Apache

All posts in the Apache category

Setup Load-Balancing Cluster with LVS and Piranha on Centos 6

Published December 3, 2013 by Siva

Terminology:

piranha – This is a package that provides a configuration interface for setting up LVS.

ipvs The name of the module that allows a load-balancing on Linux.

ipvsadm – A package (and a command) that makes administrating ipvs possible. Be aware, you either user piranha-gui or /etc/sysconfig/ipvsadm to configure ipvs.

LVS Linux Virtual Server – the project name of all tools used in this document.

pulse – A service (/etc/init.d/pulse) that runs on both active and backup machine and opens a port to make checking possible. piranha-gui configures everything, pulse actually activates all configurations.

nanny A process started by pulse to monitor the realservers.

nat – Network Address Translation. A common combination with LVS. In case NAT is uses, the loadbalancer/director/LVS accepts traffic on one the VIP and sends traffic to the realservers. Be aware, the current implementation of ipvsadm does not properly use Source NAT, it currently does not rewrite the source address.

direct routing – A method of routing available in LVS. Traffic is received on the VIP, sent through to the realservers. The realservers receive the traffic as if it was sent to the VIP, so the VIP must be configured on the realservers. To avoid arp-caches to register the wrong MAC-address-IP-address combination, a few “tricks” must be done.

wlc – Weighted Least Connections, an algorithm to balance load to realservers.

VIP Virtual IP. – The IP-address the service is configured on.

RIP Real server IP. – The IP-address of a real-server.

realserver – The server providing the actual service. This can be Linux, Windows, whatever.

This setup guide is about building web cluster with a pair of Linux loadbalancers as frontend.
It uses Linux Virtual Server(LVS) and Piranha. Piranha is a web-based gui installed in LVS Routers primarily to generating a valid /etc/lvs.cf file.

Start by installing LVS on LVS Router.

[root@lvsrouter ~]# yum groupinstall “Load Balancer”
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
ipvsadm x86_64 1.25-10.el6 base 41 k
piranha x86_64 0.8.6-2.el6_4.1 updates 623 k
Installing for dependencies:
libedit x86_64 2.11-4.20080712cvs.1.el6 base 74 k
libnl x86_64 1.1-14.el6 base 121 k
php x86_64 5.3.3-22.el6 base 1.1 M
php-cli x86_64 5.3.3-22.el6 base 2.2 M
php-common x86_64 5.3.3-22.el6 base 524 k

Transaction Summary
================================================================================
Install 7 Package(s)

Total download size: 4.7 M
Installed size: 18 M
Is this ok [y/N]: y

Start piranha and pulse services on reboot.

chkconfig piranha-gui on
chkconfig pulse on

Set a password for piranha web

/usr/sbin/piranha-passwd

Allow ports in iptables

vi /etc/sysconfig/iptables
-A INPUT -m state –state NEW -m tcp -p tcp –dport 3636 -j ACCEPT

Edit piranha config

vi /etc/sysconfig/ha/conf/httpd.conf

Start the piranha gui service

service piranha-gui start

For LVS router to forward network packets properly to real servers, each LVS router node must have IP forwarding turned on. Turn on packet forwarding by editing sysctl.conf:

vi /etc/sysctl.conf
net.ipv4.ip_forward = 1

Reload sysctl

sysctl -p /etc/sysctl.conf

Start http services on the Real Servers

service httpd start

On the LVS Router, log in to the Piranha web ui to begin configuration.

Enter Primary Router’s IP address in “Global Settings”->”Primary server public IP:”.
CENTOS Piranha Global Settings

Enter Redundant Router’s IP address in “Redundancy”->”Redundant server public IP:”.
CENTOS Piranha Redundancy

Enter Virtual Server settings in “Virtual Servers”->”Virtual Server”.
CENTOS Piranha Virtual Servers

Include Real Server settings in “Virtual Servers”->”Real Server”.
CENTOS Piranha Real Server

On each time the Piranha Gui was changed, have to sync the settings to Backup Routers,
and restart the pulse service on both routers.

service pulse restart

To see the virtual server’s statistics, use “watch ipvsadm”.


[root@lvsrouter ~]# watch ipvsadm

Courtesy : http://iomeweekly.blogspot.in/2013/04/setup-load-balancing-cluster-with-lvs.html

Disable Directory Browsing in Linux Apache Server

Published May 14, 2011 by Siva

Disable directory browsing using .htaccess:-
Open your .htacces file

Look for Options Indexes
If Options Indexes exists modify it to Options -Indexes or else add Options -Indexes as a new line
The directory browsing feature should be disable by now

Disable directory browsing using httpd.conf:-

Open your httpd.conf, normally it’s located at /usr/local/apache/conf or /etc/httpd.conf
Go to your own Virtual Host settings and look for “Options Indexes”
Change the Indexes to -Indexes if Option Indexes exists or else add the Options -Indexes line
Restart your apache web server.

The directory browsing feature should be disable by now

Disable directory browsing in CPanel Share Hosting enviroment:-

Login to your CPanel
Click on Index Manager
Directory will be list down. Click on the directory name which you want to disable the directory browsing
Select No Index and click Save

The directory browsing feature should be disable by now
Once you disable directory browsing, visitor will not able to browse your directory by accessing the directory directly (if there is no index.html file).
This will protect your files from exposing to the public.

Monitoring Network Traffic Usage using Bandwidthd

Published March 10, 2011 by Siva

It is important to know traffic usage of your client if you’re a Linux network administrator. You can monitor your client in text mode, graphic mode or html exported like mrtg, cacti or bandwidthd and one of my favorite bandwidth monitor is Bandwidthd.


You don’t need any database or snmp connection to monitor all of your client on bandwidthd, all you need just libcaplibpnglibgd and apache installed on your Linux system. And other good news is bandwidthd monitor all of your connected client per IP and per connection protocol.

Installing Bandwidthd

Prepare your Linux and download bandwidthd for Linux here. Next extract bandwidth using tar -zxvf command.


Goto extracted directory and type ./configure && make install to install bandwidth to your system.

Configuring Bandwidthd

By default all installed bandwidthd files placed on /usr/local/bandwidthd/folder. Now goto bandwidthd installed directory and CD to etc, you’ll find bandwidthd config file there. Open bandwidthd.conf using your favorite text editor like vi or nano and start edit bandwidthd config file suit your network.


Save your config and start bandwidthd using/usr/local/bandwidthd/bandwidthd. Put that command to your /etc/rc.localfile so bandwidthd can start on every time Linux boot.

Configuring Apache

You will can’t see your graphic report until you set/usr/local/bandwidthd/htdocs/ folder to set as apache virtual directory. Add below line to your apache config file.

Alias /bandwidthd “/usr/local/bandwidthd/htdocs”
<Directory “/usr/local/bandwidthd/htdocs”>
Order Allow,Deny
Allow from All
</Directory>
Save your work and restart apache. Next open your browser and point to http://yourlinuxserver/bandwidth.

Happy trying and good luck.

Courtesy:  http://infodotnet.blogspot.com

Remote Installation of Fedora Distributions Using PXE boot

Published November 13, 2010 by Siva


If you want to deploy many machines, then it is a pain to go from machine to machine with 4 CDs. Like RIS (Remote Installation Service) in Windows, Fedora also offers you a similar remote installation facility via PXE LAN booting. For this, you will require a DHCP server, Apache and TFTP server running on Fedora.

Firstly, install Fedora completely. Then, on that machine, make a folder named  /Fedora on root and copy all the contents of the Fedora CDs in this folder. Remember that you are mounting the CDs and copying the contents and not just copying the ISOs. While copying the files from the CDs, you will be asked for permission to overwrite few files and folders.

Once you have created a copy of the CDs on the machine, you have to create a kick start file, which has answers to the questions asked during the installation process.

To make this file, launch ‘kickstart’ from Start>Systems, this will open a GUI Kickstart configuration interface.

Here, you can set pre-installation settings such as keyboard type, language, time zone, mouse, display, root password, etc. Fill all the entries according to your setup requirements and save the file. It saves a file with name ks.cfg.

Copy this file to the location where you have copied the Fedora2006 files from the CD.

Host installer
In order to remotely install Fedora via HTTP, you have to configure apache server to host the installer. To do this, launch Start>system>HTTP. This will open an interface to configure the apache web server. Here, select the main tab and give the IP address of the same machine, where you are hosting the apache server. Next, select the ‘virtual host’ tab and select add new host and double click the new virtual host you have created. This will open its properties dialog. Here, under basic setup set the ‘document root directory’ to the location where you copied the Fedora CDs.

In our case it is /fedora. Now, from the same properties window, click on the performance tab and add the directory of your Fedora installer that you have copied above. Once you are through with this, save the settings by clicking the Ok button. After this, start apache server by issuing this command.

#service httpd start

Now, open a web browser and check that the web server is working properly. Make sure it displays the directory structure of the Fedora installer folder on the web page.

Configuring TFTP Server
TFTP stands for Trivial File Transfer Protocol, a simpler form of the File Transfer Protocol (FTP).

The next step is to configure TFTP server on your installer server in such a way that it can remotely boot another PC over a network. In order to do this, open a terminal and issue the following commands.

# cp /pcqlinux/isolinux/* /tftpboot/linux-install/
# cp /tftpboot/linux-install/isolinux.cfg /tftpboot/linux-install/pxelinux.cfg/default

The above commands will copy all the boot files from the folder where you have dumped the entire Fedora CDs to the TFTP server.

Now open /tftpboot/ linux-install/pxelinux.cfg /default file in a text editor and change the following entries as follows

label linux
kernel vmlinuz
append initrd=initrd.img ramdisk_size=8192 s=http://192.168.3.1/pcqlinux/ks.cfg
label text
kernel vmlinuz
append initrd=initrd.img text ramdisk_size=8192 ks=http://192.168.3.1/pcqlinux/ks.cfg

(Here 192.168.3.1 is the IP address of the hosting server, where you have hosted the Fedora installer, you should change it according to your settings).

After this you have to enable the TFTP server so that the TFTP server

automatically gets started on booting the Fedora server. For doing this, run ‘setup’ command from the terminal. It will open a CLI interface, here select ‘Services’ and from the list select ‘tftp’ by pressing space bar key and click the Ok button to save the settings .

Configure DHCP server

Now, you have to configure the DHCP server on your installation server, so that the diskless clients can get IP addresses from the RIS server and remotely boot and start the Fedora installer. To do this open the /etc/dhcpd.conf file and add the following lines as shown below.

ddns-update-style
none;
default-lease-time
21600;
max-lease-time
21600;
option subnet-mask
255.255.255.0;
option broadcast-address
192.168.3.255;
option domain-name-servers
192.168.3.78; #<– RIS Server IP
option domain-name
“ris.pcquest.local”;
# <–domain name
option option-128 code 128 = string;
option option-129 code 129 = text;
subnet  192.168.3.0 netmask 255.255.255.0 {
range dynamic-bootp
192.168.3.10 192.168.3.253; # <– DHCP IP Ranage
filename
“/linux-install/pxelinux.0”;  #<- Boot image File

}
Restart the DHCP server.
# Service dhcpd restart

With this your Remote Installation server is ready.

Boot the client machines from the Remote Installation Server and you will get the Installer booting screen. Thereafter, and you can start the installation process on it.

Troubleshooting – Client not booting?

If your PC is not booting off the remote boot server, then two things could be wrong. Firstly, its network card may not be PXE boot enabled. If it is PXE enabled, check the BIOS to see whether the boot from network option is enabled

 

Apache – “Client denied by server configuration” – Resolved

Published June 19, 2010 by Siva

Having problems with displaying your site and getting error 403 in your web-browser?

does the log-file for apache errors contain lines like tis?
“client denied by server configuration: /path/to/files”

Then you probably have denied access to the directory in the httpd.conf file.

Allow access by adding:
<directory /path/to/files>
allow from all
</directory>

If your are using VirtualHosts then add the directory-block inside the <virtualhost> block.

Configure Apache to listen multiple ports

Published February 1, 2010 by Siva

The listen directive in the Apache configuration file can be used to make Apache to listen in a particular port or IP address or port combination.

Listen 80
Listen 8000

In this format the Apache server listens on the given ports on all interfaces (IP addresses) which are up in the server. If you mention the above two directives in the Apache configuration file then the Apache server will listen on both the ports 80 and 8000. Multiple Listen directives may be used to specify a number of addresses and ports to listen to.

Listen IP:80

You need to replace the IP address in this example with the IP address you want the Apache service to listen. In this format an IP address is given as well as a port. In this case the server will listen on the given port and interface( IP address ). If you want the Apache service to listen on two IP addresses in the server you can use multiple listen directive in the configuration file.

Listen IP1:80
Listen IP2:80

Please remember to restart the Apache service in the server once the changes are made to the configuration file.

Install php5 and php4 in cPanel server

Published February 1, 2010 by Siva

Install Apache(apache2.2.2)

1. Download apache2.2.2(httpd-2.2.2.tar.gz) store in /usr/local/src
2. Type the following to un-tar the file into a directory called apache_[version]: tar -xvf apache_[version].tar
3.  cd into /usr/local/apache_[version] (or wherever you un-tared it)
4. Type the following to prepare for building, replacing [path] with your own path, such as /usr/local/usr/local/apache_new
5. ./configure –prefix=[path] –enable-module=so
6. make
7. make install
8. Check if you have mod_so enabled:
* cd to the Apache bin directory (/usr/local/apache_new/bin/ or wherever you installed Apache originally)
* Type ./httpd -l
9. Open httpd.conf(/usr/local/apache_new/conf/) and find a line starting with ServerAdmin.
ServerAdmin admin@example.com
10. Find a line starting with ServerName:
ServerName server1.example.com:80
11. Save the file.
12. cd up a directory (type cd ..)
13. Start Apache using the following command:
# ./bin/apachectl start
14. Call the IP(192.168.1.5) or domain name(server1.example.com)from browser You will get a page “IT WORKS”

Install Mysql 4.1

Add a login user and group for mysqld to run:
# groupadd mysql
# useradd -g mysql mysql
# tar zxvf mysqlversion.tar.gz
# cd mysqlversion
# ./configure–prefix=/usr/local/mysql
# make
# make install
# cp support-files/my-medium.cnf /etc/my.cnf
# cd /usr/local/mysql

If you haven’t installed  mysql before, you must create the mysql grant tables:
#bin/mysql_install_db –user=mysql
(If you run the command as root, you should use the –user option. The value of the option should be the name of the login account that you have created in the first step to use for runnning the server)

#cd /usr/local/mysql
#chown -R root .
#chown -R mysql var
#chgrp -R mysql .

Install PHP(PHP4.4.2)

Unpack a source archive
# tar -zxvf php-4.3.3.tar.gz

Configure PHP as Apache module with MySQL support
#./configure –with-apxs2=/usr/local/apache/bin/apxs –with-mysql=/usr/local/mysql

Compile the sources
# make

Install the compiled Apache module
# make install

Copy php.ini-dist to /usr/local/lib/php.ini
# cp ./php.ini-dist /usr/local/lib/php.ini

Integrate PHP with Apache

Open httpd.conf(/usr/local/apache_new/conf) open in your text editor

AddType application/x-httpd-php .php .phtml
AddType application/x-httpd-php-source .phps

Save the file, go up a directory (cd ..), and stop and restart Apache by typing:

./bin/apachectl stop Followed by ./bin/apachectl start

Find the document root from httpd.conf(/usr/local/apache_new/conf) file
DocumentRoot “/usr/local/apache_new/htdocs”

Configuring Websites

Edit /usr/local/apache2/conf/httpd.conf and make sure it has the
correct document root settings :: /var/www/
(change the defautlt documetroot in config file (#DocumentRoot “/usr/local/apachenew/htdocs”) to /var/www/ and also change the the ‘directory’ directive(#<Directory “/usr/local/apachenew/htdocs”) to /var/www/(search for the DocumentRoot and change))

Un-comment the following options …
-> Include conf/extra/httpd-vhosts.conf
-> Include conf/extra/httpd-default.conf

Then edit the v-hosts file(conf/extra/httpd-vhosts.conf) and setup a couple of dummy sites just to make sure everything is working as it should(Comment out all the default VirtualHost entries inside this file)

NameVirtualHost ServerIP:80

<VirtualHost ServerIP:80>
DocumentRoot /var/www/test1/
ServerName test1.com
</VirtualHost>

<VirtualHost ServerIP:80>
DocumentRoot /var/www/test2/
ServerName test2.com
</VirtualHost>

Create the two directories in /var/www/ and place a index.html file in  each, with some domain specific text in, so we can differentiate between the two when testing.

Launch Apache
# /usr/local/apache2/bin/apachectl start

Check the two sites