×
Community Blog How to Deploy a LEMP Stack on CentOS with Alibaba Cloud Starter Package

How to Deploy a LEMP Stack on CentOS with Alibaba Cloud Starter Package

This tutorial shows you how to deploy a LEMP/LNMP stack on a CentOS server using Alibaba Cloud's Starter Package service.

By Roha Gagan, Alibaba Cloud Community Blog author.

If you are planning to deploy LEMP stack (Linux, NGINX, MySQL and PHP) to host dynamic website on Alibaba Cloud, you would be interested in optimal and cheap solutions with high bandwidth, SSD and powerful CPU. Alibaba Cloud is offering new SSD Cloud servers Starter Package 2.0 powered by 2nd Generation Intel Xeon Scalable Processors to its all valuable customers at very affordable and cheaper prices. Availing this opportunity will give you access to powerful CPU at lower cost. The offer is valid on both Linux and Windows servers worldwide. To reserve your SSD Cloud Server with Starter Package 2.0, visit the link. To learn about how to order Starter Package 2.0 and deploy LEMP stack on CentOS operating system, follow the instructions below.

Prerequisites:

  1. You must have an activated Alibaba Cloud account with verified valid payment method. Alibaba Cloud supports PayPal and Credit Card payments. If you are a new user, you can avail FREE $300 - $1200 credits in your Alibaba Cloud personal and enterprise account respectively.
  2. Installed SSH like PuTTy or RDP client (optional) on your PC.

Purchase ECS Instance:

Step 1:

Open the URL: https://www.alibabacloud.com/starter-packages/general .

Step 2:

Select Operating System as Linux or Windows based on your required OS choice for SSD Cloud Server. You will see the following Linux based SSD Cloud Server packages as shown below.

Figure 1

The prices for Linux and Windows servers are different. If you have selected Windows server, you will see the prices as shown below.

Figure 2

Step 3:

Select Period for which you are going to reserve server and Data Center Region where you want to deploy your Node.js application.

Figure 3

Step 4:

Now click on Get Started button which appears in front of each server specification to buy your desired SSD Cloud Server.

Figure 4

Step 5:

You will be redirected to the following detailed page for selection of OS and your desired server specifications as shown below.

Figure_5

Step 6:

Alibaba Cloud has data centers in 14 regions as shown in image below. Select your desired data center region and scroll down the page. Remember, location of IP address assigned to your ECS will be according to selected data center region. For example, if you need Chinese IP address, you will have to buy ECS in Chinese data center region.

Figure_6

Step 7:

Here you go with the detailed selection of operating system. Alibaba Cloud allows you to choose different versions of Ubuntu, SUSE Linux, FreeBSD, Debian, CentOS and Aliyun Linux in Linux OS category, while in Windows OS option, it offers MS Windows Server 2008 to MS Windows Server 2012 (English and Chinese versions).

Note: You may change Linux versions, but cannot convert Linux server into Windows server and vice versa.

Figure_7

Step 8:

Now if you wish to add Server Guard to enhance security, you may activate it for FREE by marking tick to the first option show in image below. After it, choose the pricing model for either you want to buy instance for 1 month or 1 year and do you wish to enable its auto renewal on expiration to avoid loss of data. Once you have selected all required options, you may click Buy Now button.

Figure_8

Step 9:

Now you will see the following screen. Mark tick to agree on general terms and ECS service terms and then click Place Order button to proceed towards payment.

Figure_9

Step 10:

Now click Place Order and you will be redirected to make payment depending on your selected payment method. Alibaba Cloud allows credit card, debit card and PayPal as payment method.

Figure_10

Step 11:

Once payment has been done successfully, you can navigate to account Console and select Elastic Compute Service from your sidebar menu. If you are an existing user, you might see Recently Visited area, otherwise, you may directly search keyword using Enter Keywords area.

Figure_11

You will be redirected to Elastic Compute Service dashboard that will show the list of data center regions and number of instances you have bought with their status.

Figure_12

Open your selected region. You will see list of bought instances in that region.

Figure_13

To setup password of your ECS instance, click Manage.

Figure_14

Now click More and then select Reset Password.

Figure_15

Type new password and click OK.

Figure_16

Note: The following part of this tutorial is specific for CentOS. You may use any OS of your choice, the steps will be different for other OS.

Accessing ECS via PuTTy:

PuTTy is SSH client to access Linux server via command line to execute different commands for installing and configuring various apps. Launch PuTTy, you will see the screen below.

Figure_17

Write your ECS IP address, port 22 is specific for SSH, choose connection type SSH and click Open. You will see the following screen.

Figure_18

Click Yes and you will see command prompt opened. Now type username as root and password as the one you did in recent step about resetting password.

Figure_19

Update CentOS:

Before proceeding towards installation, you should update CentOS packages using the command below.

$ yum -y update

Introduction

In this tutorial, you will learn about making environment ready for LEMP, install and configure Nginx, MySQL, PHP and in the end testing the environment.

Preparation of Compiling Environment:

To make your ECS ready for setting up compiling environment, follow the steps below:

Step 1:

To check the status of firewall, execute the following command.

$ systemctl status firewalld

Figure_20

In the above output, you can see the status of firewall is active.

Step 2:

Disable the firewall if the above output shows status active. If it is already inactive, skip this step.

$ systemctl stop firewalld

The above command will temporarily stop the firewall. In case, you want to disable firewalls permanently, you may execute the command below.

$ systemctl disable firewalld

Note: You can enable the firewall again. For more information, see Firewalld documentation.

Step 3:

Now you will need to disable SELinux (Security Enhanced Linux). To do this, execute the following command to check status of SELinux.

$ getenforce

If SELinux will show disabled status, you may skip this step. If it shows Enforcing, execute the following command to set SELinux disabled temporarily.

$ setenforce 0

After rebooting system, it will automatically become active again. In case you want to permanently disable SELinux, you will install nano editor using command below.

$ yum install -y nano

Now open the SELinux config file by executing command below.

$ nano /etc/selinux/config

Now find SELINUX=enforcing, change the value to disabled, press Ctrl+x, type y and hit Enter key to save the configurations.
To make your settings effective, you will need to reboot the server.

Install NGINX:

To install NGINX on your server, follow the steps below.

Step 1:

Execute the following command to install Nginx:

$ yum install -y nginx

Step 2:

To check if Nginx has been installed properly, execute the following command to check installed version of Nginx.

$ nginx -v

You will see the following output in case of successful installation.

Figure_21

Install MySQL:

To install MySQL on your server, follow the steps below.

Step 1:

To update your YUM repository, execute the command below.

$ rpm -Uvh  http://dev.mysql.com/get/mysql57-community-release-el7-9.noarch.rpm

Step 2:

Execute the following command to install MySQL:

$ yum install -y mysql-community-server

Step 3:

To check if MySQL has been installed properly, execute the following command to check installed version of MySQL. Before executing the command below, jump to MySQL configuration section and perform all configurations, then perform this step.

$ mysql -v

You will see the following output in case of successful installation.

$ mysql  Ver 14.14 Distrib 5.7.25, for Linux (x86_64) using  EditLine wrapper

Install PHP:

To install PHP on your server, follow the steps below.

Step 1:

To update your YUM repository, execute the commands below.

$ yum install -y http://dl.iuscommunity.org/pub/ius/stable/CentOS/7/x86_64/ius-release-1.0-15.ius.centos7.noarch.rpm

$ rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm

Step 2:

Execute the following command to install PHP and required extensions for LEMP stack:

$ yum install -y php70w-devel php70w.x86_64 php70w-cli.x86_64 php70w-common.x86_64 php70w-gd.x86_64 php70w-ldap.x86_64 php70w-mbstring.x86_64 php70w-mcrypt.x86_64  php70w-pdo.x86_64   php70w-mysqlnd  php70w-fpm php70w-opcache php70w-pecl-redis php70w-pecl-mongo

Step 3:

To check if PHP has been installed properly, execute the following command to check installed version of PHP.

$ php -v

You will see the following output in case of successful installation.

PHP 7.0.33 (cli) (built: Dec  6 2018 22:30:44) ( NTS )
Copyright (c) 1997-2017 The PHP Group
Zend Engine v3.0.0, Copyright (c) 1998-2017 Zend Technologies
    with Zend OPcache v7.0.33, Copyright (c) 1999-2017, by Zend Technologies

Configure NGINX:

To do configurations for Nginx, follow the steps below.

Step 1:

First of all you will have to back your Nginx configurations file.

$ cp /etc/nginx/nginx.conf /etc/nginx/nginx.conf.bak

Step 2:

Execute the following command to open Nginx configurations file in nano editor.

$ nano /etc/nginx/nginx.conf

Copy and paste the following code within server braces in opened file and save it, so that it can support PHP requests. If you will not add this code, your server will not be able to run PHP files.

   location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

    location ~ \.php$ {
        fastcgi_index index.php;
        try_files $uri =404;
        include fastcgi_params;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_pass unix:/run/php/php7.0-fpm.sock;
    }

Step 3:

Now execute the command below to start Nginx service.

$ systemctl start nginx

Step 4:

Execute the following command so that whenever you restart your server, Nginx service can start automatically.

$ systemctl enable nginx

Configure MySQL:

To do configurations for Nginx, follow the steps below.

Step 1:

Start your MySQL service by executing command below.

$ systemctl start mysqld

Step 2:

Enable the service so that on rebooting server, MySQL service can start automatically.

 systemctl enable mysqld

Step 3:

To check default password for root user in MySQL, you will need to check /var/log/mysqld.log file. To obtain initial password for user root, execute the command below.

$ grep 'temporary password' /var/log/mysqld.log

You will find the output similar to one given below.

2016-12-13T14:57:47.535748Z 1 [Note] A temporary password is generated for root@localhost: p0/G28g>lsHD

Remember this password, because it will be used to reset password.

Step 4:

To secure your MySQL databases and reset password, execute the following command.

$ mysql_secure_installation

Step 5:

To reset password, enter your old password and follow the instructions as shown in the output below.

Enter password for user root: #Specifies the initial password that you obtained in the previous step.
The 'validate_password' plugin is installed on the server.
The subsequent steps will run with the existing configuration of the plugin.
Using existing password for root.
Estimated strength of the password: 100 
Change the password for root ? ((Press y|Y for Yes, any other key for No) : Y #Specifies whether to change the password of the root user. Press the Y key.
New password: #Specifies a new password. The password must be 8 to 30 characters in length and must contain letters, digits, and special characters at the same time. The following special characters are allowed: parentheses (()), grave accents (`), tildes (~), exclamation points (!), at signs (@), number signs (#), dollar signs ($), percent signs (%), carets (^), ampersands (&), asterisks (*), hyphens (-), underscores (_), plus signs (+), equal signs (=), vertical bars (|), braces ({}), brackets ([]), colons (:), semicolons (;), apostrophes ('), angle brackets (<>), commas (,), periods (.), question marks (?), and forward slashes (/).
Re-enter new password: #Confirms the new password.
Estimated strength of the password: 100 
Do you wish to continue with the password provided?( Press y|Y for Yes, any other key for No) : Y

Each line starting with # in the above output shows instructions.

Step 6:

Type y and hit enter key to delete anonymous users when you will be asked the question given below because anonymous users are added by default and these can be exploited by hackers to gain access to your database.

By default, a MySQL installation has an anonymous user, allowing anyone to log into MySQL without having to have a user account created for them. This is intended only for testing, and to make the installation go a bit smoother. You should remove them before moving into a production environment.

Remove anonymous users? (Press y|Y for Yes, any other key for No) : Y  #Specifies whether to delete anonymous users. Press the Y key.
Success.

Step 7:

Now you will asked to type y and hit enter key to disallow root login remotely. This is to avoid root level remote access to your database for enhanced security.

Disallow root login remotely? (Press y|Y for Yes, any other key for No) : Y #Specifies whether to disable remote logon as a root user. Press the Y key.
Success.

Step 8:

Now type y and hit enter key when you see the following question so that test database and permission to access this test database can be removed.

Remove test database and access to it? (Press y|Y for Yes, any other key for No) : Y #Specifies whether to delete the test database and the permission for accessing the test database. Press the Y key.
- Dropping test database...
Success.

Step 9:

As you have made changes to privileges, you will need to reload privileges table as shown below.

Reload privilege tables now? (Press y|Y for Yes, any other key for No) : Y #Specifies whether to reload the grant table. Press the Y key.
Success.
All done!

Configure PHP:

To configure PHP, follow the steps below.

Step 1:

Create a file named phpinfo.php in /usr/share/php directory. To do this, execute the command below.

$ nano /usr/share/php/phpinfo.php

Step 2:

Copy and paste the following code in opened file, press Ctrl+x, type y and hit Enter key to save the updated file.

<? php echo phpinfo(); ? >

Step 3:

Execute the following command to start PHP.

$ systemctl start php-fpm

Step 4:

Execute the following command to enable PHP service so that on rebooting system can automatically start it.

$ systemctl enable php-fpm

Conclusion:

You have successfully deployed LEMP stack on SSD Cloud Server by Alibaba Cloud. To confirm installation, you can open your browser and navigate to http://IP_Address/phpinfo.php, you will see the following output.

Figure_22

Final step:

Remove the phpinfo.php file to secure your server by executing command below.

$ rm -rf /usr/share/php/phpinfo.php
0 0 0
Share on

Alibaba Clouder

2,599 posts | 758 followers

You may also like

Comments