Simple Infrastructure With Only 3 Commands

by Oleksii Tregubov

Hey! It's been a while!

Last time I worked with Amazon was during research and investigation procedure to complete the vision for beginners. That was some time ago, more than 6 months. Now I decided to use and expand this knowledge and route it to Amazon CLI tools.

It was interesting for me to find out a minimal number of commands, which mean minimal effort, to launch an infrastructure in AWS. I've found that it can be done with execution of only 1 command or with 3 entries. Today I will show you a longer path, but my next post will explain a single-command approach.

In my mind, it's reasonable to continue. I'll try to guide you through the process of creating 2 instances and including them under Load Balancer, a common scenario to start with when infrastructure is needed.

At the beginning we need:

First of all, you need to download a few things on your computer in order to be able to use Amazon CLI. These are Amazon EC2 API Tools, Elastic Load Balancing API Tools and Amazon RDS Command Line Toolkit. All you need as a prerequisite is Java.

Let's create a folder, e.g 'AWS' and unzip three downloaded packages there, as shown below:



Each folder contains corresponding API tool. You also need to create C:\EC2\keys folder and download both your X.509 certificate and private key into this folder and end up with files that look similar to this:

C:\AWS\keys\pk-THCY4RVPOKCCHPJFIQTDVNMWCJJQPOXU.pem
C:\AWS \keys\cert-THCY4RVPOKCCHPJFIQTDVNMWCJJQPOXU.pem

It's not that simple to just open Command Prompt and use Amazon Commands, you will need to register a number of variables in order to be able to execute CLI commands. Simplest way to do so is by creating a .bat file to be executed from cmd later. I will provide an example content of such .bat file below in order to register all environment variables.

REM Path should contain bin\java.exe
set JAVA_HOME="C:\Program Files (x86)\Java\jre7"

REM Path to Primary Key and Certificate retrieved from AWS
set EC2_PRIVATE_KEY=D:\AWS\keys\ pk-THCY4RVPOKCCHPJFIQTDVNMWCJJQPOXU.pem
set EC2_CERT=D:\AWS\keys\ cert-THCY4RVPOKCCHPJFIQTDVNMWCJJQPOXU.pem

REM Path to EC2 API, subfolders of bin and lib
set EC2_HOME=D:\AWS\EC2
set PATH=%PATH%;%EC2_HOME%\bin

REM Path to ELB API, subfolders of bin and lib
set AWS_ELB_HOME=D:\AWS\ELB
set PATH=%PATH%;%AWS_ELB_HOME%\bin

REM Path to EC2 AMI, subfolders of bin and lib
set AWS_RDS_HOME=D:\AWS\RDS
set PATH=%PATH%;%AWS_RDS_HOME%\bin

cls
cmd

Now, when we are all set and ready to go, we can start trying out our commands. After execution of just created .bat file a cmd window will pop up.



You might not yet understand, but from this popped cmd window you can control everything on AWS. This is an analogue of UI Management Console. You can find a full list of all CLI commands Here. However, we won't need them all today to achieve our goals. First of all let's start an instance.

To do so, we need to choose an AMI as a base for our future instance. You can retrieve a list of all AMIs by executing 'ec2-describe-images' command and having similar output:



After making a selection of AMI, we can start a couple of instances, based on it. You will need an Amazon Key-Pair to do so, and I have described how to do it from UI in my previous post. However, just to complete the process, let's take a look on how it's done from CLI:

ec2-create-keypair KEY_NAME > key_pairs\KEY_NAME.pem

Where:

  • ec2-create-keypair is command name;
  • KEY_NAME is desired name of Amazon Key-Pair;
  • key_pairs\Key_New.pem stands to write output as a Key_New.pem Key-Pair file.

After execution, you will find a .pem file in specified folder that contains SHA1 key information. Unfortunately, this is not it and you will have to open newly created .pem file in order to make slight modifications to it. When you do, delete the first line, so the text starts with '-----BEGIN RSA PRIVATE KEY-----' line as shown below:



Great! Now when you have an Amazon Key-Pair, we can proceed to the actual Instance launch. An execution of command is needed in order to do so:

ec2-run-instances ami-76f0061f -k Key_New -t t1.micro

Where:

  • ec2-run-instances is command name;
  • ami-76f0061f selected AMI to serve as Instance base;
  • -k Key_New is key-pair selection;
  • -t t1.micro is Instance type.

The output will be simple, showing newly created Instance details. As we are to create structure with Load Balancer above 2 instances, another iteration of previously executed command is needed. As a result, we will get an output, similar to this:



Success! Aforementioned output tells us that we have successfully started 2 micro Instances. Just to make sure, they are running and accessible, let's view details of one of them.

ec2-describe-instances i-be211ec4

Where:

  • ec2-describe-instances is command name;
  • i-be211ec4 instance unique ID or Label, generated on instance launch and displayed as output.


After execution, an output will contain IP address of instance, DNS name, type and other information.



You can use this info for connection and I will try to show, how it's done here. If you are on Windows, you going to have to download PuTTy, a free Windows SSH client and unzip it anywhere on your local computer. Remember that Key-Pair we created earlier? Now we need to convert it to PuTTy-ready format. To do so, let's open a 'PuTTyGen.exe' file inside previously unzipped SSH client folder:



Export our New_Key.pem file by choosing 'File > Load Private Key' option. Now be so patient to follow PuTTy instruction from under-mentioned Notice:



After saving .ppk file, open PuTTy itself and use tree structure to navigate to 'Connection > Auth > SSH'. In order to connect to Instance and pass the authentication process, select PuTTy Private Key file, as shown below:



By entering previously acquired Instance IP Address from cmd, we can access one of described instances.



You've got left only with need to enter standard User Name: 'ec2-user' to login and have full control over instance:



OK, now back to the Load Balancer and network configuration. Let's create a LB, by executing following command:

elb-create-lb LB_NAME --listener "lb-port=80, instance-port=8080, protocol=http" --listener "lb-port=443, instance-port=8443, protocol=tcp" --availability-zones us-east-1a

Where:

  • elb-create-lb is command name;
  • LB_NAME is name for future Load Balancer;
  • --listener "lb-port=80,instance-port=8080,protocol=http" listener with ports specified;
  • --availability-zones us-east-1a required parameter to point AWS Availability Zone.

Hey! We have just received a DNS name as output result:



As we have only created a Load Balancer and there is no practical use in it just yet, we are required to register our previously started instances under it. It can be done, by sending this command:

elb-register-instances-with-lb Monitor --instances i-bc142bc6

Where:

  • elb-register-instances-with-lb is command name;
  • Monitor name of previously registered LB;
  • --instances i-bc142bc6 is ID of instance to be registered under given LB.

And after executing this separately for each instance, our output will be similar to this:



Wow! Finally! We are all done and have both of our machines under single Load Balancer. Isn't that smooth and easy? You might get a little confused in somewhere in this process for the first time, but I can assure you, that after a couple iterations you'll be comfortable with it. You can now start deploying your application to instances and address them by LB DNS name. Thank you, and have a successful run!