How to create WordPress in AWS

I’ve enjoyed the self challenge of creating a blog a week, especially for Blogtober. This will be my fifth blog. If you don’t know what Blogtober is, it’s a community driven challenge to produce five articles in the month of October. I’ve struggled with this last one. I don’t know if it’s the extra added pressure, or if it’s because I have a deadline. In all, it’s been fun to have the extra community help pushing me with a side of peer pressure. Some great content has been produced, and others have published more than the five articles required.

I enjoy expanding my boundaries and meeting challenges. I feel blogging has helped me meet more people, but also has helped me get real hands on experience with AWS. I started by taking the self passed classes by Before ever taking the class, I kept procrastinating on creating a blog. I didn’t know, with, the end project would be standing up a fully functional WordPress site.

I want others to expand their boundaries, but to gain the experience of working inside of some kind of cloud platform. The public cloud is not going away and it’s a new tool systems administrators should start experimenting with. My goal for this last #Blogtober blog will be to show others how to standup their own WordPress site.

Create an Account

Sometimes the hardest part turns out to be the easiest. In order to gain access to the one year free of AWS, you need to create an account. To get started all you need an email address, phone, and a credit card. I’m not going to show you how to do this step because it’s a simple process that follows other free sign ups. If you need extra help, here‘s a link to get you started. Here’s also the link to create you free AWS Account.

Getting Started with Identity and Access Management (IAM)

This topic is serious. An entire blog can be written on this topic and still not cover everything. I’m sorry to say, I will not be covering this area in much detail. My purpose is to help you get a blog up and running as quickly as possible. The one takeaway from IAM is configure Multi-Factor Authentication (MFA). That phone you used previously, make sure that’s your personal device and tie it to the root account. I use the Google Authenticator to get into my account. If you want to read about your options with MFA, read here.

If you build it they will come

Now that we have created our root account and have protected with two-factor, now let’s create that WordPress site. After you’ve logged in, AWS will dump into the services page. Go ahead and look around. There are a lot of services AWS provides. The one we want to focus in on is EC2 which is under the Compute Service.

Once in the EC2 Dashboard, click on the Launch Instance button. It’s hard to miss, it’s the big blue one in the middle.

When I was taking the class, they had us create the site entirely by hand. When you’re learning the fundamentals, this is a great way to learn new material. Not today. Speed is our focus. On the left hand side, under Quick Start, select AWS Marketplace. The AWS Marketplace is where you can sell or buy software that runs on AWS! If you look through the catalog there’s a lot being offered from well known vendors like Cisco, Splunk, and Palo Alto.

Search for WordPress. Look for the AMI that has “WordPress Certified by Bitnami“. Click on Select on the right.

Step 1: Choose an Amazon Machine Instance (AMI)
The charges associated with the AMI are if you go outside of the T2.micro instance. I found an article by Amazon that says if you’re on the free tier you will not be charged. When I stood up this AMI, I have not seen a charge to my account even though I had it up for less than hour. So, watch your charges after you stand up this AMI.

Scroll to the bottom and click Continue.

Step 2: Choose an Instance type
Please be sure to select t2.micro and it says Fee Tier Eligible. Click on Next: Configure Instance Details.

Step 3: Configure Instance Defaults
Keep all the defaults at this point. Click Next: Add Storage.

Step 4: Add Storage
Keep the storage default at 10GB and using a General Purpose SSD (GP2). Click Next: Add Tags.

Step 5: Add Tags
Put in a tag. I put in Name and WordPress demo for the Key:Value. Click Next: Configure Security Group.

Step 6: Configure Security Group
You can use other security groups if you have them, but I’m assuming you don’t. Plus, remember speed. Keep all the defaults. The biggest three items that need to be opened are ports 22 (SSH), 80 (HTTP), and 443 (HTTPS). Click Review and Launch

Step 7: Review Instance Launch
Review the instance and if everything looks good, click on Launch.

Select an existing key pay or create a new key pair
This last step creates a key value pair so you can SSH into your instance if needed. When you’re manually configuring AWS AMIs, this is always a last step. Make sure you keep track of your private keys! Click Launch Instances

Give you newly created instance a few minutes to initialize. It took mine about three minutes to go from Initializing to running. To view the instance click on Instances under Instances in the EC2 dashboard.

Once the image is running, find the public IP address. Highlight the instance and below in the Description tab you will see the public IP address AWS has given the instance. Open up a web browser and hit the IP. If all went well, you will see your new blog!

It is a default configured WordPress site. If you want to modify the look or add plugins you’ll need the admin account and password. If you go back to your AWS EC2 instances, highlight the instance, and select Actions>Instance Settings>Get System Log.

Scroll near the bottom and look for the text that says:
#   Setting Bitnami Application password to ‘1234ABCD’ #
This is the password to get admin rights into the WordPress site.


Go to http:\\public-ip\admin. Put in user and the password from above.

Final Thoughts

Once the site is up and running, you might want to go out and register a domain name. No one wants to type in a public IP address. Once you have registered and pointed DNS to your public IP, you can now start producing content and join with community. See you at next year’s #Blogtober.

#Blogtober 3 – Free Stuff

Who doesn’t like free stuff? You could say I’ve been known to not let the purse strings loose very often. When it comes to technology, why should I? There’s a lot of great software out there that enterprise vendors offer for free. Well…nothing is truly free right? Some of the vendors may require you to sign up, which means giving them your contact information.

I tried to put together a list of different technologies that I have used in the past, or seen others on social media recommend. Most of the software listed can be downloaded with submitting your contact information. I know there’s a debate at times about home labs moving to the cloud, but how would you be able to play around with all this free stuff if you don’t have the equipment?

I’ve been reading @vmiss33 book, “How to become and IT architect” and in the books she’s organized IT architecture into eight different categories. I tried to organize my list according to those categories. There is some overlap. My criteria was I wanted software that was easily downloadable and had a long trial period of 90 days or greater. I get busy and time slips away and I need longer trials, 30 days doesn’t cut it. Please take a look and let me know what you think.

Server and ComputeNutanix CECommunity Edition of Nutanx. Requires community login.
Nexenta CECommunity Edition of Nexenta. Requires login
Virtualization and Virtual MachinesVMUG AdvantageThis one is an exception. It costs $200 but you get access to 13 different VMware products. To see listing, click here
Amazon AWS Free TierGain exposure to AWS services like EC2, S3, others for 1 year free. Click here
Oracle VM VirtualboxType II hypervsior. You can download and use on host OS like Windows or Linux.
NetworkKemp LoadMaster FreeFree network load balancer that's limited to 20Mbps throughput.
GNS3 Network EmulatorUsed to emulate network devices and to create topologies. Account is required.
WANemWAN emulator to control WAN experience. Great for testing apps over WAN connection. Open Source = Free
StorageEMC ScaleIO FreeSoftware defined storage that can be installed on a range of hpervisors. This software is free for unlimited time, without capacity restrictions. Registration is required.
HPE StoreVirtual VSA 1TBInstall on any server by any vendor. Turns server capacity into shared storage array, up to 1 TB. Good for 3 years. Registration required.
NetApp ONTAP SimNetApp ONTAP simulator. Only available for customers and partners.
XpenologyTurns any old computer into a Synology DS3615 model. Great OS to create an iSCSI target. Images are based on the GNU Open Source license. Free and no limits.
ApplicationsSpiceworksFreeware that's used for help desk, network inventory, monitoring and troubleshooting. Amazing what this product can do.
OpVizor FreeGreat tool to get introduced to Slack and OpBot. Use to monitor and manage VMs in vSphere.
RVToolsTool used to display information about your VMware environments. Supports a range of hosts and vCenters. Free to download.
uberAgentAgent to gather information about user performance in physical world as well as VDI environments. Fully functional, but displays splash screen at logon.
ControlUp Login SimulatorSimulate how a user logs into a Citrix environment. Logins can be repeated. Free to use. Need contact information.
VMware OS OptimizerVMware Fling to optimize operating system. Free to download.
Backup and RecoveryVeeam FreeFree for in a pinch instance to backup, restore VM. Used in VMware and Hyper-V envrionments.
Business Continuity and Disaster RecoverySpiceworksFreeware that's used for help desk, network inventory, monitoring and troubleshooting. Amazing what this product can do.
TurbonomicVirtual Health Monitor is a free virtualization monitoring and reporting tool fro VMware, Hyper-V, RHEV, and XenServer. Free and unlimited. Need to register.
PRTG 100Monitor network, devices, and applications for free. Limited up to 100 devices. No software restrictions.
SecuritypfSense CEFree, open source stateful packet filtering firewall and router.
Sophos XG Home EditionAnti-virus and anti-malware that's free for home use license. You will need to register.
Avast Machine LearningSolid anti-virus with machine learning behavior monitoring. Free to use.
BitdefenderCloud base AV. Free to use.

If you have software that you enjoy and want to share, I will be more than happy to update my list.

#Blogtober No.2 – Crowdsourcing Mentorship

I’ve been thinking about the direction of my career for a few years now and how to keep progressing. One of the keys to progressing is finding a mentor. I’ve listened to conferences, podcasts, and social media and everyone agrees that finding a mentor is a great way to sharpen both technical skills and soft skills. I even did a quick poll and 86% would agree, mentors are good to have around.

But how do you find a  mentor? Some companies offer internal mentorships and have high profile people available for staff to shadow and ask questions. What if your company doesn’t offer such a benefit? I live in a small community and finding my ideal mentor feels like a struggle at times. My ideal mentor is someone who has held a chief level position and has traveled the road of an IT engineer. There aren’t a lot of these types of people in my community. Do I need only one mentor? Why can’t I have multiple mentors? That’s why I’ve relied on Twitter and other social media channels to fill this gap. Can you crowdsource your ideal mentor? I believe you can and it might be better than having just one mentor.

I think one of the many reasons I use Twitter as my source of mentorship is because I get to pick and choose who I want to follow. We normally can’t do this in life. We can’t pick our family and we can’t choose who we work with. On Twitter, I get to follow top influencers in my industry and get to read about their viewpoints, understand their thought process, know what they are reading, get a glimpse of the type of work they are doing and see who they are following and who influences them. With this medium, I feel my mentors are an arms reach away. I can ask them anything. It’s up to them to reply. It might not be the coffee invite that others say we need, but it’s pretty darn close.

But, Twitter is only good for 140 characters. At times, conversations are hard to follow. This has led me to find other media like podcasts. The majority of the podcasts I listen to I first heard about on Twitter…go figure. The very first podcast that I listened to was probably The Geek Whisperers. I found a retweet talking about how great the show was and I figured if this person’s listening to it, so should I.

Since following The Geek Whisperers, my podcast list has exploded. My list of podcasts ranges from super technical conversations to career focusing discussions to sharpening soft skills. I like podcasts because I get to hear the voices behind a lot of the personas that I follow. I get to hear their stories and understand what separates them from other engineers. To know that we all start at the beginning and it’s up to us and our initiatives to take our careers to that next level. I enjoy hearing their stories and having a checklist in my head comparing myself to them. Once my checklist has stopped, I listen to what the person did from that point forward. Listening, taking detailed notes, isn’t this what we do with mentors? Listen, take notes, and compare our story with theirs?

It might sound like I don’t believe in interacting face-to-face with a mentor. This is not true. I believe we need to interact with mentors, but some of us may not have direct access to these people. There are so many different avenues anyone in IT can take, it’s a tall order for any single mentor to fill. Instead, we can learn from everyone and pick out the nuggets of information from a wide range of people, like crowdsourcing 🙂

My mentor has been the body of the experiences and knowledge that I’ve received from a number of people. Not from a single individual. I’m learning from the people that I work with, the people I follow on social media, and those I listen to on podcasts while cutting grass. I crowdsource my mentors.

#Blogtober 1 – Don’t Pester With My Vester

Don’t you hate it, when someone comes into your organization and tells you the environment is not consistent, or the environment is not configure correctly? That’s a small hit to the gut. This recently happened to me. An outside consulting group came in and reported some inconsistencies with our VMware environment. The report showed some hosts with NTP turned off, some hosts with SSH service turned on, and some VMs with old snapshots. Our environment has exploded and it’s been hard to keep up with the explosion. We needed a way to configure the environment the way we wanted it to be configured.

This reminded me of a session Chris Wahl did back at VMworld 2016. Chris talked about an Open Source project that he started called, Vester (here). The administrator can tell Vester how the environment should look. The admin can configure HA, DRS, VMhost services, even get down to the VM level and remove attached ISOs. This might sound like host profiles, but “why use the system to monitor itself.” This resonated with me, partly because we weren’t having much luck with host profiles. You should have a component outside the environment looking for changes, not the system monitoring itself.

This gave me the perfect opportunity to dive into Vester. Since Chris’s release, he’s since moved on and Brian Blake has taken over. Brian has released a very good youtube video, a walk through blog, and even gave a quick overview on the vBrownBag stage at VMworld 2017 (here).

Getting Started

One of the nicest things about Vester, is that it’s all PowerShell base. My comfort level has increased with PowerShell over the last year, so that’s why I found Vester so attractive. There are other options, including vSphereDSC, but I wanted something I didn’t have to invest a lot of time researching something new.

The easiest way to get started with Vester is to use the PowerShell Gallery plugin and run Install-Module -Name Vester. Wait for the necessary bits to download and open your favorite PowerShell editor. Once the necessary components have been downloaded (Pester and PowerCLI), create a .ps1 file and copy the following components into that .ps1.

# Your vCenter server
$vCenter = ''

Install-Module Vester
Import-Module Vester
# Module requirements "Pester" & "VMware.VimAutomation.Core" automatically load into the session

# Do you care about Distributed Switches?
# PowerCLI doesn't do implicit module loading yet, so manually import any other needed modules
Import-Module VMware.VimAutomation.Vds

Connect-VIServer $vCenter

# Help is available:
Get-Help about_Vester
Get-Help New-VesterConfig
Get-Help Invoke-Vester

Generate JSON File

Before creating the first JSON file, be sure to have a cluster, host, or virtual machine in the end desired state. For example, I made sure one of our VM hosts had NTP turned on, pointed to the correct NTP server, and turned off SSH.

Once you have the .ps1 with the code copied to it, you are ready to generate your first JSON file. Run the NewVester-Config cmdlet, follow the prompts, and point it to a VMhost in a Cluster in an end desired state and it will create a new config.JSON file located under \Config folder. The generated JSON file is what Vester relies on to configure and set your Cluster/Hosts/vCenter/Networking/VMs consistently across the board. It’s essentially the map of settings on how you want the environment configured.

Testing Vester

Now that we have the map (JSON) created, we need to test it against the environment. This is where we see how close things are set to our desired end state. The command to run is Invoke-Vester. This command will use the default location of the config.json file and compare the rest of the objects in the environment against it. No changes to the environment occur at this time, we’re only comparing, so you get a sense of what will change with the next command.



This is where things get fun! We are going to change the environment to the state you’ve configured in the config.json file. The command is simple but powerful, Invoke-Vester -Remediate. If you’re nervous, I was the first time running, you can follow the command up with –Whatif. Once you’ve issued the command with the –Whatif and you like what you see, remove the –Whatif switch and watch your environment be set the way you want it to be configured. After running Vester and knowing my environment is configured consistently across the board, it really gave me the sense of this Infrastructure as Code ideology I’ve been reading about. I can use a flat file (json file) that any engineer or manager can read and know exactly how the environment is configured.

Wait, There’s More

Not all environments are created equal. We have a few clusters in our environment, like Test vs Prod, that needed to be set differently between each other. Vester tackles this issue as well. Using invoke-Vester -Config .\name.json will allow you to run specific config files so each cluster/environment can have its own desired end state.

Invoke-Vester -Config TestCluster.json
Invoke-Vester -Config ProdCluster.json

You can generate a new config file using the code below, but since the JSON file can be opened up in any text editor, I chose to copy and edit the copied version to the states that matched the environment. It’s up to you, but nice Vester gives us options.

New-VesterConfig -Output "C:\newConfig"

The project covers a lot of your basic configurations, but I have found a couple of things that I would like to have added, like check round robin SATP rules. The best part of Open Source, YOU can make this happen. Brian has given a great part 3 series to the blog about how anyone can contribute. I have yet to adventure down this path, but figure the more I rely on Vester, the more I should contribute. So, keep your eyes peeled for my git request.


This was one of the first Open Source infrastructure projects I’ve used. I was nervous and used extreme caution before running in my production environment. After I got over the fear and saw Vester run without causing issues, I wanted to automate and code more things. To know my clusters, hosts, and VMs were configured exactly how I wanted them. No more outside people telling me the environment is inconsistent. I’m understanding this Infrastructure as Code movement and I’ve seen the power first hand.

Smell that? It’s Pumpkin Spice and #Blogtober in the air

I’ve always wanted to blog, but I was never able to push myself past that finish line. I could always come up with content in my head, but didn’t have anywhere to write it. I used this as an excuse for a long time. My blog came along slowly and in pieces.

My wife was doing a project late last year and needed some domain names purchased. While I was registering, I figured I should look up To my amazement it was available (no one else wanted it)! So I went a head and purchased the domain. Why theaaronstrong you might ask? Because it matches my twitter handle, duh 🙂

I always seemed to worry about the technology portion of the blog. Where to put it. Do I host it at my house? Do I want another computer to maintain? What about backing this thing up? What about updates? It wasn’t until I started taking my AWS Solutions Architect Associate from The last project has students standing up a wordpress site from scratch using a T2 micro and using S3 for images and configuration backups. By the end of the class, you have a fully functional blog.

So, I tied my domain name to the my working blog and here we are today. I’ve enjoyed writing thus far and pushing myself to write something new each week. I saw Matt Heldstab (@mattheldstab ) tweet out a message after VMworld asking for volunteers to participate in his #Blogtober initiative. The idea is help push people into blogging, get more exposure among their peers, and to help push them into the vExpert community.

The objective is to write five write articles in the month of October. I figured since I’m writing about four a month, what’s one more. There are currently 33 other individuals who have volunteered, and some of these people I respect within the community so the pressure is on. I want to produce good content over the next month and I’m looking for some input from you. Please comment on what technologies you’d be interested in reading about, and I’ll do my best to research the topic.