L09: Production

How to setup a production server, specifically to solve the Assignment 3.

Introduction

In the following text and demo videos we will go through how to work with our own private cloud. All student will get an own Linux virtual server to use as a production server for your web application. The severs will be taken down after the examination.

The recommendation is to follow along in this exercise before you start working on the examination assignments.

NOTE. The computer you have access to is publicly reachable over the Internet. You are only allowed to use this machine for the purposes described in this course. You are not allowed to use the machine for private projects.

NOTE. The SSH-key you have received (through GitLab) should be considered a secret, and it is important that you do not send it to a third party or show the key in any online streams.

VPN (Virtual Private Network)

To protect the machines from attacks, CSCloud is hidden behind a firewall. To be able to access CSCloud from outside of the university network you will need to connect through a VPN. Make sure you connect through the VPN when trying to connect to CSCloud.

Guide for connecting to the VPN

What to do

This is a brief list of things that this exercise will process. You can, if you like, try to do it by your self by reading the documentation, or by follow along in the recordings.

1. Connect to your cloud server

   1. Download the SSH-key
   2. Connect to the server using SSH (over VPN)

2. Update the server and install:

   1. npm and node

3. Configure NGINX to serve as a proxy for your applications

4. Add HTTPS support using Lets Encrypt

5. Enable HTTP2

6. Add a Process Manager

7. Get the code to the server

Lets take it stepp by step.

Step 1 - Connect to your server

First of all you need to download the SSH-key from Gitlab. You find the file in a project called "Secrets" in your course. There you will also find all details needed to connect to your server.

Do not forget that you need to be connected to LNU VPN.

Useful commands

Step 2 - Update, Upgrade and install Node and NPM

Now you can login to your server and update and upgrade it with the latest software distribution. You can then proceed to install Node and npm.

Useful links

• Node.js - Installation

Useful commands

Step 3 - Configure NGINX

Install and configure NGINX to serve as a proxy for your applications.

Useful links

• Nginx - Installation

Useful commands

Tip Useful terminal texteditors to view and edit configuration files are vim and nano.

Template

The following can act as a template to get applications up and running in the course. Pay extra attention to the / on the first and second line.

Step 4 - Add TLS (HTTPS)

NOTE. Since Lets Encrypt has a rate limit of 50 certificates per week and domain (lnu.se) we might reach the limits from time to time. I that happens please notify in Slack. The only thing to do then is to wait for the limit to be reset.

Useful links

• Lets Encrypt
• CertBot

Useful commands

Tip Optional learn to use a terminal multiplexor like tmux or screen. You will then be able to save your terminal session at the server and connect to it on next login.

Step 5 - Enable HTTP2

Want to activate HTTP2 on your site? We configure this in NGINX.

Step 6 - Process Manager, PM2

In this step we will make sure our applications keeps on running on our server using a process manager.

Useful commands

Step 7 - Getting the code to the server

Now, how do we get the code to the production server? There are several ways, for example using rsync over ssh, secure file copy (sftp), FileZilla or VSCode.

In the recording I did not succeed copying all files from a directory. This can be done using *:

Useful links

• How To Copy Files With Rsync Over SSH
• SCP man
• FileZilla
• VSCode - Remote SSH

Step 8 - Executing docker containers at the server

In this step we will be looking at running applications on our CSCloud machine using docker. This is an optional step.

Install Docker

Start by installing docker on you server. You can follow this guide.

Choose: "Install using repository" for processor “x86_64 / amd64"

Make docker to run as the ubuntu user and not the root user.

You need to logout and login to use the updated settings.

You can now run docker commands on your server, for example a mongodb server.

Step 10 - Troubleshooting

Here are some bullet points to help you when troubleshoot:

• Check that the port in the NGINX config is the same as the environment variable PORT.

• Have you restarded NGINX after doing a configuration change?

• What errors are node reporting?

• Is the docker container running?

• Have you restarted pm2 after you copied in updated code?

• How many docker instances are running? If to many the machine may run out of memory and Docker will randomly shut down running instances.

• To ease troubleshooting you can set NODE_ENV=development instead of NODE_ENV=production. You will then the error messages instead of 500. Change back to production when it works.

Resources

Review these resources and use them whenever useful.

Howto Linux.

• If you feel the need of learning more about Linux (commands, tools, bash scripting and so on) there is a Linux learning object available.

About a production server.

• Hands-on tips about how to configure Node.js and Express.js for production
• Tips on how to setup Node/Express server.

How to bring your code into production.

• Focusing on the bigger picture of taking code to production.