Anka on AWS EC2 Macs
This guide is also valid for the Anka 3/mac2.metal/Apple processor (M1, M2, etc) EC2 instances.
Customers often find that purchasing and managing their own hardware can become a burden. This is why we recommend using AWS EC2 Mac instances to run the Anka Virtualization software.
With Anka installed on your AWS EC2 Mac instance, you can run ephemeral macOS VMs as well as optimize the instance cost by running more than one at a time. Visit our site and Amazon’s blog for more information about AWS EC2 Mac and Anka.
There are three options available for you to use Anka with AWS EC2 Mac instances:
- macOs pre-configured/optimized + Anka installed
- Provides an hourly billing option for Anka based on the uptime of your EC2 Mac instance
- macOS pre-configured/optimized + Anka installed
- With these AMIs, you will be able to use your own Anka License.
Note: You must request a dedicated mac* host in order to run EC2 Mac instances. There is a known delay requesting, stopping, and starting EC2 Mac instances as the dedicated host must clean itself each time an instance stops on it.
Marketplace AMI
In order to get started using our Marketplace AMIs you have four options:
- Intel + Basic License : Product Page
- Intel + Enterprise License : Product Page
Other than the hourly price, there is a list of features that differ between the two.
You can find a full list of products available on the AWS marketplace by visiting https://veertu.com/aws-marketplace. Or, once subscribed, you can find and launch instances from the marketplace AMIs on the Manage Subscriptions page.
Marketplace AMIs are charged on an hourly basis and don’t need an Anka License.
You can create custom AMIs from the Marketplace AMI and the license for Anka will continue to work and attach to your existing marketplace subscription.
Usage
To get up and running with our AWS EC2 Mac instances using our Marketplace AMI, you’ll need to navigate to one of the Marketplace AMI Product URLs listed above and go through the process of subscribing. Take a look at the official AMI Subscription documentation to understand how to subscribe.
Once subscribed, you can start launching AMIs.
(Optional) Automatically join to the Anka Build Cloud Controller using User Data:
This step requires that you first set up the Anka Build Cloud.
IMPORTANT: Amazon confirmed that Terminating from the AWS console/API does not properly send SIGTERMs to services and wait for them to stop. This prevents our cloud-connect script from automatically disjoining with
ankacluster disjoin
before AWS pulls the plug. Therefore, we recommend executing thesudo launchctl unload -w /Library/LaunchDaemons/com.veertu.aws-ec2-mac-amis.cloud-connect.plist
command before termination of the instance.User Data ENVs
For user-data, don’t use
;
,&&
or any other type of separator between envs.If you pass in user-data with the exports all on one line, and have non ANKA_ ENVs you’re setting, the
cloud-connect.bash
service we run on instance start/boot will source/execute them. We recommend you split exports and user-data onto separate lines to avoid this.ANKA_CONTROLLER_ADDRESS
Full URL for the Anka Build Cloud Controller.
- REQUIRED
- Must be in the following structure:
http[s]://[IP/DOMAIN]:[PORT]
.
ANKA_JOIN_ARGS
Allows you to pass in any “Flags” from
ankacluster join --help
.- Optional
ANKA_REGISTRY_OVERRIDE_IP + ANKA_REGISTRY_OVERRIDE_DOMAIN
Allows you to set the registry IP address and domain in the
/etc/hosts
file.- Optional
- Use 1: if your corporate registry doesn’t have a public domain name, but does have a public IP.
- Use 2: if you want the EC2 mac mini to pull from a second registry that’s hosted on EC2 instead of a local corporate one (AWS -> AWS is much faster).
ANKA_LICENSE
If not already licensed, the cloud-connect service will license Anka using this ENV’s value.
- Optional
- Only used with Community AMI.
- Only available in >= 2.5.4 AMIs.
- You can also update invalid/expired licenses with this (requires a reboot).
- Starting in AMIs with a macOS version greater than 12.2.1: The Fulfillment ID output from
anka license activate
, which is used for releasing cores, is logged to your Cloud Controller > Logs section in the “AWS Cloud Connect Service”.
ANKA_USE_PUBLIC_IP
This will determine whether the instance/node is joined using the public ipv4. Otherwise, it will default to the local/private ipv4.
- Optional
ANKA_CONTROLLER_API_CERT / _KEY / _CA | ANKA_REGISTRY_API_CERT / _KEY / _CA
The script which handles joining to your controller has a few calls to the controller as well as the registry APIs. If you’re protecting your APIs with TLS and Certificate Authentication, you can set the certs to use with these ENVs.
- Optional
Manual Preparation
By default all of our AMIs have a cloud-connect agent which on boot will join your AWS instance to the Anka Build Cloud controller automatically with user data ENVs you set. This is issuingankacluster join
under the hood. Once joind, the agent which runs and communicates with the Anka Build Controller does its best to determine the proper IP to use for the node. On AWS the interfaces are loaded at different times and orders and often you’ll end up with an IP assigned to the node which cannot be used for communication. To solve this, you’ll want to setANKA_JOIN_ARGS
with--host {IP HERE}
in the user data for the AWS instance. You can find all available flags/options for the join command here.
Our AMIs attempt to do the majority of preparation for you, however, there are several steps you need to perform once the instance is started:
- Set password with
sudo /usr/bin/dscl . -passwd /Users/ec2-user {PASSWORD HERE}
Some of our older AMIs (2.5.7 or older) set a default password tozbun0ok=
. We no longer do that in AMIs by default for security reasons. It is unsafe to continue to use the default password we set. You can change it withsudo /usr/bin/dscl . -passwd /Users/ec2-user zbun0ok= {NEW PASSWORD HERE}
- You now need to VNC in and log into the ec2-user (requirement for Anka to start the hypervisor):
open vnc://ec2-user:{NEWPASSWORDHERE}@{INSTANCEPUBLICIP}
.
Amazon EBS volumes can be very slow even when you max iOPS, etc. Because of this,anka create
and other processes can take very long times or outright fail (Apple’s installer is sensitive to disk IO). We recommend that you “pre-warm” the EBS volume by runningdd if=/dev/random of=testfile bs=1g count=$(($(df -h | grep "/$" | awk '{print $4}' | grep -oE "[0-9]+")-2))
on the host right after it starts. Additionally, pre-warmed volumes stay warmed – no need to rundd
after periods of inactivity on the AWS instance.
You can see how we generate these AMIs in our open source repo: https://github.com/veertuinc/aws-ec2-mac-amis.
Logs
/var/log/resize-disk.log
/var/log/cloud-connect.log
Licensing
The Marketplace AMI does not require a license. You are charged hourly for the usage through the AWS marketplace. Anka marketplace AMIs are available with Anka Basic and Anka Enterprise Tier features. For more details on Basic and Enterprise Tier, check out our documention.
Anka Build Cloud automated setup scripts
We have a script that will set up both a Linux instance with the Anka Build Cloud Controller & Registry. You can find it under our Getting Started repo’s AWS folder.
Clone the getting-started repo
git clone https://github.com/veertuinc/getting-started.git cd getting-started
Execute
./AWS/prepare-build-cloud.bash
- Running this script will create everything necessary inside of AWS to run the Anka Build Cloud. This includes a security group, elastic IP, etc.
The script can be run locally from your local macOS laptop with an existing AWS credential, region set, etc. These scripts have not been tested on linux.
Community AMI
Our BYOL Community AMIs are useful if you’d like to bring your own existing Anka license. They both have all of the same configuration changes, optimizations, and Anka inside. The difference is that Anka is unlicensed.
You can find a list of currently available Community AMIs below:
Name |
---|
anka-build-3.2.0.153-macos-13.0-arm64 |
anka-build-3.1.1.152-macos-12.6-arm64 |
anka-build-3.0.1.144-macos-12.5.1-arm64 (deprecated) |
anka-build-2.5.7.148-macos-12.4 |
Usage
To get up and running with our AWS EC2 Mac instances using our BYOL Community AMI, you’ll need to:
Have an AWS mac1 (intel) or mac2 (arm/apple/m1) dedicated host ready.
Have an Anka license.
Licensing
When you first license Anka, keep track of the fulfillment ID as you’ll need this to release the cores and use the license on a fresh machine.
The Anka Develop license type will not work on AWS EC2 Macs.
Stopping and starting the instance does not impact the Anka licenses validity, even if you start the instance on a different dedicated machine.
Before terminating an instance, you will need to remove the Anka license first and then contact Veertu support (support@veertu.com) to clear the fulfillments
Anka Build Cloud automated setup scripts
We have two scripts that will set up both a Linux instance with the Anka Build Cloud Controller & Registry as well as an EC2 Mac instance (Anka Node) to run VMs. This relies on our Community AMI and you will need to have an Anka License. You can find them under our Getting Started repo’s AWS folder.
Clone the getting-started repo
git clone https://github.com/veertuinc/getting-started.git cd getting-started
Execute
./AWS/prepare-build-cloud.bash
- Running this script will create everything necessary inside of AWS to run the Anka Build Cloud. This includes a security group, elastic IP, etc.
Execute
./AWS/prepare-anka-node.bash
Requires that you first run
prepare-build-cloud.bash
.Running this script will create everything necessary inside of AWS to run an EC2 Mac instance. You’ll be prompted for the Anka license to use if the ANKA_LICENSE env variable is not set.
Both scripts can be run locally from your local macOS laptop with an existing AWS credential, region set, etc. These scripts have not been tested on linux.
Build your own AMI
Building your own AMI is easy! You can review our AMI scripts to see how we do it.
Some important notes about creating your own AMI:
- Be sure that the minimum EBS volume specs are gp3, 6000IOPS, and 256 throughput. Anka VM creation is sensitive on slow disks and will likely fail.