[ec2-beta] Preliminary thoughts
Jamie Strandboge
jamie at canonical.com
Mon Jan 12 18:12:13 GMT 2009
Hi!
I just recently dove into EC2 and have been thinking about ways to
leverage its power in my day to day work. Here's some feedback based
on my (rather limited) use of ec2 so far:
1. An internal to EC2 mirror would be great (I know there is discussion
about this)
2. Images for Dapper, Hardy, Intrepid and Jaunty (and beyond) would be
fantastic for update testing (Gutsy isn't needed as it will be EOL'd
soon).
3. OpenJDK seems to work fine, so I wonder why we are recommending Sun's
JRE in the EC2StartersGuide.
4. X11 with ssh forwarding is *painful* in EC2 (yes, I was enough of a
masochist to actually play with this :)
5. In getting familiar with the system, I found myself scripting various
things, and realized that as cool as EC2 is, its CLI management doesn't
feel very 'Ubuntu' on the host. Perhaps something like this is already
planned, but I wrote a quick and dirty shell script (ec2sec) that does a
few things:
A. Sets the environment so I don't need to update .bashrc (thanks Kees
Cook for the initial wrapper). This also sets up EC2_KEYPAIR, which
makes ssh access easier[*].
B. Shows what images are available. Eg:
$ ec2sec available
Image Arch Operating System
----- ---- ----------------
...
ami-5647a33f i386 fedora-8-i386-base-v1.08
ami-f21aff9b x86_64 fedora-8-x86_64-base-v1.06
...
Private:
ami-814aaee8 i386 ubuntu-intrepid-8.10-i386 (private)
ami-a84aaec1 x86_64 ubuntu-intrepid-8.10-amd64 (private)
C. Lists instances. Eg:
$ ec2sec list
ID Image Status
-- ----- ------
i-f8810791 ami-a84aaec1 ec2-75-101-210-102.compute-1.amazonaws.com
i-ab8107c2 ami-814aaee8 pending
D. Starts and stops instances. Eg:
$ ec2sec start ami-a84aaec1
$ ec2sec stop i-4785032e
$ ec2sec stopall (this will stop all running instances with one command)
This allows me to have a workflow like:
$ ec2sec start ami-814aaee8
$ ec2sec list
ID Image Status
-- ----- ------
i-4785032e ami-814aaee8 ec2-174-129-143-19.compute-1.amazonaws.com
$ ssh root at ec2-174-129-143-19.compute-1.amazonaws.com
... do work ...
$ ec2sec stopall
I did this cause I very quickly grew tired of typing those *really long*
ec2 commands and deciphering their cryptic ouput. Are there plans to
have some sort of a CLI frontend for managing ec2 for the basic use
cases? Perhaps 'uec2' for 'Uncomplicated EC2'. :)
Another idea I had for this script is to have a 'timeout' feature that
terminates the instance once the timeout has been reached. This could be
useful to make sure that images didn't run ad infinitum and cause
unintended charges (could perhaps use atd for this).
I've attached the script so people can play with it, but like I said
before, this was very quick and dirty, and not intended for mass
consumption.
Jamie
[*] I can make EC2 ssh easier by adding to my ~/.ssh/config file:
Host *.amazonaws.com
IdentityFile <path to>/ec2-keypair.pem
then point EC2_KEYPAIR to this file
--
Ubuntu Security Engineer | http://www.ubuntu.com/
Canonical Ltd. | http://www.canonical.com/
-------------- next part --------------
#!/bin/sh -e
#
# Copyright (C) 2007,2008 Canonical, Ltd.
# Author: Jamie Strandboge <jamie at canonical.com>
# License: GPLv3
#
ustconf="$HOME/.ubuntu-security-tools.conf"
if [ -s "$ustconf" ]; then
. "$ustconf"
else
echo "Could not find '$ustconf'"
exit 1
fi
if [ "$USER" = "root" ]; then
echo "You must not be root to run this script. Aborting" >&2
exit 1
fi
export EC2_HOME="$ec2_installdir"
export PATH="$PATH:$EC2_HOME/bin"
export EC2_PRIVATE_KEY="$ec2_key"
export EC2_CERT="$ec2_cert"
export JAVA_HOME="/usr/lib/jvm/java-6-openjdk/"
export EC2_KEYPAIR="$ec2_keypair"
get_keypair_id() {
head -1 "$EC2_KEYPAIR" | grep "^KEYPAIR" | awk '{print $2}'
}
case "$1" in
available)
echo "Image\t\tArch\tOperating System"
echo "-----\t\t----\t----------------"
ec2-describe-images -o self -o amazon | egrep "^IMAGE" | while read line ; do
image=`echo \'$line\' | cut -d ' ' -f 2`
os=`echo \'$line\' | awk '{print $3}' | cut -d '/' -f 2 | sed 's/\.manifest\.xml$//g'`
avail=`echo \'$line\' | awk '{print $5}'`
access=`echo \'$line\' | awk '{print $6}'`
arch=`echo \'$line\' | awk '{print $7}'`
imgtype=`echo \'$line\' | awk '{print $8}'`
if [ "$imgtype" = "machine" ] && [ "$access" = "public" ] && [ "$avail" = "available" ]; then
echo "${image}\t${arch}\t${os}"
fi
done
# now output the private image we know about
echo "Private:"
echo "ami-814aaee8\ti386\tubuntu-intrepid-8.10-i386 (private)"
echo "ami-a84aaec1\tx86_64\tubuntu-intrepid-8.10-amd64 (private)"
;;
start)
if [ -z "$2" ]; then
$0 help
exit 1
fi
arch_args=""
if $0 available | egrep -q "^$2.*x86_64.*" ; then
arch_args="-t c1.xlarge"
fi
keypair_id=`get_keypair_id`
if [ -z "$keypair_id" ]; then
echo "Could not find KEYPAIR in $EC2_KEYPAIR" >&2
exit 1
fi
ec2-run-instances "$2" -k "$keypair_id" $arch_args
;;
list)
$0 listall | egrep -v 'terminated$'
;;
listall)
echo "ID\t\tImage\t\tStatus"
echo "--\t\t-----\t\t------"
ec2-describe-instances | grep -v "RESERVATION" | awk '{printf "%s\t%s\t%s\n", $2, $3, $4}'
;;
stop)
if [ -z "$2" ]; then
$0 help
exit 1
fi
ec2-terminate-instances "$2"
;;
stopall)
for i in `$0 list | egrep 'i\-' | awk '{print $1}'` ; do
echo "Stopping $i"
$0 stop "$i"
done
;;
help)
cat << EOM
ec2sec available # list available images
ec2sec start <image> # start an image
ec2sec stop <id> # stop image with id <id>
ec2sec list # list instances
ec2-... # run ec2-<command>
EOM
;;
*)
"$@"
;;
esac
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature
Url : https://lists.ubuntu.com/mailman/private/ec2/attachments/20090112/e67063fb/attachment-0002.pgp
More information about the Ec2-beta
mailing list