Exploring AWS Client Tools

Setup for using AWS CLI and other tools

Add your credentials to your .bash_profile

AWS_DEFAULT_REGION=us-west-2

AWS_ACCESS_KEY_ID=your access key

AWS_SECRET_ACCESS_KEY=your real secret key

This might look something like the example key below

AWS_SECRET_KEY=azOhTKN89o4innDvbifvuka7/raqG+5erMT5ur7k

Add the java cli tools default location
```
EC2_HOME=/usr/local/ec2-api-tools
```
Add the EC2 URL of your region
```
EC2_URL=https://ec2.us-west-2.amazonaws.com
```
Now, download and install the EC2 API Tools, because they are the easiest to install and start testing with:
http://aws.amazon.com/developertools/351
Install them to the same location of your EC2_HOME variable:
```
/usr/local/
```
Run some test commands
You can then run some commands with those variables, such as
```
ec2-describe-regions -O $AWS_ACCESS_KEY -W $AWS_SECRET_KEY
```
and also, since they are set in your environment, you may omit them and just type
```
ec2-describe-regions
```

Note there are different client libraries and tools for working with AWS EC2

API vs. AMI vs. CLI

The example mentioned above is the EC2 API Java Client Tools, also called the "CLI tools", and formally refered to as "Amazon EC2 API Tools" available here http://aws.amazon.com/developertools/351. The official description is:

"The API tools serve as the client interface to the Amazon EC2 web service. Use these tools to register and launch instances, manipulate security groups, and more. "

Also, "Note: the API tools do not include the AMI tools. The AMI tools are used for bundling and uploading AMIs".

The somewhat similarly named cli toolset just for managing AMI instances is called the "Amazon EC2 AMI Tools". These AMI tools ( not API as above ), are specialized in managing, uploading, downloading AMIs. The official description is:

"The Amazon EC2 AMI Tools are command-line utilities to bundle an Amazon Machine Image (AMI), create an AMI from an existing machine or installed volume, and upload a bundled AMI to Amazon S3."

Note the the API tools do not include the functionality of the AMI tools. Also, the AMI tools are written in Ruby, not Java.

There is also a third major toolset for EC2, called "AWS Command Line Interface (CLI)". These are written in Python and are available here http://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-set-up.html#install-bundle-other-os

Table of the three major CLIs for EC2 and AMIs

Name                Command Location                                  Language
----                ----------------                                  -------- 
AWS CLI             ~/.local/lib/aws/bin/aws help                     Python

EC2 API             /usr/local/ec2-api-tools/bin/ec2-version          Java

EC2 AMI Tools       ~/ec2-ami-tools-1.5.2/bin/ec2-ami-tools-version   Ruby

Once you have the AWS CLI installed you must simply configure it like so:

$ aws configure
AWS Access Key ID [None]: AKIAIOSFODNN7EXAMPLE
AWS Secret Access Key [None]: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
Default region name [None]: us-west-2
Default output format [None]: json

Those values are just examples from docs.aws.amazon.com. Of course use your own values for each of those.

AMI root filesystem storage

There are two options: EBS and Instance store.
Some main differences: EBS is faster and can be larger. Instance store is S3. EBS *can* exist after instance termination, but Instance store volumes can not. See the DeleteOnTermination flag operation. EBS image attributes, like instance type and kernel can be changed, Instance store cannot. AMI creation with EBS is a single command, while Instance store requires AMI tools EBS supports running, stopped and terminated states, Instance store running or terminated only. EBS can hold 1TiB while Instance store holds only 10GB.

AMI lifecycle

See creating an AMI.
You can pick an Amazon supported Linux AMI here: http://aws.amazon.com/amazon-linux-ami/
It will also come with necessary tools to manage EC2 resources. For US-West Oregon, I will choose the the PV EBS-Backed 64-bit AMI: ami-b8f69f88.

Quiz

What does EC2 stand for?

Show Answer

What does S3 stand for?

Show Answer

Working with AMIs

Let's start with the the EC2 API Java tools.

I have an existing AMI, publicly provided, which I no longer want to use, so let's list it to grab the AMI id, then delete it.

ec2-describe-images

Note the ec2-describe-images command has other options, for example, -all to list all available AMIs. That is more than 44,000 lines of output. By default, it lists just your images you have in storage.

Now let's detach that so we no longer are paying for it to be stored.

ec2-deregister ami-203f5010

Now re-run ec2-describe-images and notice it no longer appears in the default api response. Second, let's get this new AMI into our account so we can start to work with it.

I found the cli options a bit challenging, so I used the Amazon web interface instead. I think the cli would be:

???

Logging in

ssh ec2-user@54.187.9.244 -p 80 -i ~/.ssh/aws_rsa

Note that I already have a key pair saved on Amazon and I use it to login to that instance. What about if I have a new instance, even from a new AMI I want to use that same key with?

I will need to start the instance with the key specified as follows

aws ec2 run-instances --image-id ami-b8f69f88 --count 1 --instance-type t1.micro \
--key-name aws_rsa --security-group-ids sg-c7a86aa2  --subnet-id subnet-ea8aae81

In the above example, I use my existing key which is named, aws_rsa.

For a slick introduction to AWS and continuous deployment, see http://www.devopscloud.com/.

Home Next