DZone
Thanks for visiting DZone today,
Edit Profile
  • Manage Email Subscriptions
  • How to Post to DZone
  • Article Submission Guidelines
Sign Out View Profile
  • Post an Article
  • Manage My Drafts
Over 2 million developers have joined DZone.
Log In / Join
Refcards Trend Reports Events Over 2 million developers have joined DZone. Join Today! Thanks for visiting DZone today,
Edit Profile Manage Email Subscriptions Moderation Admin Console How to Post to DZone Article Submission Guidelines
View Profile
Sign Out
Refcards
Trend Reports
Events
Zones
Culture and Methodologies Agile Career Development Methodologies Team Management
Data Engineering AI/ML Big Data Data Databases IoT
Software Design and Architecture Cloud Architecture Containers Integration Microservices Performance Security
Coding Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
Culture and Methodologies
Agile Career Development Methodologies Team Management
Data Engineering
AI/ML Big Data Data Databases IoT
Software Design and Architecture
Cloud Architecture Containers Integration Microservices Performance Security
Coding
Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance
Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
  1. DZone
  2. Software Design and Architecture
  3. Cloud Architecture
  4. Integrating On-Prem Infrastructure With Amazon EC2 Systems Manager

Integrating On-Prem Infrastructure With Amazon EC2 Systems Manager

As more organizations move to hybrid cloud setups, integrating what you've got on-premises can be a challenge. AWS' EC2 Systems Manager can help with automation.

Sean Marlow user avatar by
Sean Marlow
·
Apr. 28, 17 · Tutorial
Like (3)
Save
Tweet
Share
10.44K Views

Join the DZone community and get the full member experience.

Join For Free

At AWS re:Invent 2016, Amazon announced the availability of Amazon EC2 Systems Manager. AWS SSM is a collection of capabilities that helps automate management tasks in a hybrid cloud environment. This provides the ability to manage your existing on-premise infrastructure seamlessly with AWS. If you're interested, a video showcasing those capabilities can be found below:


Some of the features available in AWS SSM include:

  • Run Command: Remotely and securely manage the configuration of your managed instances at scale.
  • State Manager: Automate the process of keeping your managed instances in a defined state.
  • Inventory Manager: Automate the process of collecting software inventory from managed instances.
  • Automation: Automate common maintenance and deployment tasks.

Additional capabilities shared across the four services include:

  • Maintenance Window: Set up recurring schedules for managed instances to execute administrative tasks like installing patches and updates without interrupting business-critical operations.
  • Parameter Store: Centralize the management of configuration data.

The SSM User Guide provides all the details of the features offered by the service. The following outlines how to get SSM setup on your SUSE Linux Enterprise Server instances.

SSM Setup

For this tutorial, we will focus on EC2 instances and the Run Command. For more information on setting up SSM for on-premise systems, see the Amazon user guide's “Setting Up Systems Manager in Hybrid Environments” section.

The following steps are required to get started with AWS SSM:

  • Launch an instance with the proper role
  • Install the amazon-ssm-agent on the new instance
  • (Optional) Add permssions to your user

To enable system management on an instance, the instance must be launched with the proper role. See the “Configuring Security Roles for Systems Manager” section of the users guide.

Once the EC2 instance is running, it’s time to install the agent. For SUSE Linux Enterprise Server, the agent is available in the Public Cloud Module. Use the following commands to install, enable, and start the SSM agent (as root).

zypper refresh

zypper in amazon-ssm-agent

systemctl enable amazon-ssm-agent

systemctl start amazon-ssm-agent


The agent is now running on the instance and ready to accept commands.

Remote Management With aws-cli

With the setup complete, we can now manage the instance remotely and set up automated tasks. Systems with a running SSM agent can be managed with the aws-cli or through the web console. SUSE Linux Enterprise Server 12 and later images have the aws-cli package pre-installed and you can configure the CLI with:

aws configure


If you want to run the aws-cli on your local system, the package is part of the Public Cloud Module repository and can be installed by running (as root):

zypper in aws-cli


At this point, we should now have a SUSE Linux Enterprise Server instance running with the proper role and the amazon-ssm-agent active. Additionally, we have set up a user with access to SSM and installed aws-cli to manage the instance remotely. To confirm the instance is accessible run the following command:

aws ssm describe-instance-information --instance-information-filter-list key=InstanceIds,valueSet={instanceid}


This command should return information regarding the instance.

{
    "InstanceInformationList": [
        {
            "IsLatestVersion": false, 
            "ComputerName": "ip-10.10.10.10.us-west-1.compute.internal", 
            "PingStatus": "Online", 
            "InstanceId": "{instanceid}", 
            "ResourceType": "EC2Instance", 
            "AgentVersion": "2.0.558.0", 
            "IPAddress": "10.10.10.10", 
            "PlatformType": "Linux", 
            "LastPingDateTime": 1482355841.974
        }
    ]
}


Now that we have confirmed the agent is running properly on the instance, it’s time to send remote commands.

Run Command

The Run Command, which offers a way to remotely manage instances using Amazon Elastic Compute Cloud (EC2), is one of the features provided by AWS SSM. To initiate a command on the instance you can send the command as follows:

command_id=$(aws ssm send-command --instance-ids "{instanceid}" --document-name "AWS-RunShellScript" --comment "Zypper Update" --parameters commands="sudo zypper -n up" --output text --query "Command.CommandId")


This will send the command “sudo zypper -n up” to all instances listed. It will trigger an update on the instance and return the output. The query option returns the CommandId. This is the ID we will use to retrieve the command status and output.

aws ssm list-command-invocations --command-id $command_id --details


You should see information about the command that was run. As a note, the output of the command is truncated after the first 2500 characters. To view the entire output you can configure the command to log output to an S3 bucket.

{
    "CommandInvocations": [
        {
            "Comment": "Zypper Update", 
            "Status": "Success", 
            "CommandPlugins": [
                {
                    "Status": "Success", 
                    "ResponseStartDateTime": 1482355637.705, 
                    "StandardErrorUrl": "", 
                    "OutputS3BucketName": "", 
                    "OutputS3Region": "us-west-1", 
                    "OutputS3KeyPrefix": "", 
                    "ResponseCode": 0, 
                    "Output": "---Output truncated---", 
                    "ResponseFinishDateTime": 1482355726.472, 
                    "StatusDetails": "Success", 
                    "StandardOutputUrl": "", 
                    "Name": "aws:runShellScript"
                }
            ], 
            "ServiceRole": "", 
            "InstanceId": "{instanceid}", 
            "DocumentName": "AWS-RunShellScript", 
            "NotificationConfig": {
                "NotificationArn": "", 
                "NotificationEvents": [], 
                "NotificationType": ""
            }, 
            "StatusDetails": "Success", 
            "StandardOutputUrl": "", 
            "StandardErrorUrl": "", 
            "InstanceName": "", 
            "CommandId": "{commandid}", 
            "RequestedDateTime": 1482355636.877
        }
    ]
}


As you can see, the Run Command is useful for initiating tasks remotely on your instances. The send command function allows for a maximum of 50 instance IDs per invocation. It can also be used in conjunction with the other services such as Automation (auto create up-to-date images) and State Manager (periodically update instances).

AWS Command (computing) Infrastructure Cloud computing

Published at DZone with permission of Sean Marlow, DZone MVB. See the original article here.

Opinions expressed by DZone contributors are their own.

Popular on DZone

  • Debugging Streams and Collections
  • Apache NiFi Overview
  • Real-Time Stream Processing With Hazelcast and StreamNative
  • How to Use MQTT in Java

Comments

Partner Resources

X

ABOUT US

  • About DZone
  • Send feedback
  • Careers
  • Sitemap

ADVERTISE

  • Advertise with DZone

CONTRIBUTE ON DZONE

  • Article Submission Guidelines
  • Become a Contributor
  • Visit the Writers' Zone

LEGAL

  • Terms of Service
  • Privacy Policy

CONTACT US

  • 600 Park Offices Drive
  • Suite 300
  • Durham, NC 27709
  • support@dzone.com
  • +1 (919) 678-0300

Let's be friends: