info
Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
[9fans] plan 9 in the cloud - amazon ec2
1,331 views
Skip to first unread message
Richard Miller
May 24, 2012, 3:47:42 AM5/24/12
to
I've made a few tweaks to the paravirtualised plan 9 kernel in
/n/sources/xen/xen3 to make it compatible with the xen environment
used in amazon's "elastic compute cloud". There's an example public
AMI (in zone eu-west-1) named ami-03c9f377 which can be used to
instantiate a cpu server with fossil on a 1GB "elastic block storage"
volume. This fits within the free usage tier which you get for the
first 12 months after creating an amazon web services account.
When first launched, your server will start with authid = ec2, authdom
and sysname equal to the ec2 instance id, and a randomly generated
password which will be echoed to the system console, where it can be
retrieved - only by the instance's owner - using the Get System Log
function of the aws web interface. (Be patient; there is often a
delay of some minutes after launching an instance before the console
log becomes available.)
Alternatively, if the "user data" field, which you can create as part
of launching an ec2 instance, contains a shell script (anything
following a line beginning with #!/bin/rc), this will be run from
/bin/cpurc.local at boot time. You can use this to inject your own
initial authentication details into factotum, by putting something
like this in the user data field:
#!/bin/rc
auth/factotum -g 'proto=p9sk1 user=ec2 dom=my.auth.dom !password=XXXX'
The random password or factotum script will allow you to connect to
your server for the first time using cpu, drawterm or ssh1. (For the
first two, don't forget to open port 17010 or 17013 in the "security
group" firewall.) You'll then want to use auth/wrkey to put new
credentials securely into nvram, and reboot or run 'auth/readnvram
>/mnt/factotum/ctl' so they can take effect. Afterwards you can delete
the old temporary password from user data, but only when the instance
is stopped.
For the curious, I've set up a plan 9 instance at ec2.hamnavoe.com,
using authentication domain outside.plan9.bell-labs.com so anyone
with a sources account can cpu into it. I'll leave it running for
a few days (until my monthly free usage tier quota runs out).
/n/sources/xen/xen3 to make it compatible with the xen environment
used in amazon's "elastic compute cloud". There's an example public
AMI (in zone eu-west-1) named ami-03c9f377 which can be used to
instantiate a cpu server with fossil on a 1GB "elastic block storage"
volume. This fits within the free usage tier which you get for the
first 12 months after creating an amazon web services account.
When first launched, your server will start with authid = ec2, authdom
and sysname equal to the ec2 instance id, and a randomly generated
password which will be echoed to the system console, where it can be
retrieved - only by the instance's owner - using the Get System Log
function of the aws web interface. (Be patient; there is often a
delay of some minutes after launching an instance before the console
log becomes available.)
Alternatively, if the "user data" field, which you can create as part
of launching an ec2 instance, contains a shell script (anything
following a line beginning with #!/bin/rc), this will be run from
/bin/cpurc.local at boot time. You can use this to inject your own
initial authentication details into factotum, by putting something
like this in the user data field:
#!/bin/rc
auth/factotum -g 'proto=p9sk1 user=ec2 dom=my.auth.dom !password=XXXX'
The random password or factotum script will allow you to connect to
your server for the first time using cpu, drawterm or ssh1. (For the
first two, don't forget to open port 17010 or 17013 in the "security
group" firewall.) You'll then want to use auth/wrkey to put new
credentials securely into nvram, and reboot or run 'auth/readnvram
>/mnt/factotum/ctl' so they can take effect. Afterwards you can delete
the old temporary password from user data, but only when the instance
is stopped.
For the curious, I've set up a plan 9 instance at ec2.hamnavoe.com,
using authentication domain outside.plan9.bell-labs.com so anyone
with a sources account can cpu into it. I'll leave it running for
a few days (until my monthly free usage tier quota runs out).
Skip Tavakkolian
May 24, 2012, 2:11:33 PM5/24/12
to
Thank you! very nice.
Are there any hoops to jump through to import a VM? When I last
checked, it didn't seem possible to load a non-sanctioned OS image.
-Skip
Are there any hoops to jump through to import a VM? When I last
checked, it didn't seem possible to load a non-sanctioned OS image.
-Skip
Richard Miller
May 24, 2012, 2:24:26 PM5/24/12
to
> Are there any hoops to jump through to import a VM? When I last
> checked, it didn't seem possible to load a non-sanctioned OS image.
No, it's simple now - the AMI uses pv-grub (paravirtualised grub) as
> checked, it didn't seem possible to load a non-sanctioned OS image.
the "kernel", which then loads the real kernel from an ext2 partition
on your own virtual disk which you control.
andrey mirtchovski
May 24, 2012, 2:36:32 PM5/24/12
to
> No, it's simple now - the AMI uses pv-grub (paravirtualised grub) as
> the "kernel", which then loads the real kernel from an ext2 partition
> on your own virtual disk which you control.
can't resist to bastardize the guide. "this is obviously some strange
> the "kernel", which then loads the real kernel from an ext2 partition
> on your own virtual disk which you control.
usage of the word simple that I wasn't previously aware of"
Richard Miller
May 24, 2012, 2:51:01 PM5/24/12
to
> some strange
> usage of the word simple
By simple I meant you don't have to ask permission, just do it.
> usage of the word simple
Andrey's right, technically it's a bit more challenging. But not much.
Skip Tavakkolian
Jun 6, 2012, 12:02:54 AM6/6/12
to
I'm not able to find that AMI. I only see one EU region (Ireland). Any
direct links?
Thanks,
direct links?
Thanks,
Richard Miller
Jun 6, 2012, 3:27:21 AM6/6/12
to
> I'm not able to find that AMI. I only see one EU region (Ireland). Any
> direct links?
Go to http://thecloudmarket.com and put "fossil" in the search box.
> direct links?
or launch directly with
https://console.aws.amazon.com/ec2/home?region=eu-west-1#launchAmi=ami-03c9f377
Skip Tavakkolian
Jun 7, 2012, 2:20:01 PM6/7/12
to
Thank you Richard!
I was able to create an instance of this image -- but curiously only
in eu-west region.
FYI to others, port 567 should also be allowed in for the security group used.
-Skip
I was able to create an instance of this image -- but curiously only
in eu-west region.
FYI to others, port 567 should also be allowed in for the security group used.
-Skip
Richard Miller
Jun 7, 2012, 2:28:39 PM6/7/12
to
> I was able to create an instance of this image -- but curiously only
> in eu-west region.
That's right, it seems AMIs are local to a region. Once you've created
> in eu-west region.
an instance, you should be able to clone that into a new AMI of your
own, in whatever region you choose.
0 new messages