Tikejhya: Ashish Nepal

Knowledgebase

Category: amazon

adding new volume ec2 or expanding disk

Your ads will be inserted here by

Easy Plugin for AdSense.

Please go to the plugin admin page to
Paste your ad code OR
Suppress this ad slot.

fdisk -l
lsblk
file -s /dev/xvdf
df -h
mkfs -t ext4 /dev/xvdf
mkdir -p /testdata
mount /dev/xvdf /testdata

#Expanding same disk
Stop the instance
Create a snapshot from the volume
Create a new volume based on the snapshot increasing the size
Check and remember the current’s volume mount point (i.e. /dev/sda1)
Detach current volume
Attach the recently created volume to the instance, setting the exact mount point
Restart the instance
Access via SSH to the instance and run fdisk /dev/xvde

WARNING: DOS-compatible mode is deprecated. It’s strongly recommended to switch off the mode (command ‘c’) and change display units to sectors (command ‘u’)
Hit p to show current partitions
Hit d to delete current partitions (if there are more than one, you have to delete one at a time) NOTE: Don’t worry data is not lost
Hit n to create a new partition
Hit p to set it as primary
Hit 1 to set the first cylinder
Set the desired new space (if empty the whole space is reserved)
Hit a to make it bootable
Hit 1 and w to write changes
Reboot instance
Log via SSH and run resize2fs /dev/xvde1
Finally check the new space running df -h

IAM rds access based on instance name

Your ads will be inserted here by

Easy Plugin for AdSense.

Please go to the plugin admin page to
Paste your ad code OR
Suppress this ad slot.

IAM: rds access based on instance name,

This example shows permission to allow user access to certain instance.
As in this example: e.g any instance with name debug;

Action parameter defines level of access; as in this example, it allows Modify and Delete.

{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Stmt1438939510000",
"Effect": "Allow",
"Action": [
"rds:ModifyDBInstance",
"rds:DeleteDBInstance"
],
"Resource": "*",
"Condition": {
"StringEqualsIfExists": {
"rds:db-tag/stage": "debug"
}
}
}
]
}

EC2 Adding new volume

Your ads will be inserted here by

Easy Plugin for AdSense.

Please go to the plugin admin page to
Paste your ad code OR
Suppress this ad slot.

fdisk -l

[ec2-user ~]$ lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
xvdf 202:80 0 100G 0 disk
xvda1 202:1 0 8G 0 disk /

[ec2-user ~]$ file -s /dev/xvdf
/dev/xvdf: data

[ec2-user ~]$ mkfs -t ext4 device_name

[ec2-user ~]$ mkdir /some_folder
[ec2-user ~]$ mount /dev/xvdf /some_folder

FSTAB entry example:
/dev/xvdf /some_folder ext4 defaults,nofail 0 2

[ec2-user ~]$ mount -a

Mirror s3 buckets

s3cmd is command line tool which allows you to copy one bucket to another, mirror or from one account to another….

s3cmd sync s3://mybucketone/ s3://mybuckettwo/

this can be done with directory level or subdirectory.

AWS key mangement IAM

http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/ssl-server-cert.html

openssl rsa -in certificate.yourdomain.com.key -outform PEM
openssl x509 -inform PEM -in certificate.yourdomain.com.crt
openssl x509 -inform PEM -in your_vendor_bundle.crt

In order to upload content you will need aws cli enabled.

http://aws.amazon.com/cli/

aws iam upload-server-certificate --server-certificate-name yourdomain_com --certificate-body file://yourdomain.com.crt --private-key file://yourdomain.com.key --certificate-chain file://your_vendor_bundle.crt --path /cloudfront/yourdomain/

List all certificates:
aws iam list-server-certificates

Delete Certificate
aws iam delete-server-certificate --server-certificate-name cloudfront/test_certificate

amazon s3

This is simple guide on howto, install and mount s3 into your server.

yum install gcc libstdc++-devel gcc-c++ curl-devel libxml2-devel openssl-devel mailcap make svn

cd /usr/local/src

wget http://sourceforge.net/projects/fuse/files/fuse-2.X/2.9.1/fuse-2.9.1.tar.gz
tar -xzvf fuse-2.9.1.tar.gz

cd fuse-2.9.1 && ./configure --prefix=/usr && make && make install
ldconfig && export PKG_CONFIG_PATH=/usr/lib/pkgconfig:/usr/lib64/pkgconfig/

modprobe fuse
cd /usr/local/src
svn checkout http://s3fs.googlecode.com/svn/trunk/ s3fs
cd s3fs
autoreconf --install && ./configure --prefix=/usr && make && make install
ldconfig

vi /etc/passwd-s3fs
my-s3-bucket:AccessKeyId:SecretAccessKey
chmod 600 /etc/passwd-s3fs

[create Bucket ¬ [i prefer creating seperate user] ¬ create group and assign policy ¬ ]

what is Amazon Resource Name (ARN)?
Check summary of Group.

What is Principal?
Check summary of User.

mkdir -p /aws
s3fs -o allow_other -o use_cache=/tmp mybucket /aws -odefault_acl=public-read

# Check if its mounted or not
mount

df -h
df: `/aws’: Transport endpoint is not connected

If this is behind firewall you will need to open port 80/443 [depending upon what you want to use.]
If not try
fusermount -u /aws

and mount again
fusermount -u /aws
s3fs -o allow_other -o use_cache=/tmp mybucket /aws -odefault_acl=private

###
## fstab (for boot time)
s3fs#bucketname /mountpath fuse use_cache=/tmp,allow_other,uid=user,gid=group 0 0

NOTE, fuse doesnot support dir, and file modes

Powered by WordPress & Theme by Anders Norén