I've been tinkering around with AWS lately, deploying different instances and seeing what I can do with them. I've played around with Windows-based servers predominantly but recently needed to set up a Linux server for testing some PHP out and that got me thinking about another guide; mainly so I don't forget how to do it.
Step One: Create a Key Pair
First things first, we need to make sure that we can access our server once it's up and running. To do this we need to create a Key Pair. This will allow us to SSH and FTP into our instance (which will allow us to install dependencies if we need them, manage permissions and upload our files). Amazon won't allow you to assign a Key Pair after the instance has been created which is why we need to do this first of all.
Once you're in the AWS console navigate to EC2 under Compute and then, in the left-hand menu, select Key Pairs under Network and Security.
Click Create Key Pair, give it an appropriate name and then click Create. Your browser should automatically download a .pem file which you will need in a bit. We will be using this key later but for now, let's move on.
Step Two: Create your instance
Now you can go ahead and set your server up. There are two ways to do this; the first is through the EC2 dashboard and the second is through Elastic Beanstalk (this is an Amazon service that will configure a set up automatically for you and scale as necessary). In this guide, we'll follow along with Elastic Beanstalk for simplicity.
If you haven't created an application you'll want to do click Get Started or Create New Application. If you already have an application you can click Actions and then Create Environment.
Select Web Server Environment and then Select.
Give your instance a name, select PHP from thePreconfigured platform and leave Sample Application as it is.
Once you're happy, don't click Create Environment but instead, let's Configure more options.
Click Modify under Security and then in the EC2 key pair drop-down, select the Key Pair we created earlier.
Save the settings and then click Create Environment. It will take a little while (probably up to 10 minutes) so go make yourself a beverage and come back when it's all done.
Step Three: Access the server
If all has gone to plan, you should now have a shiny new server up and running and in good health!
Essentially that's it, you now have a Linux server. But we're going to want to upload our project so people can see it on the glorious wide web so that means gaining access to our server.
So how do we go about this? Well, remember that Key Pair? That holds the key! ....pair.
First things first, we need to configure some inbound rules for our instance. So head back to the EC2 dashboard and then under Network and Security click Security Groups.
Select the security group for your instance (this was created by Elastic Beanstalk). Then in the tabs at the bottom, click Inbound. Click Edit and then Add Rule. You want to add a rule for SSH so that we can connect via our FTP client or a terminal.
Now you're going to need the .pem file your browser downloaded for you earlier. This will act as ID for your computer to connect to the instance.
If you're going to be using an FTP client make sure you download it now and open it up to get started, I use Filezilla but any popular client will work. You want to set up a new connection in your client with the following details:
- Host: You can find this in the EC2 dashboard. Click Connect and it will show you your instances public dns address
- Protocol: SFTP
- Logon Type: Key File - you should be able to browse to your .pem file here and select it.
- Username: By default it should be ec2-user when it comes to Amazon Linux instances
You should now be able to connect to your instance with an FTP client and transfer your files up to the server.
There's a couple of other things that would be good to get set up as more often than not you're going to hit some barriers with certain things.
The most common one is the "ec2-user" not having sufficient permissions to upload/download/delete/create on the server.
No problem though, it can be sorted without too much effort.
First thing you're going to want to do is download a program called PuTTY. PuTTY is a free and open source terminal emulator and is pretty much the standard way for you to SSH into your instance. You can download it here.
Once installed you want to open up PuTTYGen first. We need to do a little conversion on our .pem file.
Select RSA for the type of key to generate and then click Load. Find your .pem file and then hit Save private key. It'll ask you if you want to use a key passphrase. You can if you want (it adds an extra layer of protection) but it is optional. Hit Yes to leave it or No to go back and add a passphrase.
Once it's all done you will now have a .ppk file saved where you .pem is. This will be used by PuTTY to connect to the linux instance.
Open up PuTTY (Not PuTTYgen) and navigate to Session in the menu on the left. For Host Name enter your public dns address from the Amazon dashboard prefixed with your instance username (e.g ec2-user@ec2-XX-XXX-XX-XX.compute-1.amazonaws.com). Make sure Connection type is set to SSH and the Port is 22 and then navigate to Connection > SSH > Auth. Click Browse and select that .ppk file we just created.
I'd advise you now head back to Session and save this profile for the future as you will probably need to connect multiple times in the future. You'll be using this for all server admin. If you want to install a service or maybe an SSL certificate, it will all happen from here.
Once you're all sorted click Open and a terminal window should open, connect to your instance and you should see Elastic Beanstalk right before your eyes.
Now we need to set permissions for your ec2 user. First you'll need to find the folder where your website will live. Amazon will have set this location for you and it will more than likely be /var/app/current but could also be /var/www/html or something similar.
Once you know the location, you can run the following command in the terminal for ec2-user:
chown -R ec2-user /var/app/current
You may need to make sure permissions on that folder are also correct:
chmod -R 755 /var/app/current
And that's about it. You can now SFTP into your instance, move your files around and get you project moving. You can even SSH in there too and manage the server, install dependencies and do all sorts of weird stuff; but that's best left for another day!