You are here
Hi everyone,
I contacted Alon directly with some beginners questions since I didn't want to spam the forum with useless q's. He suggested we take the thread here - so this is a transcript of the questions I've asked so far and Alons omg-fast responses. Perhaps it'll help another beginner in the future.
(Alon's responses are quoted... I'll be trying to figure out how to send him the logs and trying out his suggestions soon, and post the results in regular forum messages after this).
-------------
Hi Alon!
I'm building a mobile texting application. I've developed client side software for some twenty years, but my server experience is quite limited.
After spending a week researching options, and almost giving up (server architectures are so alien to me!), I discovered TurnKey and your ejabberd AMI Appliance, and got very excited. After reading all your documentation, I decided to try it.
I went straight in from the "Run from Browser" section in the ejabbered Appliance page. I opted for the $20/mo EBS plan.
I ran into a few hiccups while deploying.
Unfortunately I wasn't taking screenshots, so I can't recall the exact wording of certain errors, but I thought you'd like to know what occurred:
1. Strange price
The first was a strange pricing inconsistency. I selected the $20/mo EBS plan, but when I was on the Amazon page adding the AMI, it showed a price of $6. I presume my end-of-month bill will include the $20 TurnKey cost.
The cost Amazon displays is pro-rated. In other words, because the month of April is almost finished your only pay for the remaining days, and not the full $20.
2. Apparent failure at end of deployment
The first occurred after I entered my keys, and just at the end of the deploy process - I landed on a page that appeared to have an Amazon <div> at the top, which said the process had succeeded... but the lower
half of the page was a TurnKey page, which listed an error.
Unfortunately I can't recall the exact wording of this error. Either a missing AMI or Appliance or perhaps Key. I recall having only one option from there, so I selected it.
Hmmm... I could understand something like this after enabling Amazon EC2 deployment, but not the deployment of the server itself. I'll take a look at the hub logs to see if I can find something.
If it happens again, please take a screenshot and send it my way, and I'll look into the issue in detail.
3. Installing Security Updates
Eventually I go to my Servers page on the Hub and watched the new ejabberd AMI server boot... then it went to "Installing Security Updates".
Six hours later it was still showing this. I searched your forums and saw the only option appeared to be to try to reboot or destroy. I tried a reboot from the Hub, but that didn't appear to resolve the issue.
This should not happen. Security updates should only take a few minutes at max. Could you please send me the output of /var/log/inithooks.log
Note, inithooks.log includes the root password, so please blank it out before sending the email.
So I dug around on the AWS management pages. I saw that the server was booted but not reachable. So I rebooted it from the AWS console.
After a few minutes, the AWS console Status Checks tab informed me that my instance was now up and running... awesome.
When I went back to the TurnKey Hub though, it still shows the status as "Installing Updates".
My best guess is that one of the security updates errored out, which stopped the boot process. What usually happens is once the system is fully booted, the server does an api call to the Hub so the status will be updated.
You can manually perform the API call as follows:
hubclient-status booted
I took a look at the Console Output and saw some failures (especially during the first two boots) but I'm not certain if they are critical or expected.
If you could send the output my way that would be great!
Can you provide some guidance regarding the "Installing Security Updates" status message? Is this having any impact on my instance? While it seems I can connect, I tried creating a tklapp Hostname (which appeared to succeed daleandrewdarling-ejabbered.tklapp.com) but that link always shows the site not found error.
ejabbard needs to know about the domain name in order to serve the content. if you set the tklapp hostname during deployment, then it will be automatically configured via preseeding [1].
But, if you do it after deployment, you'll need to update the server manually to know about it.
You can leverage the firstboot ejabberd script to set the domain and administrative password by executing the following:
/usr/lib/inithooks/firstboot.d/40ejabberd
Alternatively, as discussed here [2]:
/usr/local/bin/ejabberd-config XMPP_DOMAIN ADMIN_PASS
# ejabberd admin interface user will be: admin@XMPP_DOMAIN
4. Success! ... I think
If I browse to the IP address of that instance, I see the Speeqe test page, which appears to be connected to ejabberd (I can connect with two different browsers and chat between them using the two random test
accounts in the Beta Room).
Also, from the marketing material on your site, it seems the AMI appliance uses the passwords I typed during the deployment... but the ejabberd Appliance page includes notes about resetting the passwords via a script.
Yep, the passwords you're referring to are set via preseeding (see above). You can reset the passwords by executing 'turnkey-init', which reruns all of the firstboot scripts (40ejabberd I mentioned above is one of the them).
I'm still just getting my head around all this, so I just want to confirm that I don't need to reset my passwords again (and that they aren't using the highly insecure default passwords in the ejabberd product page).
You shouldn't need to, but I'm not sure where the boot process got stuck, and what happened - so to be safe you might want to.
Also, is there a "Next Steps" or documentation page for your ejabberd appliance that I might find to help me move forward? It seems my next steps should be:
- to configure the server (I presume via some unix command console or similar?)
The server should be fully configured in general, but again, depending on what happened during boot might require some fixing.
Also, you might want to setup XMPP DNS records (see [2]) if you're using a custom domain. You can do that via the Hub's domain management.
- ensure it's using proper/secure admin passwords
See above comment.
- confirm my Amazon free-tier usage (this looks more difficult to determine on AWS than it should be)
The free tier applies only to new amazon accounts [3], and only applies to micro instances - but IIRC, ejabberd might not perform too well on such a low-performance server.
- create some test accounts in ejabberd
You could use either Gajim or Pidgin, depending on your preferences. You can also configure the ejabberd server using the admin interface. Remember that the username is admin@<XMPP_DOMAIN>
- create a test client (Android via the Smack API) and send some messages
- figure out how to customize ejabberd to send notifications to offline users
Awesome! Sounds like fun.
Does this make sense?
Yep, hopefully my comments also make sense...
Sorry for the long-winded questions - as a client-side Mobile/Java/Flash/Desktop developer by trade, this open source server world is quite daunting at first!
No worries. BTW, feel free to post to the forums next time so others who come across similar issues can benefit from the answers. Also, other community members might be able to help...
Your solutions have really helped make it all seem possible though!
Cheers,
Dale Darling
[1] http://www.turnkeylinux.org/blog/hub-preseeding
[2] http://www.turnkeylinux.org/ejabberd
[3] http://aws.amazon.com/free/
Cheers,
Alon Swartz
-------------
Sorry to pester... one other thing I just noticed... in the AWS Console when I navigate to AMIs Owned By Me, it says there are none.
Could it be that the failure I saw near the end of the Deployment meant I didn't actually buy the AMI? Yet somehow it's live at the IP address.
'AMI's owned by me' are for Amazon-Machine-Images you manually create, upload and register on Amazon EC2.
The Hub handles giving you access to TurnKey AMI's.
Should I buy your ejabberd AMI from the AWS Marketplace instead?
No need, just use the Hub.
Also let me know if these questions should be on the forum... I just don't want to spam the forums with useless information (I presume I'm just making N00B mistakes).
As I mentioned in my previous reply, feel free to use the forums, thats what they are there for :)
Cheers,
Alon Swartz
Replies
Er... duh. My first palm-to-forehead moment... in my very first question. I should've realized that. Can I use the excuse that it was 3:00 am?
It actually may have been after enabling Amazon EC2 deployment... I ran through the deployment, and then opted to wait (and get some sleep) to see if the "Installing Security Updates" would ever finish. So I didn't perfectly recall the sequencing after I woke up.
Sure thing - I'll have to figure out how to browse the server files first. When I tried to Connect to the instance in AWS it said it was protected with username/password (which I realized)... but I saw no means of providing these. I'll do some googling today and see how to properly access my AWS instances.
I'll give that a shot (when I figure out how to manually perform API calls - lots to learn... heh).
Will do - should I attach a text file here? Or is there too much sensitive info in that log? I can send it to you directly if so.
Sounds great - should be able to figure that out.
One related question. If I wanted a "do-over" if I made some stupid mistakes during the first deployment (ie, not using key pairs or something like that), can I just destroy the instance and add a new one via the Hub? Would that require a new license purchase?
Thanks for all the resources related to the passwords/dns/etc. I'll dig into those!
Well we intend this to be primarily a mobile texting application, so latency between messages is important, but not so much as for an IRC.
Howeer, we do hope to have plenty of users and traffic, so my intention was to develop/test on the free micro-instance, then upgrade/deploy the solution on one of the other tiers during beta testing and/or on rollout. At this point I have no concept of what the numbers mean on AWS regarding the data usage, etc, so I was hoping to gather such information during development and testing.
Is it possible to do this after the fact? Or is my deplyment forever tied to the micro-instance? I suppose it's obvious that I can't simply duplicate the instance when upgrading.
Would you say now is the time to upgrade to one of the other tiers, to smooth this process in the future?
This is embarassing. I haven't even found the admin interface yet (have I qualified myself as a "beginner" enough yet?). Heh. I haven't yet dug in to all of your responses tho so hopefully it's easy to find.
Ah, I see. Makes sense. I was wondering if I might need to eventually create my own AMI once I'd tweaked the TurnKey ejabberd AMI (with appropriate passwords and urls as needed, and with extra functionality for posting to iOS and Android Notification Servers when users are offline), then copy that one for future duplication on AWS. Is this the prescribed process?
Perfect.
Very helpful indeed! I'll get to my homework now...
Add new comment