Wednesday, June 7, 2017

Enable direct ssh access to EC2 instance without .pem key

Enable password authentication by editing /etc/ssh/sshd_config: change PasswordAuthentication no to PasswordAuthentication yes

Restart ssh:

sudo /etc/init.d/ssh restart

systemctl  restart sshd (for RHEL7)

Tuesday, February 14, 2017

Create EC2 instances using Ansible Playbook

Log into your AWS account to get your “AWS_ACCESS_KEY_ID” and “AWS_SECRET_ACCESS_KEY”. Go to “Identity and Access Management”. Create a new user or select an exiting one. Go to “Security Credentials” and click “Create Access Key”. Here’s an example of what you’ll end up with:
Access Key ID: NUHKOIJFOJF9GFJDO
Secret Access Key: LSDJKFODSJF9SDJF8UH3U3HFKW
Keep those safe – download when asked. Use the above values to create environment variables. Copy and paste the following (with your values replacing mine) into your shell:
export AWS_ACCESS_KEY_ID="NUHKOIJFOJF9GFJDO" 
export AWS_SECRET_ACCESS_KEY="LSDJKFODSJF9SDJF8UH3U3HFKW"
Create the “~/hosts” file with the following contents:
[local]
localhost

[webserver]
Now we build our YML file for Ansible to run through. Here’s a sample that will create a basic EC2 with a public IP address and your public SSH key. Put the following into the file “~/ec2-basic.yml”
---
  - name: Provision an EC2 Instance
    hosts: local
    connection: local
    gather_facts: False
    tags: provisioning
    # Necessary Variables for creating/provisioning the EC2 Instance
    vars:
      instance_type: t2.micro
      security_group: ansible-webserver # Change the security group name here
      image: ami-719fb712 # This is an AMI i created myself
      keypair: agix-key # This is one of my keys that i already have in AWS
      region: ap-southeast-2 # Change the Region
      count: 1

    # Task that will be used to Launch/Create an EC2 Instance
    tasks:

      - name: Create a security group
        local_action: 
          module: ec2_group
          name: "{{ security_group }}"
          description: Security Group for webserver Servers
          region: "{{ region }}"
          rules:
            - proto: tcp
              from_port: 22
              to_port: 22
              cidr_ip: 0.0.0.0/0
            - proto: tcp
              from_port: 80
              to_port: 80
              cidr_ip: 0.0.0.0/0
            - proto: tcp
              from_port: 443
              to_port: 443
              cidr_ip: 0.0.0.0/0
          rules_egress:
            - proto: all
              cidr_ip: 0.0.0.0/0
        register: basic_firewall

      - name: Launch the new EC2 Instance
        local_action: ec2 
                      group={{ security_group }} 
                      instance_type={{ instance_type}} 
                      image={{ image }} 
                      wait=true 
                      region={{ region }} 
                      keypair={{ keypair }}
                      count={{count}}
        register: ec2

      - name: Add the newly created EC2 instance(s) to the local host group (located inside the directory)
        local_action: lineinfile 
                      dest="./hosts" 
                      regexp={{ item.public_ip }} 
                      insertafter="[webserver]" line={{ item.public_ip }}
        with_items: ec2.instances


      - name: Wait for SSH to come up
        local_action: wait_for 
                      host={{ item.public_ip }} 
                      port=22 
                      state=started
        with_items: ec2.instances

      - name: Add tag to Instance(s)
        local_action: ec2_tag resource={{ item.id }} region={{ region }} state=present
        with_items: ec2.instances
        args:
          tags:
            Name: webserver
Being the provisioning (spin it up):
ansible-playbook -i ./hosts ec2-basic.yml
And finally log into your new ec2 instance:

https://github.com/docker/machine/issues/287
Keypair->EC2>NETWORK & SECURITY, choose Key Pairs

Wednesday, January 18, 2017

Installing GUI in AWS EC2 - RHEL7

There are three sections involved in the whole setup. Follow all the three sections explained below to successfully configure the GUI.

sudo yum -y update
Install the gnome GUI components using the following command.
sudo yum groupinstall -y "Server with GUI"
Issue the following commands to start the GUI during boot.
sudo systemctl set-default graphical.target

sudo systemctl default

Now we have all the essential GUI components installed on the server. In the next section, we will install the xrdp components to enable remote desktop connections.


Setting Up XRDP

Add the xrdp repository to your instance using the following command.
Install xrdp and tiger VNC server.
sudo yum install -y xrdp tigervnc-server
Setup SELINUX security using the following commands.
chcon --type=bin_t /usr/sbin/xrdp
chcon --type=bin_t /usr/sbin/xrdp-sesman
Start and enable the xrdp service.
Enable RDP port on the instance using the following firewall commands.
sudo firewall-cmd --permanent --add-port=3389/tcp
sudo firewall-cmd --reload
Set a password for ec2-user . This password will be used to connect to the RDP session.
Set password for root as you will be prompted for cloud user password for network proxy and color. Login as root and set the password.
Now we have the xdrp components and all instance level settings in the right place. Now let’s test out the RDP connection from an RDP client. In this tutorial, i am using windows RDP client.

Connecting The Instance Using RDP

Note: Make sure you have opened RDP port in your instance security group.
1. Open RDP client and type in the public IP of your instance and click connect.
2. If you get a warning message about remote identity, just click yes.
3. Now you will get a xrdp authentication window, enter the credentials and click ok.
Note: The username is “ec2-user” and the password is the password you set for ec2-user in step 6.
4. You will be prompted to enter the password again. Provide the password and proceed to the steps to configure the initial desktop.
5. If it prompts for “cloud user password” provide the root user password you set in step 7.
6. That it, you will get a GUI session as shown below. If you face any errors do let me know in the comment session.
Source : https://devopscube.com/how-to-setup-gui-for-amazon-ec2-rhel-7-instance/