Create and start AWS instances

From JMK Wiki
Jump to: navigation, search

Create and start an AWS instance using the CLI API

Select the region (eu-central-1, eu-west-1, us-east-1, etc) and set the REGION environmental variable.

user@localhost ~ $ export REGION=eu-central-1

Select the base image id (can be found on the launch new instance page, ami-d22932be for eu-central-1) and set the AMI_ID environmental variable.

user@localhost ~ $ export AMI_ID=ami-d22932be

Check for existing key pairs and create one if necessary.

user@localhost ~ $ aws --region $REGION ec2 describe-images --image-ids $AMI_ID
user@localhost ~ $ aws --region $REGION ec2 create-key-pair --dry-run --key-name $REGION

Check for existing VPCs and create one if necessary. Set the the VPC_ID environmental variable.

user@localhost ~ $ aws --region $REGION ec2 describe-vpcs
user@localhost ~ $ aws --region $REGION ec2 create-vpc --dry-run --cidr-block 192.168.0.0/24
user@localhost ~ $ export VPC_ID=<the vpc id>

Check for existing security groups and create one if necessary. Set the the SG_ID environmental variable.

user@localhost ~ $ aws --region $REGION ec2 describe-security-groups
user@localhost ~ $ aws --region $REGION ec2 create-security-group --dry-run --group-name $REGION --description $REGION --vpc-id $VPC_ID
user@localhost ~ $ export SG_ID=<the security group id>

Create a class C subnet for the VPC and set the SUBNET_ID environmental variable.

user@localhost ~ $ aws --region $REGION ec2 create-subnet --dry-run --vpc-id $VPC_ID --cidr-block 192.168.0.0/24
user@localhost ~ $ export SUBNET_ID=<the subnet id>

Create and start the instance. Set the RESERVATION_ID, INSTANCE_ID and IMAGE_ID environmental variables.

user@localhost ~ $ aws --region $REGION ec2 run-instances --dry-run --image-id $AMI_ID --key-name $REGION --security-group-ids $SG_ID --instance-type t2.nano --subnet-id $SUBNET_ID --private-ip-address 192.168.0.100 --count 1
user@localhost ~ $ export RESERVATION_ID=<the reservation id>
user@localhost ~ $ export INSTANCE_ID=<the instance id>
user@localhost ~ $ export IMAGE_ID=<the image id>

Disable instance termination.

user@localhost ~ $ aws --region $REGION ec2 modify-instance-attribute --dry-run --instance-id $INSTANCE_ID --disable-api-termination

Allocate a public IP address for the instance and set the ALLOCATION_ID environmental variable.

user@localhost ~ $ aws --region $REGION ec2 allocate-address --dry-run --domain vpc
user@localhost ~ $ export ALLOCATION_ID=<the allocation id>

Create an internet gateway and set the INTERNET_GATEWAY_ID environmental variable.

user@localhost ~ $ aws --region $REGION ec2 create-internet-gateway --dry-run
user@localhost ~ $ export INTERNET_GATEWAY_ID=<the internet gateway id>

Attach the gateway to the VPC.

user@localhost ~ $ aws --region $REGION ec2 attach-internet-gateway --dry-run --internet-gateway-id $INTERNET_GATEWAY_ID --vpc-id $VPC_ID

Associate the public IP address to the instance and set the ASSOCIATION_ID environmental variable.

user@localhost ~ $ aws --region $REGION ec2 associate-address --dry-run --instance-id $INSTANCE_ID --allocation-id $ALLOCATION_ID
user@localhost ~ $ export ASSOCIATION_ID=<the association id>

Set up some incoming rule for the security group.

user@localhost ~ $ aws --region $REGION ec2 authorize-security-group-egress --dry-run --group-id $SG_ID --protocol -1 --cidr 0.0.0.0/0
user@localhost ~ $ aws --region $REGION ec2 authorize-security-group-ingress --dry-run --group-id $SG_ID --protocol tcp --port 22 --cidr 0.0.0.0/0
user@localhost ~ $ aws --region $REGION ec2 authorize-security-group-ingress --dry-run --group-id $SG_ID --protocol tcp --port 25 --cidr 0.0.0.0/0
user@localhost ~ $ aws --region $REGION ec2 authorize-security-group-ingress --dry-run --group-id $SG_ID --protocol tcp --port 53 --cidr 0.0.0.0/0
user@localhost ~ $ aws --region $REGION ec2 authorize-security-group-ingress --dry-run --group-id $SG_ID --protocol udp --port 53 --cidr 0.0.0.0/0
user@localhost ~ $ aws --region $REGION ec2 authorize-security-group-ingress --dry-run --group-id $SG_ID --protocol tcp --port 465 --cidr 0.0.0.0/0
user@localhost ~ $ aws --region $REGION ec2 authorize-security-group-ingress --dry-run --group-id $SG_ID --protocol tcp --port 587 --cidr 0.0.0.0/0
user@localhost ~ $ aws --region $REGION ec2 authorize-security-group-ingress --dry-run --group-id $SG_ID --protocol tcp --port 1080 --cidr 0.0.0.0/0
user@localhost ~ $ aws --region $REGION ec2 authorize-security-group-ingress --dry-run --group-id $SG_ID --protocol tcp --port 3128 --cidr 0.0.0.0/0
user@localhost ~ $ aws --region $REGION ec2 authorize-security-group-ingress --dry-run --group-id $SG_ID --protocol tcp --port 31417 --cidr 0.0.0.0/0
user@localhost ~ $ aws --region $REGION ec2 authorize-security-group-ingress --dry-run --group-id $SG_ID --protocol icmp --port 8--1 --cidr 0.0.0.0/0

Check for existing routing tables and set the ROUTE_TABLE_ID environmental variable.

user@localhost ~ $ aws --region $REGION ec2 describe-route-tables
user@localhost ~ $ export ROUTE_TABLE_ID=

Set up a route through the internet gateway.

user@localhost ~ $ aws --region $REGION ec2 create-route --dry-run --route-table-id $ROUTE_TABLE_ID --destination-cidr-block 0.0.0.0/0 --gateway-id $INTERNET_GATEWAY_ID

Set up the newly created AWS instance

SSH into the newly created instance using it's assigned public IP and the created key pair and gain root access.

user@localhost ~ $ ssh ec2-user@<assigned IP address>
user@localhost ~ $ sudo su -

Set the timezone information

root@localhost ~ # tzselect
root@localhost ~ # nano -w /etc/sysconfig/clock
ZONE="Europe/Budapest"
UTC=true
root@localhost ~ # ln -sf /usr/share/zoneinfo/Europe/Budapest /etc/localtime

Edit the hosts file.

root@localhost ~ # nano -w /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost6 localhost6.localdomain6

10.0.0.x    dublin-1.eu-west-1.aws.jmk.hu dublin-1
10.0.0.y    nova-1.us-east-1.aws.jmk.hu nova-1

Set up the hostname.

root@localhost ~ # nano -w /etc/sysconfig/network
HOSTNAME=dublin-1.eu-west-1.aws.jmk.hu
HOSTNAME=nova-1.us-east-1.aws.jmk.hu
root@localhost ~ # nano -w /etc/hostname
dublin-1.eu-west-1.aws.jmk.hu
nova-1.us-east-1.aws.jmk.hu

Update the system.

root@localhost ~ # yum update

Install some stuff

root@localhost ~ # yum install mc

Set up swap file

root@localhost ~ # chmod 600 /swap
root@localhost ~ # mkswap -L swap /swap

Update /etc/fstab

root@localhost ~ # nano -w /etc/fstab
/swap       swap        swap    sw              0   0

Activate swap

root@localhost ~ # swapon -a

Reboot the system

root@localhost ~ # systemctl reboot