Sunday, April 24, 2011

AWS EC2: Create a new instance from a snapshot (when you lose your keys)

One small issue due to my work related absence from home is the loss of access to my Mac computer. On this computer I had my private SSH key for my Amazon Elastic Compute Cloud (EC2) instance.



I have a free* micro instance running in the cloud, if you are a NEW signup you can find out more about the  free micro instances here.

I could start my instance and access the apache web server in the cloud however but without my private key I could not connect via ssh :( and therefore not startup my geoserver application or start creating barcodes in the cloud.
Googling the issue and I found some answers but not the full resolution to my situation. So what follows is the way I created
* new key pair
* snapshot of the original volome
* install the command line java tools
* create an AMI linked to the snapshot
* start the instance with the new key
* convert the private key to be used with Putty

The following is based on a Windows XP system.


1) New key pair

From the AWS guide, generating a keypair

To generate a key pair
  1. Log in to the AWS Management Console and click the Amazon EC2 tab.
  2. Click Key Pairs in the Navigation pane.
    The console displays a list of key pairs associated with your account.
  3. Click Create Key Pair.
    The Key Pair dialog box appears.
  4. Enter a name for the new key pair in the Key Pair Name field and click Create.
    You are prompted to download the key file.
  5. Download the key file and keep it in a safe place. You will need it to access any instances that you launch with this key pair.
2) Snapshot of the original volume
To create a snapshot
  1. Click Create Snapshot.
    The Create Snapshot dialog box appears.
  2. Select a volume to make a snapshot of and click Create.
    Amazon EC2 creates a new snapshot, displaying its status in the list of snapshots.

3) Install command line Java tools
Java needs to be installed I have jdk1.6.0_12
The AWS EC2 API tools can be downloaded here http://aws.amazon.com/developertools/351

Unzip the AWS tools to c:\aws

Download the X.509 cert and key to the c:\aws from the following screen.

Create a DOS BAT script with the following contents.

rem sets Java home
set JAVA_HOME="C:\Program Files\Java\jdk1.6.0_12"

rem sets the X.509 private key and cert. (REPLACE {...} with your filenames ).
set EC2_PRIVATE_KEY=c:\aws\pk-{private key details}.pem
set EC2_CERT=c:\aws\cert-{cert details}.pem

rem set EC2 variables
set EC2_HOME=c:\aws\ec2
rem THIS IS ASIA PACIFIC norteast zone for my micro instance, change to your zone
set EC2_URL=https://ec2.ap-northeast-1.amazonaws.com

rem update PATH variable
set PATH=%PATH%;%EC2_HOME%\bin

rem check it works with the describe regions API command.
ec2-describe-regions

4) Create an AMI linked to the snapshot

ec2-register command help url
ec2-register -n {NAME of AMI) -d {description} --root-device-name /dev/sda1 -b "/dev/sda1=snap-xxxxxxxx" -a x86_64 --kernel aki-ba3adfd3

*note -b replace with the snapshot name
          --kernel I used the kernel id from my original instance

After running this command the AMI id will be displayed this is needed for step 5

5) Start the instance with the new key
ec2run command help url
ec2run {AMI id from step 4} -b "/dev/sda1=snap-xxxxxxxx:8:true" -g quick-start-1 -k {NEW KEY} -t t1.micro

*note -b replace with the snapshot name
          -k important to use the NEW KEY created in step 1. (and now I have this in my dropbox lesson learnt)

6) Convert the private key to be used with Putty

use puttygen.exe and chose the conversion option



select the AWS key downloaded in step 1

select save private key and I ignored the warning message.


create a new session for putty and add a reference to the new key

Add a reference to the ec2-user in the session



Save the new putty session and you are then able to log directly onto the new EC2 instance.

No comments:

Post a Comment

Google +