Developing Web Apps on Amazon AWS EC2 with Mac OS XPosted on November 13th, 2011 No comments
I recently set aside an hour to read Robert Sosinski’s blog Starting Amazon EC2 with Mac OS X. What a fantastic guide that is! Thanks, Robert!
Hopefully he won’t mind my slightly modified mirror, below.
Starting Amazon EC2 with Mac OS X
Amazon EC2 (Elastic Cloud Compute) is now one of the top choices for cloud-based deployment. With EC2, you can ramp up to a massive server farm in a matter of minutes, while scaling back down to a single server when things calm down. The benefits are obvious, as you only pay for what you need and you have access to more computing power right when you need it.
EC2 works on the idea of server instances. You start with building one instance, which costs as low as a few cents per hour of operation, and you can even start free (with a t1 micro for a month!).
An instance acts just like a dedicated machine, with full root access and the ability to install any software you choose. You can chose from a variety of sizes and operating systems. An m1.small instance, for example, comes with some pretty competitive system specs including:
1.7 Ghz Xeon CPU
1.75 GB of RAM
160 GB of local storage
250 MB/s network interface
If your first instance gets some heavy traffic, EC2 can build another one automatically for another few cents an hour. Turnkey infrastructure has never been better.
First off, you have to set up your computer so you can connect to and administer your Amazon EC2 account.
If you don’t already have an account at Amazon.com, create one now.
1. Log into your Amazon.com account and then click over to the Amazon AWS subdomain and sign up for EC2. It will be linked to your Amazon.com account.
2. Once signed up, hover over the yellow “Your Web Services Account” button. Here, you should select the “AWS Access Identifiers” link.
3. Login, if prompted.
4. Select the “X.509 certificates” link.
5. Click on the “Create New” link. Amazon will ask you if you are sure, say yes. Doing so will generate two files.
A PEM encoded X.509 certificate named something like cert-xxxxxxx.pem
A PEM encoded RSA private key named something like pk-xxxxxxx.pem
6. Download both of these files.
What is PEM?
PEM (Privacy Enhanced Mail) is a protocol originally developed to secure email. Although rarely deployed for its indented purpose, it’s encoding mechanism for generating certificates is used for quite a few web services including Amazon EC2, PayPal Web Payments Pro and SSH Key Pairs.
7. Download the Amazon EC2 Command-Line Tools.
8. Open the Terminal, go to your home directory, make a new ~/.ec2 directory and open it in the Finder.
$ mkdir .ec2
$ cd .ec2
$ open .
9. Copy the certificate and private key from your download directory into your ~/.ec2 directory.
10. Unzip the Amazon EC2 Command-Line Tools, look in the new directory and move both the bin and lib directory into your ~/.ec2 directory. This directory should now have the following:
The cert-xxxxxxx.pem file
The pk-xxxxxxx.pem file
The bin directory
The lib directory
11. Now, you need to set a few environmental variables. To help yourself out in the future, you will be placing everything necessary in your ~/.bash_profile file. What this will do is automatically setup the Amazon EC2 Command-Line Tools every time you start a Terminal session. Just open ~/.bash_profile in your text editor and add the following to the end of it:
# Setup Amazon EC2 Command-Line Tools
export EC2_PRIVATE_KEY=`ls $EC2_HOME/pk-*.pem`
export EC2_CERT=`ls $EC2_HOME/cert-*.pem`
12. As you made some changes to your ~/.bash_profile file, you will need to reload it for everything to take effect. Run this:
$ source ~/.bash_profile
Creating and Connecting to a Server Instance
Launching an EC2 Instance from the Command Line on Mac OS X
Now that your computer is set up to work with EC2, it is time to make your server instance.
1. Type this into the Terminal.
$ ec2-describe-images -o amazon
What does the -o option do?
The -o option stands for owner. In this example, you are asking EC2 to describe the images that belong Amazon. To see every image available, give the -a option instead.
2. After a short wait, you will be given a list of available images which should look something like this.
IMAGE ami-20b65349 ec2-public-images/fedora-core4-base.manifest.xml
IMAGE ami-22b6534b ec2-public-images/fedora-core4-mysql.manifest.xml
IMAGE ami-23b6534a ec2-public-images/fedora-core4-apache.manifest.xml
IMAGE ami-25b6534c ec2-public-images/fedora-core4-apache-mysql.manifest.xml
IMAGE ami-26b6534f ec2-public-images/developer-image.manifest.xml
IMAGE ami-2bb65342 ec2-public-images/getting-started.manifest.xml
IMAGE ami-36ff1a5f ec2-public-images/fedora-core6-base-x86_64.manifest.xml
IMAGE ami-bd9d78d4 ec2-public-images/demo-paid-AMI.manifest.xml
Note that you can also do something like
$ ec2-describe-instances -a > ami-list-2011-11.txt
and then search the generated text file for platforms you might need, such as magento or wordpress:
$ cat ami-list-2011-11.txt | grep magento
3. Lets create something simple for now, a Fedora Core 4 machine with Apache. To do this, we need to generate a keypair. This keypair will supply the credentials we need to SSH (Secure Shell) into our server instance. To make a new keypair named ec2-keypair, type the following:
$ ec2-add-keypair ec2-keypair
4. This will create a RSA Private Key and then output it to the screen. You are going to copy this entire key, including the —–BEGIN RSA PRIVATE KEY—– and —–END RSA PRIVATE KEY—– lines to the clipboard. Now, go into your ~/.ec2 directory, make a new file called ec2-keypair, open it in your text editor, paste the entire key and save it.
5. Next, it is important to change the permissions of your keypair file, or else EC2 will not let you connect to it via SSH. To do this, just type the following in your ~/.ec2 directory:
$ chmod 600 ec2-keypair
6. Time to create your new machine. Ensure you are in your ~/.ec2 directory and type the following, substituting “ami-23b6534a” with the id of the image you wish to create.
NOTE: It is important to understand that once you tell EC2 to start creating your server instance, you will start paying 10 cents every hour until you terminate it.
$ ec2-run-instances ami-23b6534a -k ec2-keypair
RESERVATION r-xxxxxxxx xxxxxxxxxxxx default
INSTANCE i-xxxxxxxx ami-23b6534a pending ec2-keypair
7. It may take a bit for EC2 to start your new machine, but you can always check its status by typing:
RESERVATION r-xxxxxxxx xxxxxxxxxxxx default
INSTANCE i-xxxxxxxx ami-23b6534a ec2.compute-1.amazonaws.com
8. Great, your instance is up and running. Take note of your server’s web address (ec2-xx-xxx-xx-xx.compute-1.amazonaws.com) and ID (i-xxxxxxxx) as you will need both of these later in this tutorial. If you forget them, you can always type the ec2-describe-instances command again. Now, lets prep our server by enabling port 22 for SSH access and port 80 so Apache can serve web pages.
$ ec2-authorize default -p 22
PERMISSION default ALLOWS tcp 22 22 FROM CIDR 0.0.0.0/0
$ ec2-authorize default -p 80
PERMISSION default ALLOWS tcp 80 80 FROM CIDR 0.0.0.0/0
9. This is the moment you have been waiting for, connecting to your new machine. Open a new web browser window and type in your instance’s web address. You should now see an Apache welcome page.
10. Fantastic, your instance is serving the Apache test page. Now, lets SSH into the machine and check it out. Ensure you are in your ~/.ec2 directory as you will need your ec2-keypair file.
$ ssh -i ec2-keypair email@example.com
11. SSH will ask you if you are sure you want to connect. Just enter yes and you should be connected to your server instance.
__| __|_ ) Rev: 2
_| ( /
Welcome to an EC2 Public Image
__ c __ /etc/ec2/release-notes.txt
Terminating Your Server Instance
Keep in mind that you are still on the meter. Because of this, you should shut down your server instance if you do not plan on using it.
1. Enter the terminate command with your server’s instance ID.
$ ec2-terminate-instances i-xxxxxxxx
INSTANCE i-xxxxxxxx running shutting-down
2. Take a look to see if everything is terminated.
RESERVATION r-xxxxxxxx xxxxxxxxxxxx default
INSTANCE i-xxxxxxxx ami-23b6534a terminated
3. Done and done.
Now that you have an intro to using Amazon EC2 instances on Mac OS X, in step 7 above, you installed the tools. Check out the Amazon AWS Command Line Tools API for all the various ways you can monitor your EC2 instances and other AWS services from the command line. Here are a few more resources:
- AWS EC2 API Documentation
- Finding a suitable AMI – Amazon Machine Image
- Generating a new SSH Key-pair
- Launching an Amazon EC2 Instance
- You can even Launch EC2 Instance via the web with an HTTP Query
Amazing stuff, and more affordable than you might think. See Reserved Instances.
When starting instances, be sure to take note of the Availability Zone you’re starting your instance in. If you end up creating more servers, for example, an Apache server, a MySQL server, a Memcache or Redis Server, you’ll want to make sure you start them all in the same availability zone to avoid unecessary charges and security group headaches. More about AWS Availability Zones and AWS Security Groups over at Rightscale.
Leave a reply