Wednesday, April 18, 2012

replicating an amazon instance to different zones or regions

We have to replicate an amazon ec2 instance running in one zone or  region to other zones for load balancing and high availability. Or you may want to migrate your instance to other region for low latency. We can do this by ec2-migrate-bundle command. First we have to create an image. See this post for creating image of amazon linux instance. Then we have to we create a s3 bucket in the destination zone and migrate the image to the destination bucket. Then we can register ami based on that and create instances.

Tuesday, April 17, 2012

Creating amazon windows ami


We have discussed how to create amazon Linux ami in previous post. Now we will discuss how to create windows ami for a ebs rooted instance. Our previously discussed linux instance was instance stored. Not ebs volume. In this post we will discuss how to create an image, how to create an instance based on that image etc.

Requirements:
Private Key File: pk-PRIVATEKEY.pem
X.509 Certificate File: cert-X509CERT.pem
Administrator password of original windows instance

Preparing the instance:
Clear all log files.
for example, clear Tomcat logs, Apache logs, MySQL logs etc.
Remove all the unnecessary data
Clear temporary files (%temp%)
Clear other temporary backups
Emptying recycle bin
Perform disk cleanup
Defragment the disks
Swipe the free space

Creating the AMI:
Syntax:
ec2-create-image -n image_name instance_id --no-reboot –K pk-PRIVATEKEY.pem -C cert-X509CERT.pem
(Can be run from any Linux terminal)
if we don't give --no-reboot option your original windows instance will reboot while creating the image. To avoid that add --no-reboot option.
The keys pk-PRIVATEKEY.pem and cert-X509CERT.pem should be present in the current directory while running the command.

Example:
[root@hostname ~]# ec2-create-image -n windowstest instance-id --noreboot –K pk-PRIVATEKEY.pem -C cert-X509CERT.pem
IMAGE ami-1234s5
[root@hostname ~]#
IMAGE ami-1234s5 is the AMI-ID of the created AMI.

Checking the availability:
Creating the image may take some time. We can check the availability of the image using the following command.

Syntax:
ec2-describe-images ami-id -o self  –K pk-PRIVATEKEY.pem -C cert-X509CERT.pem

Example:
[root@hostname ~]# ec2-describe-images ami-9122139 -o self –K pk-PRIVATEKEY.pem -C cert-X509CERT.pem
IMAGE ami-1234s5 aws-acc-id/windowstest
aws-acc-id pending private i386 machine windows ebs

Creating new instance based on the AMI we just created:
Syntax:
ec2-run-instances K pk-PRIVATEKEY.pem -C cert-X509CERT.pem -g Basics -k cdnkey ami-ID
-g is for the Security group. We have to specify which security group we are using.
-k is for key type. We have to specify which key type we are using.
Last field is the AMI-ID based on the instance will be created.

Example:
[root@hostname ~]# K pk-PRIVATEKEY.pem -C cert-X509CERT.pem -g Basics -k cdnkey ami-9122139
RESERVATION r-54656 aws-acc-id Basics
INSTANCE i-instance-id ami-9122139 pending cdnkey 0 m1.
small 2012-04-16T11:54:53+0000 us-east-1d windows monitoringdisabled ebs
[root@hostname ~]#

i-instance-id is the Id of the new instance. Password of new instance will be same as the original instance.

Testing the AMI:
After launching the new instance we must check a few things:
Check the following things are same for original and new instances:
Disk usage
Services running
Accessibility of services such as rdp, http, tomcat and mysql
Ensuring mysql database is up-to-date.

Recommended Reading

1. Host Your Web Site In The Cloud: Amazon Web Services Made Easy: Amazon EC2 Made Easy
2. Programming Amazon Web Services: S3, EC2, SQS, FPS, and SimpleDB
3. Middleware and Cloud Computing: Oracle on Amazon Web Services (AWS), Rackspace Cloud and RightScale (Volume 1)

Monday, April 16, 2012

Creating .pem key from .ppk key


You can create .pem key file from a .ppk (putty ssh key) key file. For the you need to download PuttyGen. Click here to read how to create ppk key from pem keys

Download PuttyGen

Run Puttygen and click "load Private key".
























Browse for the .ppk file and fill the password fields if password is needed or keep it blank. Now click on Conversions at the top of the screen and select "Export OpenSSH Key" Or click on save public key.
 





















Save the file as key.pem.
Thats it.

Best Reads:
1. Linux Bible 
2. The Linux Command Line: A Complete Introduction
3. Amazon Web Services For Dummies 

Getting password amazon windows instance

There is a lot of public AMIs are available in amazon for windows. You can just select one windows AMI and launch it. You may be wondering how to get the administrator password of amazon ec2 windows instance. We can decrypt the password from the command line of any linux / unix systems as follows.

Syntax
ec2-get-password instanceId -k key_file -K pk-ABCDEFGHIJKLMN.pem -C cert-DEFGHIJKLMN.pem

instanceId - is the instance id of windows ec2 instance.
pk-PRIVATEKEY.pem is  Private Key File.
cert-X509CERT.pem is X.509 Certificate File

key file can be cdnkey.pem or k.borah or keys like that. Once you run this command it will show the password in the prompt. You can check this link to convert a .ppk key to .pem key.

Recommended Reading

1. Host Your Web Site In The Cloud: Amazon Web Services Made Easy: Amazon EC2 Made Easy
2. Programming Amazon Web Services: S3, EC2, SQS, FPS, and SimpleDB
3. Middleware and Cloud Computing: Oracle on Amazon Web Services (AWS), Rackspace Cloud and RightScale (Volume 1)