Amazon Web Services (AWS) and its Elastic Compute Cloud (EC2) have found a lot of followers in the Hyperion space. A few of the many benefits are flexibility to start up multiple instances within mere seconds, usage as a service reduces costs, hardware maintenance through Amazon, save snapshots of images to test changes and revert back if needed, and many more.
Development of Hyperion applications on the cloud has gained a lot of trust, especially as it makes it possible to jump start an implementation while the IT department might still be in the purchasing and setup cycle. We've been using this in various situations at MindStream Analytics. A common approach to access servers on the cloud is via Remote Desktop connection, however, by default there is a limitation to only 2 connections at a time. With more than 2 developers or testers, this will obviously cause difficulties. A great way to get around this is to open up the ports for the web components of Hyperion to access applications via the Internet browser on the local computer and thus no need to use a Remote Desktop Connection.
Four configuration steps are required:
1) Create Security Group
2) Open ports for applications to be published
3) Launch instance and assign security group
4) Configure Windows Firewall to open ports
Create Security Group
Security Groups can be maintained on the EC2 tab. They appear underneath the Network & Security section.
Create a Security Group which you will be using for the Hyperion Server.
Open ports for applications to be published
In order to access applications on the Amazon Cloud from a local web browser or other client tool, the relevant ports need to be opened. This can be done as part of a Security Group. Switch to the Inbound tab where you will see the following screen.
As a first step we will grant access to the server for a Remote Desktop connection (RDP). Select "RDP" from the drop-down list, then click on "Add Rule" and "Apply Rule Changes". This will assign the rule to the Security Group and thus opens the RDP port for access from the outside world.
Now add two more rules: HTTP (port 80) and a Custom TCP rule for port 19000 (which is commonly used for Workspace). Our Security Group now looks like this:
Launch instance and assign security group
Now launch your Hyperion image on a new instance and assign the created Security Group during the configuration process of the Request Instance Wizard.
Configure Windows Firewall to open ports
Log on to the server and configure the Windows Firewall to accept connections at the required ports. This can be done via Control Panel > Windows Firewall. Click on Change Settings.
The Windows Firewall Settings window comes up. Switch to the Exceptions tab and click on "Add Port…"
Type in a meaningful name and the port number (protocol is usually TCP):
Verify that the Exception has been added.
This is all that needs to be done from a setup perspective. Go to the Instances screen and click on your running instance. The lower section of your screen lists information to determine the IP address through which the server is available.
In the example you can see above, the server can be reached via IP address 220.127.116.11. If Hyperion Workspace is listening at port 19000, you can access it from any browser at http://18.104.22.168:19000/workspace/index.jsp .
Note: the instance I started up for this blog post has been shutdown again. Therefore, the above URL will not work (unless someone else is using the exact same server instance with the same address, has Hyperion running and opened the ports). Be aware that a setup like this has advantages and disadvantages. Especially if you are dealing with sensitive information on the cloud server, you should find out about the risks of using publicly available servers.
Feel free to contact us at MindStream Analytics to help you answer specific questions about your needs around Hyperion on the Cloud