Hello all,
Since I didn't see it by searching, I thought I'd leave some instructions on how to get a free Amazon AWS EC2 virtual machine started and going for getting started. These are not *deployment* settings. It's more of an exercise in starting from scratch. "Your mileage may vary." Hopefully they're helpful. This assumes Coda and a Mac, but this can certainly be done with any terminal / putty, and any FTP that handles pem files.
I'll update the errata as they're found - please point out any mistakes. :)
::::::::::::::::::::::::::
Mission: Install SilverStripe3 on a free-level Amazon EC2 machine
Step 1: Acquire access to Amazon Web Services through an Amazon account. Once you are registered and logged into the AWS Control Panel, go to EC2.
https://console.aws.amazon.com/ec2/home?#
Step 2: Launch the "Instance Wizard", preferably in classic mode. This will allow you to locate your server in a specific data center. (Currently it seems only US East available.)
-Select an Amazon AMI Basic 64-bit. (Why Amazon? They update their build with all Amazon tools; you can use other Linux builds, but Amazon’s is optimized for their system.)
-Select 1 t1.micro instance, as those are free.
-Turn on Termination Protection
-Leave Shutdown Behavior on Stop
-To right of Name, set friendly name, like “micropenguin". (Use all lowercase.)
-Create a new KeyPair. Download the .pem file locally.
-Select your default Security Group
-Verify and Launch
You now have a Virtual Server instance. It is as "bare bones" as possible, except for a few tools on it to make it easier to connect other Amazon services. We are creating a LAMP setup for Wordpress, and we now have the "L" in LAMP underway.
Step 3: Configure the Amazon Firewall. Click Security Groups. Click Default for your current environment. Click Inbound. Click on the Create a New Rule, and select the following:
SSH (22)
HTTP (80)
3306 (MySQL)
These may not be the only holes you want to punch in the firewall, but for SilverStripe and later installs, this will be enough. If you add any additional services that require more port openings, you must do that through this area. Go back to Instances and insure that "default" or whatever the group is called is attached to your running instance of Linux.
Step 4: Go to Elastic IPs. Allocate a new address. The EIP (Elastic IP) will be used in EC2. Make sure you like this number. It's your IP, and while not difficult to change later in EC2, it will be used extensively. See if you can get a reasonably memorable IP number. You can "catch and release" a few dozen times before being charged.
Step 5: When you have an IP you're ok with, select it, and choose Associate Address. Select your instance, which should be just your one server. Note the friendly name appears here. Also, make note of your IP address; you're about to use it extensively.
A quick drop of the IP address in a browser will prove that there is no web server running. This completes everything you need to do in the Amazon control panel. Just ensure you have your .pem KeyPair, and your IP address. Linux is up and running.
Note: This linux Amazon AMI is "headless", meaning there is no graphical user interface. This isn't like windows or mac, or even desktop linux. Everything is done from the command line. While this scares everyone at first that hasn't worked with a command line system, it's not that bad. It took me a while and several inquiries to understand that it runs without a UI, since I was so comfortable with Windows Server. It's not like that at all, and in its own way, that's a good thing.
Now that the server exists, you'll want to start adding the necessities. This is done on the terminal level. I'm a Mac Coda user, so I'm going to explain how to do that. Other terminal entry is very similar, so this should still explain most of what you need.
Geeky note: Amazon does not allow you to ever log in as "root" (never say never, actually). It's a security issue, and as such, you'll log in using a key pairing to start. Essentially, it's a user name and *file* that works *as* your password.
Step 6: Open the Mac Terminal. Type in the following:
open ~/.ssh
This opens what is normally a hidden folder on a Mac. The .pem file should be placed in this folder. Set this to 400 permissions.
Open TextEdit, or any text editor. Create a file called “config”. This should not have a file extension, so config.txt, config.rtf, etc., is incorrect. Just “config”. In that file, create four lines:
Host friendlyname
User ec2-user
IdentityFile ~/.ssh/yourkeypair.pem
HostName your.ip.address.here
So an old version of mine looked like:
Host micropenguin
User ec2-user
IdentityFile ~/.ssh/mykeypair.pem
HostName 107.22.192.xxx
Save this file.
Step 7: Launch Coda
From here out, I’m going to use Coda as my terminal client. You don’t need to do this; any terminal will work, but for me, this is more convenient. I can also work from more than just terminal, so it’s my one-stop app for web.
In Coda, Add Site.
Give the Site a nickname, and maybe you’ll want to match your Micro instance nickname for now. I do “Name AMI” so I can easily see what kind of site I’m working with. In Remote Root, add just a / so you start at the root. In the Connecting area, for server, put the host name in. User name should be ec2-user, and the protocol is SFTP.
Go to the Terminal area, and look for SSH Server. In this box, you’ll add the host name you had in your config file. Even though it says “domain.com” in the example text, ignore it and put the precise text name from config. The port is 22 (remember that firewall hole?). Do not add a user name or password. In short, Coda’s terminal will be looking at that config file. Click Save.
Gotcha: If you didn’t use all lowercase as the host name, FTP won’t work even though terminal will!
Note: If you’re using a direct terminal, just go to AWS, select the instance, and click Instance Actions > Connect. It will generate the correct code automatically, but it goes like this:
ssh -i micropenguin.pem ec2-user@111.222.333.444
You just substitute your key and ip. (ec2-user is a constant.)
Under Coda, click connect, and you’re in. On Terminal, you’ll have to answer yes to a question about security, then you’ll be in. If anything isn’t working, check that config file. Spelling counts.
If you see ASCII Art like this:
__| __|_ )
_| ( / Amazon Linux AMI
___|\___|___|
You have successfully connected.
Note: if you are having problems connecting, check the “Status Check” for your running system. If it shows an error where it’s not reachable, reboot the instance. If you still have problems, choose “Connect” in the AWS dropdown, and consult their assistance to troubleshoot.
Another note: When you set your virtual instance to an Elastic IP address, your Public IP may take several minutes to sync with the “internal” address. Grab a beverage, refresh, and once this lines up, you can terminal in with the public and not just the private address.
Step 8: I’m in, now what?
We’re now L but not AMP. We’re missing a web server, and the web server of choice for Linux is Apache. Many builds of linux, and even Mac OS X comes with Apache baked in. But not Amazon - this is really, really bare bones. So let’s install Apache. This is easy; just copy this code in exactly:
sudo su
yum install httpd
Say yes when asked.
What did you just do? It took me a while to figure this out. The sudo su is basically upgrading you from basic permissions to “superuser” permissions while you’re logged in. This is acceptable because you have the super-secret key pair. After you give yourself the proper permissions, yum is a linux installer. You asked it to go grab “httpd”, which is a kind of nickname for apache. It’s an “HTTP Daemon”, or it serves web content. Clever. You’ll see that httpd is the folder it is installed in. Most self-references for Apache go to httpd.
Check to see that the web server is in fact running.
service httpd status
Not running yet? Ya, you need to explicitly start it.
service httpd start
If it’s running, you’re good. It’ll say httpd (pid ###) is running. It’s saying Apache, assigned process id number x, is running.
OK, want to be sure it’s running? Drop your IP address into a browser, and you will now see the Apache test page. Sweet! You have a Linux Apache box. Two more…
Step 9: M for MySQL
You have a static server at this point. Time for “M”, or MySQL. This of course is a database, and as such, a place to store things like articles, content, pages, and other such goodies that SilverStripe and other things like to store data in.
In terminal, add the following lines:
yum install mysql mysql-server
Say y for yes
Start MySQL:
service mysqld start
Don’t forget the d on mysqld - that is not a typo. It’s “MySQL Daemon”, same as httpd. This is the server daemon, dishing out data.
Service mysqld status
This should confirm a running instance of MySQL.
Step 10: The pre-processor
yum install php php-mysql
Again, say y for yes
This directly installs PHP with support built in for working with MySQL. This completes the “LAMP Stack”. PHP is installed, but does not run as a server. It acts as an interpreter when data goes in and out of the web server, so there is no associated service to run.
A needed addition is some additional library files for image processing and XML processing in PHP:
yum install php-gd
yes
yum install php-xml
yes
And while we’re here, let’s update the server with any necessary updates:
yum -y update
At this point you now have a complete LAMP stack on your own server in the clouds. You may want to at this point assign a domain name to your IP. Set your DNS @ or A record to the Elastic IP address. Again, putting your IP address in a browser should already result in the Apache test page showing up. If not, troubleshoot until you do.
With your web server up and running, it’s time to start looking at the SilverStripe installation. Just a few steps left; this is the easiest part.
Step 11: Server configurations
PHP needs a valid timezone setting. Here’s the quick way to get to it. In /etc, there is a php.ini file. As of now, ;date.timezone = is on line 956. Just search for “timezone”. Remove the leading semicolon, and add your timezone. Check it at http://php.net/manual/en/timezones.php
You will want to use the terminal editor called vim. Do the following in the console:
cd .. until you get to /
cd etc
vim php.ini
Ctrl-D pages down…
find line 956, or the one that has timezone in it
press i for insert
change the text to remove the semicolon, and add the appropriate choice
press escape, then :wq (enter) to commit those changes
service mysqld restart
service httpd restart
Then set SFTP permissions
chmod -R 777 html (temporary; allows ec2-user to upload SFTP)
cd /
cd etc/httpd/conf
vim httpd.conf
On line 339, change None to All
esc :wq
service httpd restart
service mysqld restart
Last thing is to add a user your PHP root password. You’ll still want a different, non-default root password though.
/usr/bin/mysqladmin -u root password ‘YOURpass_word’
Step 12: Download and unzip the SilverStripe package.
Copy entire contents of SilverStripe package into the /var/www/html folder. Do not proceed unless this completely works. If something doesn’t copy, such as .htaccess, review the steps for permission in step 11.
Then, we need to allow the webserver to now own this stuff.
cd /var/www
chown -R apache html
Run the ip address of your site in your browser, and follow the SilverStripe instructions from here on!
If you want to view your database from an external application, do the following:
mysql> GRANT ALL PRIVILEGES ON *.* TO root IDENTIFIED BY “your_password”;
mysql> flush privileges;
