When assigning Elastic IP in Amazon AWS, I get an error
The maximum number of addresses has been reached.
This is because Amazon only allows 5 Elastic IP address per region.
You can see the AWS service limits at
http://docs.aws.amazon.com/general/latest/gr/aws_service_limits.html
You can open a support ticket with Amazon, they will increase the Elastic IP limit. If your account is new, then you may need to wait for 30 days before you can get an increased Elastic IP limit.
Install LetsEncrypt SSL on Bitnami
To stop/start service use ctlscript.sh
root@ip-172-31-26-46:~# /opt/bitnami/ctlscript.sh
usage: /opt/bitnami/ctlscript.sh help
/opt/bitnami/ctlscript.sh (start|stop|restart|status)
/opt/bitnami/ctlscript.sh (start|stop|restart|status) mysql
/opt/bitnami/ctlscript.sh (start|stop|restart|status) php-fpm
/opt/bitnami/ctlscript.sh (start|stop|restart|status) apache
help - this screen
start - start the service(s)
stop - stop the service(s)
restart - restart or start the service(s)
status - show the status of the service(s)
root@ip-172-31-26-46:~#
To stop MySQL, run
root@ip-172-31-26-46:~# /opt/bitnami/ctlscript.sh stop mysql Unmonitored mysql /opt/bitnami/mysql/scripts/ctl.sh : mysql stopped root@ip-172-31-26-46:~#
To disable Banner on WordPress site, run
/opt/bitnami/apps/wordpress/bnconfig --disable_banner 1
Disable MySQL in Bitnami instance after moving Database to RDS
/opt/bitnami/ctlscript.sh stop mysql mv /opt/bitnami/mysql/scripts/ctl.sh /opt/bitnami/mysql/scripts/ctl.sh.disabled mv /opt/bitnami/config/monit/conf.d/mysql.conf /opt/bitnami/config/monit/conf.d/mysql.conf.disabled
Apache Config
VirtualHost entry for wordpress is available on file
vi /opt/bitnami/apache2/conf/bitnami/bitnami.conf
Amazon EFS can be used to mount same drive on multiple EC2 instances allowing you to make the website scale on multiple web servers.
To mount EFS drive on Ubuntu, you need to install
apt-get -y install nfs-commonTo mount a EFS drive, run
mkdir /efs
mount -t nfs4 -o nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2 fs-YOUR-ID.efs.us-east-1.amazonaws.com:/ /efsHere is fstab entry for auto-mounting the EFS file system on boot. In this example, the EFS filesystem is mounted as /efs directory.
root@ip-10-0-0-224:~# cat /etc/fstab
LABEL=cloudimg-rootfs / ext4 defaults,discard 0 0
fs-4fg8d351.efs.us-east-1.amazonaws.com:/ /efs nfs4 nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2 0 0
root@ip-10-0-0-224:~# Or
fs-a27131eb.efs.us-east-1.amazonaws.com:/ /efs nfs4 nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2,_netdev 0 0If you get an error like the following when trying to mount the EFS file system, you need to allow traffic between security groups used by EFS and EC2 on TCP port 2049.
root@ip-172-31-39-189:~# mount -t nfs4 -o nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2 fs-021c514bd4d641fb3.efs.eu-central-1.amazonaws.com:/ /efs
mount.nfs4: Connection timed out for fs-021c514bd4d641fb3.efs.eu-central-1.amazonaws.com:/ on /efs
root@ip-172-31-39-189:~# To connect to EFS, you need to edit the security group associated with your EFS mount target. This, you can find by going to
EFS > NetworkHere you will see all networks and associated security groups. Edit the security group and allow connection from the ec2 server security group
Add an Inbound Rule:
Type: NFS
Protocol: TCP
Port Range: 2049
Source: Select the security group associated with your EC2 instance, or use 0.0.0.0/0 for testing (though for security reasons, using the security group of your EC2 instance is recommended).
Security group associated with EC2 usually allows all outgoing traffic. If not, you may need to add a rule to allow traffic to EFS security group on TCP port 2049.
By default when you create a Compute Engine virtual machine in Google Cloud, you get public IP address. This IP address changes when you ever shutdown down your instance.
To avoid IP getting changed, you need to reserve the IP address to do this, you need to change type of IP address from Ephemeral to Static.
Go to
Google Cloud Platform > Networking > VPC Network > External IP addresses
You will see list of all IP associated with your instances here.
Under Type column, set type to Static. You will be asked to enter a name and description. Once you do this, IP will not release even if you shutdown a VM.
Rancher is an open source container management platform.
To install rancher, you need to install docker. Once you have docker installed and running, run
docker run -d --restart=unless-stopped -p 80:80 -p 443:443 --privileged rancher/rancher
Now you will be able to access your Rancher installation at
https://your-server-ip
On your first visit, you will be asked to set password for user “admin”.
Newer version of rancher use lot more memory than it used to be. It overloaded AWS t2.micro instance with 1 GB RAM, 1 VCPU, 2 GB swap.
To install master on Ubuntu 16.04, lets start by installing docker.
apt-get update apt-get install -y docker.io
Now install kubeadm
apt-get update && apt-get install -y apt-transport-https curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add - cat </etc/apt/sources.list.d/kubernetes.list deb http://apt.kubernetes.io/ kubernetes-xenial main EOF apt-get update apt-get install -y kubelet kubeadm kubectl
You can create kubernetes master by running kubeadmin init command.
root@doc1:~# kubeadm init [kubeadm] WARNING: kubeadm is in beta, please do not use it for production clusters. [init] Using Kubernetes version: v1.8.5 [init] Using Authorization modes: [Node RBAC] [preflight] Running pre-flight checks [kubeadm] WARNING: starting in 1.8, tokens expire after 24 hours by default (if you require a non-expiring token use --token-ttl 0) [certificates] Generated ca certificate and key. [certificates] Generated apiserver certificate and key. [certificates] apiserver serving cert is signed for DNS names [doc1.elitetechs.com kubernetes kubernetes.default kubernetes.default.svc kubernetes.default.svc.cluster.local] and IPs [10.96.0.1 45.32.210.20] [certificates] Generated apiserver-kubelet-client certificate and key. [certificates] Generated sa key and public key. [certificates] Generated front-proxy-ca certificate and key. [certificates] Generated front-proxy-client certificate and key. [certificates] Valid certificates and keys now exist in "/etc/kubernetes/pki" [kubeconfig] Wrote KubeConfig file to disk: "admin.conf" [kubeconfig] Wrote KubeConfig file to disk: "kubelet.conf" [kubeconfig] Wrote KubeConfig file to disk: "controller-manager.conf" [kubeconfig] Wrote KubeConfig file to disk: "scheduler.conf" [controlplane] Wrote Static Pod manifest for component kube-apiserver to "/etc/kubernetes/manifests/kube-apiserver.yaml" [controlplane] Wrote Static Pod manifest for component kube-controller-manager to "/etc/kubernetes/manifests/kube-controller-manager.yaml" [controlplane] Wrote Static Pod manifest for component kube-scheduler to "/etc/kubernetes/manifests/kube-scheduler.yaml" [etcd] Wrote Static Pod manifest for a local etcd instance to "/etc/kubernetes/manifests/etcd.yaml" [init] Waiting for the kubelet to boot up the control plane as Static Pods from directory "/etc/kubernetes/manifests" [init] This often takes around a minute; or longer if the control plane images have to be pulled. [apiclient] All control plane components are healthy after 48.004158 seconds [uploadconfig] Storing the configuration used in ConfigMap "kubeadm-config" in the "kube-system" Namespace [markmaster] Will mark node doc1.elitetechs.com as master by adding a label and a taint [markmaster] Master doc1.elitetechs.com tainted and labelled with key/value: node-role.kubernetes.io/master="" [bootstraptoken] Using token: cfeeef.e7a85b6b4a55936c [bootstraptoken] Configured RBAC rules to allow Node Bootstrap tokens to post CSRs in order for nodes to get long term certificate credentials [bootstraptoken] Configured RBAC rules to allow the csrapprover controller automatically approve CSRs from a Node Bootstrap Token [bootstraptoken] Configured RBAC rules to allow certificate rotation for all node client certificates in the cluster [bootstraptoken] Creating the "cluster-info" ConfigMap in the "kube-public" namespace [addons] Applied essential addon: kube-dns [addons] Applied essential addon: kube-proxy Your Kubernetes master has initialized successfully! To start using your cluster, you need to run (as a regular user): mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config You should now deploy a pod network to the cluster. Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at: http://kubernetes.io/docs/admin/addons/ You can now join any number of machines by running the following on each node as root: kubeadm join --token cfeeef.e7a85b6b4a55936c 45.32.210.20:6443 --discovery-token-ca-cert-hash sha256:68540be50b8436e5d08c097ec9328b61398d8dd5a9a7449a1e55520b88d423f3 root@doc1:~#