Scalability and Reliability
Why a Single Instance Is Not Production
Everything you have built in this lab is a single point of failure. If the instance’s underlying host hardware fails, the instance fails with it. If the Availability Zone experiences a disruption, your workload is down. AWS’s shared responsibility model means they are responsible for the physical infrastructure, but you are responsible for designing for failure.
The production pattern that builds directly on what you have learned here is an Auto Scaling Group (ASG) with a Launch Template. A Launch Template is essentially a codified version of the choices you made during instance launch — AMI, instance type, key pair, security group, IAM instance profile. An ASG uses that template to maintain a desired number of instances across multiple Availability Zones. When an instance fails a health check, the ASG replaces it automatically.
For stateless compute — web servers, API handlers, workers — this is the standard production architecture. You are not far from it. The primary additions would be a Launch Template replacing the manual launch wizard, an ASG with multi-AZ placement, and an Application Load Balancer in front.
What Happens When Your IP Changes
If you close your laptop, connect to a different network, or restart your router, your public IP address may change. When that happens, your SSH connection to this instance will become impossible — the security group will deny your new IP.
This is an intentional consequence of a correctly scoped rule. The fix is straightforward: update the security group inbound rule with your new /32 IP. What you should not do is open the rule to a broad range like 10.0.0.0/8 or 0.0.0.0/0 as a convenience measure. In production this is solved architecturally — either through Session Manager (no inbound rules at all) or through a VPN whose exit IP is static.
In this section, I confirmed:
0 of 3 completed