Tech-Blog: Tag ec2

On Bootstrapping Active Directory for EC2's Windows Images

Mike — Wed, 29 Apr 2009 09:09:00 -0400

Amazon's EC2 service now includes a number of Windows Server 2003 images, starting at $0.125 per hour. These Microsoft sanctioned images are a great alternative to the QEMU shenanigans from the past.

One of the advantages of Amazon's EC2 service is the ability to provision virtual machines via scripts, and without human interaction. Here's a description of my approach to bringing an instance of Active Directory online via script.

Prerequisites:

Amazon EC2 account
command line RDP client (e.g. rdesktop)
dcpromo answer file (I found Daniel Petri's article helpful)

Your RDP client will need to support two features: file sharing, and remote script execution. I've found the Mac RDP clients tough to use via script, but Ubuntu's rdesktop works just fine in a VirtualBox VM.

Starting the Windows Server VM

Choose the Basic Microsoft Windows Server 2003 image or the Basic Microsoft Windows Server 2003 with Authentication Services image; a small standard instance type should be sufficient.

(The Firefox elasticfox EC2 plugin makes it easy to manage windows instances.)

Once your instance is online, you'll need the public DNS name and administrator password for the instance.

Installing Active Directory

Normally, AD is installed and configured by running dcpromo and working through the relevant dialog boxes. Unattended installs are supported via the /answer argument:

   C:> dcpromo /answer:%path_to_answer_file%

Running this command on an EC2 instance poses two challenges: how to run a windows command remotely from a script, and how to copy our dcpromo answer file from our local host to EC2. Fortunately RDP solves both problems. Using rdesktop one can define a script to run on session startup, and a local folder to share with the remote host.

Install Active Directory remotely using rdesktop as follows:

   mpierson:$ rdesktop -r disk:share=/home/mpierson/winshare/ \
     -u Administrator -p <admin_password> \
     -s "dcpromo /answer:\\\\tsclient\\share\\dcpromo.install" \
     <windows_hostname>

where /home/mpierson/winshare/dcpromo.install is the local path of the dcpromo answer file for your AD configuration. (The RDP file share defined by the -r argument will appear in the Windows host network share list with a host name of tsclient.)

FWIW, here is an example answer file for dcpromo.

Access Your AD Domain

Use rdesktop to access your new AD domain as follows:

   mpierson:$ rdesktop 
     -u Administrator -p <admin_password> \
     -d <win_domain_name> \
     <windows_hostname>

where win_domain_name is the DomainNetBiosName defined in your dcpromo answer file.

On Bootstrapping Oracle's 10g XE EC2 Image

Mike — Tue, 28 Apr 2009 12:37:00 -0400

Oracle has made a number of their products available for use on Amazon's EC2 service. Unfortunately, each instance of their 10g XE RDBMS image must be configured manually via ssh before use.

Turns out that the 10g XE image hijacks the bash profile script to force manual configuration. If one was motivated to enable unattended configuration of the image, the bash profile script could be un-hijacked with scp:

  mpierson:$ scp -i EC2_KEY my-bash-profile.sh root@<EC2-HOST-NAME>:/root/.bash_profile

BTW, the hijack script overwritten by scp above is also a good starting point for an script that would bring the database online in an unattended scenario. Here's what it does:

force acceptance of Oracle EC2 license
force change to oracle system user
set Oracle environment, including host name
force change to SYSTEM and SYS oracle db accounts

Amazon EC2 Diary I

Mike — Wed, 07 Jan 2009 21:30:00 -0500

I've been an Amazon EC2 evangelist for the past couple of years. The EC2 'cloud computing' service is an early entry in the on-demand hosting market, featuring practically unlimited computing resources (CPUs, storage and bandwidth) provisioned in real time via public APIs.

With a tip of the hat to Tim's Android diary:

I suspect that my experiences are going to be shared by quite a few people in the not-too-distant future, so why not record them?

My experience with EC2 involves deployment of JES environments, typically for development and testing of IAM applications. In future posts I'll share my approach and some concrete examples of how I have leveraged EC2 to save time and money.

For now, a short summary of the EC2 features that have provided value.

Per-Hour Billing

Most of us do not work 24 hrs per day seven days per week, so it makes not to pay for dedicated computing resources when developing applications. The EC2 rates are reasonable relative to commercial hosting services, and I suspect an order of magnitude more economical than buying servers and deploying traditional virtual hosts.

Multi-OS Support

The EC2 service started with Linux OS support only, but has since added Solaris and Windows Server 2003. I use all three.

Scriptable API

There are no online forms, or phone calls, or visits to Best Buy. Provisioning of EC2 resources can be fully automated. Use bash, Java, Perl, Ruby..., whatever.

Community & Tools

There are open source API libraries in your favourite language, commercial management utilities, a Firefox plugin available. And of course there are many pre-built EC2 images available to the public.