By Roha Gagan, Alibaba Cloud Community Blog author.
If you are planning to deploy LEMP stack (Linux, NGINX, MySQL and PHP) to host dynamic website on Alibaba Cloud, you would be interested in optimal and cheap solutions with high bandwidth, SSD and powerful CPU. Alibaba Cloud is offering new SSD Cloud servers Starter Package 2.0 powered by 2nd Generation Intel Xeon Scalable Processors to its all valuable customers at very affordable and cheaper prices. Availing this opportunity will give you access to powerful CPU at lower cost. The offer is valid on both Linux and Windows servers worldwide. To reserve your SSD Cloud Server with Starter Package 2.0, visit the link. To learn about how to order Starter Package 2.0 and deploy LEMP stack on CentOS operating system, follow the instructions below.
Open the URL: https://www.alibabacloud.com/starter-packages/general .
Select Operating System as Linux or Windows based on your required OS choice for SSD Cloud Server. You will see the following Linux based SSD Cloud Server packages as shown below.
The prices for Linux and Windows servers are different. If you have selected Windows server, you will see the prices as shown below.
Select Period for which you are going to reserve server and Data Center Region where you want to deploy your Node.js application.
Now click on Get Started button which appears in front of each server specification to buy your desired SSD Cloud Server.
You will be redirected to the following detailed page for selection of OS and your desired server specifications as shown below.
Alibaba Cloud has data centers in 14 regions as shown in image below. Select your desired data center region and scroll down the page. Remember, location of IP address assigned to your ECS will be according to selected data center region. For example, if you need Chinese IP address, you will have to buy ECS in Chinese data center region.
Here you go with the detailed selection of operating system. Alibaba Cloud allows you to choose different versions of Ubuntu, SUSE Linux, FreeBSD, Debian, CentOS and Aliyun Linux in Linux OS category, while in Windows OS option, it offers MS Windows Server 2008 to MS Windows Server 2012 (English and Chinese versions).
Note: You may change Linux versions, but cannot convert Linux server into Windows server and vice versa.
Now if you wish to add Server Guard to enhance security, you may activate it for FREE by marking tick to the first option show in image below. After it, choose the pricing model for either you want to buy instance for 1 month or 1 year and do you wish to enable its auto renewal on expiration to avoid loss of data. Once you have selected all required options, you may click Buy Now button.
Now you will see the following screen. Mark tick to agree on general terms and ECS service terms and then click Place Order button to proceed towards payment.
Now click Place Order and you will be redirected to make payment depending on your selected payment method. Alibaba Cloud allows credit card, debit card and PayPal as payment method.
Once payment has been done successfully, you can navigate to account Console and select Elastic Compute Service from your sidebar menu. If you are an existing user, you might see Recently Visited area, otherwise, you may directly search keyword using Enter Keywords area.
You will be redirected to Elastic Compute Service dashboard that will show the list of data center regions and number of instances you have bought with their status.
Open your selected region. You will see list of bought instances in that region.
To setup password of your ECS instance, click Manage.
Now click More and then select Reset Password.
Type new password and click OK.
Note: The following part of this tutorial is specific for CentOS. You may use any OS of your choice, the steps will be different for other OS.
PuTTy is SSH client to access Linux server via command line to execute different commands for installing and configuring various apps. Launch PuTTy, you will see the screen below.
Write your ECS IP address, port 22 is specific for SSH, choose connection type SSH and click Open. You will see the following screen.
Click Yes and you will see command prompt opened. Now type username as root and password as the one you did in recent step about resetting password.
Before proceeding towards installation, you should update CentOS packages using the command below.
$ yum -y updateIn this tutorial, you will learn about making environment ready for LEMP, install and configure Nginx, MySQL, PHP and in the end testing the environment.
To make your ECS ready for setting up compiling environment, follow the steps below:
To check the status of firewall, execute the following command.
$ systemctl status firewalld
In the above output, you can see the status of firewall is active.
Disable the firewall if the above output shows status active. If it is already inactive, skip this step.
$ systemctl stop firewalldThe above command will temporarily stop the firewall. In case, you want to disable firewalls permanently, you may execute the command below.
$ systemctl disable firewalldNote: You can enable the firewall again. For more information, see Firewalld documentation.
Now you will need to disable SELinux (Security Enhanced Linux). To do this, execute the following command to check status of SELinux.
$ getenforceIf SELinux will show disabled status, you may skip this step. If it shows Enforcing, execute the following command to set SELinux disabled temporarily.
$ setenforce 0After rebooting system, it will automatically become active again. In case you want to permanently disable SELinux, you will install nano editor using command below.
$ yum install -y nanoNow open the SELinux config file by executing command below.
$ nano /etc/selinux/configNow find SELINUX=enforcing, change the value to disabled, press Ctrl+x, type y and hit Enter key to save the configurations.
To make your settings effective, you will need to reboot the server.
To install NGINX on your server, follow the steps below.
Execute the following command to install Nginx:
$ yum install -y nginxTo check if Nginx has been installed properly, execute the following command to check installed version of Nginx.
$ nginx -vYou will see the following output in case of successful installation.
To install MySQL on your server, follow the steps below.
To update your YUM repository, execute the command below.
$ rpm -Uvh http://dev.mysql.com/get/mysql57-community-release-el7-9.noarch.rpmExecute the following command to install MySQL:
$ yum install -y mysql-community-serverTo check if MySQL has been installed properly, execute the following command to check installed version of MySQL. Before executing the command below, jump to MySQL configuration section and perform all configurations, then perform this step.
$ mysql -vYou will see the following output in case of successful installation.
$ mysql Ver 14.14 Distrib 5.7.25, for Linux (x86_64) using EditLine wrapperTo install PHP on your server, follow the steps below.
To update your YUM repository, execute the commands below.
$ yum install -y http://dl.iuscommunity.org/pub/ius/stable/CentOS/7/x86_64/ius-release-1.0-15.ius.centos7.noarch.rpm
$ rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpmExecute the following command to install PHP and required extensions for LEMP stack:
$ yum install -y php70w-devel php70w.x86_64 php70w-cli.x86_64 php70w-common.x86_64 php70w-gd.x86_64 php70w-ldap.x86_64 php70w-mbstring.x86_64 php70w-mcrypt.x86_64 php70w-pdo.x86_64 php70w-mysqlnd php70w-fpm php70w-opcache php70w-pecl-redis php70w-pecl-mongoTo check if PHP has been installed properly, execute the following command to check installed version of PHP.
$ php -vYou will see the following output in case of successful installation.
PHP 7.0.33 (cli) (built: Dec 6 2018 22:30:44) ( NTS )
Copyright (c) 1997-2017 The PHP Group
Zend Engine v3.0.0, Copyright (c) 1998-2017 Zend Technologies
with Zend OPcache v7.0.33, Copyright (c) 1999-2017, by Zend TechnologiesTo do configurations for Nginx, follow the steps below.
First of all you will have to back your Nginx configurations file.
$ cp /etc/nginx/nginx.conf /etc/nginx/nginx.conf.bakExecute the following command to open Nginx configurations file in nano editor.
$ nano /etc/nginx/nginx.confCopy and paste the following code within server braces in opened file and save it, so that it can support PHP requests. If you will not add this code, your server will not be able to run PHP files.
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ \.php$ {
fastcgi_index index.php;
try_files $uri =404;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
}Now execute the command below to start Nginx service.
$ systemctl start nginxExecute the following command so that whenever you restart your server, Nginx service can start automatically.
$ systemctl enable nginxTo do configurations for Nginx, follow the steps below.
Start your MySQL service by executing command below.
$ systemctl start mysqldEnable the service so that on rebooting server, MySQL service can start automatically.
systemctl enable mysqldTo check default password for root user in MySQL, you will need to check /var/log/mysqld.log file. To obtain initial password for user root, execute the command below.
$ grep 'temporary password' /var/log/mysqld.logYou will find the output similar to one given below.
2016-12-13T14:57:47.535748Z 1 [Note] A temporary password is generated for root@localhost: p0/G28g>lsHDRemember this password, because it will be used to reset password.
To secure your MySQL databases and reset password, execute the following command.
$ mysql_secure_installationTo reset password, enter your old password and follow the instructions as shown in the output below.
Enter password for user root: #Specifies the initial password that you obtained in the previous step.
The 'validate_password' plugin is installed on the server.
The subsequent steps will run with the existing configuration of the plugin.
Using existing password for root.
Estimated strength of the password: 100
Change the password for root ? ((Press y|Y for Yes, any other key for No) : Y #Specifies whether to change the password of the root user. Press the Y key.
New password: #Specifies a new password. The password must be 8 to 30 characters in length and must contain letters, digits, and special characters at the same time. The following special characters are allowed: parentheses (()), grave accents (`), tildes (~), exclamation points (!), at signs (@), number signs (#), dollar signs ($), percent signs (%), carets (^), ampersands (&), asterisks (*), hyphens (-), underscores (_), plus signs (+), equal signs (=), vertical bars (|), braces ({}), brackets ([]), colons (:), semicolons (;), apostrophes ('), angle brackets (<>), commas (,), periods (.), question marks (?), and forward slashes (/).
Re-enter new password: #Confirms the new password.
Estimated strength of the password: 100
Do you wish to continue with the password provided?( Press y|Y for Yes, any other key for No) : YEach line starting with # in the above output shows instructions.
Type y and hit enter key to delete anonymous users when you will be asked the question given below because anonymous users are added by default and these can be exploited by hackers to gain access to your database.
By default, a MySQL installation has an anonymous user, allowing anyone to log into MySQL without having to have a user account created for them. This is intended only for testing, and to make the installation go a bit smoother. You should remove them before moving into a production environment.
Remove anonymous users? (Press y|Y for Yes, any other key for No) : Y #Specifies whether to delete anonymous users. Press the Y key.
Success.Now you will asked to type y and hit enter key to disallow root login remotely. This is to avoid root level remote access to your database for enhanced security.
Disallow root login remotely? (Press y|Y for Yes, any other key for No) : Y #Specifies whether to disable remote logon as a root user. Press the Y key.
Success.Now type y and hit enter key when you see the following question so that test database and permission to access this test database can be removed.
Remove test database and access to it? (Press y|Y for Yes, any other key for No) : Y #Specifies whether to delete the test database and the permission for accessing the test database. Press the Y key.
- Dropping test database...
Success.As you have made changes to privileges, you will need to reload privileges table as shown below.
Reload privilege tables now? (Press y|Y for Yes, any other key for No) : Y #Specifies whether to reload the grant table. Press the Y key.
Success.
All done!To configure PHP, follow the steps below.
Create a file named phpinfo.php in /usr/share/php directory. To do this, execute the command below.
$ nano /usr/share/php/phpinfo.phpCopy and paste the following code in opened file, press Ctrl+x, type y and hit Enter key to save the updated file.
<? php echo phpinfo(); ? >Execute the following command to start PHP.
$ systemctl start php-fpmExecute the following command to enable PHP service so that on rebooting system can automatically start it.
$ systemctl enable php-fpmYou have successfully deployed LEMP stack on SSD Cloud Server by Alibaba Cloud. To confirm installation, you can open your browser and navigate to http://IP_Address/phpinfo.php, you will see the following output.
Remove the phpinfo.php file to secure your server by executing command below.
$ rm -rf /usr/share/php/phpinfo.phpJoin Us at the Alibaba Cloud Activate Online Conference - Autumn 2019 Edition
Introduction to Java Virtual Machine (JVM) Performance Tuning
2,605 posts | 747 followers
FollowAlibaba Clouder - March 28, 2018
Alibaba Clouder - April 26, 2019
Alibaba Clouder - October 28, 2019
- November 14, 2017
Alibaba Clouder - July 8, 2020
Alibaba Clouder - April 1, 2019
2,605 posts | 747 followers
FollowLearn More
ECS(Elastic Compute Service)
Elastic and secure virtual cloud servers to cater all your cloud hosting needs.
Learn More
Marketplace
Marketplace is an online market for users to search and quickly use the software as image for Alibaba Cloud products.
Learn MoreMore Posts by Alibaba Clouder