Tech Note 0025

Amazon Web Services

Setting up ExpeDat/SyncDat servers on Amazon EC2 instances

ExpeDat and SyncDat software can be installed on AWS EC2 instances just like any other Linux or Windows system.

This article is about installing stand-alone DEI software on EC2 instances.  For information about our AMI backed AWS Marketplace offerings, see our CloudDat for AWS product.

Choosing an Instance Type

AWS bandwidth is a shared resource.  Larger instance sizes with a higher "Network Performance" rating will more often receive a larger share of AWS bandwidth.  As with all AWS resources, performance will vary.  Below are the maximum upload speeds and numbers of concurrent uploads to be expected for each instance type, assuming your local and storage bandwidth are sufficient.

Instance Type Max Upload Max S3 #
c5n.large 1 Gbps 4
c5n.xlarge 2 Gbps 8
c5n.2xlarge 3 Gbps 16
c5n.4xlarge 5 Gbps 32
c5n.9xlarge 5 Gbps 64
c5n.18xlarge 5 Gbps 128
Regions without support for c5n may use c5.

Speeds are based on encrypted uploads over the internet to S3 storage.  AWS throttles EC2 internet bandwidth to 5 gigabits per second per instance.  Use multiple instances for faster total bandwidth.

Memory (RAM) can become a factor when running a high capacity server (16 or more) with many active S3 uploads transfers.  For high capacity servers, consider using a larger instance size to provide adequate memory for S3 buffering.  Filesystem transfers, such as EBS and instance storage, do not require extra memory.

Filesystem performance will be highest for local instance (ephemeral) storage.  EBS (Elastic Block Storage) filesystems are normally limited to a few hundred megabits per second, but you can achieve high speeds by provisioning your storage as an EBS-Optimized volume.

Performance will also be influenced by all of the factors which normally affect a computer system.  See the ExpeDat performance documentation for details as well as the remainder of this Tech Note.

Firewall

When installing servedat on EC2, you will need to open UDP port 8080 in the firewall.  This can be done by modifying the "Security Group" after the initial setup.

Security Group
  1. In the EC2 management console, click "Security Groups".
  2. Select the group assigned to your EC2 instance.
  3. In the frame below, select the "Inbound" tab.
  4. Click Edit.
  5. In the "Edit inbound rules" dialog, click "Add Rule".
  6. In the "Type" pop-up menu, select "Custom UDP rule".
  7. Enter a port range of "8080" (assuming you are using the default ExpeDat or SyncDat server port).
  8. For general client use, set Source to "Anywhere 0.0.0.0/0".
  9. Click "Save".

For general information about firewalls, see Tech Note 0002.

Choosing an Operating System

Linux systems will provide the best network performance.  See Tech Note 0004 for minimim requirements.  CloudDat is optimized for installation on Amazon Linux 2.  See Tech Note 0035 for general information about Linux performance tuning.  The following sections focus on tuning for Linux within the AWS environment.

Linux System Authentication

The default Amazon Linux AMI does not assign a password to user accounts.  If you wish system users to authenticate to servedat, you must create a password for each.

While logged on as an administrative user, use the command "sudo passwd username".  For example, to create a password for the default user account:

sudo passwd ec2-user

For general information about system user authentication, see the servedat "System Authentication" manual page.

Linux File Cache

When writing to filesystem storage, such as EBS or instance, Linux's file caching policy may cause severe performance problems if not adjusted.  By default, Linux delays writing data to storage until at least 10% of RAM is filled and will freeze all storage access for flushing when 20% of RAM is filled.  For instances with large amounts of RAM, this can cause gigabytes of data to build up resulting in long periods of impaired performance or even loss of network connectivity.

For example, a c5n.4xlarge instance has 42 gigabytes of RAM and may cache up to 8.4 gigabytes of file write data.  Even at an EBS-optimized rate of 4000 megabits per second of EBS bandwidth, the instance may freeze I/O for 18 seconds whenever that threshold is reached.

To ensure consistent performance, it is best to limit Linux write caching by adding the following lines to /etc/sysctl.conf:

vm.dirty_background_bytes=125000000 vm.dirty_bytes=250000000

For those changes to take effect, you must either reboot or type the following commands:

sudo sysctl -w vm.dirty_background_bytes=125000000 sudo sysctl -w vm.dirty_bytes=250000000

Linux UDP Buffers

The linux kernel limits UDP buffers to sizes which are not appropriate for modern high-speed networks.

If you install the servedat server with sufficient privileges, it will automatically adjust the buffer sizes each time the service starts.

To permanently correct the UDP buffer limit for both clients and servers, add the following lines to /etc/sysctl.conf:

net.core.wmem_max=8388608 net.core.rmem_max=8388608

For those changes to take effect, you must either reboot or type the following commands:

sudo /sbin/sysctl -w net.core.wmem_max=8388608 sudo /sbin/sysctl -w net.core.rmem_max=8388608

See Tech Note 0024 for more about operating system UDP limitations.

Network MTU

Larger EC2 instance sizes are capable of multigigabit speeds, but the AWS network infrastructure limits the MTU to 1500 on internet paths and 9000 on internal paths.  To avoid potential IP fragmentation on fast internet paths, add the following to /etc/servedat.cf when installing the server:

MaxDatagram 1408

If your instance will be primarily communicating with other EC2 instances in the same region using private IP addresses, or with systems on a Direct Connect path supporting jumbo frames, you may achieve better performance by removing this setting.  See Tech Note 0005 for details.

Network Speeds

Amazon does not guarantee any particular level of network speed, but the following guidelines generally apply:

Performance will also be influenced by all of the factors which normally affect a computer system.  See the ExpeDat performance documentation for details.

License Binding

Traditional host identifiers and IP addresses are not persistent in EC2 and cannot be used for MTP license binding.  Instead, the following options are available for EC2 hosted software:

See Tech Note 0007 for more details about host binding options.

Note that if you subscribe to CloudDat from AWS Marketplace, no host binding is required as the software is automatically billed by AWS.

More

AWS may change EC2 specifications at any time, and additional setup steps may be required when installing host-bound software on an EC2 instance.  Make sure to discuss EC2 details with your DEI representative prior to deployment.

Tech Note History

Jan272022CloudDat 1.20A performance updates
Apr282021Instance type updates, new Linux section
Mar182019Network MTU
Mar142019Updated instance types
Oct182018Updated performance statistics
Jan292018Linux File Cache
Apr172017CloudDat
Oct072014Updated Everything
Jul232014Updated UDP
Oct302013Marketplace
Elastic IP
Feb062013EBS-Optimized
Oct132011Utilization
May042011Updated Firewall
Apr222011Changing Type
Mar232011Instance ID
Dec072010Choosing
Nov172010First Post