Category: EC2

How to use wildcard domain with OpenShift hosting?

by Muhammad Jawaid Shamshadin AWS, EC2, OpenShift, RedHat, Technology, WebLeave a Comment on How to use wildcard domain with OpenShift hosting?

If you have a domain name and want to use OpenShift for hosting then using a wildcard domain name is a bit tricky with some domain registrars like GoDaddy. The reason is IP address of the app on OpenShift doesn’t remain the same and to use the wildcard domain a DNS A record is setup with the IP address of the hosting server. So, how do we make sure the following is true:

  • user enters mysitename.com > user sees www.mysitename.com
  • user enters mysitename.com/about.html > user sees www.mysitename.com/about.html

That is, the www prefix is always displayed anywhere on the site.

But due to the non-static IP of the OpenShift app, it is not possible to adjust the A record. But you can set up a CNAME with the following:

www > appname-username.rhcloud.com

where the format for the OpenShift app is

http://appname-username.rhcloud.com.

This means the site is accessible at www.mysitename.com but not at mysitename.com. To make it work you need to do the following.

On domain registrar like GoDaddy
– Create a new Record with
Record Type CNAME
HOST: www
POINT TO: appname-username.rhcloud.com

  • Setup Forwarding
    Forward to: www.mysitename.com
    Redirect: 301 (Permanent)
    Type: Forward only

On Openshift
1. Select Application tab > select application appname-username.rhcloud.com > click change
2. Enter the Domain name www.mysitename.com

That’s it! Wait for 10-15 min and see the magic.

Connecting to Amazon Linux/UNIX EC2 Instances from Windows Using PuTTY

by Muhammad Jawaid Shamshadin Amazon, AWS, EC2, Microsoft, Technology, Windows2 Comments on Connecting to Amazon Linux/UNIX EC2 Instances from Windows Using PuTTY

To connect to your Linux/UNIX instance from a Windows machine, use an SSH client. The following instructions explain how to use PuTTY, a free SSH client for Windows machines.

Converting Your Private Key

PuTTY does not natively support the private key format generated by Amazon EC2. Fortunately, PuTTY has a tool called PuTTYgen, which can convert keys to the required PuTTY format.

To convert your private key

  1. Start PuTTYgen (e.g., from the Start menu, click All Programs > PuTTY > PuTTYgen).
  2. Click Load and browse to the location of the private key file that you want to convert (e.g., GSG_Keypair.pem). By default, PuTTYgen displays only files with extension .ppk; you’ll need to change that to display files of all types in order to see your.pem key file. The private key file must end with a newline character or PuTTYgen cannot load it correctly. 

     

  3. Select your .pem key file and click Open.PuTTYgen displays the following message.

     

     

    When you click OK, PuTTYgen displays a dialog box with information about the key you loaded, such as the public key and the fingerprint. The keys that Amazon EC2 generates are 1024-bit SSH-2 RSA keys.

  4. Click Save private key to save the key in PuTTY’s format.PuTTYgen asks if you want to save the key without a passphrase.

     

     

  5. Click Yes.
    [Note] Note
    A passphrase on a private key is an extra layer of protection, so even if your private key is discovered, it will not be usable without the passphrase. The downside to using a passphrase is that it makes automation harder because human intervention is needed to log on to an instance, or copy files to an instance. For this exercise, we’re not using a passphrase.
  6. Name the key with the same name you used for the key pair (e.g., GSG_Keypair). PuTTY automatically adds the .ppk file extension.

Your private key is now in the correct format for use with PuTTY. You can now connect to your instance using PuTTY’s SSH client.

Connecting Using PuTTY SSH

You’ll connect by starting a PuTTY SSH session.

To use SSH to connect

  1. If you’ve launched a public AMI that you have not rebundled, run the ec2-get-console-output command on your local system (not on the instance), and locate the SSH HOST KEY FINGERPRINTS section. For more information, go to ec2-get-console-output in the Amazon Elastic Compute Cloud Command Line Reference. 
    PROMPT>  ec2-get-console-output instance_id
 ... ec2: -----BEGIN SSH HOST KEY FINGERPRINTS----- ec2: 2048 bc:89:29:c6:45:4b:b3:e2:c1:41:81:22:cb:3c:77:54 /etc/ssh/ssh_host_key.pub ec2: 2048 fc:8d:0c:eb:0e:a6:4a:6a:61:50:00:c4:d2:51:78:66 /etc/ssh/ssh_host_rsa_key.pub ec2: 1024 b5:cd:88:6a:18:7f:83:9d:1f:3b:80:03:10:17:7b:f5 /etc/ssh/ssh_host_dsa_key.pub ec2: -----END SSH HOST KEY FINGERPRINTS-----
...

    Note the fingerprints so that you can compare them to the fingerprints of the instance.

  2. Start PuTTY (e.g., from the Start menu, click All Programs > PuTTY > PuTTY).A dialog box opens with a Category menu on the left side. On the right side, the basic options for your PuTTY session are displayed.
  3. In the Host Name field, enter the public DNS name of your instance (available through the AWS Management Console or theec2-describe-instances command). You can optionally prefix the DNS name with [email protected] to automatically log in with superuser privileges when the session opens. 

     

  4. In the Category menu, under Connection, click SSH, and then Auth.The options controlling SSH authentication are displayed.
  5. Click Browse and navigate to the PuTTY private key file you generated in the preceding section. 

     

  6. Click Open.An SSH session window opens and PuTTY displays a security alert asking if you trust the host you’re connecting to.
    [Important] Important
    If you’ve launched a public AMI, verify that the fingerprint in the security alert matches the fingerprint from the output of the ec2-get-console-output command. If it doesn’t, someone might be attempting a “man-in-the-middle” attack.
  7. Click Yes.
  8. In the SSH session window, log in as root (or ec2-user) if you didn’t as part of starting the SSH session.
    [Note] Note
    Some AMIs let you log in as root, but some require you to log in with the username ec2-user. For log in information for your chosen AMI, contact your AMI provider directly or go to Amazon Machine Images(AMIs) page, then locate and click your AMI on the list.
    [Note] 
    Note
    		 
    If you specified a passphrase when you converted your private key to PuTTY's format, you must provide that passphrase when you log in to the instance.

    [Reference: http://docs.amazonwebservices.com/AWSEC2/latest/UserGuide/index.html?LaunchingAndUsingInstances.html]