In this post I’m doing an assignment for Tero Karvinen’s course on linux servers. The assignment is to create a name based virtual server with a domain pointing to it. I decided to use Amazon’s EC2, since it has a free tier and I have already used it once before.
Setting up
Once I already had signed up for Amazon, I just logged in and saw the control panel.
Amazon EC2 link
The very first link of the load of services is the Amazon’s virtual server under ‘compute’.
Amazon launch instance button
On the next page we will get good instructions to start an own instance and a notice that the server will be physically located in central EU.
Amazon EC2 choose OS
Here we will get to choose the operating system for the EC2 instance. I will choose the ‘Ubuntu Server 14.04 LTS’.
Amazon EC2 choose specs
Here I got a list of available hardware settings for the virtual server. The first one is free for a time so I will choose that one. On the bottom there is a button ‘Review and launch’. There are also some more specific settings if one would like to change them, but there’s mostly no need for it.
On the next page is a review of all the choices I made in the steps and a button ‘Launch’ that will launch the new Amazon virtual server.
Amazon EC2 private key
Here it prompts us to use an existing private key or to create a new one. I made a new one called ‘amazon_ec2_sshkey’ and downloaded it. Next up is ‘Launch Instances’.
Amazon EC2 instances launching
The process was very fast, and now I’ve got an instance running. Before I go and connect to it with SSH, Amazon has a firewall of its own they call ‘Security Groups’. I’ll add the ports I need for my server to be seen to the public.
Let’s navigate to the firewall settings on the side panel:
Amazon EC2 security groups – firewall
When there, press the ‘Create security group’ button.
Amazon EC2 security groups – firewall
Here are the settings that I set for my security group. I named it as ‘Web Server’, so it would point to just the two ports that are related to a web server, which are 80 and 443, the basic HTTP and HTTPS ports.
Amazon EC2 security groups – firewall
Next, from the ‘Instances’ panel, we need to associate the newly created rules with our running instance. The settings are found here.
Amazon EC2 security groups – firewall
Then simply check the rule and press ‘Assign Security Groups’.
One thing left to do here, for a web server we will need a static IP address, because your IP address cannot be re-allocated when you have a server running there! Amazon likes to call it an ‘Elastic IP address’ for some reason. Let’s navigate via the side panel:
Amazon EC2 elastic (static) IP
Then we need to allocate a new IP address that is static.
Amazon EC2 elastic (static) IP
Amazon EC2 elastic (static) IP
And there we have it. The static IP address is ‘52.29.30.76’.
Now we need to associate the address with our virtual server.
Amazon EC2 elastic (static) IP
A window apprears:
Amazon EC2 elastic (static) IP associate
Simply add the instance name you want to associate the static IP address with and press ‘Associate’.
Now everything should be in order and we shouldn’t need to come back here.
Now to the SSH connection! We know the public IP now, since we just created one for it and we have the SSH key. We just need to connect!
ssh -i amazon_ec2_sshkey.pem 52.29.30.76 The authenticity of host '52.29.30.76 (52.29.30.76)' can't be established. RSA key fingerprint is 23:ce:XX:50:3c:XX:9b:09:e1:XX:04:12:b0:XX:b7:95. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '52.29.30.76' (RSA) to the list of known hosts. Please login as the user "ubuntu" rather than the user "root". Connection to 52.29.30.76 closed.
The server responded that I should connect with the user ‘ubuntu’. So next try is with that.
ssh -i amazon_ec2_sshkey.pem ubuntu@52.29.30.76 Welcome to Ubuntu 14.04.2 LTS (GNU/Linux 3.13.0-48-generic x86_64) * Documentation: https://help.ubuntu.com/ System information as of Wed Sep 30 20:03:38 UTC 2015 System load: 0.0 Processes: 96 Usage of /: 9.8% of 7.74GB Users logged in: 0 Memory usage: 5% IP address for eth0: 172.31.2.13 Swap usage: 0% Graph this data and manage this system at: https://landscape.canonical.com/ Get cloud support with Ubuntu Advantage Cloud Guest: http://www.ubuntu.com/business/services/cloud 0 packages can be updated. 0 updates are security updates. The programs included with the Ubuntu system are free software; the exact distribution terms for each program are described in the individual files in /usr/share/doc/*/copyright. Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law. ubuntu@ip-172-31-2-13:~$
And I’m in!
Installing a web server
Next up is installing a web server. I will be using Apache. Let’s install the full LAMP stack right away.
sudo apt-get update sudo apt-get install -y apache2 php5 mariadb-server libapache2-mod-php5
It will ask for the MySQL root password.
Let’s enable the UFW (uncomplicated firewall) that installed with apache with away. Let’s be careful, because if we don’t add the SSH rule right away, we might be thrown off the server for good.
sudo ufw enable && sudo ufw allow ssh
Cramp them both into the same command to make sure we keep the connection alive.
sudo ufw allow http sudo ufw allow https
To test if all the configuration on Amazon’s side and server side work, I connected to the server’s public IP and got a response from apache displaying the default welcome page.
Configuring the web server
I like to name my servers, so first off I’ll change the hostname:
sudo hostname metsanheimo.tk
‘metsanheimo.tk’ is the domain I’m going to reserve from dot.tk.
Let’s first create a folder for the web page. I will place it in the ‘ubuntu’ user’s home directory and create a ‘Hello World!’ index page.
mkdir /home/ubuntu/public_html echo "Hello World!" > /home/ubuntu/public_html/index.html
Now we’ll make a new site for apache.
cd /etc/apache2/sites-available sudo cp 000-default.conf metsanheimo.tk.conf
The ‘000-default.conf’ is the default configuration file for apache that also works as a good base, I copied that and named it with the server’s name.
I modified and added the contents to the file like this:
<VirtualHost *:80> ServerName metsanheimo.tk ServerAlias www.metsanheimo.tk ServerAdmin webmaster@metsanheimo.tk DocumentRoot /home/ubuntu/public_html ErrorLog ${APACHE_LOG_DIR}/metsanheimo-tk-error.log CustomLog ${APACHE_LOG_DIR}/metsanheimo-tk-access.log combined </VirtualHost>
This will set the server name to ‘metsanheimo.tk’, the ‘ServerAlias’ will make it to work with the ‘www.’ subdomain. Document root points to the folder we just created for the site. I also named the error logs accordingly. Now to enable the configuration.
sudo a2ensite metsanheimo.tk
sudo service apache2 reload
To try it out I will modify my local computer’s hosts file to forward me to the server’s IP with the hostname ‘metsanheimo.tk’.
sudo nano /etc/hosts
And I wrote this line to the bottom of the file:
52.29.30.76 metsanheimo.tk
When trying out, it did forward me to the server correctly and the server did work, but it returned with ‘403 Forbidden’.
After a bit of Googling I found an explanation from a StackOverflow question, I just had to add this to the apache configuration file:
sudoedit /etc/apache2/sites-available/metsanheimo.tk.conf
<Directory /home/ubuntu/public_html> Require all granted </Directory>
Now on my local computer when I write ‘metsanheimo.tk’ it will forward me to the Amazon EC2 virtual private server.
Registering and configuring a .tk domain name
This was pretty straight forward. On the front page I entered my desired domain name ‘metsanheimo’ and it took me to the next page:
Registering a free TK domain
Seems like they also offer a free DNS service, so all I had to do here is forward both addresses to the virtual server’s IP. Registration went through. Now it’s just a matter of time for them to set up the DNS. You will find ‘Hello World!’ soon under the domain metsanheimo.tk.