cloud computing Archives - COBRA softwares
20 Jul

Tutorial: Installing a LAMP Web Server on Amazon Linux

The following procedures help you install the Apache web server with PHP and MySQL support on your Amazon Linux instance (sometimes called a LAMP web server or LAMP stack). You can use this server to host a static website or deploy a dynamic PHP application that reads and writes information to a database.


This tutorial assumes that you have already launched an instance with a public DNS name that is reachable from the Internet. For more information, see Step 1: Launch an Instance. You must also have configured your security group to allow SSH (port 22),HTTP (port 80), and HTTPS (port 443) connections. For more information about these prerequisites, see Setting Up with Amazon EC2.


If you are trying to set up a LAMP web server on an Ubuntu instance, this tutorial will not work for you. These procedures are intended for use with Amazon Linux. For more information about other distributions, see their specific documentation. For information about LAMP web servers on Ubuntu, see the Ubuntu community documentation ApacheMySQLPHPtopic.

To install and start the LAMP web server on Amazon Linux

  1. Connect to your instance.
  2. To ensure that all of your software packages are up to date, perform a quick software update on your instance. This process may take a few minutes, but it is important to make sure you have the latest security updates and bug fixes.


    The -y option installs the updates without asking for confirmation. If you would like to examine the updates before installing, you can omit this option.

    [ec2-user ~]$ sudo yum update -y
  3. Now that your instance is current, you can install the Apache web server, MySQL, and PHP software packages. Use the yum install command to install multiple software packages and all related dependencies at the same time.
    [ec2-user ~]$ sudo yum install -y httpd24 php56 mysql55-server php56-mysqlnd
  4. Start the Apache web server.
    [ec2-user ~]$ sudo service httpd start
    Starting httpd:                                            [  OK  ]
  5. Use the chkconfig command to configure the Apache web server to start at each system boot.
    [ec2-user ~]$ sudo chkconfig httpd on


    The chkconfig command does not provide any confirmation message when you successfully enable a service. You can verify thathttpd is on by running the following command.

    [ec2-user ~]$ chkconfig --list httpd
    httpd           0:off   1:off   2:on    3:on    4:on    5:on    6:off

    Here, httpd is on in runlevels 2, 3, 4, and 5 (which is what you want to see).

  6. Test your web server. In a web browser, enter the public DNS address (or the public IP address) of your instance; you should see the Apache test page. You can get the public DNS for your instance using the Amazon EC2 console (check the Public DNS column; if this column is hidden, choose Show/Hide and selectPublic DNS).


    If you are unable to see the Apache test page, check that the security group you are using contains a rule to allow HTTP (port 80) traffic. For information about adding an HTTP rule to your security group, see Adding Rules to a Security Group.


    If you are not using Amazon Linux, you may also need to configure the firewall on your instance to allow these connections. For more information about how to configure the firewall, see the documentation for your specific distribution.


    This test page appears only when there is no content in/var/www/html. When you add content to the document root, your content appears at the public DNS address of your instance instead of this test page.

Apache httpd serves files that are kept in a directory called the Apache document root. The Amazon Linux Apache document root is /var/www/html, which is owned by root by default.

[ec2-user ~]$ ls -l /var/www
total 16
drwxr-xr-x 2 root root 4096 Jul 12 01:00 cgi-bin
drwxr-xr-x 3 root root 4096 Aug  7 00:02 error
drwxr-xr-x 2 root root 4096 Jan  6  2012 html
drwxr-xr-x 3 root root 4096 Aug  7 00:02 icons

To allow ec2-user to manipulate files in this directory, you need to modify the ownership and permissions of the directory. There are many ways to accomplish this task; in this tutorial, you add a www group to your instance, and you give that group ownership of the /var/www directory and add write permissions for the group. Any members of that group will then be able to add, delete, and modify files for the web server.

To set file permissions

  1. Add the www group to your instance.
    [ec2-user ~]$ sudo groupadd www
  2. Add your user (in this case, ec2-user) to the www group.
    [ec2-user ~]$ sudo usermod -a -G www ec2-user


    You need to log out and log back in to pick up the new group. You can use the exit command, or close the terminal window.

  3. Log out and then log back in again, and verify your membership in the wwwgroup.
    1. Log out.
      [ec2-user ~]$ exit
    2. Reconnect to your instance, and then run the following command to verify your membership in the www group.
      [ec2-user ~]$ groups
      ec2-user wheel www
  4. Change the group ownership of /var/www and its contents to the www group.
    [ec2-user ~]$ sudo chown -R root:www /var/www
  5. Change the directory permissions of /var/www and its subdirectories to add group write permissions and to set the group ID on future subdirectories.
    [ec2-user ~]$ sudo chmod 2775 /var/www
    [ec2-user ~]$ find /var/www -type d -exec sudo chmod 2775 {} \;
  6. Recursively change the file permissions of /var/www and its subdirectories to add group write permissions.
    [ec2-user ~]$ find /var/www -type f -exec sudo chmod 0664 {} \;

Now ec2-user (and any future members of the www group) can add, delete, and edit files in the Apache document root. Now you are ready to add content, such as a static website or a PHP application.

(Optional) Secure your web server

A web server running the HTTP protocol provides no transport security for the data that it sends or receives. When you connect to an HTTP server using a web browser, the URLs that you enter, the content of web pages that you receive, and the contents (including passwords) of any HTML forms that you submit are all visible to eavesdroppers anywhere along the network pathway. The best practice for securing your web server is to install support for HTTPS (HTTP Secure), which protects your data with SSL/TLS encryption.

For information about enabling HTTPS on your server, see Tutorial: Configure Apache Web Server on Amazon Linux to use SSL/TLS.

To test your LAMP web server

If your server is installed and running, and your file permissions are set correctly, yourec2-user account should be able to create a simple PHP file in the /var/www/htmldirectory that will be available from the Internet.

  1. Create a simple PHP file in the Apache document root.
    [ec2-user ~]$ echo "<?php phpinfo(); ?>" > /var/www/html/phpinfo.php


    If you get a “Permission denied” error when trying to run this command, try logging out and logging back in again to pick up the proper group permissions that you configured in To set file permissions.

  2. In a web browser, enter the URL of the file you just created. This URL is the public DNS address of your instance followed by a forward slash and the file name. For example:

    You should see the PHP information page:


    If you do not see this page, verify that the/var/www/html/phpinfo.php file was created properly in the previous step. You can also verify that all of the required packages were installed with the following command (the package versions in the second column do not need to match this example output):

    [ec2-user ~]$ sudo yum list installed httpd24 php56 mysql55-server php56-mysqlnd
    Loaded plugins: priorities, update-motd, upgrade-helper
    959 packages excluded due to repository priority protections
    Installed Packages
    httpd24.x86_64                          2.4.16-1.62.amzn1                    @amzn-main
    mysql55-server.x86_64                   5.5.45-1.9.amzn1                     @amzn-main
    php56.x86_64                            5.6.13-1.118.amzn1                   @amzn-main
    php56-mysqlnd.x86_64                    5.6.13-1.118.amzn1                   @amzn-main

    If any of the required packages are not listed in your output, install them with the sudo yum install package command.

  3. Delete the phpinfo.php file. Although this can be useful information to you, it should not be broadcast to the Internet for security reasons.
    [ec2-user ~]$ rm /var/www/html/phpinfo.php

To secure the MySQL server

The default installation of the MySQL server has several features that are great for testing and development, but they should be disabled or removed for production servers. The mysql_secure_installation command walks you through the process of setting a root password and removing the insecure features from your installation. Even if you are not planning on using the MySQL server, performing this procedure is a good idea.

  1. Start the MySQL server.
    [ec2-user ~]$ sudo service mysqld start
    Initializing MySQL database:  Installing MySQL system tables...
    Filling help tables...
    To start mysqld at boot time you have to copy
    support-files/mysql.server to the right place for your system
    Starting mysqld:                                           [  OK  ]
  2. Run mysql_secure_installation.
    [ec2-user ~]$ sudo mysql_secure_installation
    1. When prompted, enter a password for the root account.
      1. Enter the current root password. By default, the root account does not have a password set, so press Enter.
      2. Type Y to set a password, and enter a secure password twice. For more information about creating a secure password, see Make sure to store this password in a safe place.


        Setting a root password for MySQL is only the most basic measure for securing your database. When you build or install a database-driven application, you typically create a database service user for that application and avoid using the root account for anything but database administration.

    2. Type Y to remove the anonymous user accounts.
    3. Type Y to disable remote root login.
    4. Type Y to remove the test database.
    5. Type Y to reload the privilege tables and save your changes.
  3. (Optional) Stop the MySQL server if you do not plan to use it right away. You can restart the server when you need it again.
    [ec2-user ~]$ sudo service mysqld stop
    Stopping mysqld:                                           [  OK  ]
  4. (Optional) If you want the MySQL server to start at every boot, enter the following command.
    [ec2-user ~]$ sudo chkconfig mysqld on

You should now have a fully functional LAMP web server. If you add content to the Apache document root at /var/www/html, you should be able to view that content at the public DNS address for your instance.

(Optional) Install phpMyAdmin

phpMyAdmin is a web-based database management tool that you can use to view and edit the MySQL databases on your EC2 instance. Follow the steps below to install and configure phpMyAdmin on your Amazon Linux instance.


We do not recommend using phpMyAdmin to access a LAMP server unless you have enabled SSL/TLS in Apache; otherwise, your database administrator password and other data will be transmitted insecurely across the Internet. For information about configuring a secure web server on an EC2 instance, see Tutorial: Configure Apache Web Server on Amazon Linux to use SSL/TLS.

  1. Enable the Extra Packages for Enterprise Linux (EPEL) repository from the Fedora project on your instance.
    [ec2-user ~]$ sudo yum-config-manager --enable epel
  2. Install the phpMyAdmin package.
    [ec2-user ~]$ sudo yum install -y phpMyAdmin


    Answer y to import the GPG key for the EPEL repository when prompted.

  3. Configure your phpMyAdmin installation to allow access from your local machine. By default, phpMyAdmin only allows access from the server that it is running on, which is not very useful because Amazon Linux does not include a web browser.
    1. Find your local IP address by visiting a service such as
    2. Edit the /etc/httpd/conf.d/phpMyAdmin.conf file and replace the server IP address ( with your local IP address with the following command, replacing your_ip_address with the local IP address that you identified in the previous step.
      [ec2-user ~]$ sudo sed -i -e 's/' /etc/httpd/conf.d/phpMyAdmin.conf
  4. Restart the Apache web server to pick up the new configuration.
    [ec2-user ~]$ sudo service httpd restart
    Stopping httpd:                                            [  OK  ]
    Starting httpd:                                            [  OK  ]
  5. In a web browser, enter the URL of your phpMyAdmin installation. This URL is the public DNS address of your instance followed by a forward slash andphpmyadmin. For example:

    You should see the phpMyAdmin login page:


    If you get a 403 Forbidden error, verify that you have set the correct IP address in the /etc/httpd/conf.d/phpMyAdmin.conffile. You can see what IP address the Apache server is actually getting your requests from by viewing the Apache access log with the following command:

    [ec2-user ~]$ sudo tail -n 1 /var/log/httpd/access_log | awk '{ print $1 }'

    Repeat Step 3.b, replacing the incorrect address that you previously entered with the address returned here; for example:

    [ec2-user ~]$ sudo sed -i -e 's/previous_ip_address/' /etc/httpd/conf.d/phpMyAdmin.conf

    After you’ve replaced the IP address, restart the httpd service withStep 4.

  6. Log into your phpMyAdmin installation with the root user name and the MySQL root password you created earlier. For more information about usingphpMyAdmin, see the phpMyAdmin User Guide.
Share this
16 Apr

OpenStack – The Open Cloud Computing Platform

OpenStack is open source cloud software, which consists of a series of allied projects controlling large pools of computing, storage and network resources in a data center while managing through a dashboard. It is designed to run on commodity hardware such as ARM and x86.

OpenStack has grown into a large community with over 9000 contributors and nearly 500 companies since its initial release in 2010, by NASA and Rackspace. released it under the Apache license 2.0.


Image Source:


OpenStack helps your business run faster and delivers cost-effective infrastructure to manage data analytics, transactions, and business applications.


OpenStack Components

OpenStack consists of multiple components with a modular architecture and various code names. Let’s have a brief look at the components of OpenStack.


Compute (Nova)

OpenStack Compute is a cloud computing fabric controller, which manages pools of computer resources and work with virtualization technologies, bare metals, and high-performance computing configurations. Nova’s architecture provides flexibility to design the cloud with no proprietary software or hardware requirements and also delivers the ability to integrate the legacy systems and third-party products.

Nova can be deployed using hypervisor technologies such as KVM, VMware, LXC, XenServer, etc. It is used to manage numerous virtual machines and other instances that handle various computing tasks.


Image Service (Glance)

OpenStack image service offers discovering, registering, and restoring virtual machine images. Glance has client-server architecture and delivers a user REST API, which allows querying of virtual machine image metadata and also retrieval of the actual image. While deploying new virtual machine instances, Glance uses the stored images as templates.

OpenStack Glance supports Raw, VirtualBox (VDI), VMWare (VMDK, OVF), Hyper-V (VHD) and Qemu/KVM (qcow2) virtual machine images.


Object Storage (Swift)

OpenStack Swift creates redundant, scalable data storage to store petabytes of accessible data. The stored data can be leveraged, retrieved and updated. It has a distributed architecture, providing greater redundancy, scalability, and performance, with no central point of control.

Swift is a profoundly available, shared, eventually consistent object store. It helps organizations to store lots of data safely, cheaply and efficiently. Swift ensures data replication and distribution over various devices, which makes it ideal for cost-effective, scale-out storage.


Dashboard (Horizon)

Horizon is the authorized implementation of OpenStack’s Dashboard, which is the only graphical interface to automate cloud-based resources. To service providers and other commercial vendors, it supports with third party services such as monitoring, billing, and other management tools. Developers can automate tools to manage OpenStack resources using EC2 compatibility API or the native OpenStack API.


Identity Service (Keystone)

Keystone provides a central list of users, mapped against all the OpenStack services, which they can access. It integrates with existing backend services such as LDAP while acting as a common authentication system across the cloud computing system.

Keystone supports various forms of authentication like standard username & password credentials, AWS-style (Amazon Web Services) logins and token-based systems. Additionally, the catalog provides an endpoint registry with a queryable list of the services deployed in an OpenStack cloud.


Networking (Neutron)

Neutron provides networking capability like managing networks and IP addresses for OpenStack. It ensures that the network is not a limiting factor in a cloud deployment and offers users with self-service ability over network configurations. OpenStack networking allows users to create their own networks and connect devices and servers to one or more networks. Developers can use SDN technology to support great levels of multi-tenancy and massive scale.

Neutron also offers an extension framework, which supports deploying and managing of other network services such as virtual private networks (VPN), firewalls, load balancing, and intrusion detection system (IDS)


Block Storage (Cinder)

OpenStack Cinder delivers determined block-level storage devices for application with OpenStack compute instances. A cloud user can manage their storage needs by integrating block storage volumes with Dashboard and Nova.

Cinder can use storage platforms such as Linux server, EMC (ScaleIO, VMAX, and VNX), Ceph, Coraid, CloudByte, IBM, Hitachi data systems, SAN volume controller, etc. It is appropriate for expandable file systems and database storage.


Telemetry (Ceilometer)

Ceilometer delivers a single point of contact for billing systems obtaining all of the measurements to authorize customer billing across all OpenStack core components. By monitoring notifications from existing services, developers can collect the data and may configure the type of data to meet their operating requirements.


Orchestration (Heat)

Heat is a service to orchestrate multiple composite cloud applications through both the CloudFormation-compatible Query API and OpenStack-native REST API, using the AWS CloudFormation template format.

Though, OpenStack is made up of several other components because of its open nature, the OpenStack community has recognized these nine components as the core components.

OpenStack will help your business in accelerating the time-to-market, integrating with a variety of key businesses, and delivering the most value from the cloud. So, enterprises need to consider the building of their cloud platform with OpenStack. Vmoksha specializes in providing Cloud based services including OpenStack.


Share this

© 2015-2020 COBRA Softwares Pvt Ltd. All rights reserved.