Amazon EC2 + Relational Data Service

Submitted by ian on Tue, 12/22/2009 - 18:13

I'm going to be launching a site that will be running in on EC2 using Relational Data Service (RDS). This post is my notes for setting up this site.

I'm starting with a fresh account, so I went to http://aws.amazon.com and signed up for EC2, CloudFront, S3, and RDS. I think that's all I'll need.

I need to create a security group so I can log in to my EC2 instance:

$ ec2-add-group ssh -d'Port 22'
$ ec2-authorize ssh -Ptcp -p22
$ ec2-add-group http -d'Port 80'
$ ec2-authorize http -Ptcp -p80
$ ec2-add-group sg -d'Soundgarden'
$ rds-create-db-security-group sg -d 'Allows access from Soundgarden EC2 servers' -e MySQL5.1
$ rds-authorize-db-security-group-ingress sg --ec2-security-group-name sg --ec2-security-group-owner-id xxx

This opens port 22 and 80 to the world (to instances with these groups) and creates an RDS security group that allows access to all EC2 instances.

A word about security groups. I was not too clear on these for a while (and I'm not sure I'm an expert yet), but here are some thing that have helped me. Security Groups (SGs) are names entities that are connected to an account. The names must be unique across the owning account. One attaches SGs to instances in EC2. When a group is changed, the changes are applied to instances that are connected to the changed SG.

When an instance is started it is assigned any number of SG (an account can have up to 100 SGs). After this, it is not possible to add or remove SGs (though it is still possible to edit the SG rules themselves to change firewall behavior). (Note, this may be a good reason to include an initially empty SG on an instance. This way one could edit the initially empty SG without change other "canonical" SGs.)

$ ec2-add-keypair sg-key-pair
$ ec2-allocate-address
$ ec2-run-instances ami-xxxxxxxx -k sg-key-pair -g ssh -g http -g sg -t m1.large -n 1
$ ec2-associate-address -i i-xxxxxxxx xxx.xxx.xxx.xxx

Now you've got a server up and running. Log into it and configure it.

$ ssh -i [your private key file created above] user@[your IP allocated above]
$ sudo -s
# apt-get update
# apt-get upgrade
# apt-get install apache2-mpm-prefork apache2-utils apache2.2-common libapache2-mod-php5 libapache2-mod-rpaf mysql-client-5.1 php-apc php5 php5-cli php5-curl php5-common php5-dev php5-gd php5-mysql php-pear varnish zlib1g-dev
# wget -q <a href="http://s3.amazonaws.com/ec2metadata/ec2-metadata<br />
#" title="http://s3.amazonaws.com/ec2metadata/ec2-metadata<br />
#">http://s3.amazonaws.com/ec2metadata/ec2-metadata<br />
#</a> mv -i ec2-metadata /usr/local/bin/
# chmod 555 /usr/local/bin/ec2-metadata
# ...

Now launch a RDS instance:

$ rds-create-db-instance sg-db-master-1 -c db.m1.small --db-name sg -e MySQL5.1 --db-security-groups sg --port 3306 -s 5 -u root -p 'xxxx' -z us-east-1b

To install s3fs:

# apt-get install -y build-essential libcurl4-openssl-dev libxml2-dev libfuse-dev
# wget <a href="http://s3fs.googlecode.com/files/s3fs-r177-source.tar.gz<br />
#" title="http://s3fs.googlecode.com/files/s3fs-r177-source.tar.gz<br />
#">http://s3fs.googlecode.com/files/s3fs-r177-source.tar.gz<br />
#</a> tar -xzf s3fs-r177-source.tar.gz
# cd s3fs
# make
# cp s3fs /usr/local/bin

Powered by Drupal, an open source content management system

Navigation