Thursday, July 21, 2016

Setting up an EC2 instance on Amazon AWS using CLI

The basic requirement of doing this exercise is to have a linux environment and latest AWS CLI installed on it

Steps: Follow the steps written below in similar order. These are generalized steps for creating any instance on AWS EC2. At the end output of desired commands are pasted.
  1. Create an account on Amazon Web Services and download rootkey.csv file from Security Credentials section of your account. This is the only step where we will
    interact with GUI. Later steps are to be done from CLI of your Linux-lab.

  2. Login to your Linux-lab and type command aws configure
    Now enter Access Key ID and Secret Access Key from rootkey.csv file and keep Region NameOutput Format on default(You can change if you want)

  3. Let us create a key pair which will be used to create an instance on AWS ec2, You can use command aws ec2 create-key-pair --key-name Mykey --output text > Mykey.pem
    to generate a key pair. Alternatively we can generate a key pair using tool of our choice on host machine (Linux-lab in this case) and import it to the AWS environment

    The commands are as follows;

    I have used OpenSSL to generate a 2048 bit public key

    openssl genrsa -out my-key.pem 2048

    Now let's save this key to a local file

    openssl rsa -in my-key.pem -pubout >

    We can use command cat to find key-material which we will use in next command while import. The Key-material is in between -----BEGIN PUBLIC KEY-----
    and -----END PUBLIC KEY----- which is reasonably large, I have used first few characters of the value.

    Finally we can import the key using below command to our AWS environment

    aws ec2 import-key-pair --key-name my-key --public-key-material MIIEpAIBAAKCAQEA

    Now let's make key pair file private by executing the command below

    chmod go-rwx my-key.pem
  4. It's time to create a security group now. One can also use the default existing security group. We can check existing security groups using command

    aws ec2 describe-security-groups

    The command to create security group is as follows;

    aws ec2 create-security-group --group-name My-Security-Group --description "My-SG-NEW"

    Now we need to set permissions for the created security group so that we can access our instance from almost anywhere. The command to assign the permission is as follows;

    aws ec2 authorize-security-group-ingress --group-name My-Security-Group --protocol tcp --port 22 --cidr
  5. Now we need to find image-ids of OmniOS and any other linux distro which will be deployed on our instances. The two commands used to find those images are shown below;

    aws ec2 describe-images --filter "Name=virtualization-type, Values=paravirtual" | grep OmniOS
    aws ec2 describe-images --filter "Name=virtualization-type, Values=paravirtual" | grep amazon | grep 2015

    I will be creating instances of OmniOS and Amazon linux. I have used above commands to find specific versions of Images to deploy.
  6. As we have everything what we need to start an instance on our AWS ec2 environment, let's create an OmniOS and Amazon linux instances

    The commands are as follows;

    aws ec2 run-instances --image-id ami-20baa741 --count 1 --instance-type t1.micro --key-name my-key --security-groups My-Security-Group
    aws ec2 run-instances --image-id ami-d93622b8 --count 1 --instance-type t1.micro --key-name my-key --security-groups My-Security-Group
  7. We can check status of our started instances. The command to check the status of instances are as follows;

    aws ec2 describe-instances
  8. Now we can connect to our running instances by using below commands

    ssh -i my-key.pem root@publicdomain_of_OmniOS
    ssh -i my-key.pem root@publicdomain_of_amazon_linux
  9. Now to shutdown/stop instances we can use below shown commands;

    aws ec2 stop-instances --instance-ids i-OmniOSID
    aws ec2 stop-instances --instance-ids i-AmznLinuxID

1 comment:

  1. Very helpful blog... I found very useful information on AWS EC2 create instance. Thanks for sharing.