Structured Thought . ORG

Now that you have all the prerequisites together from the previous article, it’s time to set up the target instance that will be used for the rest of these articles.

Starting the base AMI

For managing our server instances, EBS volumes, and Elastic IPs, we will be using the Amazon AWS Management console, which provides a nice web-based front-end to all of the necessary functions.

The default EC2 Console View

The first step is to choose the AMIs menu item on the left of the console window. An AMI is a base image that can be booted into an EC2 instance. Think of it as a backup of a running system that can be restored to another system in the event of a failure. This link will bring up a selection list of available AMIs, which will be used to create our default instance.

The initial list of available AMIs you are shown covers all public AMI images. Any one of these can be booted into an instance. We are going to filter this list so we see only the types of images we want. To do so, click the dropdown arrow next to the ‘All Platforms’ item, and choose ‘Ubuntu’. This will filter the list for only Ubuntu-based AMIs. Then, in the filter box, type ‘intrepid’. This will further filter the list so that we only see the most recent fully-released version of Ubuntu, titled ‘Intrepid Ibex’. Check the box next to the AMI with the ID ‘ami-255bbc4c’.

Choosing the Proper AMI

To start an instance based off of this AMI, check the box and click the ‘Launch’ button at the top of the display window.

NOTE: Using Amazon EC2 is NOT FREE. When you launch an instance, you will start the clock, which will run at $.40/hour in the US (other zones vary) in the case of this configuration. While not initially expensive, if you forget to stop an instance, the cost can add up quickly.

When you launch the instance based off of the chosen AMI, you will be presented with a menu. Since we’re launching an x86_64 instance, your choice is a ‘Large’ or ‘Extra Large’ configuration. In rough terms, the ‘Extra Large’ instance is twice as powerful as the ‘Large’ instance. It also carries twice the cost, so beware. If you feel you’ll be able to utilize the additional horsepower and memory, feel free to use the ‘Extra Large’ instance, as it does not affect the configuration steps.

You will also be asked to choose or create a keypair, which will allow you to do the initial connections via SSH. In the example configuration, we will not be using (and will actually be removing the requirement) a keypair, but we need it initially to access the instance after it has been started. Once you create a keypair, you need to download your personal certificate, which will allow you to access your running instance. If you lose this file, there is no way to retrieve it, and you will need to create a new pair.

You also have the option of creating and using Security Groups, which allow you to segment your EC2 virtual network for security and operational customization. For the purpose of this tutorial, we are only using one server, and therefore do not have a need for custom Security Groups.

Choose the number and type of instances

After launching your instance, you will be presented with your Instance status window. The rotating icon on the left indicates that the status window will update automatically. If you change to a different view, and then come back to the instance status window, that icon will switch to a checkbox, and the status will not update automatically. At this point, you can update manually by clicking the ‘refresh’ button in the upper right of the instances window.

When your instance is started, you will see a status of ‘Running’, and an entry in the ‘Public DNS’ field.

Customizing the instance – Pass 1

To access your newly started instance, use your favorite SSH program (I personally use Putty). You will need to utilize your downloaded key file. Upon login, use the id ‘ubuntu’. You will not be prompted for a password, as the key file acts as the pass.

The first thing we’re going to do is remove the passkey portion from the SSH configuration. Since we’re going to be configuring this server for multiple client use, we want them to use passwords. To change this, edit the file /etc/ssh/sshd_config file using the command ’sudo vi /etc/ssh/sshd_config’. This will open the file in the vi editor with root authority, allowing you to make changes. To enable password authentication, change the line that reads ‘PasswordAuthentication no’ to ‘PasswordAuthentication yes’.

Before restarting the ssh daemon, which implements the change, we want to set a password for the Ubuntu user so we don’t lose our ability to connect. To do so, use the command ’sudo passwd ubuntu’. This will allow you to set a new password for the ‘ubuntu’ user.

Once the password is changed, restart the sshd daemon using the following command ’sudo /etc/init.d/ssh restart’. Before closing the existing connection, be sure to connect via a new session, using your new password for the ‘ubuntu’ user. Once you are confident you can connect reliably, feel free to close the initial window that used the keypair for authentication.

The next thing we want to do is update the system to the latest patch levels. Since the AMI was built when Intrepid Ibex was released, we want to make sure any existing security issues have been repaired. To check for new updates, use the command ’sudo apt-get update’. When the command completes (should only take a few seconds at the most), use the command ’sudo apt-get upgrade’, which will start the upgrade process. The system will check against the updated package list, and build a list of packages to be updated. When it is ready, it will ask you if you wish to update. Type ‘Y’ to confirm.

NOTE: EC2 instances are not static. If you shut down your running instance without following the next steps to save your configuration, you will need to go through the beginning of this article again.

Finally, to prep the system for the LVM (Logical Volume Management) setup we’ll be using for user data, LVM packages must be installed. To install LVM, simply execute the command ’sudo apt-get install lvm2′

Archiving the instance – Pass 1

Once the updates are complete, it is time to do the first ‘backup’ of the running instance into a usable AMI in your personal S3 storage location.

If you do not already have one, you will need to create an x.509 certificate keypair, which will allow you to upload your image to S3 and keep it for storage.

EC2 creates what is referred to as an ‘ephemeral’ storage location which allows you to store temporary data, which is ideal for creating our AMI. The storage is mounted by default at /mnt. We will be using this storage as our default location for the next several steps. To access it, simply type ‘cd /mnt’.

Next, we want to create an image of the running instance in an archive format that is understood by EC2 and can be registered as an AMI that can further be launched as a new instance.

To enable the bundling of an image and registering as an AMI, we need to make sure the appropriate x.509 keypair exists on the system. Upload the two files you should have downloaded when you created your certificate to the /mnt folder on the instance. If you bundle the image with incorrect keypair information, you will be unable to unbundle and register an AMI.

The default location for bundling is in the /tmp directory, which unfortunately exists under / in the default EC2 configuration. This is not a big problem, necessarily, but it necessitates us choosing a different default location as more information is added to the running system. Since the ephemeral storage mounted in /mnt is about 400GB, that’s plenty of space for our needs. To keep things separated during the bundling process, create a folder called ‘bundle’ under the /mnt directory using the command ’sudo mkdir /mnt/bundle’.

To bundle the running image for upload to S3, you will issue the command ’sudo ec2-bundle-vol -k /mnt/pk-<your private key string>.pem -c /mnt/cert-<your cert string>.pem -d /mnt/bundle -s 1000 -u <your account number>’. The account number is your Amazon AWS account number without the dashes. When you hit enter, confirm that you are creating an x86_64 instance, and the program will chug along, creating an image of instance, and placing the files in /mnt/bundle.

With this nice powerful instance, the bundling process takes about two minutes. When it completes, you will see a list of image.part.x files in the /mnt/bundle folder, along with a file called ‘image.manifest.xml’. This is the file you will use for uploading your image to S3 for storage.

To upload the files to an S3 bucket, issue the command ’sudo ec2-upload-bundle -b my-bucket -m image.manifest -a my-aws-access-key-id -s my-secret-key-id’ from the /mnt/bundle folder. The bucket must be an existing bucket within your S3 store. The access key and secret key for your S3 account can be found on your AWS account page.

When complete, you should be able to see the image.part files and your image.manifest.xml in your previously-mentioned S3 bucket.

To register your newly bundled AMI, return to your AWS EC2 console, and click the AMIs entry again in the left. At the top of the AMI display window, you will see a button labeled ‘Register New AMI’. The popup starts the URL for your manifest file. All you need to do is fill in the name of the bucket and the filename. The resulting URL should look like ‘http://s3.amazonaws.com:80/my-bucket/image.manifest.xml’. The registration process should be almost instantaneous. If you receive any errors, go back over the previous steps and make sure your keypairs and other identifying information match appropriately.

Before shutting down the previous instance, we need to boot the new instance and make sure that our configuration and updates have been carried over. In the AMI window of your console, you should already be set to view ‘Owned By Me’, which should show you your new AMI. If not, click the dropdown and select ‘Owned By Me’.

Testing the new custom instance

Launch the AMI into a new instance using no keypair and wait until you see a public DNS entry in your console window.

If you can access your new instance appropriately (using ‘ubuntu’ and the password you created), and you see that the instance has it’s updates (’sudo apt-get update’ shows no available updates), you can safely shut down both instances by checking their boxes and selecting the ‘Terminate Instance’ option in the instance display window.

Next time, we’ll look at configuring EBS volumes and Elastic IPs.

Amazon’s Elastic Compute Cloud (EC2) has proven itself to be a fast, stable, inexpensive way to create and manage servers on the Internet. With the availability of both Linux and Windows platforms, the options available to developers and hosts are virtually unlimited.

This series of articles will look at the viability of using EC2 as a platform for reselling web hosting services. Listed below are the base items used in the development of the series. Your choice of platforms and options may vary. While I may explore other options, don’t take the examples I give here as the only way to approach things.

Requirements:

These items are required for creating an environment that matches the example given in the series.

1. Amazon Web Services account. Free to obtain, and attaches to your existing Amazon account if you choose. See this link to register.
2. A fully or demo licensed copy of CPanel/WHM control panel software.
3. A fully or demo licensed copy of WHMCS (WHM Complete Solution)
4. An available primary domain name (Optional: one or more secondary domain names for testing client configurations).
5. Potential clientele
6. A willingness to learn and experiment potentially outside your comfort zone.

Our Test Environment:

The environment we’ll be using for these articles will consist of 1 Amazon EC2 Large (x64) instance (Roughly equivalent to a 3GHz Quad Core Xeon processor, with 7.5GB of RAM), Multiple Amazon Elastic Block Store (EBS) volumes of varying sizes, Multiple Amazon Elastic IP addresses to be used for both server and client configuration.

The next article will deal with the initial base setup of the EC2 image and archiving it for use in the next steps.

I’ll tell you why.

The Detroit Lions have been the laughing-stock of the NFL for almost as long as I can remember keeping track. For the last 25 years or so, the Lions have managed to lose most of their games, culminating in the embarrassment of the 2008 season, wherein they won the staggering total of 0 games. And the nation was able to watch this embarrassment live as it happened because of one thing: The NFL Blackout Policy.

In it’s simplest terms, the Blackout Policy stops any game that is not sold out at the venue from playing on network TV. For as long as I can remember, the Lions have been on TV on Sunday afternoons, and I can’t think of the last time I couldn’t watch them fail miserably because DETROIT SPORTS FANS CONTINUED TO BUY TICKETS.

This allowed a few things to happen:

1. We could continue to watch the painful experience of a Lions game from the comfort of our own homes
2. Bill Ford Jr. could continue to reap the rewards of selling 30,000+ tickets at exorbitant prices
3. The networks could continue to rake in the profits from advertising
4. The Lions still lost

This season, 2009, seems to be a bit of an exception both in Detroit, and in other markets. Sell-outs are expected to be at a near all-time low, and correspondingly, blackouts are expected to be near an all-time high.

Today was one of those blackout games. The Lions stellar record of losing, coupled with the insanity of the Detroit economy have converged to create a surprisingly rare non-sellout game.

And then they win.

For the first time in almost TWO FULL YEARS, the Lions managed to pull out a regular-season win. And the only ones who could see it are those that bought tickets.

But this is not the thing I’m upset about.

I’m upset about the fact that a sellout for the Lions’ next home appearance is almost a guarantee. That’s how it is with sports. A team does something out of the ordinary (sadly, in this case, that would be winning), and ticket sales for the next appearance get a major boost.

Anyone want to take bets on how they’ll do in the next appearance, when everyone is able to again watch them? With the state of the team such as it is, choosing ‘Win’ is a complete sucker’s bet.

Until Bill Ford Jr. gets his head removed from his rectum and decides to hire a staff that will build a team WITH A DEFENSIVE LINE THAT COULD STOP A DECENT HIGH SCHOOL TEAM, the Lions will continue to have embarrassingly bad seasons.

So, here I am, one of the (probably) very few people that is really unhappy that the Lions won today. I wish I could have it the other way, but I just can’t bring myself to feel excited for a team that has so consistently let us down for so long.

Pull off a .500 season, and I might start to think about getting excited again. Until then, it’s just more of the same. Over and over.

It’s already been 2 years. In about 20 minutes (from the time of this post), my little boy will be 2 years old. It seems like just yesterday at this time, I was anxiously waiting outside the OR for them to call me in. Even just thinking about it now, my heart is thumping almost as hard as it was that morning. The power of memory is amazing.

So, here we are. Only 2 years, and I can’t imagine my life without this little man who’s growing up so fast.

Today I’m taking a half-day off of work and we’re gonna take him to Great Lakes Crossing for some fun, either Jeepers or GameWorks, or both.

Happy Birthday, little boy!

Oh my does he love trains.

Jonah in the Hospital

On May 1, the makers of Hydroxycut, the shady weight-loss miracle drug, recalled the product due to a statement by the FDA telling consumers “to immediately stop using Hydroxycut products”¹

The problem appears to be that the use of the product is bad for your liver. Apparently, REALLY bad for your liver. I mean, REALLY REALLY bad. I’ll let the FDA’s statement lay it out for you:

The FDA has received 23 reports of serious health problems ranging from jaundice and elevated liver enzymes, an indicator of potential liver injury, to liver damage requiring liver transplants. One death due to liver failure has been reported to FDA. Other health problems reported include seizures; cardiovascular disorders; and rhabdomyolysis, a type of muscle damage that can lead to other serious health problems such as kidney failure.

That’s right. While only 23 complaints have arisen, it’s very likely that there are many more people who started to notice an adverse effect and just quit using it (the smart people, as I like to refer to them). Some people, who had to have noticed some adverse effects, continued to use the products to the point of permanently damaging their livers, one so much that they died (the not-so-smart people, as I like to refer to them).

Anyway, this is all beside the point I came here to make. What I came here to say was that in only 10 days, I have started recieving SPAM e-mail regarding the recall. I know it’s spam for a few reasons:

1. The ‘from:’ domain is remarkheavensbr.net, which points to just a parking site with no content at all (not even html headers).
2. The ’subject:’ line is grammatically incorrect: “FDA Recall Hydroxycut”. They could have at least said “FDA Recalls Hydroxycut” or “FDA Recall of Hydroxycut (products)”, or any other permutation.
3. The real kicker: The entire content of the e-mail is images, which likely link back to a tracking site somewhere that validates your e-mail address, were your mail client to download the images.

So, I have no idea what this SPAM is advertising, not as if I cared. I just thought it was pretty interesting how quickly these lowlifes jump on new bandwagons.

Someday, I envision a future where the webbernets are SPAM-free, and anyone caught abusing the system in such a way is strung up in a public forum. But that’s just me.

As if I didn’t have enough unfinished things here, let’s try and add another one.

Since it’s now springtime in the rapidly-thawing midwest, I’ll probably be out and about more with my camera. Non-people photography really doesn’t appeal to the wifey, so it’s up to me to capture the really cool stuff.

Since this is more of a tech/personal stuff area, I’m going to be creating a new section just for pictures and stuff.

Stay tuned!

The news has been out lately that the Mozilla Foundation is considering dropping support of Firefox for all Windows versions below XP SP3. This would mean that all non-updated XP installations, Win2k, and anything else older than that will no longer be able to install or run whatever the latest version of Firefox is when it arrives.

Good. If I had my own way, I’d personally drop support for anything below Vista SP1 for the latest versions of Firefox, and keep the previous version updated within reason for a predetermined amount of time. I’ll get into why I feel that shortly. But for now, back to how I feel about the situation.

As I said, good. Windows 2000 has been available to developers for more than 10 years now. It’s been available to the public for 9 years as of this summer. It’s time to burn out and/or fade away. People will complain that there are still valid reasons to have a Win2k system hanging around due to some compatibility issues with newer software, which I’m personally ok with. The problem I have is when these people insist on also being able to run the most current versions of non-OS software. If you’re one of these people, listen carefully to what I’m about to say next:

YOU DON’T NEED TO RUN THE LATEST FIREFOX IF YOU’RE STILL RUNNING A 9-YEAR-OLD OS. Period.

And I honestly don’t think this would be an issue. Sure, while there are people around like Steve Gibson who are so paranoid that they won’t run an OS that they haven’t personally combed through every single bit of code with their own hands, they are extremely few. And these are the same people who probably aren’t running Firefox at all, anyway, let alone trying to run the absolute latest and greatest version (which would probably run like a dog as it is, since any hardware that’s still running 2k on a desktop is likely at least 5 generations behind today’s market).

So, yes, I think it’s pretty simple. If people can’t even allow themselves to be bothered with keeping their systems updated. SP3 for XP was released to the public 50 weeks ago. Anyone who hasn’t updated to it yet either has a really good reason for running older software (see my previous point), or is just plain lazy, and very likely doesn’t even run Firefox to begin with.

Now, with my point about dumping support for anything prior to Vista SP1. There are multiple facets to my argument here.

1. If you are using a computer less than 2 years old, there is almost absolutely no reason for you to still be running XP in any form. It’s old, it’s outdated, and it can’t exercize the full potential of the system for which you very likely paid pretty good money for. Stop listening to the “Hurrr… Vista is teh suck! It eats all your RAMs!” people and do some of your own research. Vista is a good OS, particularly so post-SP1. I use it personally on my primary system. The 64-bit version, which I run, is excellent, and light-years beyond the capabilities of XP64. Stop listening to Apple commercials as your only source of Vista information and do some real research. You’ll find that most of the things people complained about have either been fixed, or are a part of the system’s function that people just simply didn’t understand at first. If you’d like to know some of these arguments and my rebuttals to them, let me know, and I’ll create a separate post about it.

2. If you’re running Vista, and you haven’t updated to SP1 yet. Stop reading this and do it now. It’s ok. This post isn’t going to go anywhere. Outside of the blatant misunderstanding that was propagated during Vista’s early life, SP1 fixes many (if not all) of the legitimate problems that were in Vista at launch. SP1 is more stable, faster, and more secure than pre-SP1 Vista, and you’re only hurting yourself if you haven’t updated yet.

So here it is. Stop trying to make every software developer bend to your own will. Mozilla has been putting out a quality product that has fundamentally changed the browser market, and they’ve done it all for free. It’s about time you did them a favor and made a bit of their job just a touch less painful. By dropping support for REALLY old OS installs, it frees them to work on developing a package that is the best it truly can be. Stop holding them back. Update your system, do some research, stop purchasing/installing downgrades, and start really using TODAYs software, not the stuff you installed 8 years ago because you fear change and can’t handle something that works better and more efficiently.

Trust me, you’ll be better off.

Back in October of last year, you might remember that I launched a bit of a crusade against the Anti Proposal 2 lobby in Michigan. I would like to think that my usage of real information to dispel the myths and fear the MiCAUSE organization were attempting to spread did some good, and helped to spur people to vote their conscience.

In reality, I’m well aware that there are very few people that read this. But that’s still not going to stop me from launching my latest crusade against the Corn Refiners Association of America, and their blatant attempts to make their detractors look like fools.

Stay tuned. I should have part 1 up tonight (2/24/09).

I sent the following e-mail to MiCAUSE via the contact address posted on their site (info@micause.com). I urge every supporter of Proposal 2 to do something similar, but not to gloat. I urge you to do this because it is right to tell this group that we called their bluff, that we were informed enough to see through their lies, and show them that Michigan voters will not tolerate the causes of ignorance.

I was elated this morning to see that Michigan’s Proposal 2 passed, despite your organization’s efforts to stop it through deceit, race-baiting, and flat-out lies. Though, it does sadden me that it passed by such a thin margin, which shows that my work toward educating people against ignorance such as that forwarded by your organization is just now getting started.

Ignorance is a terrible thing.

Witnessing ignorance in action is a painful experience.

Forwarding and furthering ignorance is unconscionable.

Your continual campaign of spreading fear, uncertainty, and doubt (what we call in the technology world “FUD”) has shown that, even though you were already aware that the majority of Michigan residents felt that Proposal 2 was right, you simply could not fathom the concept of being proven wrong.

You accuse us of promoting human cloning. A lie.

You accuse us of attempting to create human-animal hybrids. Another lie.

You accuse us of creating additional tax burden on an already overburdened population. Yet another lie.

Finally, you accuse us of being racists. Not only a lie, but offensive and simply childish. If you want to see what race-baiting creates, simply research Cynthia McKinney and her security situation, or (for a more local flair) some of Kwame Kilpatrick’s speeches after his indictment. You are no better than these two, and many others that abuse race issues.

I’m glad to see that a majority of Michigan voters were able to see through your lies and smokescreens to the truth.

I hope that if, at any time, any of your members find themselves in need of any treatment derived from embryonic stem cell research, that they refuse it and live with the consequences. This is the only way to show that you, as an organization, REALLY believe in everything you have said during this election season. By accepting any treatment based upon research legalized by Proposal 2, you show that you truly are what everyone believes you are: Liars and opportunists of the worst kind.

Thank you for showing me how truly informed I can be.

So, MiCAUSE is at it yet again. Their fifth (and hopefully final) ad is a quick little primer in the ideas of semantics an context. Unfortunately, they are failing to understand that they are killing their own cause by quoting out-of-context statements and trying to relate them to the current proposal.

The REAL Bull:

This new ad starts by showing a few animals and stating that they are not their common name (cat, for example), but another name (feline). It does this with the cat and a pig (swine), with a segue into a quote from the director of the organization sponsoring proposal 2, which states: “… embryonic stem cell research … should be publicly funded”. I took a moment to listen to MiCAUSE’s audio evidence of this, and yes, it’s true, he does say that. But the recording is so tightly clipped at the beginning and end that we have no idea in what context he is speaking. The words literally start and end exactly as the quote I copied here. I’ll get back to this in a moment.

After showing this statement, the ad equates an out-of-context statement from over a month ago with the current text of the proposal, effectively accusing the proposal 2 proponents of lying about the tax burden contained in the proposal. Again, if you haven’t read it before, read it again in my first post about this issue. The proposal is very clear in its complete and utter lack of addition of funds to current research.

The fact that the chairperson for Proposal 2 believes that embryonic stem cell research should be funded publicly has ABSOLUTELY NOTHING to do with the content of the proposal. I repeat, ABSOLUTELY NOTHING. There is no provision in Proposal 2 for the addition of public funds for stem cell (embryonic, or otherwise) research. ABSOLUTELY NONE. That’s right, I’m saying it again. NO ADDITIONAL TAX BURDEN.

Now, back to the context from which the quote in the ad was taken. What question was the chairperson asked? Was he asked flatly “Do you believe stem cell research (embryonic, or otherwise) should be publicly or privately funded?” Was he asked “Will proposal 2 increase public funding for stem cell research?” Was he asked to clarify his statement in the context of proposal 2? We don’t know. I haven’t been able to find the original recording anywhere at this point. If I do, I’ll be sure to update this post with it.

By not providing voters with the context in which the statement was made, they are able to make it say whatever they want. What is the rest of the story, MiCAUSE? What was said before or after that statement? What was the question? We know you won’t publish the rest because it’s very strongly possible that the context of the statement completely negates your point. By completely eliminating context, you put your own credibility at risk.

Of course, that’s assuming that there was any to begin with.

UPDATE: I was, sadly, wrong. There is another, even worse ad out now. I will have to dissect this one tomorrow, as I don’t have the time or the strength to sift through the amount of ridiculousness in the ad at this time.