When making a web application or site, it’s good to run as many tests as possible. We always do this to ensure that it accomplishes the necessary quality, performance and operation parameters to satisfy customer needs. It is recommended to test in a special environment dedicated to this task, called staging environment; where the final production environment can be simulated. Imagine a place where you can feel free to brake, screw or mess up things without worrying about altering the final live site. So Staging is the perfect environment to test with no concerns about affecting site’s general function and to move your site one step closer to “live.” Once all tests have been done, it’s time to move to a stable production environment. AWS is a great solution when looking for configuring staging environments.
What is needed to configure a staging environment on AWS?
Tools and services:
- An AWS account
- LEMP stack (Linux, Nginx, MySQL, PHP)
- AWS EC2
- AWS RDS
- AWS S3
- AWS IAM
- AWS CloudWatch
Knowledge and skills:
- AWS Configuration and management (EC2, S3, IAM, DynamoDB, CloudWatch, CodeDeploy)
- Bash scripting
Create your own AWS Account. According with the tools and service list that you saw above, we need an AWS account. First, access to your AWS account. If you don’t have an account, follow the next steps to create your own AWS account. Prepare your web server with LEMP Stack in Ubuntu 16.04 Now, we can prepare your web server; we recommend the LEMP Stack to have high performance on your website. LEMP Stack (Linux, Nginx, Mysql and PHP) is the software integration to serve dynamic websites and web applications. This is the integration of the open source OS Linux, the web server Nginx, the database Mysql and PHP that manage the dynamic process in the site. To install this environment on your web server, follow the next steps.
1. Install Ngnix When you access your web server, you need to install Nginx, use the next command to install it. apt install nginx. After this, in the terminal screen you can see an output with the packages that you will install on your server, type yes or just type Enter to continue with the installation.
When the installation has finished, you can see the default page from nginx if you type the IP address from your web server or, if you already have a domain pointing to your web server and you put your domain in your favorite browser you see it too.
2. Install Mysql Now you need to install MySQL server to manage the database from your future site in your server, run this command to install it. apt install mysql-server Like the installation above, you will see an output with the packages that will be installed in your web server, type yes or just press Enter to install it.
During the installation process, MySQL will ask you for a password to root user, type the password that you consider and press Enter.
After that, Mysql will ask you again to confirm the password, type your password again to confirm it.
Finally, when the installation has finished, you can confirm if the installation was successful if you type mysql -v to check the Mysql version that was installed in your server or you can access to Mysql typing mysql -u root -p and the password that you chose to the root user.
3. Install PHP Until now, we have Nginx and MySQL installed in our web server and we have confirmed this previously. Now, we can install PHP in our web server. To this, we need to run the next command. apt install php php-mysql php-fpm In this case, we will install mysql-php to connect and manipulate the MySQL database, and php-fpm because Nginx does not have a PHP native processor, and we will say to Nginx that pass the PHP request to this software. Now you can see the following packages that will be installed on your web server type yes or press Enter to continue with the installation.
After the installation have finished, you need to configure php now to have more security, to this edit the file php.ini in the path /etc/php/7.0/fpm/php.ini, find the line ;cgi.fix_pathinfo=0 on this file, delete the character “;” and replace 1 to 0 like this: cgi.fix_pathinfo=0 This is to avoid that PHP searches the nearest file if it does not find the file that is waiting for. In other words, this denies the execution of malicious scripts and make your server safer. Now save the file and restart php-fpm like the example below. systemctl restart php7.0-fpm
Configure Nginx to use PHP
Now you need to edit your nginx virtual host to send the PHP request to FPM, to this add the following lines inside the server block in your virtual host. First, your virtual host that Nginx created by default should see like this:
Now, we need to add the following things in this file: Add “index.php” next to “index,” so that Nginx can serve all the available index.php that are in the document root from the site.
Change the server name for your domain name or IP address from your web server.
Uncomment the block to manage the PHP requests; those lines are the PHP location block, the fastcgi-php.conf line and the php7.0-fpm.socket line.
Save the file and run nginx -t command to see if the configuration is ok. If you see an output like the example below, that means that your configuration is ok and you can reload the Nginx service.
Test the new configuration
To test that php is working fine, you need to create an info.php file in your HTML directory, copy and paste the next code into the info.php file.
Finally, we have installed the LEMP stack where your future website will be hosted.
Create an EC2 instance in AWS
Once you have your AWS Account, you can start with this creating your first EC2 instance in your AWS console.
1. Go to aws.amazon.com and click on one of the “Sign in to the Console” buttons.
2. Now, you need to access in the Root user sign In with your user and password.
3. Once you enter in your AWS console, you will see an AWS Services search bar, below that you can see the recently visited services that you have used before, and below that you will see All services divided into categories, find Compute and you can see EC2, click on it to continue.
4. Next, you will see the EC2 dashboard. In this screen, you can see all the AWS resources that you are using in the region that you have chosen, you need to find the Create Instance block and then click on the Launch Instance button.
5. Now it will appear a step by step that you will follow to launch your first EC2 Instance, follow it to create your appropriate kind of instance. Before to start: Choose the region that you consider have low latency.
Step 1: Once you select the region that you need, choose an Amazon Machine Image (AMI), it must be the AMI that fits your project. You can choose between 36 types of instances available, including Ubuntu, Red Hat, SUSE Linux, .Windows, Amazon Linux, among others. To this example we will use an Ubuntu 16.04 AMI.
Step 2: After you select the AMI, now you need to select the instance type. You should consider what do you really need because this instance will host your web page. To this example we have to use t2 micro.
If you want to go to the previous page when you chose an AMI, you can click in the Previous button and follow the instructions in the Step 1, if you want to jump the other steps and launch the instance now, click in the Review and Launch button and follow the indications that are expose in the Step 7 in this tutorial, or if you want to continue with the other steps remaining, click in the Next: Configure Instance Details button to continue with the installation and the next step in this tutorial. ● Step 3: Now, in the next screen, you need to specify the instance details to suit your requirements.
Step 4: In this next step, we will add the storage to our new instance. You must need to put the size that your instance will require. This size can’t be “” but it can grow if you need.
Step 5: In this next step, you need to add a tag that you can identify quickly your instance. For example, if your instance will host your site, but you have too many instances and you can’t identify where you will host it, you can add a tag for this.
Step 6: To configure the security group, you should consider to open the ports that your new EC2 instance needs to show your future web page to the world, and you can allow the access to an specific ip to access to your instance.
Step 7: Finally, you will see a review about all the things that you configure in this previously steps in your new EC2 instance. To finish the EC2 instance creation just click in the “Launch” button. If you need to return to the previous steps to configure parameters again you can click in the step that you need to configure again.
Finally, we will see that our new EC2 Instance was create and we can work with it now.
Create a RDS instance
Now, we will create a RDS to create and manage the database from your future site. To this, you need to access in your AWS Console and search “RDS” in th Search bar from the dashboard.
Then, you need to select the option “Relational Database Service” to access to the RDS dashboard. Once that you access to the Amazon RDS Dashboard, in the left menu you need to locate “Instances”, click on it to see your RDS instances that are running. In this case, we does not create any RDS before, then we will create a new RDS.
First, we need to do click in the button with the label “Launch DB instance” to start the creation process.
After that, select the engine that you consider is better to your site, estimating the points that you consider important to you. You can see a little description for the database engine that you select in the screen, in this case you can see the Mysql little description.
Once that you make your choice, click in “Next” to continue with the next part of the RDS creation. After this, we need to choose our use case.
There are three options and every option has a different application and cost, to check everyone you can click in the link https://aws.amazon.com/rds/pricing or you can calculate your estimated costs per month in the site https://calculator.s3.amazonaws.com/index.html In the next screen, we will specify the database details, this configuration covers the next list of requirements: Instance specifications
- License Model: By default, AWS provides you a standard license to use the Mysql product.
- DB engine version: The version from Mysql that will manage your database.
- DB instance class: The specifications from the instance that will host your database.
- Multi-AZ deployment: You can control the option to create a replica in different zone or not.
- Storage type: The storage type that your project require.
- Allocated storage: The size that you want to allocate to your database instance.
- Db instance identifier: The name witch you can identify your database instance.
- Master username:The username that will have privileges to operate the database instance.
- Master password info: A strong password to access to the RDS instance
When you finish to fill all the fields in this form, click in the “Next” button to continue. Now, you need to configure advanced settings from your instance, among the configurations that you will see in this step we have: Network and security:
- Virtual private cloud (VPC): Defines the virtual networking environment for this DB instance.
- Subnet group: This group defines witch subnets and IP ranges the DB instance can use in the VPC you selected.
- Public accessibility info: Here you authorized if you want to assign a public IP address or not in your DB instance.
- Availability zone: The zone from the current region in which you want the DB instance created.
- VPC security groups: The rules in your VPC to allow or deny access and traffic to your DB instance.
- Database name: The name from your new database.
- Database port: The port that DB will work.
- Db parameter group: This defines the configuration settings that you want to apply to this instance.
- Option group: This enables any optional functionality you want the DB instance to support.
- IAM DB authentication: You can choose between enable or not the IAM DB authentication, this refers to manage your database user credentials through IAM users and roles.
Encryption: Here you can allow to encrypt your instance. Backup:
- Backup retention period: The period that AWS will retain DB backups.
- Backup window: The daily time range during which the automated backups are created.
- Enhanced monitoring: This can help you when you want to see how different processes uses the CPU.
- Here you should check the log types that you will see in Amazon CloudWatch Logs.
- IAM Role: This roll is user for publishing logs to CloudWatch Logs.
- Auto minor version upgrade: This specify it you want to enable automatic upgrades to new minor versions as they are released.
- Maintenance window: The daily time range during which you want pending configurations.
Finally, when you finish to specify all the correct information about this points that were described below, you must click in “Launch DB Instance” button to create and launch you own DB instance. To see your DB instances you can access to the RDS dashboard and select the “Instances” section in the left menu.
Create and configure a bucket with Amazon S3 Service
Amazon Simple Storage Services (Amazon S3), is a service that store static content from your site and backups that will be accesibles in a 99% of time. To create a bucket to start this you need to access to your AWS console and search “S3” in the search bar from the dashboard.
Now, you need to click in S3 to access to the dashboard. After that, you can create your new space where all your data will be stored. First, click in “Create Bucket” button to start the configuration of your new bucket.
Now, you need to fill all the necessary information in a corresponding fields in the form that we show you below. Name and region. In this step, you will put the name of your bucket and the region that it will be created. If you have another bucket created, you can copy settings from this. After this, click in the “Next” button to continue.
Set Properties Then, you will see a different properties that you can assign to your bucket, those are: Versioning: Here you must enable or disable keep multiple versions of an object in the same bucket.
Server access logging: Set up access log records that provide details about access request.
Tags: With this, you can identify the bucket functionality and why it’s creation.
Object-level logging: Have a current monitor service that show you what happens with your bucket usage.
Default encryption: Automatically, encrypt all the objects when they will be stored.
Set Permissions: First, you can manage the permissions to the objects in the bucket for a user that you will allow this.
Then, you must configure the access for others AWS accounts that have contact with your project and manage the public and system permissions.
Review: Finally, you can review all the bucket’s specifications in this screen and continue with the creation of your bucket, or if you need to correct a previous setting, you can return to that step.
Configure an AWS IAM
IAM means Identity and Access Management, this is an AWS service that allows users to access to your AWS account, manage groups and roles and provide this users to your work team to delegate responsibilities oriented to a specific service in your own AWS account Now, we will create a new user using the IAM service, to this follow the next steps to create an IAM user. 1. Log in to your AWS account and type in the Search bar the word “IAM”, to access into the IAM dashboard.
2. Now, you must access in to the IAM Dashboard, click in “Users” option from the left menu in the IAM dashboard. Here you will create and configure your new IAM user.
3.Here, you need to click into the “Add user” button to start the creation of your new IAM user. Now, you need to add the username that you will create. Also, you can add more users that you need. After this, you can choose the access type that your user will access in AWS. These options are:
Programmatic Access: Enables an access key ID and secret access key for the AWS API, CLI, SDK, and other development tools. AWS Management Console Access: Enables a password that allows users to sign-in to the AWS Management Console. You can choose both or just one that you consider is better to you.
Then, you can choose a password or you can allow AWS to provide you an auto generated password, if you need to reset the password from the user that you are creating, you can enable this option. Then, click in “Next” button to continue 4. In the next step, you need to configure the permissions for your new user. To this, we have 3 forms to attach permissions to your user, shown in three icons that you can see below.
With this three option you can choose between add user to a group that you have created previously, copy permissions from existing users that you have created before or Attach existing policies directly. Your choice must be taken according your necessities. 5. Now, you will see a review about your new user with the correspondly configurations that you set previously, if you need to change any parameter you can go back to the step that you need, else, you can proceed to create the user.
6. Finally, you will see the correspondly information to your new user, you can download a .csv file with the user credentials, and with this you can access into AWS Management Console. To confirm this, you can access with the link that are in the .csv file and adding the user and password to access into the AWS console.
Using AWS CloudWatch
Amazon CloudWatch is a monitoring service for your AWS resources and applications that you are running. The most common uses for Amazon CloudWatch are:
- Collect and track metrics
- Collect and monitor log files
- Set alarms and automatically react to changes in your AWS resources.
- Monitor AWS resources that you uses.
You can use Amazon CloudWatch to gain system-wide visibility into resource utilization, application performance, and operational health. You can use these insights to react and keep your application running smoothly. Now, we can start with the configuration of AWS CloudWatch Service. 1. First, log in to your AWS account and type in the Search bar cloudwatch to access into the CloudWatch Dashboard.
2. Next, you need to select the “Alarms” option in the left bar to setup your alarms and click in to “Create Alarm” button to start.
3.Now, you will see the CloudWatch metrics in the first step to create the alarms. The output that you will see in the configuration screen depends of the services that you have running in your AWS account. In this tutorial, we will setup alarms for EC2 instances that we have, then we will select EC2 metrics.
Now, you need to click in the category that you want to set up the alarm and you will see the correspondly metrics from the service that you will active alarms, for this exercise we will setup alarms to monitor CPU utilization that is the percentage of allocated EC2 compute units that are currently in use on the instance. This metric identifies the processing power required to run an application upon a selected instance.
Before the metric selection section, you should see this section, here you can see in a graphical mode the CPU usage status between a time period.
Once you selected the metric, click in “Next” button to continue with the configuration.
4. Next, in the final step, you must provide the correct information about the alarm that you are configure. Every section from this step determine the situations when AWS CloudWatch
Alarm Threshold: Here you can provide the details and the threshold for your alarm.
Alarm Preview: In the right of the screen, you can see the Alarm Preview section, here you can see a graph where you can set the appropriate threshold.
Additional Settings: Here you can provide additional configuration for your alarm,
Actions: In this section, you define what actions are taken when your alarm changes state.
Here, you need provide a email account to receive the notifications about the topic that you have specificated.
Finally, click in the “Create Alarm” button to complete the alarm setup. After that you create it, you will receive an email with the subject “AWS confirmation- Subscription confirmation”, then you open it and click in the included link to confirm that you are willing to receive alerts from to that address. Once confirmed, you will received alarms from AWS CloudWatch to you and you can monitor your AWS services in a best form.
In this blog, we learn how to create step by step a staging environment from your site using the most common services in AWS. This really help you to see a exactly copy from your live site and make the correspondly corrections in this to test the performance from this and does not affect your current live site.