Uploaded image for project: 'Solution Center'
  1. Solution Center
  2. SOL-402

AWS Installation Guide (Single Node)

    XMLWordPrintable

    Details

    • Type: How To
    • Status: Published
    • Affects Version/s: EXASolution 5.0.15
    • Fix Version/s: None
    • Component/s: None
    • Labels:
      None
    • Solution:
      Hide

      This how-to includes the following sections, we'll use the jump host (Amazon AMI) for running the aws cli.

      1. Single node installation (EXAone) with jump host
      2. Single node installation (EXAone) using AWS ELASTIC-IP/PUBLIC-IP without jump host

      Bash script setup-cloud.sh can also be used for single node installation https://www.exasol.com/support/browse/SOL-408.
      A cluster installation is covered in https://www.exasol.com/support/browse/SOL-403

      If you need the database to be available through the Internet, set following database parameter to enforce protocol encryption for EXAplus clients and drivers otherwise traffic between client and database will be unencrypted.

      -forceProtocolEncryption=1
      

      Prerequisites

      1. AWS console access e.g. https://COMPANY.singin.aws.amazon.com/console
      2. EXASOL AMI
      3. SSH Key Pair for the corresponding region
      4. Ensure you have a running shell and an editor of your choice installed on the system
      5. AWS command line utilities (http://docs.aws.amazon.com/cli/latest/userguide/installing.html), utilities are pre-installed on the Amazon AMI
      6. File containing your AWS environment variables (KEY/SECRET/REGION) to access the ec2 API
        ~$ cat .settings_virginia
        export AWS_ACCESS_KEY=KEY-ID
        export AWS_SECRET_KEY=SECRET-KEY
        export EC2_URL=https://ec2.us-east-1.amazonaws.com
        

      1. Single node installation (EXAone) with jump host

      Create a new VPC (VPC with single public subnet is sufficient) or use an existing one, ensure VPC CIDR and Public Subnet must not use 27.1.0.0/16.

      • Assume we are using a 10.0.0.0/16 CIDR block
        AND
      • A 10.0.0.0/24 Public Subnet within the CIDR block
        AND
      • S3 Endpoint for database backups (see https://www.exasol.com/support/browse/SOL-354 for configuring S3 remote backups)
        AND
      • S3 Endpoint for IMPORT/EXPORT

      Installation and configuration of the jump host (used for VPC WAN access)

      1. Launch free tier eligible instance using the EC2 console (e.g. Amazon AMI t2.micro) used as an intermediate jump host and router
      2. Assign Public or Elastic IP
      3. Allow SSH incoming traffic
      4. Adjust instance storage if necessary
      5. Launch instance

      Configure jump host as router/gateway

      $ ssh -i PEM ec2-user@PUBLIC-IP
      jumphost $ sudo ec2-modify-instance-attribute --source-dest-check false <INSTANCE_ID_JUMP_HOST>
      jumphost $ sudo sysctl net.ipv4.ip_forward=1
      jumphost $ sudo iptables -t nat -A POSTROUTING -j MASQUERADE
      
      1. Adjust Security Group rules between jump host and EXAone accordingly (All incoming traffic on 10.0.0.0/16)
      2. Ensure DNS and NTP is configured and working properly

      Setting up EXAone EC2 instance

      1. Launch EXAone instance on EXASOL AMI using the EC2 console
      2. Adjust VPC to match jump host VPC
      3. No Public IP required
      4. No Placement Group required
      5. Add two additional EBS volumes (GP2 recommended)
        • One for OS (at least 100GiB)
        • The second one for EXAStorage depending on the amount of persistent data
        • Multiple disks for EXAStorage are not supported at the moment
      6. Adjust Security Group to allow at least all incoming traffic from the jump host (All incoming traffic on 10.0.0.0/16)
      7. Launch instance and wait a few minutes for the instance to be fully initialized

      SSH port forwarding jump host <-> EXAone

      1. Ports that will be forwarded to your local machine (localhost):
        • 443 TCP HTTPS for EXAoperation web-frontend
        • 8563 TCP for connection to the EXASolution database
          $ ssh -i PEM ec2-user@JUMPHOST-IP -L8443:EXAone-IP:443 -L8563:EXAone-IP:8563
          

      EXAone web-based one-click installer

      1. Open a web browser and open "https://localhost:8443"
      2. Enter EXAone instance ID
      3. Configure passwords for:
        • EXAoperation web frontend user "admin"
        • EXASolution database user "sys"
      4. Wait for the installation to finish, the database will start up automatically (takes approximately 20 minutes)
      5. If you're not being forwarded after 20 minutes, try to load "https://localhost:8443" manually

      Configure DNS, NTP and Gateway

      1. Login to EXAoperation web fronted "https://localhost:8443"
      2. Network - Edit -
        • DNS public DNS e.g. 8.8.8.8 or Amazon public DNS 169.254.169.253
        • NTP public NTP or Amazon public NTP 193.1.219.116
        • Configure Search Domain to fit the region your cluster is running in e.g. Frankfurt otherwise S3 name lookup might fail e.g. "eu-central-1.compute.internal"
      3. Adjust default gateway IP address
        • change it via SSH:
          EXAone $ ip route change default via IP-JUMP-HOST
          
        • Or using the user maintenance via SSH

      2. Single node installation (EXAone) using AWS ELASTIC-IP/PUBLIC-IP without jump host

      Create a new VPC (VPC with single public subnet is sufficient) or use an existing one, ensure VPC CIDR and Public Subnet must not use 27.1.0.0/16.

      • Assume we are using a 10.0.0.0/16 CIDR block
        AND
      • A 10.0.0.0/24 Public Subnet within the CIDR block
        AND
      • S3 Endpoint for database backups
        AND
      • S3 Endpoint for IMPORT/EXPORT

      Launch EXAone EC2 instance

      1. Launch EXAone instance on EXASOL AMI
      2. Adjust VPC to match the created one
      3. Enable Public IP
      4. No Placement Group required
      5. Add two additional EBS volumes (GP2 recommended)
        • One for OS (at least 100GiB)
        • The second one for EXAStorage depending on the amount of persistent data
        • Multiple disks for EXAStorage are not supported at the moment
      6. Adjust Security Group to allow at least all incoming traffic at least on
        • EXASolution database port TCP 8563
        • EXAoperation web frontend port TCP 443
        • SSH port TCP 22 for debugging purposes
      7. Launch instance and wait a few minutes for the instance to be fully initialized

      EXAone web-based one-click installer

      1. Open a web browser and open "https://EXAone-ELASTIC-IP:443"
      2. Enter EXAone instance ID
      3. Configure passwords for:
        • EXAoperation web frontend user "admin"
        • EXASolution database user "sys"
      4. Wait for the installation to finish, the database will start up automatically (takes approximately 20 minutes)
      5. If you're not being forwarded after 20 minutes, try to load "https://EXAone-ELASTIC-IP:443" manually

      Configure DNS, NTP and Gateway

      1. Login to EXAoperation web fronted "https://EXAone-ELASTIC-IP:443"
      2. Network - Edit -
        • DNS public DNS e.g. 8.8.8.8 or Amazon public DNS 169.254.169.253
        • NTP public NTP or Amazon public NTP 193.1.219.116
        • Configure Search Domain to fit the region your cluster is running in e.g. Frankfurt otherwise S3 name lookup might fail e.g "eu-central-1.compute.internal"
      3. Adjust default gateway IP address
        • change it via SSH:
          EXAone $ ip route change default via VPC-GATEWAY-IP
          
        • Or using the user maintenance via SSH
      Show
      This how-to includes the following sections, we'll use the jump host (Amazon AMI) for running the aws cli. Single node installation (EXAone) with jump host Single node installation (EXAone) using AWS ELASTIC-IP/PUBLIC-IP without jump host Bash script setup-cloud.sh can also be used for single node installation https://www.exasol.com/support/browse/SOL-408 . A cluster installation is covered in https://www.exasol.com/support/browse/SOL-403 If you need the database to be available through the Internet, set following database parameter to enforce protocol encryption for EXAplus clients and drivers otherwise traffic between client and database will be unencrypted. -forceProtocolEncryption=1 Prerequisites AWS console access e.g. https://COMPANY.singin.aws.amazon.com/console EXASOL AMI SSH Key Pair for the corresponding region Ensure you have a running shell and an editor of your choice installed on the system AWS command line utilities ( http://docs.aws.amazon.com/cli/latest/userguide/installing.html ), utilities are pre-installed on the Amazon AMI File containing your AWS environment variables (KEY/SECRET/REGION) to access the ec2 API ~$ cat .settings_virginia export AWS_ACCESS_KEY=KEY-ID export AWS_SECRET_KEY=SECRET-KEY export EC2_URL=https://ec2.us-east-1.amazonaws.com 1. Single node installation (EXAone) with jump host Create a new VPC (VPC with single public subnet is sufficient) or use an existing one, ensure VPC CIDR and Public Subnet must not use 27.1.0.0/16. Assume we are using a 10.0.0.0/16 CIDR block AND A 10.0.0.0/24 Public Subnet within the CIDR block AND S3 Endpoint for database backups (see https://www.exasol.com/support/browse/SOL-354 for configuring S3 remote backups) AND S3 Endpoint for IMPORT/EXPORT Installation and configuration of the jump host (used for VPC WAN access) Launch free tier eligible instance using the EC2 console (e.g. Amazon AMI t2.micro) used as an intermediate jump host and router Assign Public or Elastic IP Allow SSH incoming traffic Adjust instance storage if necessary Launch instance Configure jump host as router/gateway $ ssh -i PEM ec2-user@PUBLIC-IP jumphost $ sudo ec2-modify-instance-attribute --source-dest-check false <INSTANCE_ID_JUMP_HOST> jumphost $ sudo sysctl net.ipv4.ip_forward=1 jumphost $ sudo iptables -t nat -A POSTROUTING -j MASQUERADE Adjust Security Group rules between jump host and EXAone accordingly (All incoming traffic on 10.0.0.0/16) Ensure DNS and NTP is configured and working properly Setting up EXAone EC2 instance Launch EXAone instance on EXASOL AMI using the EC2 console Adjust VPC to match jump host VPC No Public IP required No Placement Group required Add two additional EBS volumes (GP2 recommended) One for OS (at least 100GiB) The second one for EXAStorage depending on the amount of persistent data Multiple disks for EXAStorage are not supported at the moment Adjust Security Group to allow at least all incoming traffic from the jump host (All incoming traffic on 10.0.0.0/16) Launch instance and wait a few minutes for the instance to be fully initialized SSH port forwarding jump host <-> EXAone Ports that will be forwarded to your local machine (localhost): 443 TCP HTTPS for EXAoperation web-frontend 8563 TCP for connection to the EXASolution database $ ssh -i PEM ec2-user@JUMPHOST-IP -L8443:EXAone-IP:443 -L8563:EXAone-IP:8563 EXAone web-based one-click installer Open a web browser and open "https://localhost:8443" Enter EXAone instance ID Configure passwords for: EXAoperation web frontend user "admin" EXASolution database user "sys" Wait for the installation to finish, the database will start up automatically (takes approximately 20 minutes) If you're not being forwarded after 20 minutes, try to load "https://localhost:8443" manually Configure DNS, NTP and Gateway Login to EXAoperation web fronted "https://localhost:8443" Network - Edit - DNS public DNS e.g. 8.8.8.8 or Amazon public DNS 169.254.169.253 NTP public NTP or Amazon public NTP 193.1.219.116 Configure Search Domain to fit the region your cluster is running in e.g. Frankfurt otherwise S3 name lookup might fail e.g. "eu-central-1.compute.internal" Adjust default gateway IP address change it via SSH: EXAone $ ip route change default via IP-JUMP-HOST Or using the user maintenance via SSH 2. Single node installation (EXAone) using AWS ELASTIC-IP/PUBLIC-IP without jump host Create a new VPC (VPC with single public subnet is sufficient) or use an existing one, ensure VPC CIDR and Public Subnet must not use 27.1.0.0/16. Assume we are using a 10.0.0.0/16 CIDR block AND A 10.0.0.0/24 Public Subnet within the CIDR block AND S3 Endpoint for database backups AND S3 Endpoint for IMPORT/EXPORT Launch EXAone EC2 instance Launch EXAone instance on EXASOL AMI Adjust VPC to match the created one Enable Public IP No Placement Group required Add two additional EBS volumes (GP2 recommended) One for OS (at least 100GiB) The second one for EXAStorage depending on the amount of persistent data Multiple disks for EXAStorage are not supported at the moment Adjust Security Group to allow at least all incoming traffic at least on EXASolution database port TCP 8563 EXAoperation web frontend port TCP 443 SSH port TCP 22 for debugging purposes Launch instance and wait a few minutes for the instance to be fully initialized EXAone web-based one-click installer Open a web browser and open "https://EXAone-ELASTIC-IP:443" Enter EXAone instance ID Configure passwords for: EXAoperation web frontend user "admin" EXASolution database user "sys" Wait for the installation to finish, the database will start up automatically (takes approximately 20 minutes) If you're not being forwarded after 20 minutes, try to load "https://EXAone-ELASTIC-IP:443" manually Configure DNS, NTP and Gateway Login to EXAoperation web fronted "https://EXAone-ELASTIC-IP:443" Network - Edit - DNS public DNS e.g. 8.8.8.8 or Amazon public DNS 169.254.169.253 NTP public NTP or Amazon public NTP 193.1.219.116 Configure Search Domain to fit the region your cluster is running in e.g. Frankfurt otherwise S3 name lookup might fail e.g "eu-central-1.compute.internal" Adjust default gateway IP address change it via SSH: EXAone $ ip route change default via VPC-GATEWAY-IP Or using the user maintenance via SSH
    • Category 1:
      Plattform Support - EXASOL on AWS
    • Category 2:
      Cluster Administration - Installation

      Attachments

        Issue Links

          Activity

            People

            • Assignee:
              CaptainEXA Captain EXASOL
              Reporter:
              CaptainEXA Captain EXASOL
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated: