DEV Community

Johnbosco Umeh
Johnbosco Umeh

Posted on

TOOLING SOLUTION FOR A DEVOPS TEAM

This project focuses on building a website solution for a team of developers that will help a in day to day activities in managing, developing, testing, deploying, and monitoring different projects.

ARCHTECTURAL DESIGN

artectureimage

NFS SERVER

Create a new Redhat 8 ec2 linux instance and save the keypair as a .pem file for connection for Linux/Windows Terminal

ec2instance

Create 3 volumes of 10G each

creatvol

Attach the volumes to the instance one after another

volattach

Open the linux/windows terminal and checked the attached disks. Run:

lsblk

lsblk

Create Partitions on each disk. Run

sudo gdisk /dev/xvdg
sudo gdisk /dev/xvdf
sudo gdisk /dev/xvdh
Enter fullscreen mode Exit fullscreen mode

Type n, to create new partition, enter 1 to create 1 partition, p to see the partition details and w to write the created partition. Select yes to finish

sudogdisk

Check the Partitions created

lsblk

lsblk2

Intall lvm2

sudo yum install lvm2

sudolvm

Check the available partitions. Run

sudo lvmdiskscan

scandiklvm

Create Physical volume by marking 3 of the partitioned disks with pvcreate

sudo pvcreate /dev/xvdf1
sudo pvcreate /dev/xvdg1
sudo pvcreate /dev/xvdh1
Enter fullscreen mode Exit fullscreen mode

pvcreate

Verify the created physical volumes

sudo pvs

sudopvs

Create a volume group to contain all 3 of the created physical volumes with vgcreate. In this case the name is nfs-vg

sudo vgcreate nfs-vg /dev/xvdf1 /dev/xvdg1 /dev/xvdh1

vgnfs

Verify the created volume group

sudo vgs

sudovgs

Create 3 Logical Volumes. lv-opt lv-apps, and lv-logs using the lvcreate utility. Allocate 9G each to them. The lv-apps will store website data, lv-gos will store web logs.

sudo lvcreate -n lv-apps -L 9G nfs-vg
sudo lvcreate -n lv-logs -L 9G nfs-vg
sudo lvcreate -n lv-opt -L 9G nfs-vg
Enter fullscreen mode Exit fullscreen mode

lvcreate

Confirm the logical volumes

sudo lvs

sudolvs

Verify the entire set-up

lsblk

lsblk3

Format the disk logical volumes with mfks.xfs

sudo mkfs -t xfs /dev/nfs-vg/lv-apps
sudo mkfs -t xfs /dev/nfs-vg/lv-logs
sudo mkfs -t xfs /dev/nfs-vg/lv-opt
Enter fullscreen mode Exit fullscreen mode

Create /mnt/apps directory to store files
sudo mkdir -p /mnt/apps for website files
sudo mkdir -p /mnt/logs for log files
sudo mkdir -p /mnt/opt to be used for jedkins in the next project
Mount lv-apps of /mnt/apps; lv-logs on /mnt/log and lv-opt on /mnt/opt

sudo mount /dev/nfs-vg/lv-apps /mnt/apps
sudo mount /dev/nfs-vg/lv-logs /mnt/logs
sudo mount /dev/nfs-vg/lv-opt /mnt/opt
Enter fullscreen mode Exit fullscreen mode

mkdirmount

Update /etc/fstab file

Run

sudo blkid

blkid

coppy the mount ids and update:

sudo vi /etc/fstab

fstabedit

Test the configuration and reload the daemon

sudo mount -a
sudo systemctl daemon-reload
Enter fullscreen mode Exit fullscreen mode

Install nfs server, configure and make sure it starts on system reboot

sudo yum -y update
sudo yum install nfs-utils -y
sudo systemctl start nfs-server.service
sudo systemctl enable nfs-server.service
sudo systemctl status nfs-server.service
Enter fullscreen mode Exit fullscreen mode

utils

enablenfs

set up permission that will allow our Web servers to read, write and execute files on NFS:

sudo chown -R nobody: /mnt/apps
sudo chown -R nobody: /mnt/logs
sudo chown -R nobody: /mnt/opt
sudo chmod -R 777 /mnt/apps
sudo chmod -R 777 /mnt/logs
sudo chmod -R 777 /mnt/opt

sudo systemctl restart nfs-server.service
Enter fullscreen mode Exit fullscreen mode

own775

Check your subnet cidr – open your EC2 details in AWS web console and locate ‘Networking’ tab and open a Subnet link:

Screenshot from 2023-03-14 03-56-10

Configure access to NFS for clients within the same subnet using the subnet cidr we got above

sudo vi /etc/exports

/mnt/apps <Subnet-CIDR>(rw,sync,no_all_squash,no_root_squash)
/mnt/logs <Subnet-CIDR>(rw,sync,no_all_squash,no_root_squash)
/mnt/opt <Subnet-CIDR>(rw,sync,no_all_squash,no_root_squash)

Esc + :wq!

sudo exportfs -arv
Enter fullscreen mode Exit fullscreen mode

etcedit

exportfs

Check which port is used by NFS and open its port in security group setting

rpcinfo -p | grep nfs

portcheck

Open port TCP 2049 inbound security group and also, In order for NFS server to be accessible from your client, you must also open following ports: TCP 111, UDP 111, UDP 2049

tcpudpport

CONFIGURE DATABASE

Configure ec2 instance type ubuntu and do these:

Install MySQL server

sudo apt install mysql-server

Create a database and name it tooling

Create a database user and name it webaccess

Grant permission to webaccess user on tooling database to do anything only from the webservers subnet cidr

realDB

Dont forget to edit bind address for database to 0.0.0.0 so our DB can be accessible for our servers

sudo vi /etc/mysql/mysql.conf.d/mysqld.cnf

bind address

WEBSERVERS

Spin up a new REHL 8 ec2 instance in the same subnet as the nfs server

Install NFS client

sudo yum install nfs-utils nfs4-acl-tools -y

Mount /var/www/ and target the NFS server’s export for apps

sudo mkdir /var/www
sudo mount -t nfs -o rw,nosuid <NFS-Server-Private-IP-Address>:/mnt/apps /var/www
Enter fullscreen mode Exit fullscreen mode

mkdirndmount

Use df -h to confirm the mount

mountconfirm

Edit /etc/fstab file

sudo vi /etc/fstab

Add the following to the file setting

<NFS-Server-Private-IP-Address>:/mnt/apps /var/www nfs defaults 0 0

fstabwww

Install Remi’s repository, Apache and PHP

sudo yum install httpd -y

sudo yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm

sudo yum install http://rpms.remirepo.net/enterprise/remi-release-9.rpm

sudo dnf module reset php

sudo dnf module enable php:remi-7.4

sudo dnf install php php-opcache php-gd php-curl php-mysqlnd

sudo systemctl start php-fpm

sudo systemctl enable php-fpm

Sudo setsebool -P httpd_execmem 1
Enter fullscreen mode Exit fullscreen mode

Repeat steps 1-5 for another 2 Web Servers.

Verify that Apache files and directories are available on the Web Server in /var/www and also on the NFS server in /mnt/apps. If you see the same files – it means NFS is mounted correctly.

varwwwconfirm

In our webserver /var/www directory. Run

sudo touch text.txt

touchtxt

touchconfirm

We can see the text.txt file created inside our nfs server /mnt/apps directory. So they are communicating perfectly.

Create directory for apache log and mount it on the /mnt/logs directory of our NFS server

sudo mkdir -p /var/log/httpd

sudo mount -t nfs -o rw,nosuid <NFS-Server-Private-IP-Address>:/mnt/logs /var/log/httpd
Enter fullscreen mode Exit fullscreen mode

logsdirndmount

Edit the /etc/fstab file so that it persists even after reboot

sudo vi /etc/fstab

fstabupdate

Fork the tooling source code from Darey.io Github Account to your Github account.

Download git

sudo yum install git

Clone the repository you forked the project into

git clone <repository link>

Deploy the tooling website’s code to the Webserver. Ensure that the html folder from the repository is deployed to /var/www/html

cd tooling

sudo cp -r html/* /var/www/html/
Enter fullscreen mode Exit fullscreen mode

Open TCP port 80 on the Web Server

If you encounter 403 Error:

check permissions on /var/www/html folder
Disable SELinux sudo setenforce 0
To make this change permanent, open selinux config file and set SELINUX=disabled then restrt httpd.

sudo vi /etc/sysconfig/selinux

Update the website’s configuration to connect to the database

sudo vi /var/www/html/functions.php

newphpconfig

Apply tooling-db.sql script to your database using this command:

mysql -h <databse-private-ip> -u <db-username> -p <db-pasword> < tooling-db.sql

Now we can open our web browser and enter

<webserver-public-ip>

loginpage

Screenshot from 2023-03-14 14-18-32

We have just successfully implemented a web solution for a DevOps team using LAMP stack with remote Database and NFS servers.

Top comments (0)