[SSL Observatory] Using the SSL Observatory in the cloud
Peter Eckersley
pde at eff.org
Wed Mar 2 14:53:42 PST 2011
This is a draft HOWTO for accessing and analysing SSL Observatory data using
Amazon EC2. Feedback or corrections are appreciated.
1. Make an EC2 account:
http://aws.amazon.com/ec2
2. Make a copy of the EBS snapshot that contains our data
https://console.aws.amazon.com/ec2/home#s=Snapshots
select Viewing: "Public Snapshots"
search for: snap-9010a2fc
select the snapshot and click "Create Volume".
You'll need to choose which data center to work in. Virginia is a bit
cheaper than other parts of the world.
3. Create a virtual machine instance for yourself. The available list of
systems and hourly prices is here:
http://aws.amazon.com/ec2/
http://aws.amazon.com/ec2/pricing/
EC2 images come in odd sizes. For queries over the valid_certs table
you'll probably get good performance with ~8GB of RAM. For queries over
all_certs 17GB *might* suffice; but 34GB is safer.
We've mostly been using "spot instances" which are noticeably cheaper but
have the possibility of disappearing if the price spikes above your bid.
Or you can pay more to avoid that possibility.
We've been using the following "Community AMI" virtual machine image for our work:
alestic-64/debian-6.0-squeeze-base-64-20090804.manifest.xml
ami-2946a740
Conceivably you could use any of the linux images provided it can mount JFS
filesystems.
Make sure you put your volume in the same data center that you selected in
step 2.
Along the way you'll make an SSH key that you can use to log in to this
system. With the debian image you log in as root. The IP address is
visible under Amazon's "Instances" menu.
4. Attach your volume to your virtual machine:
https://console.aws.amazon.com/ec2/home#s=Volumes
I'm going to assume you attach it as /dev/sdf
5. Log in to your virtual machine.
mkdir /space
mount /dev/sdf1 /space
cd /space
./setup-script
You will be asked a question about language settings. en_US-UTF8 works.
You will be asked to set the msyql root user password. Set it to "root"
(or change dbconnect.py and obsdb to match your alternative password).
Now you can run "obsdb"
--
Peter Eckersley pde at eff.org
Senior Staff Technologist Tel +1 415 436 9333 x131
Electronic Frontier Foundation Fax +1 415 436 9993
More information about the Observatory
mailing list