Recent changes under the hood

Submitted by loonyadmin on Wed, 11/23/2016 - 17:29

I have made some changes to Loony Information under the hood, of which I want to tell you about.

The first change is  that I do not use Bitnami AMIs anymore to update the OS layer of my AWS instance which is responsible for loony.info. Last weekend I was able to get together an Ubuntu 16.04 LTS AMI with all the components I had with the Bitnami AMI. The only thing I had to give up was http/2 due to the fact that Ubuntu does not include it in their Apache package. Due to the change to Ubuntu 16.04 LTS I also went from MySQL 5.6 to 5.7 and from PHP 5.6 to PHP 7. Due to PHP7 I had to remove some modules incompatible with PHP7, but that's a minor change and only I myself will be affected by this change.

The big advantage I got by leaving Bitnami AMIs behind is that I don't have to switch instances when doing an update of the OS components. The update may be done by a cronjob and I don't have to care aboput anymore. It's just done for me.

The second change I made was that I also enabled the Ubuntu firewall (ufw) on my instance. Due to the AWS  Security Groups I wasn't forced to do it. But double stays better and this way the instance has also it's own firewall, independent of AWS. So I enabled this Ubuntu feature.

The third change I made is that I encrypted the volume used by the instance which powers this website by using AWS Key Management System. Due to my decision to keep the database within the instance and not use AWS RDS  I made this change to make sure that nobody is able to extract any data from the volume. I made some perfomance tests and the encryption has no visible impact on the performance of the website, so I think it's a good thing.

As you may see from these changes. This sandbox is alive, and I'm still working and playing with it, allthough not all changes are visible to the outer world.

Stay loony, stay happy!