In the first article in our SystemTap series, we learned how to install the powerful diagnostic tool, SystemTap, on an AWS EC2 instance and then wrote our very first “Hello World” script. We now need to explore some of the interesting (and more useful) scripts that come with SystemTap.
Building a SystemTap target environment
To make this article easier to read, we will split it into two parts. In this post, we will provide a Red Hat Enterprise Linux 7 platform container image with Docker on an AWS EC2 instance. After the SystemTap target environment is properly built, the final part will show how to run some serious scripts on a Docker container from its EC2 host to illustrate just how useful SystemTap can be.
Installing Docker on your AWS EC2 instance
To install Docker on an AWS EC2 instance, we’ll enable the “Red Hat Enterprise Linux Server 7 Extra(RPMs)” yum repository that, by default, is disabled.
$ sudo yum repolist disabled Loaded plugins: amazon-id, rhui-lb repo id repo name rhui-REGION-rhel-server-debug-extras/7Server/x86_64 Red Hat Enterprise Linux Server 7 Extra Debug (Debug RPMs) rhui-REGION-rhel-server-debug-optional/7Server/x86_64 Red Hat Enterprise Linux Server 7 Optional Debug (Debug RPMs) rhui-REGION-rhel-server-debug-rh-common/7Server/x86_64 Red Hat Enterprise Linux Server 7 RH Common Debug (Debug RPMs) rhui-REGION-rhel-server-debug-rhscl/7Server/x86_64 Red Hat Enterprise Linux Server 7 RHSCL Debug (Debug RPMs) rhui-REGION-rhel-server-debug-supplementary/7Server/x86_64 Red Hat Enterprise Linux Server 7 Supplementary Debug (Debug RPMs) rhui-REGION-rhel-server-extras/7Server/x86_64 Red Hat Enterprise Linux Server 7 Extra(RPMs) rhui-REGION-rhel-server-optional/7Server/x86_64 Red Hat Enterprise Linux Server 7 Optional (RPMs) rhui-REGION-rhel-server-releases-source/7Server/x86_64 Red Hat Enterprise Linux Server 7 (SRPMs) rhui-REGION-rhel-server-rhscl/7Server/x86_64 Red Hat Enterprise Linux Server 7 RHSCL (RPMs) rhui-REGION-rhel-server-source-extras/7Server/x86_64 Red Hat Enterprise Linux Server 7 Extra (SRPMs) rhui-REGION-rhel-server-source-optional/7Server/x86_64 Red Hat Enterprise Linux Server 7 Optional (SRPMs) rhui-REGION-rhel-server-source-rh-common/7Server/x86_64 Red Hat Enterprise Linux Server 7 RH Common (SRPMs) rhui-REGION-rhel-server-source-rhscl/7Server/x86_64 Red Hat Enterprise Linux Server 7 RHSCL (SRPMs) rhui-REGION-rhel-server-source-supplementary/7Server/x86_64 Red Hat Enterprise Linux Server 7 Supplementary (SRPMs) rhui-REGION-rhel-server-supplementary/7Server/x86_64 Red Hat Enterprise Linux Server 7 Supplementary (RPMs) repolist: 0
We’ll use the yum-config-manager to enable the repo:
$ sudo yum-config-manager --enable "Red Hat Enterprise Linux Server 7 Extra(RPMs)"
Next, you should search for the Docker package and install it. Yum will take care of its dependencies.
$ sudo yum search docker Loaded plugins: amazon-id, rhui-lb rhui-REGION-rhel-server-extras | 2.9 kB 00:00:00 rhui-REGION-rhel-server-releases | 3.7 kB 00:00:00 rhui-REGION-rhel-server-releases-debug | 2.9 kB 00:00:00 rhui-REGION-rhel-server-rh-common | 3.8 kB 00:00:00 rhui-REGION-rhel-server-extras/7Server/x86_64/primary_db | 56 kB 00:00:00 rhui-REGION-rhel-server-extras/7Server/x86_64/updateinfo | 27 kB 00:00:00 ========================================================== N/S matched: docker ========================================================== docker-logrotate.x86_64 : cron job to run logrotate on docker containers docker-python.x86_64 : An API client for docker written in Python docker-registry.noarch : Registry server for Docker docker-registry.x86_64 : Registry server for Docker docker-selinux.x86_64 : SELinux policies for Docker docker.x86_64 : Automates deployment of containerized applications Name and summary matches only, use "search all" for everything. $ sudo yum -y install docker
Once the Docker-related packages are installed, you should enable and start the docker service.
$ sudo systemctl enable docker ln -s '/usr/lib/systemd/system/docker.service' '/etc/systemd/system/multi-user.target.wants/docker.service' $ sudo systemctl start docker $ sudo systemctl status docker docker.service - Docker Application Container Engine Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled) Active: active (running) since Wed 2015-09-16 02:02:26 EDT; 20ms ago Docs: http://docs.docker.com Main PID: 10738 (docker) CGroup: /system.slice/docker.service └─10738 /usr/bin/docker -d --selinux-enabled --add-registry registry.access.redhat.com Sep 16 02:02:00 ip-172-30-0-123.ap-southeast-1.compute.internal systemd: Starting Docker Application Container Engine... Sep 16 02:02:00 ip-172-30-0-123.ap-southeast-1.compute.internal docker: time="2015-09-16T02:02:00.179717121-04:00" level=inf...k)" Sep 16 02:02:00 ip-172-30-0-123.ap-southeast-1.compute.internal docker: time="2015-09-16T02:02:00.447391712-04:00" level=err...se" Sep 16 02:02:26 ip-172-30-0-123.ap-southeast-1.compute.internal docker: time="2015-09-16T02:02:26.342873074-04:00" level=war....10 Sep 16 02:02:26 ip-172-30-0-123.ap-southeast-1.compute.internal docker: time="2015-09-16T02:02:26.360314551-04:00" level=inf...se" Sep 16 02:02:26 ip-172-30-0-123.ap-southeast-1.compute.internal docker: time="2015-09-16T02:02:26.798683604-04:00" level=inf...t." Sep 16 02:02:26 ip-172-30-0-123.ap-southeast-1.compute.internal docker: time="2015-09-16T02:02:26.798853557-04:00" level=inf...e." Sep 16 02:02:26 ip-172-30-0-123.ap-southeast-1.compute.internal docker: time="2015-09-16T02:02:26.798869375-04:00" level=inf...on" Sep 16 02:02:26 ip-172-30-0-123.ap-southeast-1.compute.internal docker: time="2015-09-16T02:02:26.798882151-04:00" level=inf...7.1 Sep 16 02:02:26 ip-172-30-0-123.ap-southeast-1.compute.internal systemd: Started Docker Application Container Engine. Hint: Some lines were ellipsized, use -l to show in full.
In order to use Docker with the ec2-user normal user, we need to create a docker group and add ourselves in it.
$ sudo groupadd docker $ sudo usermod -aG docker ec2-user $ grep ^docker /etc/group dockerroot:x:995: docker:x:1001:ec2-user
Provisioning Red Hat Enterprise Linux 7 container with Docker
To provision our container with Docker, pull down the Red Hat Enterprise Linux 7 platform container image from Red Hat.
$ docker pull rhel7 Trying to pull repository registry.access.redhat.com/rhel7 ... 82ad5fa11820: Download complete Status: Downloaded newer image for registry.access.redhat.com/rhel7:latest
Run docker images to list the container we have downloaded.
$ docker images REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE registry.access.redhat.com/rhel7 latest 82ad5fa11820 6 days ago 158.3 MB
Let’s do a quick test to see if everything is working.
$ docker run -ti rhel7 /bin/bash Usage of loopback devices is strongly discouraged for production use. Either use `--storage-opt dm.thinpooldev` or use `--storage-opt dm.no_warn_on_loop_devices=true` to suppress this warning. [root@35f99cabc19a /]# cat /etc/redhat-release Red Hat Enterprise Linux Server release 7.1 (Maipo) [root@c8a8740808c0 bin]# df -h Filesystem Size Used Avail Use% Mounted on /dev/mapper/docker-202:2-51421425-c8a8740808c0d41b7294f6f2906543740b7a9b54791b6f5bed6a150616b18dd5 9.8G 213M 9.0G 3% / tmpfs 497M 0 497M 0% /dev shm 64M 0 64M 0% /dev/shm tmpfs 497M 20K 497M 1% /run/secrets /dev/xvda2 10G 3.6G 6.5G 36% /etc/hosts [root@c8a8740808c0 bin]#
So far so good! We are now ready to run some real troubleshooting scripts against our VMs…which we’ll describe in the final installment of this series.
If you want to learn more on Docker, this is your go-to course Introduction to Docker.
What is Cognito in AWS?
Web applications usually allow a valid username and password combination for successful sign in to the application. Modern authentication flows incorporate more approaches to ensure user authentication. When using AWS, this is no exception, thanks to the abilities and features offered b...
How To Build a Career with AWS Certifications
From Iaas and PaaS solutions to digital marketing, cloud computing reshapes the world of technology. As the influence of this technology grows, so does investment. Tens of billions of dollars are being spent on cloud computing-related services each year. This influx is continuing to inc...
The 12 AWS Certifications: Which is Right for You and Your Team?
As companies increasingly shift workloads to the public cloud, cloud computing has moved from a nice-to-have to a core competency in the enterprise. This shift requires a new set of skills to design, deploy, and manage applications in cloud computing. As the market leader and most ma...
Cloud Academy’s Blog Digest: How Do AWS Certifications Increase Your Employability, How to Become a Microsoft Certified Azure Data Engineer, and more
With everything going on right now, it's likely that the only thing you've been reading lately is related to the coronavirus pandemic. It's important to stay informed during these times, but it's also good to jump into something that can take your mind off of the current situation for j...
Which Certifications Should I Get?
As we mentioned in an earlier post, the old AWS slogan, “Cloud is the new normal” is indeed a reality today. Really, cloud has been the new normal for a while now and getting credentials has become an increasingly effective way to quickly showcase your abilities to recruiters and compan...
New on Cloud Academy: Intro to GitOps; AWS Courses; Java, Python, Amazon Linux 2, Ubuntu, & Docker Playgrounds; and much more
New Lab Playgrounds This month, our Content Team released six new "playground labs." Our playground labs provide a safe and secure sandbox environment for you to explore your own ideas, follow along with Cloud Academy courses, or answer your own questions — all without having to instal...
AWS Certifications: How Do They Increase Your Employability and Progress Your Career?
AWS certifications are no walk in the park. They’re designed to validate in-depth, specialist knowledge and comprehensive experience, often requiring months of dedicated studying to earn even for those already working with the cloud platform. But the rewards that AWS professionals ca...
Elasticsearch vs. CloudSearch: AWS Cloud Search Choices
Elasticsearch vs. CloudSearch: What's the main difference? Let's compare AWS-based cloud tools: Elasticsearch vs. CloudSearch. While both services use proven technologies, Elasticsearch is more popular, open source, and has a flexible API to use for customization; in comparison, CloudS...
Cloud Academy Content Roadmap Updates
Welcome to our Q1 2020 roadmap. This is the content we plan to build over the next three months, between February 1 - and April 30, 2020. Let's look at some of our roadmap highlights. Atlassian Bamboo for CI/CD We had a lot of requests for practical guides on how to apply DevOps tool...
New on Cloud Academy: Git Labs, CKA and CKAD Lab Challenges, AWS and Azure Learning Paths, AGILE, and Much More
We just kicked off our first Free Weekend of 2020. This means we've unlocked our Training Library for just 72 hours. Until Sunday at 11:59 pm (PST), you can get unlimited access to our industry-leading learning paths, courses, certification prep exams, and our most popular hands-on labs...
How to Encrypt an EBS Volume
Keeping data and applications safe in the cloud is one of the most visible challenges facing cloud teams in 2020. Cloud storage services where data resides are frequently a target for hackers, not because the services are inherently weak but because they are often improperly configured....