AWS create vsftpd (FTP) server

I recently had to create a vsftpd (FTP) server on an Amazon aws virtual server running Ubuntu 12.10.

There are some issues with the default vsftpd tool that installs with apt-get on Ubuntu 12.10 (version 2.x… not sure which one off the top of my head).   It will not allow virtual users access to their root directories.   I wrote up a guide in May-2013 that showed how to get around this by writing to a sub directory, but that just does not feel right.

So this guide will go over how to do it properly and with a virtual AWS machine.

Copy AMI Between Regions

On March 13^th 2013 Amazon AWS announced a new AMI copy tool to copy images between regions.  They also posted a how to guide on how to use it at http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/CopyingAMIs.html?ref_=pe_12300_28673600_7 [1]

This I my simple guide on how to do it (it is very easy)

Amazon AWS Fix cloud-init in Ubuntu 12.10

This guide goes over fixing one bug in the cloud-init feature in Ubuntu 12.10.  The issue is this, when creating a user and giving them a password their password becomes "locked"

In the cloud-init version 0.7 installed with Ubuntu 12.10 AMIs there is a bug if you are trying to set the password for a user it becomes locked.   

The bug and its fix are covered here https://bugs.launchpad.net/cloud-init/+bug/1096423 [1]  So it has been fixed but the fix is not on the Ubuntu 12.10 AMI images yet (And I do not think it ever will be).   So here is my process for putting this fix into a 12.10 AMI and making your own AMI to use.

(4 of 4) Amazon ELB Multi-domain SSL forwarding to NGINX and Play Servers

(4 of 4  Create an ELB with the signed certificate)

This guide goes over setting up an ELB with a multi-domain SSL certificate.  The servers attached to the ELB will run multiple Play servers on different ports with an nginx server running in front of them to handle routing based on domain/subdomain names.

I know that is quite a mouthful but here is what I am trying to accomplish….

I want to run more than one Play Server on an ec2 instance.  Each Play Server will run on its own port.   I want to have a domain name to route to a specific Play server.  Ex.  www.example.com routes to the Play server running on port 9000 and  www2.example.com routes to the Play server running on port 8000.   In addition I want all the communication to be secure using ssl certificates.

For an individual server you could simply put a nginx server in front of the Play servers and have the nginx handle routing based on domain name.  But, in this case I want to add an AWS ELB (Elastic Load Balancer) in front of several EC2 machines.

Here is what I have found out thus far.   The ELB can handle the ssl certificate, but it can only have one certificate per ELB.  This forces you to use a multi-domain SSL certificate.   Also the ELB cannot port forward based on domain name so you still need an nginx server in front of the Play servers.

I want something like this.  The ELB handles the certificate and the nginx server handles the domain name routing.

(3 of 4) Amazon ELB Multi-domain SSL forwarding to NGINX and Play Servers

(3 of 4  Signed Multi-domain ssl certificate from godaddy)

This guide goes over setting up an ELB with a multi-domain SSL certificate.  The servers attached to the ELB will run multiple Play servers on different ports with an nginx server running in front of them to handle routing based on domain/subdomain names.

I know that is quite a mouthful but here is what I am trying to accomplish….

I want to run more than one Play Server on an ec2 instance.  Each Play Server will run on its own port.   I want to have a domain name to route to a specific Play server.  Ex.  www.example.com routes to the Play server running on port 9000 and  www2.example.com routes to the Play server running on port 8000.   In addition I want all the communication to be secure using ssl certificates.

For an individual server you could simply put a nginx server in front of the Play servers and have the nginx handle routing based on domain name.  But, in this case I want to add an AWS ELB (Elastic Load Balancer) in front of several EC2 machines.

Here is what I have found out thus far.   The ELB can handle the ssl certificate, but it can only have one certificate per ELB.  This forces you to use a multi-domain SSL certificate.   Also the ELB cannot port forward based on domain name so you still need an nginx server in front of the Play servers.

I want something like this.  The ELB handles the certificate and the nginx server handles the domain name routing.

(2 of 4) Amazon ELB Multi-domain SSL forwarding to NGINX and Play Servers

(2 of 4  Install nginx server)

This guide goes over setting up an ELB with a multi-domain SSL certificate.  The servers attached to the ELB will run multiple Play servers on different ports with an nginx server running in front of them to handle routing based on domain/subdomain names.

I know that is quite a mouthful but here is what I am trying to accomplish….

I want to run more than one Play Server on an ec2 instance.  Each Play Server will run on its own port.   I want to have a domain name to route to a specific Play server.  Ex.  www.example.com routes to the Play server running on port 9000 and  www2.example.com routes to the Play server running on port 8000.   In addition I want all the communication to be secure using ssl certificates.

For an individual server you could simply put a nginx server in front of the Play servers and have the nginx handle routing based on domain name.  But, in this case I want to add an AWS ELB (Elastic Load Balancer) in front of several EC2 machines.

Here is what I have found out thus far.   The ELB can handle the ssl certificate, but it can only have one certificate per ELB.  This forces you to use a multi-domain SSL certificate.   Also the ELB cannot port forward based on domain name so you still need an nginx server in front of the Play servers.

I want something like this.  The ELB handles the certificate and the nginx server handles the domain name routing.

(1 of 4) Amazon ELB Multi-domain SSL forwarding to NGINX and Play Servers

(1 of 4  Install Scala and Play on Ubuntu 12.10)

This guide goes over setting up an ELB with a multi-domain SSL certificate.  The servers attached to the ELB will run multiple Play servers on different ports with an nginx server running in front of them to handle routing based on domain/subdomain names.

I know that is quite a mouthful but here is what I am trying to accomplish….

I want to run more than one Play Server on an ec2 instance.  Each Play Server will run on its own port.   I want to have a domain name to route to a specific Play server.  Ex.  www.example.com routes to the Play server running on port 9000 and  www2.example.com routes to the Play server running on port 8000.   In addition I want all the communication to be secure using ssl certificates.

For an individual server you could simply put a nginx server in front of the Play servers and have the nginx handle routing based on domain name.  But, in this case I want to add an AWS ELB (Elastic Load Balancer) in front of several EC2 machines.

Here is what I have found out thus far.   The ELB can handle the ssl certificate, but it can only have one certificate per ELB.  This forces you to use a multi-domain SSL certificate.   Also the ELB cannot port forward based on domain name so you still need an nginx server in front of the Play servers.

I want something like this.  The ELB handles the certificate and the nginx server handles the domain name routing.

Amazon AWS ELB using VPC with SSL

This guide goes through the setup of an ELB (Elastic load balancer in the AWS amazon cloud) with an SSL certificate.

For this test I am going to set up an ec2 instance with Ubuntu 12.10 running an nginx server.

Installing AWS IAM command line tools in Ubuntu

This guide goes over setting up the amazon AWS IAM (Identity and Access Management) command line tools.

I had to recently set these up due to a tool missing from the aws web console  (well maybe it's there but I can't seem to find it)  I recently added an SSL certificate to an ELB as a test.  The SSL certificate is somehow stored within the IAM system.   The only way I can see to remove the SSL certificate is to use the IAM command line tools.

Quick EC2 Pricing Chart 03-09-2013

These prices were updated 03-09-2013

The change this go around was a drop in the yearly contracts for some of the ec2 instance types.    Anywhere from 13-23% savings.

Quick RDS Pricing Chart

These prices were updated 1/24/2013

I do not know about you, but working in a small business I don’t need that many servers, at most a dozen or so.   Not a large enough set of servers to use complicated analytics to reduce our AWS bill every month.  I figure out by hand what our needs are and what the server costs will be.   With that in mind I keep an RDS  pricing chart for quick reference to compare hourly, monthly, and yearly prices (with reserved instances).   All these prices are for the East region (which match the West-2 “Oregon” region as well.

Quick EC2 Pricing Chart

These prices were updated 2/01/2013

This go around 2 new ec2 types were added and several linux ec2 types had their hourly rates reduced by 9-14%

I do not know about you, but working in a small business I don’t need that many servers, at most a dozen or so.   Not a large enough set of servers to use complicated analytics to reduce our aws bill every month.  I figure out by hand what our needs are and what the server costs will be.   With that in mind I keep an ec2 pricing chart for quick reference to compare hourly, monthly, and yearly prices (with reserved instances).   All these prices are for the East region (which match the West-2 “Oregon” region as well)

Create git server on AWS cloud

I am new to the git world,  I have been using subversion for many of my past projects, so bear with me if I seem to cover rudimentary git in this document.

The goal of this document is to show you how to use cloud-init with ubuntu 12.10 to easily create a git server in the aws cloud.

Amazon AWS Ubuntu cloud-init

 Ubuntu’s cloud releases (AMIs for AWS), which are listed at http://uec-images.ubuntu.com/releases/ [1],  include an ubuntu package called cloud-init.

Cloud-init,  https://help.ubuntu.com/community/CloudInit  [2], is a tool that will run a script during the initializing of an ec2 image in the amazon cloud.   It allows for custom deployment of an AMI as it is initialized.

I think the best way to learn a tool is to start using it.

Amazon AWS Micro Instance runs out of memory with Apache/MySQL/Wordpress

Recently I set up a micro instance within the Amazon cloud to act as a Wordpress server, running Ubuntu 12.04 Server. 

A micro instance only has 613MiB of memory, which is not much in the day and age but good enough for a lightly used wordpress site.

However after setting my site up and letting it run for a few days the MySQL database, running on the same machine, shut down.   I restarted it and chalked it up as a one-time fluke.  But it did it again the next night.   I checked the server and it was not working because MySQL was down.   Everything else was just fine.   So I restarted MySQL and started investigating.

Move EBS AMI Between Regions

Amazon created a copy tool that is much simpler to use than this guide. 
I made another guide that goes over the new tool at

http://www.whiteboardcoder.com/2013/04/copy-ami-between-regions.html

Should the new tool not work for you this older guide may be helpful



I recently had a need to move an AMI from the AWS east-1 regions to the west-2 region.

AWS does have a command line tool, ec2-migrate-image, for moving AMIs between regions, but it does not work for EBS backed AMIs (which I prefer to use)   For more information on this command line tool go to http://docs.amazonwebservices.com/AWSEC2/latest/CommandLineReference/ApiReference-cmd-MigrateImage.html [1]

AWS Reserved Instance marketplace

Amazon has set up a plce where you can buy and sell reserved instances.  This helps in getting rid of reserved instances you may no longer need.

http://aws.amazon.com/ec2/reserved-instances/marketplace/ [1]

Selling

I am more interested in buying a partial reserved instance than selling them.   So I will not be going over selling, if you want to sell a reserved instance this video by AWS will show you how to

Unable to Resolve Host IP

Every so often I get this error from the command line from ubuntu 12.04 LTS in the Amazon AWS cloud.

unable to resolve host ip-XX-X-XX-XXX

Quick Overview of Amazon AWS Cloud

Quick Overview of Amazon AWS cloud

Created 02/10/2011

Updated 3/6/2012 (lower prices)

Updated 3/14/2012 (new Medium ec2 type)

Updated 4/15/2012 (confirm prices)

Updated 12/14/2012 (confirm prices)

Patrick Bailey

Services

Amazon provides many different cloud services here is a quick overview what I will be covering in this document.  (These are a subset of all of Amazons AWS offerings at the time of this writing)

·         S3

·         EC2

o   AMI

o   EBS

o   Snapshots

o   Elastic IP

o   Elastic Load Balancers

o   Security

o   Monitoring

·         RDS Database

o   MySQL

o   Oracle

o   Monitoring

·         Route 53

·         Dynamo DB (beta)

·         Storage Gateway (beta)

Amazon AWS VPC Setting up OpenVPN server

This assumes you already have a VPC set up and working.

I am still new to the VPC world, but from what I have read it seems that the virtual VPN service that Amazon provides is intended for a hardware based VPN, site to site.   Aside from that it costs $0.05 per hour connection.

In this tutorial I am going to set up a OpenVPN server on Ubuntu 12.04 LTS server within my VPC.   Once I get that working I am additionally going to turn that OpenVPN server into a NAT server to replace my current NAT server and save some money.

The best information I found on the web one how to do this was a video at http://dbsgkhvbz3k7m.cloudfront.net/AmazonVPC/AmazonVPC.html [1]