Currently viewing the tag: "Linux"

I’ve come across the issue several times recently, where the Amazon Web Services (AWS) Management Console does not allow you to register instances on more than one Elastic Load Balancer (ELB).

The key to getting around this issue is to use the ELB API tools after creating an ELB (whether it be through the management console or through the EC2 API).

Step #1: Install the Amazon ELB API Tools

If you do not already have the Amazon ELB API tools installed and your shell environment setup, you can grab them from Amazon using the resources below:

»Elastic Load Balancing API Tools Download

»Elastic Load Balancing Documentation

Step #2: Gather Required Instance Parameters

Once you have downloaded the ELB API tools and have your environment setup correctly, the next step is to identify the parameters needed to register the AMI(s) to the ELB. These instructions presume you have a Linux or UNIX terminal shell.

First, run the following command to list the active ELB’s:

The second column of the command output will be used to for the ELB target variable “–lb”. In order to register instances to ELB’s, we will need the following information to construct the API call (using elb-register-instances-with-lb):

You can use the Amazon EC2 API tools to gather the instance ID(s) and the region information for the instances or use the AWS Management Console to do so. Take note of the option syntax in the –instances parameter, if you plan to register multiple instances to the ELB.

Once you have these parameters in place, use the following command to register the instances with the ELB:

After running the above command, you should see the newly registered instance ID’s listed in the stdout on your terminal screen.

Step #3: Enable Availability Zones for the ELB

The final step in the process is to assess which availability zones your newly added instances are located in. If for example they are spanned across multiple availability zones, you can ensure the ELB will server them all as shown in the following example:

Repeat the above steps to add instances to additional ELB’s as needed. You can then verify with either the Amazon EC2 API tools or with the Management Console that, in fact, your multiple ELB’s are load balancing the instances.

Splunk is probably one of the greatest IT tools of all time. It is a robust monitoring and reporting tool that can index just about any type of data from several types of data inputs.

There is a free license version of the Splunk software that has a few limitations in comparison to the enterprise licensed version; one of the limitations is the inability to perform a basic method of user and password authentication (or even the full scope of PAM authentication methods). We can fix this easily with a small and lightweight installation of the freely available Nginx web server software.

For this guide, I will demonstrate the process using methods using Linux for the Splunk deployment. I will not go into the details of how to install Splunk, and will presume a prexisting installation exists.


How it Works

Below is a diagram showing the communication between the client connecting to Splunk, running on the host “splunkbox”:

Nginx Splunk Proxy

Nginx will proxy all requests on port SSL 443 for https://splunkbox/splunk to the Splunk instance (running on the same server), listening only on Any attempts to bypass the authentication mechanism we configure (by making direct requests to splunkbox:8000) will be denied.


Step #1: Getting the Required Software

Your have the options of installing Nginx through your distribution or from source. If choosing a source compile, make sure you grab it from the official Nginx download page.


Step #2: Configuring Splunk

We start this process by editing the Splunk web.conf, to add the settings we need for it to run on locahost and for proxy configuration:

Once the web.conf file looks like the above, restart Splunk with the following command:

Splunk should now bind to localhost only and be set for accepting proxy requests (it’s a good idea to confirm that it is listening only on localhost with the netstat command).


Step #3: Nginx Configuration

This step will presume that you with to use SSL for the configuration and have properly generated the needed SSL certificates (if you do not have certificates already, refer to the Openssl documentation on how to generate a self-signed certificate). In this section we will edit the nginx.conf directly, and not cover how to setup seperate virtual host configuration files for the sake of simplicity:

Next we create our password file for the authentication. From the Nginx documentation:

Passwords must be encoded by function crypt(3). You can create the password file with the htpasswd program from Apache.” If you do not have apache2-utils installed, see man 3 crypt on how to generate this. htpasswd -c /etc/nginx/nginx.passwd username; (prompted to enter password twice)

Now we can start Nginx with the command “nginx” from a terminal (and now would be a good time to read the Nginx man page).


Step #4: Testing the Proxy

Assuming that the nginx binary is running, and listening on the correct port, open up a browser and navigate to https://splunkbox/splunk. You should be prompted for the username and password as set in the above configuration. Once you are authenticated, you should see the Splunk interface.