Basic Labs
Table of Contents
This report documents lap exercises for basic AWS technologies."
1 Prerequisites
These labs require an IAM User that is allowed for programmatic access to AWS services from a local workstation.
Furthermore, I need an installation of the AWS CLI that is configured for programmatic AWS access.
I test it with a simple S3 API call to list all buckets.
2 EC2 Instance start with CLI
In this lab I want to set up a simple EC2 instance with the command line interface. I will use the "user data" to set up an Apache Web server, and I initialize the index page with meta-data of this instance.
The following diagram gives an overview of this lab.
Figure 1: Basic EC2 Lab Overview
The relevant AWS documentation can be found at Using Amazon EC2 with the AWS CLI - AWS Command Line Interface
2.1 Setup the environment
In this step I want to configure the AWS command line interface and define some variables.
### Setup # set profile and configure export AWS_PROFILE=anwi-labs export AWS_PAGER="" aws configure # Test CLI aws s3 ls ### Define some variales export PROJECT_NAME=anwi-labs-basic export PROJECT_HOME=~/org/aws-labs cd $PROJECT_HOME
2.2 Key Pair for SSH Login
In this step I create a key pair that I can use to log into the EC2 instance.
### Create a key-pair aws ec2 create-key-pair --key-name anwi-labs-basic --query 'KeyMaterial' --output text > ~/.aws/anwi-labs-basic.pem cat ~/.aws/anwi-labs-basic.pem chmod 400 ~/.aws/anwi-labs-basic.pem aws ec2 describe-key-pairs --key-name anwi-labs-basic ## Delete the key-pair #aws ec2 delete-key-pair --key-name awni-labs-basic #rm -f ~/.aws/anwi-labs-basic.pem
2.3 Security Group and Instance Start
In this step I create a security group and start the instance. This step requires a user data script in the same directory.
### Create security group aws ec2 create-security-group --group-name anwi-labs-basic-sg --description "Security group for aws basic labs" # get Group ID export SG_GROUP_ID=$(aws ec2 describe-security-groups --group-names anwi-labs-basic-sg | grep GroupId | perl -ne 'print "$1\n" if /"(sg-.*)"/') echo $SG_GROUP_ID ## Create Rules aws ec2 authorize-security-group-ingress --group-id $SG_GROUP_ID --protocol tcp --port 22 --cidr 0.0.0.0/0 aws ec2 authorize-security-group-ingress --group-id $SG_GROUP_ID --protocol tcp --port 80 --cidr 0.0.0.0/0 aws ec2 describe-security-groups --group-names anwi-labs-basic-sg ### Start EC2-Instance #Amazon Linux 2 AMI (HVM), SSD Volume Type - ami-03c3a7e4263fd998c (64-bit x86) aws ec2 run-instances \ --image-id ami-03c3a7e4263fd998c \ --count 1 \ --instance-type t2.micro \ --key-name anwi-labs-basic \ --security-group-ids $SG_GROUP_ID \ --tag-specifications 'ResourceType=instance,Tags=[{Key=Name,Value=anwi-labs-basic-ec2}]' \ --user-data file://user-data-basic.sh
2.4 Check Instances
In this step I check if the instance is running. I also look for other instances in other states.
## Check Instances # Check running instance aws ec2 describe-instances --filters Name=instance-state-name,Values=running | egrep "KeyName|LaunchTime|PublicIpAddress|InstanceId|\"Name\"" # Check all instances aws ec2 describe-instances --filters Name=instance-state-name,Values=running,terminated,stopped | egrep "KeyName|LaunchTime|PublicIpAddress|InstanceId|\"Name\":" # Check running instance with specific tags aws ec2 describe-instances --filters Name=tag:Name,Values=anwi-labs-basic-ec2 Name=instance-state-name,Values=running | egrep "KeyName|LaunchTime|PublicIpAddress|InstanceId|\"Name\":"
2.5 Login to EC2 Instance
In this step I use the API call describe-instances to retrieve the instants ID and the public IP address. I use this information to log into the instance.
### Store Variables # Instance ID export INSTANCE_ID=$(aws ec2 describe-instances --filters Name=tag:Name,Values=anwi-labs-basic-ec2 Name=instance-state-name,Values=running | grep InstanceId | perl -ne 'print "$1\n" if /"(i-.*)"/') echo $INSTANCE_ID # Public IP Adress export INSTANCE_IP=$(aws ec2 describe-instances --filters Name=tag:Name,Values=anwi-labs-basic-ec2 Name=instance-state-name,Values=running | grep PublicIpAddress | perl -ne 'print "$1\n" if /(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})/') echo $INSTANCE_IP # PEM File for aws-key export PEM_FILE=~/.aws/anwi-labs-basic.pem ### Login to instance ssh -o "StrictHostKeyChecking no" -i $PEM_FILE ec2-user@$INSTANCE_IP date; whoami; hostname exit ### Check Http Connection curl http://$INSTANCE_IP:80
2.6 Start Webserver and create Website
In this step I install a web server and create a website that contains data from the instance meta-data. This is just an intermediate step. The information gathered during this step will become part of the EC2 User Data.
sudo su ### Webserver installation yum -y install httpd service httpd start ### Create Index Pages cat <<EOF > /var/www/html/index.html <html> <h1>Hello from Amazon EC2</h1> <p>public-ipv4 = $(curl http://169.254.169.254/latest/meta-data/public-ipv4)</p> <p>local-ipv4 = $(curl http://169.254.169.254/latest/meta-data/local-ipv4)</p> <p>local-hostname = $(curl http://169.254.169.254/latest/meta-data/hostname)</p> <p>public-hostname = $(curl http://169.254.169.254/latest/meta-data/public-hostname)</p> <p>ami-id = $(curl http://169.254.169.254/latest/meta-data/ami-id)</p> <p>ami-launch-index = $(curl http://169.254.169.254/latest/meta-data/ami-launch-index)</p> <p>ami-mainfest-path = $(curl http://169.254.169.254/latest/meta-data/ami-manifest-path)</p> <p>profile = $(curl http://169.254.169.254/latest/meta-data/profile)</p> <p>instance-type = $(curl http://169.254.169.254/latest/meta-data/instance-type)</p> <p>instance-id = $(curl http://169.254.169.254/latest/meta-data/instance-id)</p> <p>instance-life-cycle = $(curl http://169.254.169.254/latest/meta-data/instance-life-cycle)</p> <p>instance-action = $(curl http://169.254.169.254/latest/meta-data/instance-action)</p> <p>user-data = </p> <xmp> $(curl http://169.254.169.254/latest/user-data) </xmp> </html> EOF cat /var/www/html/index.html exit exit
2.7 Terminate instance
In this step I terminate the instance.
### Terminate the instance. aws ec2 terminate-instances --dry-run --instance-ids $INSTANCE_ID aws ec2 terminate-instances --no-dry-run --instance-ids $INSTANCE_ID
This concludes the basic EC2 instance.