AWS Lightsail (and other VPS)

Create and use EC2 instances at fixed prices per month, vs. other Virtual Private Servers

                       

Overview

• Get on AWS
  • Lightsail Console
  • Create new instance
  • Save key pair for SSH?
  • Select plan
  • SSH into instance
  • Lightsail’s online SSH window
• Terminal start-up
  • Paste commands
• Paste commands: Security
• Monitor the instance
  • Delete the instance
• Setup IP address
• Resources
• Docker
• More on Amazon

This tutorial is about Amazon Lightsail, which charges a fixed monthly price for a single VPS (Virtual Private Server) running on a physical machine shared with others.

NOTE: Content here are my personal opinions, and not intended to represent any employer (past or present). “PROTIP:” here highlight information I haven’t seen elsewhere on the internet because it is hard-won, little-know but significant facts based on my personal research and experience.

Amazon Lightsail was announced in 2018, to make “server management easier by automatically configuring key resources like networking and security”. One signs up for a specific mix of compute, memory, disk, and data transfer capacities. This is like selecting EC2 instance types, but without specifying VPC, networking, and permissions.

USD per month for single Linux or Microsoft Windows instances:

Linux	Windows	Memory	CPUs	SSD	Transfer
$3.50	$8	0.5 GB	1	20 GB	1 TB
$5	$12	1 GB	1	40 GB	2 TB
$10	$20	2 GB	1	60 GB	3 TB
$20	$40	4 GB	2	80 GB	4 TB
$40	$70	8 GB	2	160 GB	5 TB
$80	$120	16 GB	4	320 GB	6 TB
$160	$240	32 GB	8	640 GB	7 TB

When comparing Lightsail prices vs. offerings by traditional VPS hosting vendors, note what each plan includes. Included in all Lightsail plans:

• Static IP address
• DNS management
• Server monitoring
• SSH terminal access (Linux/Unix)
• Intuitive management console
• RDP access (Windows)
• Secure key management

Among those offering the fastest load times (paid by the year):

• $14/month for 1GB RAM, 30GB SSD, unlimited data transfer at Dreamhost.com
• $20/month for 4GB RAM, 40GB disk, unlimited data transfer, plus 3 dedicated IPs and SSL free 1st year at GodDaddy.com with a 45-day refund.
• $19/month for 2GB RAM, 30GB SSD, 1TB data transfer at Bluehost.com
• $30/month for 2GB RAM, 120GB disk, 1.5TB data transfer at hostgator.com
• $80/month for 4GB RAM, 40GB SSD, 5 TB data transfer at SiteGround.com
• $22/month for 4GB RAM, 7GB SSD, 4 TB data transfer, 3 IP addressses at inmotionhosting.com
  
  

For the same $20, Lightsail provides twice as much disk space, but puts a cap on the free data Transfer out. Outbound data transfer in excess of each plan’s data “Transfer” allowance is subject to overage charges. Plans in the Mumbai and Sydney Regions are charged at about half the Transfer allowance of other regions. (0.5 TB instead of 1 TB at $3.50).

Lightsail’s competitive difference is not just Solid-State (SSD) storage which are fast and reliable, but that its users can move up to EC2 (using a snapshot) when a more complex configuration is needed.

You’ll probably also need to host a database using standard (single instance) or high availability (multiple instances clustered) for redundancy or failover:

Standard	HA	Memory	CPUs	SSD	Transfer
$15	$30	1 GB	1	40 GB	100 GB
$30	$60	2 GB	1	60 GB	100 GB
$60	$120	4 GB	2	80 GB	100 GB
$115	$230	8 GB	2	160 GB	200 GB

Other competitors to Lightsail are “Severless” functions running in Azure, Google, or AWS Lambda. But such are complete rewrites of apps.

Get on AWS

1. Get a email from Gmail.com if you don’t already have one.
2. Use the Google Chrome browser. Don’t use the Firefox browser because it repeats characters on its own in Lightsail’s pop-up terminal.

3. Sign up for an Amazon account if you don’t already have one. New accounts get one year of free tier access.

4. https://aws.amazon.com/lightsail/pricing/

   WARNING: Windows instances are more expensive than Linux instances.

5. Scroll down to select “Get started with Lightsail” for the AWS Management Console, for example:

   https://us-west-2.console.aws.amazon.com/console/home

6. In the black menu at the upper-right, click the region name if you want a different region.

7. In the “Find services” field, type “Lightsail” enough to click on the selection that appears.

   Lightsail provides suitable for a wide range of skill levels from beginners without any AWS experience to power users and developers who need to implement things in a fast and efficient way.

8. Click “Save” for your language (default English).

9. Click “later” for the Lightsail console:

   Lightsail Console

   https://lightsail.aws.amazon.com/ls/webapp/home/instances

10. Bookmark the above to get back to it quickly. You also return to this by clicking “Home” at the top menu.

    Create new instance

11. Click the orange “Create instance”.

12. Select an Instance region near you (such as Viginia-1 aka “us-east-1a”)

    

13. Select “Lunix/Unix” under “Select a platform”.

14. Click “OS only” under “Select a blueprint”.

    There are more blueprints defining well-known apps running on Linux than Windows.

15. Click “Ubuntu 18.04 LTS”.

16. Click “Add launch script”.

17. Highlight and copy the script from our GitHub repo

    bash -c "$(curl -fsSL https://raw.githubusercontent.com/wilsonmar/DevSecOps/master/Ruby/ywam-setup-all.sh)"

    PROTIP: Output from launch script do not appear on the terminal.

    Save key pair for SSH?

    If Lightsail’s browser SSH terminal works, then skip the section below and click here to go to the Select Plan section.

    NOTE: There is 1 default SSH per region.

18. MEH: Lightsail’s online SSH doesn’t work, so click “Create New” under “SSH key pair manager”.
19. Type the key pair name such as ywam-1-wilsonmar-gmail-Ubuntu18-512MB-us-east-1a, and click “Generate”.

20. Click “Download key”, then Save File “*.pem” into your default Downloads folder.

    This will be used to SSH into the Linux instance.

    Select plan

21. For instance plan, select Linux, select the $3.50 a month for 512 MB RAM. Later we can upgrade if needed for more memory and data transfer.

22. Under “Identify your instance”, change the name to “ywam-1-wilsonmar-gmail-Ubuntu18-512MB-us-east-1a” or one you prefer.
23. Click the orange “Create instance”.

24. The Lightsail console displays your instances under a menu:

    Instances Databases Networking Storage Snapshots Tags History Delete

    For YWAM, we don’t use an Amazon database, but one we include within the instance.

    We don’t allocate a static IP because idle ones are charged $1 per day.

    We don’t need a load balancer since we’re only creating a single instance.

    We don’t need the load balancer and its firewall to filter traffic.

    We will grow by snapshoting (transfer to another region) and create and attach an EBS disk volume with EC2 migrate for more capacity and features.

25. Click on your instance name (“ywam-1-wilsonmar-gmail-Ubuntu18-512MB-us-east-1a”).

    https://lightsail.aws.amazon.com/ls/webapp/us-east-1/instances/ywam-1-wilsonmar-gmail-Ubuntu18-512MB-us-east-1a /connect

    SSH into instance

    MEH: If Lightsail’s online SSH doesn’t work:

26. On your Mac, open a Terminal session by cursor to the top menu and click the search icon, then type “Terminal.app” until it shows up for you to click.
27. Cursor up to the top and select “Shell”, “Window”, and select one of the options for different background colors.

28. Login by providing your laptop’s password.

29. Press command+Tab to switch to the Finder and navigate to the Download folder.

30. Right-click on the pem file downloaded, such as ywam-1-wilsonmar-gmail-Ubuntu18-512MB-us-east-1a, and press command+C to copy the text to your invisible Clipboard.

31. Press command+Tab to switch to the Terminal.

32. On the Terminal prompt, create an Environment Variable by a command such as:

    export SSHKEY=~/Downloads/ywam-1-wilsonmar-gmail-Ubuntu18-512MB-us-east-1a.pem

    ~ indicates your user account.

33. Use the variable on the Terminal prompt*, type:

    chmod 400 "$SSHKEY"

34. Verify by typing on the Terminal prompt:

    echo "$SSHKEY"

    The response should start with:

    -r--------@ 1 

35. Press command+Tab to switch to the Lightsail console.
36. Highlight on the Lightsail console the Public IP such as 3.94.159.30.

37. Press commnand+C to copy into your invisible Clipboard.

38. Press command+Tab to switch to the Finder and navigate to the Download folder.

39. On the Terminal prompt, type

    ssh -i "$SSHKEY" ubunto@

    then press command+V to paste the IP address from your Clipboard, such as “3.94.159.30”.

Lightsail’s online SSH window

The “Achilles Heel” of Lightsail is its cumbersome browser CLI console, where one has to copy and paste into an intermediary clipboard. Quite a hassle vs. straight SSH.

1. For a new browser window to open up, on the Home screen click the icon under the instance name or, if you’ve click the instance name, click the orange “Connect using SSH”

   PROTIP: On a Mac, rotate among browser windows by holding down keyboard command then pressing the “back-tick” key at the upper-right corner of the keyboard.

   The messages appearing on initiation are shown in section Terminal Start-Up below.

2. Click the red dot at the upper-left corner of the browser window to exit.

3. At the Lightsail console, click the orange icon for terminal to the right of the instance you want to work on.

   According to the blue “Help” tab on the right edge of the Lightsail console:

4. Highlight a portion of the Lightsail terminal window by clicking on the beginning of what you want to copy, then hold down the left-mouse and drag your mouse across to the end of the text to be copied. Press Enter to copy the text into the browser’s orange clipboard icon.

5. Click on the orange clipboard icon at the bottom-right of the pop-up window.
6. Press command+A to highlight all the text, then

7. Press command+C to copy the highlighted text to your machine’s invisible Clipboard.

8. Press command+Tab to switch to a program on your laptop.
9. Click on where you want to paste.
10. Press command+V to paste the text.

Terminal start-up

You should see some informative and marketing messages when the terminal appears:

Welcome to Ubuntu 18.04.1 LTS (GNU/Linux 4.15.0-1021-aws x86_64)
 
 * Documentation:  https://help.ubuntu.com
 * Management:     https://landscape.canonical.com
 * Support:        https://ubuntu.com/advantage
 
  System information as of Sun Mar  3 13:34:38 UTC 2019
 
  System load:  0.08              Processes:           83
  Usage of /:   5.3% of 19.32GB   Users logged in:     0
  Memory usage: 28%               IP address for eth0: 172.26.12.75
  Swap usage:   0%
 
  Get cloud support with Ubuntu Advantage Cloud Guest:
    http://www.ubuntu.com/business/services/cloud
 
0 packages can be updated.
0 updates are security updates.
 
The programs included with the Ubuntu system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
 
Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
applicable law.
 
To run a command as administrator (user "root"), use "sudo ".
See "man sudo_root" for details.
   

Notice the “Memory usage: 28%”.

1. Click the orange Clipboard icon.

2. Paste it in the form. Sample responses:

   From the command to list detail about hardware:

   lshw -short

   WARNING: you should run this program as super-user.
   H/W path    Device  Class      Description
   ==========================================
                    system     Computer
   /0                  bus        Motherboard
   /0/0                memory     479MiB System memory
   /0/1                processor  Intel(R) Xeon(R) CPU E5-2676 v3 @ 2.40GHz
   /0/100              bridge     440FX - 82441FX PMC [Natoma]
   /0/100/1            bridge     82371SB PIIX3 ISA [Natoma/Triton II]
   /0/100/1.1          storage    82371SB PIIX3 IDE [Natoma/Triton II]
   /0/100/1.3          bridge     82371AB/EB/MB PIIX4 ACPI
   /0/100/2            display    GD 5446
   /0/100/3            generic    Xen Platform Device
   /1          eth0    network    Ethernet interface
   WARNING: output may be incomplete or inaccurate, you should run this program as super-user
   

   From the command to get CPU statistics:

   lscpu

   Architecture:        x86_64
   CPU op-mode(s):      32-bit, 64-bit
   Byte Order:          Little Endian
   CPU(s):              1
   On-line CPU(s) list: 0
   Thread(s) per core:  1
   Core(s) per socket:  1
   Socket(s):           1
   NUMA node(s):        1
   Vendor ID:           GenuineIntel
   CPU family:          6
   Model:               63
   Model name:          Intel(R) Xeon(R) CPU E5-2676 v3 @ 2.40GHz
   Stepping:            2
   CPU MHz:             2400.026
   BogoMIPS:            4800.10
   Hypervisor vendor:   Xen
   Virtualization type: full
   L1d cache:           32K
   L1i cache:           32K
   L2 cache:            256K
   L3 cache:            30720K
   NUMA node0 CPU(s):   0
   Flags:               fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse
   36 clflush mmx fxsr sse sse2 ht syscall nx rdtscp lm constant_tsc rep_good nopl xtopology 
   cpuid pni pclmulqdq ssse3 fma cx16 pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_tim
   er aes xsave avx f16c rdrand hypervisor lahf_lm abm cpuid_fault invpcid_single pti fsgsbas
   e bmi1 avx2 smep bmi2 erms invpcid xsaveopt
   

   From the command to get VM statistics:

   vmstat

   procs -----------memory---------- ---swap-- -----io---- -system-- ------cpu-----
    r  b   swpd   free   buff  cache   si   so    bi    bo   in   cs us sy id wa st
    0  0      0  67232  30276 293508    0    0   215   438   24   59  1  0 98  0  1
   

   From the command to list free disk space:

   free -m

              total        used        free      shared  buff/cache   available
   Mem:            479          98          65           0         316         364
   Swap:             0           0           0
   

   From the command to get free RAM usage statistics:

   grep MemFree /proc/meminfo

   MemFree:           67232 kB
   

   Paste commands

   The following is not clear in the documentation:

3. Click on the orange clipboard icon at the bottom-right of the pop-up window.

4. Copy a command from below, such as these* to list memory by megabytes across the screen:

   free -m

   Alternately, to list details:

   vmstat -s

5. Paste the command in the text window that appears.
6. Right-click the Lightsail command window. The command doesn’t show up until you press Enter.
7. Cursor up to see the previous command.

Paste commands: Security

1. Highlight and copy (with command+C) a command you want to issue in the Lightsail terminal.

2. At the prompt, right-click to

3. On a Mac, hold down control and press C to escape any running command.

   To get the AWS RSA fingerprint, aka the instance ID, install the AWS CLI then the command:

   sudo apt install awscli 
   aws ec2 get-console-output --instance-id instance_id

   Alternately, to get the password (which is not needed if you’re using the pem file to login):

   cat bitnami_application_password

Monitor the instance

1. See Managing your Amazon Lightsail instance.

   https://www.binarytides.com/linux-commands-monitor-network/

   Delete the instance

2. Press command+Tab to switch to the Lightsail console.
3. Click the icon with the 3 veritical dots next to your instance, then select “Delete”.

Setup IP address

When using hard-coded scripts to verify the instance from the public internet, it’s easier to use a host name.

1. Press command+Tab to switch to the Lightsail Console.
2. Press the “Networking” tab.
3. TODO: Associate a host name you bought on Amazon Route 53 or set the A record for a free domain created on ???

Resources

“Lightsail Deep Dive” 10 hour video course from LinuxAcademy.com by Adrian Cantrill

• https://interactive.linuxacademy.com/diagrams/LightSailContinuum.html

• https://github.com/linuxacademy/aws-lightsail-deep-dive
• Scenario1 images for Wordpress
• Scenario2 shell scripts
• Scenario3 peering
• https://github.com/linuxacademy/aws-lightsail-deep-dive/tree/master/AdvancedLightsail/learning_activity_1

Docker

This Docker shell script “discourselaunch.sh”

curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add -
add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
apt-get -y update
apt-get install -y docker-ce
sudo usermod -aG docker ubuntu
mkdir /var/discourse
git clone https://github.com/discourse/discourse_docker.git /var/discourse

mongodbsetup.sh

# Connect to MongoDB
mongo admin --username root -p $(cat ./bitnami_application_password)
# Create a 'tasks' database
use tasks
# Create a Database user called tasks, with a password taskstasks and give it dbOwner rights
db.createUser(
    {
        user: "tasks",
        pwd: "tasks",
        roles: [ "dbOwner" ]
    }
)

CLI/lightsailpolicy.json

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "Stmt1482790463251",
      "Action": "lightsail:*",
      "Effect": "Allow",
      "Resource": "*"
    }
  ]
}

More on Amazon

This is one of a series on Amazon:

• AWS Cloud Services Comparisons
• AWS Well-Architected Cloud
• AWS Cloud Services

• AWS Certifications

• AWS IAM
• AWS CLI
• AWS On-boarding (GUI, CLI, API)
• AWS Security

• AWS Cognito

• AWS Data Tools
• AWS DevOps (CodeCommit, CodePipeline, CodeDeploy)
• AWS server deployment options

• AWS Cloud Formation IaS

• AWS CDK

• API Management by Amazon

• Build load-balanced servers in AWS EC2
• AWS Networking
• AWS Xray

• Cloud performance testing

• IoT on AWS

• MacOS on AWS

• AWS Lambda
• AWS Lambda

---