Next incarnation of OCI web-server. Part one. HTTP.

Posted on 20.01.2022 by yogene

The first experience with OCI compute instances had been dedicated to how to deploy a simple Hello-world-scale webserver. Now it’s time to play with the toy a little harder. Here is an approach of how to make the simple webserver and have some tools or framework to work with static web content.

What are the main tasks:

  • Create a simple OCI compute instance ( VM.Standard.E2.1.Micro, Oracle Linux 7.9 )
  • Setup and configure http – the nginx webserver instead of Apache one
  • Setup and configure ftp – the vsftpd server
  • Upload some web site and manage the content
  • Gain development SSL-Certificate and convert the server to https protocol.

Seems it takes more than one post, so we proceed step-by-step.

The tasks are not guaranteed to be executed one by one strictly, maybe some steps mess up and there will be a need to get to other parts of the entire problem and tinker a little some settings.

This time I use the complete native VCN infrastructure of two subnets (public and private) connected to the internet – it’s the first option, which VCN creation wizard proposes. The compute instance is necessary to place to the public subnet.

After VM deployment and configuring of the VCN security rules as described in the previous topic connect to the instance via CloudShell, PuTTy, or windows command shell (ssh works with cmd as well as in PowerShell); so run any shell from the context menu “Run as administrator” and type in:

ssh opc@<public IP address> -i mykeyname.key

To make the connection process easier, it makes sense to create a simple .bat file for Windows 10/11 in key location folder with one string:

ssh opc@<public IP address> -i mykeyname.key

Important thing: the file has also to be run as administrator: the ssh-key-file has restricted access, as you remember from the previous post, and can’t be handled by any different user.

For other Windows versions, the PuTTy utility may be used. Refer to complete connection manual using ssh keys (coming soon).

In the case of a Linux client machine, the bash script is the way. Create an empty text file nano ws_connect.sh: 

#!/bin/bash
sudo ssh opc@<public IP address> -i mykeyname.key

Then Ctrl+X to exit Y and Enter to confirm to write the file.

The permissions are to be modified with chmod u+x ws_connect.sh to make the file executable. Run it anytime you want to connect to the server.

OK, we are going to have the act if we want to live in a different world to set up the server. At first, bring the system to up to date state: sudo yum update

After the system and components update is finished, let’s go to get some fun with repositories:

The initial repository list doesn’t contain nginx (Oracle Linux 7.x; the 8.x contains already the nginx repository predefined) so we add it manually. Create file nginx.repo:

sudo nano /etc/yum.repos.d/nginx.repo

Write the following repository definition (it works for Oracle Linux 7.x OS as the CentOS-like system):

[nginx]
name=nginx repo
baseurl=https://nginx.org/packages/centos/7/$basearch/
gpgcheck=0
enabled=1

As before, press Ctrl+X to exit, answer Y, and confirm the filename to save the file.

Now we are ready to install and launch the webserver:

sudo yum install nginx
 sudo systemctl enable nginx.service --now

Open the firewall for HTTP traffic restart the firewall to apply the changes:

sudo firewall-cmd --add-service=http --permanent
 sudo firewall-cmd --reload

Check the availability from the internet by browsing <public IP addres> via a web browser. The Nginx dummy page has to appear. If not, check the nginx running: systemctl status nginx .

Assume the webserver is running well, so the next topic is to make us able to put some files to the server with FTP.

This entry was posted in linux, OCI, Oracle/CentOS/RedHat, web. Bookmark the permalink.