Production Webserver Series

Initial Server Setup

Now that we've got our server instance up and running with CentOS 6.5 (RHEL 6), there's a few things to check on before proceeding.

Configure & Update

As a first step, after logging in, lets update the server packages with $ yum update -y. Next, change your root password with $ passwd.

There are lots of other things you should be doing at this point which will be covered in the Security section of this series. This includes things like:

  • Creating a user account,
  • Setting up SSH keys,
  • Disabling remote root login,
  • Setting up a firewall,
  • Changing to a non-standard SSH port,
  • Enabling SELinux.

Although this section alone will get you up and running, it's recommended that you take a look through the Security section of this series afterwards.

Handling Dates

This is often an overlooked step that can potentially come back bite you in the future. It's possible that the system clock can progressively divert from the real time. For things like time-sensitive cron jobs, or sites with features like auction end times, it's a crucial step. To do this, we use the ntp package:


# Install ntp. $ yum install ntp ntpdate ntp-doc -y # Make sure it runs on startup. $ chkconfig ntpd on # Choose the pool to get the time from. $ ntpdate pool.ntp.org # Start the service $ service ntpd start

It's possible that your clock could already be off, and if so ntp will report the correction.

That's it! Your system clock will now automatically stay in sync.

Swap Space

Swap space is a reserved place on the disk that gets used when your system memory gets low or runs out. In a perfect world, we would never need it, as it's much slower than memory.

People have different opinions of swap space, but I like having it as a backup. Ideally we will set it up but it will only get used in an emergency.

A lot of hosting providers do not create swap space for you by default. For example, Digital Ocean says that it degrades the drives, as SSDs can only be written so many times.

First, let's check if we have a swap: $ free -m. This command will show you an overview of your system memory, and should look something like this:


total used free shared buffers cached Mem: 7999 7770 228 0 168 981 -/+ buffers/cache: 6621 1377 Swap: 0 0 0

If the last line under Swap is non-zero, then you already have swap. Otherwise, we can create it as follows:


# Write zeros to a file (this is 2gb). $ dd if=/dev/zero of=/swapfile bs=1024 count=2000000 # Specify that file as a swapfile. $ mkswap /swapfile # Turn on the swap. $ swapon /swapfile # Check if it worked. $ free -m

If the output of free now has non-zero for Swap, we're in business. Let's add it to fstab so it's active on startup. Open up your fstab file $ vi /etc/fstab and add the following line:

/swapfile swap swap defaults 0 0

The last thing to do is decide on swapiness. This setting determines how often to use the swap space, with 0 being rarely and 100 being frequently. Check your swapiness with $ cat /proc/sys/vm/swapiness.

Swap space, being on disk, is much slower than RAM. You can decide on your swapiness, but 10-30 is often a good value.

  • $ sysctl vm.swapiness=10
  • $ vi /etc/sysctl.conf and set / add vm.swapiness = 10

Conclusion

Now that we've completed the mundane update tasks, it's time to move on to installing the meat of the web server.