May 052010
 

From kampx.com
After some experimenting with Google App Engine, there is one thing that bothers me the most; I cannot run any background programs.

So, I thought it was time to check out the competition at Amazon ec2. I like centos and I wanted to create an Amazon Machine Image (AMI) which runs on 5.4, contains a servlet engine (Apache Tomcat) and is able to receive http requests on port 80. There are a lot of resources available (here, here, here, here, here, here,here and here) but none of them did exactly what I want.

The script I wrote (below) does the following things:

Uses the 32 bit version of CentOS 5.4 (only for Small or High-CPU Medium instances)
a 5GB file system
reroute traffic from port 8080 to 80 (using iptables)
Install a xen compatible kernel
Prevent the re spawning of tty2 to 6
Install java
Install tomcat & auto start
If you have any remarks/comments, please let me know, than I can improve this script.

First I installed centos 5.4 in a VMware environment and from there I created the Amazon AMI.


#create a 5GB image:
dd if=/dev/zero of=centos54ami.sf bs=1M count=5120
#create a filesystem:
/sbin/mke2fs -F -j centos54ami.sf
#create mountpoint:
mkdir /mnt/ec2-fs
#mount on loopback:
mount -o loop centos54ami.sf /mnt/ec2-fs
#create devices:
mkdir /mnt/ec2-fs/dev
/sbin/MAKEDEV -d /mnt/ec2-fs/dev/ -x console
/sbin/MAKEDEV -d /mnt/ec2-fs/dev/ -x null
/sbin/MAKEDEV -d /mnt/ec2-fs/dev/ -x zero
#create etc:
mkdir /mnt/ec2-fs/etc
#Create a proc point for the image and mount it:
mkdir /mnt/ec2-fs/proc
mount -t proc none /mnt/ec2-fs/proc
#vi yum-xen.conf file (on the local filesystem/not on the mount)
vi yum-xen.conf

[main]
cachedir=/var/cache/yum
debuglevel=2
logfile=/var/log/yum.log
exclude=*-debuginfo
gpgcheck=0
obsoletes=1
pkgpolicy=newest
distroverpkg=redhat-release
tolerant=1
exactarch=1
reposdir=/dev/null
metadata_expire=1800
[base]
name=CentOS-5.4 – Base
baseurl=http://mirror.centos.org/centos/5.4/os/i386/
gpgcheck=1
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5
priority=1
protect=1
#released updates
[update]
name=CentOS-5.4 – Updates
baseurl=http://mirror.centos.org/centos/5.4/updates/i386/
gpgcheck=1
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5
priority=1
protect=1
#packages used/produced in the build but not released
[addons]
name=CentOS-5.4 – Addons
baseurl=http://mirror.centos.org/centos/5.4/addons/i386/
gpgcheck=1
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5
priority=1
[extras]
name=CentOS 5.4 Extras $releasever – $basearch
baseurl=http://mirror.centos.org/centos/5.4/extras/i386/
enabled=1
#Run the yum installer and install the Core group:
yum -c yum-xen.conf –installroot=/mnt/ec2-fs -y groupinstall Core
#setup network settings:
vi /mnt/ec2-fs/etc/sysconfig/network-scripts/ifcfg-eth0

DEVICE=eth0
BOOTPROTO=dhcp
ONBOOT=yes
TYPE=Ethernet
USERCTL=yes
PEERDNS=yes
IPV6INIT=no

#Turn on networking:
vi /mnt/ec2-fs/etc/sysconfig/network

NETWORKING=yes
#create resolv.conf:
vi /mnt/ec2-fs/etc/resolv.conf
search z-2.compute-1.internal?nameserver 172.16.0.23

#Set up the hard drives:
vi /mnt/ec2-fs/etc/fstab

/dev/sda1 / ext3 defaults 1 1
none /dev/pts devpts gid=5,mode=620 0 0
none /dev/shm tmpfs defaults 0 0
none /proc proc defaults 0 0
none /sys sysfs defaults 0 0
/dev/sda2 /mnt ext3 defaults 0 0
/dev/sda3 swap swap defaults 0 0

#Install wget, curl and iptables
yum -c yum-xen.conf –installroot=/mnt/ec2-fs -y install wget
yum -c yum-xen.conf –installroot=/mnt/ec2-fs -y install curl
yum -c yum-xen.conf –installroot=/mnt/ec2-fs -y install iptables

#disable selinux
vi /mnt/ec2-fs/etc/selinux/config

SELINUX=disabled

#comment out the respawning of tty2 to 6

vi /mnt/ec2-fs/etc/inittab

comment out mingetty tty2 to 6

#create script to retrieve the public key
vi /mnt/ec2-fs/usr/local/sbin/get-credentials.sh

#!/bin/sh
if [ ! -d /root/.ssh ] ;
then mkdir -p /root/.ssh
chmod 700 /root/.ssh
fi

# Fetch public key using HTTP

curl -f http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key > /tmp/my-key
if [ $? -eq 0 ] ;
then
cat /tmp/my-key >> /root/.ssh/authorized_keys
chmod 600 /root/.ssh/authorized_keys
rm -f /tmp/my-key
fi

#add execute rights
chmod +x /mnt/ec2-fs/usr/local/sbin/get-credentials.sh

#add line to rc.local:
vi /mnt/ec2-fs/etc/rc.local

/usr/local/sbin/get-credentials.sh

#download & install java
wget http://javadl.sun.com/webapps/download/AutoDL?BundleId=37391
mv jre-6u18-linux-i586.bin
chmod +x jre-6u18-linux-i586.bin
./jre-6u18-linux-i586.bin
mv jre1.6.0_18 /mnt/ec2-fs/usr/lib/

#download & install tomcat
wget http://archive.apache.org/dist/tomcat/tomcat-5/v5.5.28/bin/apache-tomcat-5.5.28.tar.gz
tar -xzf apache-tomcat-5.5.28.tar.gz
mv apache-tomcat-5.5.28 /mnt/ec2-fs/opt/tomcat
echo “export CATALINA_HOME=/opt/tomcat” >> /mnt/ec2-fs/root/.bashrc
echo “CATALINA_BASE=/opt/tomcat” >> /mnt/ec2-fs/root/.bashrc

#autostartup tomcat
vi /mnt/ec2-fs/etc/init.d/tomcat

#!/bin/bash
#
# tomcat
#
# chkconfig: 2345 80 30
# description: Start up the Tomcat servlet engine.

# Source function library.
. /etc/init.d/functions

RETVAL=$?
CATALINA_HOME=”/opt/tomcat”
export JAVA_HOME=”/usr/lib/jre”
case “$1? in
start)
if [ -f $CATALINA_HOME/bin/startup.sh ];
then
echo $”Starting Tomcat”
/bin/su tomcat $CATALINA_HOME/bin/startup.sh
fi
;;
stop)
if [ -f $CATALINA_HOME/bin/shutdown.sh ];
then
echo $”Stopping Tomcat”
/bin/su tomcat $CATALINA_HOME/bin/shutdown.sh
fi
;;
*)
echo $”Usage: $0 {start|stop}”
exit 1
;;
esac

exit $RETVAL
then

chmod +x /mnt/ec2-fs/etc/init.d/tomcat
cd /mnt/ec2-fs/etc/rc5.d
ln -s /mnt/ec2-fs/etc/init.d/tomcat /mnt/ec2-fs/etc/rc5.d/S71tomcat

#Chroot and auto start the services sshd and tomcat:

/usr/sbin/chroot /mnt/ec2-fs /bin/sh
/sbin/chkconfig –level 345 sshd on
/sbin/chkconfig tomcat on

#create link for java lib

cd /usr/lib
ln -s jre1.6.0_18 jre

#set the correct java path

echo “export JAVA_HOME=/usr/lib/jre” >> /root/.bashrc
echo “export PATH=/usr/lib/jre/bin:$PATH” >> /root/.bashrc
/usr/sbin/useradd -d /opt/tomcat tomcat
chown -R tomcat:tomcat /opt/tomcat

#remove default installed applications

cd /opt/tomcat/webapps
rm -r balancer/
rm -r webdav/
rm -r tomcat-docs/
rm -r servlets-examples/
rm -r jsp-examples/

#install custom kernel

cd/
wget http://s3.amazonaws.com/ec2-downloads/modules-2.6.16-ec2.tgz
gunzip modules-2.6.16-ec2.tgz
tar -xvf modules-2.6.16-ec2.tar
/sbin/depmod -ae 2.6.16-xenU

#fix some Xen guest kernels things

vi /etc/ld.so.conf.d/libc6-xen.conf

# This directive teaches ldconfig to search in nosegneg subdirectories
# and cache the DSOs there with extra bit 0 set in their hwcap match
# fields. In Xen guest kernels, the vDSO tells the dynamic linker to
# search in nosegneg subdirectories and to match this extra hwcap bit
# in the ld.so.cache file.
hwcap 0 nosegneg

#create the necessary links and cache

/sbin/ldconfig

#redirect port 80 to 8080

/sbin/iptables –flush
/sbin/iptables –table nat –flush
/sbin/iptables -t nat -A PREROUTING -j REDIRECT -p tcp –destination-port 80:80 –to-ports 8080
/sbin/iptables-save

#Exit out of your chroot:

exit

#cleanup

yum -c yum-xen.conf –installroot=/mnt/ec2-fs clean all

#Unmount the image

umount /mnt/ec2-fs/proc
umount -d /mnt/ec2-fs

#install ruby

yum install ruby

#Download the EC2 AMI Tools:
wget http://s3.amazonaws.com/ec2-downloads/ec2-ami-tools.noarch.rpm

#Install the EC2 AMI Tools

rpm -Uvh ec2-ami-tools.noarch.rpm

#bundle the your image

/usr/local/bin/ec2-bundle-image -i centos54ami.sf -c -k -u

#upload to s3

/usr/local/bin/ec2-upload-bundle -b -m /tmp/centos54ami.sf.manifest.xml -a -s

With the AWS console, you can now register and startup the AMI

#log on to the newly created instance

ssh -i

From kampx.com

 Posted by at 3:57 am