Basic information
Amazon has made every action available in their web interface available as an API to developers or for sysadmins. They have many different bundles depending on what your needs are. To modify Route 53 DNS there will be one package, for load balancing another, for VPC work yet another, etc. Each tool has a different install method. Some have RPMs but most are in ZIP format.
This tool gives you very basic abilities for AMI creation for example:
http://s3.amazonaws.com/ec2-downloads/ec2-ami-tools.noarch.rpm
http://ec2-downloads.s3.amazonaws.com/AutoScaling-2011-01-01.zip
For a complete list of available tools visit: FIXME
0.1. Pre-configuration
Before we begin we need to configure your security group as you want. There are ways to do this via the ec2-tools but it's much more complicated and takes many steps. If you wish to proceed with that their documentation is excellent and details all the moving parts. There are instructions for security group setup here:
These rules supersedes the rules for iptables, etc on your instances. If you want to allow SSH access for instance you'll need to make sure that TCP port range 22 is open to whatever you want. The typical setup would be 0.0.0.0/0
Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/.
- Click Security Groups in the Navigation pane.
- The console displays a list of security groups that belong to the account.
- Select an EC2 security group.
- Its rules appear on the Inbound tab in the lower pane.
For any of the tools, you will need your AWS key and to import your public SSH key. You can get that by following these steps:
Go to the Amazon Web Services website at http://aws.amazon.com.
- Click My Account/Console, and then click Security Credentials.
- Under Your Account, click Security Credentials.
- In the spaces provided, type your user name and password, and then click Sign in using our secure server.
- Under Access Credentials, on the Access Keys tab, your access key ID is displayed. To view your secret key, under Secret Access Key, click Show.
- Click on the Key Pairs tab then click on Upload Your Own Key Pair.
Choose File and the browse to your id_rsa.pub file. On Linux machines this is /home/username/.ssh/id_rsa.pub.
yum install java-1.7.0-openjdk
0.2. Creating instance
Navigate to https://console.aws.amazon.com/ec2/home
- Click on Launch Instance.
- Follow the steps through. The only thing that really matters is that you set the key to the one you uploaded previously.
If you have questions, they have excellent documentation at http://docs.amazonwebservices.com/AWSEC2/latest/GettingStartedGuide/Welcome.html
0.3. Logging in
You will need to grab the public IP name of your instance.
Navigate to https://console.aws.amazon.com/ec2/home
- Click on Instances
- Click on the instance you created, scroll down to the public DNS and then copy that.
The default username for all CentOS cloud images is centos
In a terminal session ssh public DNS name using the above mentioned user
0.4. Install
Until these instances are packaged properly, I recommend /usr/local/bin/ placement. Each archive will unzip as a directory and that needs to be added to your path. The most important set of utilities is at the download link in here. This lets you modify most of your EC2 environment.
http://aws.amazon.com/developertools/351
cd /usr/local/bin wget http://s3.amazonaws.com/ec2-downloads/ec2-api-tools.zip unzip ec2-api-tools.zip mv ec2-api-tools-* /usr/local/bin/ec2-api-tools
cd /usr/local/bin wget http://s3.amazonaws.com/ec2-downloads/ec2-ami-tools.zip unzip ec2-ami-tools.zip mv ec2-ami-tools-* /usr/local/bin/ec2-ami-tools
Now unless you want to run every command out of that directory it’s best to add that path and some necessary variables to your bash_profile. Keep in mind if you plan on using multiple users, you will need to repeat this for each. As root will be on each system I will use that as an example:
0.5. Configuration
vim /root/.bash_profile
This will appear at the bottom.
PATH=$PATH:$HOME/bin export PATH
Change that to:
export JAVA_HOME=/usr export EC2_HOME=/usr/local/bin/ec2-api-tools export EC2_AMITOOL_HOME=/usr/local/bin/ec2-ami-tools PATH=$PATH:$HOME/bin:$EC2_HOME/bin:$EC2_AMITOOL_HOME/bin export PATH
:wq to save and quit. You’re done. If you want to go ahead and run utilities you will need to authenticate first. To do that take the info you snagged before starting this and type it in:
export AWS_ACCESS_KEY=`your_AWS_ACCESS_KEY_ID` export AWS_SECRET_KEY=`your_AWS_SECRET_KEY`
If you want to have that saved and available every session - and note the glaring security implications - set it in your bash_profile:
vim /root/.bash_profile
append to the very end:
export AWS_ACCESS_KEY=your_AWS_ACCESS_KEY_ID export AWS_SECRET_KEY=your_AWS_SECRET_KEY
To make this work you'll need to log out and back in again, or:
source /root/.bash_profile
What now?
Okay, so you have your instances configured and tools available. Here's a couple of basic things you might want to do.
0.1. Launch new instance
Save the name of the key you created before from
ec2-describe-keypairs
If you have an instance shared with you or one that you want to use specifically:
ec2-describe-images
If you don't, snag one from here. Locate the AMI of the instance you want to copy from http://wiki.centos.org/Cloud/AWS.
ec2-run-instance ami-0861da61 -n 1 --availability-zone us-east-1a -k `key`
SSH into the public IP of the create instance and you're good to go!
0.2. Terminate instance
This means nuke the instance. If you don't have persistent storage set, you will lose all data on the instance.
ec2-describe-instances
Snag the instance id (it will start with i-).
ec2-terminate-instance `instance id`.
0.3. Shutdown instance
ec2-describe-instances
ec2-stop-instance `instance id`