6.4 Amazon EC2 Deployment

6.4.1  Amazon EC2 Files

In order to deploy to the Amazon EC2, you must set up a number of things first. This section gives step-by-step instructions, if you have not already signed up to EC2.

The overall EC2 Getting Started Guide has within it the Setting up an Account page.

Use this documentation section for tips, and as a reference for all the different accounts and keys.

1. Create an Amazon Account. This is the one you use to buy books with, and it needs credit card information. The "Setting up an Account" document assumes you already have this.
   
   If you don't yet have an Amazon account, create one. This is the normal web-based logon, with your email address for the account and a password you choose.
   
   Remember the email address and password you use here - this gets you into the Amazon retail store and the AWS services.
2. AWS Account. The Amazon Web Services (AWS) portal page is here.
   
   Create an account at http://www.amazon.com/gp/aws/registration/registration-form.html. This will use your Amazon account for the email address and password.
   
   However, AWS has its own AWS Account Number in the format 'nnnn-nnnn-nnnn'. Setting up an Account tells you how to find this number.
3. AWS Access Identifiers. From the AWS Home page, use the Access Identifiers link. This page describes two types of identifiers - AWS Access Keys and X.509 certificates. You need both.
   1. Access keys. You are automatically assigned your Access Key ID and your Secret Access Key. We'll use '1NBPS61PV6MF2D87AHGR2' as an example of the Access Key ID later.
   2. X.509 Certificate. Create a new X.509 certificate if you need one, or upload an existing one. This step seems to require a valid Amazon account with the first-choice credit card being valid. If this step fails, check that your Amazon account information is correct and that the credit card information is up-to-date.
      
      On the Success page, you will be prompted to save two files - the Private Key file, something like pk-22SAD7AOV4OQPTJPAYRH2XAZTXBULZ2E.pem, and the X.509 Certificate file, e.g. cert-22SAD7AOV4OQPTJPAYRH2XAZTXBULZ2E.pem.
      
      These need to go in the .ec2 directory within your "home directory". On Windows, use %HOME%\.ec2 - you'll probably (a) need to do this from the command line rather than explorer and (b) enclose the filename in quotes, i.e. mkdir "%HOME%\.ec2". On Unix, use ~\.ec2 for the directory.
4. For S3 signup, go to the S3 home page click the "Sign up for Amazon S3" button and use your Amazon account email address and password.
5. For EC2 signup, go to the EC2 home page click the "Sign up for Amazon S3" button and use your Amazon account email address and password.
   
   When you signed up to AWS, you got your AWS account ID. Your EC2 user ID is the AWS account ID with the hyphens removed.
6. Amazon EC2 Tools Setup. In this section you set up the EC2 tools and tell them where to find the X.509 certificate and the EC2 private key.
   
   Go to the EC2 Getting Started Guide page and then use the 'Setting up the Tools' link, which ends up here.
   
   Download the tools as described. The actual download point is here. This talks about downloading the EC2 tools from S3 - the "S3" is just a bit of advertising for S3 - these really are the EC2 tools. The file is ec2-api-tools.zip.
   
   You now need to unzip the tools to a directory. There is some confusion about this directory:
   • in some of the documentation it says to store these in the .ec2 directory in your home directory (item 2 above)
   • in this section of the documentation it says to store them in the EC2 tool directory.
   Both seem to work! We'll call this directory <amazon-ec2-api-tools-install-dir>.
   
   The bottom line of this set-up is you need to set four command-line variables, something like this on Windows - substituting your own directories and filenames:

   set EC2_HOME=<amazon-ec2-api-tools-install-dir> set PATH=%path%;%EC2_HOME%\bin set EC2_PRIVATE_KEY=%HOME%\.ec2\pk-22SAD7AOV4OQPTJPAYRH2XAZTXUBLZ2E.pem set EC2_CERT=%HOME%\.ec2\cert-22SAD7AOV4OQPTJPAYRH2XAZTXUBLZ2E.pem

7. Configure the GigaSpaces tools.
   1. Sign up to GigaSpaces at http://www.gigaspaces.com/ec2signup
      
      This will result in an email being sent to you with a GigaSpaces cloud license code in it.
   2. Download GigaSpaces Cloud Tools.
      
      Download the following zip file and extract
      http://www.gigaspaces.com/tempfiles/ec2/gigaspaces-cloud-tools-v2.0.0-beta.zip
      
      The following discussion assumes you unzip this into C:\gigaspaces-cloud-tools.
   3. GigaSpaces Access Key ID.
      
      Create a file called 'key.txt' in C:\gigaspaces-cloud-tools\default-settings\keys.
      This is to hold your public key for encryption. The value must be equal to your AWS Access Key ID from step 3.
      Make sure there is no whitespace (spaces or newlines) before or after the Key string
      - so just '1NBPS61PV6MF2D87AHGR2'.
      
      Do the same thing for the Secret Access Key (see step 2.2) using the file name secret-key.txt
      ... so create \gigaspaces-cloud-tools-v2.0.0-beta\default-settings\keys\secret-key.txt.
      Again make sure there is no extraneous whitespace.
      
      When you first download it, the file C:\gigaspaces-cloud-tools\default-settings\gslicense.xml looks like this
      

      <com> <j_spaces> <kernel> <licensekey>Aug 21, 2009~GigaSpaces Eval Cloud </kernel> </j_spaces> </com>

      Replace the value with the license key cloud license secret-key from the email GigaSpaces sent you.
      
   4. Adding ports to EC2 security groups
      
      Add ports 22, 80, 442 to your EC2 security groups. This is done with the Amazon EC2 tools (from step 3)

      <amazon-ec2-api-tools-install-dir>\bin\ec2-authorize default -p 22 <amazon-ec2-api-tools-install-dir>\bin\ec2-authorize default -p 80 <amazon-ec2-api-tools-install-dir>\bin\ec2-authorize default -p 443

      Port 22 - used for https communication
      Port 80 - used for deploying the GigaSpaces Web Management Center and the Ganglia monitoring tool
      Port 443 - used for secured http.
8. Starting the Cloud.
   
   If the Deployment Option target is set to 'Amazon EC2', the following structure will be generated.
   
   
   
   Three files are created and are described below. They all make use of GigaSpaces deployment tools.
   • cloud-config.xml - The cloud configuration file
   • deployToCloud.cmd - Organises the jar files and calls gs-launch-cloud.cmd
   • deployToCloud_Shutdown.cmd - Stops the cloud deployment calling gs-shutdown-cloud.cmd
   
   To deploy the data-example into the cloud open a cmd box, change directory to
   <CongestionChargeSystem>\deployment\deployToCloud\
   

   deployToCloud.cmd

   The log output will look something like the example shown below.

   OUTPUT FROM THE LOG ------------------------------------------------------------------------- - Gigaspaces Cloud Tools v2.0.0 Beta - loading Config File : ..\deploy\CongestionChargeSystem\cloud-config.xml - loading Config File : C:/cloud/bin/../default-settings/cloud-config.xml - Command: createCloud - Cloud name: data-example-ian - Number of args: 0 : [] - AMI: ami-6adc3803 Type: small - Cloud Keys Validated. - Gigaspaces License Validated. - Deleted cloud data from repository - Running Instances - Number of GSM machines : 1 - Number of GSM per machine : 1 - Number of GSC machines : 3 - Number of GSC per machine : 2 - Number of GSC to wait before we deploy : 6 - Using Load balancer : null - Using Database : false - Putting Jars in Repository . - Time: 2sec - Waiting for Cloud GSM to start ........................................................... - Time: 204sec - Could not find existing UI machine - starting up a new one - Using GSM running on:domU-12-31-39-00-C6-45.compute-1.internal ........................................................... - Time: 198sec - Ui machine public dns = ec2-75-101-193-110.compute-1.amazonaws.com - Waiting for Cloud GSC to start ... - Time: 5sec - Cloud GSM started successfully on the following machine IP: - domU-12-31-39-00-C6-45.compute-1.internal - GSM Public Dns: ec2-75-101-183-185.compute-1.amazonaws.com - Cloud GSCs started successfully on the following machines IP: ec2-75-101-230-41.compute-1.amazonaws.com ec2-75-101-240-115.compute-1.amazonaws.com ec2-67-202-31-176.compute-1.amazonaws.com - Waiting for ui web server to start. .. - Time: 5sec - Time: 31sec - UI server is ready - Deploying Processing Units. .............................. - Time:74sec - - instance id , type , public dns i-1901af70 , gsm , ec2-75-101-183-185.compute-1.amazonaws.com i-1b01af72 , gsc , ec2-75-101-230-41.compute-1.amazonaws.com i-1a01af73 , gsc , ec2-75-101-240-115.compute-1.amazonaws.com i-1d01af74 , gsc , ec2-67-202-31-176.compute-1.amazonaws.com i-901eb0f9 , ui , ec2-75-101-193-110.compute-1.amazonaws.com -------------------------------------------------------------------------

9. Shutting Down
   
   To shutdown the data-example into the cloud open a cmd box, change directory to <CongestionChargeSystem>\deployment\deployToCloud\ and run the command

   deployToCloud_Shutdown.cmd

   Your accountant will be very glad to hear you have shut down the cloud. Because if you don't, you will be charged by the instance-hour. !!!
10. Monitoring
    
    As noted above, there are a number of options for monitoring tools.
    GigaSpaces Management tool is the one we used and it is the one you see on a GigaSpaces course.
    
    Other tools include:
    • Firefox Organizer - to view deployment repository
      https://addons.mozilla.org/en-US/firefox/addons/policy/0/3247/20757
    • Firefox ElasticFox - monitors active instance
      http://developer.amazonwebservices.com/connect/entry.jspa?externalID=609
    • Gangalia - monitoring system for clouds
      http://ganglia.info/