五、其他
1、关于使用rightscale的ami时,远程连接到其他instance时的提示:
Address 174.129.230.151 maps to ec2-174-129-230-151.compute-1.amazonaws.com, but this does not map back to the address - POSSIBLE BREAK-IN
ATTEMPT!
思路:
ssh -v root@174.129.230.151
解决:
vi /etc/ssh/ssh_config
GSSAPIAuthentication no
2、一个小脚本,启动时自动绑定ELASTIC IP
wget http://s3.amazonaws.com/ec2metadata/ec2-metadata
#!/bin/sh
#set environment
unset CLASSPATH
export JAVA_HOME=/usr/java/jdk1.5.0_15
export EC2_HOME=/opt/ec2/ec2-api-tools-1.3-30349
export EC2_PRIVATE_KEY=/opt/ec2/pk-6FW5MJGDE7EHO6WFDZVOTDNHBMM9MRPA.pem
export EC2_CERT=/opt/ec2/cert-6FW5MJGDE7EHO6WFDZVOTDNHBMM9MRPA.pem
PATH=$PATH:$EC2_HOME/bin:$JAVA_HOME/bin
#get metadata
my_instance_id=`/opt/ec2-metadata |awk '/instance-id/ {print $2}'`
#about ELASTIC IP
ip=174.12.23.152
ip152_status=$(ec2-describe-addresses $ip|awk '{print $3}')
#main
if [ "$ip152_status" = "" ];then
ec2-associate-address $ip -i $my_instance_id
echo "`date +%y/%m/%d-%T`: associate-address $ip to \"this INSTANC\" "
else
ip152_associate=`ec2-describe-instances |grep "$ip"|awk '{print $2}'`
if [ "$ip152_associate" = "$my_instance_id" ];then
echo "`date +%y/%m/%d-%T`: IP $ip has associated to \"this INSTANCE\"".
else
echo "`date +%y/%m/%d-%T`: IP $ip has associated to INSTANCE: $ip152_associate,not this INSTANCE "
fi
fi
我使用下面的脚本在启动时获取另一台服务器的内部ip,并修改一些配置文件
注意,这个脚本有点问题,什么问题?往下看。。。
#!/bin/sh
#for ip
uranusip=`ssh root@174.129.230.151 ifconfig |grep inet|grep -v "127.0.0.1"|awk '{print $2}'|awk -F: '{print $2}'`
echo $uranusip
localip=`/opt/ec2-metadata -o|awk '{print $2}'`
#set log
sed -i /loghost_ip_here/s/loghost_ip_here/$uranusip/g /etc/syslog-ng/syslog-ng.conf
service syslog-ng restart
#modify config-sample.xml file on uranus
exist=`ssh root@174.12.23.151 sed -n \'/$localip/p\' /home/config-sample.xml`
if [ "$exist" = "" ];then
ssh root@174.129.230.151 sed -i \'/Smtphost-here/a\<SmtpServer Host=\"$localip\" Port=\"\" User=\"\" Password=\"\" Priority=\"0\" /\>\' /home/config-sample.xml
echo "`date +%y/%m/%d-%T`:write my interip to uranus /home/config-sample.xml"
fi
#allow uranus ip concent local port 25
echo $uranusip:allow,RELAYCLIENT=\"\">>/etc/tcp.smtp
#start memcached
/usr/local/memcached/bin/memcached -d -m 10 -p 11211 -u root
#start qmail
#service qmail start
但是这个脚本手动运行是正常的,重启后却不能取到对方内网ip。
添加debug
`ssh -v root@174.129.230.151 ifconfig |grep inet|grep -v "127.0.0.1"|awk '{print $2}'|awk -F: '{print $2}'`
查看该Instance的output
注:output会滞后,重启两次才显示上次的~~
加个key上去就OK了,
ssh -i /root/.ssh/wmokey.pem root@222.222.222.222 ifconfig |grep inet|grep -v "127.0.0.1"|awk '{print $2}'|awk -F: '{print $2}'
注意,要修改权限为600