Questions tagged with Amazon EC2

Content language: English

Sort by most recent

Browse through the questions and answers listed below or filter and sort to narrow down your results.

Create EC2 instance with NitroTPM Enabled

Hi, want to create an ec2 instance with nitroTPM 2.0 enabled. I followed the instructions from this site: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/enable-nitrotpm-support-on-ami.html ``` { "Images": [ { "Architecture": "x86_64", "CreationDate": "2022-11-21T20:07:43.000Z", "ImageId": "ami-05683f60db56ff1b5", "ImageLocation": "293786889684/DebianImage", "ImageType": "machine", "Public": false, "OwnerId": "293786889684", "PlatformDetails": "Linux/UNIX", "UsageOperation": "RunInstances", "State": "available", "BlockDeviceMappings": [ { "DeviceName": "/dev/xvda", "Ebs": { "DeleteOnTermination": true, "SnapshotId": "snap-0c493ccaccd018881", "VolumeSize": 8, "VolumeType": "gp2", "Encrypted": false } }, { "DeviceName": "/dev/xvdf", "Ebs": { "DeleteOnTermination": true, "VolumeSize": 10, "VolumeType": "gp2", "Encrypted": false } } ], "EnaSupport": true, "Hypervisor": "xen", "Name": "DebianImage", "RootDeviceName": "/dev/xvda", "RootDeviceType": "ebs", "SriovNetSupport": "simple", "VirtualizationType": "hvm", "BootMode": "uefi", "TpmSupport": "v2.0" } ] } ``` So far it looks good, but if I try to launch an instance of this AMI, I cannot connect to the machine. If I create an instance from the management console without nitroTPM support I can connect to the machine via my Key. Also, I would like to get some measurements from the TPM, but I don't see any of the hashes in the response. I appreciate any help you can offer. Heres my ec2 description ``` { "Reservations": [ { "Groups": [], "Instances": [ { "AmiLaunchIndex": 0, "ImageId": "ami-05683f60db56ff1b5", "InstanceId": "i-03435c99e5a3a83b5", "InstanceType": "m6a.xlarge", "KeyName": "OPTI_PLEX_KEY_PAIR", "LaunchTime": "2022-11-21T20:53:29.000Z", "Monitoring": { "State": "disabled" }, "Placement": { "AvailabilityZone": "eu-central-1a", "GroupName": "", "Tenancy": "default" }, "PrivateDnsName": "ip-172-31-16-168.eu-central-1.compute.internal", "PrivateIpAddress": "172.31.16.168", "ProductCodes": [], "PublicDnsName": "ec2-18-159-62-7.eu-central-1.compute.amazonaws.com", "PublicIpAddress": "18.159.62.7", "State": { "Code": 16, "Name": "running" }, "StateTransitionReason": "", "SubnetId": "subnet-12bdf778", "VpcId": "vpc-d90e6cb3", "Architecture": "x86_64", "BlockDeviceMappings": [ { "DeviceName": "/dev/xvda", "Ebs": { "AttachTime": "2022-11-21T20:53:30.000Z", "DeleteOnTermination": true, "Status": "attached", "VolumeId": "vol-05814aff540510c1f" } }, { "DeviceName": "/dev/xvdf", "Ebs": { "AttachTime": "2022-11-21T20:53:30.000Z", "DeleteOnTermination": true, "Status": "attached", "VolumeId": "vol-03027ae670649544f" } } ], "ClientToken": "45856522-8833-4e31-985f-f5209b014fa1", "EbsOptimized": true, "EnaSupport": true, "Hypervisor": "xen", "ElasticGpuAssociations": [], "ElasticInferenceAcceleratorAssociations": [], "NetworkInterfaces": [ { "Association": { "IpOwnerId": "amazon", "PublicDnsName": "ec2-18-159-62-7.eu-central-1.compute.amazonaws.com", "PublicIp": "18.159.62.7" }, "Attachment": { "AttachTime": "2022-11-21T20:53:29.000Z", "AttachmentId": "eni-attach-01e82b7e623e8e9da", "DeleteOnTermination": true, "DeviceIndex": 0, "Status": "attached", "NetworkCardIndex": 0 }, "Description": "", "Groups": [ { "GroupName": "launch-wizard-10", "GroupId": "sg-05676ad26b7f6ed13" } ], "Ipv6Addresses": [], "MacAddress": "02:b8:28:63:4f:fc", "NetworkInterfaceId": "eni-095492d80db0313b8", "OwnerId": "293786889684", "PrivateDnsName": "ip-172-31-16-168.eu-central-1.compute.internal", "PrivateIpAddress": "172.31.16.168", "PrivateIpAddresses": [ { "Association": { "IpOwnerId": "amazon", "PublicDnsName": "ec2-18-159-62-7.eu-central-1.compute.amazonaws.com", "PublicIp": "18.159.62.7" }, "Primary": true, "PrivateDnsName": "ip-172-31-16-168.eu-central-1.compute.internal", "PrivateIpAddress": "172.31.16.168" } ], "SourceDestCheck": true, "Status": "in-use", "SubnetId": "subnet-12bdf778", "VpcId": "vpc-d90e6cb3", "InterfaceType": "interface", "Ipv4Prefixes": [], "Ipv6Prefixes": [] } ], "RootDeviceName": "/dev/xvda", "RootDeviceType": "ebs", "SecurityGroups": [ { "GroupName": "launch-wizard-10", "GroupId": "sg-05676ad26b7f6ed13" } ], "SourceDestCheck": true, "Tags": [ { "Key": "Name", "Value": "Ubuntu bla" } ], "VirtualizationType": "hvm", "CpuOptions": { "CoreCount": 2, "ThreadsPerCore": 2 }, "CapacityReservationSpecification": { "CapacityReservationPreference": "open" }, "HibernationOptions": { "Configured": false }, "Licenses": [], "MetadataOptions": { "State": "applied", "HttpTokens": "optional", "HttpPutResponseHopLimit": 1, "HttpEndpoint": "enabled", "HttpProtocolIpv6": "disabled", "InstanceMetadataTags": "enabled" }, "EnclaveOptions": { "Enabled": true }, "BootMode": "uefi", "PlatformDetails": "Linux/UNIX", "UsageOperation": "RunInstances", "UsageOperationUpdateTime": "2022-11-21T20:53:29.000Z", "PrivateDnsNameOptions": { "HostnameType": "ip-name", "EnableResourceNameDnsARecord": true, "EnableResourceNameDnsAAAARecord": false }, "TpmSupport": "v2.0", "MaintenanceOptions": { "AutoRecovery": "default" } } ], "OwnerId": "293786889684", "ReservationId": "r-0089af1cf650fc657" } ] } ```
0
answers
0
votes
27
views
asked 14 days ago

ASP.NET Core Application not Running in AWS Linux EC2 instance instead showing Apache Test Page

I have have an AWS CodePipeline process that gets the CodeCommit repository builds the application and publish the application to the Linux EC2 instances. The entire process executes successfully and I can see the final asp.net core application gets published to the /var/www/html/ folder. But when I get loads the URL of the load balancer (EC2 instances are behind a load balancer), I see the Apache test page, not the asp.net core application. The asp.net core application I created is just the default asp.net core web application that gets created by default. Below is the buildspec.yaml file. (This publishes a self-contained application) ``` version: 0.2 env: variables: DOTNET_CORE_RUNTIME: 6.0 phases: install: on-failure: ABORT runtime-versions: dotnet: ${DOTNET_CORE_RUNTIME} commands: - echo install stage - started `date` pre_build: commands: - echo pre build stage - stared `date` - echo restore dependencies started `date` - dotnet restore ./WebApplication1/WebApplication1.csproj build: commands: - echo build stage - started `date` - dotnet publish --configuration Release --runtime linux-x64 ./WebApplication1/WebApplication1.csproj --self-contained - cp ./WebApplication1/appspec.yml ./WebApplication1/bin/Release/net6.0/linux-x64/publish/ artifacts: files: - '**/*' - appspec.yml name: artifact-test-cham discard-paths: no base-directory: ./WebApplication1/bin/Release/net6.0/linux-x64/publish/ ``` And below is the appspec.yaml file that copies the content from the S3 artifact location to the /var/www/html/ folder ``` version: 0.0 os: linux files: - source: / destination: /var/www/html/ ``` Following image shows that the web application gets successfully published to the /var/www/html folder in the Linux EC2 instance with other asp.net core framework dependent files. But even though all the web application files along with other framework files are available, as I said, when I navigate through the load balancer, I can see the Apache test page only. ![Enter image description here](/media/postImages/original/IMrj2EksFtRkigsg3lcuTJBA) Below is the "Configure" method in the application. ``` // This method gets called by the runtime. Use this method to configure the HTTP request pipeline. public void Configure(IApplicationBuilder app, IWebHostEnvironment env) { app.UseStatusCodePages(); if (env.IsDevelopment()) { app.UseDeveloperExceptionPage(); } else { app.UseExceptionHandler("/Error"); // The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts. app.UseHsts(); } app.UseHttpsRedirection(); app.UseStaticFiles(); app.UseRouting(); app.UseAuthorization(); app.UseEndpoints(endpoints => { endpoints.MapRazorPages(); }); } ``` What am I doing wrong in here? Do I have to do something from the application side? Please let me know. UPDATE: Below is the instance UserData used to in each EC2 instance. ``` #!/bin/bash -xe sudo su sudo yum -y update yum install -y ruby yum install -y aws-cli sudo amazon-linux-extras install -y php7.2 sudo yum install httpd -y sudo systemctl start httpd sudo systemctl enable httpd sudo yum install -y https://s3.amazonaws.com/ec2-downloads-windows/SSMAgent/latest/linux_amd64/amazon-ssm-agent.rpm cd /home/ec2-user # downloading & installing CodeDeploy Agent as per https://docs.aws.amazon.com/codepipeline/latest/userguide/tutorials-simple-s3.html#S3-create-instances aws s3 cp s3://aws-codedeploy-${AWS::Region}/latest/install . --region ${AWS::Region} chmod +x ./install ./install auto ```
2
answers
0
votes
65
views
champer
asked 16 days ago