Installation by install.sh

Install and configure components

Install the packages:

# apt-get update
# git clone https://github.com/openstack/ec2-api.git
# cd ec2-api

Run install.sh

The EC2 API service gets installed on port 8788 by default. It can be changed before the installation in /etc/ec2api/ec2api.conf configuration file.

Configuring EC2-API.

The services afterwards can be started as binaries:

$ /usr/local/bin/ec2-api
$ /usr/local/bin/ec2-api-metadata

or set up as Linux services.

Create the ec2api service API endpoints:

$ openstack endpoint create --region RegionOne ec2api \
  public http://controller:XXXX/
$ openstack endpoint create --region RegionOne ec2api \
  admin http://controller:XXXX/
$ openstack endpoint create --region RegionOne ec2api \
  internal http://controller:XXXX/
  • where ‘controller’ is address your ec2api is installed on

  • and ‘XXXX’ is port (8788 by default)

Configuring OpenStack for EC2 API metadata service

EC2 metadata is built in between the nova-metadata and the neutron-metadata, so we need to configure Neutron so that it sends requests to ec2-api-metadata, not to the nova.

To configure OpenStack for EC2 API metadata service for Neutron add:

[DEFAULT]
nova_metadata_port = 8789

to /etc/neutron/metadata_agent.ini for legacy neutron or to neutron_ovn_metadata_agent.ini for OVN

then restart neutron-metadata service.

If you want to obtain metadata via SSL you need to configure neutron:

[DEFAULT]
nova_metadata_protocol = https
# in case of self-signed certs you may need to specify CA
auth_ca_cert = /path/to/root/cert/if/self/signed
# or skip certs checking
nova_metadata_insecure = True

And then you’ll be able to get EC2-API/Nova metadata from neutron via SSL. Anyway metadata URL inside the server still be http://169.254.169.254