I decided to install the new version of Varnish (3.0.1) using the Varnish repository (instead of amzn repository). The installation progressed without issue (you do need to override the default priorities of the repositories though), however, I ran into an issue trying to start Varnish. Every time I tried to start Varnish I would simply… Continue reading Starting Varnish – Amazon’s Linux
Category: Systems Admin
Topics dealing with servers – specifically setup and operation, in particular on Amazon’s cloud computing infrastructure.
Building an Nginx RPM on Amazon’s Linux
If no customizations are desired, a far simpler way to get the RPM, than that outlined below, is to use the nginx repository, available from nginx’s download page. After deciding to change my server stack today (based on Amazon’s Linux), I noted that, despite the current version of Amazon’s Linux being hardly a few days… Continue reading Building an Nginx RPM on Amazon’s Linux
Upgrading Amazon’s Linux
Today, after looking over the changes in the new version of Amazon’s Linux AMI, I decided to upgrade (from 2011.02 to 2011.09). After running yum upgrade, I ran into an error (below) with compat-openldap. Error: Package: compat-openldap-2.4.19_2.3.43-15.11.amzn1.i686 (@upgrade-updates/2010.11) Requires: openldap = 2.4.19-15.11.amzn1 Removing: openldap-2.4.19-15.11.amzn1.i686 (@upgrade-updates/2010.11) openldap = 2.4.19-15.11.amzn1 Updated By: openldap-2.4.23-15.13.amzn1.i686 (amzn-main) openldap = 2.4.23-15.13.amzn1… Continue reading Upgrading Amazon’s Linux
PHP-FPM on Amazon’s Linux
Update (Oct 1, 2011): The release notes for the newest version of Amazon’s Linux (2011.09) state that “PHP scripts have the option of using PHP-FPM.” PHP-FPM is now included in the amzn-main repository, and can be installed via yum install php-fpm (it is installed to /usr/sbin). As a point of mention, if you want to… Continue reading PHP-FPM on Amazon’s Linux
Installing Heartbeat on Amazon’s EC2
I am currently working on setting up a small high availability server cluster on Amazon’s EC2 cloud. Such a setup requires several underlying technologies to work together. Common among these are a distributed file system, a load balancer, and some form of monitoring and resource control. This article looks at the one aspect of ‘monitoring’… Continue reading Installing Heartbeat on Amazon’s EC2
Rotating EBS Snapshots: ec2-prune-snapshots
Following the significant disruption of EBS volumes in April, the importance of backups was once again brought to the forefront. Amazon’s method of generating EBS backups is the ‘snapshot’ – a differential backup stored in S3. While Amazon provides tools for creating snapshots (either command line, or via their API), a script that is quite… Continue reading Rotating EBS Snapshots: ec2-prune-snapshots
Generating a pure-ftpd RPM for Amazon’s Linux
The only ftp server the amzn repository has is vsftpd. While, as the name suggests, vsftpd is supposed to be ‘very secure’ many other ftp servers have a comparable track record for security. Of these, pure-ftpd is easily configured and offers a wealth of features. Pure-FTPd is easily configured, and as it comes with an… Continue reading Generating a pure-ftpd RPM for Amazon’s Linux
ec2-consistent-snapshot on Amazon’s Linux AMI
Update: the complementary article to this one, on Rotating EBS snapshots has now been posted. After the recent failure of EBS volumes on Amazon’s cloud, backup is quite likely something to be considering. If, during the aforementioned incident, recent snapshots of the affected EBS volumes were available, it might have been possible to relaunch instances… Continue reading ec2-consistent-snapshot on Amazon’s Linux AMI
DKIM/Domainkeys signing via DKIMproxy
With the ever increasing volume of SPAM being transmitted, many email services look toward more elaborate ways to authenticate email. Beyond the obvious – content – two commonly used methods (perhaps with some variations), include sender policy framework (SPF), and DomainKeys Identified Mail (DKIM). Both of these require the use of DNS records to function.… Continue reading DKIM/Domainkeys signing via DKIMproxy
Setting up Subversion
Subversion is a versatile version control system. This article looks at how to set up subversion on Amazon’s Linux (RHEL/CentOS derived), and the necessary setup for using it with Apache (proxied through Nginx), as well as the setup of a repository, and the use of hooks to automatically update a live (non-production) working copy. Basic… Continue reading Setting up Subversion
Setting up NodeJS
It is quite unfortunate that one only has a finite number of hours to dedicate to learning new things, for inevitably there are things we skim over, or worse yet, don’t even know exist. Today, as I was looking for efficient ways of implementing server push for a project of mine, I came across NodeJS.… Continue reading Setting up NodeJS
Scriptless backup with cron
With the new release of WordPress, it is time to ensure that one has a good backup in place before upgrading. While many elaborate systems exist for creating backups, sometimes one just wants a quick and easy way to get the job done. As such, I present below, an easy procedure for a daily incremental… Continue reading Scriptless backup with cron
Escalating Consequences with IPTables
I have previously written a bit about using IPTables to limit brute-force attacks. For the past month, that system has been working quite well. The typical attack pattern resembled that in [graph 1, graph2]. A few days ago, however, an attack was implemented which ‘fell under the radar’, so to speak – instead of being… Continue reading Escalating Consequences with IPTables
Upgrading sysklog to rsyslog
As a server setup gets more complex, it is possible that the default syslog (sysklogd) lacks the necessary finely grained filtering that may be desired. Common solutions to this are using syslog-ng or rsyslog. I have opted to go with the latter and found it to, so far, be an excellent replacement. Installing rsyslog Update:… Continue reading Upgrading sysklog to rsyslog