Learn How To Deploy CentOS 8 On AWS And Install The Cockpit Server Manager.
In the old days, getting a server up and running was a mammoth task as it involved purchasing computing hardware resources and also a long period of time to setup that hardware and install server software. With the advent of cloud computing services, getting a server of any size in almost any part or region of the world can be done with just a few clicks. If you need to quickly deploy a linux based server to run a linux based application, read this tutorial to learn how to deploy CentOS 8 on the AWS cloud platform and manage it using the Cockpit Server Manager. If you prefer to watch a video tutorial on what is outlined here, click on the VIEW YOUTUBE TUTORIAL button below.
In order to complete this tutorial successfully the following items are required. Please ensure to have these items available before taking implimentation action on this tutorial:
1) An internet connection with atleast 1 MBps bandwidth
2) An AWS free tier account
3) An AWS IAM user account with rights to provision and manage AWS instances
4) The Cockpit Server Manager for CentOS 8
1) Sign into the AWS management console using your IAM credentials and open the EC2 management console.
2) Create a new CENTOS 8 instance and be sure to download and save the key pair to a secure or private folder on your computer.
3) Connect to the CENTOS 8 instance, download and install CENTOS 8 updates
4) Install the Cockpit package for CENTOS 8.
5) Add A Rule For Allowing Connections on Port 9090 In The CentOS 8 Instance Security Group.
Step 1: Sign Into AWS And Create A CentOS 8 Instance.
1) Go to aws.amazon.com and click on the “SIGN INTO THE CONSOLE” button on the top right corner of the AWS home page.
On the SIGN IN page, click on the IAM USER option, typing in your 12 digit AWS account ID and click on NEXT.
If you do not have your 12 digit ID, sign in using your root user account, and check for it in the IAM management console.
2) Type in your IAM USERNAME and PASSWORD and click on the SIGN IN button.
3) Once you are signed in, click on SERVICES > EC2 and click on the INSTANCES option. Click on the LAUNCH INSTANCE button to open the AWS instance creation wizard.
On STEP 1: CHOOSE AN AMAZON MACHINE IMAGE (AM), click on the AWS MARKETPLACE tab and search for CENTOS on the top search bar.
4) Proceed by clicking on the SELECT button on the “CENTOS 8 (x86_64) – WITH UPDATE HVM” searh result and click on CONTINUE.
5) The next step and choose an instance type for the CENTOS instance. The instance type that you choose is what determines the amount of compute resources that it runs on and also the AWS charges that you will incur. For example a t3.medium instance will have 2 vCPUs, 2.5 GHz, 4 GiB memory and an EBS only storage volume whilst a t3.micro instance will have 2 vCPUs, 2.5 GHz, 1 GiB memory and an EBS only storage volume.
On STEP 2: CHOOSE AN INSTANCE TYPE click on the t3.micro option that is marked as FREE TIER eligible and click on “REVIEW AND LAUNCH”.
6) On the REVIEW AND LAUNCH page, when you click on the LAUNCH button you will be prompted to create a new key pair or select an existing key pair. Select the CREATE A NEW KEY PAIR option, type in a KEY PAIR NAME and click on DOWNLOAD KEY PAIR.
Click on the LAUNCH INSTANCE button to proceed.
NB: An AWS keypair is what you use to securely connect to an AWS instance. Please ensure that you place the keypair in a secure private folder as well as a backup location such as google drive or microsoft one drive to ensure that you do not lose or misplace your keypair.
Step 2: Change The File Permissions On The Key Pair.
7) If you attempt to connect to the CENTOS EC2 instance without changing the file permissions on the key pair file, you will get the following error message:
@ WARNING: UNPROTECTED PRIVATE KEY FILE! @
Permissions 0644 for ‘BILLYSOFT-CENTOS-KEY-PAIR.pem’ are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Load key “BILLYSOFT-CENTOS-KEY-PAIR.pem”: bad permissions
email@example.com: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
8) To prevent the above mentioned error message from happening the permissions on the key pair file need to be set to read only. If you are using a Mac, open the terminal application and change your working directory to the directory where the key pair is located then run the following command:
chmod 400 YOUR-KEY-PAIR-FILE.pem
9) Next, run the following command to securely connect to the newly deployed CentOS 8 instance:
ssh -i “YOUR-KEY-PAIR-FILE.pem” centos@public-ip-address-of-ec2-instance
Step 3: Download And Install CentOS 8 Updates
10) Next, you will now learn how to check for and install CentOS 8 system and package updates for items such as software packages installed on CentOS 8 and also core items such as the system kernel.
Checking for and installing updates on a regular basis is an essential system administration task as it ensures that your linux system gets much needed system patches and security improvements.
To check for updates run the following command:
sudo yum check-update
11) The above command shows a list of system packages that have updates available. To install an update for a particular system package run the following command:
sudo yum update PACKAGE-NAME
For example, to update the openssl package, run the following command:
sudo yum update openssl
12) To update all CentOS 8 system and application packages run the following command. After the package update process is complete please restart the CentOS 8 instance:
sudo yum update && yum upgrade.
Step 4: Install The Cockpit Server Manager.
13) The Cockpit server manager is a web based application that can be used to manage and monitor almost any linux system all from almost any web browser. It is a Redhat (RHEL) backed project and can be downloaded and used for free.
With cockpit you can manage more that one server and can even jump between the terminal console of each server on demand. If you are on the go or always travelling you can configure cockpit to be accessible from the internet and perfom management tasks on your mobile phone or tablet.
Next, you’ll learn how to install Cockpit version 237 on the CentOS 8 instance.
14) Open your terminal emulation software (i.e putty or MacOS terminal) and connect to CentOS 8 instance then run the following commands one at a time. These will install Extra Packages For Enterprise Linux, update the CentOS 8 system dependancies and reboot the CentOS instance.
1) sudo yum install epel-release
2) sudo yum update
3) sudo reboot
15) Next, run the following command to download and install the Cockpit package:
sudo yum install cockpit
16) Once, installation is complete, start the cockpit service and set it to start automatically at system start up by running these two commands:
1) sudo systemctl start cockpit
2) sudo systemctl enable cockpit.socket
Finally set the CentOS 8 firewall to accept network connection to the Cockpit service by running the following commands:
sudo firewall-cmd –add-service=cockpit
sudo firewall-cmd –add-service=cockpit –permanent
sudo firewall-cmd –reload
Step 5: Add A Rule For Allowing Connections on Port 9090 In The CentOS 8 Instance Security Group
17) By default the CentOS 8 instance only accepts connections on TCP/IP port 22 so as to allow SSH connections. To access the Cockpit web based GUI, add a rule for allowing connection on TCP/IP port 9090 in the CentOS 8 instance security group.
Open the AWS EC2 management console and click on the INSTANCE ID, click on the SECURITY tab, and click on the SECURITY GROUP link. Click on the EDIT INBOUND RULES button and on PORT RANGE type in 9090 and on SOURCE, select 0.0.0.0/0
Click on the SAVE RULES button to apply changes.
Step 6: Open the Cockpit Web GUI.
18) Open a new browser tab, type in https://centos-instance-public-ip-address:9090 in the address bar and press ENTER. Login to Cockpit using any user account that is one the CentOS 8 instance.