You are viewing an historical archive of past issues. Please report new issues to the appropriate project issue tracker on GitHub.

Feature request #1440: Transition to Amazon EC2 (Elastic Compute Cloud)

Kind feature request
Product wincent.dev
When Created , updated
Status closed
Reporter Greg Hurrell
Tags no tags

Description

Will have to do the numbers on this but I suspect that moving to EC2 will bring my hosting costs down significantly. See:

Comments

  1. Greg Hurrell
  2. Greg Hurrell
  3. Greg Hurrell
  4. Greg Hurrell

    Pricing comparison

    Engine Yard Cloud

    Quoted prices do not include sales tax.

    • Minimum monthly usage fee: $25
    • Small instance: 1ECU, 1.7GB RAM, 160 GB (non-persistent) storage: $0.145/hour (approx $104.40/month)
    • Bandwidth: $0.10/GB inbound, $0.17/GB outbound
    • EBS storage: $0.10/GB + $0.10/million I/O accesses
    • S3 (EBS backups etc):
      • storage $0.15/GB
      • inbound data $0.10/GB
      • outbound data $0.17/GB
      • requests:
        • $0.01 per 1,000 PUT/COPY/POST/LIST requests
        • $0.01 per 10,000 GET requests

    Amazon

    All prices are in US zone.

    • Small instance:
      • "on-demand": $0.085/hour (approx $61.20/month)
      • reserved:
        • 1-year term: $227.50 up-front then $0.03/hour (approx $40.85/month)
        • 3-year term: $350 up-front then $0.03/hour (approx $31.62/month)
    • Bandwidth: $0.10/GB inbound, $0.17/GB outbound
    • EBS storage: $0.10/GB + $0.10/million I/O accesses
    • S3 (EBS backups etc):
      • storage $0.15/GB-month
      • requests:
        • $0.01 per 1,000 PUT requests
        • $0.01 per 10,000 GET requests
    • Elastic IP addresses: $0.01 per non-attached IP address per complete hour
    • Amazon RDS (database):
      • Small instance: $0.11/hour (approx $79.20/month)
      • Storage: $0.10/GB (minimum 5 GB, or $0.50/month) + $0.10/million I/O requests

    Rackspace Cloud

  5. Greg Hurrell

    This is an article on updating a DNS server when an instance is recreated and acquires a new dynamic IP.

    With Elastic IPs this isn't exactly relevant any more but one still needs to have some kind of DNS in place to resolve to that external IP; at this stage not sure if it is feasible to run a server (or servers) inside EC2 instances themselves, or whether an external paid service would be required, or if Amazon offers or sells DNS services.

  6. Greg Hurrell

    Email

    Looks like a common problem cropping up on the forums is sending email from EC2 instances.

    Amazon can't/won't set up reverse DNS lookups for Elastic IP addresses, so if you send mail from an instance there is a chance it might get rejected by a spam filter as the forward lookup (example.com mapping to 1.2.3.4) doesn't match up with the reverse lookup (1.2.3.4 mapping to something-ec2.amazon.com).

    One recommendation is to use an external service like this one from authsmtp.com (prices start at $24/year).

    Another possible idea is to set up your DNS so that your MX is set as "something-ec2.amazon.com", and your SPF TXT records specify where outgoing mail should be coming from for your domain.

    DNS

    Relatedly, on the idea of running your own DNS server in an instance: instances can only have one IP address, so you can't really put a primary and secondary name server on the same instance. It may be possible to point two external Elastic IPs at the same instance, I am not sure, although with the obvious reliability implications.

    An alternative would be to use an external DNS service like:

  7. anonymous

    More links (posting anonymously from another computer):

  8. anonymous

    More links:

  9. Greg Hurrell

    Pretty important info relevant to using authsmtp.com:

    Basically:

    Rather than deliver directly to the AuthSMTP mail server from your web app it’s a good idea to deliver to a local queueing mail server, which will forward via the AuthSMTP gateway. Your web app will deliver mail to localhost (or perhaps a dedicated instance if you prefer), port 25.

    This is important because you have a single username/password for AuthSMTP and you don't want to share that password among all your email account users. Instead, you want them to continue to connect to the SMTP server that you control, authenticating with their own usernames and passwords, and have that server relay through the AuthSMTP one.

    The article linked to above shows how it's done with Postfix and a /etc/postfix/main.cf which looks like this: 

    myhostname = www.YOURDOMAIN.com
mydomain = YOURDOMAIN.com
myorigin = $mydomain

smtpd_banner = $myhostname ESMTP $mail_name
biff = no
append_dot_mydomain = no

alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mydestination = localdomain, localhost, localhost.localdomain, localhost
mynetworks = 127.0.0.0/8
mailbox_size_limit = 0
recipient_delimiter = +

# SECURITY NOTE: Listening on all interfaces. Make sure your firewall is
# configured correctly
inet_interfaces = all

relayhost = [mail.authsmtp.com]
smtp_connection_cache_destinations = mail.authsmtp.com
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = static:YOUR_AUTHSMPT_USER_ID:YOUR_AUTHSMTP_PW
smtp_sasl_security_options = noanonymous

default_destination_concurrency_limit = 4

soft_bounce = yes
  10. Greg Hurrell

    See also:

    This is what they say:

    Edit /etc/ssmtp/ssmtp.conf (a config file for ssmtp sendmail) and make it look like the following: 

    mailhub=mail.authsmtp.com:2525

    Where will the mail seem to come from? Replace me with the hostname you want email to come from: 

    rewriteDomain=example.com

    Set FromLineOverride to make the the "From:" use the from line from the envelope. The only exception is if no from line is given. 

    FromLineOverride=YES

    Use SSL/TLS to send secure messages to server:

    UseSTARTTLS=YES

    Make sure that this isn't UseTLS=YES. If you're getting errors like: 

    SSL connection to host = Success, Cannot open mail.authsmtp.com:2525

    then you have the wrong variable. UseTLS doesn't work with authsmtp, only UseSTARTTLS does.

    Add your own user/pass here:

    AuthUser=username
AuthPass=password
AuthMethod=DIGEST-MD5

    Set your action mailer setting in RAILS_ROOT/config/environment.rb (or an env specific env file if you prefer) 

    ActionMailer::Base.delivery_method = :sendmail

    Ensure permissions on the three files above (/etc/ssmtp/ssmtp.conf, /usr/sbin/ssmtp, /usr/bin/sendmail) are properly set: 

    $ sudo chmod +x /usr/sbin/ssmtp /usr/bin/sendmail
$ sudo chown username:username /etc/ssmtp/ssmtp.conf

    (where username is the name of your SSH user you logged into your instance with) And that's it! You can now send emails from your app via your SMTP relay.

  11. Greg Hurrell

    Article describing how to transition from Sendmail to sSMTP:

  12. Greg Hurrell

    Instructions for Sendmail:

  13. Greg Hurrell

    Turns out to be pretty easy. Added this to /etc/mail/sendmail.mc: 

    define(`SMART_HOST', `mail.authsmtp.com')dnl
FEATURE(`authinfo', `hash /etc/mail/authinfo')dnl

    Created root-owned, not-world-readable /etc/mail/sendmail.mc containing: 

    AuthInfo:mail.authsmtp.com "U:username" "P:password" "M:DIGEST-MD5"

    Rebuild config files and restart Sendmail: 

    # cd /etc/mail
# make
# service sendmail restart

    Domains listed in /etc/mail/local-host-names will be delivered locally rather than relayed through the "smarthost".

  14. Greg Hurrell

    Status changed:

    • From: new
    • To: closed
Add a comment

Comments are now closed for this issue.

Menu