1. Home
  2. Cloud VPS
  3. CloudVPS: What do you get installed
Searching...

CloudVPS: What do you get installed

Self Managed CloudVPS could be provisioned in one of the following configurations:

  1. Vanilla OS: CentOS 7 x64 or Ubuntu 16.04 64x
  2. Preconfigured LA(E)MP: Fully optimised Linux, Nginx (reverse proxy), Apache, MariaDB, PHP, PHP-PFM, PHP 5.6 or 7.0
  3. Preconfigured LEMP: Nginx, MariaDB, PHP, PHP-PFM, PHP 5.6 or 7.0
  4. Preconfigured LAMP: Apache, MariaDB, PHP, PHP-PFM, PHP 5.6 or 7.0

Independently of the configuration requested, the following applies to any CloudVPS server:

  • You will receive a welcome email containing your server username and other access details
  • To become privileged user (root), use sudo, such as
    sudo -s
  • MySQL root password is stored in /root/.my.cnf file. This allows passwordless access for user ‘root’
  • In any configuration, your server will have a user ‘redyhost’ configured, used by the RedyHost support team to access your server whenever you raise a support request. This user is restricted to access from only whitelisted IP addresses and is set up in a very secure way. RedyHost does not recommend removing this user or denying access to your server. In some critical situations, we will be accessing your VPS in order to avoid or minimise downtime.

What we use to configure your cloud server

Ansible playbooks that are fine-tuned to provision and maintain your web server in all three configurations.

1. Vanilla OS

If you ordered a vanilla OS install, this comes with a minimal set of packages required to run and operate your server. SSH daemon runs on port 221 unless you specified an alternative port during the order.

2. Preconfigured LAMP

We install Apache if you indicated LAMP during the Cloud VPS ordering process, which mirrors the LEMP configuration (see below) except that Nginx is not installed at all.

3. Preconfigured LEMP

Whenever you requested a preconfigured LEMP stack to be installed, we use the following configuration

  • CentOS Linux (latest stable version) or Ubuntu (the latest LTS version)
  • Nginx (latest stable version)
  • MariaDB (latest stable version)
  • PHP run via php-fpm (latest stable version, 7.0)
  • Postfix (latest stable version)
  • LetsEncrypt – free SSL renewals
  • Drush, WP-CLI, Drupal console, Git, Composer

CentOS

We install CentOS as this is our preferred Linux OS. CentOS comes with minimal set of packages required to operate a high-performance production web server

SSH

By default, we use port 221 for SSH access. This requires passing -p 221 to your ssh connection string, for example ‘ssh vmuser@ip_address -p 221’

During the order process, we prove an option for you to select a different ssh port  If you supplied a custom ssh port, make sure you use the correct value.

Apache

Apache might be used as a standalone web server or as an application server behind Nginx reverse proxy and static files cache. It’s configuration located in /etc/httpd/conf.d/ folder (for CentOS) or in /etc/apache2/conf.d/ folder for Debian/Ubuntu. Any virtual host configuration is located based on your selected OS:

  1. For CentOS: inside/etc/httpd/conf.d/ subdirectory.
  2. For Ubuntu or Debian: inside /etc/apache2/sites-enabled/ directory.

Nginx

Nginx is used as standalone web server or as reverse-proxy and static files cache, it’s configuration located in /etc/nginx/conf.d/ folder. Any virtual host configuration is located based on your selected OS:

  1. For CentOS: inside/etc/nginx/conf.d/ subdirectory.
  2. For Ubuntu or Debian: inside /etc/nginx/sites-enabled/ directory.

PHP

We install latest stable PHP version managed via php-fpm.

php-fpm pools are configured, based on the OS choice.

  • For CentOS:  in /etc/php-fpm.d/ directory
  • For Ubuntu: /etc/php/{php-version}/fpm/pool.d/

Default `www.conf` pool file controls php-fpm user (defaults to `www-php`). If you change the user or copy this pool file to be used as another php-fpm pool (make sure you change the port to a unique one, e.g. 9001, 9002 etc), also make sure the Nginx docroot folder has been chown’d to the same user and group as the new php-fpm pool config file. This user has to exist in the system prior php-fpm pool configuration.

Amongst the common modules required to run Drupal and WordPress, we also have installed and preconfigured the following performance-oriented PHP modules:

  • Opcache by Zend
  • php memcached extension

MariaDB

to get MySQL root password, run `sudo cat /root/.my.cnf`

To log in to MySQL client, become root user (sudo -s) and type ‘mysql’.

Use the root password to create databases and grant user privileges.

Memcached

We have installed the latest stable version of the Memcached daemon, running on the default port 11211. To modify the memory limit to be utilised, edit the file (CentOS 7):

/etc/sysconfig/memcached

or for Ubuntu:

/etc/defaults/memcached

The php-pecl-memcached extension was also installed to facilitate the utilisation of the Memcached daemon from PHP scripts.

Email server

The CloudVPS contains Postfix as the email server, that sends emails directly. The configuration is stored in /etc/postfix/main.cf file

LetsEncrypt SSL

Recently we began provisioning of Cloud VPS services with free SSL certificates provider LetsEncrypt. Our Ansible playbook is configured to install a certbot and a cron job.

In order to create a free LetsEncrypt account, required for SSL provisioning, execute it once:

letsencrypt --standalone certonly

Follow the interactive prompts to get the SSL provisioned.

DNS

In order to manage your DNS zone file, we recommend creating a free account at CloudFlare.

Backups

When your Cloud VPS has been provisioned via our Ansible playbook, it will have a cron job to backup MySQL databases. The cron job is run via the default user’s crontab and could be edited when required.

The backup location is set to the directory/home/[defaultuser]/backup.

Firewall

All pre-provisioned Cloud VPS come with iptables firewall. The OS-specific firewall daemons are turned off.

Vhost location and default permissions

Independently on your requested configuration (except vanilla installation), your website is expected to be located under the directory/var/www/html/{domain-name}/docroot. This directory is created for you automatically.

The corresponding vhost is configured to serve PHP from this location. You could recreate this location at any time, preserving this folders structure.

The default file permissions are defined, based on the configuration of {default_user} and {php_user}. The default directory /var/www/html/{domain-name} always owned by {default_user}:{default_user_group}, where is the docroot (/var/www/html/{domain-name}/docroot) is owned by {php_user}:{default_user_group} and folders’ permissions are 0550.

Based on the CMS you plan to install, our Ansible script will make the required directories writable. For example:

For Drupal: /var/www/html/{domain-name}/docroot/sites/default/files.

For WordPress: /var/www/html/{domain-name}/docroot/wp-content/uploads.

Important Kernel version notice

Our CloudVPS uses vanilla kernel, however we discovered that due to a but in kernels 4.4 and above, we are unable to live migrate your CloudVPS to another server. Such migration may be required when we patch hypervisors, run server maintenance or likewise. Do not upgrade your kernel to 4.4 or above.

The latest supported kernel version is 4.3.x

First steps

To get started with your new Cloud VPS, follow these firsts steps

  1. SSH into your server and try to become root user via `sudo -s` command
  2. As root user, confirm you can access /root/.my.cnf file and read mysql root password
  3. Give you get mysql root password above, execute `mysql_secure_installation` as user root and change mysql root password
  4. Update /root/.my.cnf file with the new mysql root password and test you can login to mysql by running command `mysql` with no username and password specified
  5. Create `/var/www/html/[domain]` directory and chown it to the user specified in your php-fpm pool configuration file (defaults to ‘redyhost’): `chown redyhost:redyhost /var/www/html/[domain]`
  6. Upload your website into `/var/www/html/[domain]/` directory or use git to clone your project into the folder
  7. Using /usr/local/nginx/conf/conf.d/drupal8.conf as an example (or create your own) set ‘server_name’ variable to your website domain and ‘root’ variable to point to your website docroot directory ‘/var/www/html/[domain]’
  8. Create a new database, an unprivileged MySQL user and grant permissions to the new user
  9. Upload your database
  10. Test your website by visiting the domain name configured in Nginx virtual host file.

Provision high-performance LEMP with Ansible

We have prepared a production-ready full-stack provisioning Ansible playbook (well tested under Ubuntu 16.04), which may be accessed from Bitbucket, used and modified as required.

https://bitbucket.org/truecms-team/ansible-provisioning/overview

Updated on 7 June, 2017
Tagged:

Was this article helpful?

Yes No

Related Articles