Wow. Take Windows Server 2008 Server Core + PHP + IIS7 + MySQL + WordPress, mix them together, will they blend well and work out as a nice concoction? Matty challenged me to this blend, and guess what, we have a powerful cocktail to offer after all!
I scuffled around to see if anyone had come up with this powerful blend. Surprisingly, no one offered it on Server Core. There are bits and pieces everywhere, but none quite fit the blend we needed. I then decided to take up Matty’s challenge and come up with one.
With my buddy Matty, we decided to take a spin for it (He challenged me to it). The whole ordeal was over in a day and we finally got it working. Thanks to another great pal in the next cube, Chris Ismael (Interop Expert).
Alright, here is the story on my adventure.
The Hardware
Matty brought me his machine for the adventure. A cool looking machine with a red glow. Deserves some mention because he sponsored this equipment to mess with. It is a Dell XPS. But it is more like desktop replacement than a laptop. ;-) It is powered by an Intel Core2DUO 2GHz with 4GB of ram. In this adventure, a Server Core installation took a mere 4 minutes to complete on this beast.
Windows Virtualization
I chose to do my adventure using Virtualization technology. I loaded a Windows 2008 x64 onto the Dell machine and installed the Virtualization server role. Using virtualization allows me to take snap shots in time. This will allow me to revert back to a previous time in seconds. So for example, if I crash and made a grave mistake, I do not have to redo or try figure out what to undo. Windows Server Virtualization is definitely a technology every one serious in optimizing the data centre should take a serious thought about it.
The Ordeal Begins
Alright, let’s get to our stuff and begin our adventure.
I will take you through Server Core, IIS7 with FastCGI, PHP, MySQL and WordPress. The rest are on your own. Seriously, there is nothing else apart from learning how to use WordPress. ;-)
Getting Server Core onto the Network
You will setup Server Core the same way as you setup a typical Windows server, except you select “Core” installation. The first thing Server Core will get you to do is force you to change your admin password.
A Server Core in Windows Server Virtualization (WSV) will not have any network card installed. We will need to install Integration Services into the Virtual Machine (VM). By the way, my tests so far, WSV allows my VMs to run 3 times faster than on Virtual Server 2005 R2.
Here are some tasks you need to get over;
1. Install Integration Services (Skip this if you’re not using WSV)
On the VM Connection Window, Click on Action -> Insert Integration Services Setup Disk or Hit Ctrl+I. This step loads vmguest.iso onto the VM’s DVD Drive and lets you access the ISO contents. In this case, the Integration Services.
Auto run won't happen. So you need to execute “<DRIVE>:\support\x86\ and execute setup.exe”
You will be prompted to reboot twice, go ahead.
This will load up the smooth mouse integration, NICs bla bla.. I'll save the details. Let’s move on.
2. Verifying NIC and IPConfig
If you have a DHCP server running on the network, you can skip this unless you want to use static IP configuration
To fix an IP Address;
netsh interface ipv4 set address name=”Local Area Connection” source=static address=<IPADDRESS> mask=<255.255.255.0> gateway=<GatewayIP>
To add a DNS Server entry;
netsh interface ipv4 add dnsserver name="Local Area Connection" address-<IPAddress of DNS>
3. Changing the Computer Name & Joining a Domain if needed
Find out the current hostname: "hostname" (Take note of it)
To change the computer name:
netdom renamecomputer <Current Computer name> /NewName:<NewComputerName>
To join the domain (if you need to, Server Core and be in workgroup mode):
netdom join <ComputerName> /domain:<DomainName> /Userd:<UserName> /passwordd: *
4. Opening an Exception for MySQL
netsh firewall add portopening tcp 3306 "MySQL"
This step prevents a setup error in MySQL later.
You need to reboot at this stage to take effect: shutdown /r /t 0
5. Activation of Windows Server Core
If you are connected to Internet: slmgr.vbs –ato
Else to use phone activation:
slmgr.vbs –dti (Displays the Installation ID to be given to Microsoft)
slmgr.vbs –ato <ConfirmationID> (Activates server using Confirmation ID given by Microsoft)
Loading IIS 7.0 with FastCGI
This is where Microsoft has placed lots of focus on making IIS 7.0 highly secure, highly modular and highly interoperable. For more details on the installation commands, you may visit this web page for installation tips.
For this adventure, I will install the minimum required. I used the following command;
start /w pkgmgr /iu:IIS-WebServerRole;WAS-WindowsActivationService;WAS-ProcessModel;IIS-CGI
To verify the installation, use this command “oclist” and verify the installation.
Loading PHP
Reference: Using Fast CGI to Host PHP Applications on IIS7
Download: Non-Thread Safe PHP 5.2.1
Extract contents of downloaded files onto c:\php\
Updating the PHP.INI File
- Copy c:\php\php.ini-recommended c:\php\php.ini
- Notepad c:\php\php.ini
- Change: extension_dir=”c:\php\ext”
- Uncomment: extension=php_mysql.dll
- Add: Extension=php_gd.dll
- Save the file php.ini and exit notepad
Creating PHP Handler in IIS 7.0
Reference: Using Fast-CGI to Host PHP Applications on IIS7
appcmd set config /section:system.webServer/fastCGI /+[fullPath='c:\php\php-cgi.exe']
appcmd set config /section:system.webServer/handlers /+[name='PHP-FastCGI',path='*.php',verb='*',modules='FastCgiModule',scriptProcessor='c:\php\php-cgi.exe',resourceType='Either']
Setting Default Document to index.php
appcmd set config "Default web site" /section:defaultDocument /enabled:true
appcmd set config "Default Web Site" /section:defaultDocument /+files.[value='index.php']
Loading MySQL
Download: MySQL 5.0.45
This is the only section where you will encounter a GUI setup. ;-) Enjoy.
Running the Setup:
Execute the file, mysql-essential-5.0.45-win32.msi
At Welcome, Click next
Select Typical, Click next
Click Install, Next all the way and Finish.
Instance Configuration will now begin:
At Welcome, Click next
Select Standard Configuration, Click next
Select Install as Windows Service, Click next
Specify the root password and Click next
Click Execute and Finish
Creating a MySQL Database
Reference: PHP on IIS7.0 Wordpress
Execute “c:\Program Files\MySQL\MySQL Server 5.0\bin\mysql.exe –u root –p”
Key in your root password specified earlier.
mysql> create database wordpress;
mysql> grant all privileges on wordpress.* to ‘wordpress’@’%’ identified by ‘password’;
Loading Wordpress
Reference: PHP Applications on IIS7 - Wordpress
Download: WordPress
Extract the download file’s contents into c:\inetpub\wwwroot\wordpress\
Next make a copy of the WordPress Configuration Sample file;
cd c:\inetpub\wwwroot\wordpress
copy wp-config-sample.php wp-config.php
Edit wp-config.php
We need to modify the wp-config.php to reflect the right UserID, Password, MySQL Database Name and server. So we need to modify these 4 attributes to reflect what we have setup so far; DB_NAME, DB_USER, DB_PASSWORD, DB_HOST
// ** MySQL settings ** //
define('DB_NAME', 'wordpress'); // The name of the database
define('DB_USER', 'wordpress'); // Your MySQL username
define('DB_PASSWORD', 'password'); // ...and password
define('DB_HOST', 'localhost'); // Change this to IP address of your database
We are done. Open a browser from a client that can see this server we have setup. Browse to http://<Server>/wordpress/wp-admin/install.php and start configuring the WordPress application.
Conclusion
We now have a running Web Server (on Server Core) with PHP enabled running the WordPress application. In essence, we have pieced together the following technologies; Windows 2008 Server Core + PHP + MySQL + IIS 7.0 + WordPress.
Off my mind, there are many aspects which are compelling;
- Small foot print - Server Core is light in foot print. Much lesser binary. Takes about 1/4 to 1/5 the footprint of a full install. Disk storage is less demanding.
- Small surface attack area - Less binaries, less requirements to update the binaries if a vulnerability is discovered
- Requires less resources to run
- Concentrated workload
- Fast and speed server provisioning
I had fun in this adventure and thanks to Matty and Chris. We are looking out for more fun and will share with you what we have. If you have an idea or would like to know more, contact me or Matty anytime. Drop us an email today.
BTW, this is a support scenario in IT Pro Momentum. So if you like to give Server Core running IIS7 a try in your environment and receive a free 1 year TechNet+ Subscription, wait no further, drop me an email now.
/Dennis
Last friday, I had the privilege of meeting 2 members of the Windows Insiders Group. Teck Sin and Yong Teck, at their nice office off the sunny West Coast of Singapore. Just a short walk away from West Coast park. Yup, nice place to work right? Just minutes to the sea side. Imagine you are so frustrated with work, you could just walk to the seaside and jump in. Just kidding.. ;-)
Teck Sin works for a Process Control company (cannot be named to ensure privacy. Hey !! Respect that.) He is in a team of 5 which provides IT Infrastructure support to about 1000 users. I’ve just visited his office on Friday afternoon. Wow, awesome work the company does. His company does process control for customers and produces precision control equipment and stuff like that. That wide variety of IT infrastructure support is just awesome and looks like a lot of fun.
Anyway, I was meeting Teck Sin to see the good work he has done around Network Access Protection. Teck Sin has implemented a pilot of Windows Server 2008’s Network Access protection through 802.1x. He implemented that with CISCO Catalyst 3560.
He found that NAP is able to enforce a base level of protection for clients when network access is required. That protects the clients from virus and worm issues that mobile workforce may bring along back to office and spreads around. NAP is able to enforce that you have Firewall turn on (if its not, NAP can be set to turn it on), Antivirus installed and up to date, and the clients have up-to-date software updates.
Teck Sin finds that NAP is a very compelling technology that should seriously be given some thoughts. It can tremendously elevate and ensure the level of health before clients participate in network access. However, in Teck Sin’s pilot, he wasn’t able to get hold of System Health Validators from his Antivirus vendor and thus, couldn’t put a full testing to it. But he is definitely going to try and get his hands on them and test it again. Meanwhile, he is having fun with his NAP setup. 
He also learns how to handle non-802.1x and non-nap clients (print servers and like), and they need to be addressed before general rollout. I encouraged Teck Sin to go further and push the pockets of NAP and exchanged a few ideas. Yong Teck was there too. I learnt quite a bit from the ground. Thanks to Teck Sin and Yong Teck for hosting me.
I think staying ahead of competition and peers is important for the IT Profession. NAP may not hit you right now, but if it hits you, are you ready and confident to implement and handle them? The very difference in being a competent IT Pro is the ability to move ahead and stay abreast of the pack. Teck Sin and Yong Teck displayed that and kudos for staying ahead.
I am here in Microsoft to help IT Pros in Singapore stay ahead and updated with our latest offering (to be released in H1 2008), Windows Server 2008. If you are interested to find out more on how to learn more and get invited into the IT Pro Momentum program (which Teck Sin and Yong Teck are in), drop me an email at i-dchung@microsoft.com For his efforts, Teck Sin is given a 1 year TechNet+ Subscription.
Join the IT Pro Momentum (BTW, its free), or lag behind… Your choice.. May the force be with you!! (Sounds familiar?)
/Dennis
At a recent event, Community Technology Update 2007, held on 3rd Nov 2007, i had the privilege of meeting 3 IT Pros whom have contributed much to their own companies.
They have done various projects that made use of Microsoft Windows Server 2008 and an impact in their own organizations. To recognize them for their efforts, through a program, they will teach receive a 1 year subscription of TechNet+.
I had a privilege of presenting them a small gift, a Microsoft Lifecam NX6000 worth about $170 SGD for their efforts.
<<== Suhendar Gunawan from Siemens IT Services (Implemented Active Directory)
<<== Desmond Kung from Pluto Technology (Implemented Network Access Protection)
<<== Pom Figuaroa from Avanuts Training (Implemented Windows Deployment Services)
I'm still on the look out to help more IT Pros in Singapore and seeing them put Windows Server 2008 to good use. If you are keen implementing Windows 2008, please drop me an email. (i-dchung@microsoft.com) I look forward to receiving your email.
/Dennis