Citrix Systems 4.2 Server User Manual


 
Chapter 15. Amazon Web Service Interface
178
4. (Optional) The AWS API listens for requests on port 7080. If you prefer AWS API to listen on
another port, you can change it as follows:
a. Edit the files /etc/cloudstack/management/server.xml, /etc/cloudstack/management/server-
nonssl.xml, and /etc/cloudstack/management/server-ssl.xml.
b. In each file, find the tag <Service name="Catalina7080">. Under this tag, locate <Connector
executor="tomcatThreadPool-internal" port= ... >.
c. Change the port to whatever port you want to use, then save the files.
d. Restart the Management Server.
Note
If you re-install CloudPlatform, you will have to make these changes again.
15.4. AWS API User Setup Steps (SOAP Only)
In general, users need not be aware that they are using a translation service provided by
CloudPlatform. They need only send AWS API calls to CloudPlatform's endpoint, and it will translate
the calls to the native API. Users of the Amazon EC2 compatible interface will be able to keep their
existing EC2 tools and scripts and use them with their CloudPlatform deployment, by specifying the
endpoint of the management server and using the proper user credentials. In order to do this, each
user must perform the following configuration steps:
Generate user credentials and register with the service.
Set up the environment variables for the EC2 command-line tools.
For SOAP access, use the endpoint http://CloudPlatform-management-server:7080/awsapi.
The CloudPlatform-management-server can be specified by a fully-qualified domain name or
IP address.
15.4.1. AWS API User Registration
Each user must perform a one-time registration. The user follows these steps:
1. Obtain the following by looking in the CloudPlatform UI, using the API, or asking the cloud
administrator:
The CloudPlatform server's publicly available DNS name or IP address
The user account's API key and Secret key
2. Generate a private key and a self-signed X.509 certificate. The user substitutes their own desired
storage location for /path/to/… below.
$ openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /path/to/private_key.pem -
out /path/to/cert.pem
3. Register the mapping from the X.509 certificate to the API/Secret keys. Download the following
script from http://download.cloud.com/releases/3.0.6/cloudstack-aws-api-register and run it.
Substitute the values that were obtained in step 1 in the URL below.