Get started with Ubuntu Image
Table of contents
Prerequisite
- You’ll need SSH key, read on How to generate SSH on Mac
- Knowing and change user permission, read on User & Permission
AWS - EC2
Create and run Ubuntu Image on AWS
After navigated to EC2 console on AWS. You will follow step by step how to create image.
Note for ssh client, by default you use ubuntu
as a user when SSH into the VM.
Security Group
Inbound
- ssh tcp 22
- http tcp 80
- https tcp 443
- smtp tcp 25
- custom tcp 587 -> for SES (AWS Simple Email Service)
- custom tcp 8080 -> incase if applied multilayer caching
Outbound
- ssh tcp 22
- http tcp 80
- https tcp 443
- smtp tcp 25
- custom tcp 587 -> for SES (AWS Simple Email Service)
SSH login
-
Generate Key
- Generated
.pem
on Amazon - Download
key.pem
file to local PC folderdefault Mac user do:
mv ~/Download/key.pem ~/.ssh/
- cd ~/.ssh
- chmod 400 key.pem
- Generated
-
SSH into the VM
ssh -i ~/.ssh/key.pem [email protected]
-
Change to
root
as default login- Using ssh into VM as
ubuntu
- Run:
vim ~/.ssh/authorized_keys
- Copy the
authorized_keys
information - Change to root by running
sudo -i
- Run:
vim ~/.ssh/authorized_keys
will create a new file under the root profile - Paste the content of
authorized_keys
, then save. - Exit the VM
- Run `ssh -i ~/.ssh/key.pem [email protected]
- Using ssh into VM as
Digital Ocean - Droplet
- Enabling Networking
firewall
Inbound
- ssh tcp 22
- http tcp 80
- https tcp 443
- custom tcp 8080 -> incase if applied multilayer caching
Outbound
- ssh tcp 22
- http tcp 80
- https tcp 443
- dns udp udp 53 -> important to run update/upgrade in the VM
SSH login
- Firs time login, you will be seeing this:
The authenticity of host ‘192.25.25.0’ can’t be established. ECDSA key fingerprint is SHA256:strings. Are you sure you want to continue connecting (yes/no/[fingerprint])?
Add public SSH key
- Digital Ocean Dashboard » Profile » Security » Add SSH
System maintenance
top
# to check memory usage, shift + m to sort highest usage first
ps aux | awk '{print $6/1024 " MB\t\t" $11}' | sort -n
# see processes memory in MB
apt-get install atop
# install system monitor
Rebuild Droplet
- Dashboard > rebuild
- Remove existing SSH key from local PC:
ssh-keygen -R 192.25.25.0
Google Cloud Platform (GCP) - VM
Google requires gcloud
command to generate keys which requires account authentications.
SSH login
ssh -i ~/.ssh/google_compute_engine [email protected]
# ssh -i [path-to-key] [user]@[external-ip]
Get IP
curl ifconfig.me
# outputs: 192.25.25.0 (external)
hostname -I
# outputs: 10.146.0.3 (internal)
Install Cloud SDK
command and gCloud
- Run
curl https://sdk.cloud.google.com | bash
- Start the programme:
exec -l $SHELL
- New VM setup SSH =>
gcloud init
- this is to config the account authentication, follow the first time use steps
Add gCloud
SSH to VM for the first time
- Login to Google Cloud Platform console » VM instances » SSH » View GCP Command
- Copy and paste the command to terminal and enter
- First time will require authenticate with Google Account » Go Authenticate
- After Authenticated, gCloud to generate key
- Key is saved under
/home/user/.ssh/
, the pair of.google_compute_engine
and.google_compute_engine.pub
Config gcloud
command
sudo gcloud compute config-ssh
# without sudo not permitted