Wednesday, November 3, 2010

Using Ubuntu Images on AWS "Free Tier"

[Update 2011-01-20]


There are now official Ubuntu AMIs that fit into the Free Tier disk requirements. You can get a list of the AMIs for 10.04 or 10.10.

This article is still useful as documentation, but is not necessary if you only want to use Ubuntu on Amazon's Free Tier.

Amazon AWS recently announced an AWS Free Usage Tier. The summary of which is that new AWS customers can run a t1.micro instance 24x7 for the next year and pay nothing (or at least very little).

There are various restrictions on what you get for free, but the most interesting to the Ubuntu images is:
10 GB of Amazon Elastic Block Storage, plus 1 million I/Os, 1 GB of snapshot storage, 10,000 snapshot Get Requests and 1,000 snapshot Put Requests*

The Official Ubuntu Images have a 15GB root filesystem. What that means is if you're using any of our official images (10.04, 10.10), then you will be charged for 5GB of provisioned storage per month. In the us-east-1 region that would be $0.50/month. In other regions, that would be $0.55/month.

This issue has been raised on the AWS Discussion Forums, but it seems like Amazon is not willing to budge.

Similarly, bug 670161 was opened requesting "10GB root partition for EBS boot AMIs on EC2". If you're interested in following this discussion, subscribe yourself to that bug. I will make sure that it is kept up to date.

I don't want to comment right now on whether or not we will release future EBS root AMIs of 10.04 and and 10.10 with a 10GB filesystem instead of a 15G filesystem. What I do want to discuss is how you can create your own AMI that has a 10G (or smaller) root filesystem, which will perform otherwise identically to the official images.

If you want to use Ubuntu on the Amazon Free Tier *right now*, then you can follow these instructions, which assume you have the ec2-api-tools correctly configured on your laptop. And you have a keypair named "mykey" available in the target region.

In the code (shell prompt) snippits below, '$' prompt indicates command run on my laptop. '%' prompt indicates command run on the ec2 instance. lines beginning with a '#' are comments.

Launch an instance to work with:

# us-east-1 ami-548c783d canonical ebs/ubuntu-maverick-10.10-amd64-server-20101007.1
$ ec2-run-instances --region us-east-1 --instance-type t1.micro \
--key mykey ami-548c783d
$ iid=i-1855ea75
$ zone=$(ec2-describe-instances $iid |
awk '-F\t' '$2 == iid { print $12 }' iid=${iid} )
$ echo ${zone}
us-east-1d
$ host=$(ec2-describe-instances $iid |
awk '-F\t' '$2 == iid { print $4 }' iid=${iid} )
$ echo ${host}
ec2-174-129-61-12.compute-1.amazonaws.com


create a volume in correct zone of the desired size to attach to the instance. Change '10' to '5' if you wanted a 5GB root filesystem.

$ ec2-create-volume --size 10 --availability-zone ${zone}
$ vol=vol-c64d55af
$ ec2-attach-volume --instance ${iid} --device /dev/sdh ${vol}


Then, ssh to ubuntu@${host}, and download the uec reference image and extract it. Below, I've downloaded the i386 image for maverick. You could browse through at http://uec-images.ubuntu.com/releases/10.10/release/ and find an amd64 image or a 10.04 base image.

% sudo chown ubuntu:ubuntu /mnt
% cd /mnt
% url=http://uec-images.ubuntu.com/releases/10.10/release/ubuntu-10.10-server-uec-i386.tar.gz
% tarball=${url##*/}
% wget ${url} -O ${tarball}
% tar -Sxvzf ${tarball}
maverick-server-uec-i386.img
maverick-server-uec-i386-vmlinuz-virtual
maverick-server-uec-i386-loader
maverick-server-uec-i386-floppy
README.files
% img=maverick-server-uec-i386.img
% mkdir src target


create target filesystem, mount the attached volume, and copy source filesystem contents to target filesystem using rsync.

% sudo mount -o loop,ro ${img} /mnt/src
% sudo mkfs.ext4 -L uec-rootfs /dev/sdh
% sudo mount /dev/sdh /mnt/target
# the rsync could take quite a while. for me it took 22 seconds.
% sudo rsync -aXHAS /mnt/src/ /mnt/target
% sudo umount /mnt/target
% sudo umount /mnt/src


Now, back on the laptop, snapshot the volume.

$ ec2-create-snapshot ${vol}
$ snap=snap-b97dfdd3
# now you have to wait for snapshot to be 'completed'
$ ec2-describe-snapshots ${snap}
SNAPSHOT snap-b97dfdd3 vol-c64d55af completed 2010-11-03T17:31:52+0000 100% 950047163771 10


Turn the contents of that volume into an AMI. Note, you must set 'arch', 'rel', and 'region' correctly. Then, we use that information to get the aki associated with the most recent released Ubuntu image.


$ rel=maverick; region=us-east-1; arch=i386; # arch=amd64
$ [ $arch = amd64 ] && xarch=x86_64 || xarch=${arch}
$ qurl=http://uec-images.ubuntu.com/query/${rel}/server/released.current.txt
$ aki=$(curl --silent "${qurl}" |
awk '-F\t' '$5 == "ebs" && $6 == arch && $7 == region { print $9 }' \
arch=$arch region=$region )
$ echo ${aki}
aki-407d9529
$ ec2-register --snapshot ${snap} \
--architecture=${xarch} --kernel=${aki} \
--name "my-ubuntu-${rel}" --description "my-ubuntu-${rel}"
IMAGE ami-4483742d
$ ami=ami-4483742d


Clean up your instance and volume

$ ec2-detach-volume ${vol}
$ ec2-terminate-instances ${iid}
$ ec2-delete-volume ${vol}


And now run your instance

$ ec2-run-instances --instance-type t1.micro ${ami}
$ ssh ubuntu@
% sudo apt-get update && sudo apt-get dist-upgrade
# if you got a new kernel (linux-virtual package), then you will
# need to reboot
% sudo reboot


Now, your newly created image has filesystem contents that are identical to those of the official Ubuntu images, but with a 10G filesystem.

Once you've launched your image, you can actually clean up the snapshot and the AMI id that you launched. To do that:

ec2-deregister ${ami}
ec2-delete-snapshot ${snap}


The cost of the above operations will probably be on the order of pennies, and will remove the costs you would have incurred due to having 15G root volume.

17 comments:

  1. Scott this is great. Thanks so much. It worked with the 10.04 64bit LTS AMI as well.

    ReplyDelete
  2. Scott - what does the private AMI fall under in terms of cost? I'd like to keep it around to share w/ friends, but don't know how much it will cost me (is it stored in s3?)

    ReplyDelete
  3. @Ahmed, I made the change. thanks for the free proofreading.

    @rynop,
    http://aws.amazon.com/ec2/ covers the cost of a snapshot. There is no cost for the fact that a snapshot is registered as an ami, but the snapshot itself costs $0.15/GB-Month ($0.18 in us-west-1). I don't know if its possible to see exactly how much storage a snapshot takes, but you will only be paying for the non-zero'd blocks. My guess is that is < 1GB if you followed the steps above. The filesystem is ~ 650M of used space, plus filesystem overhead, so 1GB sounds a safe assumption.
    If you do find a way to determine or view exactly how much storage a snapshot takes, then I'd be interested in knowing.

    ReplyDelete
  4. I found another way which doesn't involve creating a new AMI. I did it all through the web interface.

    1. Create a micro instance using the Official AMI. This instance will be created with a 15G root volume.

    2. Create a new volume of the desired size and attach it to the instance as /dev/sdf1

    3. Log in to the instance using ssh and type the following commands:

    sudo -i
    mkfs.ext4 -L uec-rootfs /dev/sdf1
    mount --bind / /mnt
    mkdir /mnt2
    mount /dev/sdf1 /mnt2
    cp -a /mnt/* /mnt2/
    umount /mnt2

    4. On the management console, stop the instance.

    5. detach both volumes, then attach the new volume as /dev/sda1

    6. start the instance.

    7. If the instance is working, delete the 15G volume.

    It worked for me.

    ReplyDelete
  5. Thanks for the instructions above. They worked really well, and have taught me a thing or two about ec2 as I went along (being an ec2 newbie)

    Cheers,

    J

    ReplyDelete
  6. I got stuck at launching the new instance.

    Shouldn't this line:
    ec2-run-instances --instance-type t1.micro ${ami}
    Be replaced with this line:
    ec2-run-instances --instance-type t1.micro --key mykey ${ami}

    Either way, I can't SSH into the new instance, even with the correct -i argument. I always get this error:
    ssh: connect to host _____.compute.amazonaws.com port 22: Connection timed out.

    ReplyDelete
  7. There's a known bug in the Ubuntu 10.10 AMI preventing SSH after start-up. Needs to get fixed. Startup a 10.04.1 AMI.

    ReplyDelete
  8. @Michael,
    What bug are you referring to ? Its not known to me.

    @flimm,
    If you're still having trouble, please bring up the issue on the ubuntu-cloud mailing list [1] or the ec2ubuntu group [2]

    --
    [1] https://lists.ubuntu.com/mailman/listinfo/ubuntu-cloud
    [2] http://groups.google.com/group/ec2ubuntu

    ReplyDelete
  9. thanks, thanks, thanks. Now I have a 3GB EBS instance :)

    ReplyDelete
  10. Hi Scott,

    Excellent instructions. Thanks. I have a question about deregistering the AMI and deleting the snapshot. It seems to me that this implies that my instance will run forever, since I don't have a way to launch it again. Perhaps I'm just too new to this, but I would think I need to AMI around in case I want to... well, lots of things (start news ones, restart the one I have running, etc.).

    Do I misunderstand the use model? Or, are you just recommending to get rid of the AMI for this experiment as the lowest-cost option?

    Another way of asking the same question is this. If I delete the AMI and then the instance I have running gets hung, would it even be possible to start a new one?

    thanks,
    Brian

    ReplyDelete
  11. @Brian,
    regarding deregistering and deleting snapshot. You are correct in that if you do deregister your AMI, you'll never be able to launch "it" again.
    There a few things to be aware of, though,
    a.) The snapshot and AMI id above represent the pristine instance, as your instance changes over time, the changes are not stored in that snapshot. So, saving the snapshot and ami id would only save you the time to re-run the above.
    b.) we now have officially released 8GB images on EC2. (So you wouldn't really have to do the above)
    c.) While an instance's health on EC2 is not to be relied on (they make basically no promises), an EBS volume is somewhat reliable. See amazon doc at http://aws.amazon.com/ebs/ .

    ReplyDelete
  12. Hey Scott,

    What password does it setup for the ubuntu user by default?

    Thanks

    Dan

    ReplyDelete
  13. @themorginme,
    The ubuntu user does not have a password set. If it did, anyone else would be able to race you to your instance and get in!
    Instead, the only way into a Ubuntu system by default on EC2 is to populate it with your ssh keys (ec2-run-instances --keypair).

    ReplyDelete
  14. @scott i just created a 10.10 64 bit instance as demonstrated up but i am unable to ssh via putty. I took care of the authentication key and passed it via putty (converted pem to ppk). Can u suggest where i might go wrong

    ReplyDelete
  15. @Teh HawWk I had the same Problem Teh Hawwk is describing. Login as user: ubuntu NOT as ec2-user. It worked for me that way. All the best

    ReplyDelete
  16. its a shame amazon are engaged in a confusion marketing strategy.. AWS is good enough to sell itself.

    ReplyDelete