I have put together a task list of what I would like to test with the Amazon AWS infrastructure and so far I have gotten my web server running with EBS. Also the volume bundling and instance creation has been tested a few times. The system has been running quite ok for the past two weeks. It has been interesting to view the error log on Apache, people searching for example the page for phpmyadmin…

Anyway, the next thing I would want to test is to get some kind of monitoring in place. I have some experience with Nagios so I took that route and installed it on the basic m1.small instance using these instructions which got me a clean installation of Nagios. I could then add a host definition of this site and the service which to monitor (http).

I did use the public interface (elastic IP) since it is the only static ip I own. This is, though, the first implication of the problems related to running monitoring system in cloud. With Amazon AWS, you can get by default, five elastic IPs. That will not get you too far, but of course 20 instances is the maximum amount of instances by default anyway, but I have understood more can be purchased if there is a need. How do you deal with the instances that don’t have an elastic IP? You could get around this problem by creating all your instances with a VPN connection and then registering those ips, but well… does not sound too easy.

And then there is the actual alerting when something goes wrong. It’s kind of difficult to have the monitoring server to send SMS messages since it’s impossible to connect a physical device to a virtual machine. I will try installing Skype on the monitoring server and then use Skype to actually send the SMS onwards, but it will still use Internet while on its way to Skype SMS gateway. If there is a connection problem somewhere, the message will not reach me. I should also consider the reliability of the VM running Nagios, which is best effort by most. The system should be clustered using some method, but have to see how Nagios supports this. Oh, and by the way, there has been a few cases when the elastic IP address block (the whole /17) has been blacklisted for spam which in effect stops you from receiving the alerts with email.

To summarize, if I would have the option, I would not run monitoring in Amazon or any other Cloud Computing facility. I would have it the old way – physical – and enjoying the pleasure of firmware upgrades and power failures and all the good stuff.

Pauli Haikonen