Idaho Ubuntu LoCo (Local Community) Meeting Report - Tuesday, February 26th. - LAMP Server

Updated 02/28/2013 - Meeting was held at the Open Lab Idaho, from 6:30-8:30 PM. Clint Tinsley of the Boise Linux Group was the presenter. The presentation focused on adding a full LAMP server to a basic Ubuntu 12.04.2 server with no graphical tools or desktop to create a webserver running WordPress and phpMyAdmin. Due to connectivity issues resulting in slow downloads of the installation packages, Clint took time to demonstrate other topics of interest including SSH usage with authentication using RSA shared keys which also supports using RSYNC, SCP, and Secure VNC without having to provide a SSH password to perform operations on a remote host system and concluded with a demo of the KVM virtualized environment that he had used for the presentation. Clint used SSH for installation of all the packages and command line activities need to build the LAMP server with WordPress and phpMyAdmin. He did not do anything directly on the server, connecting to it “remotely” using SSH much as if the server was located out on the Internet. Clint used what was basically a step-by-step in his demo tonight which is detailed here with his comments in this report. Server Install - Default Server Build, only install OpenSSH for SSH connection post build Clint made a point on building the basic server. Ubuntu by default will create the /boot an ext2 file system, which is not a good idea. Ext2 file systems are subject to corruption on system crashes and can result in an un-bootable system. Clint made apoint of making sure it is an ext4 file system which is a "journaled” file system" and much more able to survive a system crash or power outage in being able to start back up cleanly. He also advised that the system be given a distinctive hostname, he used ubuntulamp as the host name and he placed this name in the hosts files as a psuedo DNS name so he could access the website by name rather than localhost or ip address. He also talked about using TaskSel during the installation and only to install the OpenSSH component so you can login via SSH after the server is built. He strongly recommended against installing anything else with TaskSel as this can create problems during the webserver build and specifically in making sure your webserver meets the requirements of the website system, in this case WordPress and phpMySqlAdmin After building the basic server, next steps: Login in to the server via SSH (regular user account) and then switch to root with the sudo su - command (a standard practice with Ubuntu and other Linux operating systems). sudo su – and provide the user’s password for authentication apt-get update && apt-get upgrade set /etc/hosts files for ubuntulamp ip address (pseudo dns, refer to server by name rather than localhost or an ip address) /etc/hosts .... ubuntulamp You want to do this on both your server and your client machine which you are using to connect to server and eventually will test and administer your webserver using Firefox or another Browser using the dns name in the URL. Clint then opened two terminal windows as root so he cut and paste between his installation script and the command line in doing the actual installation as detailed here. At one point, he actually had three terminal windows opened on the server from his desktop as he worked and presented the process. He had a copy of this process open in one terminal session that he could copy from and then paste on the command line, saving a lot of typing and potential errors at the command line. apt-get install vim-nox (The vim program installed default is not a complete vim implementation). dpkg-reconfigure dash => change to bash, not dash shell. (Most scripts are written to run in a bash shell, not Ubuntu's dash shell.) Clint then discussed whether to remove or keep apparmor (application armor) as in some circumstances it can be problematic. Clint evaluated the Ubunut implementation of apparmor decides that it would not be problematic in the webserver build and operation, so he left it in full enforcing mode. If you wish to remove it or put it in "complaining" mode (not enforcing), he offered this information. Remove apparmor if desired: service apparmor stop update-rc.d -f apparmor remove apt-get remove apparmor apparmor-utils apparmor_status will report the status of apparmor, by default, enforcing 4 policies. apt-get install apparmor-utils (not installed by default) aa-complain /etc/apparmor.d/* Wordpress to your wordpress site. 1) download files to your web server using ftp or a file copy process to copy the files from your download location. 2) install zip utilities on your server: apt-get install zip unzip 3) copy or move folders found inside the downloaded zip files from WordPress to one of the following locations, depending of the file is a theme or plugin. Move or copy the entire folder from the zip file to one of the these two folders and be sure to do that as root: /var/www/wordpress/wp-content/themes /var/www/wordpress/wp-content/plugins During the presentation, while waiting on the install packages to download, clear took the group on tours of both a Joomla website that he was familiar of and an indepth tour of the Boise Linux Group's Drupal website, of which he is the administrator, and showed the various administrative tools and add-ins that make Drupal a very popular and powerful website Content Management System (CMS), even the White House uses it. Joomla, WordPress, and Drupal are all considered content management systems and free for downloading. The WordPress demonstration concluded with a short tour of the Dashboard, updating the default theme and plugin, adding a widget to the site's navigation area. Clint also showed how to access the phpmyadmin MySql database administration tool and gave a short tour of that as well. Other topics presented on during the course of the evening including how to use the SSH commands for creating and using your shared keys for logging into remote systems: ssh-keygen ssh-copy-id Clint also did a short presentation on using the rsync command with a comparison of the usual copy (cp) command and rsync syntax for remote file copy, with comments on the use of a trailing slash in the command: rsync -r /home/tinslecl tinslecl@ubuntulamp:/tmp He cautioned strongly about not to put a trailing slash as in /home/tinslecl/ or a /*, as both forms will result in a mess of files instead of an organized directory getting rsync'd. Clint used Fedora 17 with KVM (Kernel Virtualized Machine) as his 64 bit virtualization environment for his presentation which sparked a question on using KVM. Clint then gave a tour of the KVM's Virtual Machine Manager which also runs on Ubuntu, how to build a KVM virutal machine, both the console view of the machine as well as the configuration view where there is support for other hardware including PCI passthrough. KVM machines are very fast since they run at the kernel level as opposed to being "on top" of the host operating system, support 64 bit installations, and all the hardware support is built into the KVM system meaning no "guest" software has to be installed to the "virtual machine" for the virtual machine to work properly in virtual space. Server and WordPress reference links: