Amazon Web Services AWS

Setting Up Your Environment

Creating an AWS account is pretty straightforward. Go to the AWS website and click the Sign Up Now button. You can use an existing Amazon account to sign up for AWS. When you start actually using the services, Amazon provides a free usage tier for every service, which lasts for a year after signup. For example, it’s possible to use a micro instance for free for 750 hours a month. For S3 storage, the limit is 5 GB. Also, services like SQS and SimpleDB offer some free space to play around with. After you have used up your free tier, a micro instancewill cost you only about US$0.02 per hour. Remember to stop the instances when you are not using them, and you will have a lot of resources to use for experimenting.

Command-Line Tools

You can use the AWS Console to configure your environment or use the command line tools. The AWS Console is a graphical environment, but the command line tools have the advantage that you can create scripts to automate configuration of the AWS environment. Download the EC2 API tools, and the RDS Command Line Toolkit. Running the command-line tools is not difficult if you set up the environment properly. Accessing AWS is safe; it is protected in a couple of different ways. There are three types of access credentials (you can find these in the Account section if you look for Security Credentials:

We can ask AWS to create our X.509 certificates and immediately download both the access key ID and the secret access key.

With your downloaded certificates, you can set the environment variables. For this, create a bash script called initaws like the one listed below (for Windows, we would have created a BAT script). Replace the values of the variables with the locations of your Java home directory, EC2, and RDS command-line tools, the directory where you downloaded your key, and your secret keys:

#!/bin/bash export JAVA_HOME=/System/Library/Frameworks/JavaVM.framework/Versions/1.6.0/Home
export EC2_HOME=/Users/arjan/src/ec2-api-tools-1.3-46266
export AWS_RDS_HOME=/Users/arjan/src/RDSCli-1.1.005
export PATH="$EC2_HOME/bin:$AWS_RDS_HOME/bin:$PATH"
export EC2_KEY_DIR=/Users/arjan/.ec2
export EC2_PRIVATE_KEY=${EC2_KEY_DIR}/pk-4P54TBID4E42U5ZMMCIZWBVYXXN6U6J3.pem
export EC2_CERT=${EC2_KEY_DIR}/cert-4P54TBID4E42U5ZMMCIZWBVYXXN6U6J3.pem

set JAVA_HOME="C:\Program Files\Java\jre6"
set EC2_HOME=C:\AWS\ec2-api-tools\ec2-api-tools-1.3-62308
set EC2_PRIVATE_KEY=c:\aws\pk-XUSF3YX32DTZWSBHEIENR24EANXCXUBA.pem
set EC2_CERT=c:\aws\cert-XUSF3YX32DTZWSBHEIENR24EANXCXUBA.pem
set PATH=%PATH%;C:\AWS\ec2-api-tools\ec2-api-tools-1.3-62308\bin

Other tools

With the AWS Console and the command-line tools, we have nearly everything we need. The only thing missing is something to help us monitor and fix problems when they arise. We prefer to use Amazon CloudWatch, though, and the only thing we need is simple monitoring

Region and availability zone

First thing is choosing a region where our servers will live. At this moment, we can choose from the following: • EU West—Ireland (eu-west-1) • US East—Northern Virginia (us-east-1) • US West—California (us-west-1) • Asia Pacific—Singapore (ap-southeast-1) US East is the default region, and slightly less expensive than the others, so it’s the best option for us.

Every region has a number of availability zones. These zones are designed to be physically separated but still part of one data network. The purpose of different availability zones is to make your infrastructure more resilient to failures related to power and network outages. At this point, we will not be utilizing this feature.

Creasting a key pair

A key pair is one of the ways AWS handles security. It is also the only way to get into your fresh instance the first time you launch it. You can create a Secure Shell (SSH) key pair and pass it on to the instance you launch. The public key will be stored in the instance in the right place, while you keep the private key to log in to your instance. You can create a key pair through the AWS Console. Go to Key Pairs and click Create Key Pair. Give it a name and store the downloaded private key somewhere safe you won’t be able to download it again.

Choosing an Amazon Machine Image(AMI)

There are many AMIs. You can choose between Linux and Windows. The advantage of Linux is that the free tier is only applicable for Linux. Therefore we choose a Linux based OS: CentOS. We choose an AMI provided by RightScale. We plan to use a micro instance (lowest cost) and choose the 32bit version RightImage_CentOS_5.6_i386_v5.7 [rev 5].

There are two different kinds of AMIs. The “old” kind of AMI is stored on S3. Launching an instance from an S3-backed AMI (as they are called) gives you an instance with the root device in the machine itself. This is a bit abstract, but remember that devices that are part of the instance itself are gone when the instance is gone. AWS uses the term ephemeral storage for these devices. This is also the reason why instances launched from an S3-backed AMI cannot be stopped and started; they can only be restarted or terminated.

The other, newer kind of AMI is stored in EBS. The most important difference for now is that the root device is not ephemeral anymore, but an EBS volume will be created that can survive the instance itself. Because of this, an EBS-backed instance can now be stopped and started, making it much easier to use the instance only when you need it. A stopped instance does not cost you anything apart from the EBS storage used. (EBS will be described in detail later.)

When each instance starts, it is automatically allocated a public IP address and externally accessible DNS name. An example of one of these is:

ec2-175-41-165-223.ap-southeast-1.compute.amazonaws.com

As you can see, this is based on the publically accessible IP address of your newly created instance, and includes the availability zone and region that your instance is running in. Every time the instance is stopped, this IP address vanishes as well—not really ideal. AWS’ solution is the use of Elastic IPs (EIPs). You can request an EIP and assign it to your instance every time you start/launch it again, so you always keep the same IP address. For now, you can assign only one EIP per instance. The interesting thing about EIPs is that they are free only when used, a nice incentive not to waste resources. In case you plan to send mail,an EIP also gives you the opportunity to ask AWS to lift email restrictions.

An EC2 instance comes with local disk storage. This storage lives as long as the instance lives. For EBS-backed instances, this means it persists when stopped, but vanishes when terminated. It also means it is gone when the instance unexpectedly dies. To persist this local disk storage, we have two options: one way is to create an image based on the instance, and the other way is to use EBS volumes. An image is immutable, which means changes to the instance after the image has been created do not change the image. An EBS volume, however, is independent. You can attach an EBS volume to only one instance at a time. Another interesting feature of EBS volumes is that you can take incremental snapshots.

Services

AWS offers numerous services. Start the AWS Console