Create Machines in the Cloud
If you are remotely involved in IT, then I'm sure you've heard of the latest hype to help save humanity: Cloud Computing. But it's a lot more than hype. Cloud computing is a major change in IT that has the potential to make your business operate faster, smarter and at lower cost.
To avoid confusion, below is my definition of cloud computing:
- On-demand: Services must be available by request, at any time and anywhere.
- Self-service: Users of cloud services must manage their own workflows. It's not cloud computing if a person needs to fill out extensive forms, submit requests or beg to make the service work.
- Granular: The service must bill solely for usage. In many cases, usage is billed on an hourly basis.
Amazon EC2 is one of the most mature platform cloud computing services available. This article will show you how to create EC2 machines in the cloud and connect to them using RDP. The code is written in ASP.NET, to help companies that ultimately wish to write their own issuance frameworks as browser based solutions.
Background
Amazon EC2 is a mature cloud computing platform. It allows you to provision your own Windows, Linux or Unix machines in the cloud, and can bill as little as 8 cents/hour for usage. The Amazon service is also exposed as a SOAP API, allowing you to create and manage infrastructure from your own C# applications.
While the SOAP interface is relatively easy to use, I have found that many people struggle with the basic concepts involved. The most common issues people have:
- Confusion about private keys and how to use them.
- Difficulties in retrieving passwords to log onto a Windows instance.
- Access issues, almost always due to misconfiguration of security groups.
- Challenges in data format conversions in order to read a Windows password and view machine logs.
The rest of this article will discuss a very basic wrapper and ASP.NET application that will help you to launch your own Amazon EC2 machines through the browser and connect to them via RDP.
Using the Code
The basics of launching your machine in the cloud.
1. Validate your Connection
Download the Amazon SDK and add it as a project reference. The SDK provides a wrapper to expose the SOAP interface as a set of C# method calls. Download it from here.
To use Amazon, you will need to initialize the AmazonEC2
service call with your Access Key and Secret Access Key. These parameters are effectively your username and password for web service access. Use this link to help with EC2 registration and access keys:
AmazonEC2 service = new AmazonEC2Client(AWSAccessKey, AWSSecretAccessKey);
DescribeImagesRequest request = new DescribeImagesRequest();
request.WithOwner("self");
service.DescribeImages(request);
2. Configure Access Rules
Each machine you launch is dependent on:
- Key pairs: This is a public/private key pair that you generate. The public key will be used by Amazon to encrypt your image and Windows password, while the private key is used by you to decrypt the Windows password. This is very important! If you lose the private key, then no-one can recover an EC2 instance password from the cloud.
- Security groups: These are the firewall access rules for your environment.
Below is an example of Key Pair generation. Note that it returns a String
containing your Private Key. As above, do not lose this value.
CreateKeyPairRequest request = new CreateKeyPairRequest();
request.KeyName = keyName;
CreateKeyPairResponse response = service.CreateKeyPair(request);
return response.CreateKeyPairResult.KeyPair.KeyMaterial;
3. Launch your Machine
Launching EC2 instances is very simply. You will need your key pair, security group and machine identifier. What's a machine identifier? Amazon gives a random ID to each image available in the cloud. You can search for images of interest over here.
Once you launch an instance, you will receive back an instance identifier. This value can be used to retrieve future information about your instance, such as DNS address and machine state.
Note: It can take quite some time for your instance to be fully available. Machines get configured and rebooted as part of a launch, and during this time, you'll just have to sit and wait...
RunInstancesRequest request = new RunInstancesRequest();
request.ImageId = ami;
request.MaxCount = 1;
request.MinCount = 1;
request.KeyName = keyName;
request.SecurityGroup = securityGroups;
request.InstanceType = type;
RunInstancesResponse response = service.RunInstances(request);
RunningInstance runningInstance =
response.RunInstancesResult.Reservation.RunningInstance[0];
4. Connect to your Instance
You would think this is the easy part, but it's not:
- The instance takes time to boot up and there's not a lot of information available during this time.
- You can try to retrieve some log information with
GetConsoleOutput
. You will need to call this method repeatedly to make sure you've got the latest log data (or any data).
- The Windows password is encrpyted. When available, you will need to retrieve it with
GetPasswordData
and then decrypt it with the PEM private key that you generated earlier.
The attached code also allows you to connect to the instance with an RDP file that's generated on the fly:
Response.Clear();
Response.AddHeader("Content-Disposition", "attachment; filename=" + filename);
Response.Cache.SetCacheability(System.Web.HttpCacheability.NoCache);
Response.ContentType = "Content-Type=application/x-rdp rdp;charset=ISO-8859-1";
Response.AddHeader("Content-Length", content.Length.ToString());
Response.Write(content);
Response.End();
Points of Interest
Being able to generate virtual machines through a basic browser interface can be of significant benefit to a company. The startup I work for, LabSlice, builds Virtual Lab Management environments using code similar to the above. They extend the Amazon EC2 environment to create a self-service, multi-user and sharable cloud environment.
The attached code creates a simple workflow that follows the above 4 steps to launch a Windows machine. You can also try it online here.
History
- 12 Aug 2010: Initial release