This guide explains how you can install and use KVM for creating and running virtual machines on a CentOS 5.2 server. I will show how to create image-based virtual machines and also virtual machines that use a logical volume (LVM). KVM is short for Kernel-based Virtual Machine and makes use of hardware virtualization, i.e., you need a CPU that supports hardware virtualization, e.g. Intel VT or AMD-V.
I do not issue any guarantee that this will work for you!
1 Preliminary Note
I'm using a CentOS 5.2 server with the hostname server1.example.com and the IP address 192.168.0.100 here as my KVM host.
We also need a desktop system where we install virt-manager so that we can connect to the graphical console of the virtual machines that we install. I'm using an Ubuntu 8.10 desktop here.
2 Installing KVM
CentOS 5.2 KVM Host:
Run
system-config-securitylevel
and set SELinux to Permissive (virt-install will not work if you set SELinux to Disabled).
Then check if your CPU supports hardware virtualization - if this is the case, the command
egrep '(vmx|svm)' --color=always /proc/cpuinfo
should display something, e.g. like this:
[root@server1 ~]# egrep '(vmx|svm)' --color=always /proc/cpuinfo
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall
nx mmxext fxsr_opt rdtscp lm 3dnowext 3dnow pni cx16 lahf_lm cmp_legacy svm extapic cr8_legacy misalignsse
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall
nx mmxext fxsr_opt rdtscp lm 3dnowext 3dnow pni cx16 lahf_lm cmp_legacy svm extapic cr8_legacy misalignsse
[root@server1 ~]#
If nothing is displayed, then your processor doesn't support hardware virtualization, and you must stop here.
Now we import the GPG keys for software packages:
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY*
To install KVM and virtinst (a tool to create virtual machines), we run
yum install kvm kmod-kvm qemu libvirt python-virtinst
Then reboot the system:
reboot
After the reboot, the KVM kernel module should be loaded:
lsmod | grep kvm
[root@server1 ~]# lsmod | grep kvm
kvm_amd 50452 0
kvm 109264 1 kvm_amd
[root@server1 ~]#
(This output is from a system with an AMD-V processor. If your system uses an Intel VT CPU, it should display something like kvm_intel.)
To check if KVM has successfully been installed, run
virsh -c qemu:///system list
It should display something like this:
[root@server1 ~]# virsh -c qemu:///system list
Id Name State
----------------------------------
[root@server1 ~]#
If it displays an error instead, then something went wrong.
Next we need to set up a network bridge on our server so that our virtual machines can be accessed from other hosts as if they were physical systems in the network.
To do this, we install the package bridge-utils...
yum install bridge-utils
... and configure a bridge. Create the file /etc/sysconfig/network-scripts/ifcfg-br0 (please use the BOOTPROTO, BROADCAST, IPADDR, NETMASK and NETWORK values from the /etc/sysconfig/network-scripts/ifcfg-eth0 file):
vi /etc/sysconfig/network-scripts/ifcfg-br0
DEVICE=br0
TYPE=Bridge
BOOTPROTO=static
BROADCAST=192.168.0.255
IPADDR=192.168.0.100
NETMASK=255.255.255.0
NETWORK=192.168.0.0
ONBOOT=yes
Modify /etc/sysconfig/network-scripts/ifcfg-eth0 as follows (comment out BOOTPROTO, BROADCAST, IPADDR, NETMASK, and NETWORK and add BRIDGE=br0):
vi /etc/sysconfig/network-scripts/ifcfg-eth0
# Realtek Semiconductor Co., Ltd. RTL-8139/8139C/8139C+
DEVICE=eth0
#BOOTPROTO=static
#BROADCAST=192.168.0.255
HWADDR=00:10:A7:05:AF:EB
#IPADDR=192.168.0.100
#NETMASK=255.255.255.0
#NETWORK=192.168.0.0
ONBOOT=yes
BRIDGE=br0
Restart the network...
/etc/init.d/network restart
... and run
ifconfig
It should now show the network bridge (br0):
[root@server1 ~]# ifconfig
br0 Link encap:Ethernet HWaddr 00:10:A7:05:AF:EB
inet addr:192.168.0.100 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe80::210:a7ff:fe05:afeb/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:17 errors:0 dropped:0 overruns:0 frame:0
TX packets:53 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1160 (1.1 KiB) TX bytes:14875 (14.5 KiB)
eth0 Link encap:Ethernet HWaddr 00:10:A7:05:AF:EB
inet6 addr: fe80::210:a7ff:fe05:afeb/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:13662 errors:7 dropped:160 overruns:4 frame:0
TX packets:11646 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:15144608 (14.4 MiB) TX bytes:1379942 (1.3 MiB)
Interrupt:74 Base address:0xcc00
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:38 errors:0 dropped:0 overruns:0 frame:0
TX packets:38 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:4308 (4.2 KiB) TX bytes:4308 (4.2 KiB)
virbr0 Link encap:Ethernet HWaddr 00:00:00:00:00:00
inet addr:192.168.122.1 Bcast:192.168.122.255 Mask:255.255.255.0
inet6 addr: fe80::200:ff:fe00:0/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:35 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:9987 (9.7 KiB)
[root@server1 ~]#
3 Installing virt-viewer Or virt-manager On Your Ubuntu 8.10 Desktop
Ubuntu 8.10 Desktop:
We need a means of connecting to the graphical console of our guests - we can use virt-manager (see KVM Guest Management With Virt-Manager On Ubuntu 8.10) for this. I'm assuming that you're using an Ubuntu 8.10 desktop.
Run
sudo aptitude install virt-manager
to install virt-manager.
(If you're using a Fedora 10 desktop, you can install virt-manager as follows:
Become root...
su
... and run
yum install virt-manager
)
Monday, May 31, 2010
Managing OpenVZ With The Vtonf Control Panel On CentOS 5.2
Vtonf is a free web-based control panel (released under the GPL license) for managing virtual private servers (VPS) based on OpenVZ. It makes it very easy to create and manage OpenVZ VMs even for people with little technical knowledge. Right now, Vtonf is available only for RedHat, Fedora, and CentOS (support for Debian is planned), therefore I describe its installation and usage on a CentOS 5.2 server.
I do not issue any guarantee that this will work for you!
1 Preliminary Note
Make sure that you have OpenVZ set up on your CentOS 5.2 server, for example as shown in this tutorial: Installing And Using OpenVZ On CentOS 5.2
I've tried this on an i386 system; I don't know if Vtonf works on x86_64 systems as well - the INSTALL file that comes with Vtonf says no, but the Vtonf wiki doesn't mention anything like this...
2 Installing Vtonf
Before we install Vtonf, we must install some prerequisites:
yum install vzpkg expect
Then go to http://www.vtonf.com/downloads.html and download and install the latest Vtonf package, e.g. as follows:
cd /tmp
wget http://mesh.dl.sourceforge.net/sourceforge/vtonf/vtonfinstaller.1.0-beta1.tar.gz
tar xvfz vtonfinstaller.1.0-beta1.tar.gz
cd vtonfinstaller.1.0-beta1
./install
You will be asked a few questions:
Do you wish to start the installation procedure (y/n)? : <-- y
Select Yes to continue:
Click to enlarge
Accept the Vtonf license:
Click to enlarge
Click here to find out more!
Afterwards Vtonf is being installed:
Click to enlarge
Click to enlarge
Type in a user name...
Click to enlarge
... and a password that you want to use to log into the Vtonf control panel:
Click to enlarge
Afterwards, the Vtonf installation finishes like this:
Vtonf control panel installation completed. Please login to the control panel from the following information
http://192.168.0.100:8001/
Login Name : admin
Password : howtoforge
Visit our forum : http://www.vtonf.com/forum/index.php
Get support : http://www.vtonf.com/support.html
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
As you see, the installer tells you the URL where you can find the Vtonf control panel (http://192.168.0.100:8001/ in my case).
I do not issue any guarantee that this will work for you!
1 Preliminary Note
Make sure that you have OpenVZ set up on your CentOS 5.2 server, for example as shown in this tutorial: Installing And Using OpenVZ On CentOS 5.2
I've tried this on an i386 system; I don't know if Vtonf works on x86_64 systems as well - the INSTALL file that comes with Vtonf says no, but the Vtonf wiki doesn't mention anything like this...
2 Installing Vtonf
Before we install Vtonf, we must install some prerequisites:
yum install vzpkg expect
Then go to http://www.vtonf.com/downloads.html and download and install the latest Vtonf package, e.g. as follows:
cd /tmp
wget http://mesh.dl.sourceforge.net/sourceforge/vtonf/vtonfinstaller.1.0-beta1.tar.gz
tar xvfz vtonfinstaller.1.0-beta1.tar.gz
cd vtonfinstaller.1.0-beta1
./install
You will be asked a few questions:
Do you wish to start the installation procedure (y/n)? : <-- y
Select Yes to continue:
Click to enlarge
Accept the Vtonf license:
Click to enlarge
Click here to find out more!
Afterwards Vtonf is being installed:
Click to enlarge
Click to enlarge
Type in a user name...
Click to enlarge
... and a password that you want to use to log into the Vtonf control panel:
Click to enlarge
Afterwards, the Vtonf installation finishes like this:
Vtonf control panel installation completed. Please login to the control panel from the following information
http://192.168.0.100:8001/
Login Name : admin
Password : howtoforge
Visit our forum : http://www.vtonf.com/forum/index.php
Get support : http://www.vtonf.com/support.html
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
As you see, the installer tells you the URL where you can find the Vtonf control panel (http://192.168.0.100:8001/ in my case).
Server Monitoring With munin And monit On CentOS 5.2
In this article I will describe how you can monitor your CentOS 5.2 server with munin and monit. munin produces nifty little graphics about nearly every aspect of your server (load average, memory usage, CPU usage, MySQL throughput, eth0 traffic, etc.) without much configuration, whereas monit checks the availability of services like Apache, MySQL, Postfix and takes the appropriate action such as a restart if it finds a service is not behaving as expected. The combination of the two gives you full monitoring: graphics that lets you recognize current or upcoming problems (like "We need a bigger server soon, our load average is increasing rapidly."), and a watchdog that ensures the availability of the monitored services.
Although munin lets you monitor more than one server, we will only discuss the monitoring of the system where it is installed here.
This tutorial was written for CentOS 5.2, but the configuration should apply to other distributions with little changes as well.
I want to say first that this is not the only way of setting up such a system. There are many ways of achieving this goal but this is the way I take. I do not issue any guarantee that this will work for you!
1 Preliminary Note
Our system's hostname is server1.example.com, and we have a web site www.example.com on it with the document root /var/www/www.example.com/web.
2 Enable The RPMforge Repository
On CentOS 5.2, munin and monit are not available in the default CentOS repositories. Fortunately we can install them from the RPMforge repository. To enable the RPMforge repository, we run
wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.3.6-1.el5.rf.i386.rpm
rpm -Uvh rpmforge-release-0.3.6-1.el5.rf.i386.rpm
rm -f rpmforge-release-0.3.6-1.el5.rf.i386.rpm
on i386 hosts and
wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.3.6-1.el5.rf.x86_64.rpm
rpm -Uvh rpmforge-release-0.3.6-1.el5.rf.x86_64.rpm
rm -f rpmforge-release-0.3.6-1.el5.rf.x86_64.rpm
on x86_64 hosts (please check out https://rpmrepo.org/RPMforge/Using for the latest versions).
3 Install And Configure munin
To install munin on CentOS 5.2, we do this:
yum install munin munin-node
Then we create the system startup links for munin and start it:
chkconfig --levels 235 munin-node on
/etc/init.d/munin-node start
Next, we must edit the munin configuration file /etc/munin/munin.conf. We want munin to put its output into the directory /var/www/www.example.com/web/monitoring, therefore we change the value of htmldir, and we want it to use the name server1.example.com instead of localhost.localdomain in the HTML output, therefore we replace localhost.localdomain with server1.example.com. Without the comments, the changed file looks like this:
vi /etc/munin/munin.conf
[...]
dbdir /var/lib/munin
htmldir /var/www/www.example.com/web/monitoring
logdir /var/log/munin
rundir /var/run/munin
# Where to look for the HTML templates
tmpldir /etc/munin/templates
[...]
# a simple host tree
[server1.example.com]
address 127.0.0.1
use_node_name yes
[...]
Next we create the directory /var/www/www.example.com/web/monitoring and change its ownership to the user and group munin, otherwise munin cannot place its output in that directory. Then we restart munin:
mkdir -p /var/www/www.example.com/web/monitoring
chown munin:munin /var/www/www.example.com/web/monitoring
/etc/init.d/munin-node restart
Now wait a few minutes so that munin can produce its first output, and then go to http://www.example.com/monitoring/ in your browser, and you see the first statistics. After a few days this could look like this:
(This is just a small excerpt of the many graphics that munin produces...)
4 Password-Protect The munin Output Directory (Optional)
Now it is a good idea to password-protect the directory /var/www/www.example.com/web/monitoring unless you want everybody to be able to see every little statistic about your server.
To do this, we create an .htaccess file in /var/www/www.example.com/web/monitoring:
vi /var/www/www.example.com/web/monitoring/.htaccess
AuthType Basic
AuthName "Members Only"
AuthUserFile /var/www/www.example.com/.htpasswd
require valid-user
Then we must create the password file /var/www/www.example.com/.htpasswd. We want to log in with the username admin, so we do this:
htpasswd -c /var/www/www.example.com/.htpasswd admin
Enter a password for admin, and you're done!
Although munin lets you monitor more than one server, we will only discuss the monitoring of the system where it is installed here.
This tutorial was written for CentOS 5.2, but the configuration should apply to other distributions with little changes as well.
I want to say first that this is not the only way of setting up such a system. There are many ways of achieving this goal but this is the way I take. I do not issue any guarantee that this will work for you!
1 Preliminary Note
Our system's hostname is server1.example.com, and we have a web site www.example.com on it with the document root /var/www/www.example.com/web.
2 Enable The RPMforge Repository
On CentOS 5.2, munin and monit are not available in the default CentOS repositories. Fortunately we can install them from the RPMforge repository. To enable the RPMforge repository, we run
wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.3.6-1.el5.rf.i386.rpm
rpm -Uvh rpmforge-release-0.3.6-1.el5.rf.i386.rpm
rm -f rpmforge-release-0.3.6-1.el5.rf.i386.rpm
on i386 hosts and
wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.3.6-1.el5.rf.x86_64.rpm
rpm -Uvh rpmforge-release-0.3.6-1.el5.rf.x86_64.rpm
rm -f rpmforge-release-0.3.6-1.el5.rf.x86_64.rpm
on x86_64 hosts (please check out https://rpmrepo.org/RPMforge/Using for the latest versions).
3 Install And Configure munin
To install munin on CentOS 5.2, we do this:
yum install munin munin-node
Then we create the system startup links for munin and start it:
chkconfig --levels 235 munin-node on
/etc/init.d/munin-node start
Next, we must edit the munin configuration file /etc/munin/munin.conf. We want munin to put its output into the directory /var/www/www.example.com/web/monitoring, therefore we change the value of htmldir, and we want it to use the name server1.example.com instead of localhost.localdomain in the HTML output, therefore we replace localhost.localdomain with server1.example.com. Without the comments, the changed file looks like this:
vi /etc/munin/munin.conf
[...]
dbdir /var/lib/munin
htmldir /var/www/www.example.com/web/monitoring
logdir /var/log/munin
rundir /var/run/munin
# Where to look for the HTML templates
tmpldir /etc/munin/templates
[...]
# a simple host tree
[server1.example.com]
address 127.0.0.1
use_node_name yes
[...]
Next we create the directory /var/www/www.example.com/web/monitoring and change its ownership to the user and group munin, otherwise munin cannot place its output in that directory. Then we restart munin:
mkdir -p /var/www/www.example.com/web/monitoring
chown munin:munin /var/www/www.example.com/web/monitoring
/etc/init.d/munin-node restart
Now wait a few minutes so that munin can produce its first output, and then go to http://www.example.com/monitoring/ in your browser, and you see the first statistics. After a few days this could look like this:
(This is just a small excerpt of the many graphics that munin produces...)
4 Password-Protect The munin Output Directory (Optional)
Now it is a good idea to password-protect the directory /var/www/www.example.com/web/monitoring unless you want everybody to be able to see every little statistic about your server.
To do this, we create an .htaccess file in /var/www/www.example.com/web/monitoring:
vi /var/www/www.example.com/web/monitoring/.htaccess
AuthType Basic
AuthName "Members Only"
AuthUserFile /var/www/www.example.com/.htpasswd
require valid-user
Then we must create the password file /var/www/www.example.com/.htpasswd. We want to log in with the username admin, so we do this:
htpasswd -c /var/www/www.example.com/.htpasswd admin
Enter a password for admin, and you're done!
How To Create A FreeRADIUS 2.1.1-6 RPM Package On CentOS 5.2
This is just a short tutorial showing how to create an RPM version of FreeRADIUS 2.1.1-6 on CentOS 5.2. This version of FreeRADIUS is not yet included in the CentOS 5 repositories.
http://koji.fedoraproject.org/packages/freeradius/2.1.1/6.fc10/src/freeradius-2.1.1-6.fc10.src.rpm
Now install the srpm software:
beecrypt-devel, sqlite-devel, unixODBC, unixODBC-devel, python-devel, pam-devel, elfutils-libelf-devel, elfutils-libelf-devel-static, rpm-devel, elfutils-devel, elfutils-devel-static, net-snmp-devel, mysql, cyrus-sasl-devel, mysql-devel, openldap-devel, gdbm-devel, libtool-ltdl-devel, postgresql, postgresql-devel
Go to the i386 directory:
Getting FreeRADIUS 2.1.1-6 SRPM from Koji
Download the SRPM version from here:http://koji.fedoraproject.org/packages/freeradius/2.1.1/6.fc10/src/freeradius-2.1.1-6.fc10.src.rpm
Now install the srpm software:
rpm -Uvh freeradius-2.1.1-6.fc10.src.rpm
cd /usr/src/redhat/RPMS/SPECS
rpmbuild -bb freeradius.spec
Make Sure You Have the following dependencies installed:beecrypt-devel, sqlite-devel, unixODBC, unixODBC-devel, python-devel, pam-devel, elfutils-libelf-devel, elfutils-libelf-devel-static, rpm-devel, elfutils-devel, elfutils-devel-static, net-snmp-devel, mysql, cyrus-sasl-devel, mysql-devel, openldap-devel, gdbm-devel, libtool-ltdl-devel, postgresql, postgresql-devel
Go to the i386 directory:
cd /usr/src/redhat/RPMS/i386
Installing the binary packages
rpm -Uvh freeradius-libs-2.1.1-6.i386.rpm
rpm -Uvh freeradius-2.1.1-6.i386.rpm
rpm -Uvh freeradius-utils-2.1.1-6.i386.rpm
rpm -Uvh freeradius-mysql-2.1.1-6.i386.rpm
Enjoy your FreeRADIUS 2.1.1-6 installation.
ZRM 2.1: Backing Up MySQL Partitioned Tables
MySQL 5.1 is generally available for production use. One of the key features of MySQL 5.1 is partitioning. Table partitioning can help in improving performance and usability. Tables can be partitioned based on range (column values in a given range), list (column values matching a set of values), hash (user defined hash based on column values) or key (predefined hash function based on column values). Each partition can have different data directory.
Zmanda Recovery Manager for MySQL (ZRM) 2.1 release supports MySQL 5.1GA release. ZRM provides efficient backup and recovery of MySQL database. It can perform logical, raw as well as snapshot based backups. ZRM 2.1 supports storage snapshots (LVM and Solaris ZFS) as backup images and can be converted into regular backup image later.
This how to shows how to install and configure ZRM 2.1 to perform backup and recovery of MySQL partitioned tables.
This example uses MySQL 5.1.30 running on CentOS 4. The MySQL server has a myisamnetflix database that contains the MovieRatings partitioned table.
* Install MySQL 5.1.30 on the server. Download server and client images from the MySQL downloads site. The following rpms should be downloaded and installed:
MySQL-client-community-5.1.30-0.rhel4
MySQL-server-community-5.1.30-0.rhel4
* Follow the instructions to create default MySQL database and run MySQL server.
* Check to see if the MySQL partitioning is enabled
mysql> SHOW VARIABLES LIKE '%partition%';
+-------------------+-------+
| Variable_name | Value |
+-------------------+-------+
| have_partitioning | YES |
+-------------------+-------+
1 row in set (0.00 sec)
* Create the table with key partitioning on MovieID column and populate the table with data.
mysql> CREATE TABLE `MovieRatings` (
`MovieID` int(6) NOT NULL,
`CustomerID` varchar(10) NOT NULL,
`Rating` int(1) DEFAULT NULL,
`Date` date NOT NULL
) ENGINE=MyISAM PARTITION BY KEY (MovieID) PARTITIONS 3;
* Download ZRM 2.1 rpm from the Zmanda downloads page.
* Create mysql-zrm.conf in the /etc/mysql-zrm/partition-test directory. partition-test is the backup set name.
host="localhost"
databases="myisamnetflix"
password="boot12"
user="root"
compress=1
backup-mode=logical
* Run a full backup of the backup set partition-set as mysql user. All ZRM operations should be performed as mysql user:
$ mysql-zrm-scheduler --now --backup-set partition-test --backup-level 0
schedule:INFO: ZRM for MySQL Community Edition - version 2.1
Logging to /var/log/mysql-zrm/mysql-zrm-scheduler.log
backup:INFO: ZRM for MySQL Community Edition - version 2.1
partition-test:backup:INFO: START OF BACKUP
partition-test:backup:INFO: PHASE START: Initialization
partition-test:backup:WARNING: Binary logging is off.
partition-test:backup:INFO: backup-set=partition-test
partition-test:backup:INFO: backup-date=20081125181119
partition-test:backup:INFO: mysql-server-os=Linux/Unix
partition-test:backup:INFO: backup-type=regular
partition-test:backup:INFO: host=localhost
partition-test:backup:INFO: backup-date-epoch=1227665479
partition-test:backup:INFO: mysql-zrm-version=ZRM for MySQL Community Edition - version 2.1
partition-test:backup:INFO: mysql-version=5.1.30-community
partition-test:backup:INFO: backup-directory=/var/lib/mysql-zrm/partition-test/20081125181119
partition-test:backup:INFO: backup-level=0
partition-test:backup:INFO: backup-mode=logical
partition-test:backup:INFO: PHASE END: Initialization
partition-test:backup:INFO: PHASE START: Running pre backup plugin
partition-test:backup:INFO: PHASE END: Running pre backup plugin
partition-test:backup:INFO: PHASE START: Flushing logs
partition-test:backup:INFO: PHASE END: Flushing logs
partition-test:backup:INFO: PHASE START: Creating logical backup
partition-test:backup:INFO: logical-databases=myisamnetflix
partition-test:backup:INFO: PHASE END: Creating logical backup
partition-test:backup:INFO: PHASE START: Calculating backup size & checksums
partition-test:backup:INFO: backup-size=160.44 MB
partition-test:backup:INFO: PHASE END: Calculating backup size & checksums
partition-test:backup:INFO: PHASE START: Compression/Encryption
partition-test:backup:INFO: compress=
partition-test:backup:INFO: backup-size-compressed=36.04 MB
partition-test:backup:INFO: PHASE END: Compression/Encryption
partition-test:backup:INFO: read-locks-time=00:01:27
partition-test:backup:INFO: flush-logs-time=00:00:00
partition-test:backup:INFO: compress-encrypt-time=01:23:07
partition-test:backup:INFO: backup-time=00:02:17
partition-test:backup:INFO: backup-status=Backup succeeded
partition-test:backup:INFO: Backup succeeded
partition-test:backup:INFO: PHASE START: Running post backup plugin
partition-test:backup:INFO: PHASE END: Running post backup plugin
partition-test:backup:INFO: PHASE START: Mailing backup report
partition-test:backup:INFO: PHASE END: Mailing backup report
partition-test:backup:INFO: PHASE START: Cleanup
partition-test:backup:INFO: PHASE END: Cleanup
partition-test:backup:INFO: END OF BACKUP
/usr/bin/mysql-zrm started successfully
Click here to find out more!
* Use ZRM reporter to look at the status of the backups.
$ /usr/bin/mysql-zrm-reporter --where backup-set=partition-test --show backup-status-info
REPORT TYPE : backup-status-info
backup_set backup_date backup_level backup_status backup_type comment
-----------------------------------------------------------------------------------------------------------------------------
partition-test Tue 25 Nov 2008 06:11:19 0 Backup succeeded regular ----
PM PST
* Delete a few rows from the MovieID database to test the recovery from the backup image.
mysql> delete from MovieID where MovieTitle regexp 'Sherlock Holmes*';
Query OK, 28 rows affected (0.15 sec)
* Run a report to identify the backup image to be restored and restore from the backup image.
$ /usr/bin/mysql-zrm-reporter --where backup-set=partition-test --show restore-info
REPORT TYPE : restore-info
backup_set backup_date backup_level backup_directory backup_status comment
-----------------------------------------------------------------------------------------------------------------------------------------------------
partition-test Tue 25 Nov 2008 06:11:19 0 /var/lib/mysql-zrm/partition-test/200811 Backup succeeded ----
PM PST 25181119
$ /usr/bin/mysql-zrm-restore --user=root --password=boot12 --source-directory=/var/lib/mysql-zrm/partition-test/20081125181119/
restore:INFO: ZRM for MySQL Community Edition - version 2.1
BackupSet1:restore:WARNING: Binary logging is off.
BackupSet1:restore:INFO: Restored database(s) from logical backup: myisamnetflix
BackupSet1:restore:INFO: Restore done in 163 seconds.
* Check to see if the deleted rows in the MovieID table have been restored.
mysql> select count(*) from MovieID where MovieTitle regexp 'Sherlock Holmes*';
28 rows in set (0.23 sec)
Zmanda Recovery Manager for MySQL (ZRM) 2.1 release supports MySQL 5.1GA release. ZRM provides efficient backup and recovery of MySQL database. It can perform logical, raw as well as snapshot based backups. ZRM 2.1 supports storage snapshots (LVM and Solaris ZFS) as backup images and can be converted into regular backup image later.
This how to shows how to install and configure ZRM 2.1 to perform backup and recovery of MySQL partitioned tables.
This example uses MySQL 5.1.30 running on CentOS 4. The MySQL server has a myisamnetflix database that contains the MovieRatings partitioned table.
* Install MySQL 5.1.30 on the server. Download server and client images from the MySQL downloads site. The following rpms should be downloaded and installed:
MySQL-client-community-5.1.30-0.rhel4
MySQL-server-community-5.1.30-0.rhel4
* Follow the instructions to create default MySQL database and run MySQL server.
* Check to see if the MySQL partitioning is enabled
mysql> SHOW VARIABLES LIKE '%partition%';
+-------------------+-------+
| Variable_name | Value |
+-------------------+-------+
| have_partitioning | YES |
+-------------------+-------+
1 row in set (0.00 sec)
* Create the table with key partitioning on MovieID column and populate the table with data.
mysql> CREATE TABLE `MovieRatings` (
`MovieID` int(6) NOT NULL,
`CustomerID` varchar(10) NOT NULL,
`Rating` int(1) DEFAULT NULL,
`Date` date NOT NULL
) ENGINE=MyISAM PARTITION BY KEY (MovieID) PARTITIONS 3;
* Download ZRM 2.1 rpm from the Zmanda downloads page.
* Create mysql-zrm.conf in the /etc/mysql-zrm/partition-test directory. partition-test is the backup set name.
host="localhost"
databases="myisamnetflix"
password="boot12"
user="root"
compress=1
backup-mode=logical
* Run a full backup of the backup set partition-set as mysql user. All ZRM operations should be performed as mysql user:
$ mysql-zrm-scheduler --now --backup-set partition-test --backup-level 0
schedule:INFO: ZRM for MySQL Community Edition - version 2.1
Logging to /var/log/mysql-zrm/mysql-zrm-scheduler.log
backup:INFO: ZRM for MySQL Community Edition - version 2.1
partition-test:backup:INFO: START OF BACKUP
partition-test:backup:INFO: PHASE START: Initialization
partition-test:backup:WARNING: Binary logging is off.
partition-test:backup:INFO: backup-set=partition-test
partition-test:backup:INFO: backup-date=20081125181119
partition-test:backup:INFO: mysql-server-os=Linux/Unix
partition-test:backup:INFO: backup-type=regular
partition-test:backup:INFO: host=localhost
partition-test:backup:INFO: backup-date-epoch=1227665479
partition-test:backup:INFO: mysql-zrm-version=ZRM for MySQL Community Edition - version 2.1
partition-test:backup:INFO: mysql-version=5.1.30-community
partition-test:backup:INFO: backup-directory=/var/lib/mysql-zrm/partition-test/20081125181119
partition-test:backup:INFO: backup-level=0
partition-test:backup:INFO: backup-mode=logical
partition-test:backup:INFO: PHASE END: Initialization
partition-test:backup:INFO: PHASE START: Running pre backup plugin
partition-test:backup:INFO: PHASE END: Running pre backup plugin
partition-test:backup:INFO: PHASE START: Flushing logs
partition-test:backup:INFO: PHASE END: Flushing logs
partition-test:backup:INFO: PHASE START: Creating logical backup
partition-test:backup:INFO: logical-databases=myisamnetflix
partition-test:backup:INFO: PHASE END: Creating logical backup
partition-test:backup:INFO: PHASE START: Calculating backup size & checksums
partition-test:backup:INFO: backup-size=160.44 MB
partition-test:backup:INFO: PHASE END: Calculating backup size & checksums
partition-test:backup:INFO: PHASE START: Compression/Encryption
partition-test:backup:INFO: compress=
partition-test:backup:INFO: backup-size-compressed=36.04 MB
partition-test:backup:INFO: PHASE END: Compression/Encryption
partition-test:backup:INFO: read-locks-time=00:01:27
partition-test:backup:INFO: flush-logs-time=00:00:00
partition-test:backup:INFO: compress-encrypt-time=01:23:07
partition-test:backup:INFO: backup-time=00:02:17
partition-test:backup:INFO: backup-status=Backup succeeded
partition-test:backup:INFO: Backup succeeded
partition-test:backup:INFO: PHASE START: Running post backup plugin
partition-test:backup:INFO: PHASE END: Running post backup plugin
partition-test:backup:INFO: PHASE START: Mailing backup report
partition-test:backup:INFO: PHASE END: Mailing backup report
partition-test:backup:INFO: PHASE START: Cleanup
partition-test:backup:INFO: PHASE END: Cleanup
partition-test:backup:INFO: END OF BACKUP
/usr/bin/mysql-zrm started successfully
Click here to find out more!
* Use ZRM reporter to look at the status of the backups.
$ /usr/bin/mysql-zrm-reporter --where backup-set=partition-test --show backup-status-info
REPORT TYPE : backup-status-info
backup_set backup_date backup_level backup_status backup_type comment
-----------------------------------------------------------------------------------------------------------------------------
partition-test Tue 25 Nov 2008 06:11:19 0 Backup succeeded regular ----
PM PST
* Delete a few rows from the MovieID database to test the recovery from the backup image.
mysql> delete from MovieID where MovieTitle regexp 'Sherlock Holmes*';
Query OK, 28 rows affected (0.15 sec)
* Run a report to identify the backup image to be restored and restore from the backup image.
$ /usr/bin/mysql-zrm-reporter --where backup-set=partition-test --show restore-info
REPORT TYPE : restore-info
backup_set backup_date backup_level backup_directory backup_status comment
-----------------------------------------------------------------------------------------------------------------------------------------------------
partition-test Tue 25 Nov 2008 06:11:19 0 /var/lib/mysql-zrm/partition-test/200811 Backup succeeded ----
PM PST 25181119
$ /usr/bin/mysql-zrm-restore --user=root --password=boot12 --source-directory=/var/lib/mysql-zrm/partition-test/20081125181119/
restore:INFO: ZRM for MySQL Community Edition - version 2.1
BackupSet1:restore:WARNING: Binary logging is off.
BackupSet1:restore:INFO: Restored database(s) from logical backup: myisamnetflix
BackupSet1:restore:INFO: Restore done in 163 seconds.
* Check to see if the deleted rows in the MovieID table have been restored.
mysql> select count(*) from MovieID where MovieTitle regexp 'Sherlock Holmes*';
28 rows in set (0.23 sec)
Installing PowerDNS (With MySQL Backend) And Poweradmin On CentOS 5.2
This article shows how you can install the PowerDNS nameserver (with MySQL backend) and the Poweradmin control panel for PowerDNS on a CentOS 5.2 system. PowerDNS is a high-performance, authoritative-only nameserver - in the setup described here it will read the DNS records from a MySQL database (similar to MyDNS), although other backends such as PostgreSQL are supported as well. Poweradmin is a web-based control panel for PowerDNS.
I do not issue any guarantee that this will work for you!
1 Preliminary Note
In this example I'm using a CentOS 5.2 host with the hostname server1.example.com and the IP address 192.168.0.100, set up according to the first 6 chapters of this tutorial: The Perfect Server - CentOS 5.2.
I will set up just one PowerDNS server in this example (a master); adding PowerDNS slave(s) can easily be achieved by using MySQL database replication from the master to the slave(s), therefore no zone transfers are needed (this again is similar to MyDNS). MySQL database replication can be set up according to this tutorial: How To Set Up Database Replication In MySQL (PowerDNS also supports native zone transfers (for scenarios where you cannot use MySQL replication) - see http://downloads.powerdns.com/documentation/html/replication.html).
2 Installing MySQL
To install MySQL, we do this:
yum install mysql mysql-server
Then we create the system startup links for MySQL (so that MySQL starts automatically whenever the system boots) and start the MySQL server:
chkconfig --levels 235 mysqld on
/etc/init.d/mysqld start
Now check that networking is enabled. Run
netstat -tap | grep mysql
It should show something like this (*:mysql means that MySQL is listening on all interfaces which is important for MySQL replication!):
[root@server1 ~]# netstat -tap | grep mysql
tcp 0 0 *:mysql *:* LISTEN 2439/mysqld
[root@server1 ~]#
If it does not, edit /etc/my.cnf and comment out the option skip-networking:
vi /etc/my.cnf
[...]
#skip-networking
[...]
and restart your MySQL server:
/etc/init.d/mysqld restart
Run
mysqladmin -u root password yourrootsqlpassword
mysqladmin -h server1.example.com -u root password yourrootsqlpassword
to set a password for the user root (otherwise anybody can access your MySQL database!).
3 Installing PowerDNS
To install PowerDNS, we run
yum install pdns pdns-backend-mysql
The PowerDNS configuration is located in the /etc/pdns directory - I'll come to that in a moment.
Now we connect to MySQL:
mysql -u root -p
Type in your MySQL root password, and you should be on the MySQL shell. On the MySQL shell, we create a database for PowerDNS:
CREATE DATABASE powerdns;
Next we create a database user (powerdns) for PowerDNS:
GRANT ALL ON powerdns.* TO 'power_admin'@'localhost' IDENTIFIED BY 'power_admin_password';
GRANT ALL ON powerdns.* TO 'power_admin'@'localhost.localdomain' IDENTIFIED BY 'power_admin_password';
FLUSH PRIVILEGES;
(Replace power_admin_password with a password of your choice.)
Now we create the tables needed by PowerDNS...
USE powerdns;
CREATE TABLE domains (
id INT auto_increment,
name VARCHAR(255) NOT NULL,
master VARCHAR(128) DEFAULT NULL,
last_check INT DEFAULT NULL,
type VARCHAR(6) NOT NULL,
notified_serial INT DEFAULT NULL,
account VARCHAR(40) DEFAULT NULL,
primary key (id)
);
CREATE UNIQUE INDEX name_index ON domains(name);
CREATE TABLE records (
id INT auto_increment,
domain_id INT DEFAULT NULL,
name VARCHAR(255) DEFAULT NULL,
type VARCHAR(6) DEFAULT NULL,
content VARCHAR(255) DEFAULT NULL,
ttl INT DEFAULT NULL,
prio INT DEFAULT NULL,
change_date INT DEFAULT NULL,
primary key(id)
);
CREATE INDEX rec_name_index ON records(name);
CREATE INDEX nametype_index ON records(name,type);
CREATE INDEX domain_id ON records(domain_id);
CREATE TABLE supermasters (
ip VARCHAR(25) NOT NULL,
nameserver VARCHAR(255) NOT NULL,
account VARCHAR(40) DEFAULT NULL
);
... and finally leave the MySQL shell:
quit;
Now we must configure PowerDNS so that it uses the MySQL backend:
vi /etc/pdns/pdns.conf
Add the following lines to pdns.conf:
[...]
#################################
# launch Which backends to launch and order to query them in
#
# launch=
launch=gmysql
gmysql-host=127.0.0.1
gmysql-user=power_admin
gmysql-password=power_admin_password
gmysql-dbname=powerdns
[...]
Then create the system startup links for PowerDNS and start it:
chkconfig --levels 235 pdns on
/etc/init.d/pdns start
That's it, PowerDNS is now ready to be used. To learn more about it, please refer to its documentation: http://downloads.powerdns.com/documentation/html/index.html
4 Installing Poweradmin
Now let's install Poweradmin, a web-based control panel for PowerDNS. Poweradmin is written in PHP, so we must install a web server (I'm using Apache2 in this example) and PHP:
yum install httpd php php-devel php-gd php-imap php-ldap php-mysql php-odbc php-pear php-xml php-xmlrpc php-mbstring php-mcrypt php-mhash gettext
Create the system startup links for Apache2 and start it:
chkconfig --levels 235 httpd on
/etc/init.d/httpd start
Poweradmin also requires the following two PEAR packages:
yum install php-pear-DB php-pear-MDB2-Driver-mysql
Now all prerequisites for Poweradmin are installed, and we can begin with the Poweradmin installation (I will install it in a subdirectory of /var/www/html - /var/www/html is the document root of Apache's default web site on CentOS; if you've created a vhost with a different document root, please adjust the paths).
Go to https://www.poweradmin.org/trac/wiki/GettingPoweradmin and download the latest Poweradmin package, e.g. as follows:
cd /tmp
wget https://www.poweradmin.org/download/poweradmin-2.1.2.tgz
Then install it to the /var/www/html/poweradmin directory as follows:
tar xvfz poweradmin-2.1.2.tgz
mv poweradmin-2.1.2 /var/www/html/poweradmin
touch /var/www/html/poweradmin/inc/config.inc.php
chown -R apache:apache /var/www/html/poweradmin/
Now open a browser and launch the web-based Poweradmin installer (http://server1.example.com/poweradmin/install or http://192.168.0.100/poweradmin/install).
Select your language (English or Dutch):
Click to enlarge
Click on the Go to step 3 button to proceed:
Click to enlarge
Now fill in your database details. It is important that you fill in the details for the MySQL root user, not the powerdns MySQL user we created earlier! Also provide a password for the admin user for the Poweradmin web interface (that's the password that the user admin will use to log in to Poweradmin later on):
Click to enlarge
On the next page, fill in the details for the power_admin MySQL user that we created in chapter 3. Also fill in the two default nameservers that will be used in your zones unless you provide different nameservers when you create a zone (typically these are the names of the current system and of the slave server (for which you can set up MySQL replication, see my preliminary notes in chapter 1)):
Click to enlarge
I do not issue any guarantee that this will work for you!
1 Preliminary Note
In this example I'm using a CentOS 5.2 host with the hostname server1.example.com and the IP address 192.168.0.100, set up according to the first 6 chapters of this tutorial: The Perfect Server - CentOS 5.2.
I will set up just one PowerDNS server in this example (a master); adding PowerDNS slave(s) can easily be achieved by using MySQL database replication from the master to the slave(s), therefore no zone transfers are needed (this again is similar to MyDNS). MySQL database replication can be set up according to this tutorial: How To Set Up Database Replication In MySQL (PowerDNS also supports native zone transfers (for scenarios where you cannot use MySQL replication) - see http://downloads.powerdns.com/documentation/html/replication.html).
2 Installing MySQL
To install MySQL, we do this:
yum install mysql mysql-server
Then we create the system startup links for MySQL (so that MySQL starts automatically whenever the system boots) and start the MySQL server:
chkconfig --levels 235 mysqld on
/etc/init.d/mysqld start
Now check that networking is enabled. Run
netstat -tap | grep mysql
It should show something like this (*:mysql means that MySQL is listening on all interfaces which is important for MySQL replication!):
[root@server1 ~]# netstat -tap | grep mysql
tcp 0 0 *:mysql *:* LISTEN 2439/mysqld
[root@server1 ~]#
If it does not, edit /etc/my.cnf and comment out the option skip-networking:
vi /etc/my.cnf
[...]
#skip-networking
[...]
and restart your MySQL server:
/etc/init.d/mysqld restart
Run
mysqladmin -u root password yourrootsqlpassword
mysqladmin -h server1.example.com -u root password yourrootsqlpassword
to set a password for the user root (otherwise anybody can access your MySQL database!).
3 Installing PowerDNS
To install PowerDNS, we run
yum install pdns pdns-backend-mysql
The PowerDNS configuration is located in the /etc/pdns directory - I'll come to that in a moment.
Now we connect to MySQL:
mysql -u root -p
Type in your MySQL root password, and you should be on the MySQL shell. On the MySQL shell, we create a database for PowerDNS:
CREATE DATABASE powerdns;
Next we create a database user (powerdns) for PowerDNS:
GRANT ALL ON powerdns.* TO 'power_admin'@'localhost' IDENTIFIED BY 'power_admin_password';
GRANT ALL ON powerdns.* TO 'power_admin'@'localhost.localdomain' IDENTIFIED BY 'power_admin_password';
FLUSH PRIVILEGES;
(Replace power_admin_password with a password of your choice.)
Now we create the tables needed by PowerDNS...
USE powerdns;
CREATE TABLE domains (
id INT auto_increment,
name VARCHAR(255) NOT NULL,
master VARCHAR(128) DEFAULT NULL,
last_check INT DEFAULT NULL,
type VARCHAR(6) NOT NULL,
notified_serial INT DEFAULT NULL,
account VARCHAR(40) DEFAULT NULL,
primary key (id)
);
CREATE UNIQUE INDEX name_index ON domains(name);
CREATE TABLE records (
id INT auto_increment,
domain_id INT DEFAULT NULL,
name VARCHAR(255) DEFAULT NULL,
type VARCHAR(6) DEFAULT NULL,
content VARCHAR(255) DEFAULT NULL,
ttl INT DEFAULT NULL,
prio INT DEFAULT NULL,
change_date INT DEFAULT NULL,
primary key(id)
);
CREATE INDEX rec_name_index ON records(name);
CREATE INDEX nametype_index ON records(name,type);
CREATE INDEX domain_id ON records(domain_id);
CREATE TABLE supermasters (
ip VARCHAR(25) NOT NULL,
nameserver VARCHAR(255) NOT NULL,
account VARCHAR(40) DEFAULT NULL
);
... and finally leave the MySQL shell:
quit;
Now we must configure PowerDNS so that it uses the MySQL backend:
vi /etc/pdns/pdns.conf
Add the following lines to pdns.conf:
[...]
#################################
# launch Which backends to launch and order to query them in
#
# launch=
launch=gmysql
gmysql-host=127.0.0.1
gmysql-user=power_admin
gmysql-password=power_admin_password
gmysql-dbname=powerdns
[...]
Then create the system startup links for PowerDNS and start it:
chkconfig --levels 235 pdns on
/etc/init.d/pdns start
That's it, PowerDNS is now ready to be used. To learn more about it, please refer to its documentation: http://downloads.powerdns.com/documentation/html/index.html
4 Installing Poweradmin
Now let's install Poweradmin, a web-based control panel for PowerDNS. Poweradmin is written in PHP, so we must install a web server (I'm using Apache2 in this example) and PHP:
yum install httpd php php-devel php-gd php-imap php-ldap php-mysql php-odbc php-pear php-xml php-xmlrpc php-mbstring php-mcrypt php-mhash gettext
Create the system startup links for Apache2 and start it:
chkconfig --levels 235 httpd on
/etc/init.d/httpd start
Poweradmin also requires the following two PEAR packages:
yum install php-pear-DB php-pear-MDB2-Driver-mysql
Now all prerequisites for Poweradmin are installed, and we can begin with the Poweradmin installation (I will install it in a subdirectory of /var/www/html - /var/www/html is the document root of Apache's default web site on CentOS; if you've created a vhost with a different document root, please adjust the paths).
Go to https://www.poweradmin.org/trac/wiki/GettingPoweradmin and download the latest Poweradmin package, e.g. as follows:
cd /tmp
wget https://www.poweradmin.org/download/poweradmin-2.1.2.tgz
Then install it to the /var/www/html/poweradmin directory as follows:
tar xvfz poweradmin-2.1.2.tgz
mv poweradmin-2.1.2 /var/www/html/poweradmin
touch /var/www/html/poweradmin/inc/config.inc.php
chown -R apache:apache /var/www/html/poweradmin/
Now open a browser and launch the web-based Poweradmin installer (http://server1.example.com/poweradmin/install or http://192.168.0.100/poweradmin/install).
Select your language (English or Dutch):
Click to enlarge
Click on the Go to step 3 button to proceed:
Click to enlarge
Now fill in your database details. It is important that you fill in the details for the MySQL root user, not the powerdns MySQL user we created earlier! Also provide a password for the admin user for the Poweradmin web interface (that's the password that the user admin will use to log in to Poweradmin later on):
Click to enlarge
On the next page, fill in the details for the power_admin MySQL user that we created in chapter 3. Also fill in the two default nameservers that will be used in your zones unless you provide different nameservers when you create a zone (typically these are the names of the current system and of the slave server (for which you can set up MySQL replication, see my preliminary notes in chapter 1)):
Click to enlarge
Set Up A Linux PlayStation 3 Media Server (CentOS 5.2)
Introduction
The Sony PlayStation 3 is a DLNA compatible device, DLNA is a framework where home electronics can share digital media and content seamlessly. This tutorial is a followup to the previous howto on Ubuntu. Given that I like most others use CentOS as their server distribution of choice, I find it fitting to run my DLNA server on it as well. Although several other open source media servers exist, I chose to use Fuppes due to its ease of use as well as built in support for transcoding.
By following this howto you will be able to create a server that will allow you to play digital media stored on the server via a DLNA capable device such as the Sony PS3, Nokia N95, etc.
Requirements
* Sony PlayStation 3 or other DLNA capable device
* A computer running CentOS 5.2 with a network connection
* Wireless LAN (optional)
* Working Internet connection (to download packages)
* Media to be streamed
Installation
Download and install the Fuppes Centos rpm that I have packaged, the rpm is signed using my PGP key, and depends on packages that are provided by the rpmforge repository. You will need to install my PGP key as well as the rpmforge yum repository package.
wget http://www.topdog-software.com/oss/roundcube/andrew_topdog-software.com_key.txt
rpm --import andrew_topdog-software.com_key.txt
rpm -Uhv http://apt.sw.be/redhat/el5/en/i386/rpmforge/RPMS/rpmforge-release-0.3.6-1.el5.rf.i386.rpm
wget http://www.topdog-software.com/oss/fuppes/fuppes-0.7.2-627SVN.i386.rpm
yum localinstall fuppes-0.7.2-627SVN.i386.rpm
Configuration
* Edit the fuppes configuration file /etc/fuppes/fuppes.cfg and the the interface option, in my case I will be using the IP address 192.168.1.2
192.168.1.2
* Start fuppes and then point your browser to http://192.168.1.2:56596
/etc/init.d/fuppes start
* Select configuration on the menu on the left
* Under "ContentDirectory settings" -> Add objects, type the name of the directory you want to share media from (you can also share an itunes db) then click "submit query"
* Add as many directories as you want I added the following:
/srv/fuppes/Videos
/srv/fuppes/Music
/srv/fuppes/Pictures
* Rebuild the media database
* Select Options on the menu on the left
* Click "rebuild database"
* Monitor the status of the rebuild on the status page, you will see the counters increase as your media is indexed.
* Configure multicast route on your machine for the media server to be found by clients, create a file /etc/sysconfig/network-scripts/route-ethX with the following content (substitute the X for the interface you are using on your machine)
239.0.0.0/8 dev ethX
* Restart networking
service network restart
Click here to find out more!
Testing
Sony PlayStation 3
Connect to your PS3 and go to Video and then select search for media servers, if all went well you should find your media server named fuppes, select that and go to a folder with videos select and play. Repeat this procedure for your music and pictures.
Nokia N95
Go to tools -> Connectivity -> Home media -> Browse media. You N95 will connect to the WLAN and begin searching and should find your fuppes media server, select it and you will see your folders, from there you can play your media and view your content or copy it to your device.
Xbox
Fuppes does support Xbox as well, using an M$ product? You are on your own.
Sample configuration files
* /etc/fuppes/fuppes.cfg
/srv/fuppes/Music
/srv/fuppes/Videos
/srv/fuppes/Pictures
192.168.1.2
56596
UTF-8
true
true
true
lame
true
true
true
0
file
false
true
4
AUDIO_ITEM
audio/mpeg
MP3
AUDIO_ITEM
application/octet-stream
mp3
audio/mpeg
MP3
chunked
vorbis
lame
192
44100
AUDIO_ITEM
application/octet-stream
mp3
audio/mpeg
MP3
chunked
musepack
lame
192
44100
AUDIO_ITEM
audio/x-wav
AUDIO_ITEM
audio/x-flac
mp3
audio/mpeg
MP3
chunked
flac
lame
192
44100
AUDIO_ITEM
audio/x-ms-wma
WMAFULL
jpeg
IMAGE_ITEM
image/jpeg
png
image/png
0
0
false
false
IMAGE_ITEM
image/bmp
IMAGE_ITEM
image/png
IMAGE_ITEM
image/gif
mpeg
VIDEO_ITEM
video/mpeg
VIDEO_ITEM
video/mp4
VIDEO_ITEM
video/avi
VIDEO_ITEM
video/x-ms-wmv
VIDEO_ITEM
video/x-ms-vob
VIDEO_ITEM
video/x-extension-vdr
vob
video/x-ms-vob
VIDEO_ITEM
application/x-flash-video
VIDEO_ITEM
video/x-ms-asf
PLAYLIST
audio/x-scpls
PLAYLIST
audio/x-mpegurl
UPnP/1.0 DLNADOC/1.00
PLAYSTATION3
true
50
AUDIO_ITEM_MUSIC_TRACK
stream
%s %v : 1 : Windows Media Connect
Windows Media Connect compatible (%s)
2.0
Xbox/2.0.\d+.\d+ UPnP/1.0 Xbox/2.0.\d+.\d+
Xenon
true
container
true
dma/1.0 \(http://www.cybertan.com.tw/\)
UPnP/1.0 DLNADOC/1.00
file
101
* /etc/fuppes/vfolder.cfg
The Sony PlayStation 3 is a DLNA compatible device, DLNA is a framework where home electronics can share digital media and content seamlessly. This tutorial is a followup to the previous howto on Ubuntu. Given that I like most others use CentOS as their server distribution of choice, I find it fitting to run my DLNA server on it as well. Although several other open source media servers exist, I chose to use Fuppes due to its ease of use as well as built in support for transcoding.
By following this howto you will be able to create a server that will allow you to play digital media stored on the server via a DLNA capable device such as the Sony PS3, Nokia N95, etc.
Requirements
* Sony PlayStation 3 or other DLNA capable device
* A computer running CentOS 5.2 with a network connection
* Wireless LAN (optional)
* Working Internet connection (to download packages)
* Media to be streamed
Installation
Download and install the Fuppes Centos rpm that I have packaged, the rpm is signed using my PGP key, and depends on packages that are provided by the rpmforge repository. You will need to install my PGP key as well as the rpmforge yum repository package.
wget http://www.topdog-software.com/oss/roundcube/andrew_topdog-software.com_key.txt
rpm --import andrew_topdog-software.com_key.txt
rpm -Uhv http://apt.sw.be/redhat/el5/en/i386/rpmforge/RPMS/rpmforge-release-0.3.6-1.el5.rf.i386.rpm
wget http://www.topdog-software.com/oss/fuppes/fuppes-0.7.2-627SVN.i386.rpm
yum localinstall fuppes-0.7.2-627SVN.i386.rpm
Configuration
* Edit the fuppes configuration file /etc/fuppes/fuppes.cfg and the the interface option, in my case I will be using the IP address 192.168.1.2
* Start fuppes and then point your browser to http://192.168.1.2:56596
/etc/init.d/fuppes start
* Select configuration on the menu on the left
* Under "ContentDirectory settings" -> Add objects, type the name of the directory you want to share media from (you can also share an itunes db) then click "submit query"
* Add as many directories as you want I added the following:
/srv/fuppes/Videos
/srv/fuppes/Music
/srv/fuppes/Pictures
* Rebuild the media database
* Select Options on the menu on the left
* Click "rebuild database"
* Monitor the status of the rebuild on the status page, you will see the counters increase as your media is indexed.
* Configure multicast route on your machine for the media server to be found by clients, create a file /etc/sysconfig/network-scripts/route-ethX with the following content (substitute the X for the interface you are using on your machine)
239.0.0.0/8 dev ethX
* Restart networking
service network restart
Click here to find out more!
Testing
Sony PlayStation 3
Connect to your PS3 and go to Video and then select search for media servers, if all went well you should find your media server named fuppes, select that and go to a folder with videos select and play. Repeat this procedure for your music and pictures.
Nokia N95
Go to tools -> Connectivity -> Home media -> Browse media. You N95 will connect to the WLAN and begin searching and should find your fuppes media server, select it and you will see your folders, from there you can play your media and view your content or copy it to your device.
Xbox
Fuppes does support Xbox as well, using an M$ product? You are on your own.
Sample configuration files
* /etc/fuppes/fuppes.cfg
* /etc/fuppes/vfolder.cfg
Managing OpenVZ With HyperVM On CentOS 5.2
HyperVM is a multi-platform, multi-tiered, multi-server, multi-virtualization web based application that will allow you to create and manage different virtual machines each based on different technologies across machines and platforms. Currently it supports OpenVZ and Xen virtualization and is available for RHEL 4/5 as well as CentOS 4 and CentOS 5. This tutorial shows how to install it on a CentOS 5.2 server to control OpenVZ containers. I will also explain how to manage OpenVZ containers with HyperVM on a remote CentOS 5.2 server ("slave").
I do not issue any guarantee that this will work for you!
1 Preliminary Note
I'm using two empty CentOS 5.2 servers in this tutorial (empty because HyperVM will also install OpenVZ, so OpenVZ does not need to be installed right now):
* server1.example.com (IP 192.168.0.100): master
* server2.example.com (IP 192.168.0.102): slave
The slave is needed only if you want to control OpenVZ containers on remote servers with HyperVM (explained in an extra chapter).
I couldn't find out anything about HyperVM's license, neither on the HyperVM web site nor in the sources. It seems to be free, at least for a certain amount of controlled OpenVZ containers (according to http://lxlabs.com/store/). If you find out about its license and whether it's free or not, please let me know.
2 Installing A HyperVM Master
server1:
(The HyperVM master allows you to control OpenVZ containers on the master itself and on slave machines. Even if you don't want to run slave machines, you need a master!)
First we need to disable SELinux. Open /etc/sysconfig/selinux...
vi /etc/sysconfig/selinux
... and set SELINUX to disabled:
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - SELinux is fully disabled.
SELINUX=disabled
# SELINUXTYPE= type of policy in use. Possible values are:
# targeted - Only targeted network daemons are protected.
# strict - Full SELinux protection.
SELINUXTYPE=targeted
Run
setenforce 0
afterwards.
Afterwards we install HyperVM as follows:
wget http://download.lxlabs.com/download/hypervm/production/hypervm-install-master.sh
sh ./hypervm-install-master.sh --virtualization-type=openvz
This will take quite some time as this also installs OpenVZ and some OpenVZ templates, so be patient. At the end, you should see something like this:
Downloaded: 7 files, 1.4G in 51m 21s (485 KB/s)
Executing Update Cleanup... Will take a long time to finish....
Congratuations. hyperVM has been installed succesfully on your server as master
You can connect to the server at https://:8887 or http://:8888
Please note that first is secure ssl connection, while the second is normal one.
The login and password are 'admin' 'admin'. After Logging in, you will have to change your password to something more secure
Thanks for choosing hyperVM to manage your Server, and allowing us to be of service
Click here to find out more!
***There is one more step you have to do to make this complete. Open /etc/grub.conf, and change the 'default=1' line to 'default=0', and reboot this machine. You will be rebooted into the openvz kernel and will able to manage vpses from the hyperVM interface
You have mail in /var/spool/mail/root
[root@server1 ~]#
Next we open /etc/grub.conf...
vi /etc/grub.conf
... and change default=1 to default=0 so that the OpenVZ kernel is the default kernel:
# grub.conf generated by anaconda
#
# Note that you do not have to rerun grub after making changes to this file
# NOTICE: You have a /boot partition. This means that
# all kernel and initrd paths are relative to /boot/, eg.
# root (hd0,0)
# kernel /vmlinuz-version ro root=/dev/VolGroup00/LogVol00
# initrd /initrd-version.img
#boot=/dev/sda
default=0
timeout=5
splashimage=(hd0,0)/grub/splash.xpm.gz
hiddenmenu
title CentOS (2.6.18-92.1.18.el5.028stab060.2PAE)
root (hd0,0)
kernel /vmlinuz-2.6.18-92.1.18.el5.028stab060.2PAE ro root=/dev/VolGroup00/LogVol00
initrd /initrd-2.6.18-92.1.18.el5.028stab060.2PAE.img
title CentOS (2.6.18-92.1.1.el5)
root (hd0,0)
kernel /vmlinuz-2.6.18-92.1.1.el5 ro root=/dev/VolGroup00/LogVol00
initrd /initrd-2.6.18-92.1.1.el5.img
title CentOS (2.6.18-92.el5)
root (hd0,0)
kernel /vmlinuz-2.6.18-92.el5 ro root=/dev/VolGroup00/LogVol00
initrd /initrd-2.6.18-92.el5.img
Then we reboot the system:
reboot
That's it for the installation.
3 Using HyperVM
Now open a browser and go to https://192.168.0.100:8887 or http://192.168.0.100:8888.
If you're using Firefox 3 and use HTTPS, Firefox will complain about the self-signed certificate, therefore you must tell Firefox to accept the certificate - to do this, click on the Or you can add an exception... link:
Click to enlarge
Click on Add Exception...:
Click to enlarge
The Add Security Exception window opens. In that window, click on the Get Certificate button first and then on the Confirm Security Exception button:
Click to enlarge
Afterwards, you will see the HyperVM login form. Log in with the user admin and the password admin:
Click to enlarge
The first thing you are asked to do after the first login is to change the default password for admin:
Click to enlarge
I do not issue any guarantee that this will work for you!
1 Preliminary Note
I'm using two empty CentOS 5.2 servers in this tutorial (empty because HyperVM will also install OpenVZ, so OpenVZ does not need to be installed right now):
* server1.example.com (IP 192.168.0.100): master
* server2.example.com (IP 192.168.0.102): slave
The slave is needed only if you want to control OpenVZ containers on remote servers with HyperVM (explained in an extra chapter).
I couldn't find out anything about HyperVM's license, neither on the HyperVM web site nor in the sources. It seems to be free, at least for a certain amount of controlled OpenVZ containers (according to http://lxlabs.com/store/). If you find out about its license and whether it's free or not, please let me know.
2 Installing A HyperVM Master
server1:
(The HyperVM master allows you to control OpenVZ containers on the master itself and on slave machines. Even if you don't want to run slave machines, you need a master!)
First we need to disable SELinux. Open /etc/sysconfig/selinux...
vi /etc/sysconfig/selinux
... and set SELINUX to disabled:
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - SELinux is fully disabled.
SELINUX=disabled
# SELINUXTYPE= type of policy in use. Possible values are:
# targeted - Only targeted network daemons are protected.
# strict - Full SELinux protection.
SELINUXTYPE=targeted
Run
setenforce 0
afterwards.
Afterwards we install HyperVM as follows:
wget http://download.lxlabs.com/download/hypervm/production/hypervm-install-master.sh
sh ./hypervm-install-master.sh --virtualization-type=openvz
This will take quite some time as this also installs OpenVZ and some OpenVZ templates, so be patient. At the end, you should see something like this:
Downloaded: 7 files, 1.4G in 51m 21s (485 KB/s)
Executing Update Cleanup... Will take a long time to finish....
Congratuations. hyperVM has been installed succesfully on your server as master
You can connect to the server at https://
Please note that first is secure ssl connection, while the second is normal one.
The login and password are 'admin' 'admin'. After Logging in, you will have to change your password to something more secure
Thanks for choosing hyperVM to manage your Server, and allowing us to be of service
Click here to find out more!
***There is one more step you have to do to make this complete. Open /etc/grub.conf, and change the 'default=1' line to 'default=0', and reboot this machine. You will be rebooted into the openvz kernel and will able to manage vpses from the hyperVM interface
You have mail in /var/spool/mail/root
[root@server1 ~]#
Next we open /etc/grub.conf...
vi /etc/grub.conf
... and change default=1 to default=0 so that the OpenVZ kernel is the default kernel:
# grub.conf generated by anaconda
#
# Note that you do not have to rerun grub after making changes to this file
# NOTICE: You have a /boot partition. This means that
# all kernel and initrd paths are relative to /boot/, eg.
# root (hd0,0)
# kernel /vmlinuz-version ro root=/dev/VolGroup00/LogVol00
# initrd /initrd-version.img
#boot=/dev/sda
default=0
timeout=5
splashimage=(hd0,0)/grub/splash.xpm.gz
hiddenmenu
title CentOS (2.6.18-92.1.18.el5.028stab060.2PAE)
root (hd0,0)
kernel /vmlinuz-2.6.18-92.1.18.el5.028stab060.2PAE ro root=/dev/VolGroup00/LogVol00
initrd /initrd-2.6.18-92.1.18.el5.028stab060.2PAE.img
title CentOS (2.6.18-92.1.1.el5)
root (hd0,0)
kernel /vmlinuz-2.6.18-92.1.1.el5 ro root=/dev/VolGroup00/LogVol00
initrd /initrd-2.6.18-92.1.1.el5.img
title CentOS (2.6.18-92.el5)
root (hd0,0)
kernel /vmlinuz-2.6.18-92.el5 ro root=/dev/VolGroup00/LogVol00
initrd /initrd-2.6.18-92.el5.img
Then we reboot the system:
reboot
That's it for the installation.
3 Using HyperVM
Now open a browser and go to https://192.168.0.100:8887 or http://192.168.0.100:8888.
If you're using Firefox 3 and use HTTPS, Firefox will complain about the self-signed certificate, therefore you must tell Firefox to accept the certificate - to do this, click on the Or you can add an exception... link:
Click to enlarge
Click on Add Exception...:
Click to enlarge
The Add Security Exception window opens. In that window, click on the Get Certificate button first and then on the Confirm Security Exception button:
Click to enlarge
Afterwards, you will see the HyperVM login form. Log in with the user admin and the password admin:
Click to enlarge
The first thing you are asked to do after the first login is to change the default password for admin:
Click to enlarge
How To Set Up Apache2 With mod_fcgid And PHP5 On CentOS 5.2
This tutorial describes how you can install Apache2 with mod_fcgid and PHP5 on CentOS 5.2. mod_fcgid is a compatible alternative to the older mod_fastcgi. It lets you execute PHP scripts with the permissions of their owners instead of the Apache user.
I do not issue any guarantee that this will work for you!
1 Preliminary Note
I'm using a CentOS 5.2 server in this tutorial with the hostname server1.example.com and the IP address 192.168.0.100.
I will create two Apache vhosts in this tutorial, www.example1.com and www.example2.com, to demonstrate the usage of mod_fcgid.
Before we start, make sure that SELinux is disabled. Run
system-config-securitylevel
to disable SELinux, and ...
setenforce 0
... for the change to take effect.
2 Installing Apache2/mod_fcgi/PHP5
mod_fcgid is not available in the official CentOS repositories, but there's a package for CentOS 5.x in the centos.karan.org testing repository. We enable the repository as follows:
cd /etc/yum.repos.d/
wget http://centos.karan.org/kbsingh-CentOS-Extras.repo
Next we open /etc/yum.repos.d/kbsingh-CentOS-Extras.repo...
vi /etc/yum.repos.d/kbsingh-CentOS-Extras.repo
... and set gpgcheck to 0 and enabled to 1 in the [kbs-CentOS-Testing] section:
[...]
[kbs-CentOS-Testing]
name=CentOS.Karan.Org-EL$releasever - Testing
gpgcheck=0
gpgkey=http://centos.karan.org/RPM-GPG-KEY-karan.org.txt
enabled=1
baseurl=http://centos.karan.org/el$releasever/extras/testing/$basearch/RPMS/
Afterwards we can install Apache2, mod_fcgid, and PHP5:
yum install httpd mod_fcgid php-cli
If Apache2 was already installed with PHP5 as an Apache module, disable the PHP5 module now - open /etc/httpd/conf.d/php.conf...
vi /etc/httpd/conf.d/php.conf
... and comment out everything in that file:
#
# PHP is an HTML-embedded scripting language which attempts to make it
# easy for developers to write dynamically generated webpages.
#
#LoadModule php5_module modules/libphp5.so
#
# Cause the PHP interpreter to handle files with a .php extension.
#
#AddHandler php5-script .php
#AddType text/html .php
#
# Add index.php to the list of files that will be served as directory
# indexes.
#
#DirectoryIndex index.php
#
# Uncomment the following line to allow PHP to pretty-print .phps
# files as PHP source code:
#
#AddType application/x-httpd-php-source .phps
Then we create the system startup links for Apache and start it:
chkconfig --levels 235 httpd on
/etc/init.d/httpd restart
Next we open /etc/php.ini...
vi /etc/php.ini
... and add the line cgi.fix_pathinfo = 1 right at the end of the file:
[...]
cgi.fix_pathinfo = 1
Then reload Apache:
Click here to find out more!
/etc/init.d/httpd reload
3 Creating Vhosts For www.example1.com And www.example2.com
I will now create two vhosts, www.example1.com (with the document root /var/www/web1/web) and www.example2.com (with the document root /var/www/web2/web). www.example1.com will be owned by the user and group web1, and www.example2.com by the user and group web2.
First we create the users and groups:
groupadd web1
groupadd web2
useradd -s /bin/false -d /var/www/web1 -m -g web1 web1
useradd -s /bin/false -d /var/www/web2 -m -g web2 web2
chmod 755 /var/www/web1
chmod 755 /var/www/web2
Then we create the document roots and make them owned by the users/groups web1 resp. web2:
mkdir -p /var/www/web1/web
chown web1:web1 /var/www/web1/web
mkdir -p /var/www/web2/web
chown web2:web2 /var/www/web2/web
We will run PHP using suExec; suExec's document root is /var/www, as the following command shows:
/usr/sbin/suexec -V
[root@server1 ~]# /usr/sbin/suexec -V
-D AP_DOC_ROOT="/var/www"
-D AP_GID_MIN=100
-D AP_HTTPD_USER="apache"
-D AP_LOG_EXEC="/var/log/httpd/suexec.log"
-D AP_SAFE_PATH="/usr/local/bin:/usr/bin:/bin"
-D AP_UID_MIN=500
-D AP_USERDIR_SUFFIX="public_html"
[root@server1 ~]#
Therefore we cannot call the PHP binary (/usr/bin/php-cgi) directly because it is located outside suExec's document root. As suExec does not allow symlinks, the only way to solve the problem is to create a wrapper script for each web site in a subdirectory of /var/www; the wrapper script will then call the PHP binary /usr/bin/php-cgi. The wrapper script must be owned by the user and group of each web site, therefore we need one wrapper script for each web site. I'm going to create the wrapper scripts in subdirectories of /var/www/php-fcgi-scripts, e.g. /var/www/php-fcgi-scripts/web1 and /var/www/php-fcgi-scripts/web2.
mkdir -p /var/www/php-fcgi-scripts/web1
mkdir -p /var/www/php-fcgi-scripts/web2
vi /var/www/php-fcgi-scripts/web1/php-fcgi-starter
#!/bin/sh
PHPRC=/etc/
export PHPRC
export PHP_FCGI_MAX_REQUESTS=5000
export PHP_FCGI_CHILDREN=8
exec /usr/bin/php-cgi
vi /var/www/php-fcgi-scripts/web2/php-fcgi-starter
#!/bin/sh
PHPRC=/etc/
export PHPRC
export PHP_FCGI_MAX_REQUESTS=5000
export PHP_FCGI_CHILDREN=8
exec /usr/bin/php-cgi
The PHPRC line contains the directory where the php.ini file is located (i.e., /etc/ translates to /etc/php.ini). PHP_FCGI_MAX_REQUESTS is the maximum number of requests before an fcgid process is stopped and a new one is launched. PHP_FCGI_CHILDREN defines the number of PHP children that will be launched.
The php-fcgi-starter scripts must be executable, and they (and the directories they are in) must be owned by the web site's user and group:
chmod 755 /var/www/php-fcgi-scripts/web1/php-fcgi-starter
chmod 755 /var/www/php-fcgi-scripts/web2/php-fcgi-starter
chown -R web1:web1 /var/www/php-fcgi-scripts/web1
chown -R web2:web2 /var/www/php-fcgi-scripts/web2
Now we create the Apache vhosts for www.example1.com and www.example2.com. Add the following two vhosts at the end of /etc/httpd/conf/httpd.conf:
vi /etc/httpd/conf/httpd.conf
[...]
NameVirtualHost *:80
ServerName www.example1.com
ServerAlias example1.com
ServerAdmin webmaster@example1.com
DocumentRoot /var/www/web1/web/
SuexecUserGroup web1 web1
PHP_Fix_Pathinfo_Enable 1
Options +ExecCGI
AllowOverride All
AddHandler fcgid-script .php
FCGIWrapper /var/www/php-fcgi-scripts/web1/php-fcgi-starter .php
Order allow,deny
Allow from all
# ErrorLog /var/log/apache2/error.log
# CustomLog /var/log/apache2/access.log combined
ServerSignature Off
ServerName www.example2.com
ServerAlias example2.com
ServerAdmin webmaster@example2.com
DocumentRoot /var/www/web2/web/
SuexecUserGroup web2 web2
PHP_Fix_Pathinfo_Enable 1
Options +ExecCGI
AllowOverride All
AddHandler fcgid-script .php
FCGIWrapper /var/www/php-fcgi-scripts/web2/php-fcgi-starter .php
Order allow,deny
Allow from all
# ErrorLog /var/log/apache2/error.log
# CustomLog /var/log/apache2/access.log combined
ServerSignature Off
Make sure you fill in the right paths (and the correct user and group in the SuexecUserGroup lines).
Reload Apache afterwards:
/etc/init.d/httpd reload
I do not issue any guarantee that this will work for you!
1 Preliminary Note
I'm using a CentOS 5.2 server in this tutorial with the hostname server1.example.com and the IP address 192.168.0.100.
I will create two Apache vhosts in this tutorial, www.example1.com and www.example2.com, to demonstrate the usage of mod_fcgid.
Before we start, make sure that SELinux is disabled. Run
system-config-securitylevel
to disable SELinux, and ...
setenforce 0
... for the change to take effect.
2 Installing Apache2/mod_fcgi/PHP5
mod_fcgid is not available in the official CentOS repositories, but there's a package for CentOS 5.x in the centos.karan.org testing repository. We enable the repository as follows:
cd /etc/yum.repos.d/
wget http://centos.karan.org/kbsingh-CentOS-Extras.repo
Next we open /etc/yum.repos.d/kbsingh-CentOS-Extras.repo...
vi /etc/yum.repos.d/kbsingh-CentOS-Extras.repo
... and set gpgcheck to 0 and enabled to 1 in the [kbs-CentOS-Testing] section:
[...]
[kbs-CentOS-Testing]
name=CentOS.Karan.Org-EL$releasever - Testing
gpgcheck=0
gpgkey=http://centos.karan.org/RPM-GPG-KEY-karan.org.txt
enabled=1
baseurl=http://centos.karan.org/el$releasever/extras/testing/$basearch/RPMS/
Afterwards we can install Apache2, mod_fcgid, and PHP5:
yum install httpd mod_fcgid php-cli
If Apache2 was already installed with PHP5 as an Apache module, disable the PHP5 module now - open /etc/httpd/conf.d/php.conf...
vi /etc/httpd/conf.d/php.conf
... and comment out everything in that file:
#
# PHP is an HTML-embedded scripting language which attempts to make it
# easy for developers to write dynamically generated webpages.
#
#LoadModule php5_module modules/libphp5.so
#
# Cause the PHP interpreter to handle files with a .php extension.
#
#AddHandler php5-script .php
#AddType text/html .php
#
# Add index.php to the list of files that will be served as directory
# indexes.
#
#DirectoryIndex index.php
#
# Uncomment the following line to allow PHP to pretty-print .phps
# files as PHP source code:
#
#AddType application/x-httpd-php-source .phps
Then we create the system startup links for Apache and start it:
chkconfig --levels 235 httpd on
/etc/init.d/httpd restart
Next we open /etc/php.ini...
vi /etc/php.ini
... and add the line cgi.fix_pathinfo = 1 right at the end of the file:
[...]
cgi.fix_pathinfo = 1
Then reload Apache:
Click here to find out more!
/etc/init.d/httpd reload
3 Creating Vhosts For www.example1.com And www.example2.com
I will now create two vhosts, www.example1.com (with the document root /var/www/web1/web) and www.example2.com (with the document root /var/www/web2/web). www.example1.com will be owned by the user and group web1, and www.example2.com by the user and group web2.
First we create the users and groups:
groupadd web1
groupadd web2
useradd -s /bin/false -d /var/www/web1 -m -g web1 web1
useradd -s /bin/false -d /var/www/web2 -m -g web2 web2
chmod 755 /var/www/web1
chmod 755 /var/www/web2
Then we create the document roots and make them owned by the users/groups web1 resp. web2:
mkdir -p /var/www/web1/web
chown web1:web1 /var/www/web1/web
mkdir -p /var/www/web2/web
chown web2:web2 /var/www/web2/web
We will run PHP using suExec; suExec's document root is /var/www, as the following command shows:
/usr/sbin/suexec -V
[root@server1 ~]# /usr/sbin/suexec -V
-D AP_DOC_ROOT="/var/www"
-D AP_GID_MIN=100
-D AP_HTTPD_USER="apache"
-D AP_LOG_EXEC="/var/log/httpd/suexec.log"
-D AP_SAFE_PATH="/usr/local/bin:/usr/bin:/bin"
-D AP_UID_MIN=500
-D AP_USERDIR_SUFFIX="public_html"
[root@server1 ~]#
Therefore we cannot call the PHP binary (/usr/bin/php-cgi) directly because it is located outside suExec's document root. As suExec does not allow symlinks, the only way to solve the problem is to create a wrapper script for each web site in a subdirectory of /var/www; the wrapper script will then call the PHP binary /usr/bin/php-cgi. The wrapper script must be owned by the user and group of each web site, therefore we need one wrapper script for each web site. I'm going to create the wrapper scripts in subdirectories of /var/www/php-fcgi-scripts, e.g. /var/www/php-fcgi-scripts/web1 and /var/www/php-fcgi-scripts/web2.
mkdir -p /var/www/php-fcgi-scripts/web1
mkdir -p /var/www/php-fcgi-scripts/web2
vi /var/www/php-fcgi-scripts/web1/php-fcgi-starter
#!/bin/sh
PHPRC=/etc/
export PHPRC
export PHP_FCGI_MAX_REQUESTS=5000
export PHP_FCGI_CHILDREN=8
exec /usr/bin/php-cgi
vi /var/www/php-fcgi-scripts/web2/php-fcgi-starter
#!/bin/sh
PHPRC=/etc/
export PHPRC
export PHP_FCGI_MAX_REQUESTS=5000
export PHP_FCGI_CHILDREN=8
exec /usr/bin/php-cgi
The PHPRC line contains the directory where the php.ini file is located (i.e., /etc/ translates to /etc/php.ini). PHP_FCGI_MAX_REQUESTS is the maximum number of requests before an fcgid process is stopped and a new one is launched. PHP_FCGI_CHILDREN defines the number of PHP children that will be launched.
The php-fcgi-starter scripts must be executable, and they (and the directories they are in) must be owned by the web site's user and group:
chmod 755 /var/www/php-fcgi-scripts/web1/php-fcgi-starter
chmod 755 /var/www/php-fcgi-scripts/web2/php-fcgi-starter
chown -R web1:web1 /var/www/php-fcgi-scripts/web1
chown -R web2:web2 /var/www/php-fcgi-scripts/web2
Now we create the Apache vhosts for www.example1.com and www.example2.com. Add the following two vhosts at the end of /etc/httpd/conf/httpd.conf:
vi /etc/httpd/conf/httpd.conf
[...]
NameVirtualHost *:80
ServerName www.example1.com
ServerAlias example1.com
ServerAdmin webmaster@example1.com
DocumentRoot /var/www/web1/web/
SuexecUserGroup web1 web1
PHP_Fix_Pathinfo_Enable 1
Options +ExecCGI
AllowOverride All
AddHandler fcgid-script .php
FCGIWrapper /var/www/php-fcgi-scripts/web1/php-fcgi-starter .php
Order allow,deny
Allow from all
# ErrorLog /var/log/apache2/error.log
# CustomLog /var/log/apache2/access.log combined
ServerSignature Off
ServerName www.example2.com
ServerAlias example2.com
ServerAdmin webmaster@example2.com
DocumentRoot /var/www/web2/web/
SuexecUserGroup web2 web2
PHP_Fix_Pathinfo_Enable 1
Options +ExecCGI
AllowOverride All
AddHandler fcgid-script .php
FCGIWrapper /var/www/php-fcgi-scripts/web2/php-fcgi-starter .php
Order allow,deny
Allow from all
# ErrorLog /var/log/apache2/error.log
# CustomLog /var/log/apache2/access.log combined
ServerSignature Off
Make sure you fill in the right paths (and the correct user and group in the SuexecUserGroup lines).
Reload Apache afterwards:
/etc/init.d/httpd reload
OpenVPN Server On CentOS 5.2
So your users need access to Exchange and data from outside your organisation. Sure you can set up RPC over HTTPS and various other tools to access the data. I just find OpenVPN very good, convenient and reliable.
And after battling to find a good simple HOWTO, I put this together. It's a quick and nasty but it works!:)
Firstly, ensure you are root, and just in case the OpenVPN is not in the base repository, add the rpmforge repo (these steps you can find elsewhere).
If you use selinux you will need this:
#semanage port -a -t openvpn_port_t -p tcp 1723
yum install openvpn
cd /etc/openvpn/
cp -R /usr/share/doc/openvpn-2.0.9/easy-rsa/ /etc/openvpn/
cd /etc/openvpn/easy-rsa/2.0/
. ../vars
chmod +rwx *
./clean-all
source ./vars
vi ../vars
(At the bottom of the files change the values to match the site.)
vi vars
(At the bottom of the files change the values to match the site.)
./build-ca
(This builds the CA certificate.)
source ./vars
./clean-all
./build-ca
./build-key-server server
(This builds the server.key file.)
vi /etc/openvpn/openvpn.conf
(For slow lines UDP is faster. Use the below as a starting point:)
port 1723 # (1194 is the default but on some APN networks this is blocked)
proto tcp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh1024.pem
server 172.16.0.0 255.255.255.0
push "dhcp-option DNS 192.168.168.1"
push "dhcp-option DNS 168.210.2.2"
#push "dhcp-option WINS 192.168.1.2"
push "route 192.168.168.0 255.255.255.0"
ifconfig-pool-persist ipp.txt
keepalive 10 120
comp-lzo
user nobody
group users
persist-key
persist-tun
status openvpn-status.log
verb 3
client-to-client
duplicate-cn # (this means several users can use the same key)
cp keys/{ca.crt,ca.key,server.crt,server.key} /etc/openvpn/
./build-dh (builds the dh1024)
cp keys/dh1024.pem /etc/openvpn/
/etc/init.d/openvpn start
chkconfig --list | grep vpn
(Make sure it is set to start at boot.)
./build-key
(Repeat and rinse if you want several individual client keys.)
cd keys/
zip keys.zip ca.crt ca.key.crt .csr .key
yum install -y nail
nail -s “Keys" -a keys.zip me@mydomain.co.za
netstat -ntpl | grep 1723
Set the iptables firewall rules to allow with these rules:
# External Interface for VPN
# VPN Interface
VPNIF="tun0"
VPNNET="172.16.0.0/24"
VPNIP="172.16.0.1"
### OpenVPN
$IPTABLES -A INPUT -i $EXTIF -p tcp -s $UNIVERSE -d $EXTIP --destination-port 1723 -j
ACCEPT # OpenVPN
$IPTABLES -A INPUT -i $EXTIF -p tcp -s $UNIVERSE -d $EXTIP --destination-port 1723 -j
ACCEPT # OpenVPN
# Allow TUN interface connections to OpenVPN server
$IPTABLES -A OUTPUT -o $INTIF -s $EXTIP -d $VPNNET -j ACCEPT
$IPTABLES -A OUTPUT -o $VPNIF -s $EXTIP -d $VPNNET -j ACCEPT
# OpenVPN
$IPTABLES -A FORWARD -i $EXTIF -o $VPNIF -m state --state ESTABLISHED,RELATED -j
ACCEPT
$IPTABLES -A FORWARD -o $INTIF -s $EXTIP -d $VPNNET -j ACCEPT
$IPTABLES -A FORWARD -o $VPNIF -s $EXTIP -d $VPNIP -j ACCEPT
$IPTABLES -A FORWARD -o $EXTIF -s $EXTIP -d $VPNNET -j ACCEPT
$IPTABLES -A FORWARD -o $VPNIF -s $INTNET -d $VPNNET -j ACCEPT
Click here to find out more!
Follow the client side instructions from here...
Installing OpenVPN GUI On Windows XP / Vista
Once the OpenVPN server has been setup and the client key(s) made available to you for installation, follow these steps to roll the VPN out to the clients:
-Download the client software here: http://www.openvpn.se/. The tested version is 1.0.3. Version 2.0.9 works on Vista with the following in the client.ovpn file:
route-method exe
route-delay 2
-Install the program.
-Under C:\Program Files\OpenVPN\config place the following:
ca.crt
ca.key
client.ovpn (you might need to edit this file later)
.crt (eg. johnl.crt)
.csr
.key
-Edit the client.ovpn file and ensure that the following fields match up for the site / user:
# The hostname/IP and port of the server.
# You can have multiple remote entries
# to load balance between the servers.
remote 1723
;remote my-server-2 1194
# SSL/TLS parms.
# See the server config file for more
# description. It's best to use
# a separate .crt/.key file pair
# for each client. A single ca
# file can be used for all clients.
ca ca.crt
cert.crt
key.key
-Start OpenVPN and the client machine should connect. This is done by right clicking the OpenVPN in the task tray and clicking 'connect' or after starting the program via the start menu.
And after battling to find a good simple HOWTO, I put this together. It's a quick and nasty but it works!:)
Firstly, ensure you are root, and just in case the OpenVPN is not in the base repository, add the rpmforge repo (these steps you can find elsewhere).
If you use selinux you will need this:
#semanage port -a -t openvpn_port_t -p tcp 1723
yum install openvpn
cd /etc/openvpn/
cp -R /usr/share/doc/openvpn-2.0.9/easy-rsa/ /etc/openvpn/
cd /etc/openvpn/easy-rsa/2.0/
. ../vars
chmod +rwx *
./clean-all
source ./vars
vi ../vars
(At the bottom of the files change the values to match the site.)
vi vars
(At the bottom of the files change the values to match the site.)
./build-ca
(This builds the CA certificate.)
source ./vars
./clean-all
./build-ca
./build-key-server server
(This builds the server.key file.)
vi /etc/openvpn/openvpn.conf
(For slow lines UDP is faster. Use the below as a starting point:)
port 1723 # (1194 is the default but on some APN networks this is blocked)
proto tcp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh1024.pem
server 172.16.0.0 255.255.255.0
push "dhcp-option DNS 192.168.168.1"
push "dhcp-option DNS 168.210.2.2"
#push "dhcp-option WINS 192.168.1.2"
push "route 192.168.168.0 255.255.255.0"
ifconfig-pool-persist ipp.txt
keepalive 10 120
comp-lzo
user nobody
group users
persist-key
persist-tun
status openvpn-status.log
verb 3
client-to-client
duplicate-cn # (this means several users can use the same key)
cp keys/{ca.crt,ca.key,server.crt,server.key} /etc/openvpn/
./build-dh (builds the dh1024)
cp keys/dh1024.pem /etc/openvpn/
/etc/init.d/openvpn start
chkconfig --list | grep vpn
(Make sure it is set to start at boot.)
./build-key
(Repeat and rinse if you want several individual client keys.)
cd keys/
zip keys.zip ca.crt ca.key
yum install -y nail
nail -s “Keys" -a keys.zip me@mydomain.co.za
netstat -ntpl | grep 1723
Set the iptables firewall rules to allow with these rules:
# External Interface for VPN
# VPN Interface
VPNIF="tun0"
VPNNET="172.16.0.0/24"
VPNIP="172.16.0.1"
### OpenVPN
$IPTABLES -A INPUT -i $EXTIF -p tcp -s $UNIVERSE -d $EXTIP --destination-port 1723 -j
ACCEPT # OpenVPN
$IPTABLES -A INPUT -i $EXTIF -p tcp -s $UNIVERSE -d $EXTIP --destination-port 1723 -j
ACCEPT # OpenVPN
# Allow TUN interface connections to OpenVPN server
$IPTABLES -A OUTPUT -o $INTIF -s $EXTIP -d $VPNNET -j ACCEPT
$IPTABLES -A OUTPUT -o $VPNIF -s $EXTIP -d $VPNNET -j ACCEPT
# OpenVPN
$IPTABLES -A FORWARD -i $EXTIF -o $VPNIF -m state --state ESTABLISHED,RELATED -j
ACCEPT
$IPTABLES -A FORWARD -o $INTIF -s $EXTIP -d $VPNNET -j ACCEPT
$IPTABLES -A FORWARD -o $VPNIF -s $EXTIP -d $VPNIP -j ACCEPT
$IPTABLES -A FORWARD -o $EXTIF -s $EXTIP -d $VPNNET -j ACCEPT
$IPTABLES -A FORWARD -o $VPNIF -s $INTNET -d $VPNNET -j ACCEPT
Click here to find out more!
Follow the client side instructions from here...
Installing OpenVPN GUI On Windows XP / Vista
Once the OpenVPN server has been setup and the client key(s) made available to you for installation, follow these steps to roll the VPN out to the clients:
-Download the client software here: http://www.openvpn.se/. The tested version is 1.0.3. Version 2.0.9 works on Vista with the following in the client.ovpn file:
route-method exe
route-delay 2
-Install the program.
-Under C:\Program Files\OpenVPN\config place the following:
ca.crt
ca.key
client.ovpn (you might need to edit this file later)
-Edit the client.ovpn file and ensure that the following fields match up for the site / user:
# The hostname/IP and port of the server.
# You can have multiple remote entries
# to load balance between the servers.
remote
;remote my-server-2 1194
# SSL/TLS parms.
# See the server config file for more
# description. It's best to use
# a separate .crt/.key file pair
# for each client. A single ca
# file can be used for all clients.
ca ca.crt
cert
key
-Start OpenVPN and the client machine should connect. This is done by right clicking the OpenVPN in the task tray and clicking 'connect' or after starting the program via the start menu.
The Perfect Server - CentOS 5.2 [ISPConfig 3]
This tutorial shows how to prepare a CentOS 5.2 server for the installation of ISPConfig 3, and how to install ISPConfig 3. ISPConfig 3 is a webhosting control panel that allows you to configure the following services through a web browser: Apache web server, Postfix mail server, MySQL, MyDNS nameserver, PureFTPd, SpamAssassin, ClamAV, and many more.
Please note that this setup does not work for ISPConfig 2! It is valid for ISPConfig 3 only!
I do not issue any guarantee that this will work for you!
1 Requirements
To install such a system you will need the following:
* Download the CentOS 5.2 DVD or the six CentOS 5.2 CDs from a mirror next to you (the list of mirrors can be found here: http://isoredirect.centos.org/centos/5/isos/i386/).
* a fast Internet connection.
2 Preliminary Note
In this tutorial I use the hostname server1.example.com with the IP address 192.168.0.100 and the gateway 192.168.0.1. These settings might differ for you, so you have to replace them where appropriate.
3 Install The Base System
Boot from your first CentOS 5.2 CD (CD 1) or the CentOS 5.2 DVD. Press at the boot prompt:
Click to enlarge
It can take a long time to test the installation media so we skip this test here:
Click to enlarge
The welcome screen of the CentOS installer appears. Click on Next:
Click to enlarge
Choose your language next:
Click to enlarge
Select your keyboard layout:
Click to enlarge
I'm installing CentOS 5.2 on a fresh system, so I answer Yes to the question Would you like to initialize this drive, erasing ALL DATA?
Click to enlarge
Now we must select a partitioning scheme for our installation. For simplicity's sake I select Remove linux partitions on selected drives and create default layout. This will result in a small /boot and a large / partition as well as a swap partition. Of course, you're free to partition your hard drive however you like it. Then I hit Next:
Click to enlarge
Answer the following question (Are you sure you want to do this?) with Yes:
Click to enlarge
On to the network settings. The default setting here is to configure the network interfaces with DHCP, but we are installing a server, so static IP addresses are not a bad idea... Click on the Edit button at the top right.
Click to enlarge
In the window that pops up uncheck Use dynamic IP configuration (DHCP) and Enable IPv6 support and give your network card a static IP address (in this tutorial I'm using the IP address 192.168.0.100 for demonstration purposes) and a suitable netmask (e.g. 255.255.255.0; if you are not sure about the right values, http://www.subnetmask.info might help you):
Click to enlarge
Set the hostname manually, e.g. server1.example.com, and enter a gateway (e.g. 192.168.0.1) and up to two DNS servers (e.g. 213.191.92.86 and 145.253.2.75):
Click to enlarge
Choose your time zone:
Click to enlarge
Give root a password:
Please note that this setup does not work for ISPConfig 2! It is valid for ISPConfig 3 only!
I do not issue any guarantee that this will work for you!
1 Requirements
To install such a system you will need the following:
* Download the CentOS 5.2 DVD or the six CentOS 5.2 CDs from a mirror next to you (the list of mirrors can be found here: http://isoredirect.centos.org/centos/5/isos/i386/).
* a fast Internet connection.
2 Preliminary Note
In this tutorial I use the hostname server1.example.com with the IP address 192.168.0.100 and the gateway 192.168.0.1. These settings might differ for you, so you have to replace them where appropriate.
3 Install The Base System
Boot from your first CentOS 5.2 CD (CD 1) or the CentOS 5.2 DVD. Press
Click to enlarge
It can take a long time to test the installation media so we skip this test here:
Click to enlarge
The welcome screen of the CentOS installer appears. Click on Next:
Click to enlarge
Choose your language next:
Click to enlarge
Select your keyboard layout:
Click to enlarge
I'm installing CentOS 5.2 on a fresh system, so I answer Yes to the question Would you like to initialize this drive, erasing ALL DATA?
Click to enlarge
Now we must select a partitioning scheme for our installation. For simplicity's sake I select Remove linux partitions on selected drives and create default layout. This will result in a small /boot and a large / partition as well as a swap partition. Of course, you're free to partition your hard drive however you like it. Then I hit Next:
Click to enlarge
Answer the following question (Are you sure you want to do this?) with Yes:
Click to enlarge
On to the network settings. The default setting here is to configure the network interfaces with DHCP, but we are installing a server, so static IP addresses are not a bad idea... Click on the Edit button at the top right.
Click to enlarge
In the window that pops up uncheck Use dynamic IP configuration (DHCP) and Enable IPv6 support and give your network card a static IP address (in this tutorial I'm using the IP address 192.168.0.100 for demonstration purposes) and a suitable netmask (e.g. 255.255.255.0; if you are not sure about the right values, http://www.subnetmask.info might help you):
Click to enlarge
Set the hostname manually, e.g. server1.example.com, and enter a gateway (e.g. 192.168.0.1) and up to two DNS servers (e.g. 213.191.92.86 and 145.253.2.75):
Click to enlarge
Choose your time zone:
Click to enlarge
Give root a password:
Subscribe to:
Posts (Atom)