GEOG 865
Cloud and Server GIS

Logging in to your instance


Now that your site has been created and started, you can get ready to log in to the instance and start working with your software. Some of these steps will be similar to what you did in Lesson 1, but please follow them closely.

  1. Log in to the AWS Management Console, navigate to the EC2 region where you built your site in Cloud Builder (probably N. Virginia), and click Security Groups.

    When Cloud Builder created your EC2 instance it also created a security group for that instance. You might remember from Lesson 1 that you need to add a rule to this security group allowing Remote Desktop connections through port 3389.
  2. Click the name of the security group that Cloud Builder created. The name will have the format arcgis-<site name>.
  3. In the lower panel, click the Inbound tab and click the Edit button.
  4. Click Add Rule, and add a rule of type RDP.
  5. Choose My IP from the Source dropdown list and click Save. With some internet service providers your IP address changes frequently so you may need to repeat this procedure if you ever find that remote connections are failing.
  6. Open Windows Remote Desktop Connection.
  7. In Remote Desktop Connection, click the Options button > Local Resources tab > More button and ensure that the box for Drives is checked, then click OK. This will permit you to copy data from your machine on to the remote machine (in this case, your Amazon EC2 instance).
  8. Log in to the AWS Management Console and follow the procedure you learned in the previous lesson to allocate a new elastic IP address (using Elastic IPs > Allocate New Address).
  9. Associate your new elastic IP address with the EC2 instance that Cloud Builder created (remember you can do this via Actions > Associate Address). You'll be able to identify this instance because it is called <site name> - SITEHOST.

    The above step is necessary because instances in a VPC by default are not visible for login through remote desktop connections on the public web. Associating an elastic IP with your instance gives you an address you can log into. This is why you see a warning when you associate your address; it's telling you that your instance will be visible for login (by someone who has the name and password).

    You will need perform this step and reassociate this elastic IP every time you start your site after it has been stopped.

    In addition to the elastic IP you just created, Cloud Builder places an Amazon Elastic Load Balancer (ELB) in your site. The ELB acts as a single front-end to your site, its address never changes and it can direct traffic into as many machines as you have participating in the site.

    You'll notice this ELB name when you examine the Manager URL closely. However, you can't use the ELB to remote desktop into your site, that's why we made the Elastic IP.
  10. In the AWS Management Console, click the Instances link on the left side. From the list of instances, right-click your instance name (remember, it is called SITEHOST) and click Get Windows Password.
  11. Browse to the key pair file that you saved in Lesson 1 and decrypt the password, just like we did in the previous lesson.
  12. In Remote Desktop Connection, under the General tab, type or paste the elastic IP address of your SITEHOST instance into the Computer input box.
  13. In the User name input box, type Administrator, then click the Connect button.
  14. In the Password input box, carefully type or paste the password you decrypted, then proceed with logging in.

    Notice that Amazon gives you a pretty strong password for this instance, but it's not one you're liable to remember easily. You should change the administrator password once you've logged in.
  15. On your instance (not your own computer), click Start (Windows button) > Administrative Tools > Computer Management and follow the same steps we did in the previous lesson to change the Administrator password. Go back and look at the steps if necessary. Do not skip this step, because you want to have a password you can remember and not the real complex one supplied by Amazon.

    The password rules are fairly stringent; please see them in the image in Figure 2.1, below.

     Screen capture of the Password Security Settings box
    Figure 2.1: Password Security Setting

Disabling IE ESC

As a security precaution, it's usually not a good idea to go around browsing the web from your production server machine. To do so is to invite malware intrusions onto one of your most sensitive computers. The operating system on your instance, Windows Server 2012, enforces this by blocking Internet Explorer from accessing most sites. This is called IE Enhanced Security Configuration (ESC).

IE ESC gets burdensome when you're using the server solely for development or testing purposes like we are. To smooth out the workflows in this course, you'll disable IE ESC right now and leave it off for the duration of the course.

  1. Start Windows Server Manager by clicking the icon that looks like a server In the left hand side of your Windows taskbar.
  2. Click Local Server.
  3. Scroll over to the right and find IE Enhanced Security Configuration. Click the On link to access the options for turning it off.
  4. Select Off for both users and administrators and click OK.

Licensing ArcGIS for Desktop

Finally, you must license any Esri software that you cause to run on Amazon EC2, including any software that is installed with Cloud Builder. When you went through Cloud Builder you provided ArcGIS Server license information, therefore you don't have to go through the Software Authorization wizard for ArcGIS Server. However, you still have to authorize ArcGIS for Desktop so that you can use ArcMap and ArcCatalog on the instance. You will use an evaluation code that your instructor has sent you.

Do the following steps (luckily they only have to be performed once):

  1. Visit the ArcGIS for Desktop 10 Education Edition site and log in with an Esri Global Account (if you don't have a global account, please create one. You will need it later in this course.)
  2. Paste your ArcGIS for Desktop student authorization number into the page where prompted and click Submit. This is the code beginning with EVA... that is posted in a class list on the Student Downloads page, which is located in the Course Resources section of the Course Introduction module in Canvas.
  3. Now, in your Remote Desktop session, click the shorcut ArcGIS Administration.
  4. Highlight the Desktop folder, select Advanced (ArcInfo) Single Use and click Authorize Now.
  5. Choose I have installed my software and need to authorize it and click Next.
  6. Choose Authorize with Esri now using the Internet and click Next.
  7. Continue through the wizard and supply your contact information as requested. Eventually you will be prompted to enter your evaluation code (EVA...) and finish the wizard. This should allow you to now open programs such as ArcMap on your instance. Do not choose to license any extensions; they will be licensed automatically because you are using an evaluation version of the software.

You're now ready to begin working with your EC2 instance.

Remember that if you are going away for more than an hour, you should stop your instance using Cloud Builder. The next time you start your site and attempt to remote desktop in, you'll need to reassociate the elastic IP as described in the steps above. Get used to this procedure because you will be doing it often.

Most of the other steps above just need to be performed a single time. For example, you do not need to re-license the software each time you log in to the instance, nor do you need to adjust the security groups unless your IP address has changed.