--
Using CentOS 5 Repos in RHEL 5 Server
1. Remove "yum-rhn-plugin" package from RHEL, this is used to check
the activation in RHEL.
the activation in RHEL.
# rpm -e yum-rhn-plugin
2. Remove the "redhat-release" related packages, this is used to check
the repositories compatibility. usually we can't remove these packages
because they are used by other packages of the system for proper
fuctioning. so we'll use the "--nodeps" parameter to forcely remove
them from the system.
# rpm -e redhat-release-notes-5Server redhat-release-5Server --nodeps
3. Download & install the "centos-release" relates packages, to fill
in the gap that we made by removing the "redhat-release" related
packages.
i386 (32 bit)
http://mirror.centos.org/centos-5/5/os/i386/CentOS/centos-release-5-1.0.el5.centos.1.i386.rpm
http://mirror.centos.org/centos-5/5/os/i386/CentOS/centos-release-notes-5.1.0-2.i386.rpm
x86_64 (64 bit)
http://mirror.centos.org/centos-5/5/os/x86_64/CentOS/centos-release-5-1.0.el5.centos.1.x86_64.rpm
http://mirror.centos.org/centos-5/5/os/x86_64/CentOS/centos-release-notes-5.1.0-2.x86_64.rpm
4. To automatically inform about the updates in GUI, Do the following.
# nano /etc/yum/yum-updatesd.conf
In the file, type as follows under the section "# how to send notifications"
dbus_listener = yes
5. To change the OS name in the CLI login, Do the following.
# nano /etc/issue
Since we have installed the "centos-release" relates packages, the OS
name will come as "CentOS release 5 (Final)", so delete it and type
Red Hat Enterprise Linux Server release 5 (Tikanga)
Or any name you like.
6. Now your system is ready.
7. Read my guide on "CentOS Repositories"
--
Implementing High Availability in MySQL
MySQL provides a built-in data replication functionality for maintaining identical copies of its data to one or more backend servers, thus providing a simple High Availability mechanism. On the other hand, the Open Source community has several projects to implement failover techniques, being one of them Heartbeat.
This article will show you how to implement a clustered, highly available and inexpensive solution based on GNU/Linux and combining MySQL as the database engine and Heartbeat as the failover mechanism. The configuration will consist of a 2-node active/passive cluster.
I assume you have MySQL up and running on both nodes and that your are working with MySQL 4.0.13 or above. If not, please refer to MySQL manual here and download a recent copy here.
How does replication works in MySQL
Replication in MySQL is very simple: one machine acts as the master server and one or more machines act as the backup servers (the replica servers). The master server keeps all changes made to its databases in binary log files, so the backup server(s) can read these files and apply the changes to its own copy of the data.
In more detail, the binary log file records all the changes (UPDATE, DELETE, INSERT…) made to the master's databases since the first time the replication was configured and started. The master also creates and maintains an index file to keep track of the binary logs created. Upon connecting, the slave server(s) obtains new updates from the binary log and aplies them to its copy of the data.
Note: As MySQL suggests, visit their website often to check the latest changes and improvements to its database replication implementation.
How does Heartbeat works
Heartbeat is a piece of software that provides High Availability features such as monitoring the availability of the machines in the cluster, transferring the virtual IPs (more on this later) in case of failures and starting and stopping services.
The Heartbeat software running on the slave server periodically checks the health of the master server by listening to its heartbeats sent via null modem cable and/or a crossover ethernet cable. Note that in the best scenario slave's main task is nothing but to monitor the health of its master. In case of a crash the slave will not receive the heartbeats from the master and then it will take over the virtual IPs and the services offered by the master.
The overall picture
Next figure shows the picture of our cluster.
As previously stated, our configuration will consist of a 2-node active/passive cluster: dbserv1, the master server and dbserv2, the slave server. Both machines are linked via serial COM port /dev/ttyS0 (null modem cable) and a crossover ethernet cable (eth0), through which they send its heartbeats to each other.
The 192.168.1.103 IP address at eth1:0 is the floating IP address, the virtual IP. This is the service IP where the master listens to and that will be transferred to the slave in case of a failure in the master. Requests from the application servers will be made through the virtual IP.
Both servers have another IP address that can be used to administer the machines: 192.168.1.101 and 192.168.1.102. Bear in mind that the virtual IP (192.168.1.103) is set up by Heartbeat, meaning that if it is not up and running in the active server there will be no access to the virtual service.
Setting up replication
1. Create a replication user on the master:
mysql -u root -p
At MySQL prompt type:
GRANT REPLICATION SLAVE ON *.* TO replica@"%" IDENTIFIED BY 'replica_passwd';
2. Stop MySQL on both the master server and the slave server. Take a snapshot of your databases from the master.
/etc/init.d/mysql stop
tar cvzf mysqldb.tgz /path/to/your/databases
In my configuration I would…
/etc/init.d/mysql stop
tar cvzf mysqldb.tgz /var/mysql-data/*
3. Copy the data to the slave
scp /path/to/mysqldb.tgz admin@dbserv2:/path/to/your/databases
If you are using InnoDB tables, copy your tablespace file(s) and associated log files to the slave. In my case, the tablespace is called ibdata and the log files are those ib_*. So:
scp /var/mysql-data/ibdata admin@dbserv2:/var/mysql-data
scp /var/log/mysql/ib_* admin@dbserv2:/var/log/mysql
4. Activate the binary log and assign a unique ID to the master:
vi /etc/my.cnf
Then add/change the following
[mysqld]
…..
# Enable binary logs. Path to bin log is optional
log-bin=/var/log/mysql/dbserv1
# If the binary log exceeds 10M, rotate the logs
max_binlog_size=10M
# Set master server ID
server-id=1
…..
Now you can start mysqld on the master. Watch the logs to see if there are problems.
/etc/init.d/mysql start
5. Log in on the slave.
vi /etc/my.cnf
Then add/change the following:
server-id=2
# This is eth0. Take a look at figure 1
master-host=192.168.100.1
master-user=replica
master-password=replica_passwd
# Port that master server is listening to
master-port=3306
# Number of seconds before retrying to connect to master. Defaults to 60 secs
#master-connect-retry
6. Uncompress the databases
cd /path/to/your/databases
tar xvzf mysqldb.tgzchown -R mysql.mysql /path/to/your/databases
Make sure your tablespace file(s) and associated files are in place (/path/to/your/databases in our example).
7. Start mysqld on the slave. Watch the logs to see if there are problems.
/etc/init.d/mysql start
8. Check if replication is working. For example, log in on the master, create a database and see if it is replicated on the slave:
mysql -u root -p
create database replica_test;
show databases;
+----------------+
| Database |
+----------------+
| replica_test |
| mysql |
| test |
| tmp |
+----------------+
Log in on the slave server and make sure the database replica_test is created:
mysql -u root -p
show databases;
+----------------+
| Database |
+----------------+
| replica_test |
| mysql |
| test |
| tmp |
+----------------+
If you have problems, please refer to MySQL manual here.
Installing and setting up Heartbeat
Download a recent copy of Heartbeat from here and then as usual….
configure
make
make install
or:
rpm -Uhv heartbeat-1.0.4-1.i386.rpm
if you downloaded the RPM based package.
Configuring heartbeat
There are three files involved in the configuration of heartbeat:
- ha.cf: the main configuration file that describes the machines involved and how they behave.
- haresources: this configuration file specifies virtual IP (VIP) and services handled by heartbeat.
- authkeys: specifies authentication keys for the servers.
Sample /etc/ha.d/ha.cf
# Time between heartbeats in seconds
keepalive 1
# Node is pronounced dead after 15 seconds
deadtime 15
# Prevents the master node from re-acquiring cluster resources after a failover
nice_failback on
# Device for serial heartbeat
serial /dev/ttyS0
# Speed at which to run the serial line (bps)
baud 19200
# Port for udp (default)
udpport 694
# Use a udp heartbeat over the eth0 interface
udp eth0debugfile /var/log/ha/ha.debug
logfile /var/log/ha/ha.log# First node of the cluster (must be uname -a)
node dbserv1
# Second node of the cluster (must be uname -a)
node dbserv2
Sample /etc/ha.d/haresources
dbserv1 Ipaddress::192.168.1.103::eth1
This tells Heartbeat to set up 192.168.1.103 as the virtual IP (VIP). See figure above.
Sample /etc/ha.d/authkeys
auth 1
1 crc
2 sha1 HI!
3 md5 Hello!
This file determines the authentication keys. Must be mode 600. As I assume that our network is relatively secure I configure crc as the authentication method. There is also md5 and sha1 available.
Now start heartbeat on dbserv1 and the on dbserv2, watch the logs, then stop heartbeat on the first node and see what happens on the second node. Start again heartbeat on the first node and stop it on the second and see the logs. If all is okay, you have a 2-node cluster up and running.
What we have
At this point we have a 2-node cluster with certain degree of availability and fault tolerance. Despite this could be a valid solution for non-critical environments, in really critical environments this configuration should be improved.
Advantages
- The cluster is fault tolerant
- The cluster is relatively secure
- There is no single point of failure (comments?)
- Automatic fail over mechanism
- Proven and solid OpenSource software for production environment (my experience)
- Simple and easy to install and configure
- Easy to administer
- Inexpensive
Disadvantages
Our cluster presents almost one serious problem in critical environments (i.e. 99,99% availability). As you know, when the master node fails, the standby node takes over the service and the virtual IP address. In this scenario, when the master comes back online again, it will act as the stand-by node (remember nice_failback on from /etc/ha.d/ha.cf?). As our configuration has not implemented a two-way replication mechanism, the actual master is not generating binary logs and the actual slave is not configured to act as such. There are means to avoid this disadvantage, but this is your homework ;-). Let me know your progress.
As usual, comments are very welcome.
References:
--
Debian: record boot messages
Debian allows you to record boot messages by means of the bootlogd
daemon. According to man pages:
daemon. According to man pages:
Bootlogd runs in the background and copies all strings sent to the
/dev/console device to a logfile. If the logfile is not accessible,
the messages will be kept in memory until it is.
This feature is not enabled by default. Edit /etc/default/bootlogd and
modify it to enable recording of boot messages:
# Run bootlogd at startup ?
BOOTLOGD_ENABLE=Yes
Now bootlogd will start sending boot messages to /var/log/boot.
--
How to clear your cache on squid
stop squid --/etc/init.d/squid stop
then chk in the squid.conf file the location of cache_dir, , normally /var/spool/squid where we have swap.state
we need to flush it
# echo "" > /var/spool/squid/swap.state
restart squid
/etc/init.d/squid start
--
then chk in the squid.conf file the location of cache_dir, , normally /var/spool/squid where we have swap.state
we need to flush it
# echo "" > /var/spool/squid/swap.state
restart squid
/etc/init.d/squid start
--
how to block gmail talk without blocking Gmail on port 443
eth2 is the private network
iptables -t nat -A PREROUTING -i eth2 -d chatenabled.mail.google.com -p tcp --dport 443 -j DROP
restart iptables --
(13)Permission denied: access to /index.php denied
[Tue Apr 08 14:36:18 2008] [error] [client 121.xx.xx.xx]
(13)Permission denied: access to /index.php denied
[Tue Apr 08 14:36:25 2008] [error] [client 121.xx.xx.xx]
(13)Permission denied: access to /index.html denied
[Tue Apr 08 14:36:30 2008] [error] [client 121.xx.xx.xx]
(13)Permission denied: access to /index.html denied
(13)Permission denied: access to /index.php denied
[Tue Apr 08 14:36:25 2008] [error] [client 121.xx.xx.xx]
(13)Permission denied: access to /index.html denied
[Tue Apr 08 14:36:30 2008] [error] [client 121.xx.xx.xx]
(13)Permission denied: access to /index.html denied
this is what i did
your permission should look like this
root@v3 user1]# ll /home/
total 16
drwx------ 2 mysql mysql 4096 2008-04-08 09:53 mysql
drwxr-xr-x 3 user1 ftp 4096 2008-04-08 12:01 user1
[root@v3 user1]# ll
total 8
drw-r--r-- 2 root root 4096 2008-04-08 13:22 www
[root@v3 user1]# ll www/
total 16
-rw-r--r-- 1 root root 44 2008-04-08 13:22 index.html
-rw-r--r-- 1 root root 171 2008-04-08 12:05 info.php
you htconf-vhost shuld look like this :
<VirtualHost *>
DocumentRoot "/home/user1/www"
ServerName v3.managedns.org
<Directory "/home/user1/www">
AllowOverride None
order allow,deny
allow from all
Options +Indexes
</Directory>
</VirtualHost>
tis this does nto work it might be selinux issue !!
do
(It'll tell you if it's enabled and what type of policy
it's using (enforcing or permissive). )
getsebool -a
--
-ERR chdir Maildir failed
If you are getting the following error in maillog
Jan 9 19:17:01 test courierpop3login: chdir Maildir: No such file or directory
Jan 9 19:17:01 test courierpop3login: chdir Maildir: No such file or directory
or if you are trying to do the following and get the follwing error
test:~# telnet server.sbs.com 110
Trying 192.168.0.244...
Connected to test.sbs.com.sbs.com.
Escape character is '^]'.
+OK Hello there.
user user2@mega.com
+OK Password required.
passwd user2
-ERR Invalid command.
pass user2
-ERR chdir Maildir failed
Connection closed by foreign host.
then 1st tis to chechk is vi /etc/courier/authmysqlrc file
check this option
MYSQL_HOME_FIELD "/var/spool/mail/virtual"
also check this option
MYSQL_MAILDIR_FIELD concat(home,'/',maildir)
or
MYSQL_MAILDIR_FIELD CONCAT(maildir,"/")
/etc/init.d/courier-authdaemon restart
/etc/init.d/courier-imap restart
/etc/init.d/courier-imap-ssl restart
/etc/init.d/courier-pop start
then try to tel net to 110 again
hope this helps !!!
--
how to install Proftpd ( basic setup )
These are installation step to install proftpd ( very basic )
cd /software or /tmp
wget ftp://ftp.ibiblio.org/pub/mirrors/proftpd/distrib/source/proftpd-1.3.1.tar.gz
tar -xzvf proftpd-1.3.1.tar.gz
cd proftpd-1.3.1
./configure --prefix=/usr/local/proftpd
make
make install
the configuration files will be located at /usr/local/etc
cd /usr/local/etc
edit the proftpd.conf ( make the following changes )
# This is a basic ProFTPD configuration file (rename it to
# 'proftpd.conf' for actual use. It establishes a single server
# and a single anonymous login. It assumes that you have a user/group
# "nobody" and "ftp" for normal operation and anon.
ServerName "agnello.manage.org" ---> ( usuall the hostame )
ServerType standalone
DefaultServer on
# Set the user and group under which the server will run.
User proftpd ---> if this user does not exist create the same
Group proftpd
delete this entire <Anonymous> section.
add the following section
##########################
#
# ftp only home directories
#
#########################
<Anonymous /home/test1> --------> ( if this user has not been created create the same , the use should belong to the grp ftp )
User test1
Group ftp
UserAlias anonymous esha
AnonRequirePassword on
<Limit READ WRITE DIRS>
AllowAll
</Limit>
</Anonymous>
to star the proftpd daemon run
/usr/local/proftpd/sbin/proftpd
to chk if preocess is running
ps -aux grep proftp
now log on to your web browser ftp://ipaddress/
add user name password
Note : proftpd supports mysql ... and can be administered throught phpmyadmin .... see for future tutorials
and enjoy !!!
--how to install LAMP ( 29/3/08 )
installation on fedora or centOS
before installation, install gcc-c++ gcc ncurses-devel
setenforce 0
1. Installing MySQL 5.x
a) Download the MysQL source files from http://www.mysql.com
wget http://mysql.mirrors.pair.com/Downloads/MySQL-5.0/mysql-5.0.45.tar.gz
b) Extract the source from the gunzipped file using tar or gunzip
c) Create the mysql user and group using the following commands
groupadd mysql
useradd -g mysql -c "MySQL Server" mysql
cd mysql-5.0.45 (enter)
Follow this command by typing;
#./configure --prefix=/usr/local/mysql --localstatedir=/usr/local/mysql/data --disable-maintainer-mode --with-mysqld-user=mysql
--enable-large-files-without-debug (enter)
Sit back and wait for a while while configure does its thing, once the system returns the prompt to you issue the following command;
#make (enter)
Unless you have a very fast machine this will take some time, so spend time with your family, grab a beer, go for a walk, or whatever you're into. When you
get back, assuming the system has returned the prompt to you issue the following command;
#make install (enter)
Cool !, MySQL is installed, there are only a couple things left to do to get it working, first we need to create a group for MySQL as follows;
a symbolic link to the MySQL source directory in a directory
your choice. (I use /usr/local/). Here is an example of the same
ln -s /usr/local/src/mysql-5.0.45 /usr/local/mysql
e) Change the working directory to the symbolic link that you have
created in the server.
f) Execute the following command
./scripts/mysql_install_db
The above command will install the mysql and the test database
g) Change the ownership of /usr/local/mysql using the following command
chown -R root:mysql /usr/local/mysql
Where root is the user and mysql is the group
h) Change the ownership of /usr/local/mysql/data using the following command
chown -R mysql:mysql /usr/local/mysql/data
i) Copy the default configuration file for the expected size of the
database (small, medium, large, huge)
cp support-files/my-medium.cnf /etc/my.cnf
chown root:sys /etc/my.cnf
chmod 644 /etc/my.cnf
j) Now we have to tell the system where to find some of the dynamic
libraries that MySQL will need to run. We use dynamic libraries
instead of static to keep the memory usage of the MySQL program itself
to a minimum.
echo "/usr/local/mysql/lib/mysql" >> /etc/ld.so.conf
ldconfig
k) Now create a startup script, which enables MySQL auto-start each
time your server is restarted.
cp ./support-files/mysql.server /etc/rc.d/init.d/mysql
chmod +x /etc/rc.d/init.d/mysql
/sbin/chkconfig --level 3 mysql on
l) Then set up symlinks for all the MySQL binaries, so they can be run
from anyplace without having to include/specify long paths, , etc
cd /usr/local/mysql/bin
for file in *; do ln -s /usr/local/mysql/bin/$file /usr/bin/$file; done
m) First, we will assume that only applications on the same server
will be allowed to access the database (i.e., not a program running
on a physically separate server). So we'll tell MySQL not to even
listen on port 3306 for TCP connections l ike it does by default.
Edit /etc/my.cnf and uncomment the
skip-networking
n) Start MySQL
mysqladmin -u root password newpassword
to login
mysql -u root -p ( enter) ---> new password
2. Installing Apache 2.2.3
2.1 The installation of OpenSSL is pretty simple. We specify the destination folder by --prefix.
cd /usr/local/src/
wget http://www.openssl.org/source/openssl-0.9.8g.tar.gz
cd /usr/local/src/openssl-0.9.8g
./config --prefix=/usr/local/openssl
make
make test
make install
ln -s /usr/local/openssl/bin/openssl /usr/local/bin/openssl
a) Download the Apache 2.2.3 source files from http://httpd.apache.org
b) Extract the source from the gunzipped file using tar or gunzip
c) change the working directory to the directory containing the
extracted source files
d) Run the following command for basic apache installation
./configure --prefix=/usr/local/apache2 --with-apxs2=/usr/local/apache2/bin/apxs --with-mysql=/usr/local/mysql --enable-shared=max
--enable-module=rewrite --enable-module=so --enable-shared=ssl --enable-ssl --enable-shared=rewrite --with-ssl=/usr/local/src/openssl-0.9.8d
make
make install
)open ../conf/httpd.conf using your favorite editor, find AddType
directive and add after it the following lines:
AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps
g)ln -s /usr/local/apache2/bin/apachectl /usr/bin/httpd
h)restart apache
httpd start
3. Installing PHP 5.2.0
a) Download the PHP 5.2.0 source files from http://www.php.net
b) Extract the source from the gunzipped file using tar or gunzip
c) change the working directory to the directory containing the
extracted source files
d) Run the following command for PHP installation
./configure --prefix=/usr/local/php5 --with-apxs2=/usr/local/apache2/bin/apxs --with-libxml-dir=/usr/local/lib --with-zlib --with-zlib-dir=/usr/local/lib
--with-mysql=/usr/local/mysql --with-mysqli=/usr/bin/mysql_config --with-gd --enable-soap --enable-sockets --with-jpeg-dir=/usr --enable-exif --enable-cli
or ( for basic )
./configure --with-apxs2=/usr/local/apache/bin/apxs --with-mysql=/usr/local/mysql
if you get the following error "" configure: error: xml2-config not found ""
install
yum install libxml2-devel
yum install libjpeg-devel libpng-devel
e)Build the PHP configuration using the following command
make
f) Install PHP
make install
cp php.ini-dist /usr/local/php5/lib/php.ini
ln -s /usr/local/php5/lib/php.ini /etc/php.ini
to creat a symblolic line to the /etc dir for easy location of httpd.con
ln -s /usr/local/apache2/conf/httpd.conf /etc/httpd.conf
to start httpd fome norma start up script
ln -s /usr/local/apache2/bin/apachectl /etc/rc.d/init.d/httpd
--
Subscribe to:
Posts (Atom)