Aspera on Demand (AoD) is a full set of Aspera's software available for deployment and use on AWS. Customers who purchase AoD normally provision a pre-packaged AoD instance in AWS. In some cases, customers want to install Aspera on an EC2 instance without launching an AoD instance. This article provides instructions on how to manually set up Aspera on an Amazon EC2 Linux instance and enable data transfer to and from S3 Storage.
This article assumes the following:
- You have an AWS account and subscribe to EC2, IAM, and S3 services
- You have created an S3 bucket
- You know how to generate an ssh key pair
- You need to be able to ssh into your AWS server as root
- Linux Kernel must be at 2.6.34 or higher. Use "uname -a" to verify
- AWS Instance Type must be m1.large or bigger
1) Create IAM role
To avoid exposing your S3 credentials, we recommend using an AWS IAM role to enable S3 storage.
a) Login to AWS Management Console as admin and create a new IAM role that has access to your S3 storage.
b) In the "Create Role" screen, select role Type: 'Amazon EC2'
c) In 'Policy Templates' select 'Amazon S3 Full Access' (the policy can be edited later)
2) Launch an EC2 Instance
a) Select an instance type that meets the system requirements. (see System Requirements above)
b) Launch an AMI using the IAM role that you created in the above step.
c) Create a Security Group that has TCP/22, TCP/33001, TCP/80, TCP/443 and UDP/33001. Depending on your implementation, additional TCP ports may be required. Please refer to your product guide for details.
3) ssh into the server as root and prepare the server
# ssh -i [customer's perm] -p 33001 ec2-user@[ec2 host IP]
# sudo su -
- Make sure local Firewall supports Aspera or is disabled. For Firewall requirements, please refer to your product guide and read this article.
- Verify /etc/hosts file contains an entry for 127.0.0.1 localhost.
- Disable SELINUX. NOTE: if done incorrectly, your system may become not bootable.
- Enable port 33001 in /etc/ssh/sshd_config.
- Create user accounts and set passwords.
4) Download product installer and run installation
Use your login credentials to download the installer(s) from our website. If you don't know your login credentials, please contact your account manager or Aspera Support at firstname.lastname@example.org.
Install Enterprise Server. For other product installation, please see the product admin guide.
# rpm -Uvh aspera-entsrv-3.x.x-linux-64.rpm
5) Point the docroot of transfer user to the S3 bucket
In this example, “xfer” is the transfer user.
# asconfigurator -F "set_user_data;user_name,xfer;absolute,s3://s3.amazonaws.com/s3-bucket-name"
6) Enable trapd
# /opt/aspera/bin/astrap-config.sh enable
7) Enable Entitlement
Once Aspera Enterprise Server is successfully installed, run the ALEE command to register the information. In example below, foo is the Customer ID and d1234567-7fac-409d-9200-e2cb1234567c the Entitlement ID. Make sure outbound TCP 443 is not blocked.
# /opt/aspera/bin/asalee-config.sh enable
# service asperanoded restart
# /opt/aspera/bin/alee-admin register foo d1234567-7fac-409d-9200-e2cb1234567c
NOTE: Faspex v.3.7.8+, Shares v.1.7.3+ and Console v.2.3.2+ have its own entitlement steps. If you installed any of these products, please see the following instructions.
To entitle Faspex v.3.7.8 or higher
# export RAILS_ENV=production
# asctl faspex:rake entitlement:config_license_server EL_KEY="d1234567-7fac-409d-9200-e2cb1234567c" EL_CUSTOMER_ID="foo"
To entitle Shares v.1.7.3 or higher
# /opt/aspera/shares/bin/run bash -c 'cd /opt/aspera/shares/u/shares && RAILS_ENV=production bundle exec rake aspera:ami:entitlement:config_license_server EL_KEY="d1234567-7fac-409d-9200-e2cb1234567c" EL_CUSTOMER_ID="foo"'
To entitle Console v.2.3.2 or higher
# cd /opt/aspera/console/
# export RAILS_ENV=production
# export PATH=/opt/aspera/common/ruby/bin:$PATH
# rake aspera:ami:entitlement:config_license_server EL_KEY="d1234567-7fac-409d-9200-e2cb1234567c" EL_CUSTOMER_ID="foo"