Doug Jaworski

This tutorial is intended to get you started with the Amazon EC2 API Tools on a Mac. I am running this on a PowerBook Pro with Snow Leopard.  The EC2 API Tools are a client interface to EC2 web service and extend the AWS Management Console.

Create Directories

Create a directory to store your AWS Keys and Certificates. For this tutorial we will be creating 2 directories.

The first directory is for your AWS Security Credentials and is typically placed in your home directory.

mkdir ~/.ec2

We also need a directory to place the EC2 API Tools. This can be placed in any directory location of your liking. As this is on a Mac, we will be placing in our /Applications directory.

mkdir /Applications/ec2

Create an AWS Account

You will first need to create an Amazon AWS account and an AWS EC2 account. This will require a credit card however you will only be charged for what you use.

To create an account, you need to go to http://aws.amazon.com and sign up for the service.

After you have created your EC2 account, you will need to create a X.509 certificate. To locate, select the your Account tab and scroll down to Access Credentials section and select Create a new Access Key. Once this is completed, you will need to save the private key file and the X.509 certificate.

Download both the “private Key” file and the “X.509 Certificate” file. Typically this can be in a directory of your liking but for the sake of this tutorial we will place it in your home ~./ec2. The private key file will be names something like pk-xxxxxxxxxxxxxxxxxxxxxx.pem and the X.509 Certificate file will be named something like cert-xxxxxxxxxxxxxxxxxxxxxx.pem.

Download and Install EC2 API Tools

Download the Amazon EC2 API Tools and make sure you have the most current version. Since this tutorial was targeted for the Mac users, the default location for the the file is in your Downloads directory. Simply copy the contents of this file to you /Applications/ec2 directory.

cp Downloads/ec2-api-tools-1.3-53907 /Applications/ec2

A prerequisite for EC2 API Tools is Java, as we are on a Mac, it is already installed and should have JAVA_HOME set. To verify you have JAVA_HOME set, you can simply open up a terminal window and type the following:

echo $JAVA_HOME

It should return something like this:

/System/Library/Frameworks/JavaVM.framework/Home/

If not, verify that you have java installed and set the JAVA_HOME Variable as defined in the next section.

Define your Enviornment

There are many ways to customize your environment variables with OS X.  I personally like you use .bash_profile however you might elect to use another method, this way just works out nice for me so customize to your liking.

Open or create .bash_profile in your home directory with your favorite text editor and update with the following. Your items will have unique names when generated.

export JAVA_HOME=/System/Library/Frameworks/JavaVM.framework/Home/

export EC2_HOME=/Applications/ec2

export EC2_PRIVATE_KEY=~/.ec2/pk-xxx.pem

export EC2_CERT=~/.ec2/cert-xxx.pem

export EC2_ACCNO=0000-0000-0000

export ACCESS_KEY=BGIRITQM7O6ZZF3R2ODC

export SECRET_KEY=lDgGzXoTKukVmZw7q7Donx/O6Jc/kFQ4P889zQu

export PATH=$PATH:$EC2_HOME/bin

After saving this file, you will need to source your .bash_profile so it will export your new variables. From a command prompt run the following command.

source ~/.bash_profile

Create an EC2 Keypair

In order to launch an Amazon AMI, you need a named keypair that is yours and yours alone. You can call your keypair anything you like. I called mine my-keypair for the sake of this tutorial. You will then want to move this keypair to ~/.ec2 and secure the file so only you have access to this file. You must keep this key private and secure as it is the keys to the kingdom.

ec2-add-keypair my-keypair > ~/.ec2/my-keypair.pem

chmod 600 ~/.ec2/my-keypair.pem

Testing in Out

To confirm you have it setup correctly, you can simply query publicly available AMI’s with the following command

ec2-describe-images -a

Simple as that. In my next tutorial, I will document how to launch and customize an Ubuntu 10.04 AMI with an EBS Volume for persistant storage.

If you are running a MacBook Pro, you know they run hot. I solved this issue on the cheap by recycling an iWork Retail Eddition box to allow for more airflow under the the MacBook. All you need is to allow a bit of air to flow on the bottom surface and this box happens to be just the right hight to accomplish with ease.

I just finished setting up an internal Ubuntu 9.10 BIND9 DNS server on my home network and when I tried to ping an internal host by FQDN it would take a long time to respond. Actual ping times however where good. I looked at all the normal places one would look at thinking it might have been a bad resolve.conf file or host file entry. I then stumbled across /etc/nsswitch.conf. In the old days you would have nsswitch.conf resolve files first followed by DNS however it seems in Ubuntu 9.10 to look like this:

hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4

It just did not look right to me and so I changed it to this:

hosts: files dns

Problem now solved. After a bit more research I came across Ubuntu Bug #94940 which also highlighted my problem.

Over the past few weeks I have been teaching myself ever so slowly Ruby on Rails. While my background is system administration, I have always had an eye for programming logic and a respect for programmers. The first place one needs to start when learning Ruby on Rails is getting up and running Ruby on Rails on the Server or Workstation.

I already have a dedicated Ubuntu Servers so I will leverage what I already have implemented and hook in Ruby on Rails. For my server environment I already have Apache 2, MySQL Server and a few other tools so I will start with that as a baseline. If you don’t have any of this installed already I have created a primer below.

Install Apache Server

sudo apt-get install apache2

After the install, Apache will autostart. As a result you might find an error

* Starting web server apache2
apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1 for ServerName
   ...done.

While this is annoying, it does not impact Apache’s ability to operate but the fix is simple and resolved by creating a file called fqdn (fully qualified domain name) in /etc/apache2/conf.d/. Mine looks like this:

ServerName localhost

Restarting Apache will now result in a clean startup.

sudo /etc/init.d/apache2 restart

Install Mysql Server

While Ruby runs great with sqlite, I have on my server MySQL as it performs all the needs I have in a shared database environment. Installing is simple and is accomplished with just a few simple commands.

sudo apt-get install mysql-server
sudo apt-get install libmysqlclient16-dev

During the install, MySQL will prompt you to create a root password for the admin user.

To test the installation, log in to MySQL via command line to confirm.

doug@audi:~$ mysql -u root -p
Enter password:
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 34
Server version: 5.0.75-0ubuntu10.2 (Ubuntu)
Type 'help;' or '\h' for help. Type '\c' to clear the buffer.
mysql>

And to view the databases

mysql> show databases;
+--------------------+
| Database           |
+--------------------+
| information_schema |
| mysql              |
+--------------------+
2 rows in set (0.00 sec)
mysql>

Install Ruby from Source

While this solution might promote some argument, I believe by far the best way to work with some applications, including Ruby on Rails is to install from source. This method will give you the most control as well as provide stability when performing system upgrades or during the patching process.

Make a directory for all your source code. This will come in handy when you need to re-compile and add in additional functionality for future efforts.

You may already have a /usr/local/src directory but if you don’t, simply create one for yourself.

sudo mkdir /usr/local/src

We will place all source code for Ruby and RubyGems in this directory.

Download Ruby

cd /usr/local/src

sudo wget ftp://ftp.ruby-lang.org/pub/ruby/1.8/ruby-1.8.7-p174.tar.gz

You need to use sudo with wget in this case because as a normal user, you wont have the necessary permissions to save to this directory.

Uncompress ruby-1.8.7-p174.tar.gz

sudo tar -xzvf ruby-1.8.7-p174.tar.gz
cd ruby-1.8.7-p174
sudo ./configure
sudo make
sudo make install

Ruby is now installed in /usr/local/bin/ruby

While Ruby is installed, there a still 2 pieces that are needed before we install RubyGems.

Install zlib for Ruby

cd /usr/local/src/ruby-1.8.7-p174/ext/zlib
sudo ruby extconf.rb --with-zlib-include=/usr/include --with-zlib-lib=/usr/lib
sudo make
sudo make install

Install openssl for Ruby

cd ../openssl/
sudo ruby extconf.rb
sudo make
sudo make install

Install RubyGems

cd /usr/local/src/
sudo wget http://rubyforge.org/frs/download.php/60718/rubygems-1.3.5.tgz
sudo tar -xzvf rubygems-1.3.5.tgz
cd rubygems-1.3.5
sudo ruby setup.rb config
sudo ruby setup.rb setup
sudo ruby setup.rb install

Install RAILS

sudo gem install rails

You will need to enable RAILS to talk to our database and this is done by installing the mysql gem.

sudo gem install mysql

Optionally, you can install Mongrel instead of using WebBrick.

sudo gem instal mongrel

Install Passenger

Passenger basically allows you to proxy RAILS applications via apache to the Ruby server – WebBrick or Mongrel. The installation is rather easy and is installed via a Ruby gem. Once installed you will need to modify your Apache configurations to point to the appropriate RAILS application.

sudo gem install Passenger
sudo passenger-install-apache2-module

After running passenger-install-apache2-module, it said I was missing some dependencies. In my case I needed to install the following via apt-get.

sudo apt-get install build-essential apache2-prefork-dev libapr1-dev libaprutil1-dev

After installing the dependancies, re-run passenger-install-apache2-module.

sudo passenger-install-apache2-module

The passenger configuration requires you to modify your Apache configuration file. In my case I create a file in /etc/apache2/conf.d called passenger.

sudo vi /etc/apache2/conf.d/passenger

LoadModule passenger_module /usr/local/lib/ruby/gems/1.8/gems/passenger-2.2.8/ext/apache2/mod_passenger.so
PassengerRoot /usr/local/lib/ruby/gems/1.8/gems/passenger-2.2.8
PassengerRuby /usr/local/bin/ruby

Then you need to create a virtual host to point to your new application. In my case it is setup in this fashion but there are many other ways of accomplishing the same thing.

sudo vi /etc/apache2/site-available/ruby.dougjaworski.com

What my virtual host file looks like.

< VirtualHost *:80>
        ServerAdmin webmaster@localhost
        ServerName ruby.dougjaworski.com
        DocumentRoot /home/doug/rails_apps/test/public
        < Directory /home/doug/rails_apps/test/public>
                Options MultiViews
                AllowOverride All
        < /Directory>
< /VirtualHost>

It is important that you point DocumentRoot to the location of your applications public folder as this is what is exposed to Apache.

It is also important that you have a DNS record or at the very least an entry in hosts host pointing to your Apache virtual host as this is named based resolution.

Now you must enable the virtual host.

sudo a2ensite ruby.dougjaworski.com
[sudo] password for doug:
Enabling site ruby.dougjaworski.com.
Run '/etc/init.d/apache2 reload' to activate new configuration!

Reload the Apache configuration so your changes take effect.

sudo /etc/init.d/apache2 reload

Point your web browser to your new RAILS site!

I recently performed a clean install of OS X Snow Leopard on my PowerMac Pro and ran into issues when trying to connect to my companies SSL VPN. While there are numerous posts found on the web, none seem to pertain to a clean install of Snow Leopard. After debugging the issue furtherI found that Network Connect was still having permission issues when trying to connect via the Network Connect client.

Here is what I did to resolve the problem:

Install NetworkConnect.dmg with the version that your Juniper SSL VPN device supports. In my case, it was 6.1

Open up Terminal and type the following commands followed by enter after each line. As you will be using sudo, you may be prompted for your password as well:

sudo chmod 755 /usr/local/juniper/nc/6.1.0/
sudo mkdir '/Applications/Network Connect.app/Contents/Frameworks'

I original found the above steps at various sites including the Juniper support forums but I was still running into permission issues. After digging further into the log files I found this and determined that there must be some sort of elevated root permission that needs to update some network settings that can only be done as a super user.

ncproxyd[19016] ncproxyd.info ncproxyd exiting status 1 (ncproxyd.cpp:92)
ncproxyd[19054] ncproxyd.error Failed to gain root privileges: Operation not permitted

To fix this you must modify the permissions of ncproxyd

chmod 4711 /usr/local/juniper/nc/6.3.0/ncproxyd

How to Install MySQL Server on RHEL 5.3

sudo yum install mysql-server mysql
sudo chkconfig –add mysqld
sudo chkconfig –level 2 mysqld
sudo chkconfig –level 3 mysqld
sudo chkconfig –level 4 mysqld

How to Set the MySQL Root User Password

mysql -u root
mysql> SET PASSWORD FOR ‘root’@'localhost’ = PASSWORD(‘yourpassword’);
mysql> FLUSH PRIVILEGES;
mysql> exit

How to Create a Database

mysql -u root -pyourpassword
mysql> CREATE DATABASE yourdatabase;

Creating a User With Access to New Database

mysql -u root -pyourpassword
mysql> GRANT ALL PRIVILEGES ON yourdatabase.* TO ‘yourusername’@'localhost’ IDENTIFIED BY ‘yourpassword’ WITH GRANT OPTION;
mysql> FLUSH PRIVILEGES;
mysql> exit

To Create a User With Fewer Privileges Limited to New Database

mysql -u root -pyourpassword
mysql> GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, INDEX, ALTER, CREATE TEMPORARY TABLES, LOCK TABLES ON yourdatabase.* TO ‘yourusername’@'localhost’ IDENTIFIED BY ‘yourpassword’;
mysql> FLUSH PRIVILEGES;
mysql> exit

To Create a User With Access to New Database From any Host

mysql -u root -pyourpassword
mysql> GRANT ALL PRIVILEGES ON yourdatabase.* TO ‘yourusername’@'localhost’ IDENTIFIED BY ‘yourpassword’ WITH GRANT OPTION;
mysql> FLUSH PRIVILEGES;
mysql> exit

To Create a User With Access to database from any host

mysql -u root -pyourpassword
mysql> GRANT ALL PRIVILEGES ON yourdatabase.* TO ‘yourusername’@'%’ IDENTIFIED BY ‘yourpassword’ WITH GRANT OPTION;
mysql> FLUSH PRIVILEGES;
mysql> exit

How to Backup a Database Instance From mysqldump Command

/bin/mysqldump -u username -ppassword –databases databasename >/tmp/databasename.sql

How to Restore a Database Instance From Command Line

mysql -u username -ppassword databasename < /tmp/databasename.sql

On October 15th, 2009 the Jaworski family welcomed Juliana Isabella Jaworski into the family. She weighed in at a healthy 7.0lbs. Welcome to the family Juliana!

I have started a side project of taking all of our family photos shot in the 1970′s and scanning them to digital media. This picture is from the time our family lived in Papua New Guinea for a few years.