Wednesday, November 2, 2011

Remotely Creating a new AMI

We create a new AMI for every production release, because we want to use auto-scaling to automatically start up new web servers when required. Therefore, our code must already be deployed when the instance starts up.

We are using the Amazon Linux AMI (Beta) as our base image and load our specific environment on top of that. Unfortunately, you cannot remotely create a new AMI from the Amazon base image as is.

These are the steps to modify the /etc/sudoers configuration file, so that a new AMI can be created remotely.

  1. Edit the /etc/sudoers file using the following command:
    sudo visudo
  2. Add the following line to keep the EC2 related environment variables:
    Defaults    env_keep += "EC2_HOME EC2_AMITOOL_HOME AWS_PATH JAVA_HOME"
  3. Modify the following line to add /opt/aws/bin to the secure_path:
    Defaults    secure_path = /sbin:/bin:/usr/sbin:/usr/bin:/opt/aws/bin
  4. If you want to run ssh without the -t option, comment out the following line:
    # Defaults    requiretty
Once you have these settings saved on your base AMI, you can do the following ssh commands from a remote shell script to create a new AMI:
ssh -i YOUR_KEY ec2-user@YOUR_PUBLIC_DNS \
sudo ec2-bundle-vol \
-p YOUR_NAME \
-k YOUR_PK \
-c YOUR_CERT \
-u YOUR_UID \
-r x86_64
ssh -i YOUR_KEY infdevel@YOUR_PUBLIC_DNS \
sudo ec2-upload-bundle \
-b YOUR_BUCKET \
-m /tmp/YOUR_NAME.manifest.xml \
-a YOUR_ACCESS_KEY \
-s YOUR_ACCESS_SECRET
ssh -i YOUR_KEY infdevel@YOUR_PUBLIC_DNS \
sudo ec2-register \
YOUR_BUCKET/YOUR_NAME.manifest.xml \
-n YOUR_NAME \
-K YOUR_PK \
-C YOUR_CERT



Friday, March 25, 2011

ec2-consistent-snapshot for CentOS

I have really appreciated Eric Hammond's articles and tutorials on EC2. Running MySQL on Amazon EC2 with EBS (Elastic Block Store) enabled us to get started using the cloud to deploy our new website. In the past, we have used a replicated server to take MySQL backups, but Eric's article on Creating Consistent EBS snapshots with MySQL and XFS on EC2 encouraged us to try a new approach in the cloud. The only problem is that all of Eric's tools are created for Ubuntu and we are a CentOS shop. The good news is that we were able to get ec2-consistent-snapshot working on CentOS using the following steps:

  1. Upgrade to the latest version of CPAN
    perl -MCPAN -e "install(q{Bundle::CPAN})"
  2. Install the Net::Amazon::EC2 bundle using CPAN
    cpan> install Net::Amazon::EC2
  3. Install the File::Slurp bundle using CPAN
    cpan> install File::Slurp
  4. Install the DBI bundle using CPAN
    cpan> install DBI
  5. If you are running the MySQL-shared-community RPM, remove it and run the shared-compat RPM instead (because perl-DBD-MySQL requires it)
    rpm -e MySQL-shared-community-5.1.55-1.rhel5.x86_64
    rpm -ivh MySQL-shared-compat-5.1.55-1.rhel5.x86_64.rpm
  6. Install perl-DBD-MySQL using yum
    yum -y install perl-DBD-MySQL
  7. Install Net::SSLeay using yum
    yum -y install 'perl(Net::SSLeay)'
  8. Install IO::Socket::SSL using yum
    yum -y install 'perl(IO::Socket::SSL)'
  9. Install Mozilla::CA using cpan
    cpan> install Mozilla::CA
  10. Install ec2-consistent-snapshot

    Obtain the latest ec2-consistent-snapshot "download file" URL from the trunk page.
    pushd /home/ec2/bin
    wget http://bazaar.launchpad.net/~alestic/ec2-consistent-snapshot/trunk/download/head:/ec2consistentsnapsho-20090928015038-9m9x0fc4yoy54g4j-1/ec2-consistent-snapshot
    chmod 755 ec2-consistent-snapshot
    popd
These steps enabled us to get Eric's excellent utility up and running on CentOS. I couldn't find any installation instructions for ec2-consistent-snapshot on a CentOS platform, so we had to come up with these steps by trial and error. After having issues with an older version of CPAN and the compatibility problems between MySQL-shared-community and perl-DBD-MySQL, we would able to finally get this going. If you find any issues with this approach or find a better way, please let me know.