[AmazonAWS:EC2] Forum Response of the Day : Hackers Hacking Hackers Hacking Humor

by M. David Peterson

Amazon Web Services Developer Connection : how fast do IP addresses get ...

In follow-up to another post in the EC2 forums, Brad Clements jokingly asks,

> Firstly, regarding billing, you won't be billed at all from the time thehost machine
> crashes (or indeed as soon as the host machine isnetwork-isolated).

So .. I have a long-running compute task that doesn't need any I/O while it's crunching.

Can I do an "ifconfig eth0 down" and you'll stop billing me?


In response, proving that you can have fun and do business all at the same time, RolandPJ@AWS responds with,

Why don't you launch a large set of instances and try it out ;)

NOTE: To those of you looking for a shining example of community involvement done right, look no further.

To the Folks@AmazonAWS: Can I just state that you've not only a proven time and time again that you're a pleasure to do business with, but your sense of humor showcases one very important thing: You're human, just like the rest of us.

Without a doubt, a shining beacon for the rest of the tech-world to look to for guidance into the emerging generation of Software as a (Web) Service.

Thanks, Amazon!


Roger Weeks
2006-08-30 12:23:43
David -

If I'm understanding this correctly, all of the EC2 instances must use DHCP. No static addresses are available. Is this right?

It sure seems to me that if so, this seriously limits the usefulness of EC2 in many ways.

M. David Peterson
2006-08-30 13:39:30
Hey Roger,

The way I understand it, yes, you are correct: No static IP's are available.

That said, while I will avoid using the phrase "this is to your advantage", lack of static IP's is not to your disadvantage, as a cross between the use of CNAME's and Xen's built-in clustering capabilities (EC2 is built on top of Xen), pointing to a machine name instead of an IP ensures that your cluster is just as it should be: Completely dynamic, and therefore flexible in regards to the number of machines you have running at any given time.

While it is taking some time to educate myself in regards to thinking in terms of "Xen Computing" the more understanding I gain, the more I realize they couldn't have used a more accurate term. ;)

Roger Weeks
2006-08-30 15:10:00
Interesting. So if my DNS for foobar.com is hosted here at provider X, how do I point cluster.foobar.com at my EC2 instance?

It seems like I'd have to rely on something like dyndns.org. Am I missing something?


M. David Peterson
2006-08-30 16:15:19
Hi Roger,

In regards to a CNAME DNS entry, for foobar.com, for an image who's DNS name is "domU-12-31-33-00-00-5A.dc2.compute.amazonaws.com" you would add the following line to your zone file,

cluster CNAME domU-12-31-33-00-00-5A.dc2.compute.amazonaws.com.

However, from what I can gather, if an instance is shutdown, there is no guarantee that you the next instance you start will have the same DNS name. In fact, I think the only guarantee is that it *WON'T* have the same DNS name.

With this in mind, this really isn't a reliable way to ensure the ability to keep your DNS records in sync with your instance names. In fact, given that both the IP and DNS name are dynamic (I still haven't verified for sure that the DNS name is completely dynamic, but I think it is. That said, I finally got a slot on the beta today and can provide more info a bit later now that I can play with things in real-time) it would make just as much sense to create an A record with the newly allotted IP address as it would to create a CNAME.

That said, the way to properly handle this is to utilize RFC2136 - Dynamic Updates in the Domain Name System (DNS UPDATE) > http://www.ietf.org/rfc/rfc2136.txt < which is exactly what services such as dyndns.org provide. And at $24.95 per yer per zone (which covers a full domain and sub-domains thereof) for their custom DNS servers ($14.95 for secondary) its tough to see this as much of a stop gap. http://www.dyndns.com/services/pricing/index.html#dns

Couple the above with clustering, and for all intents and purposes, you should be able to get by just fine.

And with all of this said, I'm still in the learning process myself. Will try and provide more details as my own understanding progresses. Given that I now have access to the beta, hopefully my understanding will be increasing quite dramatically over the next 24-48 hours.

I will update accordingly. :)

Roger Weeks
2006-08-30 16:22:05
Interesting. The machine name at EC2:
Seems to be a MAC address. Or at least it uses something in a MAC address-like format.
It almost seems that number needs to stay unique.

I'm waiting for my slot in the beta too, looking forward to what you have to report.

M. David Peterson
2006-08-30 16:35:25

Yeah, I noticed that as well, though I am unsure what this means exactly. Still digging to find out, but this > http://developer.amazonwebservices.com/connect/thread.jspa?messageID=42405ꖥ < thread does answer one question: If you reboot the machine, the IP stays the same. It's only when it crashes, or is shutdown that the IP is reallocated into the queue for reallocation to another machine.

While the need to reboot a machine happens often enough, the fear of a machine crashing and your entire system going down due to DNS entries could easily be circumvented by using the poor mans round robin (in essence, multiple IP's assinged to the same sub-domain.domain entry) and clustering.

In short: Get two or three core master server instances running in which use the poor mans DNS round robin, and the spread the load using clustering by adding new instances (or removing them) as needed.

If nothing else, if gives us something to play with :) I'll report back the result.

2006-08-31 10:36:24
I'm single girl and i search man my mail: ludalove2006@gmail,com
I'm 27y.old. If you search woman write to me and i can send to you my new pics
and tell more about myself. I post this message from this forum because
i don't have credit card and can't use dating site.
If you want find a friend please write to me i am very lonely woman.

2006-08-31 11:56:02
I'm single girl and i search man my mail: ludalove2006@gmail,com
I'm 27y.old. If you search woman write to me and i can send to you my new pics
and tell more about myself. I post this message from this forum because
i don't have credit card and can't use dating site.
If you want find a friend please write to me i am very lonely woman.

M. David Peterson
2006-08-31 16:05:42
@ludochka556, @ludochka556,

Hmmm... That's an interesting proposal. Answer me this: I realize you don't have a Credit Card, but if I click that link, do I have to have a valid Credit Card?

Well, either way, best of luck finding your "man". I'm sure he's out there somewhere!

M. David Peterson
2006-09-04 22:08:12

Couple of interesting links to look at,


I spent some time working with SRV records last night and came to two conclusions,

- Find out what you're doing first before you just start hacking into zone files.
- Don't even bother trying with Win2k3/DNS

Actually, to be fair, what I should really state is don't use the SRV records docs that are meant for BIND and assume they apply to Win2k3/DNS -- I might be wrong; They may very well apply to both BIND and Win2K3/DNS, but at this stage I'm not even sure if what I think my first name is and what it actually is are even remotely the same. LOTS OF SELF DOUBT at the moment -- a reflection of the journey I envoked upon last night.

Tears. LOTS and LOTS of tears. ;)

'nuf said ;)

I do have an instance of EC2 up and have been playing with getting the S3FS [ http://dev.extensibleforge.net/wiki/s3/fuse ] code base working properly with the Xen-based kernel. I've got things properly compiled and moving forward, though there are still a few remaining unsolved riddles with various items, though they are riddles I have encountered before and solved, so it will hopefully be pretty straightforward from here on out.

Regarding the DNS Round Robin: From what I have been able to tell so far, it works well enough, *ESPECIALLY* if your plan is to simply use EC2 as the secured gateway to your content on S3 -- e.g. ensure requests for content are only give access to this content if they are properly validated. If all of the content itself resides on S3, and each server simply validates, retrieves, and serves that content, then DNS RoundRobin should be a pretty simple and efficient solution. Couple this with Squid and, in my own opinion, you should be able to consider yourself a happy, happy, hacker. :D

Back with more when theres more to be back with :)