Apologies for the lack of astronomy in this post. I just spent 6 hours trying to set up a server, and most of that time was spent fussing needlessly. No one should need to repeat my endeavors, so…. I’m taking what I learned and blogging it to save any poor souls who may be repeating what I do. These instructions should work for any OS X / linux system.
Goal: Setup on EC2 an Ubuntu server configured to run PHP software on an Apache Server connected to a MySQL database on an RDS (This is a LAMP server)
Uses: This type of configuration can be used for WordPress, phpBB, SMF, and any number of other php online toys
Notes: There are two ways to set this up servers. You can either go through the online GUI or use a commandline toolkit. For advanced features you have to use the command line, but… For basic setup you can just use the GUI. Also: Amazon does not allow capital letters and _ marks in all situations. It is easiest just to avoid uppercase and underscores at all times.
Step 0: Go sign up for AWS. Give them your credit cards, acknowledge this won’t be free. There is a good tutorial here, and it is worth going through, starting and terminating a server.
Step 1: Setup a Database. This step takes the longest for Amazon to process, so get it going first and it will be ready for you to configure things when you are done getting your EC2 server setup in the next step
- Sign into your AWS console
- On the RDS tab, set up a mysql db. Set up a 5GB instance and otherwise use all the defaults
- Add a security group other than default (I called my web)
- come back later and…. When the DB is finished setting up, modify it to add the new security group so it shows “default, web”
Step 2: Get security keys. You will need a whole variety of security keys. Might as well set them all up now. These can be found under AWS Account > Security Credentials
- X.509 certificate and private key file (rename these to something useful. I use X509cert_instancename.pem and X509priv_instancename.pem
- AWS account id
- Keypair (I use the naming conventionÂ¬â€ key_pk_instancename.pem // key_rsa_instancename.pem)
When you have all the Keypairs, put them somewhere you won’t lose them (I use ~/.ssh on my local machine)
Step 3: Create an EC2 server. The set of default Amazon Machine Images (AMIs) may not include what you want. These change regularly, and when I setup my server they were useless. A complete list of AMIs can be found on the Cloud Market. Official Ubuntu installs are posted by the user “Canonical.” I found the most recent for the current stable version of Ubuntu. On 1/22/2011 this was Maverik Merrkat and ami-c0a959a9.
- Go to the Cloud Market to find the AMI you want and note the code number
- Sign into yourÂ¬â€ AWS console
- On the EC2 tab, launch a new instance. To use the AMI you selected, click on the “Community AMIs” tab and type in the code number you noted above. I just used default values for everything
- For you sanity, give the instance a name. You may find your self growing servers like mushrooms
- You will be prompted to create a new keypair – this is required for you to login. Save it to ~/.ssh (naming convention instancename.pem)
- Create a security group with the same name you used for the DB (you’ll still need to link them).
- Add default ports for HTTP, HTTPS, MySQL, SSH for the whole internet
- While it is launching, go to the RDS tab > DB Security Groups, and edit the security group you created in step 1 to include the EC2 security group you just created (you’ll also need the account ID, which can be found under account > security credentials)
- NOTE: If the Public DNS is ec2-123-456-78-90.compute-1.amazonaws.com the IP is 123.456.78.90
Step 4: Login to your server and set up user. Initially your server will only require the keypair in order for you to login. This is mostly safe, but you likely want to force a password as well. It is also good to not do all your work as root.
- Note: The username varies with type of instance. For ubuntu it’s ubuntu
localhost:.ec2 $ ssh -i instancename.pem username@ecX-XX-XXX-XXX-XX.compute-X.amazonaws.com
This will provide you a regular command line login
- Setup the new user :~$ sudo useradd -d /home/username -m -s /bin/bash username
:~$ sudo passwd username
Enter new UNIX password: NEWPASSWORD
Retype new UNIX password: NEWPASSWORD
passwd: password updated successfully
- You also need to add to the sudo file
:~$ sudo visudo
Go to the line ALL = (ALL) ALL and add the new user following example of admin (the leading % not needed)
- Give the user ssh access
:~$ sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.original
:~$ sudo chmod a-w /etc/ssh/sshd_config.original Change PasswordAuthentication to yes
:~$ sudo /etc/init.d/ssh restart
Step 5: Update your distribution and install LAMP and EC2 Tools. The Ubuntu AMI you started is a plain install of Ubuntu and doesn’t have all the libraries you need. That’s ok. These are easy to get via apt.
- Log back into your instance as the user you just created.
- Install updates
:~$ sudo aptitude update && sudo aptitude dist-upgrade
:~$ sudo reboot
- Log back in and use apt to get needed software
:~$ sudo apt-get install apache2 libapache2-mod-php5 php5-mysql postfix mysql-client unzip php5-memcache php5-curl memcached php5-gd
:~$ sudo a2enmod rewrite headers expires
Say yes to all options, including the mysterious postfix options
- Check if it works by going to your public IP or public DNS. You should see a basic apache test page
- Install the EC2 Tools after enabling multiverse
:~$ sudo cp /etc/apt/sources.list /etc/apt/sources.list.backup
- And edit the sources.list file so that all the multiverse lines are uncommented.
- Update the list of apt files and then install the commandline ec2 tools. You’ll need these if you ever need to configure dynamic servers.
:~$ sudo apt-get update; sudo apt-get install ec2-api-tools
- Copy your certificates to your .ssh directory. From your local machine
localmachine: $ scp -i ~/.ssh/instancename.pem X509priv_instancename.pem X509cert_instancename.pem firstname.lastname@example.org:~/.
- Configure on the EC2 instance your Bash profile (and the user you created’s profile) to include the following lines
And then enable these features using :~$ source .bashrc
Step 6: Test MySQL. Call me paranoid, but this is a whole lot of work to have something not work.
- Test ability to connect to db from command line
mysql -u [Master User name] --password=[Master Password] -h [Endpoint hostname]
- That should work! If it doesn’t, um… Google.
Step 7: Setup Virtual Host. By default, your server wants all its web files in /var/www. This is fine, but requires a whole lot of sudo (or permissions changing), and limits your ability to have a bunch of applications (potentially with different domain names) all on the one server. This is a rather boring virtual host that simply sets up a project folder. I assume you are working as ‘username’ and the code is in ~username/public_html/Project and if you are allowing uploads, they are inÂ¬â€ ~username/public_html/Project/uploads.
- Backup the apache default config incase you step on something, then create copy to change and change it
:~/ sudo cp /etc/apache2/sites-available/default /etc/apache2/sites-available/default.original
:~/ sudo cp /etc/apache2/sites-available/default.original /etc/apache2/sites-available/ProjectName
:~/ sudo vi /etc/apache2/sites-available/ProjectName
Edit the file to look like
# Don't let anything in wp-content/uploads be executed as php
Allow from all
php_admin_flag engine off
AddType text/plain .html .htm .shtml .php .php3 .phtml .phtm .pl
CustomLog /home/username/public_html/Project/logs/access.log combined
- disable the default site: :~/$ sudo a2dissite default
- enable the new configuration :~/$ sudo a2ensite ProjectName
- restart apache :~/$ sudo /etc/init.d/apache2 restart
- Create a test file in your new directory: vi /home/username/public_html/Project/test.php
Include in the file the code
- Copy the test.php file to the uploads directory
- Test both files. The first should show a php config file, the second should show the file contents
Step 8: Connect to MySQL via php. This should be the hint you need to do everything else.
- Create a mysql test file :~/public_html/Project$ vi mysqltest.php
- make the file contents
//connection to the database
$con = mysql_connect("name.abc123def456.us-east-1.rds.amazonaws.com",root,"PASSWORD") or die(mysql_error());
echo "Database connected.";
- Go to the webpage for mysqltest.php (http://SERVERNAME/mysqltest.php). This should give you a “Database connected” message
Optional: SAVE your AMI in case you need it later
- Upload your private key and x509 certificate if you haven’t yet (and you should have, but…).
localhost: $ scp -i ~/.ssh/instancename.pem X509priv_instancename.pem X509cert_instancename.pem email@example.com:~
- And then on the Amazon image, move them to /mnt
:~$ sudo mv ~/*_instancename.pem /mnt
- Next export everything
:~$Â¬â€ sudo ec2-bundle-vol -d /mnt -k /mnt/X509priv_instancename.pem -c /mnt/X509cert_instancename.pem -u -r x86_64 -p sampleimage
(Use apt-get as needed and indicated by error messages)
- check that it is there with
:~$ ls -l /mnt/sampleimage.*
- upload it with
:~$Â¬â€ ec2-upload-bundle -b [name of s3 bucket that will be created] -m /mnt/sampleimage.manifest.xml -a AWS-ACCESS-KEY-ID -s AWS-SECRET-KEY --location US
Optional: Download and install the Amazon API Tools locally
- Create ~/.ec2
- cp your 4 .pem files to ~/.ec2
- Download and unzip the Amazon API Command Line Tools and move the bin and lib to ~/.ec2.
- Your directory should now look like this
styx:.ec2 $ ls
- You also need to configure some environmental variables. Edit you ~/.bash_profile to include the text below at the end.
# Setup Amazon EC2 Command-Line Tools
export EC2_PRIVATE_KEY=`ls $EC2_HOME/X509priv_instancename.pem`
export EC2_CERT=`ls $EC2_HOME/X509cert_instancename.pem`
- When you are done editing your bash_profile, you will need to use restart your shell
styx:.ec2 $ source ~/.bash_profile
- Check if it works
styx:.ec2 $ cd ~/.ec2
styx:.ec2 $ ec2-describe-images -o amazon
- This will produce a list of available EC2 Images. Grep can be used to find specific features.
Thanks for your sharing, but now it seems that Amazon doesn’t offer ubuntu linux, for micro instances(I only saw SUSE and redhat…maybe?), so what if the distribution isn’t Ubuntu but SUSE or RedHat, what should we do ?
Amazon still has the Ubuntu micro instances, but they are community AMIs. A full list of Ubuntu AMIs are here: http://uec-images.ubuntu.com/releases/10.10/release/
Wow, you just saved me a week worth of digging around. Much appreciated. Thanks a LOT!
Are you still producing new episodes of “Astronomy Cast”? If not, why so?
Thanks a ton, this is the best tutorial that I have found to help cloud noobs get up and running!
Thanks for this great walkthrough. Saved me a ton of time and anxiety.
Have you tried http://www.rightscale.com to set up your LAMP stack?
I have to admit, I have only worked with Ubuntu
Is there any aditional cost for the Mysql running or I only have to buy the EC2 plan and with it I can install anything on the OS I choose.
You can run mysql on your EC2 server, but we tend to also purchase an RDS. This way, if our EC2 node goes poof (as they sometimes do) our database is intact and the system can auto heal using some of the load balancing routines that automatically spin up new units as needed.
What’s up, all is going well here and ofcourse every one is sharing data, that’s
truly fine, keep up writing.
This website was… how do I say it? Relevant!!
Finally I’ve found something which helped me. Thanks a lot!
I always spent my half an hour to read this weblog’s content everyday along with a cup of coffee.
I have learn several good stuff here. Certainly worth bookmarking for revisiting.
I wonder how much attempt you set to create this kind of great
Hi, its pleasant article on the topic of media print, we all understand media is a impressive
source of facts.
Wonderful beat ! I wish to apprentice whilst you amend your website, how
can i subscribe for a weblog website? The account aided me a appropriate deal.
I have been tiny bit familiar of this your broadcast provided shiny clear concept
Truly no matter if someone doesn’t be aware of after that its up to other visitors that they will help,
so here it happens.
I’m not sure exactly why but this blog is loading
incredibly slow for me. Is anyone else having this issue or is it a issue on my end?
I’ll check back later on and see if the problem still exists.
This pie?e of writing provides clear idea in favor of the new visitors of
blogging, that actuall? how to do running a blog.
Wonderful, ?hat a weblog it is! This website gives useful facts to us,
keep it up.
?t’s an awesome post in support of all the online visitors;
they will get benefit from it I am sure.
W??ts up ?re ?sing WordPress for your blo?
platform? I’m new to the blog world but I’m trying to get
started and set u? my own. Do you need any coding
knowledge to make y?ur ?wn blog? Any help woul? b? greatly app??ciat?d!
H? ther? colleagues, how is all, and what you want to say ?oncerning this article,
in my ?iew its truly amazing in support of me.
G?eat article! We are linking to this parti?ula?ly gr?at article on our site.
Keep up the ?ood writing.
I believe this is one of the s?ch a lot ?mp?rtant inf? for me.
And i’m glad reading yo?r article. But should remark ?n ?ome no?mal things, The site style is gr?at,
the articles is actually nice : D. Excellent job, cheers
First off I w?nt to say e?cellent blo?!
I had a quick questi?n w?ic? ?’d like to as? if yo? don’t
mind. I was curious t? know how you center yourself and
clear your mind before writing. I’ve had difficulty cl?aring my thoughts in getting m? ideas out.
I truly do enjoy writing however it just seems lik? the first
10 to 15 minutes are usually lost j?st trying to figure out ?ow to begin. Any i?e?s or hints?
I alwa?s email?d this blog post page to all m? associates,
becau?e if l?ke to read it after that my links will too.
I’v? been exp?oring for a bit f?r any high quality
articles o? weblog posts on this sort of are? . Exploring in Yaho? I eventually stumbled
upon this ?ite. Studying this ?nfo So i am happy to convey that I have
an incredibly good uncanny feeling I came upon just what I needed.
I most indisp?tably will make certain to don?t fail
to remember this site and pro?ides it a look regu?arly.
It’s r?ally ? cool and ?seful piece of inform?tion.
I am sat?sfie? that you just shared this helpful info
with us. Please keep us up to date like this.
Thanks for sharing.
It’s ?wesome to pay a quick visit this web p?ge and re?ding t?e views of all friends on the topi? of this
article, while I am also keen of getting experience.
Wonderful items from you, man. ?’ve h?ve in mind your stuff prior
to and y?u’re simply too magnificent. I really like what you’?e obtained right
here, certainly like wh?t ?ou are stating and the way
in which through w?ic? you assert it. You make it enjoyable and you still t?ke
care of to k?ep it sens?ble. I can not wait to
read m?ch more from y??. This is actually a great site.
I a?l the time used to read piece of writing in news papers but now as I
am a user of internet thus from now I am using net for
posts, thanks to web.
T?ank you a ?unch for sharing this ?ith all folks ?ou really recogniz? what you ar?
talk?ng about! Bookmarked. Pl?ase also talk ov?r with my website
=). We ma? have a link exchange c?ntract among us
Hello t? al?, th? c?ntents existing at this w?b
page are really amazing for people experience, well,
keep up the nice w?rk fellows.
We ?tumbled ove? here by a diffe?ent ?eb page and thought I sho?ld check things out.
I like wh?t I see so i am j?st f?llowing you.
Look forward to checking out your ?eb page again.
Hello there, I dis?overe? your website by the use of Google e?en as
searching for a related subject, your website got here
up, it appears good. I’ve bookmarked it in my googl? bookmarks.
Hello there, simp?y became awar? of your blog
thru Google, and found that it’s r?ally informative. I’m going to watch out for
brussels. I wi?l be gratefu? if you happen to ?roceed this in future.
N?mero?? other folks can b? benefited fr?m your writing.
I lov? what you guys are up too. Such cl?ver work and coverage!
Keep up the awesome works guys I’ve incorporated you guys to my per?onal blogroll.
You should be a pa?t of a contest for one of the most useful
sites on the web. I’m going to highly recommend this b?og!
?efinitel? believe that which you said.
Your favorite reason seemed to be on the web the easiest
thing to be aware of. I say to you, I definitely get annoyed while people think about
worries that they plainly don’t know ?b?ut.
?ou mana?ed t? hit the nail upon the top and also d?fined o?t the whole
thing without ?aving side effect , people could take a signal.
Will pr?babl? be back to get more. Thanks
A?miring the tim? and effort you put into your ?ite and in ?epth information you provide.
It’s great to come across a blog every once in a while that isn’t the same unwanted rehash?d material.
Excell?nt read! I’ve saved your s?te and I’m including your RSS feeds to
my Google account.
I ?o not even know the way ? ended up right here, but ? believed t?is
put up was once good. I do not understand w?o you are however definitely you are going to a f?mous
blogger in the ev?nt you are not a?ready. Chee?s!
Hello th?re! Quick question that’s entirely off topic.
D? you know ho? to make your site mob?le friendly? My
b?og looks weird when browsing from my iphone4.
I’m trying to find ? theme or plugin that might be able to fix this
iss?e. If y?u have any suggestions, please share.
Wow, th?? piece of writing is pleasant, my sister is analyzing such t?ings, so I am going to convey her.
?hat’s up, this weekend is nice designed for me,
as this ?oint in time i am reading t?is fantastic informative post here at
Go?d way of telling, and nice post to take information ??ncerning my presentation subj?ct m?tter,
w?ich i am going to present in academy.
Thanks for shearing this information.You may also refer http://www.s4techno.com/blog/category/aws/