How do I get the latest AppScale image in AWS EC2?

You can find the latest AppScale AMI here. For a complete list of regular and FastStart AMIs visit our GitHub releases page.

How do I get the latest AppScale image in GCE?

In the Google Cloud Platform console, go to Images under Compute Engine, and create a new image with the following settings:
Name: “appscale”, Source: “Cloud Storage file”, Cloud Storage file: “appscale-images/latest/appscale.tar.gz”


How do I get the latest AppScale image for Vagrant/VirtualBox?

You can create a Vagrant/VirtualBox configuration file by running:
appscale init appscale/releases

What about security in AppScale?

AppScale manages the firewall on each machine of a deployment. This allows AppScale to only open ports that are required for its operation. AppScale leverages iptables in the underlying system, and provides facilities for the administrator to allow or deny basic access to functionalities (for example the AppScale dashboard could be made accessible only from certain IPs).

How do I setup a network rule suitable for AppScale in AWS?

Since AppScale manages the firewall directly, the easiest way is to setup a network rule with all the ports open. To do so:

from the AWS console
- select the EC2 service
- select the Security Groups
- create a new security group with the following settings: Group name: 'appscale', Description: 'AppScale default security group', VPC: 'No VPC'. Add two rules to the security group: 'All TCP / TCP / 0 - 65535 / Anywhere /' and 'All UDP / UDP / 0 - 65535 / Anywhere /'.


from the command line (AWS Docs)
- create a new security group:
aws ec2 create-security-group --group-name 'appscale' --description 'AppScale default security group'
- add the network rules:
aws ec2 authorize-security-group-ingress --group-name appscale --protocol tcp --port 1-65365 --cidr
aws ec2 authorize-security-group-ingress --group-name appscale --protocol udp --port 1-65365 --cidr

How do I setup a network rule suitable for AppScale in GCE?

Since AppScale manages the firewall rules directly, the easiest way is to setup a network rule with all the ports open. To do so:
- login to the google developer console
- go to the Networking section under Compute and select Firewall rules
- create a new firewall rule with the following settings: Name: 'appscale', Network: choose 'default' or create a new network, Source filter: 'Allow from any source (', Allowed protocols and ports: 'tcp:1-65535;udp:1-65535'


What if I don't want to make a generic network rule with all ports open?

The ports that need to be accessible to an AppScale deployment are:
- TCP 22: this is the SSH port, and it's needed to gain access to the nodes;
- TCP 80 and 443: those are the default HTTP and HTTPS ports. Highly recommended to have them open, although not necessary if your application doesn't use them;
- TCP 8080-8100 and 4380-4400: those are ports that will be used in a FIFO manner when multiple applications are deployed. Are needed only if/when you have/want more applications running here. There are other ports that make it easy to control/debug an AppScale deployment but they are not necessary for normal operation. You can check in /root/appscale/firewall.conf (link to github page?) for the reserved ports. AppScale requires all ports open amongst the nodes of its own deployment. Usually this is easily achieved in public networks when instances belong to the same security group.

How do I install AppScale Tools?

Requires pip.
pip install appscale-tools

Mac OS X
Requires homebrew.
brew install appscale-tools

How do I create and customize my AppScalefile?

AppScale is configured using an AppScalefile. The AppScale Tools initially use the AppScalefile to understand the deployment layout (i.e. where the login node is, how many database nodes there are, where they are, etc.), and subsequently to start and manage the deployment.

An AppScalefile is created after running the fast-start script. For more samples of the AppScalefile, click here and here.

For a full list of AppScalefile options, you can run the command:

appscale init cluster

and look into the newly created AppScalefile.

How do I login as root?

Need to SSH into an AppScale-ready instance as root? What's your infrastructure?


Navigate to the VM instances page under Compute Engine, and click SSH next to your instance, like so:
GCE_SSH and then run:
sudo -i


ssh -i </path/to/key/used/to/start/instance> <username>@<public_instance_IP>
sudo -i


ssh -i </path/to/key/used/to/start/instance> ubuntu@<public_instance_IP>
sudo -i


vagrant ssh #password: vagrant
sudo -i


SSH into the instance as any user you have access to and then run:
sudo -i

How do I set up password-less SSH?

Log into the head node as root.

Create an SSH key if there isn't one present with:
ssh-keygen -t rsa
Optionally provide the file to save the keys and a passphrase. Press Enter to go on with the default settings (/root/.ssh/id_rsa.pub).

Copy the contents of this public SSH key in /root/.ssh/authorized_keys on all virtual machines of the same AppScale deployment.

AppScale AdminAppScale Technical FAQs