Show/Hide Columns box that you want the console to display. Click Close.
Here is the Show/Hide Columns box for VPCs.
Here is the Show/Hide Columns box for Instances.
Alternatively, for instances, select the instance you want information about in the table on the right pane. A tabbed page opens below the table. The Description tab displays information about your instance.
Command Line Tools
Use the following describe commands to obtain information about instances and VPCs.
ec2-describe-instancesec2-describe-reserved-instancesec2-describe-reserved-instances-offeringsec2-describe-vpcs
API
Use the following describe commands to obtain information about instances and VPCs.
DescribeInstancesDescribeReservedInstancesDescribeReservedInstancesOfferingsDescribeVPCs
