Operating systems optimize

Auto-scaling an EC2 service: Creating a new AMI

Nick Hardiman details the steps involved in creating a new Amazon Machine Instance (AMI) as part of using the auto-scaling features for his EC2 service.

I have started the tortuous process of adding auto-scaling to my EC2 service. Ability to scale is one of my 12 principles of operational readiness.

Use a web interface to make an AMI

I need something to use as the basis for new EC2 machines. I already have a working EC2 machine running my application. I create an AMI from my working instance, then make a new instance from this AMI. I'm also going to copy down a few details I need later.

This AMI will be used for scaling out new EC2 machines when my service gets too busy. It is copied every time a new machine is created.

I'm going to destroy this new instance immediately. I just want to make sure the creation from an AMI creation works, rather than using the image for a customer service. There isn't much to go wrong, but I still have to check. If something went wrong -- for instance, if I've managed to pair an incompatible AMI and kernel image -- the system log will be full of unhappy messages and the EC2 machine will not start.

The auto-scale work has to be done on the command line, but this AMI work can be done from either the web console or the command line. Since the web console is more human-friendly, I'm sticking with that.

Create a new AMI

  1. Open the AWS console.
  2. Find the entry for the current EC2 machine. Click the Amazon EC2 tab > set your Region in the drop-down list > Instances link in left navbar.
  3. Create a new image.

Check your work. Manually create a new instance.

  1. Create a new machine by launching a new instance
  2. Connect to it using SSH. Can I login OK?
  3. Connect to it using a web browser. Is my customer service there?
  4. Add it to the load balancer. Copy down a few names I will need later.
  5. Note the AMI ID. I will need this for the as-create-launch-config command.
  6. Note the load balancer name and ID. I will need this for the mon-put-metric-alarm command.

Clean up.

  1. Terminate the new instance.
  2. Remove it from the load balancer.
  3. Close the console.

Use a command line interface to do the rest.

Next, I move to the command line on my personal computer. I open a terminal, set some environment variables and make sure it's working. I've already installed the EC2 Tools and tested them. I also have to install the AutoScaling Tools and the CloudWatch tools: all three toolboxes are required to do the work.

Set environment variables.

First, set the environment variables. This must be done every time a new terminal is opened. If you don't like repetitive tasks, you can add them to one of the resource files that is run at the start of every interactive session. The default shell used by Linux and OSX is BASH, and the interactive session file for BASH is .bash_profile.

Don't just copy and paste this. It's the right set of variables, but the values will be wrong.

export EC2_PRIVATE_KEY=~/.ec2/pk-HKZYKTAIG2ECMXYIBH3HXV4ZBEXAMPLE.pem
export EC2_CERT=~/.ec2/cert-HKZYKTAIG2ECMXYIBH3HXV4ZBEXAMPLE.pem
export EC2_REGION=eu-west-1
export EC2_URL=https://eu-west-1.ec2.amazonaws.com/
export JAVA_HOME=`/usr/libexec/java_home`

Check your work.

Always check your work, and always back up your work. Use the env command to list the environment variables. This displays all variables, not just the half dozen created by the export commands above.

I'm using OSX here, so my prompt and my list of variables is littered with words like MacBook and Apple.

My-MacBook-Pro:~ nick$ env | sort
Apple_PubSub_Socket_Render=/tmp/launch-3yemSh/Render
...
__CF_USER_TEXT_ENCODING=0x1F5:0:0
My-MacBook-Pro:~ nick$

Run a command.

Edit the PATH variable, to make sure the shell can find the EC2 tools.

export EC2_HOME=/Users/nick/Documents/AWS/ec2-api-tools-1.5.3.1
export PATH=$PATH:$EC2_HOME/bin

Make sure the tools are working using a read-only command.

My-MacBook-Pro:~ nick$ ec2-describe-regions
REGION eu-west-1    ec2.eu-west-1.amazonaws.com
...
REGION ap-southeast-1      ec2.ap-southeast-1.amazonaws.com
My-MacBook-Pro:~ nick$

Troubleshoot.

Unless you're better than I am at sysadmin (and sometimes my grandmother is better than me at sysadmin), you will make mistakes. I made a spelling mistake here. I got the name of my private key file wrong.

My-MacBook-Pro:~ nick$ ec2-describe-regions
File not found: 'pk-OopsIMadeASpellingMistake.pem'
My-MacBook-Pro:~ nick$

When troubleshooting, Google is the sysadmin's best friend. Copy the error, stick it in Google and trawl through the results, looking for the needles of goodness in the haystack of results.

Ironically, Google tells me that a sysadmin's best friend is Python or Perl. It's common knowledge that Google results are heavily tailored to the user's profile, so these results hint at the rock and roll lifestyle that I lead.

The next job is to install the Auto Scaling Command Line Tools.

About

Nick Hardiman builds and maintains the infrastructure required to run Internet services. Nick deals with the lower layers of the Internet - the machines, networks, operating systems, and applications. Nick's job stops there, and he hands over to the ...

0 comments