The Gluster Blog

Gluster blog stories provide high-level spotlights on our users all over the world

Making your EC2 instances application friendly

Gluster
2013-02-25

App-oriented cloud servers like OpenShift, Heroku, and Google AppEngine come “out of the box” configured for immediate usability.  In constrast, EC2 instances provide you with a higher amount of flexibility at the cost of some initial, upfront configuration.

So, in order to define some of the common modifications you need to set up an EC2 server, lets walk through the set up of a jenkins build server on EC2.  Like any server, a build server will require a few non-trivial modifications:

  1. Security groups need to be correctly defined, so that ports are unblocked.
  2. Elastic ips need to be setup so that you can access your server at the same ip address.
  3. Enabling HTTP ports (i.e. 80, 8080, …).

 1) Setting up Security Groups 
  
At first glance, it appears that the “Default” security groups in AWS are wide open to the outside world.  However, AWS machine default security settings are very restrictive and generally need to be loosened up for any kind of server: the default settings only allow machines in the *exact same* security group to see one another.   The below image compares opened security group with closed one.  The difference is in the definition of the “Source” attribute, which specifies a range.  0.0.0.0/0 essentially means “Any and everyone in the entire universe”. 

2) Attaching Elastic IPs to your instances:

“Elastic IP” addresses in AWS are essentially static IP addresses which are bound at the cloud layer, rather than at the machine layer.  That is, you associate elastic-ip addresses directly with named machine instances, rather than machines themselves.  This allows you to dynamically reroute the traffic to an instance without modifying any files on the AMI instance itself.

The below window shows an elastic ip, which is bound directly to an instance id.  The nice thing about the elastic-ip is that it can be rebound directly from this same interface, with no need of mucking with the individual machine. 

Unlike other application oriented cloud-providers (i.e. heroku, openshift), AWS doesn’t natively support easy-to-remember machine names, so you have to set up your own DNS CNAME records if you want a meaningful named host.

3) Enabling HTTP ports

Double check that you have HTTP access opened up (the below screenshot is taken from http://coenraets.org/) :



Next, by default, certain AMI instances may have IP tables turned ON (i.e. RHEL).  To turn off iptables:

/etc/init.d/iptables stop

Finally, you should be able to access your services at: http://ec2-[XXXX].amazonaws.com:[PORT]/ (i.e. http://ec2-22-333-44-555.compute-1.amazonaws.com:8080/).

BLOG

  • 06 Dec 2020
    Looking back at 2020 – with g...

    2020 has not been a year we would have been able to predict. With a worldwide pandemic and lives thrown out of gear, as we head into 2021, we are thankful that our community and project continued to receive new developers, users and make small gains. For that and a...

    Read more
  • 27 Apr 2020
    Update from the team

    It has been a while since we provided an update to the Gluster community. Across the world various nations, states and localities have put together sets of guidelines around shelter-in-place and quarantine. We request our community members to stay safe, to care for their loved ones, to continue to be...

    Read more
  • 03 Feb 2020
    Building a longer term focus for Gl...

    The initial rounds of conversation around the planning of content for release 8 has helped the project identify one key thing – the need to stagger out features and enhancements over multiple releases. Thus, while release 8 is unlikely to be feature heavy as previous releases, it will be the...

    Read more