My (vmWare) Server just crashed on May 4. I have to rebuilt my Server with Array raid 5 level. Now i got it up and working with the array. I learn one thing very important after this crash > BACK UP YOUR SERVER (COPY THE WHOLE FOLDER) beside with the making of snapshot for your server. Here are the steps i used to build my Web server.
→ install the apache2 package using command: sudo apt-get install apache2
→ install the apache2-doc package: sudo apt-get install apache2-doc
→ install firefox for your web server: sudo apt-get install firefox
Notes: there are several ways to install firefox. this is the alternative way.
→ sudo add-apt-repository ppa:mozillateam/firefox-stable
→ sudo apt-get update
→ sudo apt-get install firefox ubufox
For some reason, this step does not work for me. Error: command not found (for the 1st step). But it works for others. So, i am trying to figure out what is missing.
→ i supposed to have my DNS server up and running for the web server. But since it crashed, i am too lazy to rebuilt the whole DNS. However i like change my ip to static instead of dhcp. I used route -n to figure out my gateway, and ifconfig to figure out my ip address and relevant info.
Sunday, May 8, 2011
Wednesday, April 27, 2011
how to generating the certificate for web server
Site for generating certificate: https://help.ubuntu.com/6.06/ubuntu/serverguide/C/httpd.html
SSL certificates: prove ID of the server; vouched for by CA (certificate authority); SSL is replaced by TLS-a newer improved protocol. SSL uses public key encryption to transfer key, then use that key for symmetric encryption.
Certificate also contain public key for the server. It use it for checking if verify by the CA.
how to:
sudo openssl req -x509 -nodes -days 90 -newkey rsa:1024 -keyout testcert.pem
testcert.pem: name of keyout put
country name: US, state: HI, locality: honolulu, organization: KCC, unit name: its344, common name (your servername: have to match in apache config file IMPORTANT): www.its344.edu (will be different depend), email address: nguyentd@hawaii.edu. There is your certififate: Need to add exception in order to work. Just self-sign
FOR THOSE WHOSE WITHOUT DNS SERVER:
cd /etc, more hosts, there is: www1.its344.edu, paste that in firefox, it will map to the ip address.
SSL certificates: prove ID of the server; vouched for by CA (certificate authority); SSL is replaced by TLS-a newer improved protocol. SSL uses public key encryption to transfer key, then use that key for symmetric encryption.
Certificate also contain public key for the server. It use it for checking if verify by the CA.
how to:
sudo openssl req -x509 -nodes -days 90 -newkey rsa:1024 -keyout testcert.pem
testcert.pem: name of keyout put
country name: US, state: HI, locality: honolulu, organization: KCC, unit name: its344, common name (your servername: have to match in apache config file IMPORTANT): www.its344.edu (will be different depend), email address: nguyentd@hawaii.edu. There is your certififate: Need to add exception in order to work. Just self-sign
FOR THOSE WHOSE WITHOUT DNS SERVER:
cd /etc, more hosts, there is: www1.its344.edu, paste that in firefox, it will map to the ip address.
Setting up a Web Server
install apache2: sudo apt-get install apache2
Check the file in /etc/apache2
Check the file in /etc/apache2
Monday, April 25, 2011
Notes for Web server setup
/etc/apache2$ ls
etc/apache2$ ls sites-available/
ls sites-endabled/
sites-enabled2 ls
sudo /etc/apache2/sites-enabled$ ln -s /etc/apache2/sites-available/default default
/etc/apache2/sites-enabled file:
/etc/apache2$ : file contain global config: TTL etc.
4 option in the file:
StartServers 5: 5 processes running when server starts
MinSpareServers 5: always have at least 5 process
MaxSpareServers 10: so between 5 and 10 client request to server
MaxClients 150: max request from client
MaxRequestPerChild 0: how many different request crash. 0 mean unlimited
Can define where the log to be. Usually end up in /var/log
httpd.conf file: contain all the user configurations
NameVirtualHost 10.0.2.80
Listen 80: listen to port 80 at this localHost IP address
next section: nested in if-else module
there are 2 different type of virtualHost: <1>NameVirtualHost http://www.kcc.edu/; <2> VirtualHost 192.168.1.10: only gonna be 1 does not matter what server they looking for (recommended)
/etc/apache2$ ls: list file in that directory.
/etc/apache2$ more httpd.conf to check the infor on the web content. give two different file for 2 different server (multi homing).
ex:
outline from the DNS book (take a look at chapter 23 on web hosting). just change the name of the servername. This is where you save the certificate to.
ls mod-available/: to see module available
ls -l mods-enabled/: check enabled ssl.
ls -s: to link file to label.
etc/apache2$ ls sites-available/
ls sites-endabled/
sites-enabled2 ls
sudo /etc/apache2/sites-enabled$ ln -s /etc/apache2/sites-available/default default
/etc/apache2/sites-enabled file:
/etc/apache2$ : file contain global config: TTL etc.
4 option in the file:
StartServers 5: 5 processes running when server starts
MinSpareServers 5: always have at least 5 process
MaxSpareServers 10: so between 5 and 10 client request to server
MaxClients 150: max request from client
MaxRequestPerChild 0: how many different request crash. 0 mean unlimited
Can define where the log to be. Usually end up in /var/log
httpd.conf file: contain all the user configurations
NameVirtualHost 10.0.2.80
Listen 80: listen to port 80 at this localHost IP address
next section: nested in if-else module
there are 2 different type of virtualHost: <1>NameVirtualHost http://www.kcc.edu/; <2> VirtualHost 192.168.1.10: only gonna be 1 does not matter what server they looking for (recommended)
/etc/apache2$ ls: list file in that directory.
/etc/apache2$ more httpd.conf to check the infor on the web content. give two different file for 2 different server (multi homing).
ex:
outline from the DNS book (take a look at chapter 23 on web hosting). just change the name of the servername. This is where you save the certificate to.
ls mod-available/: to see module available
ls -l mods-enabled/: check enabled ssl.
ls -s: to link file to label.
Setting up Array 5 for my Server
-install mdadm tool: sudo apt-get install mdadm. Remeber to set postfig to local.
-Creating 4 Disks for array 5 level
VM ware: file>virtual media manager>new, then follow screen instruction. I chose 5 gb for size for my drive.
Add SCSI controller. then add 5 new drives i just created for to the controller.
Now, i need to check if the disks are properly install on my system: sudo fdisk -l | more. Result: 5 drives are unpartitioned.
now, i have to do: fdisk my 5 drive using command: sudo fdisk /dev/sdb (sdc, sde, sdd, sde, sdf) to partition my 5 drive.
follow screen instruction: n for create new partition>p for primary partition>choose 1 for drive number> then take the default for the first and last cylinders. Then t for chosing file system>fd (NOT "df") for auto Raid autodetect.
-Now my 5 drives are ready for the array
-creating array level 5 with 3 drives 1 hot spare
sudo mdadm --create /dev/md5 --level=5 --raid-devices=3 --spare-devices=1 /dev/sdb1 /dev/sdc1 /dev/sdd1 /dev/sde1now check if my array is running: cat /proc/mdstatit should be active.
-create mount point for array: mkdir /mnt/array5
-now i need to make sure my array is mounted by system everytime i reboot: add to the /etc/fstab/dev/md5 /mnt/array5 ext4 defaults 0 1
create the file system to assign for my array: sudo mkfs.ext4 /dev/md5
I think it's better to create label for my array so that the name of my array devices won't change due to the drive failure: sudo e2label /dev/md5 myarray5. then, i need to re-edit the /etc/fstab to change my label for array: change /dev/md5 to LABEL=myarray5 (that's all i have to change, keep the rest the same).
Now, i have to make sure after reboot, my array still there. to do this, use command: sudo mdadm --examine --scan. then copy the output from that command and paste it in /etc/mdadm/mdadm.conf file. then add: DEVICE /dev/sdb1 /dev/sdc1 /dev/sdd1 /dev/sde1 right above that output. (note, yours could be different).
Note: if you skip this one step, it will mess up your array after reboot. VERY IMPORTANT.
Now, all i need to do is mount my Raid Array sudo mount -a (-a mean mount all devices).
Reboot my server, and i see the array is mounted during start up.
Now that i know my array is set up properly, i need to check if the hot spare is working. i fail one drive using command: sudo mdadm /dev/md5 -f /dev/sdc1 (this will fail sdc1 drive in the array). To check, if the hot spare is taking over, check: /proc/mdstat using: more /proc/mdstat. i see my array is recovering. it take me appropriate 4 min to recover.
i go back to check my array, i see the /dev/sdc1(F) meaning failed drive. So i need to hot-remove the fail drive: sudo mdadm /dev/md5 --remove /dev/sdc1, then add the drive back to the array: sudo mdadm /dev/md5 --add /dev/sde1.
Now that the array is back to normal again with 3 disk and 1 hot spare. I know the next time 1 of the drives fail, my data will be saved because my hot-spare will take over the failed drive and save my life.
And i think this is the whole purpose of doing the array: to save your precious data from unexpected events.
Mission Accomplished.
thanks for viewing my blog.
-Creating 4 Disks for array 5 level
VM ware: file>virtual media manager>new, then follow screen instruction. I chose 5 gb for size for my drive.
Add SCSI controller. then add 5 new drives i just created for to the controller.
Now, i need to check if the disks are properly install on my system: sudo fdisk -l | more. Result: 5 drives are unpartitioned.
now, i have to do: fdisk my 5 drive using command: sudo fdisk /dev/sdb (sdc, sde, sdd, sde, sdf) to partition my 5 drive.
follow screen instruction: n for create new partition>p for primary partition>choose 1 for drive number> then take the default for the first and last cylinders. Then t for chosing file system>fd (NOT "df") for auto Raid autodetect.
-Now my 5 drives are ready for the array
-creating array level 5 with 3 drives 1 hot spare
sudo mdadm --create /dev/md5 --level=5 --raid-devices=3 --spare-devices=1 /dev/sdb1 /dev/sdc1 /dev/sdd1 /dev/sde1now check if my array is running: cat /proc/mdstatit should be active.
-create mount point for array: mkdir /mnt/array5
-now i need to make sure my array is mounted by system everytime i reboot: add to the /etc/fstab/dev/md5 /mnt/array5 ext4 defaults 0 1
create the file system to assign for my array: sudo mkfs.ext4 /dev/md5
I think it's better to create label for my array so that the name of my array devices won't change due to the drive failure: sudo e2label /dev/md5 myarray5. then, i need to re-edit the /etc/fstab to change my label for array: change /dev/md5 to LABEL=myarray5 (that's all i have to change, keep the rest the same).
Now, i have to make sure after reboot, my array still there. to do this, use command: sudo mdadm --examine --scan. then copy the output from that command and paste it in /etc/mdadm/mdadm.conf file. then add: DEVICE /dev/sdb1 /dev/sdc1 /dev/sdd1 /dev/sde1 right above that output. (note, yours could be different).
Note: if you skip this one step, it will mess up your array after reboot. VERY IMPORTANT.
Now, all i need to do is mount my Raid Array sudo mount -a (-a mean mount all devices).
Reboot my server, and i see the array is mounted during start up.
Now that i know my array is set up properly, i need to check if the hot spare is working. i fail one drive using command: sudo mdadm /dev/md5 -f /dev/sdc1 (this will fail sdc1 drive in the array). To check, if the hot spare is taking over, check: /proc/mdstat using: more /proc/mdstat. i see my array is recovering. it take me appropriate 4 min to recover.
i go back to check my array, i see the /dev/sdc1(F) meaning failed drive. So i need to hot-remove the fail drive: sudo mdadm /dev/md5 --remove /dev/sdc1, then add the drive back to the array: sudo mdadm /dev/md5 --add /dev/sde1.
Now that the array is back to normal again with 3 disk and 1 hot spare. I know the next time 1 of the drives fail, my data will be saved because my hot-spare will take over the failed drive and save my life.
And i think this is the whole purpose of doing the array: to save your precious data from unexpected events.
Mission Accomplished.
thanks for viewing my blog.
DNS server setup continue....
OK, now i got my DNS server working for both forward and reverse lookups
The problem is in my rev. file. I went into the /etc/bind/conf.local file to change reverse lookup zone to 2.0.10 instead of 0.0.10. Then i changed "rev.0.0.10.in-addr.arpa" file to 2.0.10.in-addr.arpa" accordingly to match the path inside my conf.local file.
I restarted bind, then everything work fine.
The problem is in my rev. file. I went into the /etc/bind/conf.local file to change reverse lookup zone to 2.0.10 instead of 0.0.10. Then i changed "rev.0.0.10.in-addr.arpa" file to 2.0.10.in-addr.arpa" accordingly to match the path inside my conf.local file.
I restarted bind, then everything work fine.
Setting up DNS Server with BIND9
- have bind9 installed
-edit the /etc/network/interfaces: change dhcp to static IP
-make file backup for your configuration files: sudo cp /etc/bind/named.conf.local /etc/bind/named.conf.local.original sudo cp /etc/bind/named.conf.options /etc/bind/named.conf.options.original-configure /etc/bind/named.conf.local file: adding the reverse and forward lookup zones references into that file.
-setting up the forward lookup zone in /etc/bind/named.conf.options file
-setting the reverse lookup zone in /etc/bind/named.conf.local file
-making new directory to contain the reverse and foreward "db" files: mkdir /etc/bind/zones-create files inside zone directory: thanhsite.com.db and rev.0.0.10.in-addr.arpa-restart bind9 using: sudo /etc/init.d/bind9 restart-After testing: forward is working, reverse not working. trying to figure out what is wrong........
-edit the /etc/network/interfaces: change dhcp to static IP
-make file backup for your configuration files: sudo cp /etc/bind/named.conf.local /etc/bind/named.conf.local.original sudo cp /etc/bind/named.conf.options /etc/bind/named.conf.options.original-configure /etc/bind/named.conf.local file: adding the reverse and forward lookup zones references into that file.
-setting up the forward lookup zone in /etc/bind/named.conf.options file
-setting the reverse lookup zone in /etc/bind/named.conf.local file
-making new directory to contain the reverse and foreward "db" files: mkdir /etc/bind/zones-create files inside zone directory: thanhsite.com.db and rev.0.0.10.in-addr.arpa-restart bind9 using: sudo /etc/init.d/bind9 restart-After testing: forward is working, reverse not working. trying to figure out what is wrong........
Subscribe to:
Posts (Atom)