Menu

Configuring Amazon Linux For Web Services (Spring 2012)

#amazon #amazon machine image #ami #Centos #configuration #cookbook #ec2 #instructions #linux #rhel #sysadmin #systems administration

I’ve tested this cookbook against Amazon Linux, but it will probably work just as well with the current version of CentOS.

Basic Installation

First, get root and update the OS:

sudo -s
yum update

With that done, let’s get the basic packages and services installed:

yum install mysql mysql-server mysql-devel httpd httpd-devel mod_ssl php php-devel php-mysql php-gd php-dom php-pear php-json memcached svn gcc pcre-devel make

That gets us Apache HTTPD with SSL, PHP with a number of modules, Memcached, and a few system tools.

Let’s set the packaged services to start on reboot:

chkconfig --level 345 httpd on
chkconfig --level 345 mysqld on
chkconfig --level 345 memcached on
chkconfig --list

APC and the Memcahe module are both essential for performance, but they need to be installed using PECL. Simply accept the default options for everything, then execute the echo command as shown to create the ini file.

pecl install apc-beta
echo extension=apc.so > /etc/php.d/apc.ini

pecl install memcache
echo extension=memcache.so > /etc/php.d/memcache.ini

And with all that you should have a working, if not fully configured, system. Let’s start the services to take a look:

/sbin/service mysqld start
/sbin/service memcached start
/sbin/service httpd start

MySQL Configuration

MySQL should output a number of messages about configuring itself on the first startup, but all the services should start.

Now we need to create the database and user:

mysql -u root -e "CREATE DATABASE mydb CHARACTER SET utf8 COLLATE utf8_general_ci;"
mysql -u root -e "CREATE USER 'myuser'@'localhost';"
mysql -u root -e "GRANT ALL ON mydb.* TO 'myuser'@'localhost';"

And then import the database from an export:

mysql pro -u root < mydb.sql

Apache HTTPD+SSL Configuration

Installing your app is up to you, but I usually fetch it via SVN into /var/www/appname.

And now to configure HTTPD services:

In /etc/httpd/conf/httpd.conf set AllowOverride All as shown below:

<Directory />
    Options FollowSymLinks
    AllowOverride All
</Directory>

Delete the vhost definition in /etc/httpd/conf.d/ssl.conf and create a new vhost file in /etc/httpd/conf.d/vhost.conf with something like the following:

<VirtualHost *:80>
	ServerAdmin support@example.com
	ServerName falcon.pro.gostage.it
	DocumentRoot /var/www/appname
	ErrorLog logs/appname-error_log
	CustomLog logs/appname-access_log common
</VirtualHost>
<VirtualHost *:443>
	ServerAdmin support@example.com
	ServerName falcon.pro.gostage.it
	DocumentRoot /var/www/appname
	ErrorLog logs/appname-error_log
	CustomLog logs/appname-access_log common
	SSLEngine on
	SSLProtocol all -SSLv2
	SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
	SSLCertificateFile /etc/pki/tls/certs/localhost.crt
	SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
</VirtualHost>

Now restart the HTTP daemon:

/sbin/service httpd restart