Context Navigation

Changes between Version 86 and Version 87 of InstallationGuidelines/Amazon

Timestamp:: 10/22/14 10:22:04 (10 years ago)
Author:: Fran Boon
Comment:: --

Legend:

: Unmodified
: Added
: Removed
: Modified

TabularUnified InstallationGuidelines/Amazon

-              v86
+              v87
 Users who are using the free tier: Remember - after 750 hours, your trial will end and the credit card on file will be charged based on the rates shown in EC2. You can prevent these charges by closing the AWS account from the [https://portal.aws.amazon.com/gp/aws/manageYourAccount/ AWS account management page].
 == 1. Create AWS Account ==
+If you haven't already, create an Amazon AWS account through [http://aws.amazon.com/free/?sc_channel=PS&sc_campaign=AWS_Free_Tier_2013&sc_category=aws_cloud_computing&sc_publisher=Google&sc_medium=Brand_Core_AWS_E&sc_content=31496064882&sc_detail=Amazon%20-%20aws&sc_matchtype=e&trk=AWS_Free_Tier_2013/ their site].[[BR]]
+After creating your account, head to the [https://console.aws.amazon.com/console/home?#/ management console] and set up an instance of EC2. Instructions to do this can be found in the [http://aws.amazon.com/documentation/ec2/ Amazon EC2 Documentation].
+=== Regions & Zones ===
+If you haven't already, create an Amazon AWS account through [http://aws.amazon.com/free/ their site].
+== 2. Create Instance ==
+=== Step 1: Log in to the Management Console ===
+* https://console.aws.amazon.com
+=== Step 2: Select a Region ===
 Amazon supports multiple Regions in order to provide a service closest to your users.
 * Namespaces of Instances, Volumnes & Snapshots are unique only within a Region.
+* Namespaces of Instances, Volumes & Snapshots are unique only within a Region.
 * Within each Region, there are a couple of Availability Zones to allow spreading the risk across different facilities.
 * Volumes are located within a specific Availability Zone
 * Bandwidth transfers are free within an Availability Zone
 == 1. Create Instance ==
 === Step 1: Choose an Amazon Machine Image (AMI) ===
 * Recommend using the AWS Marketplace Debian 64-bit image (as this has a sufficiently large HDD to start with)
+=== Step 3: Launch a new Instance ===
+=== Step 4: Choose an Amazon Machine Image (AMI) ===
+* Recommend using the AWS Marketplace Debian 64-bit image (as this has a sufficiently large HDD to start with & is EBS-backed, so has persistent storage even whilst powered down)
 * In time we may provide pre-built "Sahana Eden" AMIs (some old unmaintained ones may be available in some regions)
 * The normal production 'small' instance can only run 32-bit.
 * Larger production instances can only run 64-bit, so can't have the exact same image used.
 === Step 2: Choose an Instance Type ===
+=== Step 5: Choose an Instance Type ===
 * The free starter 'micro' instance is flexible as it can run both 32-bit & 64-bit Operating Systems.
 === Step 3: Configure Instance Details ===
+=== Step 5: Configure Instance Details ===
 Default settings are fine
+=== Step 4: Add Storage ===
+Instance Persistence:
+* EBS-backed instances have persistent storage even whilst powered down, which is very useful.
+ * For DB I/O performance increase can stripe multiple EBS
+  * monitoring data available to see if this is the issue
+=== Step 5: Tag Instance ===
+Default settings are fine
+=== Step 6: Configure Security Group ===
+You will need to set the following Inbound Rules:
+* SSH | TCP | 22
+* HTTP | TCP |80
+Restricting the source will add further security
+You can either create a '''new''' security group or Select an '''existing''' security group. With the existing security group, you may have to set the inbound rules via the EC2 dashboard:  NETWORK & SECURITY > Security Groups
+== 2. Associate Elastic IP ==
+=== Step 6: Create !KeyPair ===
+Ensure that you keep the generated private key safe...save as {{{private.pem}}}
+=== Step 7: Associate Elastic IP ===
 Each time you start an instance up, it will be assigned a new IP ('Public DNS') although this can be overcome using an Elastic IP:
 …
 . Associate Address. Set the instance to your new instance
+* Remember to set up Reverse DNS for your Elastic IP to be able to send emails reliably:
+ * https://aws-portal.amazon.com/gp/aws/html-forms-controller/contactus/ec2-email-limit-rdns-request
+* If you have a free EC2 instance, be sure to release your Elastic IP if you shut down your instance.
+  IPv4 addresses are a "scarce resource" so Amazon will charge you for wasting one if you keep it assigned
+  to your instance while you are not using it.
+== 3. Download SSH Keys ==
+This can provide an early stumbling block.
+* Each instance created needs to start with a unique SSH keypair
+* When setting up an instance, be sure to safely download the private key.
+* In order to get the public key (needed by SecureCRT for instance) then you need to login using CLI & retrieve it (username 'admin' for the AWS !MarketPlace Debian, username 'root' for some other Images):
+Remember to set up Reverse DNS for your Elastic IP to be able to send emails reliably:
+* https://aws-portal.amazon.com/gp/aws/html-forms-controller/contactus/ec2-email-limit-rdns-request
+NB If you have a free EC2 instance, be sure to release your Elastic IP if you shut down your instance. IPv4 addresses are a "scarce resource" so Amazon will charge you for wasting one if you keep it assigned to your instance while you are not using it.
+=== Step 8: Configure Security Group ===
+NETWORK & SECURITY > Security Groups
+You will need to set the following Inbound Rules:
+* HTTP | TCP |80
+* SSH | TCP | 22
+Restricting the source will add further security, but obviously also restricts your ability to administer
+=== Step 9: Gain SSH access ===
+In order to get the public key (needed by SecureCRT for instance) then you need to login using CLI & retrieve it (username 'admin' for the AWS !MarketPlace Debian, username 'root' for some other Images):
 {{{
 ssh -l admin -i private.pem <hostname>
 …
 }}}
+On Windows, you can use Cygwin to get a CLI SSH client.
 SecureCRT needs the private key storing as <filename> & the public as <filename.pub> (all on one line)
+SSH will also need to be enabled in your Firewall policy (restrict the IP source, if possible)
+=== Recovering From a Lost Keypair ===
+==== Recovering From a Lost Keypair ====
 If you lose your keypair then you need to:
 * Create a new keypair in the AWS console & download the generated private key
 …
 Thanks to: http://itkbcentral.blogspot.co.uk/2011/07/replace-lost-key-pair-existing-aws-ec2.html
+== 4. Optimize Instance ==
+=== Add Swapfile (Optional) ===
+You can add swap from a swap file in order to improve performance (especially on a Micro instance):
+=== Step 10: Add Swapfile ===
+You should add swap from a swap file in order to improve performance (especially on a Micro instance):
 {{{
 sudo su -
 …
 }}}
+=== Add Swap partition (Optional) ===
+== 3. Install Sahana ==
+* Copy the installation and configuration scripts into the launched instance (assuming [wiki:InstallationGuidelines/Linux/Server/CherokeePostgreSQL Cherokee & PostgreSQL]):
+{{{
+wget http://eden.sahanafoundation.org/raw-attachment/wiki/InstallationGuidelines/Linux/Server/CherokeePostgreSQL/install-eden-cherokee-postgis.sh
+chmod a+x install-eden-cherokee-postgis.sh
+wget http://eden.sahanafoundation.org/raw-attachment/wiki/InstallationGuidelines/Linux/Server/CherokeePostgreSQL/configure-eden-cherokee-postgis.sh
+chmod a+x configure-eden-cherokee-postgis.sh
+}}}
+* Run the install-eden-cherokee-postgis.sh script. [Note: This step takes about 10min - grab a coffee]
+{{{
+sudo su -
+./install-eden-cherokee-postgis.sh
+}}}
+If you wish to update your site from an alternate github repo this can be done using:
+* ConfigurationGuidelines#SwitchtoanalternateGitHubrepo
+== 4. Configure Sahana ==
+Run configure-eden-cherokee-postgis.sh to configure the instance:
+{{{
+sudo su -
+./configure-eden-cherokee-postgis.sh
+}}}
+* Add your FQDN to {{{/etc/hosts}}} to ensure emails are accepted by all remote mailers:
+{{{
+vim /etc/hosts
+.0.0.1 host.domain host localhost
+/etc/init.d/exim4 restart
+}}}
+See [UserGuidelines/Admin/Configuration Admin Guide] - especially read how to set the sender & approver emails
+== 5. Add a Test site (Optional) ==
+This script requires at least 4Gb on the main disk
+{{{
+sudo su -
+wget http://eden.sahanafoundation.org/raw-attachment/wiki/InstallationGuidelines/Linux/Server/CherokeePostgreSQL/add_test_site.sh
+chmod a+x add_test_site.sh
+./add_test_site.sh
+}}}
+NB This script has an issue & the file /etc/cherokee/cherokee.conf needs to be manually edited to fix the lines wrapping for Source 1 (fix welcomed!)
+== 6. Add a Demo site (Optional) ==
+This script requires at least 6Gb on the main disk.
+This script assumes that a Test site has already been installed
+{{{
+sudo su -
+wget http://eden.sahanafoundation.org/raw-attachment/wiki/InstallationGuidelines/Linux/Server/CherokeePostgreSQL/add_demo_site.sh
+chmod a+x add_demo_site.sh
+./add_demo_site.sh
+}}}
+NB This script has an issue & the file /etc/cherokee/cherokee.conf needs to be manually edited to fix the lines wrapping for Source 1 (fix welcomed!)
+== Optional Instance Adjustments ==
+=== Add Swap partition ===
 You can add a swap partition in order to improve performance further:
 * Create Volume in AWS Console (e.g. 4Gb)
 …
 }}}
+=== Add Storage (Optional) ===
+=== Grow the Diskspace ===
+The initial disk space on some images is just 1GB. If you have this, then this should be grown to 4Gb (don't just size the volume to 4Gb to start with as the image only uses 1Gb of it!)
+* this is still within the 10Gb free tier.
+* 4Gb is needed for Prod & Test instances. If you just need a test then 3Gb is sufficient.
+=== Add Storage ===
 If you need an additional disk for Storage then configure a volume in the AWS console, attach as /dev/sdb1, then in Linux:
 {{{
 …
 mount /data
 }}}
+== 5. Install Sahana ==
+* Copy the installation and configuration scripts into the launched instance (assuming [wiki:InstallationGuidelines/Linux/Server/CherokeePostgreSQL Cherokee & PostgreSQL]):
+{{{
+wget http://eden.sahanafoundation.org/raw-attachment/wiki/InstallationGuidelines/Linux/Server/CherokeePostgreSQL/install-eden-cherokee-postgis.sh
+chmod a+x install-eden-cherokee-postgis.sh
+wget http://eden.sahanafoundation.org/raw-attachment/wiki/InstallationGuidelines/Linux/Server/CherokeePostgreSQL/configure-eden-cherokee-postgis.sh
+chmod a+x configure-eden-cherokee-postgis.sh
+}}}
+* Run the install-eden-cherokee-postgis.sh script. [Note: This step takes about 10min - grab a coffee]
+{{{
+sudo su -
+./install-eden-cherokee-postgis.sh
+}}}
+If you wish to update your site from an alternate github repo this can be done using:
+* ConfigurationGuidelines#SwitchtoanalternateGitHubrepo
+== 6. Configure Sahana ==
+Run configure-eden-cherokee-postgis.sh to configure the instance:
+{{{
+sudo su -
+./configure-eden-cherokee-postgis.sh
+}}}
+* Add your FQDN to /etc/hosts to ensure emails are accepted by all remote mailers:
+{{{
+vim /etc/hosts
+.0.0.1 host.domain host localhost
+/etc/init.d/exim4 restart
+}}}
+[UserGuidelines/Admin/Configuration Admin Guide] - especially read how to set the sender & approver emails
+== 7. Add a Test site (Optional) ==
+This script requires at least 4Gb on the main disk
+{{{
+sudo su -
+wget http://eden.sahanafoundation.org/raw-attachment/wiki/InstallationGuidelines/Linux/Server/CherokeePostgreSQL/add_test_site.sh
+chmod a+x add_test_site.sh
+./add_test_site.sh
+}}}
+NB This script has an issue & the file /etc/cherokee/cherokee.conf needs to be manually edited to fix the lines wrapping for Source 1 (fix welcomed!)
+== 8. Add a Demo site (Optional) ==
+This script requires at least 6Gb on the main disk.
+This script assumes that a Test site has already been installed
+{{{
+sudo su -
+wget http://eden.sahanafoundation.org/raw-attachment/wiki/InstallationGuidelines/Linux/Server/CherokeePostgreSQL/add_demo_site.sh
+chmod a+x add_demo_site.sh
+./add_demo_site.sh
+}}}
+NB This script has an issue & the file /etc/cherokee/cherokee.conf needs to be manually edited to fix the lines wrapping for Source 1 (fix welcomed!)
+== 9. Grow the Diskspace (Optional) ==
+The initial disk space on some images is just 1GB. If you have this, then this should be grown to 4Gb (don't just size the volume to 4Gb to start with as the image only uses 1Gb of it!)
+* this is still within the 10Gb free tier.
+* 4Gb is needed for Prod & Test instances. If you just need a test then 3Gb is sufficient.
+=== Disk Striping (Optional) ===
+For DB I/O performance increase can stripe multiple EBS
+* monitoring data is available to see if this is the issue
+== Installing Deployment Coapp on EC2 ==
+See: InstallationGuidelines/Amazon/Setup
 == CLI Tools ==
 …
 == Building AMIs for easier deployment ==
+If your region doesn't yet have a Sahana AMI in, then it is easy to create one which allows easier deployment of future instances for both you & others. The only cost to you is a small amount of time to publish it & then using up your 1Gb Snapshot allowance within the free tier.
+* Install the instance as-above
+* Don't run the configure script
+* Shutdown the EBS instance.
+{{{
+shutdown -h now
+}}}
+* Go to your aws console for the current region at [https://console.aws.amazon.com/ec2/home | EC2 Console]
+* Select the debian instance you just prepared in the "Instances"
+* Select " Create Image (EBS AMI) " in the "Instance Actions" drop down.
+[[Image(http://eden.sahanafoundation.org/raw-attachment/wiki/InstallationGuidelines/Amazon/create-image.png, 75%)]]
+* Choose an Image name - Lets say - "Sahana Eden" and fill in a description.
+[[Image(http://eden.sahanafoundation.org/raw-attachment/wiki/InstallationGuidelines/Amazon/create-image-config.png, 75%)]]
+* Click "Create this Image"
+* Go to the "AMIS" menu and select "Owned by me" and "All Platforms" in the Viewing dropdown.
+[[Image(http://eden.sahanafoundation.org/raw-attachment/wiki/InstallationGuidelines/Amazon/ami-built.png, 75%)]]
+* Wait for about 5 minutes and hit refresh for the AMI you just built to appear.
+* Select the AMI and click the Permissions button - Select public, to make the image public.
+[[Image(http://eden.sahanafoundation.org/raw-attachment/wiki/InstallationGuidelines/Amazon/ami-permissions.2.png, 75%)]]
+Keep Templates as EBS Volumes as this is cheaper than Snapshots
+See: InstallationGuidelines/Amazon/AMI
 == Troubleshooting ==
+To troubleshoot any errors in installation of EC2 visit its [http://aws.amazon.com/documentation/ec2/ documentation]. If you encounter problems installing eden on the EC2 instance, you can contact us via [http://webchat.freenode.net/?channels=sahana-eden&uio=d4/ IRC] or the [https://groups.google.com/forum/#!forum/sahana-eden/ mailing list].
+== Installing Deployment Coapp on EC2 ==
+* Once you've registered for Amazon's Web Services, login to the [https://console.aws.amazon.com/ec2/v2/home EC2 Management Console]. You'll be greeted with the EC2 dashboard as in the picture below
+[[Image(http://eden.sahanafoundation.org/raw-attachment/wiki/InstallationGuidelines/Amazon/Dashboard.png, 75%)]]
+* Next, click on Launch Instance. This new instance will act as a master node for future deployments. We'll use Debian as the OS but other distributions may be supported in the future. In the "Select your Amazon Machine Image" pane, select "AWS Marketplace" from the left sidebar. Scroll down, click on "Operating Systems" and select "Debian GNU/Linux"
+[[Image(http://eden.sahanafoundation.org/raw-attachment/wiki/InstallationGuidelines/Amazon/SelectAMI.png, 75%)]]
+* In the next step, select the instance depending on your requirements.
+* Next, in the Configure Instance pane, expand the Advanced Details tab and enter the contents of https://github.com/gnarula/eden_playbook/blob/master/user-data.sh in the User-Data field.
+[[Image(http://eden.sahanafoundation.org/raw-attachment/wiki/InstallationGuidelines/Amazon/UserData.png, 75%)]]
+* Create a new security group with a rule for SSH and HTTP as shown in the screenshot below.
+[[Image(http://eden.sahanafoundation.org/raw-attachment/wiki/InstallationGuidelines/Amazon/SecurityGroup.png, 75%)]]
+* Finally, review the configuration and launch the instance. You'll be prompted to select an existing key pair or generate a new one. In case you're a new user or you don't have access to your key, generate a new keypair, save it and proceed.
+That's it! The instance will have Deployment Coapp Installed and may be used to install Eden on that instance or any other remote servers. Do note that the installation takes some time (~5 minutes) even after the EC2 Web UI states the instance as "Running". The Coapp may be accessed by browsing to http://instance-public-ip/ or http://<public-dns>
+Logs for the process may be found by sshing into the newly created instance with your key and viewing /var/log/user-data.log and /var/log/syslog
+== Next ==
+[wiki:UserGuidelines/Admin Administration Guide]
+To troubleshoot any errors in installation of EC2 visit its [http://aws.amazon.com/documentation/ec2/ documentation]. If you encounter problems installing eden on the EC2 instance, you can contact us via [wiki:Chat IRC] or the [Wiki:MailingList mailing list].