techwiki:aws

Amazon Web Service (EC2)

  • Amazon web service provide tons of cloud computing related services, and EC2 is one of the general cloud computing service, which basically let you to create a virtual machine online and do anything about it, while one most popular user case is to use it as online hosting server, providing webpage, database, email, and dns services.
  • EC2 (Elastic compute cloud)
    • it allow you to create a virtual machine with specification on demand at any time with a unique IP address.
  • Amazon Machine Image (AMI)
    • as EC2 allow to create a virtual machine, a virtual machine needs a operating system to run, Amazon provide with various options of major linux servers and windows server image file to clone into your virtual machine
    • these OS image is called AMI, and they are pre-configured from default installation, so you don't need to install fresh like tradition desktop OS install.

Amazon Linux for your new instance

Default Spec Sheet

ec2-user default user name
need the key pass
22 ssh port

Common Post-Install Application Spec Sheet

/var/www/html Apache html root
/etc/httpd/conf/httpd.conf Apache server config
sudo service httpd restart Apache server restart command
  • ssh to ec-2 linux from local
    • first, make sure your key file is protected
      chmod 400 /path/my-key-pair.pem
    • then, run ssh
      ssh -i /path/my-key-pair.pem ec2-user@your_domain_or_free_amazonaws.com
    • cd to your website
      cd /var/www/html

other free pre-config Linux in AWS Marketplace for your new instance

  • if you tried the blank Amazon linux, you may feel the pain to install each service by yourself.
  • that is why there is more pre-config Linux options in AWS Marketplace tab than Quick Start tab
    • in which, there are pre-config and software loaded Linux virtual machines, which are ready to use once loaded into your new instance, like wordpress with all those servers, dokuwiki with all those servers.

Note

Basic
AMI username bitnami
htdoc location: /opt/bitnami/apps/wordpress/htdocs
http.conf /opt/bitnami/apache2/conf/httpd.conf
ftp your_domain.com; user: bitnami; port 22; with key installed in ftp client
Advanced
ssh
ssh -i /path_to_the_key.pem bitnami@your_domain.com
restart apahce
sudo /opt/bitnami/ctlscript.sh restart apache
  • Problem: the bitnami logo shown at wordpress page bottom, with tag like bitnami-corner-image-div, click it will link to a instruction page for beginner of the whole system image, like login guide.
    • Solution: to remove this page link, actually guide on removal is inside that page as well. you need to go the system image cmd line to do it, since it is system image level setup thing
      1. note, the bitnami system image may have several website app installed, for each of them, need to be disabled seperately, for wordpress, you only need this
        sudo /opt/bitnami/apps/wordpress/bnconfig --disable_banner 1
      2. sudo /opt/bitnami/ctlscript.sh restart apache

ref: https://docs.bitnami.com/aws/how-to/bitnami-remove-banner/

  • tip:
    • quit ssh by: exit
  • when have pagespeed feature on Apache, it will auto create small size image when the webpage put a high res image in a small size form, like with width and height attribute. it can sometimes not useful when you really want to show the high res image in page and in a easy to view layout for people to zoom later.
  • check php version
    php -v
  • check php server group
    ps -e -o pid,user,group,cmd | grep php
root /opt/bitnami
server apache2/, mysql/, postgresql/, apache-tomcat
language php/, python/, ruby/, tcl/
app apps/phpMyAdmin/, apps/drupal/, apps/joomla/, apps/redmine/

Backup and New EC2 Instance

  • situation:
    • sometimes, the instance stuck up with a snapshot image, or bad overall server config setup,
    • rather than fixing existing ec2 instance, you may just want to bring down everything and start a new one, here are the steps

Backup important file list in current instance

  1. backup web root (for Amazon AMI, it is under /var/www/html)
  2. backup http.conf (for Amazon AMI, it is under /etc/httpd/conf/httpd.conf)
  3. backup database if you have

Shut down current instance

  1. go Instances tab, action on selected instance
    • stop Instance
    • terminate Instance with volume deletion (it will be auto deleted after 20min)
  2. go Image tab:
    • AMIs: deregister all images (other customized image from your instance created)
    • deregister take about 5 min for it to be gone
  3. go EBS tab:
    • volumes: it should be gone with the instance
    • snapshots: delete all (if not successful, make sure you deregister the AMI associated with it in above step)

Start new instance fresh

  1. Instance tab
    1. launch (create) new instance (here is example of wordpress one)
    2. in the disk image list, go AMS Marketplace: search wordpress, choose “Wordpress by bitnami” (not multisite one)
      • note: this image is based on ubuntu 16.04, and software cost 0 (free), aws instance use still cost like other intance standard charge.
      • note, dokuwiki pre-install ubuntu AMI also available free by bitnami (https://bitnami.com/aws)
      • basically, you don't need to start from a blank scratch Amazon AMI disk image, and setup LAMP and every bit yourself.
      • just continue, with Wordpress
      • choose Instance type (power charge based on instance performance), for free iter, only t1.micro (1cpu,0.6G ram) and t2.micro (1cpu, 1g ram) (t2 > t1)
        • t2.micro (free tier), Next: Configure Instance Details.
    3. configure, leave as default, click “Add Storage”, default 10 gb at least since the wordpress disk image is = 10gb, you can use bigger if you want but not smaller, (free tier can use for 30gb, but after that, 0.12 sgd per GB per month), click Tag instance
    4. tag instance: “Name”:“MyWordPress”, review and Launch
    5. in review page, it show instance spec, and auto security group created by the image template, just click Launch
    6. the key page poped, for download ssh key for the OS (if you have a key before during other intance creation, you can use same key, if not, create a key and download, refer to other article, so you can ssh for advanced linux commandline control in ssh )
    7. After above steps, your instance should be running in your instance tab. with your tagged name (just wait for status from initializing to running)
    8. To find the admin pass, go instance > Action > instance setting > get system log, it will be there with notes like password is, default acc is “user”
  2. link domain name by updating zone file for ip record in Route 53 panel to the instance IP

AWS Route53 - the Domain manager

  • Route53 is basically the AWS console in charge of anything related to domain, like DNS management, domain purchase and transfer, and policy setting

Detail Steps

  1. in Godaddy, on your domain DNS page (maybe optional)
    1. export DNS zone file for backup reference
    2. change your DNS server to Route53's AWS DNS server (which you should have done when you moved your hosting to AWS, check on AWS EC setup guide first) (you can get your aws dns server url address in route53 page when trying create zone file. normally 4 dns server urls)
    3. (above step is suggested by AWS page, but later down the road during transfer domain stage, the page give you the option to use it or update DNS server, but if you setup above before hand, the transfer is quicker, and domain is online right after transfer)
  2. in Godaddy, on your domain manage page
    1. under privacy if your have: remove privacy
    2. under domain lock: turn off lock
    3. at the bottom of page, click Get authorization code, which will soon send you a email of the authorization code, which later will be entered on AWS route53 page
    4. once you have the code, click on the bottom of page, “Transfer domain away from GoDaddy”
    5. on the “Transfer domain away from GoDaddy”, it shows you 3 steps
      1. it will try to like you to stay with them and offer you discount, but never mind and click continue
      2. following the page, it may send you email to get confirm if needed. make your email box is open for checking on the side
  3. in AWS route53 page, on the left side panel
    1. click on “registered domains” tab, on the tab panel's top, click “Transfer Domain” button
    2. (Page 1.) Enter the name of your domain, and it will charge your one year of renew fee (that is why sometimes it is good when you domain is about to expire, then make the transfer, but of course give some buffer time, don't do at last minute, like say, 1 month before expire if you like)
    3. and click “Check” button, read the pop-in message if everything is ok or some steps you need to do before you do next, like DNS server setting mentioned before
    4. (Page 2.) next, domain option, where you enter your authorization code, and use 1st name server update option if you have done in above step, I use import name server from a Route 53 hosted zone that has the same name as the domain, which because I did when I was moving the hosting.
    5. (Page 3.) Enter domain contact info
    6. (Page 4.) Review and Purchase
    7. then you will receive a email from AWS about verify the email in contact info, both old email and new email (sometimes you may get the godaddy email first to approve transfer on your godaddy account).
      1. then in confirm page, click Yes for transfer
      2. then transfer is in progress
      3. soon, old domain host provider will email your about domain transfer,
  4. go GoDaddy your domain setting page, the pending transfer out will should on top link, or under domain > domain transfer, click view details
    1. in the pop-up, saying “Status: transfer not started. Accept or Decline”, and click the link and choose Accept to confirm transfer (if you dont do that, transfer will happen after a few days, but if you do that, it will transfer right now)
    2. Now go to domain list, you will see that old domain is not in Godaddy list any more
    3. and transfer should be done in minutes
  5. Then, AWS will email you to confirm your email address in contact info in domain transfer registration. just copy the link and paste to confirm page.
    1. Once you did that, the whole process is successful with notification email sent to you.
  6. go AWS route53 page's left panel, under “Pending requests” tab panel, no more pending transfer
  7. go AWS route53 page's left panel, under “registered domains” tab panel, your domain lives here now
    1. click the domain to review all the contact info and privacy setting
  8. you should get email from both AWS and Godaddy to confirm the final finish notification of domain transfer

Note

  • you have own multiple domains in your route53 page (which contains registration info and its dns name servers)
  • you don't need to create zone file for each domain if you don't plan to link it to a hosting yet.
    • thus, no zone file means no extra zone file charge yet.
  • under domain tab, click Register Domain button on top
    • you will add the list of domain you want to buy
    • then confirm all the registeration owner info
    • buy with card, then it will take 30 min to be ok to use
  • Note, after domain successfully registered
    • you will receive email on domain is ready for amazon owner email address and domain owner email address
    • zone file will automatically created for each domain, (with NS record and SOA record)
    • you can delete zone file if you don't want to use them immediately to avoid monthly per zone file charge (0.5 usd/m)
    • however, amazon recommend don't remote zone file but just delete record entry to avoid some risk,
    • To be continued on risk study

S3 Storage

How to use ec2 instance to unzip and send unzip content to S3 Method A

  1. create IAM username ( access key id, access key secret )
    1. Permission : attach policy to IAM, admin, ec2FullAccess
  2. create AMAZON Linux v1 (at the end of process, create key pair)
    1. ssh into ec2 server
      1. aws configure: key id, key secret
      2. region: in url, like “us-west-2”
      3. output format: json
    2. method
      • transfer: aws s3 sync /path/ s3:bucketName/path/ * copy: aws s3 cp /path/ s3:bucketName/path/

How to use ec2 instance to unzip and send unzip content to S3 Method B

  1. IAM service
    • Roles type:
      • new role type: EC2 instance
      • attach policy: S3 full access
    • role name: s3fullaccess_role
  2. launch instance with the role
  3. unzip myFile.zip
  4. make public, or make bucket policy
  5. transfer
    aws s3 sync . s3://my-bucket/path --acl public-read

ref:

Long Term Cost Control

  • basic ec2 instance for hosting and domain hosting are quite cheap for AWS pay-per-use model, compared to other not-so-freedom shared hosting plan.
  • actually, they can get even cheaper (like half) by pre-pay annual ammount for so-called “reserved instance”
    • for more detail, you need to do some research
  • also, after the free tier, you may need plan on how low you can go with instance performance and how small you can set ebs disk storage (though some linux vm may pre-config with min disk size), thus this kind of super-budgeting can really cut the cost to bottom.

Problem and Fix

  • possible problem after that,
    • if you didn't use the amazon fix ip for your instance, your instance IP address and amazon dns instance address will be changed as well,
    • so in your DNS setting, you will need to update the IP address for your A record as well.
  • Problem: browse can't open website, long loading.
    • solution: Go ssh in terminal and restart apache server
  1. ssh into the server and check disk global size
    df -h
  2. then you will see which partition is full, cd to that place to check each folder
    1. to check current folder size:
      du -sh .
    2. to list all sub folder with size info
      du -sh *
    3. to list all file with size info
      ls -lh
  3. potential Big Size eater
    1. check A: go apache's log folder
      apache2/logs 
      error_log-*.gz
      access_log-*.gz
    2. check B: go apache's mod_pagespeed folder
      // https://docs.bitnami.com/aws/apps/orocrm/administration/use-pagespeed/
      // apache2/var/cache/mod_pagespeed/
      // if you dont use that feature, just delete all inside
      // rm -rf *
      // restart apache 
      // (for bitnami: sudo /opt/bitnami/ctlscript.sh restart apache)
    3. check C: check mysql database folder
      1. login mysql (for bitnami, same as main app pass)
        mysql -u root -p
      2. check database size
        SELECT table_schema AS "Database", 
        ROUND(SUM(data_length + index_length) / 1024 / 1024, 2) AS "Size (MB)" 
        FROM information_schema.TABLES 
        GROUP BY table_schema;
      3. check each database's table size
        SELECT TABLE_NAME AS "Table",
        ROUND(((data_length + index_length) / 1024 / 1024), 2) AS "Size (MB)"
        FROM information_schema.TABLES
        WHERE table_schema = "database_name"
        ORDER BY (data_length + index_length) DESC;
      4. type quit to exit mysql
  • techwiki/aws.txt
  • Last modified: 2021/08/28 09:08
  • by ying