# Hosting AzerothCore via Amazon AWS Preface: The goal with this guide is for it to be mostly via a command line. There is also the [AWS Console](https://aws.amazon.com/console/) that some will find more intuitive, however, for guide longevity (as the AWS Console UI may change) the aws-cli tool will be recommended. Also included will be grep commands to receive only the required output. If the entire output is desired simply remove the `| grep` and everything after it. ------ [TOC] ------ ## Prerequisites These tools are required as rest of the tutorial will be done via a bash enabled command line: - [Amazon AWS Account](https://portal.aws.amazon.com/billing/signup#/start) - [Git](https://git-scm.com/downloads) - [Python](https://www.python.org/downloads/) - make sure to check that this is added to PATH if using windows ------ ## AWS-CLI ### Installing AWS-CLI Firstly verify that python & its included pip tool are correctly setup : ```bash python --version && pip --version ``` This should return both the python and pip version. If not then correctly install python and link it to the PATH. Now that python is installed install aws-cli via: ```bash pip install awscli --upgrade ``` Verify that awscli correctly installed by entering `aws --version`. If it didn't install correctly refer to [this](https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-install.html#install-post) to troubleshoot depending on your computer's operating system. ### Configuring AWS-CLI An access Key and ID will be required. This can be found at [AWS Security Credentials](https://console.aws.amazon.com/iam/home#/security_credentials) and selecting the Access Keys > Create New Access Key button. **Keep this key safe as it can be used to perform any actions on an AWS account**. It is considered best practice to allow access via an [IAM User](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_users.html), especially if AWS privilege will be shared with anyone else. Once the Key has been obtained use it to give credentials to aws-cli using the command: ```bash aws configure ``` Insert the ID and Key into their corresponding fields. For the default region name insert `us-east-1` and for the default output format insert `table`. Another server now may be found with the command: ```bash aws ec2 describe-regions --output table ``` Use the `ping` command plus the various endpoints to test latency to the regions. After an appropriate server has been found run `aws configure` again and enter the new region. ### Creating a Key-Pair Before any server instances are created a [key-pair](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html) will be required. This key-pair will be used to validated access to the EC2 instances it is affixed to. Create a new key-pair via: ```bash aws ec2 create-key-pair --key-name AzCore-KP --query 'KeyMaterial' --output text > ~/AzCore-KP.pem ``` The key-pair will be saved into the $HOME directory. Make sure to keep this newly created `AzCore-KP.pem` file safe as **this file cannot be remade** after it is created. If the key-pair is lost after linking it to any EC2 instances they will need to be remade with a new key-pair. The key-pair is used to SSH into the instance and there are no ways to remove access from the key-pair without ultimately deleting the EC2 instance! Before the key-pair can be used the permissions must be set with : ```bash chmod 400 ~/AzCore-KP.pem ``` ### Creating a VPC *Note: While AWS provides a default VPC that will work fine. The information required for making an entirely new VPC for this guide will be provided incase the default VPC for whatever case isn't available or working. It simultaneously acts as deeper delve into AWS and its networking features.* Creating a VPC for the region using: ```bash aws ec2 create-vpc --cidr-block 172.32.0.0/16 | grep -Po "(vpc)-[a-zA-Z0-9]*\s" ``` This should output the vpc-id. Save this as it will be required later. Also needed is the command: ```bash aws ec2 modify-vpc-attribute --enable-dns-hostnames --vpc-id $VPC_ID ``` ### Creating a Subnet A Subnet is required to be linked with the VPC using: ```bash aws ec2 create-subnet --cidr-block 172.32.0.0/20 --vpc-id $VPC_ID | grep -Po "(?. Run `sudo apt-get update && sudo apt-get upgrade` before installing dependencies and update security patches. ### Uploading Data file to Server Download the [newest_data.zip](https://mega.nz/#F!Am4DBKCR!o9Qj_xFLfsg4sczqg0xq2A) and unzip it and its subfolders. Next `cd` into the folder where it is located and perform the command: ```bash tar zcfv ~/data.tar.gz newest_data/ ``` This will zip the file into a tar.gz file. Now to upload it to the server using ```bash scp -i "~/AzCore-KP.pem" ~/data.tar.gz ubuntu@$PublicDnsName:$CMAKE_INSTALL_PREFIX/data ``` This can take a while depending on upload speed. The $CMAKE_INSTALL_PREFIX will be the path to where the server is installed not the cloned git repository which is `~/azeroth-server/` by default. Now untar it with: ```bas tar xfv $CMAKE_INSTALL_PREFIX/data.tar.gz --strip-components=2 ``` It should now be unpacked into `$CMAKE_INSTALL_PREFIX/data/` Alternatively, borrowed from [stackoverflow](https://stackoverflow.com/a/49444877) and with much better download performance: ```bash #!/bin/bash fileid="12XIh3rqm3ukpSKQtMop44U4XCYb6kdda" filename="data.tar.gz" curl -c ./cookie -s -L "https://drive.google.com/uc?export=download&id=${fileid}" > /dev/null curl -Lb ./cookie "https://drive.google.com/uc?export=download&confirm=`awk '/download/ {print $NF}' ./cookie`&id=${fileid}" -o ${filename} ``` Run `nano $CMAKEINSTALL_PREFIX/data/` and save this script as a .`sh` file in the data directory and perform `chmod -x $filename.sh` to make it executable. The script will download a repackaged [newest_data](https://mega.nz/#F!Am4DBKCR!o9Qj_xFLfsg4sczqg0xq2A) from a Google Drive [upload](https://drive.google.com/open?id=12XIh3rqm3ukpSKQtMop44U4XCYb6kdda). *note: I recommend verifying the SHA256 Checksum values match between the mega upload and google drive upload. If not the files are not tampered with or changed.* ### Database Setup Enter into MySQL using `sudo mysql`. A username and password will be needed to access the database. ```sql GRANT ALL PRIVILEGES ON *.* TO 'username'@'localhost' IDENTIFIED BY 'password'; ``` The .conf files will need to be edited with the newly chosen username and password described [here](http://www.azerothcore.org/wiki/Installation#4-setting-the-configuration-files). ### Kswapd issue *Note: If running on a more powerful instance this step is likely irrelevant. For the t2.micro instance with 1GB of ram this step is required.* As a learning exercise after compilation run a ` top -oh %MEM` and attempt to launch the world server. It will eventually reach a hang-up and the server will become unresponsive. Notice the process taking up a majority of memory is `kswapd`. The `kswapd` process is used whenever the systems memory usage reaches a threshold and then it offloads the memory into a storage. The default swap image, however, does not allocate enough resources to run the the world server so a new one is needed. [Various solutions to this issue can be found here.](https://askubuntu.com/questions/178712/how-to-increase-swap-space) The guide will be using the `dd` [method](https://askubuntu.com/a/178726): ```Bash #Creates 3GB swap image and sets up a swap area sudo dd if=/dev/zero of=/media/fasthdd/swapfile.img bs=1024 count=3M sudo mkswap /media/fasthdd/swapfile.img #Opens editer with sudo permissions at /etc/fstab sudo nano /etc/fstab # Add this line to /etc/fstab /media/fasthdd/swapfile.img swap swap sw 0 0 #Activate the swap image swapon /media/fasthdd/swapfile.img ``` ### Connecting to the server Find the instances Public IP address which can be found with `aws ec2 describe-instances`. Enter the `PublicIpAddress` into your `acore_auth` realmlist table. More connection information can be found [here](http://www.azerothcore.org/wiki/Installation#8-connecting-to-the-server). ------ ## Disclaimer ​ Many best practices have not been followed in lieu of guide brevity and general ignorance on internet security. Some things to be known and that should be done if planning to allow anyone access to your server include: - [Adding an IAM User for anyone who needs AWS access.](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_users_create.html) *Don't allow someone to run 100 instances to mine bitcoins... keep in mind that payment information is stored to create an account and AWS charges per server hour used!* **Be safe.** - AWS Free Tier allows **750** instance hours meaning 750/24 = 31.25 Days. *Only one instance non-stop can be ran for a month without paying and the free tier only lasts for 12 months after account creation. Don't get unintentional charges. You've been warned!* - Generally, don't allow another user SSH or admin privileges until some research on how to secure Linux and don't allow anyone root privileges. Only allow users the least privileges required. Your safety is in your hands, good luck!