Virtual Machine Hosting: Difference between revisions
(this page is sooooo old. tagging it with needs work because it needs serious updating.) |
|||
| Line 1: | Line 1: | ||
{{{Needswork}}} |
|||
= Motivation = |
= Motivation = |
||
Revision as of 13:55, 1 August 2012
{{{Needswork}}}
Motivation
If you want to give MediaGoblin a try, but would prefer to run it on someone else's machine for a while, then you may be interested in spinning up an EC2 instance from an AMI pre-loaded with MediaGoblin. The following recipe should make a public MediaGoblin AMI. Make your own or skip ahead Martha Stewart style to ami-3bf33252
Get your favorite distribution to fit in less than 10 Gb volume size
Ubuntu makes this easy. Start with an official EC2 Ubuntu instance in us-east: ami-61be7908. Other official Ubuntu AMIs are also available
Login to this fresh instance using EC2 tools
me@myhomemachine:~$ ssh -i $(KEY_PATH) ubuntu@ec2-##-##-##-##.compute-1.amazonaws.com
Once logged in, update the links to package updating materials
sudo apt-get update
Then run the package manager to download and install the latest patches
sudo apt-get -u upgrade
Reboot from the EC2 instance manager. Then log in and install any remaining upgrades
sudo apt-get update sudo apt-get -u upgrade
Limit remote access to improve security
Disable password-based login by editing /etc/ssh/sshd_config to explicitly disallow it.
+# Disable password-based login +PasswordAuthentication no
Also remove this moot parameter
-# To enable empty passwords, change to yes (NOT RECOMMENDED) -PermitEmptyPasswords no
Reboot the ssh server
sudo restart ssh
Disable root login, and specify login by ubuntu only by editing /etc/ssh/sshd_config
-PermitRootLogin yes +PermitRootLogin no +AllowUsers ubuntu
Reboot the ssh server
sudo restart ssh
Install MediaGoblin Prerequisites
Setup directory for mediagoblin source code
mkdir src cd src
The following matches the HackingHowto except for how mongodb is installed. MongoDB is only at version 1.2.2 in Lucid 10.04, which the original AMI is based on, but MediaGoblin requires v1.3+
sudo apt-get install git-core python python-dev python-lxml
First get the gpg key for the 10gen repository
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv 7F0CEB10
Add the 10gen repository to the list of apt sources by editing /etc/apt/sources.list
+deb http://downloads-distro.mongodb.org/repo/ubuntu-upstart dist 10gen
Install mongodb
sudo apt-get update sudo apt-get install mongodb-10gen
Fetch the mediagoblin code from the git repository, buildout, and test
git clone git://gitorious.org/mediagoblin/mediagoblin.git cd mediagoblin python bootstrap.py && ./bin/buildout ./runtests.sh ###Ran 45 tests in 12.160s ... OK!
Install sendmail
sudo apt-get install sendmail
cp paste.ini paste_local.ini cp mediagoblin.ini mediagoblin_local.ini
Edit paste_local.ini to point to mediagoblin_local.ini and allow remote connections
-config = %(here)s/mediagoblin.ini +config = %(here)s/mediagoblin_local.ini -host = 127.0.0.1 +host = 0.0.0.0
Prepare instance for bundling into a public AMI
The instance you've built so far is currently configured to accept your private key as a login. Lock yourself out now...or don't, and see if anyone notices. It's your call.
Find and remove your public key
sudo find / -name "authorized_keys" -print -exec rm {} \;
Verify you can not log in to the instance anymore
me@myhomemachine:~$ ssh -i $(KEY_PATH) ubuntu@ec2-##-##-##-##.compute-1.amazonaws.com ##Permission denied (publickey).
Take a snapshot, convert the snapshot to an AMI, then set the AMI permissions to public.