Linux

There are 2 posts tagged Linux (this is page 1 of 1).

idiot’s guide to linux on amazon ec2 – part 1

Recently I’ve had the opportunity of setting up a Linux instance on Amazon EC2 for use with Ruby on Rails, MySQL, Nginx and Rabbit MQ. I suspect much of what I will document is obvious to many but hopefully some of you may find it useful, especially, if like me, you are totally inexperienced with setting up a Linux server.

As it turns out I’ll probably document this over a couple of posts as it took up a bit more time and space than I first anticipated. In this first part I will cover, logging in as the root user, adding a new user, generating their ssh key, adding the user to the list of sudoers, and finally disabling root login via ssh. I’ll update this article with links to the other parts as I create them (Part 2).

Right, first things first, some background info. Rightly or wrongly we required the server to do more than one thing, hence the list of items to install. So to reduce this number I picked an image with RabbitMQ pre-installed – as setup of this was uncharted territory for me. A consequence of this choice was that it pushed us down the path of Ubuntu and the latest version which is currently 9.10. So let’s get to it.

The goal here is to disable remote root login, and in doing so we need to create a new user, and give him the ability to sudo commands. To do that we first need to login to our new EC2 image – which took me a little time to figure out! This can be done from Windows using putty. However, we must first use puttygen to generate a putty ssh auth key (putty doesn’t understand the key generated by Amazon) from your Amazon keypair which can be found in the AWS Management Console under Key Pairs. Check out this link for further information.

Now on to the real work.

Adding a user and generating their ssh key
Follow the process below to add a new user and generate an ssh key for this user.

  1. Login as root using method described above
  2. Run adduser webuser – where webuser is the name of the user we are adding. Fill in the details including the password of this user.
  3. Type su webuser – to run a shell as this user without logging out
  4. Execute ssh-keygen -t dsa from this users home directory
  5. Rename the file ~/.ssh/id_dsa.pub to ~/.ssh/authorized_keys
  6. Take a copy of the generated private key (should be in ~/.ssh/id_dsa) and copy it to your local machine
  7. Now use puttygen to generate the ssh key from id_dsa
  8. Finally login using putty and the new key – you should only have to specify your username when logging in.

Adding your new user to the list of sudoers
This is a very basic sudoers setup as we are only adding a single sudo user to the /etc/sudoers file. I know you can do way more complicated things with this but what is documented here was sufficient for our needs. So let’s get on with it.

  1. Login as root
  2. Run visudo – this is an editor for the sudoers file to stop multiple people editing the file at the same time
  3. Locate the lines below in the editor

    # User privilege specification
    root ALL=(ALL) ALL

    and change this to

    # User privilege specification
    root ALL=(ALL) ALL
    webuser ALL=(ALL) ALL

  4. If you would like to allow the user to sudo without having to supply a password then you need to add the following line as well:

    webuser ALL=NOPASSWD: ALL

  5. Now save the file and exit – ensure that the changes are saved to /etc/sudoers

Disabling root login

  1. Login as webuser
  2. Run sudo vi /etc/ssh/sshd_config – you can replace vi with another editor if you please, I’ve heard nano might be a little more friendly to windows users!
  3. Find the line PermitRootLogin and change it to:

    PermitRootLogin no

    If I remember correctly in the instance I was using there was more than one line with PermitRootLogin so it may be worth check for this yourself.

  4. As a side note, should you wish to allow login using passwords rather than using a ssh key (this maybe what users familiar with shared hosting are used to) you can enable this by changing the relevant line in sshd_config to:

    PasswordAuthentication yes

  5. Finally, restart sshd by running sudo /etc/init.d/ssh restart

You should now be able to login in using webuser, and sudo commands as webuser that require to be run as root. Additionally, root login from a remote server has also been disabled.

There may be better ways to do the above, but what I’ve documented works. I may also be missing stuff, if so, let me know and I will update this. Well, that’s it for now. Check back soon for Part 2 which will be on it’s way shortly.

Update: idiot’s guide to linux on amazon ec2 – part 2

why would you choose .net?

I’ve been wondering for quite some time now why a new startup, on a greenfield project, or even a personal site, would choose to use .NET for web development?

Firstly, this is not a Microsoft bashing article – I’m simply trying to understand the thought behind such a choice. While researching this I noticed another recent article (titled: When Windows beat Linux: a cautionary tale) on something similar, so I will use some of the information from this article.

For those than can’t be bothered to read the article I linked to (as many people on a certain social network site decided to do before apparently casting their vote) I will summarise. The article looks at a case study by a German airline company who was restructuring the IT systems of a bankrupt airline which they had acquired.  In this process they were moving from a Linux based “scripting” solution to a Windows based .NET stack.

To aid the discussion let’s say that I’m starting a new mISV (micro Independent Software Vendor – this seems to be the buzz word for startup).  What will I be producing? I don’t know, let’s say an online bakery because I LOVE cakes so much.  Now suppose that we choose to do this using Python and Django on a Linux dedicated server.

So let’s assume that we are going to be a rip roaring success and that every business close to us will be looking to buy our cakes to reward their industrious employees, i.e. the application should scale reasonably well.

A quick look at the case study seems to imply that for every Windows based server needed, we require 2.5 times the computing power for equivalent performance in the Linux based system:

4 Windows Server IIS 6.0-based computers replacing the 10 computers that had hosted the former Linux version

A quick check on Google reveals that a Windows dedicated server will cost around £120 (~$170) more per year than a Linux server.  But I need 2.5 times as many Linux servers as I do Windows servers (assuming my application is going to be maxing out the Windows server). Therefore if a Linux server costs me £600 (~£840) a year, this means that I’m £780 better off with the Windows server as my choice.  Hold on though, because, let’s face it, the conclusions drawn about the number of servers required for each solution in the case study are pure bullshit! Right?  The case study thinks it’s fair to say that 4 brand new top of the range servers are equivalent to 4 Pentium P3s from heaven knows when. Common sense here states that I would get at least as much performance out of my Linux server as I would the Windows one. Hence I will be saving £120 a year, not gaining £780 as the case study would like you to believe. Now on to the software.

The case study states that: 

The Web front-end to the e-commerce solution was rewritten using Microsoft C# technology, introducing object-oriented programming to what had formerly been a script-based solution and enabling the solution to be updated and expanded more easily in response to business requirements…The Web server portion of the solution took three months and $120,000 to develop; had SWISS used Java, Heintel estimates, the solution would have taken 50 percent more time and money.

How the hell did Heintel arrive at that estimate?  Christ, every bank in the world would be scrambling to rewrite their enterprise Java apps at that rate.  Let’s face it, their estimate was utter nonsense – my Mum could have came up with a better estimate and she still hasn’t figured out how to use that wee-thing-that-you-move-with-your-hand-to-make-the-wee-arrow-thing-on-the-screen-move!  Moving on, I didn’t realise that you couldn’t write object-oriented programming on a Linux environment, news to me!  I mean it’s not like you could write the exact same object-oriented based solution in a language of your choice, whether it be Python, Java, Ruby or PHP (or even C# using Mono). Therefore instead of saving me money on software it’s going to cost me. Why?

First, I’m going to have to purchase SQL Server, I can’t imagine it’s cheap, say around £800. Not only that, I’m going to have to pay for upgrades that I might need in the future, not to mention more SQL Server licences for any additional db servers should I need them.  The Microsoft stack is certainly not saving me any money here.

Now on to the IDE. For the Linux based system I could use NetBeans or Eclipse, which are free. For the Windows based system I could use Visual Studio Express Edition. However, I can’t imagine the Express Editions are good for building large web applications, and I haven’t seen too many Microsoft shops using these editions –  am I wrong?  Presuming we can’t use the Express Editions, I need to pay for the full version of Visual Studio, which tots in at around £600 per developer. However, the Linux based approach is costing me NOTHING for each additional developer that I add.

Another facet of .NET development I have noticed is that you tend to have to pay for nice developer tools that are otherwise free on non-Microsoft based stacks – Reshaper being the example that springs to mind. Hence you have to factor in the cost of such 3rd party libraries.

All in all it appears that the Windows based system is going to cost me waaaaay more to get started than the Linux equivalent. Costs may not seem that high to some people, but when you have limited financies to start your own mISV, any costs, however small, are something you can do without, more so in the current economic climate. 

One thing I have so far failed to take account of is the cost of learning new technology.  If you are a veteran C# developer then taking the Linux route would mean learning to use new tools and new languages. However, any developer worth their weight in salt is keen to improve their knowledge and would quickly be able to cope.  Most smart developers see it as FUN to learn something new. 

What I would like to mention is Microsofts BizSpark.  This came to my attention after listening to the Startup Success Podcast of which I have become an avid listener.  If memory serves me correctly it drastically reduces the cost of Microsoft development tools for mISVs – sorry I can’t remember the exact price but it’s low (update: please see the comments below for some more info on this). This kind of incentive from Microsoft is a great idea, and something I may look at closely, alongside the Linux based options, in my own mISV ventures I will soon be embarking on.

To sum up: with the exception of the BizSpark incentive, if this truly delivers what it appears to, I just can’t see any reason to choose the .NET stack over a free Linux based solution. Can you?