Using Amazon web services

Some guidelines for using Amazon Web Services (AWS):

    • Should I use AWS?
      • We typically use AWS for production servers (need to be accessible anytime by others from outside). If you just need a development server, consider using our existing internal servers within the intranet (ping others on slack if you need more assistance).
      • If you do have a non-production servers up-running on AWS, and typically used by you only, please stop the instance when you are not using it. You can do that in either AWS management console or using a script.
    • How to request a new instance
      • Send Andrew and/or Chunlei the following information
        • your public SSH key
          • If you don’t have your ssh key yet, follow this guide to create one first. This guide applies to terminals under Linux, Mac OS and Window Linux subsystem (WSL). Keep your private key, but send your public key only.
        • your desired OS (need to justify if it’s something other than the latest Ubuntu Server LTS release)
    • Notes for Andrew and Chunlei
      • Which region I should start a new instance?
        • Here is a general project distribution for several commonly used AWS EC2 regions:
          • us-west-1/N. California
            • BioGPS only (do not create new instances there)
          • us-west-2/Oregon
            • BioThings, SmartAPI
            • Mark2cure
          • us-east-2/Ohio
            • GeneWiki
            • ChlamBase
          • us-east-1/N. Virginia (default region for new projects)
            • Drug repurposing
            • CVISB
            • Scientific Games
            • other projects
      • Default OS:
        • Unless specifically needed, we default to use the latest 64bit Ubuntu server LTS AMI image (currently “Ubuntu Server 18.04 LTS (HVM)”)
      • Tagging:
        • “Name” (required) – in a pattern like “<name>_<project>*” (e.g. “asu_cvisb”, “asu_cvisb_web”, “asu_cvisb_data” etc)
        • “Description” (recommended) – add more descriptive text for what is this instance used for
      • Security Group:
        • Recommend to create a specific or project-wide security group policy (naming is as “<project>_sg”)
        • Can combine multiple security groups (e.g. both “<project>_sg” and generic ones like (“open_22_port”, “scripps_ssh_access_sg” etc)
      • VPC:
        • Always recommend launching instances within a VPC
        • A large project (requires >3 instances, often with between instance communications) should create its own VPC
        • The other projects can launch in an existing general-purpose VPC
      • Key:
        • Recommend to create project-specific key files (“smartapi.pem” or “smartapi_prod.pem”-“smartapi_dev.pem” pairs)
        • The generated key file (the private key) should be stored in LastPass shared between Andrew and Chunlei