Manualshelf

User guide

ManualsBrandsAmazon ManualsTV5.0
21222324252627282930
7. Disable the Amazon EC2 cloud source/destination checking for this instance so it can act as a
router.
a. Right-click on the running EWS instance and choose "Change Source/Dest check".
b. Click on Yes, Disable.
8. Assign the elastic IP to this instance.
6.5. Starting instances in a cluster
6.5.1. EC2 clustering profiles
The JBoss Enterprise Application Platform AMIs provided by Red Hat feature two additional server
profiles called cluster_ec2 and mod_cluster-ec2.
They both feature the ability to form a cluster inside the EC2 environment where multicast is not
available. This is done by configuring JGroups to use only TCP unicast for cluster communication and
S3_PING as the discovery protocol.
Additionally mod_cluster-ec2 is pre-configured to easily register with mod_cluster proxies.
The following sections describe the additional setup required for S3_PING, clustering and mod_cluster.
6.5.2. VPC private subnet default route
Since JBoss Enterprise Application Platform cluster nodes will be run in the private subnet of the VPC,
but cluster nodes require Internet access for S3 connectivity, a default route needs to be set to go
through the NAT instance.
1. Navigate EWS instance in the Amazon AWS console.
2. Go to VPCroute tables and click on the routing table used by the private subnet.
3. In the field for a new route enter 0.0.0.0/0.
4. Click on "select a target" and choose "Enter Instance ID".
5. Choose the ID of the running EWS instance.
6.5.3. IAM setup
The S3_PING protocol, as suggested by its name, uses an S3 bucket to discover other cluster members.
The JGroups versions 2.6.x require Amazon AWS account access and secret keys to authenticate
against the S3 service. It is a security risk to enter your main account credentials in the user-data field,
store them online or in an AMI.
To circumvent this, a separate account can be created using the Amazon IAM feature which would be
only granted access to a single S3 bucket:
1. Go to the IAM tab in the AWS console.
2. Click on users and then "Create New Users".
3. Choose a name (jbosscluster, for example) and ensure the "Generate an access key
for each User" option is checked.
4. Click "Download credentials" and save them in a secure location.
5. Close the window and click on the newly created user.
6. In the summary tab you will see User ARN
(arn:aws:iam::05555555555:user/jbosscluster*, for example). Make a note of this because
Chapter 6. Launching clustered JBoss Enterprise Application Platform instances
19