|
|
(25 intermediate revisions by the same user not shown) |
Line 1: |
Line 1: |
− | = THIS PAGE IS A DRAFT, NOT A REAL COURSE PAGE =
| + | [http://wiki.littlesvr.ca/wiki/OPS345_Lab_3 This page has moved.] |
− | | |
− | ''' The current schedule for OPS345 is here: [[OPS335_Weekly_Schedule]]
| |
− | | |
− | * www instance was created in the last lab, with a static private IP, and port fowarding done from port 2211 on router to port 22 on www.
| |
− | * yum install httpd iptables-services
| |
− | * enable iptables
| |
− | * before starting the service, we'll configure the server to store all webpages on a separate volume: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-attaching-volume.html
| |
− | ** 1GB in us-east-1a
| |
− | ** rename to www-data
| |
− | ** attach to www (note reboot is not required)
| |
− | * ls /dev/xvd* -l # note /dev/xvdf
| |
− | * vgcreate vg_www /dev/xvdf
| |
− | * lvcreate -n lv_www -l 100%FREE vg_www
| |
− | * blkid
| |
− | * ls /dev/mapper/vg_www-lv_www
| |
− | * mkfs.ext4 -L www /dev/mapper/vg_www-lv_www
| |
− | * vi /etc/fstab
| |
− | ** /dev/mapper/vg_www-lv_www /var/www ext4 defaults 0 0
| |
− | * mount /var/www/
| |
− | * ls /var/www/
| |
− | * mount | grep /dev/xvd
| |
− | * ls /var/www/
| |
− | * mkdir /var/www/html
| |
− | * vi /var/www/html/index.php<source>
| |
− | Hello. My web server still works.<br />
| |
− | If this shows the current date and time, PHP works too:<br />
| |
− | <?php system("date"); ?></source>
| |
− | * chown -R andrew /var/www/html
| |
− | * systemctl start httpd
| |
− | * On router: iptables -t nat -I PREROUTING -p tcp --dport 80 -j DNAT --to 10.3.45.11:80
| |
− | * On www: iptables -I INPUT 3 -p tcp --dport 80 -j ACCEPT
| |
− | * service iptables save
| |
− | * Edit security group, allow HTTP
| |
− | * ss -atnp on router and www
| |
− | * install php, restart httpd
| |
− | * make proper html page:<source>
| |
− | <html>
| |
− | <head>
| |
− | <style>
| |
− | body {background-color: powderblue;}
| |
− | table {border-spacing: 1cm 0cm;}
| |
− | h2 {color: blue;}
| |
− | th {text-align: left;}
| |
− | p {color: red; font-weight: bold;}
| |
− | </style>
| |
− | </head>
| |
− | <body>
| |
− | Hello. My web server still works.<br />
| |
− | If this shows the current date and time, PHP works too:<br /><br />
| |
− | <?php system("date"); ?>
| |
− | <h2>Instance Info</h2>
| |
− | <table>
| |
− | <tr><th>Configuration</th><th>Value</th></tr>
| |
− | <tr>
| |
− | <td><p>Private IP</p></td>
| |
− | <td><?php system("curl http://169.254.169.254/latest/meta-data/local-ipv4"); ?></td>
| |
− | </tr>
| |
− | <tr>
| |
− | <td><p>Public IP</p></td>
| |
− | <td><?php system("curl http://169.254.169.254/latest/meta-data/public-ipv4"); ?></td>
| |
− | </tr>
| |
− | </table>
| |
− | </body>
| |
− | </html>
| |
− | </source>
| |
− | * Removing public ip doesn't work. Have to modify subnet and recreate the vm:
| |
− | ** Terminate www, rename it to www-deleted.
| |
− | ** Modify subnet to not auto-assign public IPs.
| |
− | ** Recreate the www instance with the same steps, except specify a primary ip.
| |
− | ** Install httpd, php
| |
− | ** To get yum install to work, allocate a new elastic ip "temporary" and associate with www
| |
− | ** Note that www-data was not deleted when the original www was terminated. Attach it to www now.
| |
− | ** All the data on the logical volume is still there, but fstab is gone, add lv-www back into there.
| |
− | ** Start httpd, everything should be back to as it was.
| |
− | ** Disasociate the public ip. Everything should keep working.
| |
− | ** Release the elastic ip.
| |
− | * Add a 404 check for missing ip:
| |
− | <source>
| |
− | <?php
| |
− | system("curl http://169.254.169.254/latest/meta-data/public-ipv4 2>&1| grep -q '404 - Not Found'", $rc);
| |
− | if ($rc == 0)
| |
− | echo "None found";
| |
− | else
| |
− | system("curl http://169.254.169.254/latest/meta-data/public-ipv4");
| |
− | ?>
| |
− | </source>
| |
− | * If you feel curious you can see what other metadata you can get via http://169.254.169.254 here: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instancedata-data-retrieval.html
| |
− | * Move www to ops345sgprivate, and add port 80 from ops345sg as a second inbound rule there.
| |