Category Archives: Cloud Computing

How to host a Facebook app on Heroku

Heroku is a Cloud Computing service that has recently teamed up with Facebook to provide free hosting for Facebook apps as described here.

The default instructions that issue in relation to hosting apps are somewhat brief, and don’t really describe how you migrate an existing application to Heroku, so I’ve provided a bit more detail here.

If you want to host an app on Heroku, I’d advise following these instructions, rather than choosing the Heroku hosting option when setting up your app on Facebook. It will give you a better understanding of how Facebook and Heroku work together.

Create an Heroku account:

https://api.heroku.com/signup

As part of this you will have to authenticate yourself, which requires entering Credit Card details. Nothing is charged to your Credit Card, but you do need to enter them.

Install the Heroku Toolbelt on your local system:

https://toolbelt.heroku.com/

This will install the Heroku client, the software revision tool Git, and Foreman which is a tool for running apps locally (you only need the Heroku client and Git, however).

Make sure you have an OpenSSH public/private key pair which you can use

You can create one on any Linux system using ssh-keygen, or you can download PuttyGen for Windows which will also create a key pair for you.

Login to Heroku:

Change to the directory in which you application is stored and login to Heroku

prompt> heroku login

Enter you email address and password.

You should now be prompted to upload the public part of your public/private key pair. You can also do this manually, by issuing the command:

heroku keys:add

You can then check that it is uploaded by typing

heroku keys

Once this is done, you are ready to create your application

Initialise a git repo for your application

Before creating your application in Heroku, you need to create a local git repo for it. To do this, run the following commands from the directory in which your application is stored:

git init
git add .
git commit -m "initial checkins"

This will initialise the repo, add the contents of your current directory for tracking and commit the files to the repo

Create the Heroku application

Next, you need to create a Heroku application. Type the following command:

heroku create

Heroku will respond with the name of your application

You can also view the name of your application by typing

git remote -v

Add a MySQL addon to your application

(You can not do this unless your Heroku account has been authenticated)

You need to provide a MySQL addon if your application uses MySQL. ClearDB provides a basic, free addon called Ignite

You can add this by typing

heroku addons:add cleardb:ignite

Once this is added, you can find out the login credentials and DB details by typing

heroku config | grep CLEARDB_DATABASE_URL

(This is a Linux commmand. In Windows, just type heroku config and look for the values you require.)

You can then add these to your application configuration

Import your database

Using a MySQL command line client, import your DB schema into the DB provided by ClearDB

mysql -h cleardb_hostname -u cleardb_username --password=cleardb_password -D cleardb_database_name < path _to_dump_of_your_MySQL_database

Push your application to Heroku:

You are now ready to push your application to Heroku. Just type

git push heroku master

This will push your code to the remote git repository in Heroku and launch it on the hosting service.

You should then be able to access it at the URL you obtain from the command:

heroku info --app your_app_name

Configure your Facebook application:

The final step is to configure your Facebook application so that is uses the URL provided in the previous step. The URL serves both HTTP and HTTPS.

Making changes to your code:

If you need to make a change to a code file, do the following after you have edited the file:

git commit -am "Reason for change"
git push heroku master

If you have to add a file/directory, do the following:

git add
git commit -am "Reason for change"
git push heroku master

If you have to delete a file/directory, do the following:

git rm
git commit -am "Reason for change"
git push heroku master

Heroku guide

https://devcenter.heroku.com/articles/git

Creating an IPSEC VPN between a Cisco ASA router and an Amazon EC2 VPC

Amazon Web Services provides a service whereby you can extend your corporate network into the Amazon Cloud using an IPSEC VPN. They call this Virtual Private Cloud, and its a nifty solution when you need to connect something that you can’t put in the Cloud with something that you can put in the Cloud.

The premise is quite simple.

Amazon allows you to create an IP subnet with a CIDR of your own chosing, and then creates a sort of virtual router for you that both terminates a VPN to your corporate network and provides the necessary routing table to route packets between that CIDR and your corporate network.

Once the setup is complete, the Amazon interface spurts out configuration syntax for various types of devices (Cisco, Juniper) which you then apply on your end to bring the VPN between the network to life.

Fine, except here’s the problem.

If you have a Cisco router on your side of the VPN, which you most probably do, Amazon requires that you use VTI and BGP to create the VPN.

These technologies are not available on all Cisco routers, and in particular on mid-range Cisco ASA routers, which are still in common usage around the Internet. Where these routers are used to create VPNs, they typically use the traditional “crypto map” method, which is a little less intuitive that using VTI and BGP.

So, what can you do?

Well, the good news is that it is still possible to create an IPSEC connection between your corporate network and use a CIDR of your own choosing (as opposed to the randomly allocated one that Amazon gives you when you create a server instance).

The process is as follows:

Create a VPC in the normal way, and choose your CIDR. It doesn’t matter what kind of VPC you create. When asked for the peer address on your side, give the public address of your router (although we won’t actually use this).

Create a server instance in that VPC

Create an Internet Gateway for that VPC

Allocate an Elastic IP Address for the VPC and associate with your server instance

Make sure you can connect to your instance and open a shell

Install the OpenSource IPSEC package, OpenSwan, and configure your Cisco router, as described in this post.

Make sure that this establishes a VPN between the server instance and your Cisco ASA (be careful with ACLs).

Now, go back to your VPC configuration in Amazon, and look at the route table that has been created for you. The target for your local CIDR should be “local”, and the target for everything else (0.0.0.0/0) should be your Internet Gateway (igw-something). Delete any other entries.

If you want other server instances in the VPC to use the VPN, you will have to set up local routes (to your coporate LAN CIDR) on them to route to the server instance hosting the VPN.

And that should be it.

So what is actually happening here?

Basically, you’re setting up a VPC so that you can use a CIDR of your own choosing, but then you’re replacing the VTI-dependent VPN that Amazon creates for you with an OpenSwan-Cisco ASA VPN. As such, the Amazon VPN is actually obsolete, although you will have to keep the VPC running (and pay for it) in order that you can use the CIDR of your own choosing.

The reason that many people need to choose their own CIDRs is that they are setting up permanent services, which need to have fixed ip addresses which they can create permanent routes to.

If this isn’t required for your project, and you’re happy for Amazon to change the private ip address of your server instance when it is stopped/started, you don’t need to worry about creating (or paying for) a VPC.

You can just deploy OpenSwan on your server instance and away you go.

How to clone an Amazon EC2 instance between 2 different accounts

So here’s the deal.

(note: this only applies to linux, ebs-backed instances)

Let’s say you’ve built a complex server instance under one account, and now, for whatever reason, you need that server to run under a different account.

Yes, you could go about creating an AMI, and packing that up and sharing it with the other account, but lets say this server has multiple EBS volumes attached, and has a larger data footprint than the 8GB that comes with a standard EBS instance root partition.

Not a problem. Amazon recently provided functionality to share volume snapshots with other accounts, which is an ideal way to transfer server instances between accounts.

Here’s the step by step:

1. For each of the volumes that is included in your system, including the root volume, make a snapshot

2. Update the permissions of each of those snapshots so that they are shared with the other account

3. Logout and login to the other account

4. Make sure you are in the same region as the one where the snapshots were created

5. Set the filter to Private Snapshots; the snapshots you previously shared should now appear

6. Create a volume from each of these, and make sure they are all in the same zone

7. Now, create an EBS-backed instance using the same AMI as was used to create the instance you are trying to transfer (the AMI doesn’t need to be the same if you are using Amazon Linux; again, make sure its in the same zone as the volumes you just created

8. After the instance fully deploys, stop it

9. Detach the default 8GB root volume from the instance. Attach the root volume that you created from the snapshot; attach as /dev/sda1

10. Attach all the other volumes you created from the snapshots, making sure to give them the same device names as on the original instance

11. Start the instance

12. You’re done. To connect, use the same method as on the original instance, rather than how Amazon tells you to connect.

How I solved the iPhone Restore Error 3194 problem

This is a saga, but if you’ve been tearing your hair out trying to upgrade to version 5.0 of the Apple iOS on your iPhone, its probably worth reading.
Here’s the background.
Up to Oct 2011, iPhones came installed with iOS 4. iOS 5.0 was then released, and all iPhones sold after this time were sold with iOS 5.0.
To be honest, I don’t know what the difference between iOS 4 and iOS 5 is. I needed an iPhone to test some mobile websites (I wouldn’t buy one for personal use under
any circumstances, because they’re just hand candy) and all I know is that somebody gave me an iPhone 3GS phone that they had finished with, and had it unlocked from
Vodafone so that I could use it on O2. To complete the unlock process I had to do a restore of the iPhone with iTunes, and iTunes would not let me do this unless I
upgraded to iOS 5.
And so the story begins.
When I first attempted to do the upgrade, iPhone happily started downloading the new software. The payload is approx. 700MB, so I knew  it would take a while. However,
it crapped out after approx. 50MB, so I started it again. Same thing, crapped out again, and again, and again.
I did a bit of research on this, and was told by the Apple Support web site that I should ensure I had the latest version of iTunes. My version was about 6 months old,
so I went ahead and downloaded the new version.
Now when I tried, iTunes wouldn’t connect at all to the software update server, and just crapped after waiting 30 seconds to connect.
More research.
I discovered that this was a very common problem, and one that not too many were able to resolve. The most common suggested resolution involves editing the local hosts
file on your Windows system (C:\windows\system32\drivers\etc\hosts). This is in fact a load of crap.
The reason why this is a suggested solution is because lots of people have installed Jailbreak software on their PCs. This software inserts and entry into the hosts
file so that iTunes is directed away from Apple’s software signing server when doing restores. If that hosts file entry remains, you won’t be able to contact Apple’s
signing server when you want to do a genuine restore, for a software upgrade for example, so removing the entry helps. However, for people who have never tried to
Jailbreak, this is just a waste of time. In fact, such users won’t even find the rogue entry in their hosts file.
Digging a bit deeper, I discovered that iTunes lets you load the software upgrade from a local source, by pressing the Shift key at the same time as you click Restore.
Hence, if I could get my hands on the .ipsw file (this is the file type for Apple iOS updates) that needed to be loaded, I could bypass any issues Apple was having in
connecting to the software upgrade server.
I looked around on the web for a source for such files and found this link:
http://appldnld.apple.com/iPhone4/041-8356.20111012.SQRDT/iPhone2,1_5.0_9A334_Restore.ipsw
The server, appldnld.apple.com, is located in the apple.com Top Level Domain, so I figured this was pretty safe. I opened the link in my browswer and the file started
downloading. However, after 50mbs, it crapped out again.
Not wanting to give in on this, I tried a few other things. Suspecting that maybe my local network connection was not roboust enough to deal with whatever crap was
coming out of the Apple network, I logged onto my Linux hosting server in the Amazon EC2 clould and initiated the download from there with wget. This worked a treat,
and I pulled the .ipsw file down onto the server in about 2 minutes.
I then connected to this server using Filezilla and ftp’ed the file down to my local PC. I used Filezila because it can restart failed downloads without having to
restart the download all over again, which is handy for large files like .ipsw files. Witin 30 minutes or so, I had the .ipsw file on my laptap.
Feeling certain that I had now conquered the Apple iOS 5.0 upgrade connundrum, I cranked up iTunes and used the Shift-Restore option to load the locally stored .ipsw
file. It loaded it up and unpacked it, and then told me it was going to verify the software with Apple.
Bang. Game over. An unknown error has occured (Error 3194).
Not to worry, I thought, lets see what Error 3194 means.
http://support.apple.com/kb/TS3694#error3194
Error 3194: Resolve error 3194 by updating to the latest version of iTunes. “This device is not eligible for the requested build” in the updater logs confirms this is
the root of the issue.
Excellent. An obscure meaningless error message that Microsoft would have been proud of. I really shouldn’t have expected anything else.
So back to Google for some more research, and this time I found all sorts of interesting stuff.
Apparently, since the release of the iPhone 3GS, Apple will know longer let you install operating software on your iPhone unless that software is approved by Apple.
That means that whenever you use iTunes to upgrade or restore your iPhone, iTunes will scurry off home to Apple and check that the software you are trying to load is
approved for your model of iPhone. This, it seems, is an attempt to stop people jailbreaking their iPhones, because Apple doesn’t really like people doing things with
their hardware that they don’t approve of.
Anyway, armed with this nugget of information, I contacted Vodafone to ensure that my iPhone was definitely unlocked. If Apple was refusing to allow me upgrade it, I
figured this must be something to do with the status of the handset with the mobile operator to which it was issued.
Not so. Vodafone said that as far as they were concerned the handset was unlocked, and that I would have to copy Apple for tech support.
I did as I was instructed, and was eventually put through to one of their agents to whom I described my problem. He said that Error 3194 meant that I had security
software running on my PC, which I needed to shut down. I assured him I hadn’t, and directed him to the Apple Support website which stated that Error 3194 concerned
the eligibility of phones for upgrade. He then suggested I reboot my PC. I told him I wasn’t going to do this, and that he was wasting my time.
He got a bit flustered at this and put me through to one of this supervisors. This guy seemed to know a little bit more so I explained the actions I had taken thus
far. However, when I told him that I had downloaded the .ipsw file directly from a download server, he sprang to life, and I knew I had made a mistake.
This was not possible to do, he stated, the only way to get the software was through iTunes, and the software that I was now trying to load was obviously a jailbreak
image from a 3rd party and that this was why the upgrade wasn’t working.
I tried to explain to him that the download came from within the apple.com domain, which meant it was legit, and asked why iTunes allowed you to load a locally stored
.ipsw file if it was not possible to get such a file directly from Apple.
No, he said, he worked for Apple and he knew what he was talking about.
I tried to convince him still further. I showed him that the appldnld.apple.com resolved to an IP address that was leased to Akamai Technologies, the company that
manages all of Apple’s media downloads.
No, he said, he worked for Apple and he knew what he was talking about.
At this point, I let him and off and we went through his checklist for solving software upgrade issues.
We cleared the DNS cache. No difference. We created a new user account under Windows and tried the download using that (!!). No difference. We cleared the comments out
of the Windows hosts file and rebooted (!!!!!!). No difference.
I asked him if he knew what server iTunes tried to connect to when doing upgrades, and on what TCP port, so that we could test that he independently. He didn’t know
any of these details, and seemed incredulous that he should be expected to know.
He eventually told me something to the effect that I would have to sign up with a new ISP if I wanted to upgrade my iPhone. At this point, I ended the call.
Some good did come of it, however. Having asked the question about the server iTunes connects to, I set about finding this out for myself.
I installed TCPView on my laptop, cranked up the iTunes upgrade process, and had a look at what it was connected to. I found out that it was connected to ip address
82.52.205.135 on HTTP to do the download. This ip address is leased to an Italian Telecoms company, and obviously forms part of Apple’s new iCloud product.
I also decided to see what Apple was trying to download, and looked in C:\users\garreth\AppData\Roaming\Apple Computer\iTunes\iPhone Software Updates, which is where
iTunes keeps the .ipsw files it downloads from Apple.
Here, I found a file called iPhone2,1_5.0.1_9A405_Restore.ipsw.download, which was obviously the partial download of the full .ipsw file.
Now, notice the difference in this file name the the one I originally downloaded.
iPhone2,1_5.0_9A334_Restore.ipsw
v
iPhone2,1_5.0.1_9A405_Restore.ipsw
Yes, iTunes was trying to download a newer .ipsw file that the one I had downloaded! Of course, iTunes wasn’t letting me use my .ipsw file because a newer one exists,
and Apple doesn’t allow you install older .ipsw files than the current up to date version.
Now, all I had to do was find a copy of the newer .ipsw file that I could download directly and try and load that.
I Google’ed iPhone2,1_5.0.1_9A405_Restore.ipsw and found the following link, which was again on the appldnld.apple.com server, the one that the guy in Apple support
swore blind had nothing to do with Apple and was giving me jailbroken software:
http://appldnld.apple.com/iPhone4/041-3307.20111109.5tGhu/iPhone2,1_5.0.1_9A405_Restore.ipsw
I downloaded this one in the same way as before (via my Linux server) and tried the Shift-Restore option again.
And guess what? It worked! The new iOS was loaded to my iPhone and I now have an unlocked iPhone that I can use on the O2 network.
So what do you need to know from all of this. A few things.
First of all, it is possible to load a locally stored .ipsw file into iTunes. You just need to ensure that it it the most up to date version of the iOS. The Tech
Support guys in Apple are obviously not told this, and it would probably result in them get users to do all sorts of crazy things with their PCs, which could end up in
Apple getting sued (“Woman strangles cat with computer cable while trying to upgrade iPhone” etc)
Secondly, the iCloud service that Apple has started using to distribute media is obviously very flaky. Presumably, I was directed to a server in Italy because I live
in Europe. Users in other parts of the world will no doubt have differing experience, but it certainly seems that the Italian arm of iCould is waaaaay underspec’ed.
Thirdly, you really should give serious consideration to using something other than an iPhone as your smartphone. The saga I have described above if very common in the
iPhone user population, and is unheard for Android users. I myself have an Android. I’ve updated the operating system on it twice. When it needs an upgrade, it tells
me, and I then let it download the upgrade overnight. When I get up in the morning, its done. No hassle.
Also, my hadnset manufacturer, HTC, is quite happy for me to use whatever operating system I want on my phone, which is what I’d expect, given that I paid for it and
own it. The fact that this isn’t the case with Apple should be all you need to know.

This is a saga, but if you’ve been tearing your hair out trying to upgrade to version 5.0 of the Apple iOS on your iPhone, its probably worth reading.

Here’s the background.

Up to Oct 2011, iPhones came installed with iOS 4. Thereafter,  iOS 5.0 was released, and all iPhones sold after this time were sold with iOS 5.0.

To be honest, I don’t know what the difference between iOS 4 and iOS 5 is. I needed an iPhone to test some mobile websites (I wouldn’t buy one for personal use under any circumstances, because they’re just hand candy) and all I know is that somebody gave me an iPhone 3GS phone that they had finished with, and had it unlocked from Vodafone so that I could use it on O2. To complete the unlock process I had to do a restore of the iPhone with iTunes, and iTunes would not let me do this unless I upgraded to iOS 5.

And so the story begins.

When I first attempted to do the upgrade, iTunes happily started downloading the new software. The payload is approx. 700MB, so I knew  it would take a while. However, it crapped out after approx. 50MB, so I started it again. Same thing, crapped out again, and again, and again.

I did a bit of research on this, and was told by the Apple Support web site that I should ensure I had the latest version of iTunes. My version was about 6 months old, so I went ahead and downloaded the new version.

Now when I tried, iTunes wouldn’t connect at all to the software update server, and just crapped after waiting 30 seconds to connect.

More research.

I discovered that this was a very common problem, and one that not too many were able to resolve. The most common suggested resolution involves editing the local hosts file on your Windows system (C:\windows\system32\drivers\etc\hosts). This is in fact a load of crap.

The reason why this is a suggested solution is because lots of people have installed Jailbreak software on their PCs. This software inserts an entry into the hosts file so that iTunes is directed away from Apple’s software signing server when doing restores. If that hosts file entry remains, you won’t be able to contact Apple’s signing server when you want to do a genuine restore, for a software upgrade for example, so removing the entry helps. However, for people who have never tried to Jailbreak, this is just a waste of time. In fact, such users won’t even find the rogue entry in their hosts file.

Digging a bit deeper, I discovered that iTunes lets you load the software upgrade from a local source, by pressing the Shift key at the same time as you click Restore.

Hence, if I could get my hands on the .ipsw file (this is the file type for Apple iOS updates) that needed to be loaded, I could bypass any issues Apple was having in connecting to the software upgrade server.

I looked around on the web for a source for such files and found this link:

http://appldnld.apple.com/iPhone4/041-8356.20111012.SQRDT/iPhone2,1_5.0_9A334_Restore.ipsw

The server, appldnld.apple.com, is located in the apple.com Top Level Domain, so I figured this was pretty safe. I opened the link in my browswer and the file started downloading. However, after 50mbs, it crapped out again.

Not wanting to give in on this, I tried a few other things. Suspecting that maybe my local network connection was not robust enough to deal with whatever bumpf was coming out of the Apple network, I logged onto my Linux hosting server in the Amazon EC2 cloud and initiated the download from there with wget. This worked a treat, and I pulled the .ipsw file down onto the server in about 2 minutes.

I then connected to this server using Filezilla and ftp’ed the file down to my local PC. I used Filezila because it can restart failed downloads without having to restart the download all over again, which is handy for large files like .ipsw files. Witin 30 minutes or so, I had the .ipsw file on my laptap.

(Note: hopefully you won’t have to do the step above, and have a good enough network connection to get the  .ipsw with your browser)

Feeling certain that I had now conquered the Apple iOS 5.0 upgrade connundrum, I cranked up iTunes and used the Shift-Restore option to load the locally stored .ipsw file. It loaded it up and unpacked it, and then told me it was going to verify the software with Apple.

Bang. Game over. An unknown error has occured (Error 3194).

Not to worry, I thought, lets see what Error 3194 means.

http://support.apple.com/kb/TS3694#error3194

Error 3194: Resolve error 3194 by updating to the latest version of iTunes. “This device is not eligible for the requested build” in the updater logs confirms this is the root of the issue.

Excellent. An obscure meaningless error message that Microsoft would have been proud of. I really shouldn’t have expected anything else.

So back to Google for some more research, and this time I found all sorts of interesting stuff.

Apparently, since the release of the iPhone 3GS, Apple will no longer let you install operating software on your iPhone unless that software is approved (signed) by Apple. This basically applies to everything other than the most up to date version of the iOS. Apple doesn’t want you loading older versions, because some of these let you do things that Apple doesn’t want you to do.

That means that whenever you use iTunes to upgrade or restore your iPhone, iTunes will scurry off home to Apple and check that the software you are trying to load is approved for your model of iPhone. This, it seems, is an attempt to stop people jailbreaking their iPhones, because Apple doesn’t really like people doing things with their hardware that they don’t approve of. As noted above, this is why jailbreaking software directs you away from Apple’s signing server, gs.apple.com.

Anyway, armed with this nugget of information, I contacted Vodafone to ensure that my iPhone was definitely unlocked. If Apple was refusing to allow me upgrade it, I figured this must be something to do with the status of the handset with the mobile operator to which it was issued.

Not so. Vodafone said that as far as they were concerned the handset was unlocked, and that I would have to copy Apple for technical support.

I did as I was instructed, and was eventually put through to one of their agents to whom I described my problem. He said that Error 3194 meant that I had security software running on my PC, which I needed to shut down. I assured him I hadn’t, and directed him to the Apple Support website which stated that Error 3194 concerned the eligibility of phones for upgrade. He then suggested I reboot my PC. I told him I wasn’t going to do this, and that he was wasting my time.

He got a bit flustered at this and put me through to one of this supervisors. This guy seemed to know a little bit more so I explained the actions I had taken thus far. However, when I told him that I had downloaded the .ipsw file directly from a download server, he sprang to life, and I knew I had made a mistake.

This was not possible to do, he stated, the only way to get the software was through iTunes, and the software that I was now trying to load was obviously a jailbreak image from a 3rd party and that this was why the upgrade wasn’t working.

I tried to explain to him that the download came from within the apple.com domain, which meant it was legit, and asked why iTunes allowed you to load a locally stored .ipsw file if it was not possible to get such a file directly from Apple.

No, he said, he worked for Apple and he knew what he was talking about.

I tried to convince him still further. I showed him that the appldnld.apple.com resolved to an IP address that was leased to Akamai Technologies, the Edge Caching company that facilitates all of Apple’s media downloads.

No, he said, he worked for Apple and he knew what he was talking about.

At this point, I let him and off and we went through his checklist for solving software upgrade issues.

We cleared the DNS cache. No difference. We created a new user account under Windows and tried the download using that (!!). No difference. We cleared the comments out of the Windows hosts file and rebooted (!!!!!!). No difference.

I asked him if he knew what server iTunes tried to connect to when doing upgrades, and on what TCP port, so that we could test that independently. He didn’t know any of these details, and seemed incredulous that he should be expected to know.

He eventually told me something to the effect that I would have to sign up with a new ISP if I wanted to upgrade my iPhone. At this point, I ended the call.

Some good did come of it, however. Having asked the question about the server iTunes connects to, I set about finding this out for myself.

I installed TCPView on my laptop, cranked up the iTunes upgrade process, and had a look at what it was connected to. I found out that it was connected to ip address 82.52.205.135 on HTTP to do the download. This ip address is leased to an Italian Telecoms company, and obviously forms part of Apple’s new iCloud product, or maybe one of Akamai’s Edge servers.

I also decided to see what Apple was trying to download, and looked in C:\users\garreth\AppData\Roaming\Apple Computer\iTunes\iPhone Software Updates, which is where iTunes keeps the .ipsw files it downloads from Apple.

Here, I found a file called iPhone2,1_5.0.1_9A405_Restore.ipsw.download, which was obviously the partial download of the full .ipsw file.

Now, notice the difference in this file name the the one I originally downloaded.

iPhone2,1_5.0_9A334_Restore.ipsw

v

iPhone2,1_5.0.1_9A405_Restore.ipsw

Yes, iTunes was trying to download a newer .ipsw file that the one I had downloaded! Of course, iTunes wasn’t letting me use my .ipsw file because a newer one exists, and Apple doesn’t allow you install older .ipsw files than the current up to date version.

Now, all I had to do was find a copy of the newer .ipsw file that I could download directly and try and load that.

I Google’ed iPhone2,1_5.0.1_9A405_Restore.ipsw and found the following link, which was again on the appldnld.apple.com server, the one that the guy in Apple support swore blind had nothing to do with Apple and was giving me jailbroken software:

http://appldnld.apple.com/iPhone4/041-3307.20111109.5tGhu/iPhone2,1_5.0.1_9A405_Restore.ipsw

UPDATE Sep 2012: Latest image is:

http://appldnld.apple.com/iOS5.1.1/041-6051.2012.0525.Cvby7/iPhone3,1_5.1.1_9B208_Restore.ipsw

I downloaded this one in the same way as before (via my Linux server) and tried the Shift-Restore option again.

And guess what? It worked! The new iOS was loaded to my iPhone and I now have an unlocked iPhone that I can use on the O2 network.

So what do you need to know from all of this. A few things.

First of all, it is possible to load a locally stored .ipsw file into iTunes. You just need to ensure that it it the most up to date version of the iOS. The Tech Support guys in Apple are obviously not told this, and it would probably result in them get users to do all sorts of crazy things with their PCs, which could end up in Apple getting sued (“Woman strangles cat with computer cable while trying to upgrade iPhone” etc)

Secondly, you really should give serious consideration to using something other than an iPhone as your smartphone. The saga I have described above if very common in the iPhone user population, and is unheard of for Android users. I myself have an Android. I’ve updated the operating system on it twice. When it needs an upgrade, it tells me, and I then let it download the upgrade overnight, directly to the handset using WIFI. When I get up in the morning, its done. No hassle.

Also, my handset manufacturer, HTC, is quite happy for me to use whatever operating system I want on my phone, which is what I’d expect, given that I paid for it and own it. The fact that this isn’t the case with Apple, explained here, should be all you need to know.

Amazon EC2 Documentation confusion

I recently received a notification from Amazon EC2 to the effect that one of my server instances was running on degraded hardware, and that if I didn’t take action, this would result in loss of the instance.

The Cloud Computing service offered by Amazon EC2 is a great service, but it does throw up new challenges that do not exist in more traditional hosting environments. The tendency for server instances to simply ‘disappear’ is one of them, and you need to have your Cloud Computing setup well organised to ensure that disappearing instances don’t adversely impact on your business.

In this case, I was advised that if my instances was EBS-backed, all I had to do was stop and start my instance and that this would migrate my instance to stable hardware.

I try to use EBS-backed instances for all my servers in Amazon EC2, so this seemed like a fairly straightforward solution.

However, when I consulted the advisory link that Amazon provided in the relevant email, I was a little less certain. This states:

If an instance reboots (intentionally or unintentionally), the data on the instance store will survive.

However, under the following circumstances the data in the instance store will be lost:

o Failure of an underlying drive.

o Running an instance on degraded hardware.

o Stopping an Amazon EBS-backed instance.

o Terminating an instance.

To me, that suggested that if I stopped an EBS-backed instance, I may incur some data loss. That didn’t fit with my previous experience of using EBS-backed instances, which I’ve stopped and started frequently, without issue.

Any way, I went ahead and did the stop/start and everything worked out fine, which left me wondering what the warning was about.

The answer is this.

Whenever you deploy an Amazon EC2 instance, whether it is EBS-backed or Instance Store-backed, it comes with ephemeral storage. What differentiates an EBS-backed instance from an Instance Store-backed instance, is the nature of its root volume, not the totality of its storage.

That means that you can have an EBS-backed instance with an EBS root volume, but which might use ephemeral storage for other purposes, or in other words, and EBS-backed instance doesn’t mean that this instances uses only EBS storage.

This is the situation in the document referenced above. If you have an EBS-backed instance that uses its allocated ephemeral storage, and you stop/start that instance, the data on the ephemeral storage will be lost.