1. AWS Project Name: Open Source Consulting Internal
Department: AWS Department Focus Area: Amazon Web Service
Product/Process: EC2(EC2, EBS, VPC, CloudWatch, Auto Scaling, ELB),
RDS, S3 Prepared By: Document Owner(s) Project/Organization Role
Sang-Cheon Park Technical Assistance Project Status Report Version
Control Version Date Author Change Description 1.0 2014/02/04
Sang-Cheon Park Document created Confidential Last printed on
2/18/2014 2:31:00 AM
10. Configuration & Management Guide .
[nices96@nices96s-MacBook-Pro ~]$ ssh -i test.pem
[email protected] The authenticity of
host 'ec2-54-80-69-47.compute-1.amazonaws.com (54.80.69.47)' can't
be established. RSA key fingerprint is
38:86:b3:a3:93:61:02:ff:07:3e:3f:51:97:a5:de:62. Are you sure you
want to continue connecting (yes/no)? yes Warning: Permanently
added 'ec2-54-80-69-47.compute-1.amazonaws.com,54.80.69.47' (RSA)
to the list of known hosts. __| __|_ ) _| ( / Amazon Linux AMI
___|___|___|
https://aws.amazon.com/amazon-linux-ami/2013.09-release-notes/ 9
package(s) needed for security, out of 30 available Run "sudo yum
update" to apply all updates. [ec2-user@domU-12-31-39-04-38-8C ~]$
2.3 Elastic Block Storage(EBS) EBS EC2 EC2 //, EBS umount EBS .
Volumes Create Volume EBS . Confidential Page 10
12. Configuration & Management Guide
[root@domU-12-31-39-04-38-8C ~]# fdisk /dev/sdf Device contains
neither a valid DOS partition table, nor Sun, SGI or OSF disklabel
Building a new DOS disklabel with disk identifier 0xbd923834.
Changes will remain in memory only, until you decide to write them.
After that, of course, the previous content won't be recoverable.
Warning: invalid flag 0x0000 of partition table 4 will be corrected
by w(rite) WARNING: DOS-compatible mode is deprecated. It's
strongly recommended to switch off the mode (command 'c') and
change display units to sectors (command 'u'). Command (m for
help): n Command action e extended p primary partition (1-4) p
Partition number (1-4): 1 First cylinder (1-1305, default 1): Using
default value 1 Last cylinder, +cylinders or +size{K,M,G} (1-1305,
default 1305): Using default value 1305 Command (m for help): w The
partition table has been altered! Calling ioctl() to re-read
partition table. Syncing disks. Confidential Page 12
13. Configuration & Management Guide
[root@domU-12-31-39-04-38-8C ~]# mkfs.ext4 /dev/xvdf1 mke2fs 1.42.3
(14-May-2012) Filesystem label= OS type: Linux Block size=4096
(log=2) Fragment size=4096 (log=2) Stride=0 blocks, Stripe width=0
blocks 655360 inodes, 2620595 blocks 131029 blocks (5.00%) reserved
for the super user First data block=0 Maximum filesystem
blocks=2684354560 80 block groups 32768 blocks per group, 32768
fragments per group 8192 inodes per group Superblock backups stored
on blocks: 32768, 98304, 163840, 229376, 294912, 819200, 884736,
1605632 Allocating group tables: done Writing inode tables: done
Creating journal (32768 blocks): done Writing superblocks and
filesystem accounting information: done
[root@domU-12-31-39-04-38-8C ~]# df -h Filesystem Size Used Avail
Use% Mounted on /dev/xvda1 7.9G 1.1G 6.8G 14% / tmpfs 829M 0 829M
0% /dev/shm [root@domU-12-31-39-04-38-8C ~]# mkdir -p /mnt/sdf
[root@domU-12-31-39-04-38-8C ~]# echo "/dev/xvdf1 /mnt/sdf ext4
defaults 0 0" >> /etc/fstab [root@domU-12-31-39-04-38-8C ~]#
mount -a [root@domU-12-31-39-04-38-8C ~]# df -h Filesystem Size
Used Avail Use% Mounted on /dev/xvda1 7.9G 1.1G 6.8G 14% /
Confidential Page 13
14. Configuration & Management Guide tmpfs /dev/xvdf1 829M
0 829M 0% /dev/shm 9.9G 151M 9.2G 2% /mnt/sdf 2.4 Elastic IP
Elastic IP IP IP . Elastic IPs Allocate New Address . EIP Associate
Address . Confidential Page 14
15. Configuration & Management Guide EIP .
[nices96@nices96s-MacBook-Pro ~]$ ssh -i test.pem
[email protected] The authenticity of host '54.83.1.231
(54.83.1.231)' can't be established. RSA key fingerprint is
38:86:b3:a3:93:61:02:ff:07:3e:3f:51:97:a5:de:62. Are you sure you
want to continue connecting (yes/no)? yes Warning: Permanently
added '54.83.1.231' (RSA) to the list of known hosts. Last login:
Mon Feb 10 06:10:53 2014 from 121.138.109.61 __| __|_ ) _| ( /
Amazon Linux AMI ___|___|___|
https://aws.amazon.com/amazon-linux-ami/2013.09-release-notes/ 9
package(s) needed for security, out of 30 available Confidential
Page 15
16. Configuration & Management Guide Run "sudo yum update"
to apply all updates. [ec2-user@domU-12-31-39-04-38-8C ~]$ 2.5
Virtual Private Cloud(VPC) VPC AWS . EC2-Classic IP , Subnet ,
Route Table Internet Gateway . EC2 Classic Public Cloud VPC Private
Cloud . 2.5.1 VPC VPC (Network ACL, Security Group, IGW, VGW ) IDC
. VPC . 2.5.2 VPC VPC . : Security Group Outbound . - EC2 Classic
OutBound Any Open VPC Security Group Outbound . : Network ACL .
Confidential Page 16
18. Configuration & Management Guide : Public Subnet
Instance Private Subnet Instance . , Jumphost, NTP , NAT Instance
Public Subnet . Subnet AZ HA Subnet . Security Group . : Network
ACL Stateless , Blacklist Allow Rule . Network ACL Blacklist
Security Group Whitelist . : Security Group Outbound . . : VPC DHCP
Option Set DNS , DNS . VPN IDC IP , IP . 2.5.4 Architecture . VPC
.( Region Region ) VPC Subnet , Public Subnet Private Subnet .
Public Subnet NAT, DNS, NTP, Jumphost, Proxy . Instance Subnet .
Confidential Page 18
19. Configuration & Management Guide .ELB Subnet , Internal
ELB Private Subnet , External ELB Public Subnet . Security Group
Inbound, Outbound Any Open . , 80,443 . Network ACL Allow Black
list . Private Subnet (Internet) NAT Proxy . : NAT HA . : Proxy
INT-ELB , Auto Scaling . Instance Jumphost , Jumphost VPN . 2.5.5
VPC CIDR Prefix c class /32 1 hosts 1/32 c class /28 16 hosts 1/16
c class /27 32 hosts 1/8 c class /26 64 hosts 1/4 c class /25 128
hosts 1/2 c class /24 256 hosts 1 c class /23 512 hosts 2 c class
/22 1024 hosts 4 c class /21 2048 hosts 8 c class /20 Confidential
hosts 4096 hosts 16 c class Page 19 C Class
20. Configuration & Management Guide /19 8192 hosts 32 c
class /18 16,384 hosts 64 c class /17 32,768 hosts 128 c class /16
65,536 hosts 256 c class B VPC . CIDR Block , C Class Subnet Hosts
. (VPC /16 ~ /28(65,536 hosts ~ 16 hosts) .) VPC IP IP . 10.0.0.0 ~
10.255.255.255.255 172.16.0.0 ~ 172.31.255.255 192.168.0.0 ~
192.168.255.255 ** Amazon Default VPC 172.31.0.0/16 B 256 C
(172.31.0.0/24 ~ 172.31.255.0/24) , Create VPC 10.0.0.0/16 256 C
(10.0.0.0/24 ~ 10.0.255.0/24) . Confidential Page 20
40. Configuration & Management Guide - Description : ELB
(Sticky Session ) - Instances : / - Health Check : ELB Health Check
- Monitoring : ELB - Security : ELB Security Group - Listener :
Listener / - Monitoring : ELB * Health Check In Service . - Health
Check Ping Protocol, Ping Port, Ping Path . - Security Group ELB
Ping Port . Confidential Page 40
41. 3 Relational Database Service(RDS) RDS , MySQL, Oracle,
Microsoft SQL Server PostgreSQL . , . MySQL RDS . 3.1 RDS RDS EC2
Security Group . EC2 RDS Security Group . RDS Security Groups
Create DB Security Group . Confidential Last printed on 2/18/2014
2:31:00 AM
42. Rule . RDS Instances Launch DB Instance . Confidential Last
printed on 2/18/2014 2:31:00 AM
43. DB . Confidential Last printed on 2/18/2014 2:31:00 AM
44. Multi-AZ Deployment(HA ) Provisioned IOPS Storage . DB
Instance /. Confidential Last printed on 2/18/2014 2:31:00 AM
45. Configuration & Management Guide - Production Mode
Multi-AZ Deployment Provisioned IOPS Storage . - Auto Minor Version
Upgrade Production Mode . DB , Port /. - log innodb Parameter Group
. Confidential Page 45
46. . Production Mode . Confidential Last printed on 2/18/2014
2:31:00 AM
47. RDS Instance / . Confidential Last printed on 2/18/2014
2:31:00 AM
48. RDS Instance , . ]$ mysql -h
testdb.coy1mwtko1b2.us-east-1.rds.amazonaws.com -P 3319 -u osci -p
-e "show databases" Enter password: +--------------------+ |
Database | +--------------------+ | information_schema | | innodb |
| mysql | | oscidb | | performance_schema | +--------------------+
3.2 RDS RDS . RDS Instance Actions Modify . Confidential Last
printed on 2/18/2014 2:31:00 AM