One basic concept that escapes most cloud newbies is the fact that you are accessing a remote resource as if it were local; a very basic yet very powerful concept to understand. When think of how to approach development for the cloud, you could simply ask: What would you do if the node you are accessing is right in your own datacenter?
Amazon EC2 provides all you need to create an ecosystem or environment that allows seamless access to a remote virtual environment. One main difference is EC2’s auto scaling capability, which automatically increases or decreases the number of running Amazon EC2 instances to match demand. Scaling takes place when a metric’s upper or lower boundary threshold is breached for the duration specified by the user’s configuration. In essence, you create low and high water marks that if are breached, the number of machine instances (called Amazon machine images or AMIs) changes.
My previous article focused on the basics of the Amazon EC2 cloud offering. In this article, I will discuss how to actually get started with the EC2 infrastructure. Keeping only to EC2 for AWS newcomers, I will not cover other services that Amazon offers such as MapReduce, Database, and Simple Queuing Service. In fact, this article skips over many of the required steps for using EC2; you should use it only as a general beginner’s guide.
Accessing Amazon EC2 with REST
There are many ways to access EC2, and in this article I will focus on the most basic and platform-independent way: via REST. There are APIs that do the same thing, but I will leave that for future articles. I want to cover REST first because I can use it as the basis to illustrate how things actually work, even though most times a higher-level programming language is used.
One basic assumption here is that you have an account set up already with the proper credentials.
There are a number of classes of Amazon Machine Images:
- Free
- Custom-made ones you make yourself
- Custom-made ones that you pay for
For many grid-type applications (the type I often work with), the vanilla image will do just fine — after all, all you need to do is compute, right? Right!
So I need to construct a REST request that asks for all the available AMIs.
https://ec2.amazonaws.com/?Action=DescribeImages&User.1=amazon&AUTHENTICATOR
This message will find and return all the images owned by Amazon. Amazon also provides an authenticator, which you need to use for access every time. You might get something like the following as the result.
-
ami-be3adfd7 amazon/getting-started available 206029621532 true i386 machine aki-d3376696 ari-e73766a2 amazon getting-started Fedora 8 v1 ec2pnp enabled ebs /dev/sda -
/dev/sda snap-32885f5a 15 false ...
This completely generic sample basically provides all you need to know about the image. What is important is the imageId
, which Amazon will use as the OS to boot up your instances.
Accessing Your Amazon EC2 Instance
The next thing to do is to create a key-pair to be used to access your instance. The concept is the same as the REST request:
https://ec2.amazonaws.com/?Action=CreateKeyPair&KeyName=gsg-keypair&AUTHENTICATOR
You will then need to create a file id_rsa-mykeypair
and paste everything between the two lines in that file, the two lines inclusive.
"-----BEGIN RSA PRIVATE KEY-----"KEY IS HERE"-----END RSA PRIVATE KEY-----"
Make sure you set the proper permissions on the file and make sure that it is in your path.
>>> chmod 600 id_rsa-mykeypair
Amazon now requires you to authorize access to your instance. This is to ensure that you or someone you trust can access these instances. I mostly like to access thru ports 22 (SSH) and 80 (HTTP). I then need these two requests:
https://ec2.amazonaws.com/?Action=AuthorizeSecurityGroupIngress&GroupName=default&IpProtocol=tcp&FromPort=80&ToPort=80&CidrIp=0.0.0.0/0&AUTHENTICATOR
https://ec2.amazonaws.com/?Action=AuthorizeSecurityGroupIngress&GroupName=default&IpProtocol=tcp&FromPort=22&ToPort=22&CidrIp=your-public-ip-address/32&AUTHENTICATOR
The tricky part here is to make sure that you get your public IP address right. If you use a DSL or cable line, the address might change and nothing will work until you resubmit your request; something that has happened to me a number of times.
Let’s start the images.
https://ec2.amazonaws.com/?Action=RunInstances&ImageId=ami-be3adfd7&MaxCount=10&MinCount=2&KeyName=gsg-keypair&Placement.AvailabilityZone=us-west-1a&AUTHENTICATOR
As you can see, I asked Amazon to create at least two instances of the image (given by the image ID) and most 10, depending on the load. I will get two instance IDs in return.
What I require is a dnsName
to access the instance(s). But when you request instances to be started, the dnsName
entries that you get in return are all empty! You can use describeInstances
to get the dnsName
for every instance:
https://ec2.amazonaws.com/?Action=DescribeInstances/&InstanceId=i-2ba64342&AUTHENTICATOR
This will return information about each instance, and part of that is the public IP address that can be used to access the instance(s).
I am now ready to deploy and use!
For more information, be sure to read some of the EC2 documentation that are freely available from Amazon. Much of what I know, learned and showed you here are directly from the documents.