24 Sep
Set up Amazon Elastic Compute Cloud for use as a LAMP server
I was recently trying to set up a server on Amazon’s AWS, but became overwhelmed with seemingly confusing information, and long-winded documentation, so I tried to find a way to set up a server as simply as I possibly could. After a bit of Googling, I have my server set up, and am well on my way to having a running Sencha Touch server. 
The tutorial I followed can be found below, and here. I’ve posted it here so that I can find it in the future.
1.) Sign up for an Amazon EC2 Account
- Visit: http://aws.amazon.com/ec2/
- Click on “Sign Up Now” to begin the EC2 registration.
- Enter your amazon account info (or register for a new Amazon.com account)
- Agree to AWS terms and enter payment info.
- Identity Verification by telephone.
- Wait for account activation…(few minutes to an hour)
2) Create A Security Group for web access
- Login to your account at https://console.aws.amazon.com/ec2/
- The first step will be to create a Security Group that allows HTTP connections and limited (optional) SSH to configure the instance.
- Click on Security Groups > Create Security Group
- and complete the following form.
- Click on ‘Yes, Create’ to continue.
- Now, select your newly created security group ‘web_access’ and click the ‘inbound’ tab that appears below.
- In the ‘Inbound’ tab, select ‘HTTP’ from the create new rule drop-down menu. Leave the source as ‘0.0.0.0/0’ and select ‘+Add Rule’.
- Next, from the ‘inbound’ tab, select ‘SSH’ from the create new rule drop-down menu. Again, leave the source as ‘0.0.0.0/0’ and select ‘+Add Rule’.
- NOTE: Alternatively, you may put your current machine’s IP address into the ‘source’ to restrict access only to you. Later in the tutorial I’ll be showing you how to add authenticated user who may SSH with username and password, which requires the ‘0.0.0.0/0’ in the SSH source.
- Finally, click ‘Apply Rule Changes’ to commit your rules.
3) Install A LAMP-friendly instance
- Return to the EC2 Dashboard by selecting ‘EC2 Dashboard in the navigation tree on the left’.
- Select ‘Launch Instance’ in the center to begin the process of installing your first sever.
- It will offer you two options, Classic Wizard or Quick Launch Wizard. Select Classic Wizard and click ‘Continue’ to proceed.
- Next, select ‘Community AMIs’ from the tabs and search for the following:
ami-ccf405a5- UPDATE: The previous AMI used in this tutorial has been discontinued! Try this one instead:
- ami-5ec7775f
Personally, I used ami-0832775a. -XtraSimplicity
- Click the ‘Select’ button to begin configuring your Ubuntu Linux machine image.
- On the next screen you’ll see your ‘Instance Details’. The Instance Type should default to ‘Micro (t1.micro, 613mb) which is the Free tier server. Leave the ‘Availability Zone: No Preference” set and click continue.
- The next screen offers a few additional ‘Advanced Instance Options’. You can skip this page and hit ‘continue’ to proceed.
- The next screen will give you an option to ‘Tag’ your instance for better organization within the EC2 dashboard. You can skip this step unless you plan on having many instances running simultaneously. Click ‘continue’ to proceed.
- Now you will need to create a new Key Pair file to allow you to safely and securely connect to your new server from your current machine.
- Enter the name ‘mykeypair’ and click ‘Create & Download your Key Pair’. Save this to a directory you can easily access. I’ll be putting it in my home directory.
- The next screen allows you to choose your security group. Select the group we created (‘web_access’) and then click ‘Continue’.
- The next screen is the ‘Review’ screen and provides a summary of our server options. Verify that your options match the screenshot below and click ‘Launch’ to launch your first instance!
4) Select and Assign an Elastic IP
- In a few moments, your new machine image will begin to boot up and be shown as ‘running’ in the ‘Instances’ page.
- In order to connect to the server, and to allow others to as well, we need to assign an elastic IP address. Select ‘Elastic IPs’ from the navigation menu on the left.
- Select ‘Allocate New Address’ and when a pop-up appears, make sure ‘EC2’ is selected and click ‘Yes, Allocate’.
- Your new IP address will appear in the main view, but it is not yet associated with your server. To associate your new IP with your server, select ‘Associate Address’ button above the main view. Then, you will select your instance from drop-down menu and select ‘Yes, Associate’.
- The Address will now show the instance ID and associated Public DNS of your server.
- In the next section, we’ll be connecting to our server from the terminal console (Mac OS X). For a brief overview of using terminal, see this article.
5) Configuring your server via SSH
What You’ll Need: an SSH Client. SSH is a network protocol for secure data communication, remote shell services or command execution and other secure network services between two networked computers. We’ll be using it to connect to our newly installed EC2 server.
Windows: PuTTy.exe (download here)
- Download PuTTy.exe and PuTTyGen.exe
- Open PuTTyGen.exe and follow the directions shown here: (link)
- When prompted for “login as:” type “ubuntu” and press [enter]
Mac OS X: Terminal.app (launch from spotlight)
- Open terminal and navigate to the folder on your local (current) machine where you downloaded your Key Pair file. If you saved the Key Pair file to your home directory (on OS X), you can go ahead and type the following commands to restrict the permissions of the Key Pair file:
chmod 600 mykeypair.pem
- You may now connect via SSH by issuing the following command.
- NOTE: Replace the ‘23.23.223.33’ shown in the command below with the Elastic IP you associated with your server in the previous step.
ssh -i mykeypair.pem ubuntu@23.23.223.33
- After sending this command, you will be given the following prompt:
The authenticity of host ’23.23.223.33 (23.23.223.33)’ can’t be established.
RSA key fingerprint is a2:26:c9:a1:54:24:f8:0f:7a:65:12:31:ca:b6:59:2d.
Are you sure you want to continue connecting (yes/no)?
- Type ‘yes’ and hit [enter] to proceed. Congrats, you are now in your server.
Next, we need to update and upgrade our server. Issue the following command to scrape for updates:
|
1
|
sudo apt-get update
|
- This will show a ton of text start scrolling as your server connects to the Ubuntu servers to check for updates. When it is finished it will say:
|
1
|
Reading package lists… Done
|
- Now that your server knows what needs to be updated, type the following command to initiate the upgrade process:
|
1
|
sudo apt-get upgrade
|
- You will be notified that proceed will take additional disk space, you will see a message that resembles the following:
|
1
2
|
After this operation, 1,397kB of additional disk space will be used.
Do you want to continue [Y/n]?
|
- Type ‘y’ and press [Enter] to proceed. It will take a few minutes, so grab a cup of coffee or tea while it does its thing. When we return, we’ll begin installing the lamp-server and phpmyadmin.
6) Installing LAMP and Phpmyadmin
Next we need to install the lamp-server, a preconfigured lamp installation included with this build of ubuntu. To begin, issue the following command:
|
1
|
sudo tasksel install lamp-server
|
- After entering this command, your terminal view will change and the lamp-server will begin the installation process.
- It will then ask you:
1New password for the MySql ”root” user:
- Enter your password and hit ‘Enter’ to continue, you will be prompted to enter the password again, do so and hit ‘Enter’ again.
- When the installation finishes, you will be taken back to the former terminal view. Now, we will install PhpMyAdmin by issuing the following command.
|
1
|
sudo apt-get install phpmyadmin
|
- You will receive a confirmation message similar to the following:
|
1
2
|
After this operation, 22.8MB of additional disk space will be used.
Do you want to continue [Y/n]?
|
- Type ‘y’ and hit ‘enter’ to proceed. You will be taken to a configuration screen. Make sure apache2 is selected and hit [enter] to proceed.
- PhpMyAdmin will then go through the installation process.
- When it finishes, it will ask you if you want to configure the database?
- Select ‘No’ and press [enter] to continue.
- Now, to allow web access to phpmyadmin, we must issue the following command:
|
1
|
sudo ln -sf /usr/share/phpmyadmin /var/www/phpmyadmin
|
- You may now test web access to your server by visiting your ip and adding
- /phpmyadmin (i.e. http://23.23.223.33/phpmyadmin/).
- If you’ve completed all the steps correctly, you should see the following:
Success! Now that your server is online, you will need to prep it for hosting multiple websites on a single machine.
7) Site Routing
You may want to use your EC2 server to host many different website domains (i.e. bootstrappingincome.com [blog] and timothyvallier.com [portfolio]). Even if you’re starting this tutorial with only one domain, setting up with the following configuration will allow you to expand easily in the future.
- To begin, we need to SSH into your server (if you haven’t already) and navigate to your www directory. This is the default location of that your server points to for HTTP access.
- Issue the following to navigate.
|
1
|
cd /var/www
|
- Now we need to create a new folder for our website.
- I’ll be creating a folder for this blog, so I’ll name the folder ‘bootstrappingincome’ with the following command
- (Note: be sure to replace ‘bootstrappingincome’ with the name of your site.).
|
1
|
sudo mkdir bootstrappingincome
|
- Next we need to create an entry for this site, allowing browsers who ping the server with a chosen domain in the address field to be routed to the proper directory.
- (Note: be sure to replace ‘bootstrappingincome’ with the name of your site.).
|
1
|
sudo vim /etc/apache2/sites-available/bootstrappingincome
|
- Vim is a text editor which will allow us to type the contents domain pointer manually.
- After you issue the previous command, you will have created a text file whose contents are currently empty.
- Type ‘i’ to initiate editing of the document.
- You’ll notice your terminal window now reads ‘insert’ at the bottom of the view, this tells you that you are able to insert text.
- Type the following text on their respective lines, taking note to replace ‘bootstrappingincome’ with your website:
|
1
2
3
4
5
|
<VirtualHost *:80>
ServerName bootstrappingincome.com
ServerAlias www.bootstrappingincome.com
DocumentRoot /var/www/bootstrappingincome
</VirtualHost>
|
- When you’ve finished typing, press the [esc] button on your keyboard to exit the ‘insert’ mode, then hold [shift] and press [:] and type ‘wq’ and press [enter].
- This will save your changes and exit the document you were editing.
- At this time, you should create the entries for your various other domains by going through the previous points in step 7.
- When you have finished, we will issue the following commands for each site:
|
1
|
cd /etc/apache2/sites-enabled
|
- The previous command sends you to the ‘sites-enabled’ directory where we are going to a dynamic link to the ‘sites-available’ directory.
- Issue the following command to create the link:
|
1
|
sudo ln -s ../sites-available/bootstrappingincome
|
8.) Creating Groups
In this step, we are going to modify group called www-data and set permissions to allow all members of group ‘www-data’ to edit and folder in our www directory.
- First we’ll add the root/ubuntu user to our Ubuntu group file with the following commands:
|
1
|
sudo vigr
|
- This will open the groups file which we need to edit. Using your keyboard, navigate to the www-data line.
- Press [i] to enable the ‘insert’ function.
- Then type ‘ubuntu’ directly after the colon which follows the number ‘33’.
- Press the [esq] key to exit the ‘insert’ mode and then save the changes by pressing [shift]+[:], typing ‘wq’, and pressing [enter].
Next, we’ll issue 3 commands for correctly setting up the permissions for all users of the www-data group.
|
1
2
3
|
sudo chown -R www-data /var/www
sudo chgrp -R www-data /var/www
sudo chmod -R 775 /var/www
|
9) Users
Now that we have our server, folders, and groups setup correctly, we are going to create a new user who will be able to access the server from any machine. This is very useful if you want to be the owner of your own server, but want to pass on the server admin tasks to someone else.
I’m going to create a new user called ‘mallory’ so that she can access this server whenever she needs.
- To begin, type the following command, being sure to replace ‘mallory’ with the name of your user.
|
1
|
sudo useradd -d /home/mallory -m mallory
|
- This will create the user and their home directory.
- Now we need to setup a password for the user to authenticate with.
|
1
|
sudo passwd mallory
|
- This will prompt you to enter a password for the new user (twice).
- Do so and hit enter to proceed.
- Next, we will grant admin priviliges to our new user with the following command:
|
1
|
sudo visudo
|
- Using your keyboard, navigate to the section with the header:
|
1
|
#User privilege specificationroot ALL=(ALL) ALL
|
- We’re going to add our new user under this section, which currently only has the root user listed.
- (Note: Visudo allows you to begin editing the document without pressing the [i], so be careful how you are typing.)
- Type the following on a new line below the root user line:
|
1
|
mallory ALL=(ALL) ALL
|
- Then hit [Control]+[X] to save.
- Type ‘y’ and hit [enter].
- Next give your new user mallory ssh access.
- Issue the following commands to do so:
|
1
2
|
sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.original
sudo chmod a-w /etc/ssh/sshd_config.original
|
When we setup our server, we had to create a Key Pair in order to login initially. In this step, we are going to allow password authentication so that we can login from various machines and user common FTP/SSH app for managing our content.
- Type the following command to begin:
|
1
|
sudo vi /etc/ssh/sshd_config
|
- This is going to open your ssh config file.
- Using your keyboard, locate the line that reads the following:
|
1
2
|
# Change to no to disable tunnelled clear text passwords
PasswordAuthentication no
|
- From here, press the [i] key to enable ‘insert’, and replace the word ‘no’ with the word ‘yes’
|
1
|
PasswordAuthentication yes
|
- Hit [esc] to exit ‘insert’ mode and press [shift]+[:] and type ‘wq’ and press [enter] to save/quit.
Finally, we will add mallory to our www-data group by issuing the following command:
|
1
|
sudo usermod -g www-data mallory
|
We are going to restart our server in order to boot up with all of our changes.
- Issue the following command to restart our ssh services.
|
1
|
sudo /etc/init.d/ssh restart
|
Mallory may now access the server using her choice of FTP/SSH clients.
- Let’s test our connection with cyberduck (Mac OS X, Windows users try WinSCP):
- Success! The connection will default to the user’s home directory, you can navigate to the www directory from here by going to the root “/” and then “var” and then “www”.
- Once in the www directory, you should see your folder you created.
- You may begin uploading your site to this folder immediately!
