Instalare Container VPS-uri pe CentOS 5.4
In acest scurt tuotrial voi descrie modul de instalare al Kernel-ului OpenVZ pe sistemul de operare CentOS 5.4
OpenVZ este varianta cu sursa-deschisa (OpenSource) a renumitului Virtuozzo. ...Read More
Installing PHP 5.3, Nginx And PHP-fpm On Ubuntu/Debian
Since Apache is most of the time a memory hungy process, people started to look for different ways to host their website. Apache is clearly not the only webserver available. A few good examp ...Read More
VBoxHeadless – Running Virtual Machines With VirtualBox 3.1.x On A Headless Debian Lenny Server
This guide explains how you can run virtual machines with Sun xVM VirtualBox 3.1.x on a headless Debian Lenny server. Normally you use the VirtualBox GUI to manage your virtual machines, bu ...Read More
Server Monitoring With munin And monit On Debian Lenny
In this article I will describe how you can monitor your Debian Lenny server with munin and monit. munin produces nifty little graphics about nearly every aspect of your server (load averag ...Read More
Instalare Container VPS-uri pe CentOS 5.4
In acest scurt tuotrial voi descrie modul de instalare al Kernel-ului OpenVZ pe sistemul de operare CentOS 5.4
OpenVZ este varianta cu sursa-deschisa (OpenSource) a renumitului Virtuozzo.
Ok, Sa incepem:
1. Instalarea OpenVZ
Cel mai simplu mod de instalare este sa adaugam in repository-ul YUM si adresa openVZ. Pentru aceasta executam urmatoarele comenzi:
cd /etc/yum.repos.d wget http://download.openvz.org/openvz.repo rpm --import http://download.openvz.org/RPM-GPG-Key-OpenVZ
Acest repository contine 4 variante de kernel:
- UP – Nu mai este disponibil la adata scrierii acestui articol
- SMP vine fara nici un fel de modificare (Asemeni variantei UP)
- entnosplit vine ca PAE(Pana la 64 GB Ram, recomandat pentru maxim 10-30 VPS-uri/Container)
- enterprise vine ca ent (Pana la 64 GB Ram, recomandat pentru containere cu peste 20-30VPS-uri/Container)
Pentru instalare simpla se foloseste comanda:
yum install ovzkernel
Dupa instalare meniul Grub se va updata singur. La bootare alegeti din meniu prima optiune (CentOS 5.4).
container = Masina fizica pe care se instaleaza VPS-urile
2. Setari inainte de crearea VPS-urilor.
Ok, avem kernel-ul pentru OpenVZ, dar nu avem setarile necesare pentru a-l putea folosi corect.
Pentru a face aceste setari deschideti /etc/sysctl.conf si verificati ca urmatoarele linii sa fie precum cele de mai jos:
net.ipv4.ip_forward = 1 net.ipv4.conf.default.proxy_arp = 0 net.ipv4.conf.all.rp_filter = 1 kernel.sysrq = 1 net.ipv4.conf.default.send_redirects = 1 net.ipv4.conf.all.send_redirects = 0 net.ipv4.icmp_echo_ignore_broadcasts=1 net.ipv4.conf.default.forwarding=1
De obicei se modifica doar valoarea net.ipv4.ip_forward = 0 in net.ipv4.ip_forward = 1 si restul se adauga la sfarsitul fisierului.
Dupa ce facem aceste setari mai avem nevoie de cateva utilitare pentru o utilizare mai usoara a masinii VPS. Acestea sunt vzctl si vzquota:
yum install vzctl vzquota
3. Crearea unei masini VPS
Bun, am instalat kernel-ul, software-ul aditional si am facut setarile generale, acum urmeaza sa pornim masina cu noul kernel.
Pentru aceasta resetam masina si selectam primul Kernel din lista.
Pentru a putea crea VPS-uri cu diverse OS-uri avem nevoie de template-ul pentru acestea si un loc de depozitare.
Acesta este localitat in
/vz/template/cache
Template-urile pot fi descarcate de la http://download.openvz.org/template/precreated/contrib/ dupa cum urmeaza:
altlinux-2.4.tar.gz 22-Aug-2006 06:49 24M
arch-2010.x-about-and-MD5SUMs.txt 25-Jan-2010 16:31 828
owl-current-20100323.checksums 24-Mar-2010 22:38 453
Acestea le descarcam cu wget.
Dupa alegerea OS-ului dorit putem sa ne apucam de instalarea lui:
vzctl create 150 --ostemplate debian-5.0-i386-minimal --config vps.basic
Eu am ales debian 5 minimal. Adica un sistem default fara nici un fel de aplicatie instalata, cu configuratia basic de VPS (100% resurse alocate).
150 este un identificator unic pentru un VPS, un fel de nume pentru acesta.
Bun, acum avem un VPS, ca sa il pornim folosim comanda vzctl start ID (In cazul nostru 150).
4. Setari principale disponibile
Daca dorim ca VPS-ul sa porneasca automat la resetarea serverului-gazda atunci trebuie sa ii spunem serverului gazda sa faca acest lucru:
vzctl set 150 --onboot yes --save
Pentru a adauga un hostname si un ip masinii noi create din masina-gazda folositi comanda:
vzctl set 150 --hostname test.dabv.net --save vzctl set 150 --ipadd 192.168.0.150 --save
Daca doresti sa limitezi numarul de socket-uri deschise care le poate “duce” un VPS, poti folosi comanda urmatoare:
vzctl set 150 --numothersock 999 --save
Unde 150 este identificatorul VPS-ului si 999 este numarul maxim de socket-uri acceptate.
De asemenea, parametrii pot fi modificati si manual, editand fisierul de configurare aflat la /etc/vz/conf/ID.conf, unde ID reprezinta identificatorul unic.
Alte comenzi ar fi start, restart, destroy (stergerea definitiva a VPS-ului), exec(Executa comenzile date din masina-gazda) sau chiar enter (Intri pe masina virtuala din masina gazda fara autentificare).
Exemple:
vzctl start 150 vzctl restart 150 vzctl stop 150 vzctl destroy 150 vzctl exec 150 ps ax vzctl enter 150
Pentru a iesi de pe masina virtuala in masina-gazda se foloseste comanda “exit”.
5. Verificarea starii VPS-urilor
Pentru a verifica lista VPS-urilor si starea lor se foloseste comanda vzlist -a:
[root@dabv.net /]# vzlist -a
VEID NPROC STATUS IP_ADDR HOSTNAME
150 18 running 192.168.0.150 test.dabv.net
151 47 running 192.168.0.151 test2.dabv.net
Pentru a vedea resursele alocate/consumate de un VPS putem vesea fisierul /proc/user_beancounters din fiecare VPS:
[root@dabv.net /]# vzctl exec 150 cat /proc/user_beancounters
Rezultatul acesti comenzi va fi de genul:
Version: 2.5
uid resource held maxheld barrier limit failcnt
150: kmemsize 1361386 1509512 11055923 11377049 0
lockedpages 0 0 256 256 0
privvmpages 4424 4794 65536 69632 0
shmpages 45 45 21504 21504 0
dummy 0 0 0 0 0
numproc 17 20 240 240 0
physpages 2074 2263 0 2147483647 0
vmguarpages 0 0 33792 2147483647 0
oomguarpages 2074 2263 26112 2147483647 0
numtcpsock 4 4 360 360 0
numflock 3 4 188 206 0
numpty 0 0 16 16 0
numsiginfo 0 1 256 256 0
tcpsndbuf 35840 0 1720320 2703360 0
tcprcvbuf 65536 0 1720320 2703360 0
othersockbuf 6720 8640 1126080 2097152 0
dgramrcvbuf 0 8384 262144 262144 0
numothersock 7 10 360 360 0
dcachesize 0 0 3409920 3624960 0
numfile 402 452 9312 9312 0
numiptent 14 14 128 128 0
Sper ca v-a fost de folos acest articol. Daca aveti intrebari sau completari la acest articol nu ezitati sa postati un comentariu.
Forum related: http://invata.cum-sa.com/unixlinux/instalare-cluster-masini-virtuale-problemerezolvari/
1143 Vizualizari.
Installing PHP 5.3, Nginx And PHP-fpm On Ubuntu/Debian
Since Apache is most of the time a memory hungy process, people started to look for different ways to host their website. Apache is clearly not the only webserver available. A few good examples are lighttpd and nginx. In this tutorial I will show you how to install it on your Ubuntu server. This tutorial also applies to Debian, though. There is only a very small difference.
Ready? Let’s begin shall we.
Step 0 – Preliminary Notes
In order to complete this tutorial, I assume you have installed a base system of Debian or Ubuntu. How this can be done, can be read in different tutorials. This tutorial only focusses on getting nginx+php running without much hassle.
Step 1 – Nginx
Installing nginx is the first step we have to do. This can be easily done by downloading it from the repository.
sudo apt-get install nginx
The default vhost has to be changed in order to work properly.
sudo vim /etc/nginx/sites-available/default
A nice starting point for your config is:
server {
listen 80;
server_name localhost;
access_log /var/log/nginx/localhost.access.log;
## Default location
location / {
root /var/www;
index index.php;
}
## Images and static content is treated different
location ~* ^.+.(jpg|jpeg|gif|css|png|js|ico|xml)$ {
access_log off;
expires 30d;
root /var/www;
}
## Parse all .php file in the /var/www directory
location ~ .php$ {
fastcgi_split_path_info ^(.+\.php)(.*)$;
fastcgi_pass backend;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /var/www$fastcgi_script_name;
include fastcgi_params;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_intercept_errors on;
fastcgi_ignore_client_abort off;
fastcgi_connect_timeout 60;
fastcgi_send_timeout 180;
fastcgi_read_timeout 180;
fastcgi_buffer_size 128k;
fastcgi_buffers 4 256k;
fastcgi_busy_buffers_size 256k;
fastcgi_temp_file_write_size 256k;
}
## Disable viewing .htaccess & .htpassword
location ~ /\.ht {
deny all;
}
}upstream backend { server 127.0.0.1:9000;}
Ok, we’re done here. Now we’ll install the needed files for PHP.
Step 2 – Installing PHP
Many sites rely on PHP for providing them dynamic content, whether this is a wiki, forum software, weblog or something entirely different.
If you are running Ubuntu, we first have to resolve two dependencies required for the dotdeb packages. If you are running the amd64 version, you should replace i386 with amd64.
For Debian you won’t have to do this!
cd /tmp
wget http://us.archive.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2_i386.deb
wget http://us.archive.ubuntu.com/ubuntu/pool/main/i/icu/libicu38_3.8-6ubuntu0.2_i386.deb
sudo dpkg -i *.deb
Again, this is only required if you’re on Ubuntu.
The rest of the tutorial applies to both Ubuntu & Debian.
We’ll have to add the dotdeb repository to the APT sources, so we can use their packaged PHP 5.3 and php-fpm:
sudo echo “deb http://php53.dotdeb.org stable all” >> /etc/apt/sources.list
Update apt:
sudo apt-get update
The resulting text should include dotdeb.
Now we’ll install PHP (part 1):
sudo apt-get install php5-cli php5-common php5-suhosin
We have to install the cli before the rest, because this will cause problems later on.
sudo apt-get install php5-fpm php5-cgi
If you are planning to use a database or require specific modules (mcrypt, ldap, snmp etc) you can install them as well.
Ok, so now we have nginx and PHP.
One minor remark: If you are using “php short tags” (<?) you should enable them in your php.ini files (for both fpm and cli). If you do not change this, you will see your code in plain text!
Step 3 – Finalizing
Restart nginx in order to catch up with the config changes we made earlier.
sudo /etc/init.d/nginx restart
The restart should have gone without any problems.
After installing php5-fpm, it should have been started. If you did change your php.ini files, you have to restart php5-fpm.
sudo /etc/init.d/php5-fpm restart
All right. They should now both be running.
Step 4 – Testing
In order to test if the execution of PHP is working, create an index.php file in /var/www with the following content:
<?php phpinfo(); ?>
Visit your webserver and you should be able to see the generated phpinfo. If not, something went wrong.
Step 5 – Troubleshooting & Final notes
If you did not see the phpinfo, there might be something wrong. In order to track down what went wrong, you can check the nginx error log:
sudo tail /var/log/nginx/error.log
Remember, if you did change your php.ini you have to restart php5-fpm. Restarting nginx isn’t’ necessary.
In my example config I’ve enabled the fastcgi error interception. If a serious error occurs (for instance a “cannot redeclare class xyz”), nginx can catch this page and show a “nice” error page that something went wrong. This way, there is less information given out in case something is going seriously wrong.
If you do not like this, you can turn it off.
If php5-fpm is not running, your PHP files cannot be parsed and nginx will show the user an error page.
Well, I guess we’re done and you are now able to serve PHP with your new nginx based webserver. Nginx is pretty nice and you can configure a lot. If you need rewrites, be aware that nginx does not work with .htaccess files. You will need to change your vhost settings in order for the rewrites to work.
1267 Vizualizari.VBoxHeadless – Running Virtual Machines With VirtualBox 3.1.x On A Headless Debian Lenny Server
This guide explains how you can run virtual machines with Sun xVM VirtualBox 3.1.x on a headless Debian Lenny server. Normally you use the VirtualBox GUI to manage your virtual machines, but a server does not have a desktop environment. Fortunately, VirtualBox comes with a tool called VBoxHeadless that allows you to connect to the virtual machines over a remote desktop connection, so there’s no need for the VirtualBox GUI.
I do not issue any guarantee that this will work for you!
1 Preliminary Note
I have tested this on a Debian Lenny server (host system) with the IP address 192.168.0.100 where I’m logged in as a normal user (user name administrator in this example) instead of as root.
If you only have a root account, but no normal user account, create one as follows (user administrator, group administrator)…
# groupadd administrator
# useradd -d /home/administrator -m -g administrator -s /bin/bash administrator
… create a password for the new user…
# passwd administrator
… and log in as that user.
2 Installing VirtualBox
To install VirtualBox 2 on our Debian Lenny server, we need root privileges, therefore we run
$ su
Then we add the VirtualBox repository to our apt configuration:
# echo “deb http://download.virtualbox.org/virtualbox/debian lenny non-free” > /etc/apt/sources.list.d/virtualbox.list
Then we download Sun’s public key…
# wget -q http://download.virtualbox.org/virtualbox/debian/sun_vbox.asc -O- | apt-key add -
… and update our package database:
# aptitude update
Now we bring our system up to date:
# aptitude safe-upgrade
(It is possible that the kernel gets updated. If this is the case, reboot the system…
# reboot
… log in as the normal user again and become root:
$ su
)
Afterwards, we install VirtualBox 3.1.x as follows:
# aptitude install linux-headers-$(uname -r) build-essential virtualbox-3.1 dkms
(The dkms package ensures that the VirtualBox host kernel modules are properly updated if the Linux kernel version changes.)
Creating group ‘vboxusers’
Users of VirtualBox must be members of that group. Host network interfaces will be assigned to that group. <– Ok
Unable to find a precompiled module for the current kernel![...]
Should the vboxdrv kernel module be compiled now? <– Yes
Now we must add the user that will run VirtualBox (administrator in this example) to the vboxusers group:
# adduser administrator vboxusers
VirtualBox is now installed and ready to be used.
Type
# exit
to leave the root account and become a normal user (administrator) again.
3 Using VirtualBox On The Command Line
3.1 Creating A VM
To create a VM on the command line, we can use the VBoxManage command. See
$ VBoxManage –help
for a list of available switches and (highly recommended!) take a look at http://www.virtualbox.org/manual/UserManual.html#vboxmanage.
I will now create a Debian Lenny Server VM with 256MB memory and a 10GB hard drive from the Debian Lenny Netinstall iso image (which I have stored in /home/debian-500-i386-netinst.iso):
$ VBoxManage createvm –name “Debian Lenny Server” –register
$ VBoxManage modifyvm “Debian Lenny Server” –memory 256 –acpi on –boot1 dvd –nic1 bridged –bridgeadapter1 eth0
$ VBoxManage createhd –filename Debian_Lenny_Server.vdi –size 10000 –register
$ VBoxManage storagectl “Debian Lenny Server” –name “IDE Controller” –add ide
$ VBoxManage storageattach “Debian Lenny Server” –storagectl “IDE Controller” –port 0 –device 0 –type hdd –medium Debian_Lenny_Server.vdi
$ VBoxManage storageattach “Debian Lenny Server” –storagectl “IDE Controller” –port 1 –device 0 –type dvddrive –medium /home/debian-500-i386-netinst.iso
3.2 Importing An Existing VM
Let’s assume you have a VM called examplevm that you want to reuse on this host. On the old host, you should have a directory Machines/examplevm in the VirtualBox directory; Machines/examplevm should contain the examplevm.xml file. Copy the examplevm directory (including the examplevm.xml file) to your new Machines directory (if your user name is administrator, this is /home/administrator/.VirtualBox/Machines – the result should be /home/administrator/.VirtualBox/Machines/examplevm/examplevm.xml).
In addition to that copy the examplevm.vdi file from the old VDI directory to the new one (e.g. /home/administrator/.VirtualBox/VDI/examplevm.vdi).
Afterwards, you must register the imported VM:
$ VBoxManage registervm Machines/examplevm/examplevm.xml
3.3 Starting A VM With VBoxHeadless
Regardless of if you create a new VM or import and old one, you can start it with the command:
$ VBoxHeadless –startvm “Debian Lenny Server”
(Replace Debian Lenny Server with the name of your VM.)
VBoxHeadless will start the VM and a VRDP (VirtualBox Remote Desktop Protocol) server which allows you to see the VM’s output remotely on another machine.
To stop a VM, run
$ VBoxManage controlvm “Debian Lenny Server” poweroff
To pause a VM, run
$ VBoxManage controlvm “Debian Lenny Server” pause
To reset a VM, run
$ VBoxManage controlvm “Debian Lenny Server” reset
To learn more about VBoxHeadless, take a look at
$ VBoxHeadless –help
and at http://www.virtualbox.org/manual/UserManual.html.
4 Connecting To A VM From A Remote Desktop
4.1 Windows XP
You can use the built-in Remote Desktop Connection utility to connect to the VM:
Type in the hostname or IP address of the host (not the guest!):
And voila, you should be connected to the VM:
4.2 Linux
On Linux desktops, you can use the rdesktop command to connect to the VM. Open a terminal (on Ubuntu, for example, it’s under Applications > Accessories > Terminal)…
… and type in the following command:
$ rdesktop -a 16 192.168.0.100
(192.168.0.100 is the host IP address, not the one of the guest – replace it with your own IP address or hostname; -a 16 means 16 bit colour depth.)
And voila, you should be connected to the VM:
737 Vizualizari.
Server Monitoring With munin And monit On Debian Lenny
In this article I will describe how you can monitor your Debian Lenny server with munin and monit. munin produces nifty little graphics about nearly every aspect of your server (load average, memory usage, CPU usage, MySQL throughput, eth0 traffic, etc.) without much configuration, whereas monit checks the availability of services like Apache, MySQL, Postfix and takes the appropriate action such as a restart if it finds a service is not behaving as expected. The combination of the two gives you full monitoring: graphics that lets you recognize current or upcoming problems (like “We need a bigger server soon, our load average is increasing rapidly.”), and a watchdog that ensures the availability of the monitored services.
Although munin lets you monitor more than one server, we will only discuss the monitoring of the system where it is installed here.
This tutorial was written for Debian Lenny, but the configuration should apply to other distributions with little changes as well.
I want to say first that this is not the only way of setting up such a system. There are many ways of achieving this goal but this is the way I take. I do not issue any guarantee that this will work for you!
1 Preliminary Note
Our system’s hostname is server1.example.com, and we have a web site www.example.com on it with the document root /var/www/www.example.com/web.
2 Install And Configure munin
To install munin on Debian Lenny, we do this:
aptitude install munin munin-node
Next, we must edit the munin configuration file /etc/munin/munin.conf. We want munin to put its output into the directory /var/www/www.example.com/web/monitoring, therefore we change the value of htmldir, and we want it to use the name server1.example.com instead of localhost.localdomain in the HTML output, therefore we replace localhost.localdomain with server1.example.com. Without the comments, the changed file looks like this:
vi /etc/munin/munin.conf
dbdir /var/lib/munin
htmldir /var/www/www.example.com/web/monitoring
logdir /var/log/munin
rundir /var/run/munin
tmpldir /etc/munin/templates
[server1.example.com]
address 127.0.0.1
use_node_name yes
|
Next we create the directory /var/www/www.example.com/web/monitoring and change its ownership to the user and group munin, otherwise munin cannot place its output in that directory. Then we restart munin:
mkdir -p /var/www/www.example.com/web/monitoring
chown munin:munin /var/www/www.example.com/web/monitoring
/etc/init.d/munin-node restart
Now wait a few minutes so that munin can produce its first output, and then go to http://www.example.com/monitoring/ in your browser, and you see the first statistics. After a few days this could look like this:
(This is just a small excerpt of the many graphics that munin produces…)
3 Password-Protect The munin Output Directory (Optional)
Now it is a good idea to password-protect the directory /var/www/www.example.com/web/monitoring unless you want everybody to be able to see every little statistic about your server.
To do this, we create an .htaccess file in /var/www/www.example.com/web/monitoring:
vi /var/www/www.example.com/web/monitoring/.htaccess
AuthType Basic AuthName "Members Only" AuthUserFile /var/www/www.example.com/.htpasswd <limit GET PUT POST> require valid-user </limit> |
Then we must create the password file /var/www/www.example.com/.htpasswd. We want to log in with the username admin, so we do this:
htpasswd -c /var/www/www.example.com/.htpasswd admin
Enter a password for admin, and you’re done!
4 Install And Configure monit
To install monit, we do this:
aptitude install monit
Now we must edit /etc/monit/monitrc. The default /etc/monit/monitrc has lots of examples, and you can find more configuration examples on http://mmonit.com/monit/documentation/. However, in my case I want to monitor proftpd, sshd, mysql, apache, and postfix, I want to enable the monit web interface on port 2812, I want a https web interface, I want to log in to the web interface with the username admin and the password test, and I want monit to send email alerts to root@localhost, so my file looks like this:
cp /etc/monit/monitrc /etc/monit/monitrc_orig
cat /dev/null > /etc/monit/monitrc
vi /etc/monit/monitrc
set daemon 60
set logfile syslog facility log_daemon
set mailserver localhost
set mail-format { from: monit@server1.example.com }
set alert root@localhost
set httpd port 2812 and
SSL ENABLE
PEMFILE /var/certs/monit.pem
allow admin:test
check process proftpd with pidfile /var/run/proftpd.pid
start program = "/etc/init.d/proftpd start"
stop program = "/etc/init.d/proftpd stop"
if failed port 21 protocol ftp then restart
if 5 restarts within 5 cycles then timeout
check process sshd with pidfile /var/run/sshd.pid
start program "/etc/init.d/ssh start"
stop program "/etc/init.d/ssh stop"
if failed port 22 protocol ssh then restart
if 5 restarts within 5 cycles then timeout
check process mysql with pidfile /var/run/mysqld/mysqld.pid
group database
start program = "/etc/init.d/mysql start"
stop program = "/etc/init.d/mysql stop"
if failed host 127.0.0.1 port 3306 then restart
if 5 restarts within 5 cycles then timeout
check process apache with pidfile /var/run/apache2.pid
group www
start program = "/etc/init.d/apache2 start"
stop program = "/etc/init.d/apache2 stop"
if failed host www.example.com port 80 protocol http
and request "/monit/token" then restart
if cpu is greater than 60% for 2 cycles then alert
if cpu > 80% for 5 cycles then restart
if totalmem > 500 MB for 5 cycles then restart
if children > 250 then restart
if loadavg(5min) greater than 10 for 8 cycles then stop
if 3 restarts within 5 cycles then timeout
check process postfix with pidfile /var/spool/postfix/pid/master.pid
group mail
start program = "/etc/init.d/postfix start"
stop program = "/etc/init.d/postfix stop"
if failed port 25 protocol smtp then restart
if 5 restarts within 5 cycles then timeout
|
(Please make sure that you check processes only that really exist on your server – otherwise monit won’t start. I.e., if you tell monit to check Postfix, but Postfix isn’t installed on the system, monit won’t start.)
The configuration file is pretty self-explaining; if you are unsure about an option, take a look at the monit documentation: http://mmonit.com/monit/documentation/monit.html
In the apache part of the monit configuration you find this:
if failed host www.example.com port 80 protocol http
and request "/monit/token" then restart
|
which means that monit tries to connect to www.example.com on port 80 and tries to access the file /monit/token which is /var/www/www.example.com/web/monit/token because our web site’s document root is /var/www/www.example.com/web. If monit doesn’t succeed it means Apache isn’t running, and monit is going to restart it. Now we must create the file /var/www/www.example.com/web/monit/token and write some random string into it:
mkdir /var/www/www.example.com/web/monit
echo “hello” > /var/www/www.example.com/web/monit/token
Next we create the pem cert (/var/certs/monit.pem) we need for the SSL-encrypted monit web interface:
mkdir /var/certs
cd /var/certs
We need an OpenSSL configuration file to create our certificate. It can look like this:
vi /var/certs/monit.cnf
# create RSA certs - Server RANDFILE = ./openssl.rnd [ req ] default_bits = 1024 encrypt_key = yes distinguished_name = req_dn x509_extensions = cert_type [ req_dn ] countryName = Country Name (2 letter code) countryName_default = MO stateOrProvinceName = State or Province Name (full name) stateOrProvinceName_default = Monitoria localityName = Locality Name (eg, city) localityName_default = Monittown organizationName = Organization Name (eg, company) organizationName_default = Monit Inc. organizationalUnitName = Organizational Unit Name (eg, section) organizationalUnitName_default = Dept. of Monitoring Technologies commonName = Common Name (FQDN of your server) commonName_default = server.monit.mo emailAddress = Email Address emailAddress_default = root@monit.mo [ cert_type ] nsCertType = server |
Now we create the certificate like this:
openssl req -new -x509 -days 365 -nodes -config ./monit.cnf -out /var/certs/monit.pem -keyout /var/certs/monit.pem
openssl gendh 512 >> /var/certs/monit.pem
openssl x509 -subject -dates -fingerprint -noout -in /var/certs/monit.pem
chmod 700 /var/certs/monit.pem
Afterwards we edit /etc/default/monit to enable the monit daemon. Change startup to 1 and set CHECK_INTERVALS to the interval in seconds that you would like monit to check your system. I choose 60 (seconds) so my file looks like this:
vi /etc/default/monit
# Defaults for monit initscript # sourced by /etc/init.d/monit # installed at /etc/default/monit by maintainer scripts # Fredrik Steen <stone@debian.org> # You must set this variable to for monit to start startup=1 # To change the intervals which monit should run uncomment # and change this variable. CHECK_INTERVALS=60 |
Finally, we can start monit:
/etc/init.d/monit start
Now point your browser to https://www.example.com:2812/ (make sure port 2812 isn’t blocked by your firewall), log in with admin and test, and you should see the monit web interface. It should look like this:
(Main Screen)
(Apache Status Page)
Depending on your configuration in /etc/monit/monitrc monit will restart your services if they fail and send notification emails if process IDs of services change, etc.
Have fun!
1145 Vizualizari.How To Install Z-Push On An ISPConfig 3 Server (Debian Lenny)
Z-push is an implementation of the ActiveSync protocol which is used ‘over-the-air’ for multi platform ActiveSync devices, including Windows Mobile, iPhone, Sony Ericsson and Nokia mobile devices. With Z-push any groupware can be connected and synced with these devices. This install of Z-Push is on a The Perfect Server – Debian Lenny (Debian 5.0) [ISPConfig 3] setup.
I’m using z-push on my 1st website of the server (client1 / web1).
You will need to change the /var/clients/client1/web1/web/ part to your own settings if different.
For z-push to work you will need to have imap enabled for the user.
A quote from a famous person:
This document comes without warranty of any kind! I want to say that this is not the only way of setting up such a system. There are many ways of achieving this goal but this is the way I take. I do not issue any guarantee that this will work for you!
– Let’s get started with installing z-push. –
Make sure that you are doing this as su user (root).
Also make sure that you are using the latest version of z-push. More info @ http://z-push.sourceforge.net/soswp/index.php?pages_id=39&t=Download.
At time of writing this “howto” it was version z-push-1.3RC2.
* Download, un-tar and move directory:
cd /tmp
wget http://download.berlios.de/z-push/z-push-1.3RC2.tar.gz
tar zxf z-push-1.3RC2.tar.gz
mv z-push /var/clients/client1/web1/web/
* Edit the z-push/config.php file.
cd /var/clients/client1/web1/web/z-push
nano config.php
- Make sure that date_default_timezone_set (line 14) is set to your time zone.
- Set $BACKEND_PROVIDER to BackendIMAP (line 49).
* Remove the file backend/ics.php:
rm /var/clients/client1/web1/web/z-push/backend/ics.php
* Make sure that directory z-push/state is writable for your webserver:
chmod 777 /var/clients/client1/web1/web/z-push/state
* Create a .htaccess file:
nano .htaccess
And add this to it:
php_flag magic_quotes_gpc off php_flag register_globals off php_flag magic_quotes_runtime off php_flag short_open_tag on
You can also add the above to the Apache Directives field in ISPconfig3.
* Add Alias /Microsoft-Server-ActiveSync /var/clients/client1/web1/web/z-push/index.php to your httpd.conf:
cd /etc/apache2/
nano httpd.conf
At the end of httpd.conf add:
Alias /Microsoft-Server-ActiveSync /var/clients/client1/web1/web/z-push/index.php
* Restart Apache:
/etc/init.d/apache2 restart
* Set website PHP mode to: Mod-PHP
Log in to ISPconfig3 and go the the tab Sites > Domain. Now select the website that you are installing z-push to, and set PHP to Mod-PHP. When done click Save.
Now go to www.your-website.com/Microsoft-Server-ActiveSync, and with a bit of luck you will get a login popup screen. Use the email address and password from an IMAP user account. After this you will get an error:
GET not supported
This is the z-push location and can only be accessed by Microsoft ActiveSync-capable devices.
This error is correct, as you are accessing the z-push by web browser. All you need to do now is set up your mobile phone, and you’ve got push working!
The URL of the server to use in your mobile phone will be www.your-website.com. You do not need to add z-push or Microsoft-Server-ActiveSync.
If you are having problems, than you can create a debug.txt in the root directory of z-push. The debug.txt will log all activity, and give you a lot of extra info to find the problem(s).
touch /var/clients/client1/web1/web/z-push/debug.txt
chmod 777 /var/clients/client1/web1/web/z-push/debug.txt
How To Set Up Apache2 With mod_fcgid And PHP5 On Ubuntu 8.10
This tutorial describes how you can install Apache2 with mod_fcgid and PHP5 on Ubuntu 8.10. mod_fcgid is a compatible alternative to the older mod_fastcgi.
It lets you execute PHP scripts with the permissions of their owners instead of the Apache user.
I do not issue any guarantee that this will work for you!
1 Preliminary Note
I’m using an Ubuntu 8.10 server in this tutorial with the hostname server1.example.com and the IP address 192.168.0.100.
I will create two Apache vhosts in this tutorial, www.example1.com and www.example2.com, to demonstrate the usage of mod_fcgid.
Make sure you’re logged in as root:
sudo su
/bin/sh is a symlink to /bin/dash, however we need /bin/bash, not /bin/dash. Therefore we do this:
ln -sf /bin/bash /bin/sh
In addition to that, we must disable AppArmor:
/etc/init.d/apparmor stop
update-rc.d -f apparmor remove
apt-get remove apparmor apparmor-utils
2 Installing Apache2/mod_fcgi/PHP5
In order to install Apache2, mod_fcgid, and PHP5, run
apt-get install apache2 apache2-suexec libapache2-mod-fcgid php5-cgi
If Apache2 was already installed with PHP5 as an Apache module, disable the PHP5 module now:
a2dismod php5
Then enable the following modules…
a2enmod rewrite
a2enmod suexec
a2enmod include
a2enmod fcgid
… and open /etc/php5/cgi/php.ini:
vi /etc/php5/cgi/php.ini
Add the line cgi.fix_pathinfo = 1 right at the end of the file:
[...] cgi.fix_pathinfo = 1 |
Then reload Apache:
/etc/init.d/apache2 force-reload
3 Creating Vhosts For www.example1.com And www.example2.com
I will now create two vhosts, www.example1.com (with the document root /var/www/web1/web) and www.example2.com (with the document root /var/www/web2/web). www.example1.com will be owned by the user and group web1, and www.example2.com by the user and group web2.
First we create the users and groups:
groupadd web1
groupadd web2
useradd -s /bin/false -d /var/www/web1 -m -g web1 web1
useradd -s /bin/false -d /var/www/web2 -m -g web2 web2
Then we create the document roots and make them owned by the users/groups web1 resp. web2:
mkdir -p /var/www/web1/web
chown web1:web1 /var/www/web1/web
mkdir -p /var/www/web2/web
chown web2:web2 /var/www/web2/web
We will run PHP using suExec; suExec’s document root is /var/www, as the following command shows:
/usr/lib/apache2/suexec -V
root@server1:~# /usr/lib/apache2/suexec -V
-D AP_DOC_ROOT=”/var/www”
-D AP_GID_MIN=100
-D AP_HTTPD_USER=”www-data”
-D AP_LOG_EXEC=”/var/log/apache2/suexec.log”
-D AP_SAFE_PATH=”/usr/local/bin:/usr/bin:/bin”
-D AP_UID_MIN=100
-D AP_USERDIR_SUFFIX=”public_html”
root@server1:~#
Therefore we cannot call the PHP binary (/usr/lib/cgi-bin/php) directly because it is located outside suExec’s document root. As suExec does not allow symlinks, the only way to solve the problem is to create a wrapper script for each web site in a subdirectory of /var/www; the wrapper script will then call the PHP binary /usr/lib/cgi-bin/php. The wrapper script must be owned by the user and group of each web site, therefore we need one wrapper script for each web site. I’m going to create the wrapper scripts in subdirectories of /var/www/php-fcgi-scripts, e.g. /var/www/php-fcgi-scripts/web1 and /var/www/php-fcgi-scripts/web2.
mkdir -p /var/www/php-fcgi-scripts/web1
mkdir -p /var/www/php-fcgi-scripts/web2
vi /var/www/php-fcgi-scripts/web1/php-fcgi-starter
#!/bin/sh PHPRC=/etc/php5/cgi/ export PHPRC export PHP_FCGI_MAX_REQUESTS=5000 export PHP_FCGI_CHILDREN=8 exec /usr/lib/cgi-bin/php |
vi /var/www/php-fcgi-scripts/web2/php-fcgi-starter
#!/bin/sh PHPRC=/etc/php5/cgi/ export PHPRC export PHP_FCGI_MAX_REQUESTS=5000 export PHP_FCGI_CHILDREN=8 exec /usr/lib/cgi-bin/php |
The PHPRC line contains the directory where the php.ini file is located (i.e., /etc/php5/cgi/ translates to /etc/php5/cgi/php.ini). PHP_FCGI_MAX_REQUESTS is the maximum number of requests before an fcgid process is stopped and a new one is launched. PHP_FCGI_CHILDREN defines the number of PHP children that will be launched.
The php-fcgi-starter scripts must be executable, and they (and the directories they are in) must be owned by the web site’s user and group:
chmod 755 /var/www/php-fcgi-scripts/web1/php-fcgi-starter
chmod 755 /var/www/php-fcgi-scripts/web2/php-fcgi-starter
chown -R web1:web1 /var/www/php-fcgi-scripts/web1
chown -R web2:web2 /var/www/php-fcgi-scripts/web2
Now we create the Apache vhosts for www.example1.com and www.example2.com:
vi /etc/apache2/sites-available/web1
<VirtualHost *:80>
ServerName www.example1.com
ServerAlias example1.com
ServerAdmin webmaster@example1.com
DocumentRoot /var/www/web1/web/
<IfModule mod_fcgid.c>
SuexecUserGroup web1 web1
PHP_Fix_Pathinfo_Enable 1
<Directory /var/www/web1/web/>
Options +ExecCGI
AllowOverride All
AddHandler fcgid-script .php
FCGIWrapper /var/www/php-fcgi-scripts/web1/php-fcgi-starter .php
Order allow,deny
Allow from all
</Directory>
</IfModule>
# ErrorLog /var/log/apache2/error.log
# CustomLog /var/log/apache2/access.log combined
ServerSignature Off
</VirtualHost>
|
a2ensite web1
vi /etc/apache2/sites-available/web2
<VirtualHost *:80>
ServerName www.example2.com
ServerAlias example2.com
ServerAdmin webmaster@example2.com
DocumentRoot /var/www/web2/web/
<IfModule mod_fcgid.c>
SuexecUserGroup web2 web2
PHP_Fix_Pathinfo_Enable 1
<Directory /var/www/web2/web/>
Options +ExecCGI
AllowOverride All
AddHandler fcgid-script .php
FCGIWrapper /var/www/php-fcgi-scripts/web2/php-fcgi-starter .php
Order allow,deny
Allow from all
</Directory>
</IfModule>
# ErrorLog /var/log/apache2/error.log
# CustomLog /var/log/apache2/access.log combined
ServerSignature Off
</VirtualHost>
|
a2ensite web2
Make sure you fill in the right paths (and the correct user and group in the SuexecUserGroup line).
Reload Apache afterwards:
/etc/init.d/apache2 reload
826 Vizualizari.Instalare ProFTP cu suport MySQL pe *.deb
Presupunand ca avem deja instalat PHP5 cu suport pentru MySQL (Gasiti tutorialul de instalare pe situl http://auto-scripts.com) putem incepe procedura de instalare a clientului FTP (in acest caz ProFTP) cu suport MySQL.
1. De ce instalam cu suport MySQL?
Deoarece in acest fel putem realiza un numar infinit de conturi FTP virtuale, putem schimba parolele extrem de simplu, putem crea limita de trafic (Trafic Quota) sau limita de spatiu pe disk (Disk Quota), practic nu exista limita de extensibilitate.
2. De ce am nevoie pentru a putea configura ProFTP cu conturi virtuale?
ProFTP-ul implicit (instalat cu comand apt-get install proftpd) nu contine si modulul pentru Virtual FTP, acesta trebuind instalat cu comanda:
apt-get install proftpd-mysql
Sau
apt-get install proftpd-mod-mysql
La instalare ne va aparea o intrebare de genul:
Run proftpd from inetd or standalone?
Selectam standalone .
3. Ok, am instalat programul, si acum?
Dupa instalarea propriu-zisa, urmeaza configurarea ProFTP.
Avem nevoie de un utilizator si un grup pe care va rula daemon-ul ProFTP:
groupadd -g 5500 ftpgroup
useradd -u 5500 -s /bin/false -d /bin/null -c "proftpd user" -g ftpgroup ftpuser
Urmeaza sa cream baza de date ftp cu numele de utilizator proftp si parola PAROLA (Aici modificati dupa bunul plac) unde vor fi stocate numele de utilizatori si parolele:
mysql -u root -p
create database ftp;
GRANT SELECT, INSERT, UPDATE, DELETE ON ftp.* TO 'proftpd'@'localhost' IDENTIFIED BY 'PAROLA';
GRANT SELECT, INSERT, UPDATE, DELETE ON ftp.* TO 'proftpd'@'localhost.localdomain' IDENTIFIED BY 'PAROLA';
FLUSH PRIVILEGES;
Dupa crearea bazei de date, trecem la adaugarea tabelelor in care vor fi stocate informatiile:
USE ftp;
CREATE TABLE ftpgroup (
groupname varchar(16) NOT NULL default '',
gid smallint(6) NOT NULL default '5500',
members varchar(16) NOT NULL default '',
KEY groupname (groupname)
) TYPE=MyISAM COMMENT='ProFTP group table';
CREATE TABLE ftpquotalimits (
name varchar(30) default NULL,
quota_type enum('user','group','class','all') NOT NULL default 'user',
per_session enum('false','true') NOT NULL default 'false',
limit_type enum('soft','hard') NOT NULL default 'soft',
bytes_in_avail int(10) unsigned NOT NULL default '0',
bytes_out_avail int(10) unsigned NOT NULL default '0',
bytes_xfer_avail int(10) unsigned NOT NULL default '0',
files_in_avail int(10) unsigned NOT NULL default '0',
files_out_avail int(10) unsigned NOT NULL default '0',
files_xfer_avail int(10) unsigned NOT NULL default '0'
) TYPE=MyISAM;
CREATE TABLE ftpquotatallies (
name varchar(30) NOT NULL default '',
quota_type enum('user','group','class','all') NOT NULL default 'user',
bytes_in_used int(10) unsigned NOT NULL default '0',
bytes_out_used int(10) unsigned NOT NULL default '0',
bytes_xfer_used int(10) unsigned NOT NULL default '0',
files_in_used int(10) unsigned NOT NULL default '0',
files_out_used int(10) unsigned NOT NULL default '0',
files_xfer_used int(10) unsigned NOT NULL default '0'
) TYPE=MyISAM;
CREATE TABLE ftpuser (
id int(10) unsigned NOT NULL auto_increment,
userid varchar(32) NOT NULL default '',
passwd varchar(32) NOT NULL default '',
uid smallint(6) NOT NULL default '5500',
gid smallint(6) NOT NULL default '5500',
homedir varchar(255) NOT NULL default '',
shell varchar(16) NOT NULL default '/sbin/nologin',
count int(11) NOT NULL default '0',
accessed datetime NOT NULL default '0000-00-00 00:00:00',
modified datetime NOT NULL default '0000-00-00 00:00:00',
PRIMARY KEY (id),
UNIQUE KEY userid (userid)
) TYPE=MyISAM COMMENT='ProFTP user table';
quit;
Dupa crearea bazei de date urmeaza sa configuram ProFTP sa foloseasca aceasta baza de date:
DefaultRoot ~
# The passwords in MySQL are encrypted using CRYPT
SQLAuthTypes Plaintext Crypt
SQLAuthenticate users* groups*
# used to connect to the database
# databasename@host database_user user_password
SQLConnectInfo ftp@localhost proftpd PAROLA
# Here we tell ProFTPd the names of the database columns in the "usertable"
# we want it to interact with. Match the names with those in the db
SQLUserInfo ftpuser userid passwd uid gid homedir shell
# Here we tell ProFTPd the names of the database columns in the "grouptable"
# we want it to interact with. Again the names match with those in the db
SQLGroupInfo ftpgroup groupname gid members
# set min UID and GID - otherwise these are 999 each
SQLMinID 500
# create a user's home directory on demand if it doesn't exist
SQLHomedirOnDemand on
# Update count every time user logs in
SQLLog PASS updatecount
SQLNamedQuery updatecount UPDATE "count=count+1, accessed=now() WHERE userid='%u'" ftpuser
# Update modified everytime user uploads or deletes a file
SQLLog STOR,DELE modified
SQLNamedQuery modified UPDATE "modified=now() WHERE userid='%u'" ftpuser
# User quotas
# ===========
QuotaEngine on
QuotaDirectoryTally on
QuotaDisplayUnits Mb
QuotaShowQuotas on
SQLNamedQuery get-quota-limit SELECT "name, quota_type, per_session, limit_type, bytes_in_avail, bytes_out_avail, bytes_xfer_avail, files_in_avail, files_out_avail, files_xfer_avail FROM ftpquotalimits WHERE name = '%{0}' AND quota_type = '%{1}'"
SQLNamedQuery get-quota-tally SELECT "name, quota_type, bytes_in_used, bytes_out_used, bytes_xfer_used, files_in_used, files_out_used, files_xfer_used FROM ftpquotatallies WHERE name = '%{0}' AND quota_type = '%{1}'"
SQLNamedQuery update-quota-tally UPDATE "bytes_in_used = bytes_in_used + %{0}, bytes_out_used = bytes_out_used + %{1}, bytes_xfer_used = bytes_xfer_used + %{2}, files_in_used = files_in_used + %{3}, files_out_used = files_out_used + %{4}, files_xfer_used = files_xfer_used + %{5} WHERE name = '%{6}' AND quota_type = '%{7}'" ftpquotatallies
SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4}, %{5}, %{6}, %{7}" ftpquotatallies
QuotaLimitTable sql:/get-quota-limit
QuotaTallyTable sql:/get-quota-tally/update-quota-tally/insert-quota-tally
RootLogin off
RequireValidShell off
Nu uitati sa inlocuiti PAROLA cu adevarata parola.
Daca doriti sa se primeasca un banner de forma:
Folosesti 20MB din 100MB. Ai 80MB spatiu disponibil
adaugati la sfarsitul fisierului /etc/proftpd.conf
SQLNamedQuery gettally SELECT "ROUND((bytes_in_used/1048576),2) FROM ftpquotatallies WHERE name='%u'"
SQLNamedQuery getlimit SELECT "ROUND((bytes_in_avail/1048576),2) FROM ftpquotalimits WHERE name='%u'"
SQLNamedQuery getfree SELECT "ROUND(((ftpquotalimits.bytes_in_avail-ftpquotatallies.bytes_in_used)/1048576),2) FROM ftpquotalimits,ftpquotatallies WHERE ftpquotalimits.name = '%u' AND ftpquotatallies.name = '%u'"
SQLShowInfo LIST "226" "Folosesti %{gettally}MB din %{getlimit}MB. Ai %{getfree}MB spatiu disponibil."
504 Vizualizari.Cum sa repari/citesti un CD sau DVD zgariat sau ars
Battlefield: Bad Company 2, superior pe PC
Battlefield Bad Company 2
Intr-o era in care jocurile pe PC au inceput sa devina niste simple portari ale versiunilor de consola (de multe ori neadaptate asa cum ar trebui posibilitatilor oferite de un computer), Battlefield: Bad Company 2 pare a fi o exceptie de la aceasta nefericita regula.
Din trailerul de mai jos puteti afla ce avantaje va prezenta versiunea de PC a lui Battlefield: Bad Company 2 in fata rivalelor sale de pe console. Jocul este produs de DiCE si va fi publicat de Electronic Arts la inceputul lunii martie.
908 Vizualizari.Download si instalare Windows 7 in limba romana
Pentru instalare:
1. Deschideti control panel si faceti click pe Change Display Challenge sub Clock, Language, and Region Box. Daca folositi Classic View, selectati Regional and Language Options.
2. Mergeti la “Keyboards and Languages” tab si faceti click pe Install/Uninstall Languages
Navigati unde aveti salvat, si deschideti-l.
Acum pachetul trebuie sa va apare ca aici si apasati pe apply.(eu am folosit limba chineza.):
2557 Vizualizari.
Categorii
Ultimele Articole
- Instalare Container VPS-uri pe CentOS 5.4
- Installing PHP 5.3, Nginx And PHP-fpm On Ubuntu/Debian
- VBoxHeadless – Running Virtual Machines With VirtualBox 3.1.x On A Headless Debian Lenny Server
- Server Monitoring With munin And monit On Debian Lenny
- How To Install Z-Push On An ISPConfig 3 Server (Debian Lenny)