The barrier to entry for EC2 is relatively low, but there are a few new concepts to get under your belt. The first- and possibly most important- decision you’ll face is what AMI to use. Zend has just made this decision a lot easier. We’ve prepared an AMI with a fully optimized, feature-complete installation of Zend Server CE. You can customize it, install your own applications, and bundle a new AMI for your own use. But first you must find the image and launch it using the tools that Amazon provides. The new AWS Management Console makes the process relatively easy once you understand the basic concepts.
NOTE: If you haven’t signed up for an EC2 account yet, you’ll have to provide credit card information to complete the steps in this article.
ANOTHER NOTE: If you’re already familiar with AWS and just want to get to the image already, you’ll find it under the following AMI ID: ami-6ae40603
YET ANOTHER NOTE: This article references lots of GUI elements and will therefore almost certainly be obsolete the instant it is published. Please follow these steps in spirit if not entirely in substance.
The AWS Management Console is where it all happens, so that’s the first stop on our EC2 tour: http://aws.amazon.com/console.
When you’re ready to get started, click on the ‘Sign in to Amazon Console’ button. If you haven’t set up an AWS account yet, it will prompt you to do so now. This seemingly innocent form has just a few fields to fill in. Fair enough. Now you’ll be taken to the AWS console where you’ll be prompted to create an EC2 account. Click the ‘Sign Up For Amazon EC2’ button. No AWS account? You’ll now be presented with a form to create one. Not too many fields here: basically your address and some legalese to agree to. Fill everything in and click ‘Continue’.
Now Amazon starts talking money. You’ll find several fields for a credit card below a long list of EC2 prices. Take a moment to muster up your courage and enter your credit card information. You’ll then be prompted to log in with your new account to access another form which prompts for the address associated with the card. Click on ‘Use the Address’ or ‘Continue’.
Finally the confirmation page you’ve been waiting for! Click on ‘Complete Sign Up’ and cross your fingers. If everything is in order, you’ll see a thank you message which mentions a X.509 certificate you supposedly need to use the service. Ignore this. These certificates are used to access some AWS web services APIs programmatically, which I’ll cover in a future article. For now, we’ll stick with the console. All of these new accounts are associated with your Amazon account.
OK, you’re all signed up and ready for the console. Click on the ‘Sign in to Amazon Console’ button. This time you should be taken to the EC2 tab in the console.
If you’ve been less than impressed with the AWS user experience up to this point, maybe the AWS Management Console will start making it up to you. This nifty little console currently supports EC2, Elastic MapReduce, and CloudFront. Don’t ask me why it supports these particular services and not others, but if you scroll down to the bottom of the AWS Management Console page you’ll find that support for S3, SimpleDB and SQS is on the roadmap. Here’s what the console looks like as of this writing:
Getting back to the EC2 tab, you’ll notice a bunch of categorized links in the ‘Navigation’ bar to the left of the page. The concepts behind these categories and links are so important when working with EC2 that it’s worth going through them individually:
- Instances: These are just the virtual machine instances that have been launched from an AMI. They can be in different states such as ‘starting’, ‘running’, and ‘terminated’.
- AMIs: These are the virtual machine images that you use to launch instances. They will have an OS and typically some software stack pre-installed for your convenience. In this case, Ubuntu 9 and Zend Server CE 4 are pre-installed and will be running and ready to serve your PHP apps when an instance is launched.
- Bundle Tasks: These are tasks for bundling Windows AMIs. Ignore this link- we won’t need to know anything about bundle tasks to launch an instance of the Zend Server CE AMI. And besides, we’re not talking about Windows (yet).
- Volumes: You can click this link to manage Elastic Block Storage (EBS) volumes. You can ignore this link.
- Snapshots: These are snapshots of EBS volumes. Moving on. . .
- Elastic IPs: You can purchase elastic IPs to associate one or more static IPs with your account. You don’t need a static IP to bring up the Zend Server image for evaluation, so we can safely ignore this link for now.
- Security Groups: Security groups are basically virtual firewalls; you can use a security group to allow or block traffic to specified ports. The console will ask you what security groups you’d like to use when you launch instances. Multiple security groups can be chosen, but we’ll only use one to launch our CE instance.
- Key Pairs: Key Pairs are used to verify that you are who you say you are when logging in to the instance via SSH (or RDP for Windows). OpenSSH users may be more familiar with the term ‘public key authentication’.
Before we launch our Zend Server CE instance, there are a few things we have to do.
First, click on the ‘Security Groups’ link to get to the security groups page. Near the top of the page you’ll see a ‘Create Security Group’ button. Click it. You’ll have to fill in a name and a description- both are required. I suggest ‘Zend Server GUI’ for the name and an exercise in creative writing for the description. Now create an allowed connection for our Apache service on port 80. Simply select ‘HTTP’ in the ‘Connection Method’ dropdown menu and the rest of the fields will be filled in for you. Click ‘Save’. Now create allowed connections for the two ports that the Zend Server GUI runs on: 10081 and 10082. I recommend selecting the ‘HTTP’ drop down menu item for each port. Replace port 80 with the port numbers above in their respective port fields for both the ‘From Port’ and ‘To Port’. Leave 0.0.0.0/0 in the ‘Source’ field if you’d like these ports to be accessible from any client IP address. Click ‘Save’ for each connection. Finally, you’ll want the SSH port open so you can log in to instances. Select ‘SSH’ from the dropdown menu. Click ‘Save’ once more. The final result should like something like:
Next, you’ll need a key pair to log in to your instance. Amazon has made this dead simple with the key pair page. Just click on the ‘Create Key Pair’ button and enter a file name (may I suggest ‘zend-aws’ as a better-than-average name?) and save the private key to your local file system. It’s best to select a location that is easy to navigate to in your CLI shell. Done!
NOTE: Remember that anyone with this key has root on all EC2 instances launched with this key pair. Make sure you save it in secure location.
Now we’re ready for prime time. Go to the instances page. Click on the big ‘Launch Instance’ button. Open the ‘Community AMIs’ tab. Paste ‘ami-6ae40603’ in to the search field and hit enter. You should see one AMI row with a ‘Select’ button on the right. Click that. If it prompts you to create a security group, click the discreet ‘Skip This’ link; we’ve already created our security group. Now you should see a few fields to fill out. You can launch as many instances of the Zend Server CE image as you want, but you won’t need more than one to evaluate Zend Server CE. The instance type can be either ‘Small’ or ‘High-CPU Medium’. I recommend ‘Small’ for evaluating the image. Now pick the key pair that we just finished creating using the ‘Key Pair Name’ dropdown menu. Next, select the security group we created earlier. If you want to change advanced options, you’re on your own.
Amazon may flash an advertisement for EBS and some other BS now. Just close it to get to the exciting stuff- an actual instance spinning up! In fact, its status should tell you in no uncertain terms: ‘starting’. To get the latest status, click on the ‘Refresh’ button in the upper right. You may see other statuses such as ‘pending’ in the few minutes it takes to launch the instance. When the status is ‘running’, the machine is booted and ready to do your bidding. Woohoo!
Now, let’s make sure everything’s in order. First get the public DNS. You’ll find it in a field on the instance row or in the details pane when you highlight an image. This domain name can be used to access the instance from outside Amazon’s network. Copy it and enter ‘http://
This shows you that the Zend Server CE GUI is running. If you’re uncomfortable entering your password on an unencrypted connection, enter ‘https://
Finally, for complete control of this instance you’ll have to log in as root using SSH. This requires a compatible SSH client. I’ve gotten the OpenSSH client to work on both Linux and Cygwin. If you’ve gotten another client to work, feel free to add a comment below with a walkthrough. In any case, if you’re using a CLI-based client, you should right-click on your instance in the ‘My Instances’ view and select ‘Connect Help’ to get the information you need to connect- including the command string itself! If you follow these simple instructions, soon enough you will be logged in to your very own instance as root. Just make sure you accept any new certificates the SSH client asks you about along the way.
Now that you have root, go wild. Install your own applications, point your DNS servers to a static IP provided by Elastic IPs, bring Elastic Block Store volumes up and down, etc. And once you’ve got everything just the way you like it, you can save your own AMI to S3.
NOTE: Don’t forget to shut down the instance after you’re done! Time is money when it comes to EC2!