This is a work in progress. Right now, it doesn't work. All help appreciated.
To install an EC2 micro server configured to serve 10 Million hits per day with WordPress on a $15 virtual server but without quite as much manual work.
- # for EC2
- Install EC2 API tools
- Create your Micro server
- Log in and update
- Install Puppet and Git
- Configure your puppet
For more detail, see Installation below. (Sadly, GitHub's Markdown lacks internal anchors.)
- Fix the WordPress installation. RIGHT NOW, IT DOESN'T WORK.
- Finish replicating Ewan's work (current step: "Run a blitz.io test to see how we’re doing")
- Make more manifest-ey so people can make many puppets, install multiple sites on one host, etc.
-
On the Security Credentials page, hit Access Credentials and the X.509 Certificates tab. Click Create a new Certificate.
-
Click Download Private Key File. This will be your only chance to do so.
-
Click Download X.509 Certificate.
-
mkdir ~/.ec2 -
Move the certificates. As a one-liner, it's:
find ~/Downloads -type f | egrep ".*/(cert|pk)-[A-Z0-9]{32}.pem" | xargs -I{} mv {} ~/.ec2/
-
Install Homebrew. If you're not on a Mac, you can't do this. Find another way to install the EC2 API tools and skip a few steps.
-
brew install ec2-api-tools -
brew unlink ec2-api-toolsto remove 284 scripts from yourPATHunless you need them -
Do the variables per RS2008, but with an adjusted
EC2_HOMEthat suits Homebrew.export EC2_PRIVATE_KEY=`ls $EC2_HOME/pk-*.pem` export EC2_CERT=`ls $EC2_HOME/cert-*.pem` export EC2_HOME=/usr/local/Cellar/ec2-api-tools/1.5.2.5/jars export JAVA_HOME=/System/Library/Frameworks/JavaVM.framework/Home/ export PATH=$EC2_HOME/binNote that the
EC2_PRIVATE_KEYandEC2_CERTlines will cause commands to fail if you have more than one matching file. Tip: don't.
-
look for a 32-bit t1.micro oneirc image in your preferred region, and note its AMI, e.g.
ami-ac05889cforus-west-2. -
Create a key pair for the region and set its permissions so that
sshwill trust it:REGION=us-west-2 ec2-add-keypair --region $REGION $REGION | tee $REGION.pem chmod 600 $REGION.pem -
Run the instance:
AMI=ami-ac05889c ec2-run-instances $AMI --instance-type t1.micro --region $REGION --key $REGION -
If you're sick of specifying
--regionall the time, setEC2_URLtohttps://plus the region's API address:export EC2_URL=https://$(ec2-describe-regions | grep $REGION | cut -f 3)I'll assume you've done so from now on.
-
Use
ec2-describe-instancesto watch your instance boot. The output format is diabolical: a run of tab-separated values. Look forrunning, which for me turned up in column 6. Then note the group (probablydefault, perhaps in column 30) and hostname (ec2-$DASHED_IP-$REGION.compute.amazonaws.com, perhaps in column 4).Assuming your columns match:
export $HOSTNAME=`ec2-describe-instances|grep $AMI|grep $INSTANCE|cut -f 4` -
Enable SSH and HTTP traffic to its group, which by default will be conveniently named
default:ec2-authorize default -p 22 ec2-authorize default -p 80The default Ubuntu instance lacks anything on port 80, so that second line is safe — especially as we're about to…
-
SSH in and apply updates right away. First, connect:
ssh -i $REGION.pem ubuntu@$HOSTNAMEThen, on the host:
sudo -i set -o emacs # else go insane apt-get update apt-get dist-upgrade
-
Still as
root, install Puppet, which is like CSS but which describes server configuration rather than element rendering:apt-get install puppet git-core
-
Still as
root, replace your node's Puppet configuration withgit clone:rm -rf /etc/puppet/* git clone git://github.com/ewanleith/puppet-wp-micro.git /etc/puppet/ cd /etc/puppet -
Secure your clone by changing the shipped passwords and other keys:
curl https://api.wordpress.org/secret-key/1.1/salt/ > templates/wp-config-keys.php.erb vim manifests/passwords.pp -
Finally, apply the configuration. Puppet will install and build everything else:
puppet apply manifests/self.pp
References:
- Robert Sosinski's Starting Amazon EC2 with Mac OS X
- Ewan Leith's 10 Million hits per day with WordPress on a $15 virtual server