Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

This chapter describes how to set up a Linux instance in AWS. The purpose for which the instance is created will determine the prerequisites for image and instance type used.

Contents

Prerequisites

As this description shows the basic setup of a Linux instance in AWS, it does not list specific prerequisites. However, depending on the use case, the following prerequisites should be considered:

  • To set up a Linux instance in AWS, you need an Amazon AWS account.
  • If this instance is to be used as a Charon host system, refer to the user's guide of your Charon product to determine the exact hardware and software prerequisites that must be taken into account for the Linux instance. The image you use for your instance and the instance type you chose determine which hardware and software your cloud instance has.
  • If this instance is to be used as a Charon host system, a product license is required to run emulated systems. Contact your Stromasys representative or Stromasys VAR for details.
  • Certain legacy operating systems that can run in emulated systems provided by Charon emulator products require a license of the original vendor of the operating system. The user is responsible for any licensing obligations related to the legacy operating system and has to provide the appropriate licenses.

AWS Login and New Instance Launch

Amazon EC2 provides a wide selection of instance types optimized to fit different use cases. Instances are virtual servers that can run applications such as Charon emulator products or the Charon VPC license server.

To start the creation of a new cloud instance using a general purpose Linux image, perform the following steps:

1. Log in to your AWS management console.

2. Find and select the EC2 service. You can use the search window or find it in the recently used services.

This will open the E2C dashboard.

(info) The following sample image shows the old E2C dashboard. The new dashboard looks somewhat different, but still has the Launch instance button.



3. On the EC2 dashboard click on the Launch Instance button.

 

This will initiate the instance creation process consisting of seven steps:

  1. Choose AMI
  2. Choose Instance Type
  3. Configure Instance
  4. Add Storage
  5. Add Tags
  6. Configure Security Groups
  7. Review, launch and select/create key-pair for access.

These steps are described in the next section.


New Instance Configuration

The instance creation and configuration process will guide you through a number of configuration steps and allow you to start the new instance when done.

1. Choose AMI:

This example shows the search for centos and the results in Marketplace. Depending on your environment, the image may also be in one of the other sections (e.g., My AMIs).

Clicking on one of the categories above will display a list of images. Select the appropriate Linux AMI.

This will take you to the next step, the instance type selection.


2. Choose Instance Type:

Amazon EC2 offers instance types with varying combinations of CPU, memory, storage, and networking capacity. Depending on the image selected, not all instance types may be offered.

Select an instance type that matches the requirements of the planned use of the instance.


When done, continue by clicking on the Next: Configure Instance button.


3. Configure Instance:

In this section, you can set up the details of your instance configuration.
For example, you can select the VPC subnet your instance should be in and whether an interface should automatically be assigned a public IP address
(info) Automatic assignment of a public IP address only works if there is only one network interface attached to the instance.

Once you have selected all desired configuration options, click on Next: Add storage to continue.



4. Add Storage:

The size of the root volume depends on the minimum size for the Linux system plus any additional products you plan to install. You can add more storage later to provide space, for example for virtual disk containers (if this is a Charon host) and other storage requirements.

(warning) It is recommended to create separate storage space (using AWS EBS volumes) for any application data. If required, such volumes can later easily be migrated to another instance.


Once you are done, again click on the Next: Add tags button.


5. Add Tags:

Tags allow you to add information to your instance, for example, an easily remembered name as shown in the example below:

After adding tags as required, continue to the next step (Configure Security Groups).


6. Configure Security Groups:

A security group is similar to a firewall. It defines which traffic is allowed to flow to and from the instance. You must at least enable SSH access to the system. This will allow you to access the management interface and to transfer files from/to the cloud instance. You can select an existing group or create a new one. If you create a new one, you can enter an name and an appropriate description. An example of a security group is shown below.

The warning shown alerts the user to the fact that the source IP addresses are not restricted, i.e., any system is allowed to use SSH to access the instance. Restrict the source address range if possible.

Once you have set up your security group, continue to the next step (Review and Launch).

7. Review:

Here you can review the configuration of your instance and edit the individual sections if required. The image below shows a sample:

If you are satisfied with the settings, click on the Launch button to start your instance for the first time.


8. Launch and select/create key-pair for access:

When starting the instance for the first time, you will be shown a window asking you to create a new key-pair or to use an existing one. When creating a new key-pair, you must download the private key to your local system and store it in a safe place. It is required to access your instance. The public key is stored in the newly created Linux system, in the authorized_keys file of the management user. The name of the management user depends on the selected image and should be shown in its description. For a CentOS image it often is centos. The sample below shows the window when the creation of a new key-pair was selected:

You cannot start the instance without downloading the key. If you select to re-use an existing key-pair, you have to confirm that you are in possession of the private key before you can launch the instance.


Verify that instance is running:

After starting your instance for the first time, you will see it in the initializing state in the list of your AWS instances. It will take a bit of time to get to the running state. After this, important information, for example, the public IP address and public DNS name (marked in red) of the instance will also be displayed. The following image shows an example:

The following sections will show you how to access the instance and how to perform additional storage and network configurations.

(info) If you select your instance, the bottom of the screen will show a detailed description and status information of your instance.

Initial Access to the Instance

Once you have access to the instance, you can create the access you require for your applications. This section just shows the basic steps for initial access to the instance.

SSH Interactive Access

To connect to the instance interactively, you must connect as the management user of your instance. Use the following command:

$ ssh -o ServerAliveInterval=30 -i <path-to-your-private-key> <management-user-name>@<cloudhost-IP-address>

The parameter ServerAliveInterval will protect the connection from timing out.

(info) Depending on the type of connection, you will have to use either the public IP address of the cloud system or its address in a customer-specific VPN.

(info) The management user account normally allows sudo access to privileged commands (use sudo -i).

File Transfer with SFTP

SFTP enables file transfers to and from the cloud instance. Use the management user of your instance. The security rules must allow SSH access to allow SFTP access to the cloud instance.

(info) Depending on the type of connection, you will have to use either the public IP address of the cloud system or its address in a customer-specific VPN.

To connect to the instance, use the following command:

$ sftp -i <path-to-your-private-key> <management-user>@<cloudhost-IP-address>



  • No labels