Launching AWS VM using Morpheus

Recently, our friends at Learnful Labs reached out to us for assistance with spinning up VMs using Morpheus on the Canarie cloud: DAIR. In this article, we will provide an overview of the basics of using the Morpheus UI and go over the steps needed to get your first VM on AWS through Morpheus.

The first thing we need to do is create a SSH key that will be used to help log onto our VMs in AWS. When you use install your SSH key into Morpheus you can log into the VMs without supplying a password.

Configuring SSH keys

Create your SSH key with the following command:

ssh-keygen -t rsa -m PEM -C "yourname@example.org" -f morpheus
Screenshot of ssh-keygen

Log into the morpheus dashboard and select ‘Keys and Certs’ from the Infrastructure menu.

In the Key and Certs screen, click on the ‘Add’ button to create a new key pair.

Enter in Name

Under both Public Key and Private Key, select ‘Browse’ and select the key.pub file for public key and the non pub file for private key.

Click on Save Changes

Configure User Credentials

The next step is to configure the user credentials that will be installed into the VM. Select the ‘User Settings’ located on the pull down next to your log in name.

Enter in a default username, password and select your newly added SSH key you just installed in the previous step.

Configure Security Groups

Security groups act like a firewall to only allow certain traffic into and out of the cloud network. Often, policies should be defined with the least amount of traffic permitted to the VMs. For example, only allow your IP address to SSH to the VM and don’t use global address (0.0.0.0/0). This will help mitigate the number of SSH brute force attacks to your VM.

To configure your Security Groups, select ‘Network’ from the Infrastructure menu.

Click on the name of the Security Group associated to AWS-Canada

Click on ‘Add Rule’ and add a rule to allow SSH to our VM. You will need to know your public IP address. This can be found by googling ‘What is my IP address’.

Enter in the following:

Name: SSH
Direction: ingress
Rule type: Custom Rule
Protocol: TCP
Port range: 22
source type: network
Source: enter your public IP address
Destination type: network
Destination: enter the CIDR of AWS (in our case 10.1.0.0/16)

Click on ‘Save Changes’ when you are done.

Your rule will now be installed.

Provisioning VM Instance

After completing the above steps, we can now move onto spinning up our VM. We will use the wizard provided from the morpheus dashboard to help us create the VM.

Select ‘Instances’ from the Provisioning menu.

Click on ‘Add’ to start the Wizard.

On the first screen select ‘Ubuntu’ and click on Next.

Next set the fields to match the screenshot below.

Now we need to configure our VM instance. We will use the latest version of Ubuntu (20.04) and a T2.Micro EC2 instance. Under ‘Resource Pool’ select your project name. Select one of the AWS networks, for us we had the option of az1 or az2. Since we are testing out our VM we just select az1 but if you require high availability you will need to set up VMs in both availability zones. This will be discussed in another post. The Security Group should be the same as the one we configured above. Make sure to select ‘Assign EIP’ to ensure your VM receives a public IP address. Once this screen has been configured click on ‘Next’

For the automation screen, just leave everything as a default and click on ‘Next’. You can review your settings but there isn’t much to change at this point. Click on ‘Complete’ to start the process of spinning up a new VM.

Accessing VM

After a few minutes, your VM should be ready. You may have to click refresh on the provisioning instance page. Once your VM is ready, you will see a public IP address available.

To see if the VM is running we can ping it from our terminal.

salim@factory127:~/Dev/dair$ ping -c 4 35.183.149.232
PING 35.183.149.232 (35.183.149.232) 56(84) bytes of data.
64 bytes from 35.183.149.232: icmp_seq=1 ttl=48 time=37.2 ms
64 bytes from 35.183.149.232: icmp_seq=2 ttl=48 time=39.0 ms
64 bytes from 35.183.149.232: icmp_seq=3 ttl=48 time=35.2 ms
64 bytes from 35.183.149.232: icmp_seq=4 ttl=48 time=42.3 ms
--- 35.183.149.232 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3004ms
rtt min/avg/max/mdev = 35.179/38.403/42.255/2.603 ms
salim@factory127:~/Dev/dair$

Once we are able to ping we can SSH into our VM now.

salim@factory127:~/Dev/dair$ ssh -i morpheus salim@35.183.149.232
Welcome to Ubuntu 20.04 LTS (GNU/Linux 5.4.0-1009-aws x86_64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage
System information as of Sat Aug 29 15:30:07 EDT 2020System load: 0.0 Processes: 107
Usage of /: 9.7% of 19.32GB Users logged in: 0
Memory usage: 34% IPv4 address for eth0: 10.1.0.14
Swap usage: 0%
111 updates can be installed immediately.
49 of these updates are security updates.
To see these additional updates run: apt list --upgradable
Last login: Sat Aug 29 15:28:02 2020 from 99.253.58.27
salim@lamp-01:~$

Final thoughts

We have gone through the steps now to install our credentials, configure some network security and spin up a VM. You are now free to install your applications on the VM to get going with your projects.

This process may seem lengthy and I may have forgotten to include a step. Feel free to fire off a message if you need help.

Credits

Shout out to Yasin Dahi for helping compose this post.

Founder of Factory 127, an Industry 4.0 company. Specializing in cloud, coding and circuits.