Error message

  • Notice: Trying to access array offset on value of type int in element_children() (line 6595 of /home3/aprasad9/public_html/_sites/kamalprasad.com/includes/common.inc).
  • Notice: Trying to access array offset on value of type int in element_children() (line 6595 of /home3/aprasad9/public_html/_sites/kamalprasad.com/includes/common.inc).
  • Notice: Trying to access array offset on value of type int in element_children() (line 6595 of /home3/aprasad9/public_html/_sites/kamalprasad.com/includes/common.inc).
  • Deprecated function: implode(): Passing glue string after array is deprecated. Swap the parameters in drupal_get_feeds() (line 394 of /home3/aprasad9/public_html/_sites/kamalprasad.com/includes/common.inc).
  • Deprecated function: The each() function is deprecated. This message will be suppressed on further calls in menu_set_active_trail() (line 2405 of /home3/aprasad9/public_html/_sites/kamalprasad.com/includes/menu.inc).

Running Meteor App on a BudgetVM CentOS 7 VPS

Full disclosure: I am no server/web hosting guru. I learn as I go along and I don't always get all the jargon right but I hope this will prove useful to some. Also, links to BudgetVM have my affiliate tag on them, which means I get a commission if you decide to sign up with them after clicking the link. 

Several months ago, I learned about this awesome javascript based ecosystem called Meteor. Seriously, if you don't know about it, and you develop websites, you owe it to yourself to check it out. Some people call it a framework, but it is oh so much more than that.

I am not sure if the idea for the app I developed using Meteor came before and I discovered it just in time to avoid going doing another, very likely, more complicated path, or, having discovered Meteor, I had to write an app just so I could learn to use it. Meteor is just that awesome!

Since it is relatively new, most web hosting companies don't have out of the box support for Meteor like they might for WordPress or Drupal. It is also based on Node.js, which is a different technology than what is used by most hosting companies. So, in order to run Meteor apps, you will need a virtual private server (VPS), which is basically your own Linux based operating system running on a server somewhere out there. (You can host your Meteor apps on meteor.com via the meteor deploy command but (as far as I know) you have very limited control over what things you can do, especially in regards to database management, once your app is deployed.

Anyway, I needed an inexpensive VPS solution where I could run my Meteor app with full control. I found that solution in BudgetVM, a no-frills, at least at the lowest tier, VPS provider for $25/year. At this price, their support is very limited so I had to learn several things on my own to get my Meteor app running on their servers and I will share that with you now. So far, I have been very happy what I have been able to do with the hardware/bandwidth resources BudgetVM provides at this price point.

First, here are the specs of my VPS.

CPU 1 Core
Hard Drive Space 50 GB
RAM 512 MB
Monthly Bandwidth 2000 GB
Operating System CentOS 7 x86_64

Now, if you are reading this, I take it you have some degree of computer literacy and will be able to setup the VPS fairly easily. However, sometimes I asume too much so if any of the instructions are unclear or if you get stuck, please post in the comments below and I'd be happy to try to help you out. 

After you have setup you VPS, use a terminal program like putty to login to your remote server. You might want to read these instructions to secure your new VPS. If you use the default port for connecting to your server, you had better use very good passwords because your VPS will get 10s of thousands of hack attempts. I do use the root user (I know, VERY BAD, but I do use a non-standard SSH port and howsecureismypassword.net says it will take a million years for a desktop computer to guess my password) to connect to my VPS so I don't have to put sudo in front of the commands I type in terminal but you may have to. Don't worry, linux will tell you if that is necessary.

OK, back to work. Once logged in type in the following command in the terminal window to update your CentOS operating system

 yum -y update

The -y basically saves you from typing it in later to say yes to all the other software that is needed to finish the update/install.

Next, we install a repository that has the info to install Node.js, which is needed to run Meteor apps on your VPS.

 yum -y install epel-release

Now, we can install Node.js and NPM, which is also required to run Meteor apps.

 yum -y install nodejs npm

You can check if Node.js is installed properly by using the following command

 node --version

If you get a version number, you are good to go. I've never not gotten the version number. 

Next step is to install MongoDB, the database used by Meteor. The instructions found on MongoDB's website to install MongoDB on CentOS works well so I won't repeat it here. One thing to to note is that I didn't need to run the semanage commands on the BudgetVM CentOS VPS .

For some reason the CentOS 7 version running on BudgetVM still relies on iptables (you can think of this as a software based firewall) instead of the newer firewall-cmd supported by CentOS 7 that you would get if you were to install it from CentOS' website on your own PC. You could install and setup the new firewall on your VPS, but since iptables isn't that hard to use, I will stick with that, i.e. don't ask me how to setup the new firewall commands. :)

I like to start from scratch to ensure we only add what we need to the iptables, so type in the following

 iptables -F

This will flush (F) your firewall rules, in a sense disabling your VPS' firewall. This is generally not a good thing. We need to add a back few things to our iptables rules to ensure that the VPS is secure and that we don't loose connection to the VPS via SSH as well as allow  our app to work properly. (If you find yourself unable to connect after making the following changes, you can go back in via your BudgetVM Portal, login via the "Serial Console (KVM)" and do iptables -F to start over.) Before doing the following, it might be worthwhile to learn a little bit about iptables by reading the following short intro to iptables.

To add the first rule to our iptables, type in the following

 iptables -I INPUT -p tcp --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT

This will allow http connections to your VPS. Go ahead, try browsing to http://YOUR_IP_ADDRESS. If it worked, you should see an Apache webserver page. (We will need to disable this, but more on this later.) Next, enter

 iptables -I INPUT -p tcp --dport 26260 -m state --state NEW,ESTABLISHED -j ACCEPT

where "26260" is the port number for your SSH connection. If you did not follow ServerMom's instructions to change your SSH port (which you should have), you should use 22, the default SSH port.

Next in order to ensure that our Meteor app can talk to the mongo database we need to enter the following command

 iptables -I INPUT -s "127.0.0.1" -j ACCEPT

The -s "127.0.0.1" ensures that all network requests made within the VPS (i.e. localhost) all allowed, which I think allows the Meteor app running on port 80 to talk to the mongodb server on whatever port you set it on, the default being 27017.

OK, now we have added all the stuff we need for SSH and the Meteor web app to work properly. Well, the mail component is missing but I haven't done that yet myself. There is one more rule to add to iptables.

 iptables -I INPUT 4 -j REJECT

The "4" makes the REJECT rule, which will block all incoming requests to the server not allow by the rules above it, appear at the end of the list of rules. The REJECT flags should always appear after the ACCEPT rules. N

Now, if you run the following command

 iptables -vnL

you will see something similar to

Chain INPUT (policy DROP 0 packets, 0 bytes) pkts      bytes   target     prot  opt   in     out     source               destination          6371     639K   ACCEPT   tcp    --      *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:80 state NEW,ESTABLISHED 1430     116K   ACCEPT   tcp    --      *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:28140 state NEW,ESTABLISHE 23138   11M    ACCEPT   all      --     *      *       127.0.0.1            0.0.0.0/0            449K     43M    REJECT     all      --     *      *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-port-unreachable

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts      bytes   target    prot   opt   in     out     source               destination          Chain OUTPUT (policy ACCEPT 10 packets, 1190 bytes) pkts      bytes   target    prot   opt in     out     source               destination

In order to save these rules permenantly, type the following

 service iptables save

You may want/need to also run

 service iptables restart

Last thing I did was to edit my rc.local file, sort of the startup items for when your VPS boots each time. First to edit

 vi /etc/rc.d/rc.local

Edit it to look like the following

touch /var/lock/subsys/local service httpd stop PORT=80 ROOT_URL=http://YOUR_IP MONGO_URL=mongodb://localhost/ node start /root/html/bundle/main.js exit 0

The service httpd stop stops the default Apache webserver of your VPS from running so that your Meteor app becomes accessible by the outside world. The reason I would recommend against removing Apache webserver altogether is that you could use that to display a generic message to your website visitors if you need to take your Meteor app down for maintenance or any other reason.

This is it. Once you build your Meteor app, this should get you able to share it with the world. I hope this little tutorial has proved useful to someone out there. If not, I will probably use it if my VPS were to get hosed for some reason or another. If I missed something, made a mistable, please accept my apologies and if you point out my oversight, I'd be happy to correct it.

Comments

One item I saw is it says itables above where it should say:
iptables -vnL

Also, it may say use systemctl instead of service for saving these rules. Has anyone come across any new ways to deploy using Docker since that runs on CentOS?

Thanks for the correction. Fixed.

Add new comment

Filtered HTML

  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <blockquote> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.