Server :: Signing Up To The Amazon EC2 Service With EBS?
Jan 9, 2011
I am interested in signing up to the Amazon EC2 service with EBS. I have never used a unmanaged vps before, but I know how to use the command line etc. There are some basic packs on there to use, with basic LAMP stacks. But I would like to ask about how do I:
Upgrade a lamp stack? - someone mentioned yum, but what is this? how easy is it to use? is it enough? secure the lamp stack? - assuming I have no idea of linux security, can you give me a list or something of things I need to consider so I can begin the search (or just cover the steps would be awesome!) My website just uses php and mysql, so thats all i'll need. If you have any other tips on this,
I've got Fedora 14 running on an EBS volume on Amazon EC2. I've created a few users and enabled port 22. When I set a password for these users, they can successfully ssh into the instance; even if they logout and login again....until:
If I reboot the machine, they can no longer ssh into the machine (permission denied). If I issue the passwd <user> command and change their passwords, they can login again....until I reboot the machine at which time they cannot login again until I change their passwords. The problem exists even from the machine. That is, if root attempts to ssh into 127.0.0.1 using their username/password, the same problem/resolution exists.
We have our web site hosted by Go daddy and they provide us with the mail service as well. But there are a lot of constraints with the mail service with regards to the number of mail boxes, size per box, relays per user and so on.To avoid this, we are looking at other options. One is to have our own mail server but it will require a lot of infrastructure and expertise. But Amazon web services looks nice. They have infrastructure needed and all. One thing on my mind is the reverse look up of the mail servers. They wont be associated with the domain as both would be on different hostings. I am open to both windows exchange server as well as Linux server. Has anyone done this before or has any idea about it? I have gone through some of the threads in their forum and there are a lot of mixed views about it.And main concern everyone views is the reverse lookup. This could lead to all the mails sent from my server tagged as spam at the recipient end.I could not make out in which forum to write and hence in newbie. If this is enough about networking or server please move it.
I'm looking to set up a clustered mail server, I kind-of know how I'm going to do it but wanted to check if there was a better way. So we have 3 mail servers, running as EC2 instances on Amazon AWS. We were going to achieve clustering by giving all three a shared EBS storage device to store the mail. The mail would be received by any of the three servers (Via postfix) and could be retrieved from any of the three servers (via dovecot). For receiving mail (SMTP), the domains would have 3 MX records pointing to each of the servers but for sending and retrieving mail (SMTP and POP3/IMAP) the three servers would have one DNS A record with 3 IPs associated (I know when using this method for web-servers, the load gets distributed among the IPs under that record but I'm not sure if this will work for SMTP/POP3/IMAP).
What we want is to have 3 servers that share the load equaly but are completely redundant for all services (POP3, IMAP and SMTP). We also need to be able to scale upwards so if we need to add more servers we can do easily. Also the servers must be perfectly synchronized at all times.
Last night my old Sony Vaio laptop which connects via wired Ethernet and runs Ubuntu 10.10 started hammering the network out onto the Internet. Fired up Wireshark and found lots of traffic between my machine and 174.129.193.12 which I did a whois on and found belonged to Amazon EC2 Cloud Server. The port on my machine was an unknown 5000+ but the port on the remote system was 443 the port used by https, however no browser was running. Did a search and put together a couple of iptable commands to block this IP address which stopped the traffic. I then used nmap and netstat and found port 3000 open and another connection to IP address 91.189.89.76 which I also blocked. Unusually no info exists on this IP when you do a whois. At first I thought it might be some sort of sync as this machine has Ubuntu One running on it, however it could also be something else.
I'm having a consistent problem with instances on Amazon EC2, which a lot of searching including here has resulted in no solution.During boot I see the following message on the console (or "System Log" in the Amazon console):Code:Mounting local filesystems: mount: /dev/sdg already mounted or /apps busy(I'll append a extract from the full log below).Once I log into the instance, I can access the filesystem so it's mounted somehow but I can't figure out what's going on:
Code: # df -k /apps Filesystem 1K-blocks Used Available Use% Mounted on
I have had to ditch ubuntu after 4 happy years as their 10.04 release was crazily resource hungry on my humble machine. Installed F13 smoothly and without any problems and so far it doesn't appear to be as resource hungry as ubuntu. One thing I have not been able to find in either gnome preferences or administration is where to set it to go straight to desktop without messing around with passwords and stuff.
Recently jumped from Ubuntu to Fedora 12 over the weekend, has been quite the bumpy ride. Though fun of course. But I'm having trouble coming to a solution for this problem, that started today. When signing into both Empathy or Pidgin (only with msn account) they both just hang on the white screen inactive... I say "inactive" the program hasn't frozen I just cannot be signed in. Also, in Pidgin at the bottom, next to where it shows your status, it has;
I need to renew my SSL cert for my Mahara site and I follow the instructions below. But after I finish answering all the questions for the csr, I'm supposed to copy a portion of the cert into a web form. However I can't seem to find the server.csr so I can do this. Were this file goes?
Here is a step-by-step description:
Make sure OpenSSL is installed and in your PATH.
Create a RSA private key for your Apache server (will be Triple-DES encrypted and PEM formatted):
$ openssl genrsa -des3 -out server.key 1024
Please backup this server.key file and the pass-phrase you entered in a secure location. You can see the details of this RSA private key by using the command:
$ openssl rsa -noout -text -in server.key
If necessary, you can also create a decrypted PEM version (not recommended) of this RSA private key with:
Make sure you enter the FQDN ("Fully Qualified Domain Name") of the server when OpenSSL prompts you for the "CommonName", i.e. when you generate a CSR for a website which will be later accessed via https://www.foo.dom/, enter "www.foo.dom" here. You can see the details of this CSR by using:
Running graphical software update, fc13. Attached are screenshots, which appear in sequence. The first seems to be asking if I trust the source, Adobe. (The Help for this window says I can go to the adobe website to confirm details of the signing key, which I will do if there is not a simpler fix.) If I respond in affirmative to the first window I get the failure window, second shot, with traceback.
Initially I had a problem installing restricted extras. However, it appears the problem is more than a media problem, so I moved my thread here. I copied over what I thought the relevant code was from my previous thread. Anyone have ideas on how I can fix this?
Is there any way to protect a bash script with a digital signature, so that it can't be executed if it has been meddled with? Or, if this is not possible for bash scripts, is it possible for any other type of scripts (Python, Perl?) in Linux?
I have configured squid 2.5 stable 6. I can browse any website. I can even use msn messenger but I cannot use yahoo messenger. I have also set the http proxy settings in preference for yahoo messenger but still it does not sign in.
I've been trying to find out which jabber/XMPP clients out there automatically sign messages with openpgp you send but documentation on that has been spotty. Could you tell me a. if you know any clients that can easily sign and encrypt all outgoing messages and b. should I worry if a client is only able to sign presence and not messages?
I have been finding the solution of this problem from last 2 days but i am still unable to get a clue what's happening?I have a virtual dedicated server in godaddy with CENTOS5 operating system. The problem is occurring with the named service. It is becoming dead within 1 hour of starting it./named status gives named is dead but subsys is locked.The issue is their in google but it has no solution.Anybody have a idea what's going on ... i am fed up of starting teh named service again and again.
I am running Server 10. I have a requirement to perform an action before the MySQL service starts, and perform another action after MySQL service stops.
I found the init script for MySQL under /etc/init/mysql.conf. I added my thing to the pre-start script there and works fine.
I am having trouble finding the script that stops the server so I can modify.
One of the few things that keeps me hanging onto my Windows partition is the Amazon.com MP3 Downloader.There's a way to download Debian 5, Ubuntu 9.04, OpenSUSE, and Fedora packages, but they've never worked in Debian-based distro's that I've used in the past (Ubuntu, Mint, Crunchbang).Has anyone found a way around this that I haven't found yet?
I am not able to access Amazon's Look Inside - the facility to inspect a few pages of books. (I have never been able to do this.) I have tried both at work (via a direct connection to a high-speed backbone) and at home (via Sky ISP). I can see the cover of the book but nothing beyond that - it says the page has expired or is invalid. But using Firefox on WinXP, I can access Look Inside happily both at home and at work.
Does anyone else have this problem with Ubuntu? Amazon's technical people just sent me a load of flannel blaming my ISP, my software, etc. They say no one else has raised this.
If somebody could try it and let me know, I'd be grateful for the results. Am I missing a plug-in?
I'm developing simple transaction switch using java socket programming and running operating system RHEL5.4 . Now it is completely done and working fine. So I have written the simple shell script to run it on background.
I have linux server which 6.2 very old which was installed long back. CVS is running there . problem is sometime the port doesnot listen sometimes listen if i do netstat -an.It is weired. not sure how to restart the CVS service in the 6.2 server
has anyone been successful in using the Amazon MP3 downloader on 11.2? It does no longer work because it wants specific (old) versions of libboost*:
[krienke@bliss:~/tmp] 1001 > /usr/bin/amazonmp3 /usr/bin/amazonmp3: error while loading shared libraries: libboost_filesystem.so.1.36.0: cannot open shared object file: No such file or directory [krienke@bliss:~/tmp] 1002 > locate libboost_filesystem /usr/lib/libboost_filesystem-mt.so /usr/lib/libboost_filesystem.so /usr/lib/libboost_filesystem.so.1.39.0
I notified Amazon about this, and they said they do not know if or when there will be a running version of the MP3 downloader available and without it there is no way to download any MP3 from Amazon. They gave me back my money and recommended to buy elsewhere....
Does anyone know if installing the old version of libboost (from 11.1) will work? What else, aside from amazons downloader, does use libboost*? So what app might fail if I install the old version of libboost suitable for the downloader?
