Monday, January 28, 2013

Enabled https on the AMI web server

Yesterday I pointed out that my web server was not listening on the secure https port, port 443.  That was written up in this article:  http://mystry-geek.blogspot.com/2013/01/got-web-server-up-and-running-in-cloud.html Today I got the Apache server to listen to this port and respond using the SSL protocol, it was as easy as typing:


sudo yum install mod_ssl 

sudo /etc/init.d/httpd restart

and the web server was responding on port 443 the same as it did on port 80.

Unfortunately the firefox browser responded with this warning:



 And Google Chrome marked the connection like this:


This is because I do not have a security certificate for the web site. 

The way this works is that there are root certifying authorities that will sign a certificate for you with your host name embedded in the certificate.  It can only be used for that one web site.  If you use the certificate on the wrong web site, sign your own certificate, or just do not have a certificate, then browsers will complain about the website is not to be trusted and nobody will buy anything from your e-commerce web site.

 The process of creating a secure certificate for use on the LAMP server is detailed here: http://www.apache.com/resources/how-to-setup-an-ssl-certificate-on-apache/

Searching for the cheapest possible cert for this testing web site I found that there are several sites that will give free certificates that are acceptable for a testing website.

http://webdesign.about.com/od/ssl/tp/cheapest-ssl-certificates.htm

I decided to try out this one: http://www.startssl.com/ 

Well, I followed all the things it said to do, which is way too involved to go into in this document, and got a few files which I believe are my web certificate.  I am going to quit for the day and check this all out tomorrow.

Saturday, January 26, 2013

Got the web server up and running in the cloud now.

First the bad news. For some reason the Amazon Web Service console was running very badly under Firefox.  It was taking forever to load and Firefox kept popping up warnings about a script taking too long to run.  Not sure why, but the good news is that it flies under Google Chrome.

I finally got the login figured out, I just didn't have the right user name a couple of days ago.  Again, I followed the directions here: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EC2_GetStarted.html

The key was to use the proper user name for that image that was booted for my instance. 
ssh -i TestingForClass.pem ec2-user@ec8-84-30-1-118.compute-8.amazonaws.com
Of course this is not my real server number, you have to look your instance server name up on the amazon site in  aws -> ec2 -> instance or https://console.aws.amazon.com/ec2/v2/home?region=us-east-1 Again, your home may be in a different region, but you can jump around between regions very easily too.

The -i followed by the filename.pem file is that  private key that you downloaded when you were setting up the system following my other directions:  http://mystry-geek.blogspot.com/2013/01/ran-cloud-server-today-for-first-time.html Remember to never lose this file, because you cannot download a new one.  I'm not even sure how you would recover from losing this file.

Once I connected a banner came up from the system giving some info.  The system recommended that I install updates, which I did, then I rebooted, not because I had to, but because I wanted to see what would happen.
sudo yum update
About 40 packages were quickly updated.
sudo shutdown -r now
Of course this logged me out, and after a couple of minutes I was able to ssh back into the terminal.   It is great that the server didn't stop because it was restarted.

Now I wanted to see what services were installed on the system so I changed to
cd /etc/init.d
It only had a minimal set of services running to be as secure as possible.  Now, I need a LAMP server for class.  I already had the Linux, but now I needed the AMP.  So I ran the command
sudo yum install apache php mysql mysql-server
sudo ./httpd start
You want to make the database safer to run so run this command and follow the prompts:
/usr/bin/mysql_secure_installation 
Then you can run the mysql server
sudo ./mysqld start
If you type the hostname you found from your instance data on the ec2 instance console you will see a default page, but that is ugly and we must change that.  Plus you don't know if that is your box, or someone else's unconfigured box, so we must find out.
  
A non working example using the same  fake hostname I made up for my ssh login above is :
http://ec8-84-30-1-118.compute-8.amazonaws.com  
or 
https://ec8-84-30-1-118.compute-8.amazonaws.com

You must find and use your real hostname or this won't work.

If you can't see anything here, then you may not have opened up ports 80 and 443 in the security tab for your instance.  I know that I did and I still don't see anything, so checking on the box for port 443 tells me the following;

Running this command in the ssh terminal:
netstat -an | grep 80
gives this output:
tcp        0      0 :::80                       :::*                        LISTEN  

Which tells me that the web server is listening on port 80.

But running the command: 
netstat -an | grep 80
Gives no output which means that Apache will have to be configured to listen on the secure port in order to be a secure ecommerce site.  I'll will write up an article on Apache by itself.
 
You want to customize  the web page that is showing: 
cd /var/www/html/ 
sudo vi index.html
Edit this file to your hearts content.   I just did a quick html set of tags, inside that I put a head and body set of tags and inside the body I made a paragraph set of tags and put Hello, World! inside the inner <p> tags.

When I type the url to my box in I see "Hello, World!" so we know that is working.

I still need to test the php, so I make a quick phpinfo.php file:
sudo vi phpinfo.php
And type in the following:

<?php phpinfo(); ?>

Then save and quit. 
 
Try to load this file using the same hostname as above followed by /phpinfo.php like this:

http://ec8-84-30-1-118.compute-8.amazonaws.com/phpinfo.php

After going back and adding the php after the first question mark, it works just great and shows that my server has the required modules that I will need for the class.

Next thing for me to do is to select and try out a framework that I will use to create my e-commerce site for my college class.

Happy webbing, spider friends!

Buying a DNS Name and Tying it to Google Site for your Small Company.

You just bought a domain name and you need email and web hosting for your tiny little venture.

Google apps and Google sites is a possible solution.

Log into google apps with a new username.

Go through the process of creating your new company and add a few employees.

Then go into google sites.

Log into your dns provider and you are going to work between google apps, google sites and your dns provider.

You have to verify that you own your site as you are going through the setup process in google apps.  Choose adding a txt tag to dns in google apps and then follow the instructions to add the txt element in your dns provider site. Make sure you save settings. 

Take a break, because it is going to take a while for this update to trickle through the dns update system.  Come back and verify in google apps and it will tell you if it sees the txt tag yet or not.




Now, open a new window and go over to google sites.   You can create a new site, choose a template that is close to what you want, and make the site.  Google sites is a set of web editing tools that lets you adjust your site and put all sorts of advanced things into your web pages very easily.

Change permissions to allow anyone to see the site.


To get email working remove all the current mx records and put these mx records in your dns provider:

Priority Mail server
1 ASPMX.L.GOOGLE.COM
5 ALT1.ASPMX.L.GOOGLE.COM
5 ALT2.ASPMX.L.GOOGLE.COM
10 ASPMX2.GOOGLEMAIL.COM
10 ASPMX3.GOOGLEMAIL.COM

This is from http://support.google.com/a/bin/answer.py?hl=en&answer=174125





You can take care of the www maping of your web page.

Add CName for www to google sites.

www fds.google.com




Thursday, January 24, 2013

Ran a cloud server today for the first time.

--What is this Cloud Computing Anyway?--

Is it just another buzz word, or is there really something to it all?  I had to find hosting for a couple of e-commerce classes I am taking this semester, so I decided to try to kill two birds with one stone.  Can I get the cloud computer to host my site, save some money, and become proficient in using the Amazon Cloud Computing resources?  That is what this series of articles will explore. 

The virtual server I ran today was a free EC2 instance running in the Amazon.com cloud.  For 12 months you can get 750 hours of compute time for free using one of the starred containers to create your instance.   750 hours over 31 days is just over 24 hours a day, so you should be good leaving the server on all the time.

You also get a bunch of other stuff for free, according to this page: http://aws.amazon.com/ec2/pricing/

Free Tier*
As part of AWS’s Free Usage Tier, new AWS customers can get started with Amazon EC2 for free. Upon sign-up, new AWS customers receive the following EC2 services each month for one year:
  • 750 hours of EC2 running Linux/Unix Micro instance usage
  • 750 hours of EC2 running Microsoft Windows Server Micro instance usage
  • 750 hours of Elastic Load Balancing plus 15 GB data processing
  • 30 GB of Amazon EBS Standard volume storage plus 2 million IOs and 1 GB snapshot storage
  • 15 GB of bandwidth out aggregated across all AWS services
  • 1 GB of Regional Data Transfer

 You can find out more information and the other free stuff you can get access to by following the link to here: AWS’s Free Usage Tier

And there is a lot more info here:  http://docs.aws.amazon.com/gettingstarted/latest/awsgsg-freetier/TestDriveFreeTier.html

There is also another free service offer:

60-day Free Trial
In addition to the Free Usage Tier we also offer 60-day Free Trial for all AWS customers that are new to Amazon ElastiCache. AWS customers can avail of this Free Trial in addition to the Free Usage Tier offerings.  For more information on the free trial please visit Amazon ElastiCache free trial.

--Creating an Account-- 

In order to get into this you must have an Amazon account.  I used my amazon.com account to log into the AWS console at http://aws.amazon.com/, it prompted me to sign up for the 12 months of free service.  There is a second log in because this service can quickly add up in cost if you do something wrong.  Or you become wildly successful and build a website that performs beyond all expectations.  I had to give them a credit card, my address and my phone number.  My phone number was called and I had to say a pin number to authenticate the number.  Then you have to wait a few minutes and they send you a final email clearing you for the service.

-- Starting an Instance --

This is why we are here.  It is easy to start an instance, you just click a big button on the AWS web console labelled "Launch Instance" here: https://console.aws.amazon.com/ec2/home?region=us-east-1#s=Volume

There are just a couple of free ones, the one I choose is described here: http://aws.amazon.com/amazon-linux-ami/

When you create the instance you download its private key so that you can log in latter using the management tools and ssh to log in.   Don't lose this, because it is not saved anywhere else and you cannot download it again later.

You can also configure a few things, and one of them most important things to configure is if you are using persistent storage, or just storage in that instance. This matters later when you stop or terminate the process.

-- Security --

By default your server is blind to the world.  All incoming ports are blocked.  You have to select the instance and switch to the ports tab in the bottom section add in the ports you want to open to the world, and then and only then can you connect to the server using ssh or a web browser.
SSH is port 22.
Web is ports 80 and 443.

--Connect to the instance--

Then I installed the management tools to my Linux box following these directions: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EC2_GetStarted.html#EC2_ConnectToInstance_Linux

I found that link in the documentation at the lower right of the EC2 management console.

You basically have to set 4 environmental variables to tell it where you put the binary files you downloaded, where java is located, and two strings of text from the AWS site under your name where it says "Security Credentials."

There are hundreds of commands in the management directory that I am going to have to explore.

I have not yet been able to figure out how to log into the instance, but I did get a connection refused, not a valid user, so I think I cam close.   I just found this:

Note
For an Amazon Linux instance, the default user name is ec2-user. For Ubuntu, the default user name is ubuntu. Some AMIs allow you to log in as root. So in this example, you may need to change the user name from ec2-user to the appropriate user name.
So that might be what I was doing wrong.  I need to put ec2-user@ in front of the ssh host name on the command line. :)

Update:  I did use `ssh -i myprivatekey.pem ec2-user@mynewamidynamicdnsname` and I went right into my box as the ec2-user who had full sudo permissions.     More in a new article!

--To Stop or Terminate--

OK, you connected, you looked around, maybe saw a cool thing or two,  now you want to stop the instance.

I looked online for some way to turn off the instance, but there is no way that I saw to do it from the AWS console.  If anyone reading this knows how to manage an instance inside the console, I am all eyes.  As far as I can tell you must stop the instance using the command line utilities.

But wait, there is stop, and also terminate.  What is the difference between stopping and terminating an instance?  Terminate certainly sounds worse than just stopping. 

If you terminate then not only is the virtual instance eliminated, but also the storage space it was using.

If you stop the instance, then the virtual server goes away, but the storage you attached to it stays around.  Unfortunately you will get billed for this storage.

Right clicking on the instance in the management console will allow you to turn on protection so that it can't accidently be terminated, just stopped.

--Cost of Storage--

You decided to keep a disk full of data around, for sentimental reasons, so how much does this cost?  This is from the pricing page.

Amazon Elastic Block Store

Region:  Virginia East

Amazon EBS Standard volumes

  • $0.10 per GB-month of provisioned storage
  • $0.10 per 1 million I/O requests

Amazon EBS Provisioned IOPS volumes

  • $0.125 per GB-month of provisioned storage
  • $0.10 per provisioned IOPS-month

Amazon EBS Snapshots to Amazon S3

  • $0.095 per GB-month of data stored
10 GB of storage would cost you a cool buck every month.

I have no clue what my I/O rate is for a web server, not something I have ever tracked before, so I don't what  ten cents per million read writes will cost in a month.

But you get so much free for the first year as well:
So as long as you stay under this limit, you are good.

I'm wondering if you could have a single drive boot multiple instances, and then store all their local data on their own instance drive to save a couple of GB per instance.  I am not sure how fast we are going to go through those 2 million I/Os, something to keep an eye on.

Not sure what snapshots or IOPS is yet, something to look into later.

If you want to know more about stopping, terminating when you get charged, this site breaks it down with graphs and charts so that it is very clear: http://shlomoswidler.com/2009/07/ec2-instance-life-cycle.html

--Bandwidth--

And finally here is the reason to have a web server on the Internet.  The requests going to the server and the pages you send back.  With the free service you get a total of 15GB of data, up and down.  This sounds like a lot, but that is just 5.6KB per second of continuous data transfer up and down combined for the full month.  There are a lot of seconds in a month so watch this and stop the server before you hit the limit. 

--Reports--

Under My Accounts/Usage there is something called Usage Reports.  The reporting looks very detailed, I had the box on for less than an hour, but  the begin and end times show a full hour increment for the usage:

Service      Operation       UsageType     Resource    StartTime            EndTime              UsageValue
AmazonEC2    RunInstances    DataTransfer-In-Bytes     01/24/13 16:00:00    01/24/13 17:00:00    4864
AmazonEC2    RunInstances    BoxUsage:t1.micro         01/24/13 16:00:00    01/24/13 17:00:00    1
AmazonEC2    EBS:IO-Read     EBS:VolumeIOUsage         01/24/13 16:00:00    01/24/13 17:00:00    2195
AmazonEC2    EBS:IO-Write    EBS:VolumeIOUsage         01/24/13 16:00:00    01/24/13 17:00:00    5622
AmazonEC2    CreateVolume    EBS:VolumeUsage           01/24/13 16:00:00    01/24/13 17:00:00    8589934592
AmazonEC2    RunInstances    DataTransfer-Out-Bytes    01/24/13 16:00:00    01/24/13 17:00:00    4864
AmazonEC2    RunInstances    DataTransfer-In-Bytes     01/24/13 17:00:00    01/24/13 18:00:00    15710
AmazonEC2    RunInstances    DataTransfer-Out-Bytes    01/24/13 17:00:00    01/24/13 18:00:00    14314
AmazonEC2    EBS:IO-Write    EBS:VolumeIOUsage         01/24/13 17:00:00    01/24/13 18:00:00    262
AmazonEC2    EBS:IO-Read     EBS:VolumeIOUsage         01/24/13 17:00:00    01/24/13 18:00:00    5414 


There are also account activity reports under the same drop down show how much this is costing me.  There are also billing alerts in this sections so that if I misconfigure anything it will send me a notice so that I can fix whatever is running wild.

--Further Research--

So, I definitely want to get a LAMP server up and running as an instance for the 750 free hours a month.  This will save having to buy hosting on the Internet.  It is also much nicer to have your own instance of a virtual machine, rather than sharing a box with a lot of other people.  Free helps a lot too.

 I would also like to explore setting up a web site using C# and Dot Net on a windows server for free as well, and AWS will let me do that too.

And what are all these other free services that Amazon offers? 
  • Amazon S3 - Highly-scalable, reliable, and low-latency data storage.
  • Amazon RDS - Managed MySQL, Oracle and SQL Server databases.
  • Amazon CloudWatch - Monitoring for AWS cloud resources and applications.
  • AWS Data Pipeline - Orchestration for data-driven workflows.
  • DynamoDB Icon - Fully managed NoSQL database service with seamless scalability.
  • Amazon EBS - Highly available, highly reliable, predictable storage volumes.
  • Amazon ELB - Web service that provides scalability and high availability.
  • Amazon SNS - Web service to set up, operate, and send notifications from the cloud.
  • Simple Queue Service - Scalable queue for storing messages as they travel between computers.
  • Amazon SWF - Workflow service for building scalable, resilient applications.

Each of these is an area to explore in its own right. And there are even more services to explore beyond the free tiers.

Planning to get that LAMP server up and running tomorrow, so stay tuned for more info!

Tuesday, January 8, 2013

New software update for the Makerbot Replicator 2 has both good and bad.

08 Dec 2013

When I first tried to download the new version I just got a copy of my old version again.  The software had not been updated on the web site, even though it said version 1.1 was available.   I reported the problem and checked again a few hours later and that had been fixed.

Makerware Software

This was version 1.1.0.55 of the Makerware software and Firmware version 7.0  Had to install it to C:/Makerbot on my Windows XP box because C:/Program Files/Makerbot gave a script error.  Sloppy.   It also deleted the links from the software selection menu and never added them back. Had to put them back in manually.

New Slicer

Seems faster at both medium and high settings.

Firmware for Replicator 2

The new firmware makes the printer about half as loud as it was before and moves much smoother and gave it a bit of speed boost.  Now no louder than a paper printer.

Conclusion

This release is mixed. The software and firmware itself is good, but the problems with the website not being updated and installations problems with the software are concerning.  QA is important and every company that is asking people to update their software should ensure that it will work for every supported platform without exception.  The obvious bugs make me wonder what else is lurking under the hood to bite we users.

Sunday, January 6, 2013

Printing items from Thingiverse site.

This is a Trafalmadorian from the Vonnegut stories.  Printed in medium resolution at 50% scale. This is going to be a little gift to someone that likes the book Slaughterhouse five.
http://www.thingiverse.com/thing:31134



And of course everyone needs a Ninja Throwing Spork.
http://www.thingiverse.com/thing:28638


This was a skull with separate mandible, had to support it with a raft and support because the print kept failing without it.  Even at 50% scale it used more plastic than anything else I have printed.  It also took 7 hours and 19 minutes to print. Everyone needs this in order to perform Shakespeare’s plays.  Alas poor Yorrick.
http://www.thingiverse.com/thing:4378





One of the primary reasons to have a 3D printer is to make things to assist your other projects.  This is a case that holds a raspi board and attaches to the back of a monitor.  The cover clips in very tightly and looks good.
http://www.thingiverse.com/thing:29263

 





I also printed snowflakes and yoda figures for my nieces.  They were completely mesmerized by the machine.  The oldest one demanded a star wars chess set before next year.  Going to make a doll house for them this year and print out a bunch of plastic furniture for the doll house.


Planning on printing a few other micro computer cases this week. Will have to change filament for the first time very soon.

Everyone one have fun printing!

Made first mod to the Replicator 2.

It has a stiff plastic tube that acts as a guide for the filament this was popping loose because it was too tight against the control cable.

So I removed the small zip-tie that held the electronics cable to the middle of the machine and reused one of the wide zip-ties from the shipping packing and put it around both the filament tube and the electronics cable. Then used a little blow torch to remove some of the sharp edges on the big zip-tie.