Author: Ravi Bhure

How to build RPM of PHP for apache with mpm-worker

How to build RPM of PHP for apache with mpm-worker

By | | Comments 0 Comment

In my last post, we have seen how we build rpm package for apache with default mpm-worker now it this tutorial we will see how we build rpm of php that can work with apache with mpm-worker.

Download php source rpm from mirror.centos.org

http://mirror.centos.org/centos-5/5.2/os/SRPMS/php-5.1.6-20.el5.src.rpm

To resolve the dependancies to build RPM package for PHP installing the require some lib packages

[root@testbed2:/tmp]# yum install bzip2-devel curl-devel gmp-devel aspell-devel libjpeg-devel libpng-devel pam-devel openssl-devel sqlite-devel pcre-devel krb5-devel libc-client-devel mysql-devel postgresql-devel unixODBC-devel libxml2-devel net-snmp-devel libxslt-devel libxml2-devel ncurses-devel gd-devel freetype-devel

install source rpm using
[root@testbed2:/tmp]# rpm -i php-5.1.6-20.el5.src.rpm

[root@testbed2:/tmp]# cd /usr/src/redhat/SPECS

vi php.spec and find “%configure” (without quote) where you can put the “–enable-maintainer-zts \” (without quote)

then rebuild rpm using below command

[root@testbed2:/usr/src/redhat/SPECS]# rpmbuild -bb php.spec

after creating rpm you will find all rpm in /usr/src/redhat/RPMS/{your arch folder} folder
in my condition the rpm’s in /usr/src/redhat/RPMS/x86_64

now change the httpd mpm to worker

[root@testbed2:/usr/src/redhat/X86_64]# /etc/init.d/httpd stop

edit file /etc/sysconfig/httpd

just uncomment the HTTPD=/usr/sbin/httpd.worker line

save and exit then start the httpd service

Now install php rpms from /usr/src/redhat/RPMS/{your arch folder}

[root@testbed2:/tmp]# /etc/init.d/httpd start
[root@testbed2:/tmp]# httpd -V
[root@testbed2:/tmp]# php -v

This is the way that I have done this. I know people are many way and good idea’s to do this.

So keep commenting that update that the things.

How to build rpm for http with mpm worker (on x86_64)

How to build rpm for http with mpm worker (on x86_64)

By | | Comments 0 Comment

Guy’s since I started working on apache, I found that apache is most use ful web technology over network.
Everyone knows that (multi-processing module) MPM Prefork is default included in apache rather than MPM Worker.

MPM Prefork = This Multi-Processing Module (MPM) implements a non-threaded, pre-forking web server that handles requests in a manner similar to Apache 1.3. It is appropriate for sites that need to avoid threading for compatibility with non-thread-safe libraries. It is also the best MPM for isolating each request, so that a problem with a single request will not affect any other.
MPM Worker = This Multi-Processing Module (MPM) implements a hybrid multi-process multi-threaded server. By using threads to serve requests, it is able to serve a large number of requests with fewer system resources than a process-based server. However, it retains much of the stability of a process-based server by keeping multiple processes available, each with many threads.

More information is available on apache.org manuals

http://vr-zone.com/manual/en/mod/prefork.html
http://vr-zone.com/manual/en/mod/worker.html

On RPM based OS’s, apache is default with MPM-Prefork so we will build apache RPM (with default MPM-worker) for our own, don’t know this will be useful or now but will have know everyone with this 🙂

Download the source rpm packages from http://mirror.centos.org

[root@testbed2:/tmp]# wget http://mirror.centos.org/centos-5/5.3/os/SRPMS/httpd-2.2.3-22.el5.centos.src.rpm

install http source rpm

[root@testbed2:/tmp]# rpm -ivh httpd-2.2.3-22.el5.centos.src.rpm

[root@testbed2:/tmp]# cd /usr/src/redhat/SPECS

edit httpd.spec with vi editor

[root@testbed2:/usr/src/redhat/SPECS]# vi httpd.spec

find the –with-mpm and enter below config parameter under the –with-mpm

–enable-headers –enable-uniqueid \
–enable-deflate \
–enable-mime-magic \
–enable-so –enable-rewrite \
–enable-http \
–enable-log-config \
–with-libexpat=built-in \

Now find the “mpmbuild prefork”  and replace with “mpmbuild worker”

Now find the “mpmbuild worker” and replace with “mpmbuild prefork”
(you may find this, just few line below)

and most important thing is that you have to comment some lines i.e. (./prefork/httpd -l | grep -v prefork > prefork.mods to done)

find and comment from “./prefork/httpd -l | grep -v prefork > prefork.mods” to “Done” (i.e. just total 8 lines)

Now time to build http with mpmworker for that some dependancies are comes that we will resolve using yum

yum install xmlto db4-devel expat-devel libselinux-devel  apr-devel apr-util-devel pcre-devel openssl-devel distcache-devel

[root@testbed2:/usr/src/redhat/SPECS]# rpmbuild -bb httpd.spec

you have wait for few min and watch whats going on screen ……

your rpm build is created and placed into /usr/src/redhat/RPMS/x86_64

Now install the packages and check with ‘httpd -V’

N’joy

HAProxy Load Balancer

HAProxy Load Balancer

By | | Comments 2 comments

IT infra going day to day very critical and costly, So for that we need simple IP based load balancing solution that handles ssl traffic. Basically it’s very easy and secure way to manage your server load balancing.
This example will shows you how we use this with easy steps

The Configuration =
* Load Balancer:  <10.0.0.77>  // will be our haproxy server # This will listen on many ports that we will bind as per requirement
* Web Server 1: <10.0.1.209>  // web application server 1    #This will listen on tcp mode
* Web Server 2: <10.0.1.210>  // web application server 2   #This will listen on tcp mode
* Web Server 3: <10.0.1.227>  // web application server 3   #This will listen on http mode
* Admin Panel Port 8088: <10.0.0.77>  // Statistics Panel on port 8080  #This will listen on http mode

Get and Install haproxy
We’ll be using the 1.3.17 src files to install haproxy. You can get them from http://haproxy.1wt.eu/

wget http://haproxy.1wt.eu/download/1.3/src/haproxy-1.3.19.tar.gz

tar xvzf haproxy-1.3.19.tar.gz

cd haproxy-1.3.19

make TARGET=linux26 ARCH=x86_64

make install

Now add user haproxy or what ever need to run config

[root@ravi.com ~]# useradd haproxy

cp /path/to/haproxy-1.3.19/examples/haproxy.init /etc/init.d/haproxy

chmod +x /etc/init.d/haproxy

create the /etc/haproxy folder and create haproxy.cfg config file in it.

mkdir /etc/haproxy

Now Please add your config file haproxy.cfg in /etc/haproxy

Configure /etc/haproxy/haproxy.cfg

#[root@app71 haproxy]# more haproxy.cfg
global
log 127.0.0.1   local0
log 127.0.0.1   local1 notice
#log loghost    local0 info
maxconn 25000    # count about 1 GB per 25000 connections
#debug
#quiet
user ravi
group ravi

defaults
log         global
mode        tcp
option      dontlognull
retries 3
option         redispatch
maxconn     20000
contimeout      5000
clitimeout      50000
srvtimeout      50000

#Configuration for www.ravi.com
listen VIP:www.ravi.com:10.0.0.77:80
bind            10.0.0.77:80    # or any other IP:port combination we listen to.
bind            10.0.0.77:443    # or any other IP:port combination we listen to.
mode            tcp
option          ssl-hello-chk
option          forwardfor    # set the client’s IP in X-Forwarded-For.
balance         roundrobin
# set the maxconn parameter below to match Apache’s MaxClients minus
# one or two connections so that you can still directly connect to it.
# you have to set server health check it it’s down it showing you on stat
# Set server weights normally it should be 1 for all
server          app139:10.0.1.209:80 10.0.1.209 weight 1 maxconn 5000 check
server          app140:10.0.1.210:80 10.0.1.210 weight 1 maxconn 5000 check

listen VIP:www.ravi.com:10.0.0.77:8080
bind            10.0.0.77:8080    # or any other IP:port combination we listen to.
mode            http
option          forwardfor    # set the client’s IP in X-Forwarded-For.
balance         roundrobin
# set the maxconn parameter below to match Apache’s MaxClients minus
# one or two connections so that you can still directly connect to it.
# you have to set server health check it it’s down it showing you on stat
# Set server weights normally it should be 1 for all
server          app127:10.0.1.227:8080 10.0.1.227 weight 1 maxconn 5000 check

# Enable the stats page on a dedicated port (8088). Monitoring request errors
# on the frontend will tell us how many potential attacks were blocked.
listen  ha_stats 10.0.0.77:8088
mode            http
stats enable
stats auth user:password ##Auth user pass

edit the /etc/sysctl.conf and add the end of file then run sysctl -p to load the setting

net.ipv4.tcp_tw_reuse = 1
net.ipv4.ip_local_port_range = 1024 65023
net.ipv4.tcp_max_syn_backlog = 10240
net.ipv4.tcp_max_tw_buckets = 400000
net.core.somaxconn = 10000

start haproxy using (/etc/init.d/haproxy start or /usr/sbin/haproxy -D -f /etc/haproxy/haproxy.cfg -p /var/run/haproxy.pid)

Configuring logging

Edit /etc/sysconfig/syslog

1.SYSLOGD_OPTIONS=”-m 0 -r”

Edit /etc/syslog.conf. Add the following:

1.local0.* /var/log/haproxy/haproxy.log
2.local1.* /var/log/haproxy/haproxy-1.log

Restart Syslog

service syslog restart

Now check with

ps auxwww | grep haproxy

Thanks

Ravi

How to configure vpn client on Linux

How to configure vpn client on Linux

By | | Comments 1 comment

This has been tested under RHEL 4/5, CentOS 4.4/5 and fedora 8 (kernel version 2.6.15+)

I found and stored few required rpm packages from various places that you will download from given.

http://www.4shared.com/file/113579629/ee5e0aed/libglade-017-11i386.html
http://www.4shared.com/file/113579642/2fd674e3/libglade-devel-017-11i386.html
http://www.4shared.com/file/113579654/dfaee097/libxml-1817-8i386.html
http://www.4shared.com/file/113579677/7491d3af/libxml-devel-1817-8i386.html
http://www.4shared.com/file/113579714/ba004fa4/php4-pcntl-449-1fc5i386.html
http://www.4shared.com/file/113579747/5e7eea5b/php4-pcntl-gtk-102-4fc5i386.html
http://www.4shared.com/file/113579758/d7dac68b/pptp-172-3fc5i386.html
http://www.4shared.com/file/113579764/f541d963/pptpconfig-20060821-1fc5noarch.html

After downloading these first you will have to install lib packages and then pptp packages

rpm -ivh –nodeps libglade-0.17-11.i386.rpm libglade-devel-0.17-11.i386.rpm  libxml-1.8.17-8.i386.rpm libxml-devel-1.8.17-8.i386.rpm

rpm -ivh pptp-1.7.2-3.fc5.i386.rpm pptpconfig-20060821-1.fc5.noarch.rpm php4-pcntl-gtk-1.0.2-4.fc5.i386.rpm php4-pcntl-4.4.9-1.fc5.i386.rpm

now go to the given image that I would like to show how I added vpn connection

1) open vpnclient configuration launchpad with “pptpconfig”

2)  Now create your profile with all the details and add

Now you have to set you external route or tunnel IP range into it for that click on “Routing” and set  “All to Tunnel” and update your profile.

Now start your vpn client.

–Ravi

Automate script for hp_ltt with read option

Automate script for hp_ltt with read option

By | | Comments 0 Comment

Hello Friends,

Many days back, I have configured this storageworks devices of HP and nowadays one of my friend is having like the same issue’s with the os’s to configuring HP storageworks, he has been doing manual driver scan with hp_ltt tool every time when system has been rebooted. Actually there some thing missing with os’s but still this scripts work for him now.

#!/usr/bin/expect  —
# This expect script is useful and working with driver Diagnostic automated tool
# I have tested this over “HP StorageWorks Library and Tape Tools”
# Please change the option number 10 for rescan as per mention in your hp_ltt script.
# Some older hp_ltt script it has option number 9, so please check once this option.
# If you have any queries about this script please send email on ravi <at> indiangnu <dot> org
set timeout -1
spawn ./hp_ltt
match_max 100000
send — “r”
# Look for prompt
expect “ommand>”
# Send option 1 for hardware scan
send — “1r”
send — “r”
# Look for  prompt
expect “ommand>”
# Send option 3 for continue
send — “3r”
send — “r”
# Look for prompt
expect “ommand>”
# send option 10 for rescan
send — “10r”
send — “r”
# Look for prompt
expect “ommand>”
# Send 1 (exit) from L & TT
send — “1r”
send — “r”
expect eof

Suggestion : You have to run this expect script under the $HOME folder of hp_ltt script.

–Ravi

Script for checking CPULOAD and send email to admin

Script for checking CPULOAD and send email to admin

By | | Comments 0 Comment

This script is very useful for system admins, it checks Cpuload and get info of which process takes the cpuload, if cpuload is or above 70%  it sends alert email to admin

==============================

#!/bin/bash
# Shell script to monitor or watch the high cpu-load
# It will send an email to $ADMIN, if the (cpu load is in %) percentage
# of cpu-load is >= 70%
# If you have any suggestion or question please email to ravi<at>indiangnu <dot> org
# set admin email so that you can get email
# set alert level 70% is default
# you can set it to string LOAD with your value

AWK=/bin/awk
SAR=/usr/bin/sar
GREP=/bin/grep
TR=/usr/bin/tr
HEAD=/usr/bin/head
PS=/bin/ps
SORT=/bin/sort
HOSTNAME=indiangnu.org
SED=/bin/sed
LOAD=70
CAT=/bin/cat
MAILFILE=/tmp/mailviews$$
MAILER=/bin/mail
mailto=”ravi@indiangnu.org”
for path in $PATHS
do
CPU_LOAD=`$SAR -P ALL 1 2 | $GREP ‘Average.*all’ | $AWK -F” ” ‘{ print 100.0 -$NF}’`
echo $CPU_LOAD
if [[ $CPU_LOAD > $LOAD ]];
then
PROC=`$PS -eo pcpu,pid -o comm= | $SORT -k1 -n -r | $HEAD -1`
echo “Please check your processess on ${HOSTNAME} the value of cpu load is $CPU_LOAD % & $PROC” > $MAILFILE
$CAT $MAILFILE | $MAILER -s “CPU Load is $CPU_LOAD % on ${HOSTNAME}” $mailto
fi
done

=============================

After  end of  schedule cron job for this script like below

*/30 * * * * /bin/sh /root/cpuload.sh >/dev/null 2>&1

Thanks

Ravi

How to smarthost on linux using sendmail

How to smarthost on linux using sendmail

By | | Comments 0 Comment

This will describe you how to set up a smarthost using sendmail. This is to send emails using your
linux server as your smtp server, and it will use your ISP email server to send all your emails through it, to the final users.

For setting up smarthost you have to add open relay smtp in your /etc/hosts
111.111.111.111 smtp.yourdomain.com
222.222.222.222 smtp.yourdomain.com

Now open /etc/mail/sendmail.mc
and find SMART_HOST
edit with your smtp domain, example below

define(`SMART_HOST’, `smtp.yourdomain.com’)dnl

now add belows 4 line at the end of /etc/mail/sendmail.mc above “MAILER(smtp)dnl”

FEATURE(masquerade_envelope)dnl
FEATURE(`genericstable’)dnl
GENERICS_DOMAIN(`localhost.localdomain’)dnl
FEATURE(`authinfo’, `hash /etc/mail/authinfo’)

save and close the sendmail.mc file

Now follow the steps below

$ vi /etc/mail/genericstable
root ravi@yourdomain.com

arun arun@yourdomain.com

list your users, default is root, save and exit

now run the following command.
$ makemap hash /etc/mail/genericstable < /etc/mail/genericstable

$ vi /etc/init.d/authinfo
AuthInfo:smtp.yourdomain.com “U:arun@smtp.yourdomain.com” “I:arun” “P:password” “M:LOGIN PLAIN”

save and exit authinfo and run
makemap hash /etc/mail/authinfo < /etc/mail/authinfo
chmod 600 /etc/mail/authinfo

Now apply all changes to sendmail.cf to run following command

$ make -C /etc/mail

and last restart the sendmail service
service sendmail restart ; chkconfig sendmail on

Now you can send emails from command line using your external smtp server.

Thanks

Ravi

How to install Tomcat on Linux

How to install Tomcat on Linux

By | | Comments 0 Comment

What is Tomcat –

Tomcat is the servlet container, which implements the Java Servlet and the JavaServer Pages (JSP) specifications from Sun Microsystem.  Tomcat is pure HTTP web server for Java based appicatio.

How to install –

1) Download java –

Go to http://java.sun.com/javase/downloads/?intcmp=1281 choose your platform and follow the steps on the site.

2) Installing the binaries
The installation of the Java Developer’s Kit is pretty straightforward if if you retrieve the RPM for it. If you have to download the RPM from Sun’s site, it isn’t acutally in RPM format yet. It’ll be called something like j2sdk-xxx-linux-rpm.bin. chmod 700 it and execute it. This will run the Sun EULA and after you agree to it, generate the actual RPM file.

Execute the binary –  chmod +x jdk-xxx-linux-i586-rpm.bin

After the RPM is produced, install it simply by running rpm -ivh jdk-xxx-linux-i586-rpm. This will install the JDK in /usr/java/jdk.x.x.  You need to modify the user’s .bash_profile to include /usr/java/jdk/bin in the path so the executables will run. What I usually do is make a symbolic link called /usr/java/jdk that points to this /usr/java/jdk.x.x. That way I don’t have to update my path in the .bash_profile every time I install a new version of the JDK.

You should also set your JAVA_HOME in the .bash_profile with something like  export JAVA_HOME=/usr/java/jdk
or on bash promt of user

[root@localhost]# JAVA_HOME=/usr/java/jdk  ;  export JAVA_HOME

Download the latest stable release of tomcat from http://mirrors.24-7-solutions.net/pub/apache/tomcat/tomcat-5/v5.5.26/bin/apache-tomcat-5.5.26.tar.gz

after downloading apache-tomcat-5.x.x.tar.gz extract it into /usr/local/

Installing the binaries
cd /usr/local

tar -xvzf apache-tomcat-5.x.x.tar.gz

cd apache-tomcat-5.x.x

cd bin

rm *.bat

To enable the Tomcat manager, you need to modify /usr/local/apache-tomcat-5.x.x/conf/tomcat-users.xml add a user »admin« or with the role »manager«. The result should look like this:

<?xml version=’1.0′ encoding=’utf-8′?>
<tomcat-users>
<role rolename=”manager”/>
<role rolename=”tomcat”/>
<role rolename=”role1″/>
<user username=”both” password=”tomcat” roles=”tomcat,role1″/>
<user username=”tomcat” password=”tomcat” roles=”tomcat”/>
<user username=”admin” password=”password” roles=”manager”/>
<user username=”role1″ password=”tomcat” roles=”role1″/>
</tomcat-users>

Now you should be able to startup tomcat –

/bin/sh /usr/local/apache-tomcat-5.x.x/bin/startup.sh

You should now be able to connect to: http://localhost:8080/index.jsp

Tomcat

Thanks
Ravi Bhure

yum for RHEL

yum for RHEL

By | | Comments 0 Comment

 There is more to Red Hat Enterprise Linux 5 (RHEL5) than Xen. I, for one, think people will develop a real taste for YUM (Yellow dog Updater Modified), an automatic update and package installer/remover for RPM systems.

YUM has already been used in the last few Fedora Core releases, but RHEL4 uses the up2date package manager. RHEL5 will use YUM 3.0. Up2date is used as a wrapper around YUM in RHEL5. Third-party code repositories, prepared directories or websites that contain software packages and index files, will also make use of the Anaconda-YUM combination.

Essentially, YUM automatically computes dependencies and figures out what actions need to happen in order to successfully install packages. The Yellowdog Update Modified package manager is actually a variant of the Yellowdog Update Package (YUP), which is used by the Yellowdog Linux project to manage its applications. Yum is a version of YUP that is compatible with RPMs.

Using YUM makes it much easier to maintain groups of machines without having to manually update each one using RPM. Some of its features include:

  • Multiple repositories

  • Simple config file

  • Correct dependency calculation

  • Fast operation

  • RPM-consistent behavior

  • comps.xml group support, including multiple repository groups

  • Simple interface

RHEL5 moves the entire stack of tools which install and update software to YUM. This includes everything from the initial install (through Anaconda) to host-based software management tools, like system-config-packages, to even the updating of your system via Red Hat Network (RHN). New functionality will include the ability to use a YUM repository to supplement the packages provided with your in-house software, as well as plugins to provide additional behavior tweaks.

YUM automatically locates and obtains the correct RPM packages from repositories. It frees you from having to manually find and install new applications or updates. You can use one single command to update all system software, or search for new software by specifying criteria.

Keep in mind that it is always useful to keep your packages in a local YUM repository. The advantage of this is that when you install a package, YUM will automatically resolve any dependencies, not only by downloading the necessary packages from the other repositories you might have in you list, but also by using your local repository as a resource for potential dependencies. When installing a package with YUM, you must have already created RPM packages for all your dependences. That way, YUM can resolve all the dependencies. You won’t be able to install your package if the dependencies do not exist in the repositories on your list.

Creating your own repository in RHEL5

To install the RPM, you’ll need to type this command:

# yum install createrepo

What this will do is put all your customer RPM packages in a directory, where you can then create the necessary metadata that is needed for your local repository. You would do that by running this command:

# createrepo /mnt/fc_local_repo/

Your local YUM repository has been created. Whenever you put in any new RPMs, you’ll have to run this command, so that the new repository metadata gets updated. To install an RPM package and all the other packages that it depends on, you only need to run:

# yum install my_package.RPM

To install the package group MySQL Database, enter the command:

# yum groupinstall “MySQL Database”

If you need to upgrade the packages for MYSQL: # yum groupupdate “MySQL Database”

To search for packages which provide for Mail Transfer Agents (MTAs), or that have MTA in the name:

# yum provides MTA

Let’s say we want to update our entire system. It’s as simple as typing:

# yum update

To activate automatic daily updates:

/sbin/chkconfig –level 345 yum on; /sbin/service yum start

Configuring access to repositories in RHEL5

To add an extra repository, place a definition file in the /etc/yum.repos.d/ directory on your system. Package providers make the definition files for their repositories available on their websites. You must have root access to add a file to the definitions directory. To copy the definition file example.repo, type this command:

# cp example.repo /etc/yum.repos.d/

The configuration file for each repository should include a gpgkey setting. This setting specifies the location of a public key that verifies the packages provided by that repository. This public key is automatically imported the first time that you install software from the repository.

In conclusion, if you have used YUM before, you should have no problem getting used to this change in RHEL5. If you have not used YUM, once you get passed the initial learning curve, I’m certain that you will love it.

for Yum for RHE4 just checkout official centos wiki pages on centos.org

http://wiki.centos.org/HowTos/PackageManagement/YumOnRHEL

Thanks

Ravi

apt-get installation for Redhat based Linux

apt-get installation for Redhat based Linux

By | | Comments 1 comment

Introduction –  apt-get  is the  APT package handling utility. I am using  apt-get command for  my day to day activities, which is very handy tool on Debian/Ubuntu Linux. Which can be used for installing/updating or removing Debian package (.deb), updating system etc.  So I was thinking  about using  apt-get on Redhat (RPM) based Linux.  is there any way to use it? the answer is Yes!! there is way  to use  apt-get  on Redhat (RPM) based Linux.

root@localhost:~#rpm -ivh http://apt.sw.be/redhat/el4/en/x86_64/dag/RPMS/apt-0.5.15lorg3.2-1.el4.rf.x86_64.rpm

Add following mirror –

root@localhost:~# vi /etc/apt/sorces.list.d/os.list

repomd http://apt.sw.be redhat/el4/en/x86_64/dag/

root@localhost:~#

How to use apt-get –

root@localhost:~# apt-get upgrade

root@localhost:~# apt-get update

root@localhost:~#apt-cache  search  pkg_name

root@localhost:~#apt-get  install  pkg_name

root@localhost:~#apt-get  remove  pkg_name

Thanks
Ravi Bhure