This is all the steps and details i used to create an instance of a web server to be used for a Magento Website.
1 - Start a m3.xlarge instance
2 - Make sure its part of a security group that has Ports 80, 443 open to all 0.0.0.0/0
3 - Add a SSH port execption for your IP
4 - Assign an Elastic IP to each new instance
5 - Get the ssh details from Connect Instance in the Amazon control panel and ssh into the device(s)
6- Change the date/time of the server
sudo dpkg-reconfigure tzdata
7 - Setup postfix
sudo apt-get install postfix
8 - Add all the packages needed to have magento run via command line
-
sudo apt-get upgrade
-
sudo apt-get install php5 php5-curl php5-gd php5-mcrypt php5-mysql -y
- Get the folder that will be our site root ready
Since we are going to be using NFS we need to make the owner ubuntusudo mkdir /var/www/somename
Change the group to ubuntusudo chown -R ubuntu /var/www/somename/
sudo chgrp -R ubuntu /var/www/somename/
- Install mysql just to test the connection to the remote database
sudo apt-get install mysql-server -y
Once its installed check to see if you can get to the database via command linemysql -h 10.10.10.10 -u yourUserName -p'YourPassWordGoesHere'
- Mod Rewrite is required to make Magento work the way its supposed to
Restart Apachesudo a2enmod rewrite
sudo service apache2 restart
- Install Apc
Restart Apache to begin using Apcsudo apt-get install php-apc
sudo apache2ctl graceful
- Get Memcached
Install Memcachedsudo apt-get install mysql-server php5-mysql php5 php5-memcache -y
sudo apt-get install memcached
- Setup the main site configuration
Here is what the file might look likesudo vim /etc/apache2/sites-enabled/000-default
<VirtualHost *:80>
ServerAdmin webmaster@localhostDocumentRoot /var/www/somename
<Directory />
Options All
AllowOverride All
</Directory>
<Directory /var/www/somename/>
Options All
AllowOverride All
Order allow,deny
allow from all
</Directory>ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>ErrorLog ${APACHE_LOG_DIR}/somename-error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warnCustomLog ${APACHE_LOG_DIR}/somename-access.log combined
</VirtualHost> - Allow for SSL
Now Restart Apachesudo a2enmod ssl
Now configure Apache2 for sslservice apache2 restart
You have to reload apache to get things readysudo a2ensite default-ssl
You should now be ready to edit/modify the default file. There is 4 ( 3 certs and one private key ) files you need to be on the server and in the right place Certsservice apache2 reload
- intermediate.crt
- naturehills.com.ca
- naturehills.com.crt
- naturehills.com.key
This is what the file /etc/apache2/sites-enabled/default-ssl may look likesudo vim /etc/apache2/sites-enabled/default-ssl
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
ServerAdmin webmaster@localhostDocumentRoot /var/www/somename
<Directory />
Options All
AllowOverride All
</Directory>
<Directory /var/www/somename/>
Options All
AllowOverride All
Order allow,deny
allow from all
</Directory>ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>ErrorLog ${APACHE_LOG_DIR}/somename-ssl-error.log
LogLevel warnCustomLog ${APACHE_LOG_DIR}/somename-ssl_access.log combined
SSLEngine on
SSLCertificateKeyFile /etc/ssl/private/somename.com.key
SSLCertificateFile /etc/ssl/certs/somename.com.crt
SSLCACertificateFile /etc/ssl/certs/somename.com.ca
SSLCACertificateFile /etc/ssl/certs/intermediate.crt<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>BrowserMatch "MSIE [2-6]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
# MSIE 7 and newer should be able to use keepalive
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown</VirtualHost>
Now restart apache to see if there are any errors
</IfModule>sudo service apache2 restart
- Install PHP Pear
sudo apt-get install php-pear
- Get the build essential to install memcached
sudo apt-get install build-essential -y
- We need this to install memcached
sudo apt-get install php5-dev -y
- Now we can use PECL to install memcached
sudo pecl install memcache
- This will add the memcached ini First change to root
Now add the line to a new ini filesudo -i
echo "extension=memcache.so" > /etc/php5/conf.d/memcache.ini
- Now reload apache, yet a different way
/etc/init.d/apache2 reload
- Confirm that memcached is running/working
Or you can view the details this wayps aux | grep memcache
echo "stats settings" | nc localhost 11211
- Now lets get the NFS loaded You will have to adjust the NFS server etc/export and add another entry
Client setup:/var/nfs 59.299.199.198(rw,sync,no_subtree_check) 59.299.199.199(rw,sync,no_subtree_check)
The client needs the same changes to /etc/default/nfs-common to connect to an NFSv4 server. In /etc/default/nfs-common we set:sudo apt-get install nfs-common -y
You can test to see if the drive your trying to mount is there:NEED_IDMAPD=yes NEED_GSSD=no # no is default
You should see some thing like:showmount -e 59.99.99.197
Export list for 54.235.147.98: /var/nfs 59.299.199.198,59.299.199.199
Mount the NFS drive
To make sure that the module is loaded at each boot, simply add nfs on the last line of /etc/modules. We can also mount an exported subtree with:sudo mount -t nfs4 -o proto=tcp,port=2049 59.99.99.197:/var/nfs/ /var/www/somename/
To save us from retyping this after every reboot we add the following line to /etc/fstab:mount -t nfs4 -o proto=tcp,port=2049 nfs-server:/users /home/users
59.99.99.197:/var/nfs /var/www/somename nfs4 _netdev,auto 0 0
- Add Iocube
cd /usr/local
sudo wget http://downloads2.ioncube.com/loader_downloads/ioncube_loaders_lin_x86-64.tar.gz
Make sure its loaded by apachesudo tar xzf ioncube_loaders_lin_x86-64.tar.gz
Restart apacheecho "zend_extension=/usr/local/ioncube/ioncube_loader_lin_5.4.so" | sudo tee /etc/php5/conf.d/ioncube.ini
To test if ionCube loader is installed you can check the output of phpinfo(); it should contain the line ionCube Loader under Additional Modules. You can also copy the file /usr/local/ioncube/loader-wizard.php to your public web directory and run it via your web browser. It will run some additional tests and tell you if there are still any problems.sudo /etc/init.d/apache2 restart
- Final checks
If for some reason the site does not load with the new server running it may be comlaining about a mismatch in server name
Add this to the default_ssl
ServerName www.naturehills.com