My adventure with AWS, part 1

I decided to try out Amazon AWS to find out what it could do for me. As it turns out, I also has a project (WorldWarIICasualtyProject.org or ww2cp for short) that I wanted to host cheaply. Amazon AWS promises to do that.

First things first, I had to create an account. It’s not hard provided you have a credit card handy. Amazon tests the card to see if it has money (in case it’s a debit card). I chose to use a debit card first because there are no default brakes on spending. (Debit card runs out of money. I assume AWS stops services, but am I going to test it?) You have to protect your accounts to prevent others from spending your money. You also have to watch what you do decide to activate because there are no auto-shutdowns if you spend too much money. Live dangerously? Not really. Just figure out how to set alarms and stay on top of them.

AWS also recommends not using your root (or first) account for daily use, in case it gets compromised. I detoured over to IAM (Identity and Agent Management) and created a separate account that I would use every day. Oddly, it’s possible to assign almost all root powers to any child account, so, once again, be careful.

Once I was satisfied with the child accounts, I started testing S3 (Simple Storage Service). They operate on the concept of “buckets”, that hold pretty much everything. Amazon has built a pseudo-folder structure to allow some organization, but really everything goes in one big bucket.

One cool thing about S3 buckets is that they get mirrored to other nodes within a region. The idea is that this should make it easier to pull the data from the bucket regardless of where a browser is within a region. This becomes important when using Route53.

Route53 is Amazon’s version of DNS. I bought ww2cp from NameCheap.com and used them as the DNS to a placeholder while I figured out what I was going to do with the website. I discovered that I could have the S3 buckets I created earlier serve as a website, provided I let Route53 handle the DNS. Coolness!

Weird fact: Route53 assigned four name servers to resolve ww2cp. When I used nslookup to check for the correct IP address for the website, I would get a revolving set of four “web” servers instead of the one (parking) IP address I used before. I bet that has to do with the S3 mirrors I mentioned above.

Setting up Route53 to handle DNS is not hard. (There once was a time when AWS documentation was cryptic and undecipherable. If you read the same docs often enough, they make sense.) Anyway, I set up Route53 to handle the DNS services required to make the S3 bucket host the files for the website. I updated the name server information over at NameCheap … and nothing happened. For some odd reason, my changes to the name servers over at NameCheap kept reverting to their original settings. Eventually, I had to get NameCheap tech support involved to get the name server changes to stick, but it did.

Advertisements

error on part 0 of Ansible install

I’ve mentioned that I decided to use Ansible for my server configuration management. This installation has finally bubbled up as the first item on my to-do list. I looked around to see how to install it. Since I already have Homebrew installed on my mac, I saw two options:

  1. > brew install ansible
  2. > pip3 install ansible

I did not know any reason why these would be different, so I went ahead and ran ‘> brew install ansible’. That was a mistake. Ansible lists Python 2 as a dependency, which is not included in my Homebrew installation. Homebrew installs Python 2.7.13. I also have Python 3 running (3.6.2). I also found out there’s a third version of Python (2.7.10) which is part of the default installation in my laptop. 3 versions of Python on one machine. Wonderful!

I created a /etc/ansible/hosts file and did a test ping, which returns UNREACHABLE. That makes no sense, but I think I have to use some command line options to use the correct account.

Also, I don’t know which version of ansible is running. I may want to remove the Homebrew version and figure out how to use the python3 version. What a mess.

After a day of thought, I decided to check a few things:

> ansible —version

> ansible 2.3.2.0 (good)

… python version = 3.6.2 (what? Why not 2.7.13 or 2.7.10? Interesting.)

I checked the documents page at ansible.com. They say that ansible can run with python3 in one of two ways:

  1. > python3 <path/to/ansible> localhost -m ping
  2. > ansible localhost -m ping -e ‘ansible_python_interpreter=<path/to/python3>

To see what happens, I also tried

  1. > ansible localhost -m ping

It turns out all return good pings from localhost, so … I guess my installation is OK. Even so, next time, avoid using Homebrew for ansible installations.

More deployment strangeness: Capistrano, part 0

As mentioned before, my web/database server infrastructure is becoming more complicated. I need to figure out a way to make things easier and repeatable for me. I’m going to test Ansible for server configuration. I also decided to try Capistrano for website deployment.

Originally, I was thinking of using Deployer. I liked the idea of having a PHP tool to deploy PHP websites, but then I realized I also want to deploy Node.js and Python WSDL sites. (By the way, deploying Python sites using Flask or Django as the web framework looks unusually complicated. More about that later.) For the PHP sites, I wrote a Phing script to collect everything I needed. My plan is for Capistrano to take that bundle and deploy that. We’ll see.

To use Capistrano, I need Ruby. I installed that somewhere when I took the Berkeley MOOC class.

>ruby –version
ruby 2.1.5p211 (2014-11-13 revision 48405)

Wow, that seems old. I’ll update it. After some google searches, I settle on this set of instructions to upgrade ruby. Their process in a nutshell:

  • install home-brew and git
  • install rvm. Over rbenv? Uh, OK.
  • install ruby
  • install any needed gems

Homebrew are already covered. Git works as expected. They also recommend the latest version of the macOS, along with Xcode and the Xcode command line tools. I’ve got that covered, too. Let’s keep moving.

Next: install gpg? What is that? It checks cryptographic security of the rvm download. OK, sure. I installed the security key as described. (When I went through this process on a different machine, I forgot about the security key and did not have any issues with the rvm download.)

Next: download rvm. It looks simple enough. After the installation, I get a notice about two versions of rvm running on my machine. Apparently, I need to either source my .bash_process file or reload a terminal window, which does the same thing. OK. that’s working now.

Next: use rvm to install ruby. Am I seeing things? Why is it installing ruby into my home directory? Well,iIt seems to work. Ruby has the correct version. Final stuff: update bundler and nokigiri using the gem installer.

Everything looks good. Next, Capistrano.