Tuesday Sep 01, 2009

Drupal with AMP Stack AMI build on Hardened Security OpenSolaris 2008.11 AMI

AMI ID: ami-d9ee0eb0
AMI Manifest: sun-opensolaris-2008-11-hardened/hardened_2008.11_32_AMP_Drupal_V1.1.img.manifest.xml
AKI/ARI ID:
aki-6552b60c / ari-6452b60d
License: Public

Description:

Sun Microsystems Inc. is pleased to announce the release of Drupal AMI with AMP Stack based on Hardened OpenSolaris 2008.11 AMI on Amazon EC2's cloud computing service. 

This 32-bit AMI gives you the power and security of OpenSolaris combined with the flexibility of Amazon's cloud computing service, and is optimized for Amazon EC2's cloud computing environment.


Following components are included in the AMI.
  • Drupal 6.10 (pre-configured state) 
  • Apache 2.2, MySQL 5.0 
  • PHP 5.2 (along with extensions like APC, DTrace, Suhosin, Memcache) runtime 
  • phpMyAdmin for administering the MySQL data base
  • OpenSolaris AMI Hardening update.  For Hardening Details, please visit  http://wikis.sun.com/display/ISC/OpenSolaris+AMI+Hardening

Configurations:

  • Drupal (bundled within this AMI in pre-configured state) is available under location /var/drupal-6.10
  • Drupal specific configuration for Apache Web Server is available within /etc/apache2/2.2/conf.d/drupal.conf.
  • Users can launch and configure Drupal by accessing http://<DNS name associated with the instance> in their browser.
  • Apache and MySQL services are pre-configured to start on boot.
  • If you would like to use phpMyAdmin, you will need to do the following:

                  # cp /etc/apache2/2.2/samples-conf.d/phpmyadmin.conf /etc/apache2/2.2/conf.d/

                  # svcadm restart http:apache22

  • Drupal recommends having a database protected with a valid user name and password to be created on the system before configuring Drupal. Hence, users are advised to either use 'ssh' to login to your AMI or phpMyAdmin to create such database before proceeding to configuring Drupal.
  • DTrace probes are available within Apache and PHP runtime. Sample Dtrace scripts are available under /opt/DTT/

For more details on security information and image usage instructions, please refer to the '/root/ec2sun/
README' file.


AMP Stack File Layouts


Apache

PHP

MySQL

Binary Runtime Files

/usr/apache2/2.2/bin

/usr/php/5.2/bin

/usr/mysql/5.0/bin

Configuration Files

/etc/apache2/2.2

/etc/php/5.2

/etc/mysql/5.0

Web Documents / Data Files

/var/apache2/2.2

/var/php/5.2

/var/mysql/5.0

Administering AMP Stack

Command

Apache

MySQL

Start Service

svcadm enable http:apache22

svcadm enable mysql:version_50

Stop Service

svcadm disable http:apache22

svcadm disable mysql:version_50

Restart Service

svcadm restart http:apache22

svcadm restart mysql:version_50


You can reset MySQL 'root'password by running following command:

# /usr/mysql/5.0/bin/mysqladmin -u root -p password '<MySQL password>'

It is highly recommended to secure your MySQL database by following the guidelines mentioned within the MySQL 5 database documentation:

The root file system is ZFS in this AMI and includes the pre-installed packages and tools necessary to get started with using OpenSolaris on Amazon EC2. You can obtain more details about the OpenSolaris project at http://www.opensolaris.org.

Also, just like in our previous AMIs, the "pkg image-update" command updates the kernel and ramdisk which is not allowed in Amazon EC2. Therefore, in order to prevent your instances from becoming non-compatible with the Amazon EC2 environment, we have disabled this command.

More details including re-bundling instructions can be found in the Getting Started Guide



Support:

For technical support during the Beta period, please contact ec2­-solaris­-support[AT]SUN[DOT]COM.

Please check OpenSolaris on Amazon EC2 blog for latest updates and new information about OpenSolaris AMIs.

The "OpenSolaris on Amazon EC2 Getting Started Guide" is located at:
http://www.sun.com/third-party/global/amazon/Sun_AmazonEC2_GettingStartedGuide.pdf


Register for OpenSolaris AMIs here.


Tuesday Aug 18, 2009

Hardened OpenSolaris 2009.06 AMI now available in Europe

We are very happy to announce the availability of the latest Hardened OpenSolaris 2009.06 AMI on Amazon EC2 in the European Region. This AMI is based on the OpenSolaris 2006.09 US AMI and does not need registration.

Following are the details of this new AMI:

Hardened OpenSolaris 2009.06 32-bit AMI:

ami-b69fb7c2 aki-2181a955 / ari-b49fb7c0

Manifest: hardened_opensolaris_2009.06_32_1.2.img.manifest.xml

To run this AMI in Europe, change the following environment variables before launching the AMI:

EC2_URL="https://eu-west-1.ec2.amazonaws.com"
LOCATION="EU"

The other env variables remain the same.

NOTE:  a unique <your-keypair-name> must be generated for each region before launching an AMI.(Use ec2-add-keypair <name> > keypairfile after setting the above env variables).

Rebundling Changes:

As you can see we have introduced the new ARI (ari-9d6889f4) with this AMI, make sure you use the correct ARI with the "ec2-bundle-image" command as given below.

bash # ec2-bundle-image -c $EC2_CERT -k $EC2_PRIVATE_KEY \\
 --kernel aki-661c3412 --ramdisk ari-601c3414 \\
 --block-device-mapping "root=rpool/56@0,ami=0,ephemeral0=1" \\
 --user <userid> --arch i386 \\
 -i $DIRECTORY/$IMAGE -d $DIRECTORY/parts

In addition if you want to disable auditing during re-bundling, you can execute following commands in your clean up tasks before executing "ec2-bundle-image" command.

bash # audit -t
bash # > /var/log/auditlog
bash # rm -f /var/audit/\*

Thursday Jun 11, 2009

Hardened OpenSolaris 2008.11 Now Available in Europe

Hardened OpenSolaris 2008.11 AMI Now Available on Amazon EC2 in Europe! 

We are very happy to broaden the availability of the latest Hardened OpenSolaris AMI on Amazon EC2 in the European Region. This AMI is based on the OpenSolaris 2008.11 base AMI and does not need registration.

Following are the details of this new AMI:

Hardened 32-bit AMI:

ami-d7a189a3 aki-661c3412 / ari-601c3414

Manifest: hardened_2008.11_32_4.0.img.manifest.xml

To run this AMI in Europe, change the following environment variables before launching the AMI:

EC2_URL="https://eu-west-1.ec2.amazonaws.com"
LOCATION="EU"

The other env variables remain the same.

NOTE:  a unique <your-keypair-name> must be generated for each region before launching an AMI.(Use ec2-add-keypair <name> > keypairfile after setting the above env variables).

Rebundling Changes:

As you can see we have introduced the new ARI (ari-9d6889f4) with this AMI, make sure you use the correct ARI with the "ec2-bundle-image" command as given below.

bash # ec2-bundle-image -c $EC2_CERT -k $EC2_PRIVATE_KEY \\
 --kernel aki-661c3412 --ramdisk ari-601c3414 \\
 --block-device-mapping "root=rpool/56@0,ami=0,ephemeral0=1" \\
 --user <userid> --arch i386 \\
 -i $DIRECTORY/$IMAGE -d $DIRECTORY/parts

In addition if you want to disable auditing during re-bundling, you can execute following commands in your clean up tasks before executing "ec2-bundle-image" command.

bash # audit -t
bash # > /var/log/auditlog
bash # rm -f /var/audit/\*

About

Information about Solaris and OpenSolaris on Amazon Web Services (AWS) EC2. Look here for the latest information on the program and any late breaking information on (Open)Solaris on EC2.

Search

Categories
Archives
« July 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
  
       
Today