Trying Ubuntu 10.10 in AWS Free Usage Tier

After trying 60 Free Minutes with Ubuntu 10.10 in Amazon EC2 yesterday, I decided to take the next step and try the AWS Free Usage Tier. This blog post by Jay Andrew Allen titled Getting Started (for Free!) with Amazon Elastic Cloud Computing (EC2) helped me.

One important caveat applies: this activity will not be completely free. The AMI chose uses a 15 GB filesystem, and the terms of the free usage stipulate no more than a 10 GB filesystem. I'll pay $0.50 per month for the privilege of using a prebuilt Ubuntu AMI. Since I'm an AMI n00b, I decided to pay the $0.50. At some point when I am comfortable creating or trusting 10 GB AMIs, maybe I'll switch.

  1. First I visited http://aws.amazon.com/ec2/ and signed up for Amazon EC2. At Amazon Web Services Sign In, I chose to "Identity Verification by Telephone." When I completed sign up I received three emails: 1) Amazon Virtual Private Cloud Sign-Up Confirmation; 2) Amazon Elastic Compute Cloud Sign-Up Confirmation; and 3) Amazon Simple Notification Service Sign-Up Confirmation.

  2. Next I visited the AWS Management Console at https://console.aws.amazon.com/ec2/home. In Getting Started, I choose Launch Instance. I had to decide what sort of virtual machine I wanted to run. I decided to try a 64 bit Ubuntu 10.10 Amazon Machine Image (AMI) I found mentioned at http://uec-images.ubuntu.com/releases/maverick/release/ and at http://alestic.com/. I selected an AMI available at Amazon's us-east-1 facility, identified as ami-548c783d. This AMI uses Amazon's Elastic Block Store (EBS) so that changes persist.

  3. Under Instance Details, I chose:

    Number of Instances: 1
    Availability Zone: No Preference
    Instance Type: Micro (t1.micro, 613 MB)

  4. Under Select Launch Instances, I chose:

    Kernel ID: Use Default
    RAM Disk ID: Use Default
    No Monitoring
    No User Data
    No Tags

  5. Next I had to Create and Download Key Pair. That produced a file called taosecuritykey.pem which we'll use later.

  6. I chose

    Security Groups: Default

  7. When I reviewed my choices I saw:

    AMI: Ubuntu AMI ID ami-548c783d (x86_64)
    Name:
    Description:
    Number of Instances: 1
    VPC Subnet:
    Availability Zone: No Preference
    Instance Type: Micro (t1.micro)
    Instance Class: On Demand
    Number of Instances: 1
    Availability Zone: No Preference
    Instance Class: On Demand
    Maximum Price:
    Request Valid From:
    Availability Zone Group:
    Request Valid Until:
    Launch Group:
    Persistent Request:
    Placement Group:
    Strategy:
    Monitoring: Disabled
    Bursting:
    Kernel ID: Use Default
    RAM Disk ID: Use Default
    IP Address:
    User Data:
    Key Pair Name: taosecuritykey
    Security Group(s): default

  8. Finally I launched Launched the instance and visited the Instances Page.

  9. In order to SSH to my AMI I had to add "SSH" to my Security Group and I decided to add my own IP address (with /32 netmask) as the IP allowed to traverse the firewall.

  10. To SSH to the system I had to find the hostname in the EC2 Instance listing at the bottom of the page, e.g., ec2-obfuscated.compute-1.amazonaws.com. I also had to set permissions on my .pem so I could use it with SSH:


    richard@neely:~$ mv taosecuritykey.pem .ssh/
    richard@neely:~$ chmod 400 .ssh/taosecuritykey.pem

  11. Then I connected to the AMI:

    richard@neely:~$ ssh -v -i .ssh/taosecuritykey.pem \
    ubuntu@ec2-obfuscated.compute-1.amazonaws.com

    Linux domU-12-31-39-14-F9-0C 2.6.35-22-virtual #33-Ubuntu SMP
    Sun Sep 19 21:05:42 UTC 2010 x86_64 GNU/Linux

    Ubuntu 10.10

    Welcome to Ubuntu!
    * Documentation: https://help.ubuntu.com/

    System information as of Wed Nov 24 20:36:24 UTC 2010

    System load: 0.0 Processes: 60
    Usage of /: 4.4% of 14.76GB Users logged in: 0
    Memory usage: 6% IP address for eth0: 10.206.250.250
    Swap usage: 0%

    Graph this data and manage this system at https://landscape.canonical.com/
    ---------------------------------------------------------------------
    At the moment, only the core of the system is installed. To tune the
    system to your needs, you can choose to install one or more
    predefined collections of software by running the following
    command:

    sudo tasksel --section server
    ---------------------------------------------------------------------

    The programs included with the Ubuntu system are free software;
    the exact distribution terms for each program are described in the
    individual files in /usr/share/doc/*/copyright.

    Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
    applicable law.

    To run a command as administrator (user "root"), use "sudo ".
    See "man sudo_root" for details.

    ubuntu@domU-12-31-39-14-F9-0C:~$


At this point my system was working, so I poked around a little.

ubuntu@domU-12-31-39-14-F9-0C:~$ df -h
Filesystem Size Used Avail Use% Mounted on
/dev/sda1 15G 665M 14G 5% /
none 290M 108K 290M 1% /dev
none 297M 0 297M 0% /dev/shm
none 297M 48K 297M 1% /var/run
none 297M 0 297M 0% /var/lock

ubuntu@domU-12-31-39-14-F9-0C:~$ sudo netstat -natup
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 468/sshd
tcp 0 48 10.206.250.250:22 98.218.35.11:57655 ESTABLISHED 577/sshd: ubuntu [p
tcp6 0 0 :::22 :::* LISTEN 468/sshd
udp 0 0 0.0.0.0:68 0.0.0.0:* 387/dhclient3

ubuntu@domU-12-31-39-14-F9-0C:~$ ifconfig -a
eth0 Link encap:Ethernet HWaddr 12:31:39:14:f9:0c
inet addr:10.206.250.250 Bcast:10.206.251.255 Mask:255.255.254.0
inet6 addr: fe80::1031:39ff:fe14:f90c/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:429 errors:0 dropped:0 overruns:0 frame:0
TX packets:337 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:67019 (67.0 KB) TX bytes:49777 (49.7 KB)
Interrupt:9

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)

ubuntu@domU-12-31-39-14-F9-0C:~$ sudo lft -D eth0 www.bejtlich.net

Tracing __________________________________.

TTL LFT trace to vhost.identityvector.com (205.186.148.46):80/tcp
1 10.206.248.3 0.8ms
2 216.182.232.236 0.5ms
3 216.182.232.64 0.4ms
** [neglected] no reply packets received from TTLs 4 through 6
7 dca-edge-18.inet.qwest.net (65.120.78.57) 2.1ms
8 dcp-brdr-03.inet.qwest.net (205.171.251.110) 4.9ms
** [neglected] no reply packets received from TTL 9
10 216.88.34.170 3.7ms
11 cr02-1-1.iad1.net2ez.com (65.97.48.206) 9.7ms
12 65.97.50.26 4.2ms
13 static-70-32-64-246.mtsvc.net (70.32.64.246) 4.2ms
14 vzd052.mediatemple.net (205.186.147.5) 3.7ms
15 [target] vhost.identityvector.com (205.186.148.46):80 4.1ms

I decided to update the AMI using apt.

$ sudo apt-get update
$ sudo apt-get upgrade

After reboot

ubuntu@domU-12-31-39-14-F9-0C:~$ uname -a
Linux domU-12-31-39-14-F9-0C 2.6.35-22-virtual #35-Ubuntu
SMP Sat Oct 16 23:19:29 UTC 2010 x86_64 GNU/Linux

I decided to try sending email from the system:

ubuntu@domU-12-31-39-14-F9-0C:~$ sudo apt-get install exim4-daemon-light
...edited...
ubuntu@domU-12-31-39-14-F9-0C:~$ sudo dpkg-reconfigure exim4-config
* Stopping MTA for restart [ OK ]
* Restarting MTA [ OK ]

ubuntu@domU-12-31-39-14-F9-0C:~$ echo "test mail 1557" | mailx -v -s "test mail 1557" richard@bejtlich.net
LOG: MAIN
<= ubuntu@domu-12-31-39-14-f9-0c.compute-1.amazonaws.com U=ubuntu P=local S=489
ubuntu@domU-12-31-39-14-F9-0C:~$ delivering 1PLMPR-0000eu-4P
R: dnslookup for richard@bejtlich.net
T: remote_smtp for richard@bejtlich.net
Connecting to ASPMX.L.GOOGLE.COM [74.125.93.27]:25 ... connected
SMTP<< 220 mx.google.com ESMTP g35si18125523qcs.170
SMTP>> EHLO domU-12-31-39-14-F9-0C.compute-1.internal
SMTP<< 250-mx.google.com at your service, [174.129.106.239]
250-SIZE 35651584
250-8BITMIME
250 ENHANCEDSTATUSCODES
SMTP>> MAIL FROM: SIZE=1523
SMTP<< 250 2.1.0 OK g35si18125523qcs.170
SMTP>> RCPT TO:
SMTP<< 250 2.1.5 OK g35si18125523qcs.170
SMTP>> DATA
SMTP<< 354 Go ahead g35si18125523qcs.170
SMTP>> writing message and terminating "."
SMTP<< 250 2.0.0 OK 1290632265 g35si18125523qcs.170
SMTP>> QUIT
LOG: MAIN
=> richard@bejtlich.net R=dnslookup T=remote_smtp H=ASPMX.L.GOOGLE.COM [74.125.93.27]
LOG: MAIN
Completed

I also decided to try an IPv6 tunnel client:
ubuntu@domU-12-31-39-14-F9-0C:~$ sudo apt-get install miredo

ubuntu@domU-12-31-39-14-F9-0C:~$ ifconfig -a
eth0 Link encap:Ethernet HWaddr 12:31:39:14:f9:0c
inet addr:10.206.250.250 Bcast:10.206.251.255 Mask:255.255.254.0
inet6 addr: fe80::1031:39ff:fe14:f90c/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:5025 errors:0 dropped:0 overruns:0 frame:0
TX packets:2849 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2717010 (2.7 MB) TX bytes:1308113 (1.3 MB)
Interrupt:9

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)

teredo Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet6 addr: 2001:0:53aa:64c:102c:3760:517e:9510/32 Scope:Global
inet6 addr: fe80::ffff:ffff:ffff/64 Scope:Link
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1280 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:3 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:0 (0.0 B) TX bytes:144 (144.0 B)

ubuntu@domU-12-31-39-14-F9-0C:~$ host ipv6.google.com
ipv6.google.com is an alias for ipv6.l.google.com.
ipv6.l.google.com has IPv6 address 2001:4860:800f::68

ubuntu@domU-12-31-39-14-F9-0C:~$ ping6 2001:4860:800f::68
PING 2001:4860:800f::68(2001:4860:800f::68) 56 data bytes
64 bytes from 2001:4860:800f::68: icmp_seq=1 ttl=59 time=3.70 ms
64 bytes from 2001:4860:800f::68: icmp_seq=2 ttl=59 time=3.97 ms
64 bytes from 2001:4860:800f::68: icmp_seq=3 ttl=59 time=4.73 ms
^C
--- 2001:4860:800f::68 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 3.707/4.140/4.736/0.435 ms

I did that all under an hour, so before the first hour finished I shut down the AMI.

The next time I want to use it, I'll visit the console, start it, and SSH. I don't have any real plans for this AMI besides experimentation, for now. I'll probably keep my eye on this ec2ubuntu Google Group too.

Comments

Subraya Mallya said…
You can find information here on how to reduce the filesystem to 10GB

http://ubuntu-smoser.blogspot.com/2010/11/using-ubunt-images-on-aws-free-tier.html
RAGETRON said…
I believe they've got images under 10GB now: see example ami-3e02f257. That image is 8GB among many others

Popular posts from this blog

Zeek in Action Videos

New Book! The Best of TaoSecurity Blog, Volume 4

MITRE ATT&CK Tactics Are Not Tactics