Saturday, December 17, 2016

Commands for Installing web server on Amazon Linux



Installing web server on Amazon Linux
1. Connect to your instance (p. 30).

2. To ensure that all of your software packages are up to date, perform a quick software update on your
instance. This process may take a few minutes, but it is important to make sure you have the latest
security updates and bug fixes.
Note
The -y option installs the updates without asking for confirmation. If you would like to
examine the updates before installing, you can omit this option.

[ec2-user ~]$ sudo yum update –y

3. Now that your instance is current, you can install the Apache web server, MySQL, and PHP software
packages. Use the yum install command to install multiple software packages and all related
dependencies at the same time.

[ec2-user ~]$ sudo yum install -y httpd24 php56 mysql55-server php56-mysqlnd

4. Start the Apache web server.

[ec2-user ~]$ sudo service httpd start

Starting httpd: [ OK ]

5. Use the chkconfig command to configure the Apache web server to start at each system boot.

[ec2-user ~]$ sudo chkconfig httpd on

Tip
The chkconfig command does not provide any confirmation message when you successfully
enable a service.You can verify that httpd is on by running the following command.

[ec2-user ~]$ chkconfig --list httpd

httpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off

Here, httpd is on in runlevels 2, 3, 4, and 5 (which is what you want to see).

6. Test your web server. In a web browser, enter the public DNS address (or the public IP address) of
your instance; you should see the Apache test page.You can get the public DNS for your instance
using the Amazon EC2 console (check the Public DNS column; if this column is hidden, choose
Show/Hide and select Public DNS).
Tip
If you are unable to see the Apache test page, check that the security group you are using
contains a rule to allow HTTP (port 80) traffic. For information about adding an HTTP rule to
your security group, see Adding Rules to a Security Group (p. 496).
Important
If you are not using Amazon Linux, you may also need to configure the firewall on your
instance to allow these connections. For more information about how to configure the firewall,
see the documentation for your specific distribution.

Note
This test page appears only when there is no content in /var/www/html. When you add
content to the document root, your content appears at the public DNS address of your
instance instead of this test page.
Apache httpd serves files that are kept in a directory called the Apache document root. The Amazon
Linux Apache document root is /var/www/html, which is owned by root by default.

[ec2-user ~]$ ls -l /var/www

total 16
drwxr-xr-x 2 root root 4096 Jul 12 01:00 cgi-bin
drwxr-xr-x 3 root root 4096 Aug 7 00:02 error
drwxr-xr-x 2 root root 4096 Jan 6 2012 html
drwxr-xr-x 3 root root 4096 Aug 7 00:02 icons
To allow ec2-user to manipulate files in this directory, you need to modify the ownership and permissions
of the directory. There are many ways to accomplish this task; in this tutorial, you add a www group to
your instance, and you give that group ownership of the /var/www directory and add write permissions
for the group. Any members of that group will then be able to add, delete, and modify files for the web
server.

To set file permissions

1. Add the www group to your instance.

[ec2-user ~]$ sudo groupadd www

2. Add your user (in this case, ec2-user) to the www group.

[ec2-user ~]$ sudo usermod -a -G www ec2-user
Important
You need to log out and log back in to pick up the new group.You can use the exit command,
or close the terminal window.

3. Log out and then log back in again, and verify your membership in the www group.
a. Log out.

[ec2-user ~]$ exit

b. Reconnect to your instance, and then run the following command to verify your membership in
the www group.

[ec2-user ~]$ groups

ec2-user wheel www

4. Change the group ownership of /var/www and its contents to the www group.

[ec2-user ~]$ sudo chown -R root:www /var/www

5. Change the directory permissions of /var/www and its subdirectories to add group write permissions
and to set the group ID on future subdirectories.

[ec2-user ~]$ sudo chmod 2775 /var/www

[ec2-user ~]$ find /var/www -type d -exec sudo chmod 2775 {} \;

6. Recursively change the file permissions of /var/www and its subdirectories to add group write
permissions.

[ec2-user ~]$ find /var/www -type f -exec sudo chmod 0664 {} \;





Updating Instance Software
It is important to keep software up-to-date. Many packages in a Linux distribution are updated frequently
to fix bugs, add features, and protect against security exploits. When you first launch and connect to an
Amazon Linux instance, you may see a message asking you to update software packages for security
purposes. This section shows how to update an entire system, or just a single package.

Important
These procedures are intended for use with Amazon Linux. For more information about other
distributions, see their specific documentation.

__| __|_ )
_| ( / Amazon Linux AMI
___|\___|___|

https://aws.amazon.com/amazon-linux-ami/2013.03-release-notes/
There are 12 security update(s) out of 25 total update(s) available
Run "sudo yum update" to apply all updates.

[ec2-user ~]$

To update all packages on an Amazon Linux instance

1. (Optional) Start a screen session in your shell window. Sometimes you may experience a network
interruption that can disconnect the SSH connection to your instance. If this happens during a long
software update, it can leave the instance in a recoverable, although confused state. A screen
session allows you to continue running the update even if your connection is interrupted, and you
can reconnect to the session later without problems.

a. Execute the screen command to begin the session.

[ec2-user ~]$ screen

b. If your session is disconnected, log back into your instance and list the available screens.

[ec2-user ~]$ screen -ls

There is a screen on:
17793.pts-0.ip-12-34-56-78 (Detached)
1 Socket in /var/run/screen/S-ec2-user.

c. Reconnect to the screen using the screen -r command and the process ID from the previous
command.

[ec2-user ~]$ screen -r 17793

d. When you are finished using screen, use the exit command to close the session.

[ec2-user ~]$ exit

[screen is terminating]

2. Run the yum update command. Optionally, you can add the --security flag to apply only security
updates.

[ec2-user ~]$ sudo yum update

Loaded plugins: priorities, security, update-motd, upgrade-helper
amzn-main | 2.1 kB 00:00
amzn-updates | 2.3 kB 00:00
Setting up Update Process
Resolving Dependencies
--> Running transaction check
---> Package aws-apitools-ec2.noarch 0:1.6.8.1-1.0.amzn1 will be updated
---> Package aws-apitools-ec2.noarch 0:1.6.10.0-1.0.amzn1 will be an update
---> Package gnupg2.x86_64 0:2.0.18-1.16.amzn1 will be updated
---> Package gnupg2.x86_64 0:2.0.19-8.21.amzn1 will be an update
---> Package libgcrypt.i686 0:1.4.5-9.10.amzn1 will be updated
---> Package libgcrypt.x86_64 0:1.4.5-9.10.amzn1 will be updated
---> Package libgcrypt.i686 0:1.4.5-9.12.amzn1 will be an update
---> Package libgcrypt.x86_64 0:1.4.5-9.12.amzn1 will be an update
---> Package openssl.x86_64 1:1.0.1e-4.53.amzn1 will be updated
---> Package openssl.x86_64 1:1.0.1e-4.54.amzn1 will be an update
---> Package python-boto.noarch 0:2.9.9-1.0.amzn1 will be updated
---> Package python-boto.noarch 0:2.13.3-1.0.amzn1 will be an update
--> Finished Dependency Resolution

Dependencies Resolved
================================================================================
Package Arch Version Repository
Size
================================================================================
Updating:
aws-apitools-ec2 noarch 1.6.10.0-1.0.amzn1 amzn-updates
14 M
gnupg2 x86_64 2.0.19-8.21.amzn1 amzn-updates
2.4 M
libgcrypt i686 1.4.5-9.12.amzn1 amzn-updates
248 k
libgcrypt x86_64 1.4.5-9.12.amzn1 amzn-updates
262 k
openssl x86_64 1:1.0.1e-4.54.amzn1 amzn-updates
1.7 M
python-boto noarch 2.13.3-1.0.amzn1 amzn-updates
1.6 M
Transaction Summary
================================================================================
Upgrade 6 Package(s)
Total download size: 20 M
Is this ok [y/N]:

3. Review the packages listed, and type y and Enter to accept the updates. Updating all of the packages
on a system can take several minutes. The yum output shows the status of the update while it is
running.

Downloading Packages:
(1/6): aws-apitools-ec2-1.6.10.0-1.0.amzn1.noarch.rpm | 14 MB 00:00
(2/6): gnupg2-2.0.19-8.21.amzn1.x86_64.rpm | 2.4 MB 00:00
(3/6): libgcrypt-1.4.5-9.12.amzn1.i686.rpm | 248 kB 00:00
(4/6): libgcrypt-1.4.5-9.12.amzn1.x86_64.rpm | 262 kB 00:00
(5/6): openssl-1.0.1e-4.54.amzn1.x86_64.rpm | 1.7 MB 00:00
(6/6): python-boto-2.13.3-1.0.amzn1.noarch.rpm | 1.6 MB 00:00
--------------------------------------------------------------------------
------
Total 28 MB/s | 20 MB 00:00
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Updating : libgcrypt-1.4.5-9.12.amzn1.x86_64
1/12
Updating : gnupg2-2.0.19-8.21.amzn1.x86_64
2/12
Updating : aws-apitools-ec2-1.6.10.0-1.0.amzn1.noarch
3/12
Updating : 1:openssl-1.0.1e-4.54.amzn1.x86_64
4/12
...
Complete!

4. (Optional) Reboot your instance to ensure that you are using the latest packages and libraries from
your update; kernel updates are not loaded until a reboot occurs. Updates to any glibc libraries
should also be followed by a reboot. For updates to packages that control services, it may be sufficient
to restart the services to pick up the updates, but a system reboot ensures that all previous package
and library updates are complete.

To update a single package on an Amazon Linux instance
Use this procedure to update a single package (and its dependencies) and not the entire system.

1. Run the yum update command with the name of the package you would like to update.

[ec2-user ~]$ sudo yum update openssl

Loaded plugins: priorities, security, update-motd, upgrade-helper
amzn-main | 2.1 kB 00:00
amzn-updates | 2.3 kB 00:00
Setting up Update Process
Resolving Dependencies
--> Running transaction check
---> Package openssl.x86_64 1:1.0.1e-4.53.amzn1 will be updated
---> Package openssl.x86_64 1:1.0.1e-4.54.amzn1 will be an update
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository
Size
================================================================================
Updating:
openssl x86_64 1:1.0.1e-4.54.amzn1 amzn-updates
1.7 M
Transaction Summary
================================================================================
Upgrade 1 Package(s)
Total download size: 1.7 M
Is this ok [y/N]:

2. Review the package information listed, and type y and Enter to accept the update or updates.
Sometimes there will be more than one package listed if there are package dependencies that must
be resolved. The yum output shows the status of the update while it is running.

Downloading Packages:
openssl-1.0.1e-4.54.amzn1.x86_64.rpm | 1.7 MB 00:00
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Updating : 1:openssl-1.0.1e-4.54.amzn1.x86_64
1/2
Cleanup : 1:openssl-1.0.1e-4.53.amzn1.x86_64
2/2
Verifying : 1:openssl-1.0.1e-4.54.amzn1.x86_64
1/2
Verifying : 1:openssl-1.0.1e-4.53.amzn1.x86_64
2/2
Updated:
openssl.x86_64 1:1.0.1e-4.54.amzn1
Complete!

3. (Optional) Reboot your instance to ensure that you are using the latest packages and libraries from
your update; kernel updates are not loaded until a reboot occurs. Updates to any glibc libraries
should also be followed by a reboot. For updates to packages that control services, it may be sufficient
to restart the services to pick up the updates, but a system reboot ensures that all previous package
and library updates are complete.

Posted by at

2 comments:

Subscribe to: Post Comments (Atom)