Sunday, May 15, 2022

Controlling EC2 Instance from CLI: AWS automations

When you start learning few commands about AWS CLI you can plan to automate the process with simple bash shell script where you can include set of aws commands into it with simple bash script controls. 

How to automate AWS EC2 stop/start using aws cli?

Objective of this post is to develop a simple controlling script which can use the AWS CLI commands for start-instances, describe-instances, stop-instances and adding bash scripting logic to it. First we start experiment with each aws ec2 command, then we can proceed by collecting those successful commands to form a automation script. Let's explore now.

How to automate AWS EC2 instance using aws-cli


How to start an AWS EC2 instance "start-instances" command


To start the aws instance you need to pass the instance-id as argument. Following is the command example.
aws ec2 start-instances --instance-id i-instancenumber
Please change to your instance-id value replace the instancenumber with yours.
Execution output looks like this:

aws ec2 start-instances execution initially in pending state


aws ec2 stop-instances command

To stop the AWS EC2 Instance you need to pass the instance-id as a argument. Following is the command example.
aws ec2 stop-instances --instance-id i-instancenumber
Please change to your instance-id value replace the instancenumber with yours.

EXECUTION
aws ec2 stop-instances


Describe instance status


The describe-instances-status subcommand will show the InstanceState, InstanceStatus and also SystemStatus. We can pick any of these as per the automation needs.
aws ec2 describe-instances-status --instance-id i-instancenumber
Please change to your instance-id value replace the instancenumber with yours.
Describing instance status specific to InstanceState which can be extracted as Name value and here trick is use the --output to TEXT format.

aws ec2 describe-instance-status --instance-id i-instancenumber \
 --query 'InstanceStatuses[*].InstanceState.Name' --output text
This output is nicely choped to test wheather an instance is in 'running', 'stopped', or 'pending' state. Using this we can decide how to proceed next, if it is running we can move to the logic where stop the instance works. otherwise nothing [] is status then we can proceed to start instance logic.

Execution outputs as follows:

aws ec2 describe-instance-status execution output

How to get the EC2 Instance Public IP address?

The describe-instances subcommand will help us to retrieve all details of instances. So we use this subcommand to pick Private or Public IP Address of given EC2 instance. You need to provide the instanceid to fetch the EC2 instance public IP Address.

aws ec2 describe-instances --instance-id i-instancenumber \
 --query "Reservation[*].PublicIpAddress" --output text
Results the Public IP Address of given ec2 instance

Using we can prepare nice shell script to automate the instance start and stop and checking the status.

Once you get the INSTANCE_IP that is Public IP we can connect with ssh command as shown below:
  ssh -o "StrictHostKeyChecking=no" -i aws-key.pem centos@$INSTANCE_IP
  
Here option -i is used for identity file
and  option 
-o "StrickHostKeyChecking=no" indicates do not prompt for the SSH finger print value entry. You can understand without given this option see use of this.
running automation script output looks like this.

How to modify the security group for running EC2 instance?
There was a problem when I've ran the aws ec2 run command instance was created and able to see it is in Running state. But unfortunately the ssh connectivity failing with the error message "Port 22 refused connection". Here the solution could be the proper security group must be associated with the EC2 instance.

AWS CLI command to modify the security group which is already existing in my other EC2 instance that is Running state and connectivity also normal, from the AWS Console we can get the seurity-group id from the normal instance (node1) can be used in the Issue instance (node2). Two inputs required here node2 instance-id and node1 security group id.

 aws ec2 modify-instance-attribute --instance-id i-instanacenumber  --groups sg-securitygroupid
  
Example screenshot of execution:

 
AWS CLI to modify attribute for running EC2 isntance



Troubleshoot AWS-CLI connect issues


Issue : Provide region_name 'us-east-1' doesn't match a supported format - though you entered region at the time of `aws configure`


Solution: You first observe your configured file that usually stored in the path ~/aws/config file in JSON format. Here I've found that junk char before the region value entry. Seen in the following screenshot.

junk char in region value in ~/.aws/config file



Removed the junk char before the region value resolved this issue.


Issue : An error occurred (MissingParameter) when calling the aws-cli-SUBCOMMAND operation: The request must contain the parameter AWSAcessKeyId


Solution: As per the error message it is clear that MissingParameter that is AWSAcessKeyId. open the credentials file from ~/.aws folder using vs-code. It will show the if any junk chars included into the AWSAcessKeyId value. 

Strange char in ~/.aws/Credentails file


This junk entries happens when you us mouse on the browser and copy paste while executing `aws configure` command. In my case I found this with vs-code red colored for junk chars,  removed then the issue resolved and able to run the aws-cli command successfully.

No comments:

Categories

Kubernetes (24) Docker (20) git (13) Jenkins (12) AWS (7) Jenkins CI (5) Vagrant (5) K8s (4) VirtualBox (4) CentOS7 (3) docker registry (3) docker-ee (3) ucp (3) Jenkins Automation (2) Jenkins Master Slave (2) Jenkins Project (2) containers (2) create deployment (2) docker EE (2) docker private registry (2) dockers (2) dtr (2) kubeadm (2) kubectl (2) kubelet (2) openssl (2) Alert Manager CLI (1) AlertManager (1) Apache Maven (1) Best DevOps interview questions (1) CentOS (1) Container as a Service (1) DevOps Interview Questions (1) Docker 19 CE on Ubuntu 19.04 (1) Docker Tutorial (1) Docker UCP (1) Docker installation on Ubunutu (1) Docker interview questions (1) Docker on PowerShell (1) Docker on Windows (1) Docker version (1) Docker-ee installation on CentOS (1) DockerHub (1) Features of DTR (1) Fedora (1) Freestyle Project (1) Git Install on CentOS (1) Git Install on Oracle Linux (1) Git Install on RHEL (1) Git Source based installation (1) Git line ending setup (1) Git migration (1) Grafana on Windows (1) Install DTR (1) Install Docker on Windows Server (1) Install Maven on CentOS (1) Issues (1) Jenkins CI server on AWS instance (1) Jenkins First Job (1) Jenkins Installation on CentOS7 (1) Jenkins Master (1) Jenkins automatic build (1) Jenkins installation on Ubuntu 18.04 (1) Jenkins integration with GitHub server (1) Jenkins on AWS Ubuntu (1) Kubernetes Cluster provisioning (1) Kubernetes interview questions (1) Kuberntes Installation (1) Maven (1) Maven installation on Unix (1) Operations interview Questions (1) Oracle Linux (1) Personal access tokens on GitHub (1) Problem in Docker (1) Prometheus (1) Prometheus CLI (1) RHEL (1) SCM (1) SCM Poll (1) SRE interview questions (1) Troubleshooting (1) Uninstall Git (1) Uninstall Git on CentOS7 (1) Universal Control Plane (1) Vagrantfile (1) amtool (1) aws IAM Role (1) aws policy (1) caas (1) chef installation (1) create organization on UCP (1) create team on UCP (1) docker CE (1) docker UCP console (1) docker command line (1) docker commands (1) docker community edition (1) docker container (1) docker editions (1) docker enterprise edition (1) docker enterprise edition deep dive (1) docker for windows (1) docker hub (1) docker installation (1) docker node (1) docker releases (1) docker secure registry (1) docker service (1) docker swarm init (1) docker swarm join (1) docker trusted registry (1) elasticBeanStalk (1) global configurations (1) helm installation issue (1) mvn (1) namespaces (1) promtool (1) service creation (1) slack (1)