I've recently attempted to install Fedora Core 8 in AWS and everything seems fine
except my ssh configuration -- I can't log in. I haven't exhausted all my options, but I don't really know how to configure the keys in SSH so that might be my problem, in fact I'm almost certain I didn't configure that part properly as I've never done that before. In any event...
Amazon provides an installation of Fedora Core 4 so in order to get 8 installed I have to do the following:
First, the version of yum installed in the public amazon AMI doesn't support the installation so I log in and do this:
Code:
wget http://linux.duke.edu/projects/yum/download/3.0/yum-3.0.5.tar.gz
tar -xvzf yum-3.0.5.tar.gz
cd yum-3.0.5
make DESTDIR=/ install
Now that yum will work, it's time to do the installation. -- something like this
Code:
cd /root
mkdir image;mkdir fedora;cd image
dd if=/dev/zero of=fedora bs=5M count=1 seek=1024
/sbin/mke2fs -F -j fedora
mount -o loop fedora /root/fedora
mkdir /root/fedora/dev
mkdir /root/fedora/proc
mkdir /root/fedora/etc
for i in console null zero; do /sbin/MAKEDEV -d /fedora/root/dev -x $i ; done
for most of the editing I actually used vi but it doesn't matter, this does the same thing:
cat <<EOL > /root/fedora/etc/fstab
/dev/sda1 / ext3 defaults 1 1
none /dev/pts devpts gid=5,mode=620 0 0
none /dev/shm tmpfs defaults 0 0
none /proc proc defaults 0 0
none /sys sysfs defaults 0 0
/dev/sda2 /mnt ext3 defaults 1 2
/dev/sda3 swap swap defaults 0 0
EOL
mount -t proc none /root/fedora/proc
cat <<EOL > /tmp/yumec2.conf
[main]
cachedir=/var/cache/yum
debuglevel=2
logfile=/var/log/yum.log
exclude=*-debuginfo
gpgcheck=0
obsoletes=1
reposdir=/dev/null
[base]
name=Fedora Core 8 - i386 - Base
mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=fedora-8&arch=i386
enabled=1
[updates-released]
name=Fedora Core 8 - i386 - Released Updates
mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f8&arch=i386
enabled=1
EOL
yum -c /tmp/yumec2.conf --installroot=/root/fedora -y groupinstall Base
yum -c /tmp/yumec2.conf --installroot=/root/fedora -y clean packages
cat <<EOL > /mnt/etc/sysconfig/network
NETWORKING=yes
HOSTNAME=localhost.localdomain
EOL
cat <<EOL > /mnt/etc/sysconfig/network-scripts/ifcfg-eth0
ONBOOT=yes
DEVICE=eth0
BOOTPROTO=dhcp
EOL
cat <<EOL >> /mnt/etc/ssh/sshd_config #(append)
UseDNS no
PermitRootLogin without-password
EOL
I've also scp-ed the key files I'm supposed to be using to the image, but I'm not sure what else I'm supposed to be doing with them, I've done the AWS registration properly and what is left is the virtual machine configuration:
VM:
Code:
FYI:
#ec2-bundle-vol --help
Usage: ec2-bundle-vol PARAMETERS
MANDATORY PARAMETERS
-c, --cert PATH The path to the user's PEM encoded RSA public key certificate file.
-k, --privatekey PATH The path to the user's PEM encoded RSA private key file.
-u, --user USER The user's EC2 user ID (Note: AWS account number, NOT Access Key ID).
OPTIONAL PARAMETERS
-e, --exclude DIR1,DIR2,... A list of absolute directory paths to exclude. E.g. "dir1,dir2,dir3". Overrides "--all".
-a, --all Include all directories, including those on remotely mounted filesystems.
-p, --prefix PREFIX The filename prefix for bundled AMI files. E.g. "my-image". Defaults to "image".
-s, --size MB The size, in MB (1024 * 1024 bytes), of the image file to create. The maximum size is 10240 MB.
-v, --volume PATH The absolute path to the mounted volume to create the bundle from. Defaults to "/".
--fstab PATH The absolute path to the fstab to be bundled into the image.
-d, --destination PATH The directory to create the bundle in. Defaults to "/tmp".
--ec2cert PATH The path to the EC2 X509 public key certificate. Defaults to "/etc/aes/amiutil/cert-ec2.pem".
--debug Display debug messages.
-h, --help Display this help message and exit.
-m, --manual Display the user manual and exit.
-r, --arch ARCHITECTURE Specify target architecture. [i386, x86_64]
-b, --batch Run in batch mode. No interactive prompts.
ec2-bundle-vol -d /mnt -k pk-<key_id>.pem -c cert-<cert_id>.pem -u <amazon_id> -v /root/fedora -p fedora -r i386
FYI:
# ec2-upload-bundle --help
Usage: ec2-upload-bundle PARAMETERS
MANDATORY PARAMETERS
-b, --bucket BUCKET The bucket to upload the bundle to. The bucket is created if it does not exist.
-m, --manifest PATH The path to the manifest file.
-a, --access-key USER The user's AWS access key ID.
-s, --secret-key PASSWORD The user's AWS secret access key.
OPTIONAL PARAMETERS
--acl ACL The access control list policy ["public-read" | "aws-exec-read"]. Defaults to "aws-exec-read".
--ec2cert PATH The path to the EC2 X509 public key certificate. Defaults to "/etc/aes/amiutil/cert-ec2.pem".
-d, --directory DIRECTORY The directory containing the bundled AMI parts. Defaults to the directory containing the manifest.
--debug Print debug messages.
--part PART Start uploading the specified part and upload all subsequent parts.
--url URL The S3 service URL. Defaults to https://s3.amazonaws.com.
--retry Automatically retry failed uploads. Use with caution.
--skipmanifest Do not upload the manifest.
-h, --help Display the help message and exit.
--manual Display the manual and exit.
ec2-upload-bundle -b <bucket_id> -m /mnt/fedora.manifest.xml -a <access_id> -s <secret_id>
localhost:
Code:
ec2-register <bucket_id>/fedora.manifest.xml
ec2-run-instances <AMI_id>
ssh -i id_rsa-<ID>-keypair root@<VM_ADDR>
My objective is obviously to get a command line into the new VM without having to enter in the root password, having authentication tied to the private key and amazon X509 certificate. Unfortunately, I've been unsuccessful thus far. I've also omitted the different things that I've tried so far to configure the keys that yielded no results. I'm hoping someone can explain to me what I have to do to configure them properly.
The best I've gotten is:
Code:
root@<VM_ADDR>'s password:
Permission denied, please try again.
Linear Mode
