Serendipitous

About

Flower on EC2

July 08, 2010

Flower EC2 AMI Available

Here is a current shot of the Flower console:

Flower Console

Flower Console

I've made an EC2 AMI of the Analysis Server available on Amazon's AWS. If you'd like to try the system out and already have EC2 configured, follow these instructions:

  • Configure a security group that allows ports 22/tcp, 8080/tcp, and 9995/udp
  • Create an EC2 instance of ami-3857bf51; the command I use is (my security group is called "appserver"):
ec2-run-instances -g appserver ami-3857bf51
  • Once loaded, log in via SSH and start the Flower server (all passwords are set to "flower" by default):
asadmin start-domain flower
  • Use http://app.jdthomas.net to log in to your server; in the server field, enter "http://[EC2 IP Address]:8080" and both the username and password are "flower" - just hit [Enter] on any field to submit the form (there is no button)

Of course, app.jdthomas.net will need access to your EC2 system on port 8080/tcp (it uses JAX-WS to access and present your data to you), so if you lock things down be sure to account for that. HTTPS works, but you'll need to configure and use a valid certificate on your EC2 system.

You can now configure your NetFlow exporters to send to the IP address of your EC2 instance on UDP port 9995 (version 9 only). I use softflowd on a couple of Debian systems with this command:

softflowd -i eth0 -n [EC2 IP Address]:9995 -p /var/run/sfd.pid.ec2 -c /var/run/sfd.ctl.ec2 -v 9

Configure your server using the "Manage" menu in the web application. Be sure to add networks (use CIDR addressing like 192.168.1.0/24) and users. Specified networks are required for the map, but area charts and flow tables will work without any networks specified.

E-mail me at justin@jdthomas.net with any questions! There are lots and lots of bugs and missing features, but I'll get to them over the coming months.

UPDATE: I made a few changes tonight to improve the Visualization server configuration; the URL is now http://app.jdthomas.net (this will redirect you to an SSL site of the same base but with a longer path). I've made that change in the text above as well.