Virtual Machine Hosting

From GNU MediaGoblin Wiki
Revision as of 22:41, 12 August 2011 by Cfdv (talk | contribs) (→‎Motivation)
Jump to navigation Jump to search

Motivation

If you want to give MediaGoblin a try, but would prefer to run it on someone else's machine for a while, then you may be interested in spinning up an EC2 instance from an AMI pre-loaded with MediaGoblin. The following recipe should make a public MediaGoblin AMI. Make your own or skip ahead Martha Stewart style to ami-3bf33252

Get your favorite distribution to fit in less than 10 Gb volume size

Ubuntu makes this easy. Start with an official EC2 Ubuntu instance in us-east: ami-61be7908. Other official Ubuntu AMIs are also available

Login to this fresh instance using EC2 tools

me@myhomemachine:~$ ssh -i $(KEY_PATH) ubuntu@ec2-##-##-##-##.compute-1.amazonaws.com

Once logged in, update the links to package updating materials

sudo apt-get update

Then run the package manager to download and install the latest patches

sudo apt-get -u upgrade

Reboot from the EC2 instance manager. Then log in and install any remaining upgrades

sudo apt-get update
sudo apt-get -u upgrade

Limit remote access to improve security

Disable password-based login by editing /etc/ssh/sshd_config to explicitly disallow it.

+# Disable password-based login
+PasswordAuthentication no

Also remove this moot parameter

-# To enable empty passwords, change to yes (NOT RECOMMENDED)
-PermitEmptyPasswords no

Reboot the ssh server

sudo restart ssh

Disable root login, and specify login by ubuntu only by editing /etc/ssh/sshd_config

-PermitRootLogin yes
+PermitRootLogin no
+AllowUsers ubuntu

Reboot the ssh server

sudo restart ssh

Install MediaGoblin Prerequisites

Setup directory for mediagoblin source code

mkdir src
cd src

The following matches the HackingHowto except for how mongodb is installed. MongoDB is only at version 1.2.2 in Lucid 10.04, which the original AMI is based on, but MediaGoblin requires v1.3+

sudo apt-get install git-core python python-dev python-lxml

Get the latest mongodb

First get the gpg key for the 10gen repository

sudo apt-key adv --keyserver keyserver.ubuntu.com --recv 7F0CEB10

Add the 10gen repository to the list of apt sources by editing /etc/apt/sources.list

+deb http://downloads-distro.mongodb.org/repo/ubuntu-upstart dist 10gen

Install mongodb

sudo apt-get update
sudo apt-get install mongodb-10gen

Fetch the mediagoblin code from the git repository, buildout, and test

git clone git://gitorious.org/mediagoblin/mediagoblin.git
cd mediagoblin
python bootstrap.py && ./bin/buildout
./runtests.sh
###Ran 45 tests in 12.160s ... OK!

Install sendmail

sudo apt-get install sendmail

Configure MediaGoblin

cp paste.ini paste_local.ini
cp mediagoblin.ini mediagoblin_local.ini

Edit paste_local.ini to point to mediagoblin_local.ini and allow remote connections

-config = %(here)s/mediagoblin.ini
+config = %(here)s/mediagoblin_local.ini
-host = 127.0.0.1
+host = 0.0.0.0

Prepare instance for bundling into a public AMI

The instance you've built so far is currently configured to accept your private key as a login. Lock yourself out now...or don't, and see if anyone notices. It's your call.

Find and remove your public key

sudo find / -name "authorized_keys" -print -exec rm {} \;

Verify you can not login to the instance anymore

me@myhomemachine:~$ ssh -i $(KEY_PATH) ubuntu@ec2-##-##-##-##.compute-1.amazonaws.com
##Permission denied (publickey).

Take a snapshot, convert the snapshot to an AMI, then set the AMI permissions to public.