Photo by Sereja Ris on Unsplash
ec2 troubleshooting logs
Reference scripts. No Explanations; almost self explanatory if you understand bash and little bit of aws
If you ever come across this article. Just ignore it. I warn you just ignore it unless you want a migrane on both side of your head.
create-lampp-stack.sh
#!/bin/bash
DATE=`date '+%Y-%m-%d %H:%M:%S'`
echo
echo "Running create-instance.sh on "$DATE
echo
# Hard coded values
instanceType="t2.small"
echo "Instance Type: "$instanceType
profile="default"
echo "Profile: "$profile
echo
echo "Looking up account values..."
# get vpcId
vpc=""
while [[ "$vpc" == "" ]] ; do
for i in $(aws ec2 describe-regions | grep RegionName | cut -d '"' -f4) ; do
region=$i;
vpc=$(aws ec2 describe-vpcs --region $i --filters "Name=tag:Name,Values='MomPopCafe VPC'" --profile $profile | grep VpcId | cut -d '"' -f4 | sed -n 1p );
if [[ "$vpc" != "" ]]; then
break;
fi
done
done
echo
echo "VPC: "$vpc
echo "Region: "$region
vpc=$(aws ec2 describe-vpcs \
--filters "Name=tag:Name,Values='MomPopCafe VPC'" \
--region $region \
--profile $profile | grep VpcId | cut -d '"' -f4 | sed -n 1p)
echo "VPC: "$vpc
# get subnetId
subnetId=$(aws ec2 describe-subnets \
--filters "Name=tag:Name,Values='MomPopCafe Public Subnet 1'" \
--region $region \
--profile $profile \
--query "Subnets[*]" | grep SubnetId | cut -d '"' -f4 | sed -n 1p)
echo "Subnet Id: "$subnetId
# Get keypair name
key=$(aws ec2 describe-key-pairs \
--profile $profile --region $region | grep KeyName | cut -d '"' -f4 )
echo "Key: "$key
# Get AMI ID
imageId=$(aws ec2 describe-images \
--owners amazon --query 'Images[*].[ImageId]' \
--filters 'Name=name,Values=amzn2-ami-hvm-2.0.20190115-x86_64-gp2' 'Name=state,Values=available' \
--output json \
--profile $profile \
--region $region | grep ami- | cut -d '"' -f2 | sed -n 1p)
echo "AMI ID: "$imageId
#check for existing mompopcafe instance
existingEc2Instance=$(aws ec2 describe-instances \
--region $region \
--profile $profile \
--filters "Name=tag:Name,Values=mompopcafeserver" "Name=instance-state-name,Values=running" \
| grep InstanceId | cut -d '"' -f4)
if [[ "$existingEc2Instance" != "" ]]; then
echo
echo "WARNING: Found existing running EC2 instance with instance ID "$existingEc2Instance"."
echo "This script will not succeed if it already exists. "
echo "Would you like to delete it? [Y/N]"
echo ">>"
validResp=0
while [ $validResp -eq 0 ];
do
read answer
if [[ "$answer" == "Y" || "$answer" == "y" ]]; then
echo
echo "Deleting the existing instance..."
aws ec2 terminate-instances --instance-ids $existingEc2Instance --region $region --profile $profile
#wait for confirmation it was terminated
aws ec2 wait instance-terminated --instance-ids $existingEc2Instance --region $region --profile $profile
validResp="1"
elif [[ "$answer" == "N" || "$answer" == "n" ]]; then
echo "Ok, exiting."
exit 1
else
echo "Please reply with Y or N."
fi
done
sleep 10 #give it 10 seconds before trying to delete the SG this instance used.
fi
#check for existing mompopcafeSG security Group
existingMpSg=$(aws ec2 describe-security-groups \
--region $region \
--query "SecurityGroups[?contains(GroupName, 'mompopcafeSG')]" \
--profile $profile | grep GroupId | cut -d '"' -f4)
if [[ "$existingMpSg" != "" ]]; then
echo
echo "WARNING: Found existing security group with name "$existingMpSg"."
echo "This script will not succeed if it already exists. "
echo "Would you like to delete it? [Y/N]"
echo ">>"
validResp=0
while [ $validResp -eq 0 ];
do
read answer
if [[ "$answer" == "Y" || "$answer" == "y" ]]; then
echo
echo "Deleting the existing security group..."
aws ec2 delete-security-group --group-id $existingMpSg --region $region --profile $profile
validResp="1"
elif [[ "$answer" == "N" || "$answer" == "n" ]]; then
echo "Ok, exiting."
exit 1
else
echo "Please reply with Y or N."
fi
done
sleep 10 #give it 10 seconds before trying to recreate the SG
fi
# CREATE a security group and capture the name of it
echo
echo "Creating a new security group..."
securityGroup=$(aws ec2 create-security-group --group-name "mompopcafeSG" \
--description "mompopcafeSG" \
--region $region \
--group-name "mompopcafeSG" \
--vpc-id $vpc --profile $profile | grep GroupId | cut -d '"' -f4 )
echo "Security Group: "$securityGroup
# Open ports in the security group
echo
echo "Opening port 22 in the new security group"
aws ec2 authorize-security-group-ingress \
--group-id $securityGroup \
--protocol tcp \
--port 22 \
--cidr 0.0.0.0/0 \
--region $region \
--profile $profile
echo "Opening port 80 in the new security group"
aws ec2 authorize-security-group-ingress \
--group-id $securityGroup \
--protocol tcp \
--port 8080 \
--cidr 0.0.0.0/0 \
--region $region \
--profile $profile
echo
echo "Creating an EC2 instance in "$region
instanceDetails=$(aws ec2 run-instances \
--image-id $imageId \
--count 1 \
--instance-type $instanceType \
--region us-west-2 \
--subnet-id $subnetId \
--security-group-ids $securityGroup \
--tag-specifications 'ResourceType=instance,Tags=[{Key=Name,Value=mompopcafeserver}]' \
--associate-public-ip-address \
--profile $profile \
--user-data file://create-lamp-instance-userdata.txt )
#if the create instance command failed, exit this script
if [[ "$?" -ne "0" ]]; then
exit 1
fi
echo
echo "Instance Details...."
echo $instanceDetails | python -m json.tool
# Extract instanceId
instanceId=$(echo $instanceDetails | python -m json.tool | grep InstanceId | sed -n 1p | cut -d '"' -f4)
echo "instanceId="$instanceId
echo
echo "Waiting for a public IP for the new instance..."
pubIp=""
while [[ "$pubIp" == "" ]]; do
sleep 10;
pubIp=$(aws ec2 describe-instances --instance-id $instanceId --region $region --profile $profile | grep PublicIp | sed -n 1p | cut -d '"' -f4)
done
echo
echo "The public IP of your LAMP instance is: "$pubIp
echo
echo "Download the Key Pair from the Qwiklabs page."
echo
echo "Then connect using this command (with .pem or .ppk added to the end of the keypair name):"
echo "ssh -i path-to/"$key" ec2-user@"$pubIp
echo
echo "The website should also become available at"
echo "http://"$pubIp"/mompopcafe/"
echo
DATE=`date '+%Y-%m-%d %H:%M:%S'`
echo
echo "Done running create-instance.sh at "$DATE
echo
create-lamp-instance-userdata.txt
#!/bin/bash
yum -y update
amazon-linux-extras install -y lamp-mariadb10.2-php7.2 php7.2
yum -y install httpd mariadb-server
systemctl enable httpd
systemctl start httpd
systemctl enable mariadb
systemctl start mariadb
echo '<html><h1>Hello From Your Web Server!</h1></html>' > /var/www/html/index.html
find /var/www -type d -exec chmod 2775 {} \;
find /var/www -type f -exec chmod 0664 {} \;
echo "<?php phpinfo(); ?>" > /var/www/html/phpinfo.php
usermod -a -G apache ec2-user
chown -R ec2-user:apache /var/www
chmod 2775 /var/www
#Check /var/log/cloud-init-output.log after this runs to see errors, if any.
#
# Download and unzip the Mom & Pop Cafe application files.
#
# Database scripts
wget https://aws-tc-largeobjects.s3.us-west-2.amazonaws.com/ILT-TF-200-ACSOPS-1/activity-3/momPopDb.tar.gz
tar -zxvf momPopDb.tar.gz
# Web application files
wget https://aws-tc-largeobjects.s3.us-west-2.amazonaws.com/ILT-TF-200-ACSOPS-1/activity-3/mompopcafe.tar.gz
tar -zxvf mompopcafe.tar.gz -C /var/www/html/
#
# Run the scripts to set the database root password, and create and populate the application database.
# Check the following logs to make sure there are no errors:
#
# /momPopDb/set-root-password.log
# /momPopDb/create-db.log
#
cd momPopDb
./set-root-password.sh
./create-db.sh
hostnamectl set-hostname web-server
sudo yum install -y nmap
nmap -Pn <public-ip>
check log file that shows if the user-data script command ran as expected. can check for user data errors
sudo tail -f /var/log/cloud-init-output.log
On an Amazon Linux instance, the user-data file commands are run by the cloud-init service.