Search Results

Search found 1324 results on 53 pages for 'ec2'.

Page 33/53 | < Previous Page | 29 30 31 32 33 34 35 36 37 38 39 40  | Next Page >

  • Amazon VPC NAT not working

    - by rpkelly
    I'm trying to create a NAT instance for my VPC to allow instances on private subnets connect to the internet (most importantly, S3). I tried following the instructions here: http://docs.amazonwebservices.com/AmazonVPC/2011-07-15/UserGuide/index.html?VPC_NAT_Instance.html . Unfortunately, the instances in the private subnet (call it 10.10.2.0/24) cannot reach the internet. I have done the following: Create a NAT instance (Amazon's ami-vpc-nat-1.0.0-beta.i386-ebs (ami-d8699bb1)) in public subnet (call it 10.10.1.0/24). Changed "Source / Dest Check" to disabled. Created a new entry in the default routing table (which is used by 10.10.2.0/24) and had it point to the ID of the newly created instance. Associated an Elastic IP address with the NAT instance. Allowed all outbound traffic on the security group of the NAT instance. Ensured that all traffic could pass between the two subnets. I've tried also doing this with an existing instance using iptables, but had no luck. And I have verified that sys.net.ipv4.ip_forward is 1, just in case anyone was wondering. And I still have no internet connectivity from the instances on 10.10.2.0/24. Does anyone have any suggestions?

    Read the article

  • simple and reliable centralized logging inside Amazon VPC

    - by Nakedible
    I need to set up centralized logging for a set of servers (10-20) in an Amazon VPC. The logging should be as to not lose any log messages in case any single server goes offline - or in the case that an entire availability zone goes offline. It should also tolerate packet loss and other normal network conditions without losing or duplicating messages. It should store the messages durably, at the minimum on two different EBS volumes in two availability zones, but S3 is a good place as well. It should also be realtime so that the messages arrive within seconds of their generation to two different availability zones. I also need to sync logfiles not generated via syslog, so a syslog-only centralized logging solution would not fulfill all the needs, although I guess that limitation could be worked around. I have already reviewed a few solutions, and I will list them here: Flume to Flume to S3: I could set up two logservers as Flume hosts which would store log messages either locally or in S3, and configure all the servers with Flume to send all messages to both servers, using the end-to-end reliability options. That way the loss of a single server shouldn't cause lost messages and all messages would arrive in two availability zones in realtime. However, there would need to be some way to join the logs of the two servers, deduplicating all the messages delivered to both. This could be done by adding a unique id on the sending side to each message and then write some manual deduplication runs on the logfiles. I haven't found an easy solution to the duplication problem. Logstash to Logstash to ElasticSearch: I could install Logstash on the servers and have them deliver to a central server via AMQP, with the durability options turned on. However, for this to work I would need to use some of the clustering capable AMQP implementations, or fan out the deliver just as in the Flume case. AMQP seems to be a yet another moving part with several implementations and no real guidance on what works best this sort of setup. And I'm not entirely convinced that I could get actual end-to-end durability from logstash to elasticsearch, assuming crashing servers in between. The fan-out solutions run in to the deduplication problem again. The best solution that would seem to handle all the cases, would be Beetle, which seems to provide high availability and deduplication via a redis store. However, I haven't seen any guidance on how to set this up with Logstash and Redis is one more moving part again for something that shouldn't be terribly difficult. Logstash to ElasticSearch: I could run Logstash on all the servers, have all the filtering and processing rules in the servers themselves and just have them log directly to a removet ElasticSearch server. I think this should bring me reliable logging and I can use the ElasticSearch clustering features to share the database transparently. However, I am not sure if the setup actually survives Logstash restarts and intermittent network problems without duplicating messages in a failover case or similar. But this approach sounds pretty promising. rsync: I could just rsync all the relevant log files to two different servers. The reliability aspect should be perfect here, as the files should be identical to the source files after a sync is done. However, doing an rsync several times per second doesn't sound fun. Also, I need the logs to be untamperable after they have been sent, so the rsyncs would need to be in append-only mode. And log rotations mess things up unless I'm careful. rsyslog with RELP: I could set up rsyslog to send messages to two remote hosts via RELP and have a local queue to store the messages. There is the deduplication problem again, and RELP itself might also duplicate some messages. However, this would only handle the things that log via syslog. None of these solutions seem terribly good, and they have many unknowns still, so I am asking for more information here from people who have set up centralized reliable logging as to what are the best tools to achieve that goal.

    Read the article

  • Difference in performance: local machine VS amazon medium instance

    - by user644745
    I see a drastic difference in performance matrix when i run it with apache benchmark (ab) in my local machine VS production hosted in amazon medium instance. Same concurrent requests (5) and same total number of requests (111) has been run against both. Amazon has better memory than my local machine. But there are 2 CPUs in my local machine vs 1 CPU in m1.medium. My internet speed is very low at the moment, I am getting Transfer rate as 25.29KBps. How can I improve the performance ? Do not know how to interpret Connect, Processing, Waiting and total in ab output. Here is Localhost: Server Hostname: localhost Server Port: 9999 Document Path: / Document Length: 7631 bytes Concurrency Level: 5 Time taken for tests: 1.424 seconds Complete requests: 111 Failed requests: 102 (Connect: 0, Receive: 0, Length: 102, Exceptions: 0) Write errors: 0 Total transferred: 860808 bytes HTML transferred: 847155 bytes Requests per second: 77.95 [#/sec] (mean) Time per request: 64.148 [ms] (mean) Time per request: 12.830 [ms] (mean, across all concurrent requests) Transfer rate: 590.30 [Kbytes/sec] received Connection Times (ms) min mean[+/-sd] median max Connect: 0 0 0.5 0 1 Processing: 14 63 99.9 43 562 Waiting: 14 60 96.7 39 560 Total: 14 63 99.9 43 563 And this is production: Document Path: / Document Length: 7783 bytes Concurrency Level: 5 Time taken for tests: 33.883 seconds Complete requests: 111 Failed requests: 0 Write errors: 0 Total transferred: 877566 bytes HTML transferred: 863913 bytes Requests per second: 3.28 [#/sec] (mean) Time per request: 1526.258 [ms] (mean) Time per request: 305.252 [ms] (mean, across all concurrent requests) Transfer rate: 25.29 [Kbytes/sec] received Connection Times (ms) min mean[+/-sd] median max Connect: 290 297 14.0 293 413 Processing: 897 1178 63.4 1176 1391 Waiting: 296 606 135.6 588 1171 Total: 1191 1475 66.0 1471 1684

    Read the article

  • Can I replicate data between mySQL and SQL Server/SQL Azure?

    - by Ernest Mueller
    I have a replicated mySQL setup running happily on Amazon AWS, making user data available locally in various regions. Now I'm faced with an app that needs to go up on Microsoft Azure and I need to replicate the data over to there as well. So that's annoying. I am faced with several options: Replicate from mySQL to SQL Azure/SQL Server seems like it would be lovely - is this possible? I'd consider using a third party tool and paying $$ if I had to. We're not using anything complicated in the db feature set, it's just data in tables. Get mySQL working on Microsoft Azure - which seems really dicey at best. All the HOWTOs I can find say "this is possible but you really shouldn't try this for production apps." Go non-realtime and do syncs from mySQL to SQL Azure, which may be somewhat expensive and slower. Rip out all my mySQL on Amazon and use SQL Server there, which would make Baby Jesus cry. Has anyone gotten mySQL to SQL Azure/SQL Server replication or syncing working? Or have any other approaches (a NoSQL solution that replicates and might meet our but-we-need-to-join-some-tables needs that can easily be run on Amazon and Azure)?

    Read the article

  • How Amazon ELB Health check Works?

    - by diegodias
    I am having problems configuring ELB for my servers. I start 2 micro instances with the exact same conf and try to do Load Balancing. However they never pass the health check (HTTP port 80 path:"/"). Ping is ok on the website. So is telnet on 80. How did the health check works? Am I doing anything really wrong? EDIT: Both Direct browser access and GET (via curl) works correctly (status 200)

    Read the article

  • Timezone reset on Amazon AMI update

    - by Jeff
    I have a server set up through Amazon AWS. It's Amazon's RHEL-based AMI. When I initially booted up the machine, I set the proper timezone by creating a symlink: ln -sf /usr/share/zoneinfo/America/Los_Angeles /etc/localtime This works just fine, but whenever Amazon provides an update to their AMI the timezone automatically reverts to UTC. Is there a way around this or does it have to be manually set after each update?

    Read the article

  • "tshark: There are no interfaces on which a capture can be done" in Amazon Linux AMI

    - by user1264304
    My goal is to capture packets with tshark in Amazon Linux AMI. While typing tshark in the command line there's an error: "tshark: There are no interfaces on which a capture can be done" How to implement the solution from Wireshark setup Linux for nonroot user $ sudo apt-get install wireshark $ sudo dpkg-reconfigure wireshark-common $ sudo usermod -a -G wireshark $USER $ gnome-session-quit --logout --no-prompt in Amazon Linux AMI (it's not Ubuntu)? Thanks.

    Read the article

  • Amazon Elastic Terms and Conditions

    - by PP
    WARNING: Have you really read Amazon's Terms and Conditions? Would anybody seriously agree to this term on Amazon's Elastic services sign up page? 6.2. Restrictions with Respect to Use of Marks. Your use of any trademarks, service marks, service or trade names, logos, and other designations of AWS and its affiliates or licensors, hereinafter "Marks", shall strictly comply with the following provisions. You may use the Marks in conjunction with the display of the AWS Content and for the purpose of indicating that your Application was created using the Services. You may use the Marks only in the form in which we make them available to you and not in any manner that disparages Amazon, its affiliates or its licensors, or that otherwise dilutes any Mark. Other than your limited right to use the Marks as provided in this Agreement, we and our licensors retain all right, title, and interest in and to the Marks. You will not at any time now or in the future challenge or assist others to challenge the validity of the Marks, or attempt to register confusingly similar trademarks, trade names, service marks or logos. You agree to follow our the Trademark Use Guidelines posted on the Amazon Web Services™ Trademark Guidelines page (the "Trademark Guidelines") as those guidelines may change from time to time. The Trademark Guidelines are incorporated herein by reference. You must immediately discontinue use of any Mark as specified by us at any time in writing. We may modify any Marks provided to you at any time, and upon notice, you will use only the modified Marks and not the old Marks. Other than as specified in this Agreement, you may not use any trademark, service mark, trade name or other business identifier of Amazon or its affiliates unless you obtain Amazon's or its affiliates' prior written consent. The foregoing prohibition includes the use of "amazon," any other trademark of AWS, Amazon or its affiliates, or variations or misspellings of any of them, in the name of an Application or in a URL to the left of the top-level domain name (e.g., ".com", ".net", "co.uk", etc.)-for example, a URL such as "amazon.mydomain.com", "amaozn.com" or "amazonauctions.net" are expressly prohibited. Any use you make of the Marks shall inure to our benefit and you hereby irrevocably assign to us all right, title and interest in the same. In addition, you agree not to misrepresent or embellish the relationship between us and you, for example by implying that we support, sponsor, endorse, or contribute money to you or your business endeavors. If you are a large company and you want to use Amazon's services you must agree that: you may not use the word "amazon" in any domain name you control (even if you are a forestry company) you may not use any word Amazon choose to trademark in any domain you control (regardless of whether the name has a different meaning/purpose in your industry) from now until forever you will never dispute any claim Amazon makes on any word you or anybody else uses Seriously, who would sign such a thing?

    Read the article

  • Should I have a heroku worker dyno for poll a AWS SQS?

    - by Luccas
    Im confusing about where should I have a script polling an Aws Sqs inside a Rails application. If I use a thread inside the web app probably it will use cpu cycles to listen this queue forever and then affecting performance. And if I reserve a single heroku worker dyno it costs $34.50 per month. It makes sense to pay this price for it for a single queue poll? Or it's not the case to use a worker for it? The script code: queue = AWS::SQS::Queue.new(SQSADDR['my_queue']) queue.poll(:idle_timeout => 20) do |msg| # code here end I need help!! Thanks

    Read the article

  • NIC disabled in AWS instance

    - by Elad Lachmi
    Nothing makes you feel dumber than disabling a NIC while in RDP, but here I am :) I have mounted the volume on another instance and tried editing the registry. I have tried enabling auto logon and using runonce to run a netsh command to enable the NIC, but that does not work. I read something about enabling the NIC through the registry directly, but have had no luck in doing this. Has anyone dealt with this type of issue? I'm going nuts! Thank you!

    Read the article

  • AWS VPC ELB vs. Custom Load Balancing

    - by CP510
    So I'm wondering if this is a good idea. I have a Amazon AWS VPC setup with a public and private subnets. So I all ready get the Internet Gateway and NAT. I was going to setup all my web servers (Apache2 isntances) and DB servers in the private subnet and use a Load Balancer/Reverse Proxy to pick up requests and send them into the private subnets cluster of servers. My question then, is Amazons ELB's a good use for these, or is it better to setup my own custom instance to handle the public requests and run them through the NAT using nginx or pound? I like the second option just for the sake of having a instance I can log into and check. As well as taking advantage of caching and fail2ban ddos prevention, as well as possibly using fail safes to redirect traffic. But I have no experience with their ELB's, so I thought I'd ask your opinions. Also, if you guys have an opinion on this as well, would using the second option allow me to only have 1 public IP address and be able to route SSH connections through port numbers to respective instances? Thanks in advance!

    Read the article

  • cloud and existing enterprise applications technologies

    - by maxxxee
    What is the significance of new cloud platforms and databases like Microsoft Azure and Amazon EC2? Is it a replacement for enterprise application platforms like .net or JEE in a cloud environment? Is it neccessary to use these or other cloud specific platforms, or can we implement .net or JEE on a cloud based environment?

    Read the article

  • Creating url from the cloudfront aws

    - by GroovyUser
    I have my js files which I have uploaded into the Amazon S3 and linked it with the Cloudfront. I got a url something like this : dxxxxxxxx.cloudfront.net But opening that url in my browser ( I'm getting an error ) : <Error> <Code>AccessDenied</Code> <Message>Access Denied</Message> <RequestId>xxxxxx</RequestId> <HostId> xxxxxxxxxxxxxxx </HostId> </Error> But what I want actually is to use the url and add them to my webpage. How could I do that? Thanks in advance.

    Read the article

  • How do I Install Intermediate Certificates (in AWS)?

    - by getmizanur
    I have installed private key (pem encoded) and public key certificate (pem encoded) on Amazon Load Balancer. However, when I check the SSL with site test tool, I get the following error: Error while checking the SSL Certificate!! Unable to get the local issuer of the certificate. The issuer of a locally looked up certificate could not be found. Normally this indicates that not all intermediate certificates are installed on the server. I converted crt file to pem using these commands from this tutorial: openssl x509 -in input.crt -out input.der -outform DER openssl x509 -in input.der -inform DER -out output.pem -outform PEM During setup of Amazon Load Balancer, the only option I left out was certificate chain. (pem encoded) However, this was optional. Could this be cause of my issue? And if so; How do I create certificate chain? UPDATE If you make request to VeriSign they will give you a certificate chain. This chain includes public crt, intermediate crt and root crt. Make sure to remove the public crt from your certificate chain (which is the top most certificate) before adding it to your certification chain box of your Amazon Load Balancer. If you are making HTTPS requests from an Android app, then above instruction may not work for older Android OS such as 2.1 and 2.2. To make it work on older Android OS: go here click on "retail ssl" tab and then click on "secure site" "CA Bundle for Apache Server" copy and past these intermediate certs into certificate chain box. just incase if you have not found it here is the direct link. If you are using geo trust certificates then the solution is much the same for Android devices, however, you need to copy and paste their intermediate certs for Android.

    Read the article

  • Mounting Gluster Volumes

    - by Roman Newaza
    I have created Hosted Zone with 2 IP addresses of Gluster Cluster, both IP are returned by dig. After mounting Gluster, I cannot ls mount point as it takes long time. mount shows me it's mounted, but df doesn't. Finally, I have this: ls: cannot access /mnt/storage: Transport endpoint is not connected. But if I mount it with the one of the IP, no problem - volume contents is accessible OS: Ubuntu 11.10 GlusterFS: 3.2.6 Log: http://pastie.org/private/2jgp4h1hnqgzych3djtg I have can telnet storage from client - ports are open.

    Read the article

  • The future of cloud computing? [closed]

    - by Vimvq1987
    As far as I know, cloud computing is growing rapidly. Amazon EC2, Google App Engine, Microsoft Windows Azure...But I can't imagine how cloud computing will change the world. Will cloud computing will play the main role in software industry? Will our data be stored at one place and then can be accessed from any where? Shall we need powerful PCs no more because everything will be processed at "cloud"? Thank you so much

    Read the article

  • How to configure Amazon Security Groups to achieve multi-tier architecture?

    - by ks78
    What is the preferred way to configure Amazon Security Groups to achieve a multi-tier architecture? Each of my instances has its own Security Group, which I only want to use for rules specific to an instance. I'd like to keep any rules which apply to multiple instances in a separate Security Group, which can then be assigned to instance Security Groups as necessary. As an example, I've setup a group called "admin", which allows administrative access from my IP. I added the "admin" group as the source to each of my instance security groups. However, I still can't access the instances from my IP without adding the rules directly to the instance's group. Am I missing something? Although it seems a multi-tier security architecture should be possible, it doesn't seem to be working.

    Read the article

  • Safe to Use an Amazon EBS Volume While Snapshot in Progress?

    - by Justin Noel
    Is it safe to use an EBS volumne while a snapshot is being created? I've currently got a 100Gb EBS volume mounted. I am in the process of snapshotting it. Goodness it's slow!! It's going to end up taking more than 45 minutes to snapshot. My question : Is the EBS volume already copied and just being saved somewhere? Or, is the snapshot actively copying from my mounted volume right now? Basically, if I start using it before the snapshot completes, am I hosed? I just can't believe it takes this long to copy. There really isn't even 100GB in use. It's more like 25Gb.

    Read the article

  • Serving Compressed Files Amazon vs Lightty

    - by tike
    We are currently using amazon CloudFront to serve css and according to Amazon itself, Amazon CloudFront can serve both compressed and uncompressed files from an origin server. But while i check compression it shows everything fine in origin server but it shows notcompressed checking in the link with cloudfront. e.g. http://www.port80software.com/tools/compresscheck.asp?url=http%3A%2F%2Fimgsrv.mydomain.com%2Fen-UK%2Fsomething.css it would result with Compression status: (gzip) while with cloudfront http://www.port80software.com/tools/compresscheck.asp?url=http%3A%2F%2hereisit.cloudfront.net%2F%2Fsomething.css Compression status: Uncompressed Origin server is running lighttpd with mod_deflate however, allowed config is: deflate.allowed_encodings = ("bzip2", "gzip", "deflate") [i would think, putting extra allowed encoding wont affect as such.] Here i am clueless, what is the real issue.

    Read the article

  • How to configure Amazon Security Groups to achieve multi-tier architecture?

    - by ks78
    What is the preferred way to configure Amazon Security Groups to achieve a multi-tier architecture? Each of my instances has its own Security Group, which I only want to use for rules specific to an instance. I'd like to keep any rules which apply to multiple instances in a separate Security Group, which can then be assigned to instance Security Groups as necessary. As an example, I've setup a group called "admin", which allows administrative access from my IP. I added the "admin" group as the source to each of my instance security groups. However, I still can't access the instances from my IP without adding the rules directly to the instance's group. Am I missing something? Although it seems a multi-tier security architecture should be possible, it doesn't seem to be working.

    Read the article

< Previous Page | 29 30 31 32 33 34 35 36 37 38 39 40  | Next Page >