View
82
Download
0
Category
Preview:
Citation preview
Launching the M-Pin Core
Service with Amazon EC2
1 | P a g e
Launching the M-Pin Core Service with Amazon EC2
Introduction ........................................................................................................................................... 2
Amazon EC2 .................................................................................................................................... 2
Amazon EC2 Features ..................................................................................................................... 2
Creating An Instance of AWS ............................................................................................................... 3
Step 1. Choose An AMI .................................................................................................................... 3
Step 2. Choose An Instance .......................................................................................................... 4-8
Step 3. Configure Instance Details .................................................................................................. 9
Step 4. Add Storage ....................................................................................................................... 10
Step 5. Tag Spot request ............................................................................................................... 11
Step 6. Configure Security Group .................................................................................................. 12
Step 7. Review and Launch Instance ........................................................................................ 13-15
Launching the M-Pin Core instance ........................................................................................................ 17
Accessing your 30-day Free Trial Link ........................................................................................... 18
Configuring your M-Pin Core Instance ..................................................................................... 18-19
Configuring the Host and Port ...................................................................................................... 19
Viewing your M-Pin Core Service in your Browser ........................................................................ 20
Creating an Identity and a Pin, with your M-Pin Core Demo .......................................................... 20
Login in to Your M-Pin Core Service Strong Authentication ..................................................... 20-23
Appendix ......................................................................................................................................... 24-25
Useful Website Links ........................................................................................................................... 26
2 | P a g e
Launching the M-Pin Core Service Strong Authentication with Amazon
Elastic Compute Cloud (EC2). Introduction.
This guide is to setup, demonstrate and view your M-Pin Core Service Strong Authentication with Amazon Elastic
Compute Cloud (EC2).
It is design for setting up and launching, the M-Pin Core Service Strong Authentication Instance with the use of
Amazon EC2. Once you have launch the M-Pin Core Service Instance you will be able to run the M-Pin Core
Service trial Demo from your email link.
The guide is intended as an instruction process for launching the M-Pin Core Service Instance with flexibility to
your requirements’ needs.
You will have to firstly launch the M-Pin Core Service Instance with Amazon EC2, then the guide will lead you
unto setting up your M-Pin Core Service Strong Authentication.
Amazon EC2 This user guide is for Windows (API Version 2015-04-15)
What is Amazon EC2?
Amazon Elastic Compute Cloud (Amazon EC2) provides and handle a growing amount of computing capacity in
the Amazon Web Services (AWS) cloud. The need of investing in hardware up front is eradicated, by the use of
Amazon EC2. Amazon EC2 allows you to develop and deploy applications faster. Amazon EC2 gives you the
capability to launch virtual server(s) that allows you to configure security and networking, as well as manage
storage to as many servers as you would like.
With Amazon EC2 you can scale up or down so you are able to manage and handle changes in requirements or
a sharp rise in popularity. In return you would be able to reduce the need to keep tracks on your forecasted
traffic.
Amazon EC2 features: Virtual computing environments, also known as Instances.
Preconfigure templates for your instances, also known as Amazon Machine Images (AMI). This provides
you with your server, operating system and additional software.
Multiple configurations of CPU, memory, storage and networking capacity for your instances, known as
Instance Types.
Secure login for your instances using Key Pairs. These Key Pairs are: where the AWS stores the public
key and your store the private key in a secure place.
Storage Volumes for temporary data: which are deleted once an instance is Stopped or Terminated also
known as Instance Store Volumes.
Continuous storage volumes for your data: which can be done by the use of Amazon Elastic Block Store
(EBS), known as Amazon EBS Volumes.
Availability zones and regions allows you to access your resources from multiple physical locations
instances, and from Amazon EBS volumes.
Security groups enabled firewall this allows you to give your protocols, ports and sources, various IP
ranges which are accessible to you.
Elastic IP addresses, allows you to have the use of static IP addresses for your dynamic cloud computing.
Tags: allows you to create and assign Metadata to Amazon EC2 resources.
Virtual Private Clouds (VPCs): can be created in isolations, to the rest of the AWS Cloud and it can also
allow you to connect to your own network.
3 | P a g e
Once you have setup an account and login into AWS, you are now ready to create an Instance
in AWS.
Choose an Amazon Machine Image
(AMI).
Step 1. Select your chosen AMI.
Note: depending on your requirements, you
will choose an AMI based on : the storage
capacity, development tools compatibilities
and temporay or constant storage volumes.
4 | P a g e
Choose an Instance types.
Step 2.
Select your choice of instance from the
filter.
Click Next: Configure Instance details
Note: from the filter there are several Instance Types:
Micro instance – this instance produces a small amount of CPU
resources. You also have the choice to increase your CPU capacity in
time when there are available additional cycles. This instance is most
suited with low usage of the throughput applications and websites. It
is only available on Amazon EBS-backed instance.
CPU usages – ideal for two-levels: normal low background
and brief spiked levels which is higher than the background
level.
o Provides up to 2 EC2 compute units, where 1 unit
is 1.0-1.2GHz 2007 Opteron or 2007 Xeon
processor.
o It handles tens of requests per minute on your
application
o Design to run on 600MB of RAM.
GPU instances – useful for high parallel processing capability.
o NVIDIA GPUs, access with up to 1,536 CUDA cores and 4GB video memory.
o Used for scientific engineering with the use of Compute Unified Device Architecture (CUDA) or OPEN CL parallel
computing frameworks.
o Useful for graphic application e.g. game streaming, 3-D applications and other graphic workloads.
o Runs on HVM(Hardware virtual Machine)- based
instances
o Use PV (Para Virtual network and storage
drivers)
o Dedicated access to one or more discrete GPUs
o Can be clustered into Placement Group.
o Limitation
Must be launched on HVM AMI
NVIDIA drivers needs to be installed
for accessibility.
There are limitation on the number of
instances, you can run.
Storage Optimize
o Amazon EBS – durable block-level-storage
volumes that are attached to running instances.
o Can be used as a Primary storage device for
frequent and glandular data updates
o It has the behaviour of a raw unformatted
external block device.
o Volume is independent from the running
instances.
o Once attached to an instance it can be used like a
physical hard drive.
o Multiple volumes can be attached to an instance.
o Can be detached from one instance and can be
attached to another.
o Can be used alongside Amazon EBS encryption in
creating an encrypted volume.
o Can back up data by creating a Snapshot which can be used on Amazon S3.
o Amazon S3 – reliable and inexpensive data storage infrastructure.
o Web scale computing which allows you to store and retrieve any amount of data at any time.
o Root and storage volumes can be specified
o EBS volume can be attached to a running instance.
5 | P a g e
Step 3.
Choose the
Number of
Instance
required.
Tick the
Request
Spot
Instances if
you would
like to set
your
maximum
price limit.
6 | P a g e
Now Choose
whether you
would like all your
Spot Instances to
be launch together
or not at all.
Tick if you would
like your requests
to be sent to you,
each time your
Spot Instance is
terminated.
7 | P a g e
If you choose to
launch your
Spot Instance
you now have a
choice to select
your Start date.
Select Edit and
End date by
Selecting Edit.
You can Choose
from the drop
down list your
choice of
Amazon Private
Cloud, create a
VPC or Select
your own IP
addresses range.
8 | P a g e
You can isolate
your resources
by using a
range of
different IP
address, in
your VPC
Request a
public IP
address from
amazon pool
this allows
your instance
to be reached
from the
internet and
you can
associate and
disassociate
once your
Instance is
terminated
9 | P a g e
Select your
IAM role from
the drop down
list. This is
where you give
the instance
profile the
same name as
your IAM role.
So you don’t
need to store
your AWS
Access key with
your
application.
10 | P a g e
Step 4. Add Storage
Select from the
drop down list EBS
or S3 Amazon
Storage Volumes.
Click Next: Tag
Instances.
Note:
Amazon EBS – durable block-level-
storage volumes; that are attached to
running instances.
Can be used as a Primary
storage device for frequent
and glandular data
updates
It has the behaviour of a
raw unformatted external
block device.
Volume is independent
from the running instances.
Once attached to an
instance it can be used like
a physical hard drive.
Multiple volumes can be
attached to an instance.
Can be detached from one
instance and can be attached to another.
Can be used alongside Amazon EBS encryption in creating an encrypted volume.
Can back up data by creating a Snapshot which can be used on Amazon S3.
Amazon S3 – reliable and inexpensive data storage infrastructure.
Web scale computing which allows you to store and retrieve any amount of data at any time.
Root and storage volumes can be specified
EBS volume can be attached to a running instance
11 | P a g e
Step 5. Tag Spot Request
Click on Create Tag.
Select the Tag type
you would like.
Give the Key a name;
based on the
Unicode characters
Give it a Value based
on the Unicode
characters
Click Next: Configure
Security Group.
Note: Different types of tags:
Tag Basics- allows you to
categorise your AWS
resources in various ways.
o By purpose
o By owner
o By environment
Each Tag consist of a Key
You have the option to add a
value
You have to define the Key
and the option value
A set of Tag Keys can be devise by meeting the needs of each resource type.
Consistent set of Tag key makes it easier to manage your resources.
Filtering or searching for resources can be done on added Tags.
Tags can be used on AWS management console, Amazon EC2 CLI and Amazon EC2 API.
Lists of Tags can be added to an Instance.
Current Tags are overwritten with new values.
Tag Keys can be edited and removed from a resource at any time.
Tag values can be set to an empty string, it should not be null.
Tag Restriction-
Up to 10 Tags per resources
Up to 127 Unicode Characters in UTF-8
Up to 255 Unicode characters in UTF-8
Values are case-sensitive
Do not use aws as a prefix, in your Tag names or values
You can only use letters, spaces and numbers represented in the UTF-8, in addition you can use characters: +-=. :/@: are only
allowed for Tag names and values.
Public or shared resources can be tagged.
All assigned tags are only available to your AWS account
Not all resources can be tagged
Some resources can only be tagged, by using API action or CLI.
Billing
Tag can be used to organise your AWS Bill to reflect your last structure.
Identical tag key values and resources can be billed together.
Only your current month’s reporting is available to be viewed within 24 hours.
Tag and console
You can view all tags in the Amazon EC2 console within a region
Tags can be viewed by resource type.
Associated resources’ items can be viewed based on a specific tag
You can apply and remove Tag by using Amazon EC2 console.
12 | P a g e
Step 6. Configure Security Group
Security groups acts as a firewall for
controlling traffic for one or more
instances.
i. From the radio button
Click Assign a security
group.
ii. Give your security group a
name.
iii. Give it a description.
iv. From the radio button,
Select an Existing security
group for default.
v. Click on the button on the
left-hand side.
A second table will appear, at the
bottom of your screen.
vi. Click Review and Launch.
Note: security groups and names can be up to 255 characters in length. Only ASCII characters are allowed.
AWS will assign each security group a unique ID in the form of sg-xxxxxxxx.
Initial settings for creating security groups are:
-allow no inbound traffic
-allow all outbound traffic
One or more security group are assigned to an instance.
Rules are added to the security group, allowing traffic flow with an associated instance.
Modification to the rules can be done at any time.
New rules are automatically applied to all instances which are associated with a security group.
Security group must be specified in the same region as an instance.
Once an instance for EC2-Classic is launch you cannot change the security groups.
Rules can be added or removed from a security group.
One instance can be associated with up to 500 security groups.
Up to 100 rules can be added to a security group.
Security group rules
Inbound and outbound traffic to an instance is controlled by the security group rules.
By default security groups allows all outbound traffic.
Adding and removing rules can be done at any time.
Changes to an instances automatically applied after a short period.
Editing, deleting and adding rules in a security group can be done.
Copying of an existing rule to a new security group are allowed.
Outbound rules cannot be changed
Permission rights are always required on a security group’s rules.
Rules that denys access cannot be created
13 | P a g e
Step 7. Review Instance and
Launch.
In launching your Instance this
would assign a Key to your
Instance and completes the
process.
Click Launch
From the drop down list you can
Select Create a new key
pair
14 | P a g e
Give the Key Pair a
name
Click on Download
the Key Pair.
Note: once you click on download you
can Save and Store the file in a secure
accessible location.
Click launch
Instances.
You have now launch your
instance.
Click View Instance.
15 | P a g e
16 | P a g e
17 | P a g e
After your instance has been launched you are now in the position to launch the M-Pin Core Instance.
From your email
Click on the link to Get your 30
day free trial of M-Pin
Now Click on Continue
[
G
r
a
b
y
o
u
r
r
e
a
d
e
r’
s
a
t
t
e
n
ti
o
n
w
it
h
a
g
r
e
a
t
q
u
o
t
e
f
r
o
m
t
18 | P a g e
Select your Subscription Term
Choose an Application Instance Type.
Note: this application Instance Type depends on the Size of your
network ranging from micro to various large requirements.
Click on Launch with 1-Click
From the AWS Console Management page, you
will see the M-Pin Core Service Instance.
Select the M-Pin Core service Instance.
19 | P a g e
You now need to change the Host type to HTTP
and initial it to Port 80.
Click on Security Groups on the left hand
side
Click on Edit
Change the Type to HTTP
The Port Range should automatically be
80
Save the changes
20 | P a g e
Now open a new browser.
Type in: http:// (Host)
Note: your host is your Public Domain Server or Public IP address
You will now see this page appear.
Click Sign in from here
21 | P a g e
You can Add an identity by
Typing in your email address
Click Setup M-Pin
Note: your email address is required as a verification procedure for
your pin.
Now Enter a 4 digit pin.
Click Setup M-Pin
[Gr
ab
you
r
rea
der’
s
atte
ntio
n
wit
h a
gre
at
quo
te
fro
m
the
doc
um
ent
or
use
this
[G
ra
b
yo
ur
re
ad
er
’s
at
te
nt
io
n
wi
th
a
gr
ea
t
qu
ot
e
fr
o
m
th
e
do
cu
m
en
t
or
us
e
th
is
sp
ac
e
to
22 | P a g e
You have now Setup your M-Pin Core Cloud
Encryption system.
You can now Login to check your Login process
Type your Pin in
Click Login
e[Gr
ab
your
read
er’s
atten
tion
with
a
great
quot
e
from
the
docu
ment
or
use
this
spac
e to
emp
hasiz
e a
key
point
. To
place
this
text
box
anyw
here
on
the
page
, just
drag
it.]
[Gr
ab
you
r
rea
der
’s
att
ent
ion
wit
h a
gre
at
quo
te
fro
m
the
doc
23 | P a g e
This is now your Strong Authentication Protection
email@bt.com
[Grab your
reader’s
attention
with a
great
quote from
the
document
or use this
space to
emphasize
a key
point. To
place this
text box
anywhere
on the
page, just
drag it.]
24 | P a g e
Appendix:
Resource Tagging support Tagging restrictions
AMI Yes None
Bundle task No
Customer gateway Yes None
DHCP option Yes None
EBS volume Yes None
Instance store volume No
Elastic IP No
Instance Yes None
Internet gateway Yes None
Key pair No
Network ACL Yes None
Network interface Yes None
Placement group No
Reserved Instance Yes None
Reserved Instance Listing No
Route table Yes None
Spot instance request Yes None
Security group - EC2 Classic Yes None
Security group - VPC Yes None
Snapshot Yes None
Subnet Yes None
Virtual private gateway Yes None
VPC Yes None
25 | P a g e
Resource Tagging support Tagging restrictions
VPC endpoint No
VPC flow log No
VPC peering connection Yes None
VPN connection Yes None
Inbound
Source Protocol Port
Range
Comments
The ID of the security
group
ICMP All Allow inbound ICMP access from other instances associated with this
security group
The ID of the security
group
TCP 0 - 65535 Allow inbound TCP access from other instances associated with this
security group
The ID of the security
group
UDP 0 - 65535 Allow inbound UDP access from other instances associated with this
security group
26 | P a g e
Useful Website Links:
http://amazon.com/marketplace
http://aws.amazon.com/resources/
https://console.aws.amazon.com/billing/home
http://(host)
Recommended