I am using ec2-api-tools with Ubuntu Lucid to connect and manage my Ubuntu Server on Amazon Web Services.
I followed closely the Ubuntu EC2 Starters Guide:
First one needs to install the ec2-api-tools
sudo aptitude install ec2-api-tools
The following requires that one has registered with AWS and has downloaded a keypair to the local computer. In order to use the ec2-api-tools from the shell one has to follow the EC2 Starter Guide to set up the private key in order to connect to ones AWS account.
Make sure you have the following environment variables set up in your shell profile. This is accomplished by adding the following lines to your ~/.bashrc if you use bash as your shell:
export EC2_PRIVATE_KEY=$HOME//pk-XXXXXXXXXXXXXXXXXXXXXXXXXXXX.pem
export EC2_CERT=$HOME//cert-XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX.pem
export JAVA_HOME=/usr/lib/jvm/java-6-openjdk/
Having installed the ec2-api and set up the environment variables correctly one can look for one of the official Ubuntu Server Images published by Cannonical. The owner ID of Cannonical at AWS is 099720109477 so looking up only those Webservers reduces the flood of output:
ec2dim -o 099720109477
This was what I am interessted in:
- Ubuntu Lucid 10.04 webserver
- 32-bit architecture
- Elastic Block Store Image (EBS), which can be saved as a snapshot; I want to keep my configurations, when I terminate the server.
So to have a look at what is matching those criteria
ec2dim -o 099720109477 | grep 10.04-i386 | grep ebs | cut -f 2,3
At the time of writing the output was
ami-714ba518 099720109477/ebs/ubuntu-images/ubuntu-lucid-10.04-i386-server-20100427.1
ami-1234de7b 099720109477/ebs/ubuntu-images/ubuntu-lucid-10.04-i386-server-20100827
ami-6c06f305 099720109477/ebs/ubuntu-images/ubuntu-lucid-10.04-i386-server-20100923
The first record (e.g. ami-714ba518) is the image-ID of the instance which becomes important to start or stop the instance for oneself. The list gets constantly longer as Cannonical releases updates.
ami-6c06f305 was the latest release(2010/09/23) at the time of writing.
To check if the keys are ok
ec2dkey
Get keypair in case you have not done so before. Note: the name ‘ec2-keypair’ is arbitrary – choose what you like:
ec2addkey ec2-keypair
I downloaded the key to some folder on the local computer from the AWS site (open http://aws.amazon.com in your browser and sign in).
Here the ec2-api did not work for me: ‘ec2addkey ec2-keypair > ec2-keypair.pem’ as suggested in the EC2 Guide did not work! The problem seemed to be that the suggested code
ec2addkey ec2-keypair pasted the fingerprint on top of the key and the resulting file was then rejected.
Correct the permission for the keypair, so nobody else without superuser rights can access them (and so your EC2 account)
chmod 600 ec2-keypair.pem
Now open selected ports in your security setup for access with secure-shell, ftp, html and whatever you might want to set up:
For ssh (port 22)
ec2-authorize default -p 22
Open port 80 to access the apache2 server
ec2-authorize default -p 80
Open port 21 to access the ftp server
ec2-authorize default -p 21
Now we can start an instance. Remember the image-ID from above (ami-6c06f305)
ec2run ami-6c06f305 -k ec2-keypair
Note that it says just ‘ec2-keypair’ *without* ‘.pem’ extension. Important. The ec2run command without further options starts a ‘small’ instance.
Run ‘ec2din’ to get the external ip and the instance number. You need them for connecting via secure-shell and terminating the instance:
exip=`ec2din | grep INSTANCE | cut -f 4'`
inid=`ec2din | grep INSTANCE | cut -f 2'`
Of course you can as well just run ec2din and remember the external IP and the instance ID.
Connecting to the server
ssh -i ec2-keypair.pem ubuntu@$exip
Note, that you always connect as user ‘ubuntu’. If you did not initialize the ‘exip’ variable mentioned in the last step you would have to add the external IP manually, like
ssh -i ec2-keypair.pem ubuntu@75.101.240.200
On first time start one might want to add lamp-server and other desired services:
sudo tasksel install lamp-server
aptitude install vsftpd ddclient
If you registered with a dynamic DNS service like DynDNS and setup ddclient correctly you could also do
ssh -i ec2-keypair.pem ubuntu@yourname.dyndns.com
I will comment on this in another post.
Remember: in order to get apache2 up/down/restarted
sudo /etc/init.d/apache2 stop
sudo /etc/init.d/apache2 start
sudo /etc/init.d/apache2 restart
The server is terminated by
ec2kill $inid
Rforge 