Playing around with Host1Plus VPS Hosting

Checking out the VPS hosting with a company called Host1Plus. Their $15/mo plan: 40Gigs disc space, 2048MB RAM, 2 CPUs.

Installed ubuntu-12.10-x86_64 with a button click or two.

They generate a root/password, and when I ssh’d to root@theIPaddress got

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
xx:xx:xx:xx:etc
Please contact your system administrator.
Add correct host key in /Users/mikekilmer/.ssh/known_hosts to get rid of this message.
Offending RSA key in /Users/mikekilmer/.ssh/known_hosts:24
RSA host key for 191.101.14.198 has changed and you have requested strict checking.
Host key verification failed.

Maybe ’cause there’s no security certificate?

Copy output of:

$ ssh-keyscan -t rsa server_ip

And paste into ~/.ssh/known_hosts.

Like this: ssh-keyscan -t rsa server_ip >> ~/.ssh/known_hosts

Now am in. I forget how to create users…

Oh yea,
# useradd mikekilmer
# passwd mikekilmer

Now…
# apt-get update

Lots of E: Some index files failed to download. They have been ignored, or old ones used instead.

# apt-get install git
Reading package lists... Done
Building dependency tree... Done
E: Unable to locate package git

No luck with git-core either. Maybe ’cause headers not installed. Let’s try the Host1Plus help. Answered chat in moments! A female too. Her first recommendation was to run sudo apt-get update. Same result, of course, because I was logged in as root when I ran apt-get update. She ultimately says this needs to be looked at by senior technical support. Please open a ticket. Hmmm.

Couple of hours later tech support got back to me, ubuntu-12.10-x86_64 is no longer supported. Try installing a newer version of the OS. Tried one of the 13 versions. Same error.

Whenever I install a new OS template via the Host1Plus GUI this message pops up in a window:

Failed to reinstall OS: object(Core\Exceptions\NotFoundError)#29 (7) {
  ["message":protected]=>
  string(4) "user"
  ["string":"Exception":private]=>
  string(0) ""
  ["code":protected]=>
  int(0)
  ["file":protected]=>
  string(77) "/home/host1plus/public_html/manage/api/lib/Installer/Services/UserService.php"
  ["line":protected]=>
  int(53)
  ["trace":"Exception":private]=>
  array(1) {
    [0]=>
    array(6) {
      ["file"]=>
      string(69) "/home/host1plus/public_html/manage/modules/servers/ovzp/ovzp_call.php"
      ["line"]=>
      int(218)
      ["function"]=>
      string(4) "load"
      ["class"]=>
      string(30) "Installer\Services\UserService"
      ["type"]=>
      string(2) "->"
      ["args"]=>
      array(1) {
        [0]=>
        object(Installer\Resources\User)#17 (3) {
          ["id":"Installer\Resources\User":private]=>
          int(54063)
          ["email":"Installer\Resources\User":private]=>
          NULL
          ["password":"Installer\Resources\User":private]=>
          NULL
        }
      }
    }
  }
  ["previous":"Exception":private]=>
  NULL
}
success

Then I need to reload the browser window to see OS System. This one works: ubuntu-14.04-x86_64. At least I can update apt. When I ran apt-get upgrade` it installed a mail program.

I don’t have a domain name specified for the server yet, so this may create issues.

Yay. I can install git, too!

When I tried to add ~/.ssh/authorized_keys errors were popping up because no user directory existed. Had forgotten that instead of using the low level useradd, adduser is recommended because it does all that home directory creating for you.

Let’s try installing a simply Rails three application.

sudo apt-get install ruby-full

Let’s go with rbenv instead of RVM.

sudo apt-get install git-core # gotta have git
git clone https://github.com/sstephenson/rbenv.git ~/.rbenv

Put it in the right place (above) and add to path:

echo 'export PATH="$HOME/.rbenv/bin:$PATH"' >> ~/.bashrc

This next command supposedly does something with the “shims” rbenv adds:

echo 'eval "$(rbenv init -)"' >> ~/.bashrc

Restart the shell:

source ~/.bashrc 

Confirm working:

type rbenv

Thanks Digital Ocean

A little more to come and hopefully the fact that I already installed ruby-build won’t create any snags ’cause I’m not in the mood.

git clone https://github.com/sstephenson/ruby-build.git ~/.rbenv/plugins/ruby-build
git clone https://github.com/sstephenson/rbenv-gem-rehash.git ~/.rbenv/plugins/rbenv-gem-rehash
apt-get install build-essential libssl-dev libcurl4-openssl-dev libreadline-dev -y
rbenv install --list

I was going to use Ruby version 1.9.3 and Rails three, but since I’m really just playing with the server here I’m gonna simply follow the tutorial.

rbenv install 2.1.0 -k

Use it globally:

rbenv global 2.1.0

Let’s install some Rails tools:

sudo apt-get install sqlite3 libsqlite3-dev

We need JavaScript runtime and DO is recommending adding NodeJS from Debian Backports:

sudo nano /etc/apt/sources.list

(Whoops need to apt-get install nano)

And append to the file a couple of locations:

deb http://ftp.us.debian.org/debian/ wheezy-backports main
deb-src http://ftp.us.debian.org/debian/ wheezy-backports main

Now make sure we get all the possible package options:

sudo apt-get update

Now we can get Node.js:

sudo apt-get -t wheezy-backports install nodejs

Now we can use gem to install rails:

gem install rails

Twiddle our thumbs for a minute. Take a few deep breaths. Admire our beautiful partner laying in bed.

Parsing the documentation seems to be taking for ever. Or at least the STDOUT has been sitting at Installing ri documentation for rails-4.2.4 for quite a while.

Now we can make a new Rails application:

rails new newrailsapp
rails s

Now I’m supposed to be able to see it at My IP address on port 3000, but

http://191.101.14.198:3000

Isn’t pulling up.

Let’s check out the Host1Plus tech support again…

The friendly person available right away in chat asks if I have opened that port. I had found sudo iptables -A INPUT -p tcp --dport 3000 -j ACCEPT on SO, which he (Mark A) confirmed as correct command to open port 3000 in the firewall (that comes as part of the OS, I guess) as well as sending a link to a detailed explanation and also threw in a telnet command to test if port is open: telnet 191.101.14.198 3000.

Mark A.: Have you added the rule in iptables?
Mark A.: Check using command “iptables -L”
Mark A.: Also save the rule using command “service iptables save”
Mark A.: Try iptables-save
Mark A.: You may restart the iptables service using this command “/etc/init.d/iptables-persistent restart”

That gave some positive output, but with rails server running, still connection refused via telnet and http.

Mark A.: Use this guide to save the iptables rules,
23:09Mark A.: https://wiki.debian.org/iptables
23:09Mark A.: Once it is done. restart the service again.
Mark A.: Okay, then you can save it like “iptables -save > /etc/iptables.up.rules”

Not quite there yet, but close. And tired. Calling it a night. More soon.

Ah. Wait. It seems we need to iptables-save > /etc/iptables/rules.v4. Now the rules are still in place after restart.

Telnet still not working, though and chat support sent me to create a ticket.

Heard back from ticket within three hours:

Make sure that the service is actually listening to port 3000. You can do it by using “netstat -tunap” command, result of which is:


root@191:~# netstat -tunap
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1726/sshd
tcp 0 0 127.0.0.1:3000 0.0.0.0:* LISTEN 6494/ruby
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1685/sendmail: MTA:
tcp 0 0 127.0.0.1:587 0.0.0.0:* LISTEN 1685/sendmail: MTA:
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 1792/apache2
tcp 0 48 191.101.14.198:22 108.205.62.183:63531 ESTABLISHED 8001/1
tcp 0 0 191.101.14.198:22 108.205.62.183:60052 ESTABLISHED 5294/0
tcp 0 0 191.101.14.198:22 43.229.53.57:55916 ESTABLISHED 7999/sshd: root [pr
tcp6 0 0 :::22 :::* LISTEN 1726/sshd

And they recommended disabling iptables for testing. But no commend suggested. Trying:

/etc/init.d/iptables-persistent stop

Output recommended trying

/etc/init.d/iptables-persistent flush

(Which has cleared our rules)

Twelve hours later Level 2 Tech support replied, reminding me of what I should have known, that the rails server binds to 127.0.0.1 by default and you need to run the server like rails s -b 0.0.0.0 to set it to listen on all IP addresses.

So there ya go. An ignorant DevOps guy in the Host1Plus VPS playground. Maybe I’ll develop this rails app into something.

I would still love to know how to disable iptables on debian wheezy, but that may be an adventure for another day.

UPDATE – how awesome – now I know more about iptables thanks to Host1Plus VPS tech support:

It is impossible to stop iptables completely on Ubuntu/Debian distributions, however you can flush all the rules by running following commands:

iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT

But please note that it is not recommended to disable iptables for your server permanently.

Please do not hesitate to contact us if you have any more questions or requests.

Regards,
Nerijus K.
Support Specialist