Amazon EC2 Cloud with LAMP Stack and Loopback CRUD API.

 This is a blog about Amazon Web Service explaining creation and connecting to EC2 and installing LAMP Stack with PhpMyAdmin

 Amazon EC2 Linux Loopback, Amazon EC2 Linux Node.js, EC2 Linux Loopback, EC2 Linux Node, EC2 Linux NodeJs, EC2 Linux PhpMyAdmin, EC2 Linux LAMP, EC2 Loopback, EC2 Node, EC2 NodeJs, EC2 PhpMyAdmin, EC2 LAMP Stack

  Amazon Web Service    |      Anupam Chakraborty    |      Jan 26 2019 07:16 AM

 Login to Like      Login to Follow      325 Views

Introduction


You have seen a few documents or blogs to create an Amazon Web Services (AWS) EC2 instance with MySQL or LAMP Stack [Apache / PHP / MySQL (MariaDB)] along with PhpMyAdmin and access the same over Internet. But we will try to go one step ahead and create an easy CRUD API using Node.js Loopback framework on top of that. We will take the advantage of Amazons cloud computing capabilities and IBM supported Loopback Node.js framework.

We will assume you already have an Amazon Web Services (AWS) account. If not, please create an Amazon Web Services (AWS) account before proceeding. For the ease of training, I will split this blog into 2 parts.

Part 1 will consist of launching an EC2 instance and installing LAMP Stack [Apache / PHP / MySQL (MariaDB)] in this instance.

Part 2 will consist of installing Node.js, loopback and creating the loopback API


Goals


Part 1:

  • Launch a free tier EC2 instance with Amazon Linux 2 AMI (HVM)
  • Assign Elastic IP Address to our EC2 instance.
  • Connect to our EC2 instance using Putty from Windows
  • Install LAMP Stack [Apache / PHP / MySQL (MariaDB)]
  • Install PHPMyAdmin and access this instance from our computer to create a database and 2 tables.

Part 2:

  • Install Node.js in your EC2 instance
  • Install Loopback in your EC2 instance
  • Create a Loopback CRUD API and access this from Internet.

So, let us go ahead and proceed with the above steps and see where it ends up.

Step 1: Launch a free tier EC2 instance with Amazon Linux 2 AMI (HVM)


Considering that we already have an AWS Account, we can go to AWS Console and follow the process to set up an EC2 Instance. To do this type EC2 on the search option and click on EC2 [Virtual server on the cloud]


We will get to the EC2 Dashboard which looks like this.


Choose AMI

Note on the top left corner, there is a drop down [2nd from right] which says the location. I am using US East (N. Virginia) but you can select the one closest to your location. Once you are ready, click on the button Launch Instance. The next step is to choose which Amazon Machine Image we want to use. We will use, Amazon Linux 2 AMI (HVM), SSD Volume Type for our use case. So go ahead and click on


Choose Instance Type

Check that this AMI is eligible for free tier as per Amazon Web Service. Click on the select button and in the next page you will see T2.Micro which is free tier eligible as per AWS EC2.


Configure Instance

Click on Next: Configure instance details.


Here we will keep all options as is and click Next: Add Storage.

Add Storage



For our purpose 8GB of SSD should be enough. No click on Next: Add Tags.

Add Tags

Here, we can add tags to identify our ec2 instance. Let us add a tag with a key: Name and value: "Database-Crud-EC2-Instance";.


Click on Next: Configure Security Group.

Configure Security Group

Here we will configure How to access our EC2 instance from outside. Amazon web services gives you a very easy way to add rules to your Security Group. We will add of the following type

  • SSH for port 22
  • HTTP for port 80
  • HTTPS for port 443
  • Custom TCP for port 8099: This would be used for our Node Js API.



Review

This page will allow us to review everything that we have added. We will see a warning on the top


For our purpose we will ignore this warning.

Once we click on Launch, we should get a page for a key pair which would be used to connect to your EC2 instance. Select Create a new key pairand give a key pair name. I will use Database-Crud-Key. Download and keep this key in your computer.


This will download a PEM file with the name in my case "Database-Crud-Key.pem".


Wallah! Your EC2 instance is now starting to launch. You can go to the EC2 dashboard to see an entry with the Instance state as pending.


Give it a few minutes and you would see the state changed to running.


When you select this instance, you will see a lot of important information below: Note the IPv4 public IP: In my case it shows 35.173.221.206. This is the IP address I will use to connect to my EC2 system from my computer
Also see the Private IP Address.



Step 2: Assign elastic IP address to our EC2 server


An Elastic IP address is a static IPv4 address designed for dynamic cloud computing. An Elastic IP address is associated with your AWS account. With an Elastic IP address, you can mask the failure of an instance or software by rapidly remapping the address to another instance in your account.

An Elastic IP address is a public IPv4 address, which is reachable from the internet. If your instance does not have a public IPv4 address, you can associate an Elastic IP address with your instance to enable communication with the internet; for example, to connect to your instance from your local computer.

To do this go to the EC2 Dashboard and on the Left Menu, Select Elastic IPs under Network & Security. Now click on Allocate new address.



On the next page we do not need to change any options, we will use IPv4 address pool from Amazon. Click on Allocate and this will give you a new IP Address. In my case I got 3.93.102.33.


Now, let us attach this new IP Address to our EC2 instance so that we can have a fixed IPv4 address for our server. To do this go the Elastic IP Address dashboard, select the IP address that you just got and click on Actions > Associate Address


Select your EC2 instance and that would automatically allow you to select your Private IP. Since we just created this Elastic IP Address we do not need to click on Reassociation.


After the successful association of the Elastic IP Address to your EC2 instance, you can see go back to your instance property and you can see that the IPv4 Public IP address has changed to the new Elastic IP Address that we generated.


For all our future connection, we would now use this Elastic IP Address instead of the old IP Address.


Step 3: Connect to your EC2 instance using Putty from Windows.


Convert Amazon Key to Putty Private Key


Now that we have a running EC2 instance let us try to connect to our instance from our computer. To do this we need to download and install Putty. Putty consist of 2 important Software that we will need Putty and PuttyGen. Go to https://www.putty.org/ and download the software.


Once you have installed the Putty, Run PuttyGen


Click on the Load button and select the PEM file you have earlier downloaded, in my case it is, Database-Crud-Key.pem. This will load the PEM file into the PuttyGen.


Click on Save private key and save the key in Putty format with the same name, but with extension PPK. This would ask you to add a passphrase to protect this key, we will not add the passphrase and save the key as is.

Connect to EC2 using Putty


Now let us open Putty and try to connect to our EC2 Server.

In the Category pane, select Session and fill up the following.

  • Host Name: ec2-user@<Your Elastic IP>. In my case it is ec2-user@3.93.102.33
  • Port: 22
  • Connection Type: SSH.


Following that, go in the Category Pane, go to connection, expand SSH, and then choose Auth. Complete the following:

Choose Browse in Private key file for Authentication.

Select the .ppk file that you generated for your key pair, and then choose Open. In my case it was Database-Crud-Key.ppk


Now you can go back to the Session page and save your session so that you do not have to fill up this information every time you use Putty

Choose Open to start the PuTTY session.

Since this is the first time we have connected to this instance, PuTTY displays a security alert dialog box that asks whether you trust the host you are connecting to. Click on yes to confirm and you are now connected to you EC2 instance.


I think this is an achievement in its own. Pat your back!!


Step 3: Install LAMP Stack [Apache / Php / MySQL (MariaDB)]


Install LAMP

Let us first update our AMI so that all our software package is up to date.


[ec2-user@ip-172-31-81-193 ~]$ sudo yum update -y

Our next step would be to Install the LAMP stack repository needed for installation.

[ec2-user@ip-172-31-81-193 ~]$ sudo amazon-linux-extras install -y lamp-mariadb10.2-php7.2 php7.2

Now let us install the Apache web server, Maria DB and PHP software package. We would use yum install to install multiple software packages and all related dependencies at the same time.

[ec2-user@ip-172-31-81-193 ~]$ sudo yum install -y httpd mariadb-server



Once our installation is complete let us start the Apache Web Server and also set up Auto Start for our Apache server so that it would start automatically every time the system boots. We will also verify if HTTPD is on

[ec2-user@ip-172-31-81-193 ~]$ sudo systemctl start httpd
[ec2-user@ip-172-31-81-193 ~]$ sudo systemctl enable httpd
[ec2-user@ip-172-31-81-193 ~]$ sudo systemctl is-enabled httpd



Run a test to connect to the web server

Voila! now that we have installed all the necessary software, let us check if we can access the webserver from our computer. go to your browser and go to the URL http://<Your Public Elastic IP Address>. In my case, this is http://3.93.102.33. If everything goes right, you should see the Apache Test Page as below.


Apache httpd automatically serves files that are kept in a directory called the Apache document root. The Amazon Linux Apache document root is /var/www/html, which by default is owned by root. We need to update the ec2-user to create / update files in this directory.

[ec2-user@ip-172-31-81-193 ~]$ sudo usermod -a -G apache ec2-user


Now, let us log out and log back in using the Putty

Once logged in, you can verify that ec2-user is added to the group by executing the commands group

[ec2-user@ip-172-31-81-193 ~]$ groups



Note that ec2-user is attached to the apache group now. We will now update the ownership of the apache root to apache group and write permission to the directories and all its sub directories

[ec2-user@ip-172-31-81-193 ~]$ sudo chown -R ec2-user:apache /var/www
[ec2-user@ip-172-31-81-193 ~]$ sudo chmod 2775 /var/www && find /var/www -type d -exec sudo chmod 2775 {} \;
[ec2-user@ip-172-31-81-193 ~]$ find /var/www -type f -exec sudo chmod 0664 {} \;


Test PHP in apache root

Let us now test in PHP is running in our Apache Server. To do this we will create a one line file in the Apache HTTP root folder with the name phpinfo.php.

[ec2-user@ip-172-31-81-193 ~]$ echo "<?php phpinfo(); ?>" > /var/www/html/phpinfo.php



Once this is complete you can again go to the web browser and click on the URL http://<Your Public Elastic IP Address>/phpinfo.php. In my case, this is http://3.93.102.33/phpinfo.php. If everything goes good you should see a page with PHP information.


We will now delete this phpinfo file because we do not want this file to be available in the internet.

[ec2-user@ip-172-31-81-193 ~]$ rm /var/www/html/phpinfo.php


Secure the Database Server


One of the optional step is to now secure the database so that fraudulent access from internet can be prevented

[ec2-user@ip-172-31-81-193 ~]$ sudo systemctl start mariadb
[ec2-user@ip-172-31-81-193 ~]$ sudo mysql_secure_installation
[ec2-user@ip-172-31-81-193 html]$ sudo mysql_secure_installation

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
      SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!

In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none): <Press Enter because we still dont have a root passwod>
OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.

Set root password? [Y/n] Y
New password: <Enter the new Password>
Re-enter new password: <Enter the new Password again>
Password updated successfully!
Reloading privilege tables..
 ... Success!

By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] Y
 ... Success!

Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] Y
 ... Success!

By default, MariaDB comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] Y
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] Y
 ... Success!

Cleaning up...

All done! If you've completed all of the above steps, your MariaDB
installation should now be secure.

Thanks for using MariaDB!


Now let us restart Maria DB and also add Maria DB to auto start on Boot.

[ec2-user@ip-172-31-81-193 ~]$ sudo systemctl stop mariadb
[ec2-user@ip-172-31-81-193 ~]$ sudo systemctl enable mariadb
[ec2-user@ip-172-31-81-193 ~]$ sudo systemctl start mariadb


Create non-root user in MariaDB


Now let us login to the MariaDB and create another user so that we can connect from outside.

We will create 2 users and verify that this users are created correctly. I will create a user anupam

[ec2-user@ip-172-31-81-193 html]$ mysql -u root -p
Enter password: <Enter the password that you have configured earlier>
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 8
Server version: 10.2.10-MariaDB MariaDB Server

Copyright (c) 2000, 2017, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> create user 'anupam'@'localhost' identified by '********';
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> create user 'anupam'@'%' identified by '********';
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> grant all on *.* to 'anupam'@'localhost' with grant option;
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> grant all on *.* to 'anupam'@'%' with grant option;
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> use mysql
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A

Database changed
MariaDB [mysql]> select user, host, password from user;
+--------+-----------+-------------------------------------------+
| user   | host      | password                                  |
+--------+-----------+-------------------------------------------+
| root   | localhost | *6FA72E20EB6B40FE689E00A7F9EA48CF61A7C7EC |
| root   | 127.0.0.1 | *6FA72E20EB6B40FE689E00A7F9EA48CF61A7C7EC |
| root   | ::1       | *6FA72E20EB6B40FE689E00A7F9EA48CF61A7C7EC |
| anupam | %         | *A6CAE480AAA8C75564237350631E1AF9429C5773 |
| anupam | localhost | *A6CAE480AAA8C75564237350631E1AF9429C5773 |
+--------+-----------+-------------------------------------------+
5 rows in set (0.00 sec)


If you see here we have the 2 users created. That is anupam@localhost and anupam@%. The second user will allow you to connect to the MySQL server from internet.


Step 4: Install PHPMyAdmin and access this instance from your computer to create a database and 2 tables.


Finally, our last step is to install PHPMyAdmin so that we can access the database from outside to create our DDL transactions. Though you can very well do this from the mysql client in SSH as well.

We will first install all the dependency and then restart Apache and PHP

[ec2-user@ip-172-31-81-193 html]$ sudo yum install php-mbstring -y
[ec2-user@ip-172-31-81-193 html]$ sudo systemctl restart httpd
[ec2-user@ip-172-31-81-193 html]$ sudo systemctl restart php-fpm


If you are already not in the html folder navigate to the same, Next, we will get the Compressed PHPMyAdmin file from the phpmyadmin.net website and then uncompress it to the folder phpmyadmin.

[ec2-user@ip-172-31-81-193 html]$ cd /var/www/html
[ec2-user@ip-172-31-81-193 html]$ wget https://www.phpmyadmin.net/downloads/phpMyAdmin-latest-all-languages.tar.gz
[ec2-user@ip-172-31-81-193 html]$ mkdir phpmyadmin && tar -xvzf phpMyAdmin-latest-all-languages.tar.gz -C phpmyadmin --strip-components 1

at this point you can see the directory structure in the folder using command ls-lrt


We can now delete the temporary compressed file that was downloaded and restart our database.

[ec2-user@ip-172-31-81-193 html]$ rm phpMyAdmin-latest-all-languages.tar.gz
[ec2-user@ip-172-31-81-193 html]$ sudo systemctl restart mariadb


Once this is complete you can again go to the web browser and click on the URL http://<Your Public Elastic IP Address>/phpmyadmin. In my case, this is http://3.93.102.33/phpmyadmin. If everything goes good you should see a page with PHP information.


Login using the user id that you have created in MySQL earlier. In my case I created, anupam. After logging in. I should be able to see all the database.


We will create a database and create the CRUD API on top of this database in our next secion.


Conclusion


Overall this exercise should have given you a good idea about AWS EC2 with Amazon Linux VMI 2. You have installed the LAMP stack and configured the same to be accessed from Internet. Thanks a lot for reading this blog and stay tuned for the next part.

Thank you.


Comments:

Leave a Comment:

Please login to post comment into this page.

Please login to submit a new Blog.