Category: aws

Moving a backup copy of WordPress over to AWS S3

Post author By Kyle
Post date September 28, 2018

Today I set out to make a complete backup of my WordPress blog, archive of the images and all. I set out to move the backup from my domain host directly into Amazon S3. Eventually, I plan to set a policy within S3 to move the files over to Amazon Glacier for even cheaper storage. We’ll start with the AWS portion, then the WordPress portion.

AWS

I created a new user, me, and then I created a new group, with a new policy–essentially giving myself read, write, and credential creation permissions specifically for S3.

I headed over to S3 and created a new bucket for WordPress backups. I turned on logging, and I turned on encryption for the bucket. One thing I found strange (and I might have this wrong) was that I had to name my bucket something unique relative to all S3 buckets and not just those in my account. So for example, for some reason I had to name my bucket WordPress-s3s3s3 because WordPress and WordPress-s3 were already taken, but not by me.

I went back into Identity and Access Manager (IAM), created myself a new access ID and secret key and was ready to roll.

WordPress

In WordPress I installed the extension BackWPup. I then chose my correct AWS region (after a failed attempt), entered my key ID and secret key, picked my S3 bucket, elected to use encryption, chose a storage type as “rarely access,” to help control costs, and scheduled the job to run. BackWPup allowed me to create a compressed archive and move the file over in 20MB chunks to prevent the transfer from being blocked by the ISP for being too large.

I changed the compression to TarGz after some research and found it offers the fastest compression ratio (though the remaining file is larger). The compression alone has been running a long time – we have several thousand photos in the family blog and over 600 folders so I expect this could take over an hour just to compress. We will see how it goes. I also plan to monitor if I breach the free pricing tier at AWS. The total compressed file size ended up over 34GB!!

Within BackWPup I set WordPress cron to schedule the job to run every month at 3am.

As I’ve said in my previous posts on AWS, I am amazed by the technology. Once getting the permissions up and running, it has worked exceptionally well. The reliability and speed are impressive.

Update

After compressing for about 30 minutes, I’m happy to say the job completed successfully and my backup is sitting safe and sound in S3!

aws ec2 ghost MySQL Projects ProjectSuccess Ubuntu WordPress

Ghost on AWS – success!

Post author By Kyle
Post date September 23, 2018

This is the third and final part of my first foray into AWS. You can read part 1 and part 2. AWS is great. Getting access is secure and easy and you can’t beat free. AWS is incredibly quick at spinning up new instances and once connected over SSH it is extremely fast – it rivals the feel of a local installation – almost no latency for me.

After getting Ubuntu installed, I spent the last few evenings attempting to install Ghost per these instructions. Ghost is still an early work in progress. I had a lot of challenges. For example, the presence of a simple .config file blocked the installation until I deleted it. During the installation, file premissions kept changing between my account and the newly installed Ghost account. This is what ultimately blocked me completely. No amount of chown or chmod adjustment would make Ghost work. I tried every conceivable combination of ownership for /var/www/ghost including my account, the ghost account, and adding both to sudoers. The only thing I stopped short of was changing the ownership to root which just didn’t seem appropriate.

I ended up abandoning my own attempt to install Ghost and instead tried out the Bitnami installation of Ghost. This is a pretty cool capability within AWS – essentially an “app store” with Amazon Machine Images (AMIs) that you can install for free (or purchase). The AMIs are customized for single or multiple needs. In my case, Bitnami created a custom AMI with just Ghost installed. I spun it up and had Ghost running in under five minutes. All configuration worked out of the box – even punching a hole in UFW – Uncomplicated Firewall so you can navigate to the browser right out of the box and Ghost just works. That is pretty cool! It would be great for the Ghost team to launch their own AMI instead of relying on Bitnami. I think Automattic should consider doing the same with WordPress.

Thoughts on Ghost

Ghost is built with a a good value proposition in mind: a more modern and faster architecture than WordPress and keeping the feature set to just the essential. I agree that over time WordPress has developed some bloat – both in terms non-essential features and UI clutter.

Ghost has a few drawbacks that I’m sure the team is working on. For one, the installation process needs to be streamlined. I’m pretty proficient at Linux having over 15 years experience with Ubuntu and I couldn’t get the install to work. There is a wide gap between the installation process for Ghost and the “World Famous” five minute install for WordPress.

The universe of available hosting platforms is very small. I can understand this approach because Ghost is basically betting big on AWS – which makes sense to me. The architecture of Ghost has a few drawbacks in my opinion. For example, to install a new theme you have to reboot the server. Not surprising, but since Ghost is so new, the ecosystem of plugins, themes, and other capabilities is nowhere near the universe of extensions available to WordPress.

In general, the UI and blogging experience is clean and simple, but not remarkably different than WordPress, in my opinion anyway.

A few benefits worth noting. Relative to my current situation, Ghost on AWS allows full control of the server. From a security perspective, this would allow me to control and monitor the entire server and firewall configurations. That moves the responsibility for controls from my hosting provider to me. I would like that. As with all AWS appliances, Ghost has the potential to be a fair bit cheaper than a traditional WordPress blog on a regular domain host – but that depends hugely on the amount of traffic and purpose of the blog.

In total, Ghost is an interesting idea, I really like how it is “designed” for AWS. But the install is too complex, the architecture needs some continuous improvement and the ecosystem needs to keep growing. I would consider this project more frustrating than fun – messing with file permissions over and over not really all that enjoyable! For now I won’t be migrating this blog over to Ghost, but I’ll keep an eye on how the product matures over time.

aws ec2 ghost

More AWS

Post author By Kyle
Post date September 20, 2018

Read Part 1 here. After waiting several hours, AWS was ready. I started with a vanilla instance of Ubuntu 16.04. I didn’t customize it at all–mostly because Amazon limits your configuration choices within the free tier, which makes sense to me. It was amazing to see how much power you could really use. For example, if money was no object, you could choose an instance that would support 72 virtual machines with 512 GB of memory. Read that again, not 512GB of storage, but of actual memory. Which I find truly amazing. For comparison, the most beastly Mac I could customize on Apple.com maxed out at 64GB of memory, almost 9x less than what you can get through AWS.

Amazon offers the ability to create a public/private key pair to secure your virtual machine. I downloaded a copy of my RSA Private Key .pem file and loaded it into my password manager for safekeeping. I set my instance to allow inbound SSH traffic from only my IP.

Then one SSH command and I was in:

ssh -i 'path/to/my/.pem' user@IPv4 address

Once SSH’d in, I created a new user with sudo privileges and the real work to begin installing Ghost can begin.

aws ec2 ghost

First Foray Into AWS

Post author By Kyle
Post date September 18, 2018

Tonight I started the journey into Amazon Web Services (AWS) for the first time. First, I signed up for a personal (free!) EC2 instance. My plan is to install the Ghost blogging platform, add a domain name and DNS. Ghost looks pretty cool. Minimal, fast, and will give me a chance to get more familiar with an open source JavaScript architecture I have not used much: Ember.js, Node.js, and Express.js.

This project will require access to the AWS Command Line (CLI). So the next step was to setup access management within EC2 and create an account with programmatic access which enables an access key ID and secret access key for the AWS API, CLI, and more. AWS has nice features for creating user groups and permission boundaries. I am essentially creating a synthetic root user, so no need to setup these capabilities yet.

Amazon takes up to 24 hours to spin up a new instance…so I wait…more soon.