Difference between revisions of "OPS345 Lab 3"

From CDOT Wiki
Jump to: navigation, search
(Replaced content with "[http://wiki.littlesvr.ca/wiki/OPS345_Lab_3 This page has moved.]")
 
(27 intermediate revisions by the same user not shown)
Line 1: Line 1:
* www instance was created in the last lab, with a static private IP, and port fowarding done from port 2211 on router to port 22 on www.
+
[http://wiki.littlesvr.ca/wiki/OPS345_Lab_3 This page has moved.]
* yum install httpd iptables-services
 
* enable iptables
 
* before starting the service, we'll configure the server to store all webpages on a separate volume: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-attaching-volume.html
 
** 1GB in us-east-1a
 
** rename to www-data
 
** attach to www (note reboot is not required)
 
* ls /dev/xvd* -l # note /dev/xvdf
 
* vgcreate vg_www /dev/xvdf
 
* lvcreate -n lv_www -l 100%FREE vg_www
 
* blkid
 
* ls /dev/mapper/vg_www-lv_www
 
* mkfs.ext4 -L www /dev/mapper/vg_www-lv_www
 
* vi /etc/fstab
 
** /dev/mapper/vg_www-lv_www /var/www ext4 defaults 0 0
 
* mount /var/www/
 
* ls /var/www/
 
* mount | grep /dev/xvd
 
* ls /var/www/
 
* mkdir /var/www/html
 
* vi /var/www/html/index.php<source>
 
Hello. My web server still works.<br />
 
If this shows the current date and time, PHP works too:<br />
 
<?php system("date"); ?></source>
 
* chown -R andrew /var/www/html
 
* systemctl start httpd
 
* On router: iptables -t nat -I PREROUTING -p tcp --dport 80 -j DNAT --to 10.3.45.11:80
 
* On www: iptables -I INPUT 3 -p tcp --dport 80 -j ACCEPT
 
* service iptables save
 
* Edit security group, allow HTTP
 
* ss -atnp on router and www
 
* install php, restart httpd
 
* make proper html page:<source>
 
<html>
 
<head>
 
<style>
 
body  {background-color: powderblue;}
 
table {border-spacing: 1cm 0cm;}
 
h2    {color: blue;}
 
th    {text-align: left;}
 
p    {color: red; font-weight: bold;}
 
</style>
 
</head>
 
<body>
 
Hello. My web server still works.<br />
 
If this shows the current date and time, PHP works too:<br /><br />
 
<?php system("date"); ?>
 
<h2>Instance Info</h2>
 
<table>
 
<tr><th>Configuration</th><th>Value</th></tr>
 
<tr>
 
  <td><p>Private IP</p></td>
 
  <td><?php system("curl http://169.254.169.254/latest/meta-data/local-ipv4"); ?></td>
 
</tr>
 
<tr>
 
  <td><p>Public IP</p></td>
 
  <td><?php system("curl http://169.254.169.254/latest/meta-data/public-ipv4"); ?></td>
 
</tr>
 
</table>
 
</body>
 
</html>
 
</source>
 
* Removing public ip doesn't work. Have to modify subnet and recreate the vm:
 
** Terminate www, rename it to www-deleted.
 
** Modify subnet to not auto-assign public IPs.
 
** Recreate the www instance with the same steps, except specify a primary ip.
 
** Install httpd, php
 
** To get yum install to work, allocate a new elastic ip "temporary" and associate with www
 
** Note that www-data was not deleted when the original www was terminated. Attach it to www now.
 
** All the data on the logical volume is still there, but fstab is gone, add lv-www back into there.
 
** Start httpd, everything should be back to as it was.
 
** Dissasociate the public ip. Everything should keep working.
 
* Add a 404 check for missing ip:
 
<source>
 
<?php
 
system("curl http://169.254.169.254/latest/meta-data/public-ipv4 2>&1| grep -q '404 - Not Found'", $rc);     
 
if ($rc == 0)
 
  echo "None found";
 
else
 
  system("curl http://169.254.169.254/latest/meta-data/public-ipv4");
 
?>
 
</source>
 
* If you feel curious you can see what other metadata you can get via http://169.254.169.254 here: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instancedata-data-retrieval.html
 
* Move www to ops345sgprivate, and add port 80 from ops345sg as a second inbound rule there.
 

Latest revision as of 03:42, 28 February 2022

This page has moved.

Retrieved from "https://wiki.cdot.senecapolytechnic.ca/w/index.php?title=OPS345_Lab_3&oldid=157844"