You must create and enable a cloud tunnel instance so that deployments in the Amazon EC2 VPC can communicate with the Application Services server.

About this task

Your network from Application Services to the Endpoint VM should have a minimum upload bandwidth of 1Mbps for every Amazon EC2 instance that is deployed. For faster downloads, store your applications on the Amazon Simple Storage Service instead of downloading them from the Application Services appliance over the cloud tunnel.

Prerequisites

  • Log in to Application Services as an application cloud administrator.

  • Verify that the Endpoint VM is properly set up and configured. See Configure Amazon EC2 Environment for Application Services.

  • Verify that the elastic IP address and the private IP address of the Endpoint VM are readily available.

  • Verify that the private key for the Endpoint VM is available to establish a cloud tunnel from the corporate network to the Endpoint VM.

  • Determine whether a proxy server is required to access Amazon EC2 from the network where Application Services is running.

    The proxy server or the network must permit access to the standard SSH port 22 outside the network.

  • Start the Application Services CLI. See Start the CLI Remotely.

Procedure

  1. Use the SSH client to copy the downloaded private key file for the Endpoint VM to the Application Services appliance and copy the file to the /tmp directory.
  2. In the roo shell, create a secure cloud tunnel instance.
    create-cloud-tunnel --name TunnelName --description "TunnelDescription" --enabled false --externalAddress EndpointVMElasticIP 
    --sshPort 22 --internalAddress EndpointVMPrivateIP --proxyUrl ProxyURl --username ec2-user --privateKeyPath PrivateKeyFilePath

    You can use the --sshPort parameter to designate a port other than 22. The --proxyUrl is an optional parameter that you can specify the proxy server to use to connect to the Endpoint VM.

  3. Enable the secure cloud tunnel connection.
    enable-cloud-tunnel --name TunnelName
  4. Confirm that the secure cloud tunnel connection is established.
    test-cloud-tunnel --name TunnelName

    Verifying the secure cloud tunnel connection might take a few minutes.

Results

Application Services establishes a connection to the Endpoint VM on Amazon EC2.

What to do next

Meet the virtual machine requirements and create Amazon EC2 AMIs. See Virtual Machine Requirements for Creating Amazon EC2 Custom Templates and Create Amazon EC2 Virtual Machine Templates or AMIs.

You can also manage the existing cloud tunnel connection in CLI. See Managing Cloud Tunnels.