Have your ever wanted to create an ARK: Survival Evolved server that is hosted on AWS, but don't know how to?
Amazon Web Services (AWS) offer a wide varirey of services that provide on-demand cloud computing platforms to individuals, companies and governments, on a paid subscription basis. We will be using a couple services, but primarily Amazon Elastic Compute Cloud (EC2). EC2 allows users to rent virtual computers on which to run their own computer applications.
- Creating an EC2 Instance
- Allocating an Elastic IP
- Configuring SSH Client
- Preparing Linux
- Installing & Configuring Firewalld
- Installing SteamCMD
- Downloading ARK
- Creating Update Script
- Creating Start Script
- Configuring ARK Server
- Installing & Configuring RCON Client
- Creating CLI Start/Stop Controls
You will need the following:
- Amazon Account
- Steam Account
- Payment Method
- ARK Survival Evolved
- SSH Client
- RCON Client
Head over to the AWS Console and create an account if you don't already have one.
Once signed into the Console, click on Services then EC2.
Please Note: If you created a new Amazon account it may take up to 24 hours to fully activate.
Once in the EC2 Dashboard, click on Launch Instance.
Now let's create an Instance. I have also included what I selected.
AMI: Amazon Linux 2
This is where you select an AMI. An AMI is a template that contains the software configuration (operating system, application server, and applications) required to launch your instance.
Make sure to select Amazon Linux 2. This guide is for that specific AMI.
Instance Type: m5.xlarge
This is where you select the instance type. Amazon EC2 provides a wide selection of instance types optimized to fit different use cases. Instances are virtual servers that can run applications. They have varying combinations of CPU, memory, storage, and networking capacity, and give you the flexibility to choose the appropriate mix of resources for your applications. You can view the EC2 pricing for each instance type here.
Configure Instance:
This is where you configure the instance to suit your requirements.
| Component | Value |
|---|---|
| Number of Instances | 1 |
| Purchasing Option | False |
| Network | Default |
| Subnet | No Preference |
| Auto Assign Public IP | Disable |
| Placement Group | False |
| IAM Role | None |
| Shutdown Behaviour | Stop |
| Enable Termination Protection | True |
| Monitoring | False |
| EBS-Optimised Instance | True |
| Tenancy | Shared |
Add Storage:
This is where you configure your instance's storage settings.
| Size (GiB) | Volume Type | Delete on Termination |
|---|---|---|
| 10 | General Purpose SSD | True |
If you set Delete on Termination to true, when terminating an instance, the volume will also be terminated.
Add Tags:
This is where you configure your instance name. You can configure other stuff here but that isn't important.
| Key | Value | Instances | Volumes |
|---|---|---|---|
| Name | YOUR SERVER NAME HERE | True | False |
Configure Security Group:
This is where you configure network traffic by adding rules. A security group is a set of firewall rules that control the traffic for your instance. On this page, you can add rules to allow specific traffic to reach your instance.
| Component | Value |
|---|---|
| Assign a Security Group | Create a new security group |
| Security Group Name | YOUR SECURITY GROUP NAME HERE |
| Desciption | YOUR SECURITY GROUP DESCRIPTION HERE |
| Type | Protocol | Port Range | Source | Description |
|---|---|---|---|---|
| SSH | TCP | 22 | Custom: YOUR PUBLIC IP HERE | SSH Access for Admin |
| Custom UDP Rule | UDP | 27015 | Anywhere | Query Port for Steam Server Browser |
| Custom UDP Rule | UDP | 7778 | Anywhere | Raw UDP Socket Port |
| Custom UDP Rule | UDP | 7777 | Anywhere | Game Client Port |
| Custom TCP Rule | TCP | 27020 | Custom: YOUR PUBLIC IP HERE | RCON for Remote Console Server Access |
Please Note:
- SSH: When inserting an IP Address as the source, you are allowing that IP Address to access your instance using SSH. If you want to allow more people to have SSH Access, simpily create a new rule (with the same settings) and change the source to the public IP Address of the person you wish to give access to. Keep SSH Access to the minimum. Ideally, the Owner should be the only person with backend access to the instance.
- RCON: When inserting an IP Address as the source, you are allowing that IP Address to access the ARK server (not the instance) using an RCON client. An RCON client is used to manage the ARK server (not the instance). It can perform actions like kicking and banning players. Server Admins/Mods will require RCON Access. If you want to allow more people to have RCON Access, simpily create a new rule (with the same settings) and change the source to the public IP Address of the person you wish to give access to. You may also want to include the name of the person you are giving access to, in the description.
- When you save the security group, any rules with the source set to Anywhere, will be cloned, and the source will be slightly different. For example, after saving, port 7778, will have 2 rules. One with the source set to 0.0.0.0/0 and the other with the source set to ::/0. This is normal and is nothing to worry about.
Review:
This is where you review the instance's launch details. Double check everything is correct and fix any errors. Once the instance's launch details have been checked, click Launch to assign a key pair and complete the launch process.
Please Note: A key pair is a key file that allows you to securely SSH into your instance. Without the key file you CANNOT SSH into your instance. You CANNOT change the selected key pair after the instance has been launched. Make sure to backup this file!
Select Create a new key pair, then give it a name and download the file.
Once you have downloaded the key file, select Lanuch Instance.
So we just created an EC2 Instance where our ARK: Survival Evolved server will be hosted. The EC2 Dashboard is where all your instances are listed. You can perform actions like Starting, Stopping, Rebooting and Terminating from here. You can also view instance and monitoring information.
Firstly, what is an Elastic IP and why do we need one? An Elastic IP address is a static IPv4 address designed for dynamic cloud computing. An Elastic IP address is associated with your AWS account. If you don't use an Elastic IP on your instance, everytime the instance is stopped and started the IPv4 Public IP will change.
Please Note: Elastic IPs are totally free, as long as they are being used by an instance. However, Amazon will charge you $0.01/hr for each Elastic IP that you reserve and do not use. You will also be charged if you ever remap an Elastic IP more than 100 times in a month.
In the EC2 Console, select Elastic IPs under Network & Security on the side panel.
Click on Allocate new address.
Ignore the following page and simpily select Allocate. We won't be using AWS Command Line Interface (CLI) to allocate this Elastic IP.
Once you have selected Allocate it will display your Elastic IP. Click on Close.
Now you should see your Elastic IP in the list. Make sure it is selected and click on Actions at the top. Then select Associate Address.
Then fill out the information for your instance.
Then finally, click on Associate.
If you want to delete your Elastic IP or stop using it, simpily select the Elastic IP then go to actions and select Deassociate Address. Then select Release Address. Your Elastic IP should then be removed from the list.
An SSH client is a software program which uses the secure shell protocol to connect to a remote computer.
Please refer to this article to download and configure your SSH client.
Connect to your instance using your SSH client.
Firstly, let's escalate to the root user.
$ sudo su
Then we'll update Linux to the latest version available.
# sudo yum update
Simpily respond with y to continue with the installation.
Next we are going to create a user account named steam to run SteamCMD safely, isolating it from the rest of the operating system. Steam does not recommend you run SteamCMD while operating as the root user - to do so is a security risk. The -m syntax creates a home directory for the new user.
# useradd -m steam
The next step is optional but I usually set passwords for all the accounts on the instance.
# sudo passwd root
# sudo passwd ec2-user
# sudo passwd steam
We are going to install and configure firewalld so we can open the necessary ports for the server to function.
Make sure you are still logged into the root user.
If not, escalate to the root user.
$ sudo su
Now we are going to install firewalld and it's required dependencies.
# sudo yum install firewalld
Once the dependencies have been resolved you will be asked: Is this okay.
Simpily respond with y to continue with the installation.
Now we need to enable the firewalld service and reboot the server.
# sudo systemctl enable firewalld
# sudo reboot
Please Note: After executing the reboot command you may need to manually stop and start your EC2 instance.
Make sure to log back into the root user.
Escalate to the root user.
$ sudo su
Once the instance has been rebooted, we are going to check that firewalld is running.
# sudo firewall-cmd --state
running
Now we need to open the necessary ports for the server to function correctly.
These ports include:
- UDP 7777
- UDP 7778
- UDP 27015
- TCP 27020
You may have noticed that these are the exact same ports that had to be opened in the instance security group.
Let's open these ports.
# sudo firewall-cmd --permanent --add-port=7777/udp
success
# sudo firewall-cmd --permanent --add-port=7778/udp
success
# sudo firewall-cmd --permanent --add-port=27015/udp
success
# sudo firewall-cmd --permanent --add-port=27020/tcp
success
Now let's reload firewalld.
# sudo firewall-cmd --reload
success
Once reloaded, we can list all the ports to double check that they have been added correctly.
# sudo firewall-cmd --permanent --list-ports
7777/udp 7778/udp 27015/udp 27020/tcp
Look's good!
Firewalld is now installed and configured.
Now we need to install SteamCMD. This is where we will get the ARK Survival Evolved server files from.
Make sure you are still logged into the root user.
If not, escalate to the root user.
$ sudo su
Now we will change to the steam home directory.
# cd /home/steam/
Let's install a couple dependencies so SteamCMD can be installed correctly.
# yum install glibc.i686 libstdc++.i686
Once the dependencies have been resolved you will be asked: Is this okay.
Simpily respond with y to continue with the installation.
Switch to the steam user.
# su - steam
Create a directory for all the Steam files to be stored.
$ mkdir ~/Steam/
$ ls -la
You should now see a Steam folder.
Change to the Steam folder.
$ cd Steam
Now we are going to dowmload and extract SteamCMD for Linux.
$ curl -sqL "https://steamcdn-a.akamaihd.net/client/installer/steamcmd_linux.tar.gz" | tar zxvf -
Time to download ARK Survival Evolved server files.
Launch SteamCMD.
$ ./steamcmd.sh
ARK requires you to login with a Steam Account. Make sure to change [username] to your Steam username and remove [].
> login [username]
Next enter your password.
If Steam Guard is activated on the user account, check your e-mail for a Steam Guard access code and enter it. This is only required the first time you log in (as well as when you delete the files where SteamCMD stores the login information).
You should see a message stating that you have successfully logged in with your account.
Now we are going to set our app install directory. This is where all the server files will be kept.
> force_install_dir ./home/steam/Steam/server_files/
Now we are ready to install.
> app_update 376030 validate
Please Note: 376030 is the ID for ARK.
SteamCMD should now be installing ARK. This may take a while so be patient.
Once finished, we can quit SteamCMD.
> quit
So your going to need a way to update your server. We'll do this with an update script.
Let's check what directory you're currently in.
$ pwd
If you're not currently in /home/steam/Steam/ then move to that directory, using the cd command.
We are going to create a new file with a text editor called vi.
Create a new file called update_server.
$ vi update_server
If you don't know the basics for vi, I recommend you read this article.
The text editor should have opened.
Make sure you're in command mode, then type :set paste. This will put the editor into paste mode so you can copy and paste the update script.
Press i to go into insert mode. Then copy and paste this update script.
update_server
login anonymous
force_install_dir ./server_files/
app_update 376030
quit
Once pasted, you can exit insert mode by pressing Esc.
Finally, save the file with :wq.
When you want to update the server, run this command.
$ ./steamcmd.sh +runscript update_server
Make sure you're in the directory with the update script and SteamCMD when executing that command.
The start script is going to be slightly different from the update script. We are going to make it so when the EC2 instance has been started the ARK server will automactically start. This means you don't have to SSH into the instance everytime you want to start the server.
We are going to use a program called systemd. Systemd can be configured to automatically start the ARK server when the system boots.
Let's logout of the steam user so we can use the root user.
$ exit
Systemd should already be installed on your EC2 instance.
Let's check what version of systemd is installed.
# systemctl --version
I was using version 219 at the time of writing this guide.
Firstly, we need to create a service file in this location /etc/systemd/system/.
Switch directory to /etc/systemd/system/.
# cd /etc/systemd/system/
Now we need to create the service file. We will be using vi again.
# vi ark.service
We are going to use paste mode again. Make sure you're in command mode, then type :set paste.
Press i to go into insert mode. Now copy and paste this script.
ark.service
[Unit]
Description=ARK: Survival Evolved Server
Wants=network-online.target
After=syslog.target network.target nss-lookup.target network-online.target
[Service]
ExecStartPre=/home/steam/Steam/steamcmd.sh +login anonymous +force_install_dir /home/steam/Steam/server_files +app_update 376030 +quit
ExecStart=/home/steam/Steam/server_files/ShooterGame/Binaries/Linux/ShooterGameServer TheIsland?listen?SessionName=[server_name] -server -log
WorkingDirectory=/home/steam/Steam/server_files/ShooterGame/Binaries/Linux
LimitNOFILE=100000
ExecReload=/bin/kill -s HUP $MAINPID
ExecStop=/bin/kill -s INT $MAINPID
User=steam
Group=steam
[Install]
WantedBy=multi-user.target
Enter command mode by pressing Esc.
Let's turn off paste mode by typing :set nopaste.
Press i to go back into insert mode and change [server_name] to your desired server name and remove [].
Go back into command mode by pressing Esc, then you can save the file with :wq.
Activate the new service so it starts automatically when the host boots.
# sudo systemctl enable ark
Now that the service has been activated, we need to start it.
# systemctl start ark
Enable Service
# sudo systemctl enable ark
Disable Service
# sudo systemctl disable ark
Start Service (starts server)
# systemctl start ark
Stop Service (stops server)
# systemctl stop ark
View Service Status
# systemctl status ark
Reload Daemon
# systemctl daemon-reload
Please Note: If you make changes to the ark.service file you need to reload the daemon to ensure that you changes are applied.
It's time to configure your ARK Server.
The server has a wide variety of configuration options that control its behavior and adjust many aspects of the game. These are options that can only be set at server startup.
We can find our configuration files in this location /home/steam/Steam/server_files/ShooterGame/Saved/Config/LinuxServer
Make sure you are logged into the root user.
If not, escalate to the root user.
$ sudo su
Switch to the steam user and change the directory to the location of the configuration files.
# su - steam
$ cd /home/steam/Steam/server_files/ShooterGame/Saved/Config/LinuxServer
You should see 8 configuration files.
$ ls -la
| File Name |
|---|
| Compat.ini |
| DeviceProfiles.ini |
| Engine.ini |
| Game.ini |
| GameUserSettings.ini |
| Input.ini |
| Lightmass.ini |
| Scalability.ini |
Thankfully, we only need to worry about 1 of these files.
- GameUserSettings.ini
When the files are blank the server automatically uses the default settings and values. You can configure the other 7 files however, they will not be covered in this guide. You only need to configure the other files if you want to override the default values.
The GameUserSettings.ini file contains options for both the game client and the game server. Options for the game client are not used by the server. Server options are specified in the section labeled [ServerSettings], which is usually located at the bottom of the file.
This file is very easy to create. Use this GameUserSettings.ini generator.
Once you have finished selecting your settings, click on Create File.
Copy the configuration file from the website and download a local backup copy.
Open the GameUserSettings.ini file.
$ vi GameUserSettings.ini
Make sure you're in command mode, then type :set paste. This will put the editor into paste mode so you can copy and paste the configuration file.
Press i to go into insert mode. Then copy and paste your configuration file.
Once pasted, you can exit insert mode by pressing Esc.
Finally, save the file with :wq.
You can learn more about server configuration here.
In this section we will be installing and configuring an RCON client.
What is an RCON client?
RCON stands for remote console and is a way to temporarily change your game server variables while you are in the game. This is a powerful tool that only Server Administrators should have access to.
Please refer to this thread to download your RCON client.
Once you've downloaded the .zip file, extract it and open ARKon.exe.
Once the client is open, click on Settings. This is where the server details and Administrator credentials will be entered.
| Component | Value |
|---|---|
| Config Name | YOUR SERVER NAME HERE |
| Server IP | YOUR ELASTIC IP HERE |
| RCON Port | 27020 |
| Password | YOUR ADMIN PASSWORD HERE |
| Chat Name | YOUR RCON CHAT NAME HERE |
Click Save.
If the server details were entered correctly, the RCON client should be able to connect to the server.
Click Connect.
The client is easy to learn and simple to use, so I won't be going into detail on how to use it.
If you cannot connect to the server:
- Ensure the Server IP is correct
- Ensure the RCON Port is correct (the default port is 27020, which is the port we used in this guide)
- Ensure the Server Administrator Password is correct (this is configured in the GameUserSettings.ini file)
- Ensure you have opened the port for the computer trying to connect (see below)
Back in Step 1 we configured the security group for the EC2 instance.
Take note of the last row in this table:
| Type | Protocol | Port Range | Source | Description |
|---|---|---|---|---|
| SSH | TCP | 22 | Custom: YOUR PUBLIC IP HERE | SSH Access for Admin |
| Custom UDP Rule | UDP | 27015 | Anywhere | Query Port for Steam Server Browser |
| Custom UDP Rule | UDP | 7778 | Anywhere | Raw UDP Socket Port |
| Custom UDP Rule | UDP | 7777 | Anywhere | Game Client Port |
| Custom TCP Rule | TCP | 27020 | Custom: YOUR PUBLIC IP HERE | RCON for Remote Console Server Access |
You need to ensure that you open port 27020 for every computer/person you want to provide RCON access to.
For example, I want to provide RCON access to 3 Administrators, including myself. I need to obtain the public IP address of each person I want to provide access to.
- Ben (Public IP: 123.456.789.012)
- Admin 2 (Public IP: 210.987.654.321)
- Admin 3 (Public IP: 111.222.333.444)
Now the security group table would look like this:
| Type | Protocol | Port Range | Source | Description |
|---|---|---|---|---|
| SSH | TCP | 22 | Custom: YOUR PUBLIC IP HERE | SSH Access for Admin |
| Custom UDP Rule | UDP | 27015 | Anywhere | Query Port for Steam Server Browser |
| Custom UDP Rule | UDP | 7778 | Anywhere | Raw UDP Socket Port |
| Custom UDP Rule | UDP | 7777 | Anywhere | Game Client Port |
| Custom TCP Rule | TCP | 27020 | Custom: 123.456.789.012 | Ben RCON for Remote Console Server Access |
| Custom TCP Rule | TCP | 27020 | Custom: 210.987.654.321 | Admin 2 RCON for Remote Console Server Access |
| Custom TCP Rule | TCP | 27020 | Custom: 111.222.333.444 | Admin 3 RCON for Remote Console Server Access |
TL;DR: You need to open the port 27020 for each computer/person you want to provide access to. This can be done in the EC2 Console. Select Security Groups under Network & Security on the side panel.
Why would you want CLI Start/Stop Controls?
Start/Stop Controls allow your Server Administrators to quickly start and stop the EC2 instance, without you giving them your AWS Management Console password. This is achieved by using the AWS Command Line Interface (CLI).
In the AWS Console, click on Services then IAM (Identity and Access Management).
Once in the IAM Dashboard, select Users on the side panel.
We need to create a user that only has permission to start, stop and describe the instance. If you give the user full permission your Server Administrators can execute dangerous commands, such as terminating your instance.
Select Add User.
| Component | Value |
|---|---|
| Username | RemoteAccess |
| Access Type | Programmatic access |
Now click on Next: Permissions.
We are going to create an inline policy, which we will do after the user is created.
Click on Next: Review.
You will get a warning saying "This user has no permissions".
Select Create User.
Download the .csv file which contains your user's access key and secret access key. You will need these keys later.
Click Close.
Now click on your user and select Add inline policy.
| Component | Value |
|---|---|
| Service | EC2 |
| Actions | DescribeInstances, DescribeInstanceStatus, StartInstances, StopInstances |
| Resources | Specific |
| Request Conditions | N/A |
Notice we are getting a warning.
Let's fix that warning.
Select Add ARN.
| Component | Value | Any? |
|---|---|---|
| Region | YOUR REGION HERE | False |
| Account | YOUR ACCOUNT ID HERE | False |
| Instance ID | YOUR INSTANCE ID HERE | False |
Your region can be found in the URL. Mine is ap-southeast-2.
Your account ID can be found in the Support Centre.
Refer to this article if you need help.
Your instance ID can be found in the EC2 Console.
In the EC2 Console, select Instances under Instances on the side panel.
When completed, click Add.
Now there shouldn't be any warnings.
Select Review Policy.
Name your policy.
Click Create Policy.
Now you need to download the AWS Command Line Interface on all the computers that need the Start/Stop controls.
You can download the AWS CLI here.
Once the CLI is installed we need to configure it. Open a Command Prompt (CMD) or PowerShell (PS).
> aws configure
Now you need to enter your:
- AWS Access Key ID
- AWS Secret Access Key
- Default Region
- Default Output Format
Set the Default Output Format to text.
Now you have configured the AWS Command Line Interface.
Now we are going to create 2 batch files.
- StartServer.bat
- StopServer.bat
Copy and paste the following scripts. Make sure to change [instance-id] to your instance ID and remove [].
StartServer.bat
aws ec2 start-instances --instance-ids [instance-id]
pause
StopServer.bat
aws ec2 stop-instances --instance-ids [instance-id]
pause
Now when you run these batch files, the EC2 instance should start and stop.
What a journey!
You have come from having nothing to having a fully functional and awesome ARK: Survival Evolved server that is hosted on AWS.
Please Note:
- If you have any issues, please don't hesitate to leave a comment and I will try my best to help.
- If you found any mistakes or have any feedback, please feel free to leave a comment.
- If you want me to explain anything that wasn't covered in the guide, such as server mods, please let me know in the comments.
Thank You :D
Last Updated: 2/10/2018 @ 1:15pm AEST