SAGA and AWS EC2/security
13 views
Skip to first unread message
Philip Fowler
Dec 10, 2015, 3:45:25 PM12/10/15
to saga-users
I've got SAGA working on our local cluster and am now trying an EC2 instance in AWS.
I am logged into the AWS Console as my IAM user and I've generated a private SSH key (EC2 | Network & Security | Key Pairs) for one region (eu-west) and downloaded it to ~/.ssh/.
So things I could put are
- the 12-digit AWS account number that my IAM user belongs to
- my IAM username (PhilFowler)
- the path to above private SSH key I've downloaded
- my user ARN (Identity & Access Management | Rotate Access Keys | Manage Access Keys) - this starts arn:aws:iam and includes the 12-digit account number and my IAM username
- on the same page there is an "Access Key ID" which is a 20digit uppercase/numeric string
Any help greatly appreciated!
Yours.
--Phil
Andre Merzky
Dec 11, 2015, 4:31:50 PM12/11/15
to saga-...@googlegroups.com
Hi Phil,
the EC2 adaptor has not seen much exposure over the last months --
your mail prompted us to finally give it some love to see how bad the
bitrot was... Well, the good news is that it should now be working
again :) The bad news is that the last release shipped with a broken
version... If you don't mind, would you give the fix/aws branch [1] a
try?
Wrt. your actual question: the example code in
examples/resource/amazon_ec2.py also got updated, and now should be
functional with the following env settings:
Service endpoint:
EC2_URL=ec2://ec2.amazonaws.com/
AWS account and secret:
EC2_ACCESS_KEY=ABCDEFGHIJKLMNOPQRST
EC2_SECRET_KEY=a/bcd/EfGHijkloa/bcd/EfGHijkloa/bcd/EfGHijklo
EC2_KEYPAIR_ID=my_keypair
EC2_KEYPAIR=/home/merzky/.ssh/id_rsa_aws.pub
I did not yet try an IAM ID/secret, but would hope it works just as
well as the normal account ID/secret (famous last words... :P) - so
please let us know how that goes!
The example now runs slightly differently: with no arguments, it
spins up the VM and runs a 'sleep 30' on it. It will *not* shut the
VM down. If you run the example again and give the resource ID as
parameter, it will reconnect, run the 'sleep 30' again, and then shut
it down. That is basically demonstrating the reconnect...
So, please check this out, and let us know how it behaves!
Best, Andre.
[1] https://github.com/radical-cybertools/saga-python/tree/fix/aws
> --
> You received this message because you are subscribed to the Google Groups
> "saga-users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to saga-users+...@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
--
99 little bugs in the code.
99 little bugs in the code.
Take one down, patch it around.
127 little bugs in the code...
the EC2 adaptor has not seen much exposure over the last months --
your mail prompted us to finally give it some love to see how bad the
bitrot was... Well, the good news is that it should now be working
again :) The bad news is that the last release shipped with a broken
version... If you don't mind, would you give the fix/aws branch [1] a
try?
Wrt. your actual question: the example code in
examples/resource/amazon_ec2.py also got updated, and now should be
functional with the following env settings:
Service endpoint:
EC2_URL=ec2://ec2.amazonaws.com/
AWS account and secret:
EC2_ACCESS_KEY=ABCDEFGHIJKLMNOPQRST
EC2_SECRET_KEY=a/bcd/EfGHijkloa/bcd/EfGHijkloa/bcd/EfGHijklo
EC2_KEYPAIR_ID=my_keypair
EC2_KEYPAIR=/home/merzky/.ssh/id_rsa_aws.pub
I did not yet try an IAM ID/secret, but would hope it works just as
well as the normal account ID/secret (famous last words... :P) - so
please let us know how that goes!
The example now runs slightly differently: with no arguments, it
spins up the VM and runs a 'sleep 30' on it. It will *not* shut the
VM down. If you run the example again and give the resource ID as
parameter, it will reconnect, run the 'sleep 30' again, and then shut
it down. That is basically demonstrating the reconnect...
So, please check this out, and let us know how it behaves!
Best, Andre.
[1] https://github.com/radical-cybertools/saga-python/tree/fix/aws
> You received this message because you are subscribed to the Google Groups
> "saga-users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to saga-users+...@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
--
99 little bugs in the code.
99 little bugs in the code.
Take one down, patch it around.
127 little bugs in the code...
Philip Fowler
Dec 11, 2015, 4:57:26 PM12/11/15
to saga-...@googlegroups.com
Thanks Andre, I’ll give it a go and let you know how I get on. —Phil
> You received this message because you are subscribed to a topic in the Google Groups "saga-users" group.
> To unsubscribe from this topic, visit https://groups.google.com/d/topic/saga-users/tIxtP8ndp2o/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to saga-users+...@googlegroups.com.
> To unsubscribe from this topic, visit https://groups.google.com/d/topic/saga-users/tIxtP8ndp2o/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to saga-users+...@googlegroups.com.
Reply all
Reply to author
Forward
0 new messages