Huawei Cloud Yunyao Cloud Server L instance evaluation | Yunyao Cloud Server L instance to build a personal mirror station
- 1. Introduction to Yunyao Cloud Server L Instance
- 2. Introduction to Apache
- 3. Introduction to this practice
- 4. Remotely log in to Huawei Cloud Yaoyun Server L instance
- 5. Install Apache software
- 6. Modify the Apache configuration file
- 7. Visit the personal mirror site web page
- 8. Access control based on account verification
1. Introduction to Yunyao Cloud Server L Instance
1.1 Introduction to Yunyao Cloud Server L instance
Yunyao Cloud Server L instance is a new generation of lightweight application cloud server, specially designed for small and medium-sized enterprises and developers, providing a convenient out-of-box experience. This product provides rich and strictly screened application images and can deploy applications with one click, greatly simplifying the process of customers building e-commerce websites, web applications, applets, learning environments, and various development and testing tasks in the cloud.
1.2 Features of Yunyao Cloud Server L instance
-
Intelligent and non-stuck: Huawei Cloud Qingtian architecture supports software and hardware collaboration combined with AI algorithm intelligent scheduling to provide you with high-quality performance. Huawei Cloud has a global storage and computing network with data transmission latency shorter than the blink of an eye, meeting the high requirements of low network latency scenarios such as games and audio and video.
-
Excellent price, easy to use: super cost-effective, ultra-low threshold, open to use as you like. Multiple instance specifications to balance performance and cost. Technology upgrades optimize cloud costs and benefit more start-ups and developers.
-
It’s easier to get started: order multiple images and resource combinations with one click. A variety of high-quality images have been carefully selected and rigorously tested by Huawei Cloud officials. They cover seven major scenarios and have preset templates, which are quick to build, safe and trustworthy. Automated orchestration, one-click activation of resources, and business online in minutes. Smooth learning curve, wizard-based application construction, and easy application activation.
-
Management is more worry-free: topology, resources, and mirroring are managed visually, and business architecture is transparently managed. Intimate service status reminders, one-click resource renewal and withdrawal, and simplified management. Real-time monitoring of resource load, security, and usage ensures that services are always online. A wide range of optional security services are available, including extensive backup, host security and other services, providing the highest level of security protection.
2. Introduction to Apache
2.1 Introduction to Apache
Apache is a cross-platform web server software, also known as the Apache HTTP server. It is developed and maintained by the Apache Software Foundation, and it can run on various operating systems such as Windows, Linux, Unix, etc. Apache is one of the most popular web servers. It has strong scalability and flexibility and can extend various functions through plug-ins.
2.2 Apache features
-
High reliability and stability: Apache is a stable web server software that can run for a long time without crashing.
-
Easily Extensible: Apache supports a variety of modules and plugins so functionality can be easily extended as per need.
-
Cross-platform: Apache runs on multiple operating systems and therefore can be used in a variety of environments.
-
Flexibility: Apache can be configured for many different uses and needs, including web server, reverse proxy server, load balancer, and more.
-
High performance: Apache can handle a large number of network requests, making it ideal for high-traffic websites.
-
Security: Apache has multiple security features such as SSL/TLS encryption, access control, and protection against malicious attacks.
3. Introduction to this practice
3.1 Introduction to this practice
1. This practice is a personal test learning environment, aiming to quickly deploy applications. Please be cautious in the production environment;
2. This practice environment is a Yunyao Cloud Server L instance, and the application image used is Portainer 2.18.4;
3. Due to the use The application image is Portainer, and the cloud server has automatically deployed the Docker environment;
4. Build a personal mirror station on the Huawei Cloud Yaoyun Server L instance.
3.2 This environmental plan
Server category | Application image | Intranet IP address | Docker version | Portainer version | Operating system version |
---|---|---|---|---|---|
Yunyao cloud server L instance | Docker visualization Portainer | 192.168.0.168 | 24.0.4 | 2.18.4 | Ubuntu 22.04.1 LTS |
4. Remotely log in to Huawei Cloud Yaoyun Server L instance
4.1 Copy the elastic public IP address
Please purchase the Huawei Cloud Server L instance in advance. Since you have purchased it before, you can use it directly. Click to enter the Yunyao Cloud Server L instance management page and copy its elastic public IP address, which will be used later for remote connections and external network access.
4.2 Xshell remote connection server
In the Xshell tool, fill in the server's elastic public IP address, account and password information, and connect to the remote server via ssh.
4.3 Check operating system version
Check the operating system version, the current version is Ubuntu 22.04.1 LTS.
root@hcss-ecs-f91c:~# cat /etc/os-release
PRETTY_NAME="Ubuntu 22.04.1 LTS"
NAME="Ubuntu"
VERSION_ID="22.04"
VERSION="22.04.1 LTS (Jammy Jellyfish)"
VERSION_CODENAME=jammy
ID=ubuntu
ID_LIKE=debian
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
UBUNTU_CODENAME=jammy
4.4 Check system kernel version
Check the current system kernel version. The default version is 5.15.0-60-generic.
root@hcss-ecs-f91c:~# uname -r
5.15.0-60-generic
4.5 Check system system information
Use the neofetch command to display basic information about the current system.
neofetch
5. Install Apache software
5.1 Update software library
Use the following command to update the software library of the ubuntu system.
apt update
5.2 Stop Nginx service
Since Huawei Cloud Yaoyun Server L instance uses the Portainer application image, Nginx has been automatically installed and needs to be stopped. Otherwise, there will be a port 80 conflict.
systemctl stop nginx
systemctl disable nginx
5.3 Install Apache software
Install the Apache software directly.
apt install apache2 -y
5.4 Start the Apache service
Start the Apache service and set it to start automatically at boot.
root@hcss-ecs-f91c:~# systemctl enable --now apache2
Synchronizing state of apache2.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable apache2
5.5 Check Apache service status
Check the Apache service status to ensure that the Apahce service starts normally.
systemctl status apache2
6. Modify the Apache configuration file
6.1 Create web site directory
Create the web site directory /var/www/html/pub and the mirror directory /var/www/web.
mkdir -p /var/www/html/pub
mkdir -p /var/www/web
6.2 Upload image file
Upload the image to the /var/www/web directory and set a soft link.
root@hcss-ecs-f91c:/var/www/web# ls
CentOS-7-x86_64-Minimal-1511.iso
root@hcss-ecs-f91c:/var/www/web#
Set up soft links.
ln -s /var/www/web/ /var/www/html/pub/
6.3 Modify configuration file
Create a new site configuration file. Create a new configuration file using the following command.
cp /etc/apache2/sites-available/000-default.conf /etc/apache2/sites-available/my-site.conf
Modify the apache2.conf file as follows:
vim /etc/apache2/sites-available/my-site.conf
Listen 8011
<VirtualHost *:8011>
ServerAdmin webmaster@localhost
ServerName localhost
DocumentRoot /var/www/html
<Directory /var/www/html/pub>
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
Listen: The command is used to set the listening address and port.
VirtualHost: The * in the instruction means listening on all IP addresses.
ServerAdmin: Directive sets the server administrator's email address.
ServerName: Server domain name
DocumentRoot: Instruction to set the website root directory.
Directory: The configuration in the directive is used to set access permissions for the website directory.
ErrorLog and CustomLog instructions: used to set the log file path. ${APACHE_LOG_DIR} is an environment variable and can be modified according to the actual situation.
6.4 Restart the Apache service
Activate the new site configuration. Use the following command to activate the new site configuration.
a2ensite my-site.conf
Restart the Apache service to make the configuration take effect.
systemctl reload apache2
systemctl restart apache2
6.5 Check Apache service status
Check the Apache service status to ensure that the Apache service starts normally.
root@hcss-ecs-f91c:~# systemctl status apache2
● apache2.service - The Apache HTTP Server
Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled)
Active: active (running) since Thu 2023-09-28 17:34:08 CST; 1min 15s ago
Docs: https://httpd.apache.org/docs/2.4/
Process: 31073 ExecStart=/usr/sbin/apachectl start (code=exited, status=0/SUCCESS)
Main PID: 31078 (apache2)
Tasks: 55 (limit: 2006)
Memory: 4.9M
CPU: 24ms
CGroup: /system.slice/apache2.service
├─31078 /usr/sbin/apache2 -k start
├─31079 /usr/sbin/apache2 -k start
└─31080 /usr/sbin/apache2 -k start
Sep 28 17:34:08 hcss-ecs-f91c systemd[1]: Starting The Apache HTTP Server...
Sep 28 17:34:08 hcss-ecs-f91c apachectl[31076]: AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1. Set the 'ServerName' directiv>
Sep 28 17:34:08 hcss-ecs-f91c systemd[1]: Started The Apache HTTP Server.
6.6 Check the listening port
Check the Apache service listening port 8011 to ensure that port 8011 is listening normally.
root@hcss-ecs-f91c:~# ss -tunlp |grep 8011
tcp LISTEN 0 511 *:8011 *:* users:(("apache2",pid=31080,fd=6),("apache2",pid=31079,fd=6),("apache2",pid=31078,fd=6))
7. Visit the personal mirror site web page
7.1 Release security group ports
Enter the security group management page of Huawei Cloud Yaoyun Server L instance and allow inbound port 8011.
7.2 Access personal mirror site
Access address: http://Elastic public IP address:8011/pub/
7.3 Download image file
Enter the web directory and download the CentOS-7-x86_64-Minimal-1511.iso image file.
8. Access control based on account verification
8.1 Generate password file
Use the following command to generate a password file.
root@hcss-ecs-f91c:~# htpasswd -cm /etc/apache2/.httpasswd jeven
New password:
Re-type new password:
Adding password for user jeven
8.1 Create a personal document directory
If your personal site has its own documents and you want encrypted access, you can use account authentication-based access control.
mkdir -p /var/www/html/mydoc
Create and edit test files for access testing.
root@hcss-ecs-f91c:~# echo "test01" > /var/www/html/mydoc/test01.txt
root@hcss-ecs-f91c:~# echo "test02" > /var/www/html/mydoc/test02.txt
8.2 Edit Apache configuration file
Edit the Apache configuration file as follows:
vim /etc/apache2/sites-available/my-site.conf
Listen 8011
<VirtualHost *:8011>
ServerAdmin webmaster@localhost
ServerName localhost
DocumentRoot /var/www/html
<Directory /var/www/html/pub>
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
<Directory /var/www/html/mydoc>
Options Indexes FollowSymLinks
AuthType Basic
AuthName "Protected Directory"
AuthUserFile /etc/apache2/.httpasswd
Require user jeven
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
8.3 Restart the Apache service
Activate the my-site.conf configuration file and restart the Apache service.
a2ensite my-site.conf
systemctl reload apache2
systemctl restart apache2
8.4 Test access
Access address: http://Elastic public IP address: 8011/mydoc/. I found that I need to enter the account and password for verification before accessing. After entering the account and password just set, I successfully accessed.