|
*** Introduction –
All you know about the haproxy, that its the one of the good opensource load balancing software and to check the fun stats of haproxy here we using ‘socat’ – Multipurpose relay (SOcket CAT)
* What is socat?
Socat is a command line based utility that establishes two bidirectional byte streams and transfers data between them. Because the streams can be constructed from a large set of different types of data sinks and sources (see address types), and because lots of address options may be applied to the streams, socat can be used for many different purposes. (see more info at ‘man socat’ 
or at http://www.dest-unreach.org/socat/)
* How to use ’socat’ with haproxy stat
Step 1) Download ’socat’ from http://www.dest-unreach.org/socat/download/ latest version ~ “socat-2.0.0-b3.tar.gz”
ravi@arun:~$ wget http://www.dest-unreach.org/socat/download/socat-1.7.1.2.tar.gz
ravi@arun:~$ tar xvzf socat-1.7.1.2.tar.gz
ravi@arun:~$ cd socat-1.7.1.2
NOTE ~ No need to install the ‘fipsld’ package if you got the below msg after running the ‘make’ just following steps for
compiling socat….
FIPSLD_CC=gcc fipsld -O -D_GNU_SOURCE -Wall -Wno-parentheses -DHAVE_CONFIG_H -I. -I. -c -o socat.o socat.c
/bin/sh: fipsld: command not found
make: *** [socat.o] Error 127
ravi@arun:~$ ./configure –disable-fips
ravi@arun:~$ make
To install it login as root
ravi@arun:~$ su -
ravi@arun:~# make install
Step 2) Now you need to add stats socket PATH in Haproxy configuration and restart haproxy as per shown in following example,
where I have added it under in ‘global’ setting -
ravi@arun:~# more /etc/haproxy/myhaproxy.cfg
#———–Start of haproxy Config file————–
global
log 127.0.0.1 local0
log 127.0.0.1 local1 notice
#log loghost local0 info
maxconn 25000
#debug
#quiet
user ravi
group ravi
stats socket /tmp/haproxy
defaults
option contstats
timeout connect 5s
timeout client 25s
timeout server 25s
maxconn 100
listen ravitestbed 0.0.0.0:80 ##ravi.com IP
mode tcp
balance roundrobin
server web1 192.168.19.117
server web2 192.168.19.122
listen stats
bind 0.0.0.0:8081
mode http
#stats uri /stat #Comment this if you need to specify diff stat path for viewing stat page
stats enable
stats auth admin:admin ##Auth user pass
#———–End of haproxy Config file————–
Step 3) Used /tmp/haproxy. Now you can send the commands to get stats from HAProxy -
Now time to use socat
ravi@arun:~# echo “” | socat unix-connect:/tmp/haproxy stdio
Unknown command. Please enter one of the following commands only :
show info : report information about the running process
show stat : report counters for each proxy and server
show errors : report last request and response errors for each proxy
show sess : report the list of current sessions
This will dump (possibly huge) info about all know sessions.
ravi@arun:~$ echo “show sess” | socat unix-connect:/tmp/haproxy stdio
0×9ee3520: proto=tcpv4 src=192.168.19.117:4721 fe=ravitestbed be=ravitestbed srv=arun as=0 ts=08 age=4s calls=3
rq[f=009202h,l=0,an=00h,rx=20s,wx=,ax=] rp[f=009202h,l=0,an=00h,rx=20s,wx=,ax=] s0=[7,8h,fd=1,ex=] s1=[7,8h,fd=2,ex=] exp=20s
0×9eeb8e8: proto=tcpv4 src=192.168.19.117:4723 fe=ravitestbed be=ravitestbed srv=arun as=0 ts=08 age=4s calls=3
rq[f=009000h,l=0,an=00h,rx=20s,wx=,ax=] rp[f=009202h,l=0,an=00h,rx=20s,wx=,ax=] s0=[7,8h,fd=8,ex=] s1=[7,8h,fd=9,ex=] exp=20s
0×9ef3d08: proto=tcpv4 src=192.168.19.117:4725 fe=ravitestbed be=ravitestbed srv=arun as=0 ts=08 age=4s calls=3
rq[f=009000h,l=0,an=00h,rx=20s,wx=,ax=] rp[f=009202h,l=0,an=00h,rx=20s,wx=,ax=] s0=[7,8h,fd=12,ex=] s1=[7,8h,fd=13,ex=]
exp=20s
0×9f04548: proto=unix_stream as=2 ts=09 age=0s calls=2 rq[f=00e042h,l=10,an=20h,rx=10s,wx=,ax=]
rp[f=048060h,l=716,an=00h,rx=,wx=10s,ax=] s0=[7,0h,fd=3,ex=] s1=[0,0h,fd=-1,ex=] exp=9s
This will give you information about the running HAProxy process such as pid, uptime and etc.
ravi@arun:~$ echo “show info” | socat unix-connect:/tmp/haproxy stdio
Name: HAProxy
Version: 1.3.23
Release_date: 2010/01/28
Nbproc: 1
Process_num: 1
Pid: 11829
Uptime: 0d 0h42m53s
Uptime_sec: 2573
Memmax_MB: 0
Ulimit-n: 50013
Maxsock: 50013
Maxconn: 25000
Maxpipes: 0
CurrConns: 1
PipesUsed: 0
PipesFree: 0
Tasks: 1
Run_queue: 1
node: ravi.world
description:
This will give you stats on all of your backends and frontends, some of the same stuff you see on the stats page enabled by the stats uri configuration. As an added bonus it’s all in CSV.
ravi@arun:~$ echo “show stat” | socat unix-connect:/tmp/haproxy stdio
#
pxname,svname,qcur,qmax,scur,smax,slim,stot,bin,bout,dreq,dresp,ereq,econ,eresp,wretr,wredis,status,weight,act,bck,chkfail,ch
kdown,lastchg,downtime,qlimit,pid,iid,sid,throttle,lbtot,tracked,type,rate,rate_lim,rate_max,
ravitestbed,FRONTEND,,,0,5,100,30,32582,50616,0,0,0,,,,,OPEN,,,,,,,,,1,1,0,,,,0,0,0,5,
ravitestbed,trupti,0,0,0,2,,15,7020,22722,,0,,0,0,0,0,no check,1,1,0,,,,,,1,1,1,,15,,2,0,,2,
ravitestbed,arun,0,0,0,5,,15,25562,27894,,0,,0,0,0,0,no check,1,1,0,,,,,,1,1,2,,15,,2,0,,3,
ravitestbed,BACKEND,0,0,0,5,100,30,32582,50616,0,0,,0,0,0,0,UP,2,2,0,,0,2710,0,,1,1,0,,30,,1,0,,5,
stats,FRONTEND,,,0,1,100,21,9605,152357,0,0,0,,,,,OPEN,,,,,,,,,1,2,0,,,,0,0,0,9,
stats,BACKEND,0,0,0,1,100,5,9605,152357,0,0,,5,0,0,0,UP,0,0,0,,0,2710,0,,1,2,0,,0,,1,0,,4,
show errors will give you a capture of last error on each backend/frontend.
ravi@arun:~$ echo “show errors” | socat unix-connect:/tmp/haproxy stdio
Reffer:
http://www.dest-unreach.org/socat/
http://haproxy.1wt.eu/download/1.3/doc/configuration.txt
Thanks to Joe (http://www.joeandmotorboat.com)
Thank you,
Ravi
Many times haproxy and apache does not reliable to serve the connections without tune or we say we need to set system as well some kernel parameters to work it better.
Here haproxy gives an errors to connect to apache, at that time it logs the errors into ‘dmesg | tail’ or in ‘/var/log/messages’ “kernel: ip_conntrack: table full, dropping packet” that is related to ip_conntrack kernel module.
Conntrack table is hash table (hash map) of fixed size (8192 entries by default), which is used for primary lookup. When the slot in the table is found it points to list of conntrack structures, so secondary lookup is done using list traversal. 65536/8192 gives 8 – the average list length. You may want to experiment with this value on heavily loaded systems.
If this error founds into /var/log/messages or dmesg you have to apply following steps to resolve.
Here I have done this to changes and added few settings in kernel also we will do it to set apache MPM and Haproxy tunning with sysctl.conf
Note: I have tried all this workaround and apply on CentOS-5.2, but don’t worry ip_conntrack module is default in kernel 2.6 +
1) To check ip_contrack is compiled with your kernel
[root@ravi.com ~]# modinfo ip_conntrack
filename: /lib/modules/2.6.18-128.el5/kernel/net/ipv4/netfilter/ip_conntrack.ko
license: GPL
srcversion: F1390E605BBFB05078B78E8
depends: nfnetlink
vermagic: 2.6.18-128.el5 SMP mod_unload gcc-4.1
module_sig: 883f350497747c575ed35fe9471dce112565509f4b58f4f3e440c6bcc05c2fba9bbdd224bdeb8209e293da385133a876e44a7b449ba59a882a8282b
2) Probe ip_conntrack kernel module or add it in /etc/modprobe.conf
[root@ravi.com ~]# modprobe ip_conntrack hashsize=131072
or
open /etc/modprobe.conf and add below lines at the end of file
options ip_conntrack hashsize=131072
3) before go to apply the 4th step, just check the ip_conntrack setting is into /etc/sysctl.conf
grep “ip_conntrack” /etc/sysctl.conf
if its found then apply 4th step or edit the /etc/sysctl.conf and add the given two lines at the end of file and save it then go for 4th step
(the value is compare to your RAM and set it to below)
net.ipv4.ip_conntrack_max = 16777216
net.ipv4.netfilter.ip_conntrack_max = 16777216
4) To apply the sysctl parameters run ’sysctl -p’
[root@ravi.com ~]# sysctl -p
5) Now check the ip_conntrack is logging the connections and check not dropping any more
[root@ravi.com ~]# cat /proc/slabinfo | grep conn
ip_conntrack_expect 0 0 136 28 1 : tunables 120 60 8 : slabdata 0 0 0
ip_conntrack 216053 231335 304 13 1 : tunables 54 27 8 : slabdata 17795 17795 216
6) Also you can check how much memory utilized by ip_conntrack module per connection.
[root@ravi.com ~]# grep ip_conntrack /var/log/messages
/var/log/messages.2:Jan 14 21:46:04 ravi kernel: ip_conntrack version 2.4 (8192 buckets, 65536 max) – 304 bytes per conntrack
1M connections would require 304MB of kernel memory.
Thanks
Ravi
Here I have used php version 5.2.11 and to jdk-6u18-linux-x64.bin
( from given JAVA download link)
[root@ravi.com ~]# yum -y install httpd php php-devel php-gd php-cli php-xml php-ldap php-common php-pear php-pdo
Install java jdk and set env in ~/.bashrc also run this on CLI to verify before next step.
export JAVA_HOME=//usr/java/jdk1.6.0_18
export PATH=/usr/java/jdk1.6.0_18/bin:$PATH
[root@ravi.com ~]# echo $JAVA_HOME
Now set the dynamic linker library path into /etc/ld.so.conf
/usr/java/jdk1.6.0_18/jre/lib/amd64
/usr/java/jdk1.6.0_18/jre/lib/amd64/server
[root@ravi.com ~]# ldconfig
Now download php-java-bridge source rpm
[root@ravi.com ~]# wget ftp://195.220.108.108/linux/sourceforge/p/project/ph/php-java-bridge/OldFiles/php-java-bridge-4.1.8-1.src.rpm
unpack the php-java-bridge rpm
[root@ravi.com ~]# rpm2cpio php-java-bridge-4.1.8-1.src.rpm | cpio -ivd
php-java-bridge.spec
php-java-bridge_4.1.8.tar.gz
16155 blocks
untar the php-java-bridge and configure the module
[root@ravi.com ~]# tar xzf php-java-bridge_4.1.8.tar.gz && cd php-java-bridge-4.1.8
[root@ravi.com ~]# phpize
[root@ravi.com ~]# ./configure –with-java=$JAVA_HOME && make && make install
[root@ravi.com ~]# echo “extension=java.so” > /etc/php.d/java.ini
open the php.ini and edit the at the end of file
[java]
java.class.path=/usr/lib64/php/modules/
java.library=/usr/java/jdk1.6.0_18/jre/lib/amd64/server/libjvm.so
Now restart apache
[root@ravi.com ~]# /etc/init.d/httpd restart
[root@ravi.com ~]# php -i | grep java
/etc/php.d/java.ini,
java
java support => Enabled
java bridge => 4.1.8
java.java_home =>
java.java => java
java.log_file => <stderr>
java.log_level => no value (use back-end’s default level)
java.security_policy => Off
java command => LD_LIBRARY_PATH=/usr/lib64/php/modules:/usr/lib/10.2.0.3/client64/lib java -Djava.library.path=/usr/lib64/php/modules -Djava.class.path=/usr/lib64/php/modules/JavaBridge.jar -Djava.awt.headless=true -Dphp.java.bridge.base=/usr/lib64/php/modules php.java.bridge.Standalone LOCAL:9267 1
java status => running
java server => 9267
PATH => /usr/java/jdk1.6.0_18/bin:/usr/java/jdk1.6.0_18/bin:/usr/kerberos/sbin:/usr/kerberos/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin
JAVA_HOME => /usr/java/jdk1.6.0_18
_SERVER["PATH"] => /usr/java/jdk1.6.0_18/bin:/usr/java/jdk1.6.0_18/bin:/usr/kerberos/sbin:/usr/kerberos/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin
_SERVER["JAVA_HOME"] => /usr/java/jdk1.6.0_18
_ENV["PATH"] => /usr/java/jdk1.6.0_18/bin:/usr/java/jdk1.6.0_18/bin:/usr/kerberos/sbin:/usr/kerberos/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin
_ENV["JAVA_HOME"] => /usr/java/jdk1.6.0_18
Test your code in test.php and run to check
<?php
// get instance of Java class java.lang.System in PHP
$system = new Java(‘java.lang.System’); // demonstrate property access
print ‘Java version=’.$system->getProperty(‘java.version’).’ ‘;
print ‘Java vendor=’ .$system->getProperty(‘java.vendor’).’ ‘;
print ‘OS=’.$system->getProperty(‘os.name’).’ ‘.
$system->getProperty(‘os.version’).’ on ‘.
$system->getProperty(‘os.arch’).’ ‘; // java.util.Date example
$formatter = new Java(‘java.text.SimpleDateFormat’,
“EEEE, MMMM dd, yyyy ‘at’ h:mm:ss a zzzz”); print $formatter->format(new Java(‘java.util.Date’));
?>
[root@ravi.com ~]# php test.php
Java version=1.6.0_18 Java vendor=Sun Microsystems Inc. OS=Linux 2.6.18-53.el5xen on amd64 Friday, January 22, 2010 at 4:44:48 AM Pacific Standard Time
Thanks
Ravi
To enable pdo_oci module you may need to install oracle client and oci8 module is require. I have installed oracle 10g client here.
[root@ravi.com ~]# export ORACLE_HOME=/usr/lib/oracle/10.2.0.3/client64/ ; export LD_LIBRARY_PATH=/usr/lib/oracle/10.2.0.3/client64/
[root@ravi.com ~]# cd /tmp
[root@ravi.com tmp]# pecl download pdo_oci
[root@ravi.com tmp]# tar xvzf PDO_OCI-1.0.tar.gz
[root@ravi.com tmp]# cd PDO_OCI-1.0 && phpize
[root@ravi.com tmp]# ./configure
[root@ravi.com PDO_OCI-1.0]# make
/bin/sh /tmp/PDO_OCI-1.0/libtool –mode=compile gcc -I/usr/include/php/ext -I. -I/tmp/PDO_OCI-1.0 -DPHP_ATOM_INC -I/tmp/PDO_OCI-1.0/include -I/tmp/PDO_OCI-1.0/main -I/tmp/PDO_OCI-1.0 -I/usr/include/php -I/usr/include/php/main -I/usr/include/php/TSRM -I/usr/include/php/Zend -I/usr/include/php/ext -DHAVE_CONFIG_H -g -O2 -c /tmp/PDO_OCI-1.0/pdo_oci.c -o pdo_oci.lo
mkdir .libs
gcc -I/usr/include/php/ext -I. -I/tmp/PDO_OCI-1.0 -DPHP_ATOM_INC -I/tmp/PDO_OCI-1.0/include -I/tmp/PDO_OCI-1.0/main -I/tmp/PDO_OCI-1.0 -I/usr/include/php -I/usr/include/php/main -I/usr/include/php/TSRM -I/usr/include/php/Zend -I/usr/include/php/ext -DHAVE_CONFIG_H -g -O2 -c /tmp/PDO_OCI-1.0/pdo_oci.c -fPIC -DPIC -o .libs/pdo_oci.o
In file included from /tmp/PDO_OCI-1.0/pdo_oci.c:31:
/tmp/PDO_OCI-1.0/php_pdo_oci_int.h:21:17: error: oci.h: No such file or directory
In file included from /tmp/PDO_OCI-1.0/pdo_oci.c:31:
/tmp/PDO_OCI-1.0/php_pdo_oci_int.h:26: error: expected specifier-qualifier-list before ’sb4′
/tmp/PDO_OCI-1.0/php_pdo_oci_int.h:32: error: expected specifier-qualifier-list before ‘OCIServer’
/tmp/PDO_OCI-1.0/php_pdo_oci_int.h:48: error: expected specifier-qualifier-list before ‘OCIDefine’
/tmp/PDO_OCI-1.0/php_pdo_oci_int.h:62: error: expected specifier-qualifier-list before ‘OCIStmt’
/tmp/PDO_OCI-1.0/php_pdo_oci_int.h:73: error: expected specifier-qualifier-list before ‘OCIBind’
/tmp/PDO_OCI-1.0/php_pdo_oci_int.h:85: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘__attribute__’ before ‘PDO_OCI_INIT_MODE’
/tmp/PDO_OCI-1.0/php_pdo_oci_int.h:87: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘__attribute__’ before ‘*’ token
/tmp/PDO_OCI-1.0/php_pdo_oci_int.h:89: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘__attribute__’ before ‘_oci_error’
/tmp/PDO_OCI-1.0/pdo_oci.c:71: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘__attribute__’ before ‘PDO_OCI_INIT_MODE’
/tmp/PDO_OCI-1.0/pdo_oci.c:87: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘__attribute__’ before ‘*’ token
/tmp/PDO_OCI-1.0/pdo_oci.c: In function ‘zm_startup_pdo_oci’:
/tmp/PDO_OCI-1.0/pdo_oci.c:96: error: ‘pdo_oci_Env’ undeclared (first use in this function)
/tmp/PDO_OCI-1.0/pdo_oci.c:96: error: (Each undeclared identifier is reported only once
/tmp/PDO_OCI-1.0/pdo_oci.c:96: error: for each function it appears in.)
/tmp/PDO_OCI-1.0/pdo_oci.c:96: error: ‘PDO_OCI_INIT_MODE’ undeclared (first use in this function)
/tmp/PDO_OCI-1.0/pdo_oci.c: In function ‘zm_shutdown_pdo_oci’:
/tmp/PDO_OCI-1.0/pdo_oci.c:111: error: ‘dvoid’ undeclared (first use in this function)
/tmp/PDO_OCI-1.0/pdo_oci.c:111: error: expected expression before ‘)’ token
make: *** [pdo_oci.lo] Error 1
Is this the error that pdo does not connect to oci library and its find these into include subfolder, so you may need to copy all the files into include folder.
[root@ravi.com PDO_OCI-1.0]# cp -f /usr/include/oracle/10.2.0.3/client64/* /tmp/PDO_OCI-1.0/include/
Now run make & make install to compile and install the module.
[root@ravi.com PDO_OCI-1.0]# make && make install
enable the pdo_oci extension with php.
[root@ravi.com PDO_OCI-1.0]# echo “extension=pdo_oci.so” > /etc/php.d/pdo_oci.ini
[root@ravi.com PDO_OCI-1.0]# php -m | grep pdo_oci
To work pdo_oci properly you have to restart apache.
Thanks
Ravi
How to install GeoIP and mod_geoip2 on centos for apache
1) yum install GeoIP GeoIP-devel GeoIP-data zlib-devel
2) mkdir /usr/local/share/GeoIP
3) Download the latest Country and City database files from maxmind
cd /usr/local/share/GeoIP
wget http://geolite.maxmind.com/download/geoip/database/GeoLiteCountry/GeoIP.dat.gz
wget http://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz
gunzip GeoIP.dat.gz
gunzip GeoLiteCity.dat.gz
4) yum install httpd-devel apr-devel
5) wget http://geolite.maxmind.com/download/geoip/api/mod_geoip2/
6) tar xvzf mod_geoip2_1.2.5.tar.gz && cd mod_geoip2_1.2.5
7) apxs -i -a -L/usr/lib64 -I/usr/include -lGeoIP -c mod_geoip.c
Enabling mod-geoip
Nothing’s going to work unless mod-geoip is enabled in your apache configuration. You’ll need the following lines in your httpd.conf file (located on CentOS systems at /etc/httpd/conf/httpd.conf)
<IfModule mod_geoip.c>
GeoIPEnable On
GeoIPDBFile /usr/local/share/GeoIP/GeoIP.dat Standard
GeoIPDBFile /usr/local/share/GeoIP/GeoLiteCity.dat Standard
</IfModule>
9) Restart Apache so your changes will take effect by entering the following command.
#/etc/init.d/httpd restart
10) /usr/local/bin/geoipupdate
In my last post, we have seen how we build rpm package for apache with default mpm-worker now it this tutorial we will see how we build rpm of php that can work with apache with mpm-worker.
Download php source rpm from mirror.centos.org
http://mirror.centos.org/centos-5/5.2/os/SRPMS/php-5.1.6-20.el5.src.rpm
To resolve the dependancies to build RPM package for PHP installing the require some lib packages
[root@testbed2:/tmp]# yum install bzip2-devel curl-devel gmp-devel aspell-devel libjpeg-devel libpng-devel pam-devel openssl-devel sqlite-devel pcre-devel krb5-devel libc-client-devel mysql-devel postgresql-devel unixODBC-devel libxml2-devel net-snmp-devel libxslt-devel libxml2-devel ncurses-devel gd-devel freetype-devel
install source rpm using
[root@testbed2:/tmp]# rpm -i php-5.1.6-20.el5.src.rpm
[root@testbed2:/tmp]# cd /usr/src/redhat/SPECS
vi php.spec and find “%configure” (without quote) where you can put the “–enable-maintainer-zts \” (without quote)
then rebuild rpm using below command
[root@testbed2:/usr/src/redhat/SPECS]# rpmbuild -bb php.spec
after creating rpm you will find all rpm in /usr/src/redhat/RPMS/{your arch folder} folder
in my condition the rpm’s in /usr/src/redhat/RPMS/x86_64
now change the httpd mpm to worker
[root@testbed2:/usr/src/redhat/X86_64]# /etc/init.d/httpd stop
edit file /etc/sysconfig/httpd
just uncomment the HTTPD=/usr/sbin/httpd.worker line
save and exit then start the httpd service
Now install php rpms from /usr/src/redhat/RPMS/{your arch folder}
[root@testbed2:/tmp]# /etc/init.d/httpd start
[root@testbed2:/tmp]# httpd -V
[root@testbed2:/tmp]# php -v
This is the way that I have done this. I know people are many way and good idea’s to do this.
So keep commenting that update that the things.
Guy’s since I started working on apache, I found that apache is most use ful web technology over network.
Everyone knows that (multi-processing module) MPM Prefork is default included in apache rather than MPM Worker.
MPM Prefork = This Multi-Processing Module (MPM) implements a non-threaded, pre-forking web server that handles requests in a manner similar to Apache 1.3. It is appropriate for sites that need to avoid threading for compatibility with non-thread-safe libraries. It is also the best MPM for isolating each request, so that a problem with a single request will not affect any other.
MPM Worker = This Multi-Processing Module (MPM) implements a hybrid multi-process multi-threaded server. By using threads to serve requests, it is able to serve a large number of requests with fewer system resources than a process-based server. However, it retains much of the stability of a process-based server by keeping multiple processes available, each with many threads.
More information is available on apache.org manuals
http://vr-zone.com/manual/en/mod/prefork.html
http://vr-zone.com/manual/en/mod/worker.html
On RPM based OS’s, apache is default with MPM-Prefork so we will build apache RPM (with default MPM-worker) for our own, don’t know this will be useful or now but will have know everyone with this
Download the source rpm packages from http://mirror.centos.org
[root@testbed2:/tmp]# wget http://mirror.centos.org/centos-5/5.3/os/SRPMS/httpd-2.2.3-22.el5.centos.src.rpm
install http source rpm
[root@testbed2:/tmp]# rpm -ivh httpd-2.2.3-22.el5.centos.src.rpm
[root@testbed2:/tmp]# cd /usr/src/redhat/SPECS
edit httpd.spec with vi editor
[root@testbed2:/usr/src/redhat/SPECS]# vi httpd.spec
find the –with-mpm and enter below config parameter under the –with-mpm
–enable-headers –enable-uniqueid \
–enable-deflate \
–enable-mime-magic \
–enable-so –enable-rewrite \
–enable-http \
–enable-log-config \
–with-libexpat=built-in \
Now find the “mpmbuild prefork” and replace with “mpmbuild worker”
Now find the “mpmbuild worker” and replace with “mpmbuild prefork”
(you may find this, just few line below)
and most important thing is that you have to comment some lines i.e. (./prefork/httpd -l | grep -v prefork > prefork.mods to done)
find and comment from “./prefork/httpd -l | grep -v prefork > prefork.mods” to “Done” (i.e. just total 8 lines)
Now time to build http with mpmworker for that some dependancies are comes that we will resolve using yum
yum install xmlto db4-devel expat-devel libselinux-devel apr-devel apr-util-devel pcre-devel openssl-devel distcache-devel
[root@testbed2:/usr/src/redhat/SPECS]# rpmbuild -bb httpd.spec
you have wait for few min and watch whats going on screen ……
your rpm build is created and placed into /usr/src/redhat/RPMS/x86_64
Now install the packages and check with ‘httpd -V’
N’joy
IT infra going day to day very critical and costly, So for that we need simple IP based load balancing solution that handles ssl traffic. Basically it’s very easy and secure way to manage your server load balancing.
This example will shows you how we use this with easy steps
The Configuration =
* Load Balancer: <10.0.0.77> // will be our haproxy server # This will listen on many ports that we will bind as per requirement
* Web Server 1: <10.0.1.209> // web application server 1 #This will listen on tcp mode
* Web Server 2: <10.0.1.210> // web application server 2 #This will listen on tcp mode
* Web Server 3: <10.0.1.227> // web application server 3 #This will listen on http mode
* Admin Panel Port 8088: <10.0.0.77> // Statistics Panel on port 8080 #This will listen on http mode
Get and Install haproxy
We’ll be using the 1.3.17 src files to install haproxy. You can get them from http://haproxy.1wt.eu/
wget http://haproxy.1wt.eu/download/1.3/src/haproxy-1.3.19.tar.gz
tar xvzf haproxy-1.3.19.tar.gz
cd haproxy-1.3.19
make TARGET=linux26 ARCH=x86_64
make install
Now add user haproxy or what ever need to run config
[root@ravi.com ~]# useradd haproxy
cp /path/to/haproxy-1.3.19/examples/haproxy.init /etc/init.d/haproxy
chmod +x /etc/init.d/haproxy
create the /etc/haproxy folder and create haproxy.cfg config file in it.
mkdir /etc/haproxy
Now Please add your config file haproxy.cfg in /etc/haproxy
Configure /etc/haproxy/haproxy.cfg
#[root@app71 haproxy]# more haproxy.cfg
global
log 127.0.0.1 local0
log 127.0.0.1 local1 notice
#log loghost local0 info
maxconn 25000 # count about 1 GB per 25000 connections
#debug
#quiet
user ravi
group ravi
defaults
log global
mode tcp
option dontlognull
retries 3
option redispatch
maxconn 20000
contimeout 5000
clitimeout 50000
srvtimeout 50000
#Configuration for www.ravi.com
listen VIP:www.ravi.com:10.0.0.77:80
bind 10.0.0.77:80 # or any other IP:port combination we listen to.
bind 10.0.0.77:443 # or any other IP:port combination we listen to.
mode tcp
option ssl-hello-chk
option forwardfor # set the client’s IP in X-Forwarded-For.
balance roundrobin
# set the maxconn parameter below to match Apache’s MaxClients minus
# one or two connections so that you can still directly connect to it.
# you have to set server health check it it’s down it showing you on stat
# Set server weights normally it should be 1 for all
server app139:10.0.1.209:80 10.0.1.209 weight 1 maxconn 5000 check
server app140:10.0.1.210:80 10.0.1.210 weight 1 maxconn 5000 check
listen VIP:www.ravi.com:10.0.0.77:8080
bind 10.0.0.77:8080 # or any other IP:port combination we listen to.
mode http
option forwardfor # set the client’s IP in X-Forwarded-For.
balance roundrobin
# set the maxconn parameter below to match Apache’s MaxClients minus
# one or two connections so that you can still directly connect to it.
# you have to set server health check it it’s down it showing you on stat
# Set server weights normally it should be 1 for all
server app127:10.0.1.227:8080 10.0.1.227 weight 1 maxconn 5000 check
# Enable the stats page on a dedicated port (8088). Monitoring request errors
# on the frontend will tell us how many potential attacks were blocked.
listen ha_stats 10.0.0.77:8088
mode http
stats enable
stats auth user:password ##Auth user pass
edit the /etc/sysctl.conf and add the end of file then run sysctl -p to load the setting
net.ipv4.tcp_tw_reuse = 1
net.ipv4.ip_local_port_range = 1024 65023
net.ipv4.tcp_max_syn_backlog = 10240
net.ipv4.tcp_max_tw_buckets = 400000
net.core.somaxconn = 10000
start haproxy using (/etc/init.d/haproxy start or /usr/sbin/haproxy -D -f /etc/haproxy/haproxy.cfg -p /var/run/haproxy.pid)
Configuring logging
Edit /etc/sysconfig/syslog
1.SYSLOGD_OPTIONS=”-m 0 -r”
Edit /etc/syslog.conf. Add the following:
1.local0.* /var/log/haproxy/haproxy.log
2.local1.* /var/log/haproxy/haproxy-1.log
Restart Syslog
service syslog restart
Now check with
ps auxwww | grep haproxy
Thanks
Ravi
Introduction -
Recently we started development work on openSLM. As per our plan we will complete openLSM web server customization within two months from now…
So I installed Subversion and WebSVN latest version to serve by purpose. WebSVN 2.2 is one of the best tool to view or browse your subversion repository on web by using WebSVN and apache or any other web server. you can download WebSVN from here http://websvn.tigris.org/ …
Requirement – webserver (apache) + PHP + subversion repository
1] How to configure –
Download the WebSVN as mentioned above then place the downloaded source in apache htdocs where you want.
Go to include directory where you will see one file like config.php.dist something like that rename that file
“config.php” and just modify few parameter as listed below ….
////////////////// arun ////////////////////
$config->setSVNCommandPath(‘/usr/bin’);
$config->setDiffPath(‘/usr/bin’);
$config->setEnscriptPath(‘/usr/bin’);
$config->setSedPath(‘/bin’);
$config->setTarPath(‘/bin’);
$config->setGZipPath(‘/bin’);
$config->addRepository(‘openlsm_webserver’,'/home/subversion/openlsm_webserver_apr2009′);
* above “openlsm_webserver” is my repository name and “/home/subversion/openlsm_webserver_apr2009″ is physical path of
svn repository
2] How to enable authentication ~
In old version fo WebSVN (I guess 1.6 ) authenication per repository was not possible (as I remember). Now WebSVN 2.2 version you can configure WebSVN to use the Subversion authentication or access file to control access via WebSVN + Apache based authentication
$config->useAuthenticationFile(‘/path/to/accessfile’); // Global access file
$config->useAuthenticationFile(‘/path/to/accessfile’, ‘myrep’); // Access file per repository
* That’s it all you need to use this wounderful tool to browse your svn repositories….
Thank you,
Arun Bagul
Introduction –
