US AMI Details

AMI ID :	ami-f2bf5c9b
AMI Manifest :	sun-opensolaris-2009-06/drupal_amp_stack_hardened_opensolaris_2009.06_32_1.0.img.manifest.xml
AKI / ARI ID:	aki-1783627e / ari-9d6889f4
License :	Public

US AMI Details:

AMI ID :	ami-e0b05389
AMI Manifest :	sun-opensolaris-2009-06/amp_stack_hardened_opensolaris_2009.06_32_1.1.img.manifest.xml
AKI / ARI ID:	aki-1783627e / ari-9d6889f4
License :	Public

bash # export EC2_URL="https://eu-west-1.ec2.amazonaws.com"
bash # export LOCATION="EU"

US AMI Details

AMI ID :	ami-48c32021
AMI Manifest :	sun-opensolaris-2009-06/ISC_hardened_opensolaris_2009.06_32_V_1.1.img.manifest.xml
AKI / ARI ID:	aki-1783627e / ari-9d6889f4
License :	Public

bash # export EC2_URL="https://eu-west-1.ec2.amazonaws.com"
bash # export LOCATION="EU"

Previously we posted a blog entry titled “OpenSolaris supports EBS - provides capability to create ZFS” that explains how to use the Amazon's Elastic Block Storage with OpenSolaris EC2 instances. This document combines the EBS with OpenSolaris ZFS technology. While we tried to cover the details needed but there a few questions have been asked several times. In this entry, I will try to explain those details and feel free to ask more questions so we can make it as clear as possible:

• When an EBS device is attached to OpenSolaris instance, how do I identify these drives from within the instance?
• Can I use some automated scripts to mount these EBS devices during the instance startup ? is this answered last (below)?
• Why do I sometimes detach/attach being not successful ?

I will answer these questions in following sections.

When a disk is attached to an OpenSolaris instance it can be viewed in number of ways and the simplest one is to use the format(1M) command. Following is the output of the format command on a default OpenSolaris EC2 instance (without any EBS device being attached) :

root@domU-12-31-39-00-50-A7:~# format

Searching for disks...done

AVAILABLE DISK SELECTIONS:

0. c7d0 <DEFAULT cyl 1274 alt 0 hd 255 sec 63>

/xpvd/xdf@0

1. c7d1 <DEFAULT cyl 19464 alt 0 hd 255 sec 63>

/xpvd/xdf@1

Specify disk (enter its number):

What this tells us is there are two default disks wwhere the controller is 7 and disk is 0(c7d0) and 1(c7d1). It is important to note that this is an OpenSolaris 2009.06 AMI and any AMI which is based on this should have the same controller number. For different OpenSolaris versions the controller number may change and the Getting Started Guide or the format command can be referred to get this information. Any further disk attachment through EBS commands (ec2-attach-volume) will have the same controller ID and a new disk id which will change based on the argument we give to this command. So far it can be easily assumed that -d (a unique number greater than 1) will result in an EBS device appearing as below with the format command within the EC2 instance:

c7d<decimal value of <<a unique number greater than 1> treated as hex number>

eg.

$ ec2-attach-volume vol-63d6250a -d 3 -i i-cf65b5a7

will result in:

c7d3 <DEFAULT cyl 2048 alt 0 hd 128 sec 32>

/xpvd/xdf@3

And so a command like this will result in the following:

$ ec2-attach-volume vol-63d6250a -d 10 -i i-cf65b5a7

will result in:

c7d16 <DEFAULT cyl 2048 alt 0 hd 128 sec 32>

/xpvd/xdf@3

Now if the disk number is already assigned and you try to do that again, it will result in following error:

$ ec2-detach-volume vol-63d6250a -d 2 -i i-cf65b5a7

Client.InvalidAttachment.NotFound: The volume 'vol-63d6250a' is not attached to instance 'i-cf65b5a7' as device '2'.

So it must be unique and unused number.

Also, for detaching a mounted ZFS or regular UFS? file system, we will have to do few things before we can do a clean detach:

For the EBS volumes that is part of ZFS we have to do the following:

Shutdown all applications that are running on top of the ZFS pool.
Export the ZFS pools with:
$ zpool export pool_name
Detach the EBS volumes from the ECS instance.
Also clean up devices with:
$ devfsadm -C -v

For regular UFS? mounted file systems using the newfs(1M) and mount(1M) commands:

Unmount the mounted volume:

$ umount /ebs-vol

Also clean up devices with:
$ devfsadm -C -v

We are very happy to announce the availability of the latest Drupal with AMP Stack AMI on Amazon EC2 in the European Region. This AMI is based on the OpenSolaris 2008.11 base AMI US AMI and does not need registration.

Following are the details of this new AMI:

Drupal with AMP Stack Hardened OpenSolaris 2008.11 32-bit AMI:

ami-d8614aac aki-661c3412 / ari-601c3414

Manifest: hardened_2008.11_32_AMP_Drupal_V1.1.img.manifest.xml

To run this AMI in Europe, change the following environment variables before launching the AMI:

EC2_URL="https://eu-west-1.ec2.amazonaws.com"
LOCATION="EU"

The other env variables remain the same.

NOTE:  a unique <your-keypair-name> must be generated for each region before launching an AMI.(Use ec2-add-keypair <name> > keypairfile after setting the above env variables).

As many of you have requested about how to create and manage Solaris zones/container within an instance of OpenSolaris running in Amazon EC2 environment. Our team member Sean O'Dell was able to put together a series of blog:

• Running OpenSolaris and Zones in the Amazon Cloud - Part 1

which will guide you through step by step instruction on how to create Solaris Zones in an OpenSolaris instance running in EC2. This brings in the best of virtualization features of OpenSolaris in the EC2 environment. If you have used the zones before you may be aware that there are virtually no cost of running zones on OpenSolaris.

We welcome your feedback and comment, if you have any problem following the blog please let us know so we can make it more clear.

AMI ID:	ami-d9ee0eb0
AMI Manifest:	sun-opensolaris-2008-11-hardened/hardened_2008.11_32_AMP_Drupal_V1.1.img.manifest.xml
AKI/ARI ID:	aki-6552b60c / ari-6452b60d
License:	Public

Description:

Sun Microsystems Inc. is pleased to announce the release of Drupal AMI with AMP Stack based on Hardened OpenSolaris 2008.11 AMI on Amazon EC2's cloud computing service. 

This 32-bit AMI gives you the power and security of OpenSolaris combined with the flexibility of Amazon's cloud computing service, and is optimized for Amazon EC2's cloud computing environment.

Following components are included in the AMI.

• Drupal 6.10 (pre-configured state) 
• Apache 2.2, MySQL 5.0 
• PHP 5.2 (along with extensions like APC, DTrace, Suhosin, Memcache) runtime 
• phpMyAdmin for administering the MySQL data base
• OpenSolaris AMI Hardening update.  For Hardening Details, please visit  http://wikis.sun.com/display/ISC/OpenSolaris+AMI+Hardening

Configurations:

• Drupal (bundled within this AMI in pre-configured state) is available under location /var/drupal-6.10

• Drupal specific configuration for Apache Web Server is available within /etc/apache2/2.2/conf.d/drupal.conf.

• Users can launch and configure Drupal by accessing http://<DNS name associated with the instance> in their browser.

• Apache and MySQL services are pre-configured to start on boot.

• If you would like to use phpMyAdmin, you will need to do the following:

                  # cp /etc/apache2/2.2/samples-conf.d/phpmyadmin.conf /etc/apache2/2.2/conf.d/

                  # svcadm restart http:apache22

• Drupal recommends having a database protected with a valid user name and password to be created on the system before configuring Drupal. Hence, users are advised to either use 'ssh' to login to your AMI or phpMyAdmin to create such database before proceeding to configuring Drupal.

• DTrace probes are available within Apache and PHP runtime. Sample Dtrace scripts are available under /opt/DTT/

For more details on security information and image usage instructions, please refer to the '/root/ec2sun/
README' file.

AMP Stack File Layouts

	Apache	PHP	MySQL
Binary Runtime Files	/usr/apache2/2.2/bin	/usr/php/5.2/bin	/usr/mysql/5.0/bin
Configuration Files	/etc/apache2/2.2	/etc/php/5.2	/etc/mysql/5.0
Web Documents / Data Files	/var/apache2/2.2	/var/php/5.2	/var/mysql/5.0

Administering AMP Stack

Command	Apache	MySQL
Start Service	svcadm enable http:apache22	svcadm enable mysql:version_50
Stop Service	svcadm disable http:apache22	svcadm disable mysql:version_50
Restart Service	svcadm restart http:apache22	svcadm restart mysql:version_50

You can reset MySQL 'root'password by running following command:

# /usr/mysql/5.0/bin/mysqladmin -u root -p password '<MySQL password>'

It is highly recommended to secure your MySQL database by following the guidelines mentioned within the MySQL 5 database documentation:

The root file system is ZFS in this AMI and includes the pre-installed packages and tools necessary to get started with using OpenSolaris on Amazon EC2. You can obtain more details about the OpenSolaris project at http://www.opensolaris.org.

Also, just like in our previous AMIs, the "pkg image-update" command updates the kernel and ramdisk which is not allowed in Amazon EC2. Therefore, in order to prevent your instances from becoming non-compatible with the Amazon EC2 environment, we have disabled this command.

More details including re-bundling instructions can be found in the Getting Started Guide. 

Support:

For technical support during the Beta period, please contact ec2­-solaris­-support[AT]SUN[DOT]COM.

Please check OpenSolaris on Amazon EC2 blog for latest updates and new information about OpenSolaris AMIs.

The "OpenSolaris on Amazon EC2 Getting Started Guide" is located at:
http://www.sun.com/third-party/global/amazon/Sun_AmazonEC2_GettingStartedGuide.pdf

Register for OpenSolaris AMIs here.

AMI ID:	ami-8b01e0e2
AMI Manifest:	sun-osol-2008-11/sgcsv1.5-opensolaris-2008.11.img.manifest.xml
License:	Public

Sun GlassFish Communications Server is a Java EE technology-based converged application server combining enterprise service-oriented architecture (SOA) and Web services capabilities with Session Initiation Protocol (SIP) servlets.

This 32bit AMI is based on OpenSolaris 2008.11 AMI.

This AMI has Sun GlassFish Communication Server and MySQL pre-installed and pre-configured as services. So when the image comes up, you have a running server. All it needs is your service/application.

When the AMI instance is up and running, you can access the administration server using
http://Public-DNS-address-of-instance:4848

For your convenience, as database connection pool and JDBC resource has been configured in SailFin.You can see it under JDBC Resources in the Admnin console. Ping the Connection pool named mysql and it should be successful. Now run your usual asadmin scripts that deploy the service to the SailFin.

Configurations:

• Sailfin installation directory: /opt/sailfin
• MySQL databse name: sailfin As MySQL service need to be running for sailfin operation the sailfin service has a dependancy on mysql services and also sailfin has been declared as dependant on mysql in mysql SMF configuration.
• JDBC resources has been creted to used with "sailfin" database.

You can enable the service management facility(SMF) for sailfin by running the command:
#svcadm enable domain1

You can check the status of the sailfin service by running the command:
#svcs | grep domain1

You can disable the sailfin service by running the command as root:
#svcadm disable domain1

You can restart the service management facility(SMF) for sailfin by running the command:
#svcadm restart domain1

For security information and other details on how to work with this AMI, you can look at the README files located at

/root/ec2sun/sailfin.README
/root/ec2sun/mysql.README
/root/ec2sun/sysbench.README
/root/ec2sun/DTrace.README

Documentation:

• http://blogs.sun.com/sduv/entry/using_sailfin_in_the_amazon
• https://sailfin.dev.java.net/
• For general questions on OpenSolaris, please visit OpenSolaris on Amazon EC2 Getting Started Guide:
  http://www.sun.com/third-party/global/amazon/Sun_AmazonEC2_GettingStartedGuide.pdf

Support

• Register at http://www.sun.com/third-party/global/amazon/ to receive latest news on OpenSolaris AMIs
• For technical support during Beta period, please send emails to ec2-solaris-support[AT]SUN[DOT]COM.

OpenSolaris AMI License for Amazon EC2

http://www.sun.com/third-party/global/amazon/license/ami/

OpenSolaris and MySQL are trademarks or registered trademarks of Sun Microsystems, Inc. or its subsidiaries in the US and other countries.

AMI ID:	ami-e56e8f8c
AMI Manifest:	sun-opensolaris-2009-06/hardened_opensolaris_2009.06_32_1.2.img.manifest.xml
AKI/ARI ID:	aki-1783627e / ari-9d6889f4
License:	Public

Description:

Sun Microsystems Inc. is pleased to announce the release of Hardened OpenSolaris 2009.06 on Amazon EC2's cloud computing service. This 32-bit AMI gives you the power and security of OpenSolaris combined with the flexibility of Amazon's cloud computing service, and is optimized for Amazon EC2's cloud computing environment.

The OpenSolaris system configuration has been adjusted to comply with the recommendations published by Sun and the Center for Internet Security, a non-profit organization chartered to develop and encourage widespread use of security configuration benchmarks developed through a global consensus process involving participants from academia, industry and government. 

Working together for more than six years, Sun and the Center for Internet Security have consistently developed best-in-class, supportable and complete security hardening guidance for the Solaris operating system.

The latest version developed for the Solaris 10 operating system was completed with substantial contributions from Sun, CIS, the U.S. National Security Agency (NSA), as well as the U.S. Defense Information Systems Agency (DISA).

Building upon this foundation, Sun and the Center for Internet Security collaborated to adapt the security recommendations published in the Solaris 10 Benchmark to the OpenSolaris operating system and document those changes specific to virtual machine images such as those available on Amazon EC2. 

All of the specific changes made to the base OpenSolaris 2009.06 AMI are discussed on the Sun OpenSolaris AMI Hardening Wiki : http://wikis.sun.com/display/ISC/OpenSolaris+Security+Hardening

For more information on the Center for Internet Security's Solaris 10 Benchmark, see:
http://www.cisecurity.org/bench_solaris.html

New features introduced with this latest release of Hardened Security AMI are "Encrypted swap memory" and "auditing".

More information on "Encrypted Swap Memory" feature is available at
http://blogs.sun.com/gbrunett/entry/encrypted_swap_in_opensolaris_2009 

This project is affiliated with the Immutable Service Container project whose goal is to develop security reinforced virtual machine images. The Immutable Service Container project developed the code used by this AMI to implement hardening, encrypted swap and auditing.  Additional information regarding Immutable Service Containers can be found at:
http://kenai.com/projects/isc/pages/OpenSolaris

The root file system is ZFS in this AMI and includes the pre-installed packages and tools necessary to get started with using OpenSolaris on Amazon EC2. You can obtain more details about the OpenSolaris project at http://www.opensolaris.org.

Also, just like in our previous AMIs, the "pkg image-update" command updates the kernel and ramdisk which is not allowed in Amazon EC2. Therefore, in order to prevent your instances from becoming non-compatible with the Amazon EC2 environment, we have disabled this command.

More details including re-bundling instructions can be found in the Getting Started Guide.

Rebundling Changes:

 You must disable auditing during re-bundling. You can execute following commands in your clean up tasks before executing "ec2-bundle-image" command.

bash # audit -t
bash # > /var/log/auditlog
bash # rm -f /var/audit/*

 As you can see we have introduced the new ARI (ari-9d6889f4) with this AMI, make sure you use the correct ARI with the "ec2-bundle-image" command as given below.

bash # ec2-bundle-image -c $EC2_CERT -k $EC2_PRIVATE_KEY \
 --kernel aki-1783627e --ramdisk ari-9d6889f4 \
 --block-device-mapping "root=rpool/56@0,ami=0,ephemeral0=1" \
 --user <userid> --arch i386 \
 -i $DIRECTORY/$IMAGE -d $DIRECTORY/parts

You can restart the audit daemon on the instance where you disabled it temporarily for re-bundling with following command.

bash # audit -s

Support:

• For technical support during the Beta period, please contact ec2­-solaris­-support[AT]SUN[DOT]COM.
• Please check OpenSolaris on Amazon EC2 blog for latest updates and new information about OpenSolaris AMIs.
• The "OpenSolaris on Amazon EC2 Getting Started Guide" is located at:
  http://www.sun.com/third-party/global/amazon/Sun_AmazonEC2_GettingStartedGuide.pdf
• Register for OpenSolaris AMIs here.

Sun Microsystems Inc. is pleased to announce the new release OpenSolaris 2009.06 on Amazon EC2's cloud computing service. This 32-bit AMI gives you the power and security of OpenSolaris combined with the flexibility of Amazon's cloud computing service, and is optimized for for Amazon EC2's cloud computing environment.

AMI ID:	ami-8f30d1e6
AMI Manifest:	sun-opensolaris-2009-06/opensolaris_2009.06_32_6.1.img.manifest.xml
AKI/ARI ID:	aki-1783627e / ari-858362ec
License:	Public

Description:

OpenSolaris 2009.06 is the latest release of the OpenSolaris Operating System, a powerful and complete operating environment for users. developers and deployers. OpenSolaris prides itself on being a secure, stable, and highly scalable system. The OpenSolaris OS is open source software, and freely re-distributable and provides all the tools users expect from a modern computing environment both installed by default and available on our online network package repositories.

Information on "What's new in OpenSolaris 2009.06" is available at
http://www.opensolaris.com/learn/features/whats-new/200906/

The root file system is ZFS in this AMI and includes the pre-installed packages and tools necessary to get started with using OpenSolaris on Amazon EC2. You can obtain more details about the OpenSolaris project at http://www.opensolaris.org.

Also, just like in our previous AMIs, the "pkg image-update" command updates the kernel and ramdisk which is not allowed in Amazon EC2. Therefore, in order to prevent your instances from becoming non-compatible with the Amazon EC2 environment, we have disabled this command.

The "Getting Started Guide" has been updated with instructions for Re-bundling OpenSolaris 2009.06 based 32-bit AMI on Amazon EC2.

Rebundling Changes:

For new 32-bit OpenSolaris 2009.06 AMI re-bundling use following "ec2-bundle-image" command. For more detail look into the Getting Started Guide (Page 10).

ec2-bundle-image -c $EC2_CERT -k $EC2_PRIVATE_KEY   \
  --kernel aki-1783627e --ramdisk ari-858362ec \
  --block-device-mapping "root=rpool/56@0,ami=0,ephemeral0=1" \
  --user <user-id> --arch i386 \
  -i $DIRECTORY/$IMAGE -d $DIRECTORY/parts

IMPORTANT NOTICE:  AMI Refresh of OpenSolaris 2009.06 32-bit on Amazon EC2

After the launch of the OpenSolaris 2009.06 32-bit AMI (AMI ID ami-4133d528) at the beginning of June, an infrequent launch hang upon AMI startup was discovered.  This issue has been submitted as CR 6840704 and has been fixed in an AMI Refresh.

New launches of the old OpenSolaris 2009.06 AMI (ami-4133d528) will be disabled and current users will still be able to use the old ari and aki (aki-b128ced8 / ari-d336d0ba) with their rebundled AMI based on ami-4133d528.

Support:

For technical support during the Beta period, please contact ec2­-solaris­-support[AT]SUN[DOT]COM.

Please check OpenSolaris on Amazon EC2 blog for latest updates and new information about OpenSolaris AMIs.

The "OpenSolaris on Amazon EC2 Getting Started Guide" is located at:
http://www.sun.com/third-party/global/amazon/Sun_AmazonEC2_GettingStartedGuide.pdf

Register for OpenSolaris AMIs here. 

Sun Microsystems Inc. is pleased to announce the release of 64-bit OpenSolaris 2009.06 base AMI On Amazon EC2's cloud computing service. This 64-bit AMI gives you the power and security of OpenSolaris combined with the flexibility of Amazon's cloud computing service, and is optimized for for EC2's cloud computing environment.

AMI Details:

AMI ID:	ami-9903e2f0
AMI Menifest:	sun-opensolaris-2009-06/opensolaris_2009.06_64_6.1.img.manifest.xml
AKI/ARI ID:	aki-fb3ddc92 / ari-fd3ddc94

This AMI supports 64-bit Instance sizes including m1.large (Large Instance Type), m1.xlarge (Extra Large Instance Type) and c1.xlarge (High CPU Extra Large Instance Type).

For more details on these instance types visit

• http://docs.amazonwebservices.com/AWSEC2/latest/DeveloperGuide/index.html?instance-types.html

• http://aws.amazon.com/ec2/instance-types/

To run the AMI with Large Instance type, execute following command.
ec2-run-instances ami-9903e2f0 -k <your-keypair> --instance-type m1.large

To run the AMI with Extra Large Instance type, execute following command.
ec2-run-instances ami-9903e2f0 -k <your-keypair> --instance-type m1.xlarge

To run the AMI with High CPU Extra Large Instance type, execute following command.
ec2-run-instances ami-9903e2f0 -k <your-keypair> --instance-type c1.xlarge

For OpenSolaris 2009.06 32bit base AMI, Please see
http://blogs.sun.com/ec2/entry/opensolaris_2009_06_on_amazon

For Other AMIs provided by Sun Microsystems, Please see
http://blogs.sun.com/ec2/entry/opensolaris_based_ami_catalog_on

Configuring Swap Memory

OpenSolaris 2009.06 64-bit AMI Instance comes with default 1 GB of swap memory.
Follow below given steps to increase the swap memory size by 15gb.

# zfs create -V 15g mnt/swap
# swap -a /dev/zvol/dsk/mnt/swap

You can make this change permanent by changing the lines for swap in “/etc/vfstab” file.
change “/dev/zvol/dsk/rpool/swap” to “/dev/zvol/dsk/mnt/swap” and save the file.

Finally Reboot the instance.

64-bit AMI Rebundling Changes:

For 64-bit OpenSolaris 2009.06 AMI re-bundling use following "ec2-bundle-image" command. For more detail look into the Getting Started Guide (Page 10).

ec2-bundle-image -c $EC2_CERT -k $EC2_PRIVATE_KEY   \
  --kernel aki-fb3ddc92 --ramdisk ari-fd3ddc94 \
  --block-device-mapping "root=rpool/56@0,ami=0,ephemeral0=1,ephemeral1=2,ephemeral2=3,ephemeral3=4" \
  --user <user-id> --arch x86_64 \
  -i $DIRECTORY/$IMAGE -d $DIRECTORY/parts

Support:

• For technical support during Beta period, please contact ec2-solaris-support[AT]SUN[DOT]COM.
• Please check OpenSolaris on Amazon EC2 blog for latest updates and new information about OpenSolaris AMIs.
• The "OpenSolaris on Amazon EC2 Getting Started Guide" is located at:
  http://www.sun.com/third-party/global/amazon/Sun_AmazonEC2_GettingStartedGuide.pdf
• Register for OpenSolaris AMIs here.

AMI ID: ami-9df312f4 AMI Manifest: sun-osol-2008-11/sailfinv2-opensolaris-2008.11.img.manifest.xml License: Public

These 32bit AMI is based on OpenSolaris 2008.11 AMI.

Project SailFin is based on robust and scalable SIP servlets technology on top of a deployment-quality, Java EE-based GlassFish.It is JSR 289 compliant, and provide high- availability and clustering features, while integrating with existing GlassFish services.

This AMI has SailFin and MySQL pre-installed and pre-configured as services. So when the image comes up, you have a running server. All it needs is your service/application.

When the AMI instance is up and running, you can access the administration server using
http://Public-DNS-address-of-instance:4848

For your convenience, as database connection pool and JDBC resource has been configured in SailFin.You can see it under JDBC Resources in the Admnin console. Ping the Connection pool named mysql and it should be successful. Now run your usual asadmin scripts that deploy the service to the SailFin.

Configurations:

• Sailfin installation directory: /opt/sailfin
• MySQL databse name: sailfin As MySQL service need to be running for sailfin operation the sailfin service has a dependancy on mysql services and also sailfin has been declared as dependant on mysql in mysql SMF configuration.
• JDBC resources has been creted to used with "sailfin" database.

You can enable the service management facility(SMF) for sailfin by running the command:
#svcadm enable domain1

You can check the status of the sailfin service by running the command:
#svcs | grep domain1

You can disable the sailfin service by running the command as root:
#svcadm disable domain1

You can restart the service management facility(SMF) for sailfin by running the command:
#svcadm restart domain1

For security information and other details on how to work with this AMI, you can look at the README files located at

/root/ec2sun/sailfin.README
/root/ec2sun/mysql.README
/root/ec2sun/sysbench.README
/root/ec2sun/DTrace.README

Documentation:

• http://blogs.sun.com/sduv/entry/using_sailfin_in_the_amazon
• https://sailfin.dev.java.net/
• For general questions on OpenSolaris, please visit OpenSolaris on Amazon EC2 Getting Started Guide:
  http://www.sun.com/third-party/global/amazon/Sun_AmazonEC2_GettingStartedGuide.pdf

Support

• Register at http://www.sun.com/third-party/global/amazon/ to receive latest news on OpenSolaris AMIs
• For technical support during Beta period, please send emails to ec2-solaris-support[AT]SUN[DOT]COM.

OpenSolaris AMI License for Amazon EC2

http://www.sun.com/third-party/global/amazon/license/ami/

OpenSolaris and MySQL are trademarks or registered trademarks of Sun Microsystems, Inc. or its subsidiaries in the US and other countries.

AMI ID:	ami-5d2cca34
AMI Manifest:	sun-osol-2008-11/OpenSolaris_2008.11_32_OpenESB_v3.0.img.manifest.xml
License:	Public

Description:

This 32 bit AMI is based on OpenSolaris 2008.11 base AMI

OpenESB is an Open Source project creating a platform for Business Integration, Enterprise Application Integration, and SOA. The license is CDDL. A large number of components is being developed in the OpenESB community: e.g. for accessing back-end systems and other ESBs or SOA platforms, for message transformation, etc. Unlike proprietary ESBs, OpenESB is purely based on open standards (e.g. JBI and Java EE). This prevents vendor lock-in.

The following components are included in the AMI.

• OpenESB v3 (pre-configured state) contains the following:

  • The OpenESB v3 Runtime

  • Service Engines

    • Sun JRuby Engine

    • POJO SE Component

  • Binding Components

    • FTP Binding Component

    • Email Binding Component

    • File Binding Component

    • Sun Database Binding

    • Scheduler Binding Component

    • REST Binding Component

    • RSS Binding Component

    • XMPP Binding Component

  • Shared Libraries

    • Sun WSDL Shared Library

    • Sun Encoder Library

    • Sun Shared Util Library

  • The Aspect Framework

  • Log Aspect

  • Policy Aspect

  • A Web-Based Tooling Editor (accessible from http://<DNS host name associated with the instance>:8080/fuji/editor)

• Apache Derby

• Apache Felix

The OpenESB Web Editor can be accessible using public DNS address associated with the instance. It can be accessed from http://<DNS host name associated with the instance>:8080/fuji/editor in their browser.

Configuration:

• OpenESB v3 (bundled within this AMI in pre-configured state) is available under location /usr/fuji

• Users can launch the OpenESB editor from http://<DNS host name associated with the instance>:8080/fuji/editor in their browser.

• Apache Felix and Derby services are pre-configured to start on automatically

For more details on security information and image usage instructions, please refer to the '/root/ec2sun/
README' file.

File Layout

	OpenESB v3
Binary Runtime Files	/usr/fuji
Configuration Files	/usr/fuji/conf

To start the OpenESB v3 instance:

cd /usr/fuji

java -jar ./bin/felix.jar

The instance uses up 3 ports:

• 1600 - Apache Derby

• 8699 - RMI/JRMP Port

• 8080 - Http Port used by the OSGi/Felix Http Service

The web application should be accessible from:

http://<DNS host name associated with the instance>:8080/fuji/editor

Documentation:

• For more information on OpenESB v3, visit
  https://fuji.dev.java.net/

Support

• Register at http://www.sun.com/third-party/global/amazon/ to receive latest news on OpenSolaris AMIs

• For technical support during Beta period, please send emails to ec2-solaris-support[AT]SUN[DOT]COM.

OpenSolaris AMI License for Amazon EC2
http://www.sun.com/third-party/global/amazon/license/ami/

OpenSolaris is a trademark or registered trademark of Sun Microsystems, Inc. or its subsidiaries in the US and other countries.

We are very happy to broaden the availability of the latest Wordpress AMI on Amazon EC2 in the European Region. This AMI is based on the OpenSolaris 2008.11 base AMI and does not need registration.

Following are the details of this new AMI:

Wordpress 32-bit AMI:

ami-ffa78f8b aki-661c3412 / ari-601c3414

Manifest: WordPress_2008.11_32_1.0.img.manifest.xml

To run this AMI in Europe, change the following environment variables before launching the AMI:

EC2_URL="https://eu-west-1.ec2.amazonaws.com"
LOCATION="EU"

The other env variables remain the same.

NOTE:  a unique <your-keypair-name> must be generated for each region before launching an AMI.(Use ec2-add-keypair <name> > keypairfile after setting the above env variables).

We are very happy to broaden the availability of the latest Ruby on Rails on OpenSolaris 32-bit AMI on Amazon EC2 in the European Region. This AMI is based on the OpenSolaris 2008.11 base AMI and does not need registration.

Following are the details of this new AMI:

Ruby On Rails 32-bit AMI:

ami-e9a1899d aki-661c3412 / ari-601c3414

Manifest: opensolaris_2008_11_32_RubyOnRails_v2.img.manifest.xml

To run this AMI in Europe, change the following environment variables before launching the AMI:

EC2_URL="https://eu-west-1.ec2.amazonaws.com"
LOCATION="EU"

The other env variables remain the same.

NOTE:  a unique <your-keypair-name> must be generated for each region before launching an AMI.(Use ec2-add-keypair <name> > keypairfile after setting the above env variables).

We are very happy to broaden the availability of the latest OpenSolaris 64-bit Base AMI on Amazon EC2 in the European Region. This AMI is based on the OpenSolaris 2008.11 64-bit base AMI and does not need registration.

Following are the details of this new AMI:

OpenSolaris 64-bit Base AMI:

ami-99a68eed aki-95a68ee1 / ari-aba68edf

Manifest: 2008.11_64_1.0.img.manifest.xml

To run this AMI in Europe, change the following environment variables before launching the AMI:

EC2_URL="https://eu-west-1.ec2.amazonaws.com"
LOCATION="EU"

The other env variables remain the same.

NOTE:  a unique <your-keypair-name> must be generated for each region before launching an AMI.(Use ec2-add-keypair <name> > keypairfile after setting the above env variables).

AMI ID:	ami-1509ee7c
AMI Manifest:	sun-osol-2008-11/WordPress_2008.11_32_1.0.img.manifest.xml
License:	Public

Description:

This 32 bit AMI is based on OpenSolaris 2008.11 AMP Stack AMI. Following components are
included in the AMI.

• WordPress 2.7 (pre-configured state)
  
• Apache 2.2
• MySQL 5.0
• PHP 5.2 (along with extensions like APC, DTrace, Suhosin, Memcache) runtime
• phpMyAdmin for administering MySQL database

Security Recommendations:

• Wordpress Installation/configuration pages can be accessible using public DNS address associated with the instance. It is recommended to configure Amazon EC2 firewall on port '80' to limit inbound connections.

• After the installation change the permission on “/var/wordpress/wp-config.php” file to 600 .
  This file should not be accessible to group or world.
  

Configuration:

• WordPress (bundled within this AMI in pre-configured state) is available under location /var/wordpress
  

• WordPress specific configuration for Apache Web Server is available within /etc/apache2/2.2/conf.d/wordpress.conf
  

• Users can launch and configure WordPress by accessing http://<DNS name associated with the instance> in their browser
  

• Apache and MySQL services are pre-configured to start on boot

• If you would like to use phpMyAdmin, you will need to do the following:

                  # cp /etc/apache2/2.2/samples-conf.d/phpmyadmin.conf /etc/apache2/2.2/conf.d/

                  # svcadm restart http:apache22

• DTrace probes are available within Apache and PHP runtime. Sample DTrace scripts are available under /opt/DTT/

For more details on security information and image usage instructions, please refer to the '/root/ec2sun/
README' file.

AMP Stack File Layouts

	Apache	PHP	MySQL
Binary Runtime Files	/usr/apache2/2.2/bin	/usr/php/5.2/bin	/usr/mysql/5.0/bin
Configuration Files	/etc/apache2/2.2	/etc/php/5.2	/etc/mysql/5.0
Web Documents / Data Files	/var/apache2/2.2	/var/php/5.2	/var/mysql/5.0

Administering AMP Stack

Command	Apache	MySQL
Start Service	svcadm enable http:apache22	svcadm enable mysql:version_50
Stop Service	svcadm disable http:apache22	svcadm disable mysql:version_50
Restart Service	svcadm restart http:apache22	svcadm restart mysql:version_50

You can reset MySQL 'root' password by running following command:

# /usr/mysql/5.0/bin/mysqladmin -u root -p password '<MySQL password>'

It is highly recommended to secure your MySQL database by following the guidelines mentioned within MySQL 5 database documentation:

http://dev.mysql.com/doc/refman/5.0/en/security-guidelines.html

ZFS + EBS for MySQL

User can now take advantage of ZFS to manage EBS volumes and can store MySQL data on it. It may improve performance for certain workloads and database sizes.

For more information visit

• http://blogs.sun.com/ec2/entry/ebs_is_supported_on_opensolaris

• http://dev.mysql.com/tech-resources/articles/mysql-zfs.html
  

Documentation:

• WordPress Getting Started Documentation
  http://codex.wordpress.org/Main_Page
  

• For questions regarding Apache, MySQL and PHP runtime, please visit Web Stack Getting Started Guide for OpenSolaris 2008.11 athttp://wikis.sun.com/display/WebStack/Web+Stack+Getting+Started+Guide

• For general questions on OpenSolaris, please visit OpenSolaris on Amazon EC2 Getting Started Guide:

  http://www.sun.com/third-party/global/amazon/Sun_AmazonEC2_GettingStartedGuide.pdf

Support

• Register at http://www.sun.com/third-party/global/amazon/ to receive latest news on OpenSolaris AMIs

• For technical support during Beta period, please send emails to ec2-solaris-support[AT]SUN[DOT]COM.

• AMP Stack within OpenSolaris are delivered as part of WebStack project . For any questions related to these components, please write to webstack-discuss[AT]opensolaris[DOT]org
  

OpenSolaris AMI License for Amazon EC2
http://www.sun.com/third-party/global/amazon/license/ami/

OpenSolaris and MySQL are trademarks or registered trademarks of Sun Microsystems, Inc. or
its subsidiaries in the US and other countries.

Hardened OpenSolaris 2008.11 AMI Now Available on Amazon EC2 in Europe! 

We are very happy to broaden the availability of the latest Hardened OpenSolaris AMI on Amazon EC2 in the European Region. This AMI is based on the OpenSolaris 2008.11 base AMI and does not need registration.

Following are the details of this new AMI:

Hardened 32-bit AMI:

ami-d7a189a3 aki-661c3412 / ari-601c3414

Manifest: hardened_2008.11_32_4.0.img.manifest.xml

To run this AMI in Europe, change the following environment variables before launching the AMI:

EC2_URL="https://eu-west-1.ec2.amazonaws.com"
LOCATION="EU"

The other env variables remain the same.

NOTE:  a unique <your-keypair-name> must be generated for each region before launching an AMI.(Use ec2-add-keypair <name> > keypairfile after setting the above env variables).

Rebundling Changes:

As you can see we have introduced the new ARI (ari-9d6889f4) with this AMI, make sure you use the correct ARI with the "ec2-bundle-image" command as given below.

bash # ec2-bundle-image -c $EC2_CERT -k $EC2_PRIVATE_KEY \
 --kernel aki-661c3412 --ramdisk ari-601c3414 \
 --block-device-mapping "root=rpool/56@0,ami=0,ephemeral0=1" \
 --user <userid> --arch i386 \
 -i $DIRECTORY/$IMAGE -d $DIRECTORY/parts

In addition if you want to disable auditing during re-bundling, you can execute following commands in your clean up tasks before executing "ec2-bundle-image" command.

bash # audit -t
bash # > /var/log/auditlog
bash # rm -f /var/audit/*

AMI ID:	ami-41cd2b28
AMI Manifest:	sun-osol-2008-11/opensolaris_2008_11_32_RubyOnRails_v2.img.manifest.xml
AKI/ARI ID:	aki-6552b60c / ari-6452b60d
License:	Public

Description:

This is a pre-configured Typo appliance running on an optimized Ruby on Rails stack. It is based on Sun's OpenSolaris 32-bit image (ami-7db75014). The Typo engine is configured to automatically start on booting the AMI.  Nginx instances are the front end to the appliance that hosts the Rails application in a Typo gem and uses MySQL for it's back end connectivity.  The entire stack is optimized, SMF enabled, and monitorable through DTrace.

This stack also includes, Mongrel, Mongrel_cluser, Thin, MySQL, sample SMF scripts, Git, gcc, and Sun Studio. This AMI is provided by Sun Microsystems and does not require registration. The exact versions are mentioned in the "Software versions" section below:


This AMI is for developers who wish to develop applications using the Ruby on Rails 2 web application framework, as a starting point for deploying Typo, or as a starter to create other architectures using the deployed service manifests as an example.

Ruby is available in /usr/ruby/1.8/bin(and symbolically linked from /usr/bin).

DTrace probes have been integrated into the Ruby source code, and this provide low overhead monitoring for your Rails application.

Software versions:

Rails 2.1.0 , 2.2.2, 2.3.2
Ruby 1.8.7 p72
Thin 0.8.2
Mongrel 1.1.5
Mongrel Cluster 1.0.5
MySQL 5.0.45
Git 1.5.6.5
gcc 3.4.3
GNU Make 3.81
All EC2 command-line API/AMI tools

Support:

For technical support during Beta period, please send emails to ec2-solaris-support[AT]SUN[DOT]COM

For questions on Ruby and Rails in OpenSolaris, please contact webstack-discuss[AT]opensolaris[DOT]org

Please check OpenSolaris on Amazon EC2 blog for latest updates and new information about OpenSolaris AMIs.
The "OpenSolaris on Amazon EC2 Getting Started Guide" is located at:
http://www.sun.com/third-party/global/amazon/Sun_AmazonEC2_GettingStartedGuide.pdf

AMI ID:	ami-35ac4a5c
AMI Manifest:	sun-opensolaris-2008-11-hardened/hardened_2008.11_32_4.0.img.manifest.xml
AKI/ARI ID:	aki-6552b60c / ari-6452b60d
License:	Public

Description:

Sun Microsystems Inc. is pleased to announce the release of Hardened OpenSolaris 2008.11 on Amazon EC2's cloud computing service. This 32-bit AMI gives you the power and security of OpenSolaris combined with the flexibility of Amazon's cloud computing service, and is optimized for for Amazon EC2's cloud computing environment.

The OpenSolaris system configuration has been adjusted to comply with the recommendations published by Sun and the Center for Internet Security, a non-profit organization charted to develop and encourage widespread use of security configuration benchmarks developed through a global consensus process involving participants from academia, industry and government. 

Working together for more than six years, Sun and the Center for Internet Security have consistently developed best-in-class, supportable and complete security hardening guidance for the Solaris operating system.

The latest version developed for the Solaris 10 operating system was completed with substantial contributions from Sun, CIS, the U.S. National Security Agency (NSA), as well as the U.S. Defense Information Systems Agency (DISA).

Building upon this foundation, Sun and the Center for Internet Security collaborated to adapt the security recommendations published in the Solaris 10 Benchmark to the OpenSolaris operating system and document those changes specific to virtual machine images such as those available on Amazon EC2. 

All of the specific changes made to the base OpenSolaris 2008.11 AMI are discussed on the Sun OpenSolaris AMI Hardening Wiki : http://wikis.sun.com/display/ISC/OpenSolaris+AMI+Hardening

For more information on the Center for Internet Security's Solaris 10 Benchmark, see:
http://www.cisecurity.org/bench_solaris.html

The root file system is ZFS in this AMI and includes the pre-installed packages and tools necessary to get started with using OpenSolaris on Amazon EC2. You can obtain more details about the OpenSolaris project at http://www.opensolaris.org.

Also, just like in our previous AMIs, the "pkg image-update" command updates the kernel and ramdisk which is not allowed in Amazon EC2. Therefore, in order to prevent your instances from becoming non-compatible with the Amazon EC2 environment, we have disabled this command.

More details including re-bundling instructions can be found in the Getting Started Guide.


Support:

For technical support during the Beta period, please contact ec2­-solaris­-support[AT]SUN[DOT]COM.

Please check OpenSolaris on Amazon EC2 blog for latest updates and new information about OpenSolaris AMIs.

The "OpenSolaris on Amazon EC2 Getting Started Guide" is located at:
http://www.sun.com/third-party/global/amazon/Sun_AmazonEC2_GettingStartedGuide.pdf

Register for OpenSolaris AMIs here.

MediWiki AMI Now Available on Amazon EC2 in Europe! 

We are very happy to broaden the availability of the latest MediaWiki AMI on Amazon EC2 in the European Region. This AMI is based on the OpenSolaris 2008.11 base AMI and does not need registration.

Following are the details of this new AMI:

MediaWiki 32-bit AMI:

ami-59d5fd2d aki-661c3412 / ari-601c3414

Manifest: Mediawiki_2008.11_32_1.0.img.manifest.xml

To run this AMI in Europe, change the following environment variables before launching the AMI:

EC2_URL="https://eu-west-1.ec2.amazonaws.com"
LOCATION="EU"

The other env variables remain the same.

NOTE:  a unique <your-keypair-name> must be generated for each region before launching an AMI.(Use ec2-add-keypair <name> > keypairfile after setting the above env variables).

AMI ID:	ami-9c0aedf5
AMI Manifest:	sun-osol-2008-11/Mediawiki_2008.11_32_1.0.img.manifest.xml
License:	Public

Description:

This 32 bit AMI is based on OpenSolaris 2008.11 AMP Stack AMI. Following components are
included in the AMI.

• MediaWiki 1.14 (pre-configured state)
  
• Apache 2.2
• MySQL 5.0
• PHP 5.2 (along with extensions like APC, DTrace, Suhosin, Memcache) runtime
• phpMyAdmin for administering MySQL database

Security Recommendations:

MediaWiki Installation/configuration pages can be accessible using public DNS address associated with the instance. It is recommended to configure Amazon EC2 firewall on port '80' to limit inbound connections.

Configuration:

• MediaWiki (bundled within this AMI in pre-configured state) is available under location /var/mediawiki-1.14
  

• MedaiWiki specific configuration for Apache Web Server is available within
  /etc/apache2/2.2/conf.d/wiki.conf.
  

• Users can launch and configure MediaWiki by accessing http://<DNS name associated with the instance> in their browser
  

• Apache and MySQL services are pre-configured to start on boot

• If you would like to use phpMyAdmin, you will need to do the following:

                  # cp /etc/apache2/2.2/samples-conf.d/phpmyadmin.conf /etc/apache2/2.2/conf.d/

                  # svcadm restart http:apache22

• DTrace probes are available within Apache and PHP runtime. Sample DTrace scripts are available under /opt/DTT/

For more details on security information and image usage instructions, please refer to the '/root/ec2sun/
README' file.

AMP Stack File Layouts

	Apache	PHP	MySQL
Binary Runtime Files	/usr/apache2/2.2/bin	/usr/php/5.2/bin	/usr/mysql/5.0/bin
Configuration Files	/etc/apache2/2.2	/etc/php/5.2	/etc/mysql/5.0
Web Documents / Data Files	/var/apache2/2.2	/var/php/5.2	/var/mysql/5.0

Administering AMP Stack

Command	Apache	MySQL
Start Service	svcadm enable http:apache22	svcadm enable mysql:version_50
Stop Service	svcadm disable http:apache22	svcadm disable mysql:version_50
Restart Service	svcadm restart http:apache22	svcadm restart mysql:version_50

You can reset MySQL 'root' password by running following command:

# /usr/mysql/5.0/bin/mysqladmin -u root -p password '<MySQL password>'

It is highly recommended to secure your MySQL database by following the guidelines mentioned within MySQL 5 database documentation:

http://dev.mysql.com/doc/refman/5.0/en/security-guidelines.html

ZFS + EBS for MySQL

User can now take advantage of ZFS to manage EBS volumes and can store MySQL data on it. It may improve performance for certain workloads and database sizes.

For more information visit

• http://blogs.sun.com/ec2/entry/ebs_is_supported_on_opensolaris

• http://dev.mysql.com/tech-resources/articles/mysql-zfs.html
  

Documentation:

• For more information on MediaWiki , refer to its Getting Started Guide within -
  http://www.mediawiki.org/wiki/Manual:Contents
  

• For questions regarding Apache, MySQL and PHP runtime, please visit Web Stack Getting Started Guide for OpenSolaris 2008.11 athttp://wikis.sun.com/display/WebStack/Web+Stack+Getting+Started+Guide

• For general questions on OpenSolaris, please visit OpenSolaris on Amazon EC2 Getting Started Guide:

  http://www.sun.com/third-party/global/amazon/Sun_AmazonEC2_GettingStartedGuide.pdf

Support

• Register at http://www.sun.com/third-party/global/amazon/ to receive latest news on OpenSolaris AMIs

• For technical support during Beta period, please send emails to ec2-solaris-support[AT]SUN[DOT]COM.

• AMP Stack within OpenSolaris are delivered as part of WebStack project . For any questions related to these components, please write to webstack-discuss[AT]opensolaris[DOT]org
  

OpenSolaris AMI License for Amazon EC2
http://www.sun.com/third-party/global/amazon/license/ami/

OpenSolaris and MySQL are trademarks or registered trademarks of Sun Microsystems, Inc. or
its subsidiaries in the US and other countries.

Sun Microsystems Inc. is pleased to announce the release of 64-bit OpenSolaris 2008.11 base AMI On Amazon EC2's cloud computing service. This 64-bit AMI gives you the power and security of OpenSolaris combined with the flexibility of Amazon's cloud computing service, and is optimized for for EC2's cloud computing environment.

AMI Details:

AMI ID:	ami-4b638422
AMI Menifest:	sun-osol-2008-11/2008.11_64_1.0.img.manifest.xml
AKI/ARI ID:	aki-846483ed / ari-876483ee

This AMI supports 64-bit Instance sizes including m1.large (Large Instance Type), m1.xlarge (Extra Large Instance Type) and c1.xlarge (High CPU Extra Large Instance Type).

For more details on these instance types visit

• http://docs.amazonwebservices.com/AWSEC2/latest/DeveloperGuide/index.html?instance-types.html

• http://aws.amazon.com/ec2/instance-types/

To run the AMI with Large Instance type, execute following command.
ec2-run-instances ami-4b638422 -k <your-keypair> --instance-type m1.large

To run the AMI with Extra Large Instance type, execute following command.
ec2-run-instances ami-4b638422 -k <your-keypair> --instance-type m1.xlarge

To run the AMI with High CPU Extra Large Instance type, execute following command.
ec2-run-instances ami-4b638422 -k <your-keypair> --instance-type c1.xlarge

For OpenSolaris 2008.11 32bit base AMI, Please see
http://blogs.sun.com/ec2/entry/opensolaris_2008_11_on_amazon

For Other AMIs provided by Sun Microsystems, Please see
http://blogs.sun.com/ec2/entry/opensolaris_based_ami_catalog_on

Configuring Swap Memory

OpenSolaris 2008.11 64 AMI Instance comes with default 586MB of swap memory.
Follow below given steps to increase the swap memory size by 15gb.

# zfs create -V 15g mnt/swap
# swap -a /dev/zvol/dsk/mnt/swap

You can make this change permanent by changing the lines for swap in “/etc/vfstab” file.
change “/dev/zvol/dsk/rpool/swap” to “/dev/zvol/dsk/mnt/swap” and save the file.

Finally Reboot the instance.

64-bit AMI Rebundling Changes:

Replace the ec2-bundle-image command in the Getting Started Guide (Page 10) with the following:

ec2-bundle-image -c $EC2_CERT -k $EC2_PRIVATE_KEY   \
  --kernel aki-846483ed --ramdisk ari-876483ee \
  --block-device-mapping "root=rpool/52@0,ami=0,ephemeral0=1,ephemeral1=2,ephemeral2=3,ephemeral3=4" \
  --user $EC2_USER_ACCOUNT_NUMBER --arch x86_64 \
  -i $DIRECTORY/$IMAGE -d $DIRECTORY/parts

Support:

• For technical support during Beta period, please contact ec2-solaris-support[AT]SUN[DOT]COM.
• Please check OpenSolaris on Amazon EC2 blog for latest updates and new information about OpenSolaris AMIs.
• The "OpenSolaris on Amazon EC2 Getting Started Guide" is located at:
  http://www.sun.com/third-party/global/amazon/Sun_AmazonEC2_GettingStartedGuide.pdf
• Register for OpenSolaris AMIs here.

GlassFish AMI Now Available on Amazon EC2 in Europe! 

We are very happy to broaden the availability of the latest GlassFish AMI on Amazon EC2 in the European Region. This AMI is based on the OpenSolaris 2008.11 base AMI and does not need registration.

Following are the details of this new AMI:

GlassFish 32-bit AMI:

ami-e8c1e99c aki-661c3412 / ari-601c3414

Manifest: sun-osol-2008-11-eu/Glassfish_2008.11_32_1.0.img.manifest.xml

To run this AMI in Europe, change the following environment variables before launching the AMI:

EC2_URL="https://eu-west-1.ec2.amazonaws.com"
LOCATION="EU"

The other env variables remain the same.

NOTE:  a unique <your-keypair-name> must be generated for each region before launching an AMI.(Use ec2-add-keypair <name> > keypairfile after setting the above env variables).