Friday, September 21, 2012

Pound Web server Load balancer



Install Pound to make the server load balancer.
This example shows to configure on the environment like follows
(1) www.server.world       [10.0.0.50]   Pound Server
(2) www01.server.world   [10.0.0.51]   Web Server#1 ( receive requests to www.server.world )
(3) www02.server.world   [10.0.0.52]   Web Server#2 ( receive requests to www.server.world )
(4) www03.server.world   [10.0.0.53]   Web Server#3 ( receive requests to www.virtual.host )
(5) www04.server.world   [10.0.0.54]   Web Server#4 ( receive requests to anything except them above )
[1] Install and Configure Pound

[root@www ~]# 
yum --enablerepo=epel -y install Pound 
  
# install from EPEL
[root@www ~]# 
vi /etc/pound.cfg
# line 13: add ( log level - max=5 )

LogLevel 3
# line 14: add ( Interval of heartbeat - seconds )

Alive 30
# line 21-25: make it comments

#
ListenHTTPS
#
   Address 0.0.0.0
#
   Port 443
#
   Cert "/etc/pki/tls/certs/pound.pem"
#
End
Service
# for the requests to www.server.world

HeadRequire "Host: .*www.server.world"

BackEnd

# backend server's IP address

Address 
10.0.0.51

# backend server's port

Port 
80

End
BackEnd

# backend server's IP address

Address 
10.0.0.52

# backend server's port

Port 
80

End

End
Service
# for the requests to www.virtual.host

HeadRequire "Host: .*www.virtual.host"

BackEnd

# backend server's IP address

Address 10.0.0.53

# backend server's port

Port 80

End

End
Service
# for the requests to anything except them avobe

HeadRequire "Host: .*"

BackEnd

# backend server's IP address

Address 10.0.0.54

# backend server's port

Port 80

End

End
[root@www ~]# 
/etc/rc.d/init.d/pound start 

Starting Pound: starting...
[ OK ]
[root@www ~]# 
chkconfig pound on
[2]Access to the Pound Server ( www.server.world ) with Web browser and make sure www01.server.world answers like follows.
[3]Shutdown www01.server.world by manually, then www02.server.world answers like follows.
[4]Access to the URI www.virtual.host, then www03.server.world answers like follows.
[5]Access to the IP address directly, then www04.server.world answered.

Posted by at 40 comments

Web server Load Balance Pen



Install Pen to configure Load Balance server. Pen is a light weight simple load balancer. This example shows to configure on the environment like follows.
        (1)  gw.horoppa.net         [10.0.0.50]  -  Pen Server
        (2)  www01.horoppa.net   [10.0.0.51]  -  Web Server#1
        (3)  www02.horoppa.net   [10.0.0.52]  -  Web Server#2
[1] Install and Configure Pen
[root@gw ~]# 
yum --enablerepo=epel -y install pen 
  
# install from EPEL
[root@gw ~]# 
vi /etc/pen.conf
# create new

# log file

LOGFILE=/var/log/pen.log
# output file of status

WEBFILE=/var/www/pen/webstats.html
# control port

CONTROL=127.0.0.1:10080
# max connections

MAX_CONNECTIONS=500
# listen port

PORT=80
# number of backend servers

BACKEND=2
# IP address of a backend

SERVER1=10.0.0.51:80
# IP address of a backend

SERVER2=10.0.0.52:80
[root@gw ~]# 
vi /etc/rc.d/init.d/pend
# create init script

# this is an example

#!/bin/bash

# pend: Start/Stop Pend
# chkconfig: - 90 10
# description: Pen is a light weight simple load balancer.
# pidfile: /var/run/pen.pid

. /etc/rc.d/init.d/functions
. /etc/sysconfig/network
. /etc/pen.conf

LOCKFILE="/var/lock/subsys/pen"
PID=/var/run/pen.pid
PROG=/usr/bin/pen

RETVAL=0
start() {
   echo -n $"Starting Pend: "
   SERVER=`grep "^SERVER" /etc/pen.conf | cut -d= -f2`
   daemon $PROG -w $WEBFILE -x $MAX_CONNECTIONS -p $PID -l $LOGFILE -C $CONTROL -S $BACKEND -r $PORT $SERVER
   RETVAL=$?
   echo
   [ $RETVAL -eq 0 ] && touch $LOCKFILE
   return $RETVAL
}
stop() {
   echo -n $"Stopping Pend: "
   killproc $PROG
   RETVAL=$?
   echo
   [ $RETVAL -eq 0 ] && rm -f $PID $LOCKFILE
   return $RETVAL
}
case "$1" in
   start)
      start
      ;;
   stop)
      stop
      ;;
   status)
      status pend
      ;;
   restart)
      stop
      start
      ;;
   *)
      echo $"Usage: $0 {start|stop|status|restart}"
      exit 1
esac
exit $?

[root@gw ~]# 
vi /etc/logrotate.d/pen
setting of logrotation
# this is an example

/var/log/pen.log {
   daily
   copytruncate
   compress
   notifempty
   missingok
   postrotate
     /etc/rc.d/init.d/pend restart 2>&1 > /dev/null || true
   endscript
}

[root@gw ~]# 
chmod 755 /etc/rc.d/init.d/pend 

[root@gw ~]# 
/etc/rc.d/init.d/pend start 

Starting Pend: [ OK ]
[root@gw ~]# 
chkconfig --add pend 

[root@gw ~]# 
chkconfig pend on 
[2]Access to the URL you set and make sure backend server answers normally like follows.
[3]Shutdown other httpd manually and make sure another httpd answers normally like follows.
[4]Configure the tool that it's possible to watch Pen's status.
[root@gw ~]# 
cp /usr/share/doc/pen-*/penstats /var/www/pen 

[root@gw ~]# 
vi /var/www/pen/penstats
# line 4: change

PIDFILE=
/var/run/pen.pid
# line 5: change

WEBFILE=
/var/www/pen/webstats.html
[root@gw ~]# 
vi /etc/httpd/conf.d/pen.conf
# change

Alias
 /pen/ /var/www/pen/
<Directory /var/www/pen/>
   DirectoryIndex penctl.cgi
   Options ExecCGI
   order deny,allow
   deny from all
   allow from 127.0.0.1 
10.0.0.0/24
   
# IP address you permit

</Directory>
[root@gw ~]# 
/etc/rc.d/init.d/httpd restart 

Stopping httpd: 
[ OK ]

Starting httpd: 
[ OK ]

[root@gw ~]# 
chmod 755 /var/www/pen/penstats 

[root@gw ~]# 
/var/www/pen/penstats > /dev/null 
  
# run

[root@gw ~]# 
crontab -e
# update by 5 minutes

*/5 * * * * /var/www/pen/penstats > /dev/null
[5]Access to "http://(pen's hostname or IP address):(httpd listen port)/pen/webstats.html" and make sure following site is shown normally.
Posted by at 0 comments

Subversion - Version Control

[1]Install and Configure Subversion.
[root@www ~]# 
yum -y install subversion mod_dav_svn
[root@www ~]# 
vi /etc/httpd/conf.d/subversion.conf
# line 26-40: uncomment and change like follows

<Location /repos>
   DAV svn
   SVNParentPath /var/www/svn
# # Limit write permission to list of valid users.
   <LimitExcept GET PROPFIND OPTIONS REPORT>
      # Require SSL connection for password protection.
      SSLRequireSSL
      AuthType Basic
      AuthName "Authorization Realm"
      AuthUserFile 
/etc/httpd/conf/.htpasswd

      
# specify access control file

      
AuthzSVNAccessFile /etc/svnusers

      Require valid-user
   </LimitExcept>
</Location>
[root@www ~]# 
vi /etc/svnusers
# set access right like an example below

[site:/]
# all users are writable

* = rw
# cent is writable

[site:/directory]
cent = rw
# userB is readable

userB = r
# userC is not permitted

userC =
[root@www ~]# 
mkdir -p /var/www/svn/site 

[root@www ~]# 
svnadmin create /var/www/svn/site 
  
# create a repository

[root@www ~]# 
chown -R apache. /var/www/svn 

[root@www ~]# 
htpasswd -c /etc/httpd/conf/.htpasswd cent 
  
# add a user

New password:
# set password

Re-type new password:
Adding password for user cent
[root@www ~]# 
/etc/rc.d/init.d/httpd restart 

Stopping httpd:
[ OK ]

Starting httpd:
[ OK ]
Posted by at 0 comments

NFS Server

[1]It's the Configuration on the system you want to build NFS server.
[root@dlp ~]# 
yum -y install nfs-utils
# install
[root@dlp ~]# 
vi /etc/idmapd.conf
# line 5: uncomment and change to your domain name

Domain = 
horoppa.net
[root@dlp ~]# 
vi /etc/exports
# write like below *note

/home 10.0.0.0/24(rw,sync,no_root_squash,no_all_squash)
# *note
/home 
⇒ shared directory

10.0.0.0/24 
⇒ range of networks NFS permits accesses

rw 
⇒ writable

sync 
⇒ synchronize

no_root_squash 
⇒ enable root privilege

no_all_squash
⇒ enable users' authority
[root@dlp ~]# 
/etc/rc.d/init.d/rpcbind start 

Starting rpcbind: 
[  OK  ]

[root@dlp ~]# 
/etc/rc.d/init.d/nfslock start 

Starting NFS statd: 
[  OK  ]

[root@dlp ~]# 
/etc/rc.d/init.d/nfs start 

RPC: Registered udp transport module.
RPC: Registered tcp transport module.
RPC: Registered tcp NFSv4.1 backchannel transport module.
Installing knfsd (copyright (C) 1996 okir@monad.swb.de).
Starting NFS services: 
[  OK  ]

Starting NFS daemon: NFSD: Using /var/lib/nfs/v4recovery as the NFSv4 state recovery directory
NFSD: starting 90-second grace period
[ OK ]
Starting NFS mountd: [ OK ]
[  OK  ]

Starting RPC idmapd: [ OK ]
[  OK  ]
[root@dlp ~]# 
chkconfig rpcbind on 

[root@dlp ~]# 
chkconfig nfslock on 

[root@dlp ~]# 
chkconfig nfs on 
[2]Configuration on NFS clients
[root@www ~]# 
yum -y install nfs-utils
# install
[root@www ~]# 
vi /etc/idmapd.conf
# line 5: uncomment and change to your domain name

Domain = 
horoppa.net
[root@www ~]# 
/etc/rc.d/init.d/rpcbind start 

Starting rpcbind: 
[  OK  ]

[root@www ~]# 
/etc/rc.d/init.d/rpcidmapd start 

Starting RPC idmapd: RPC: Registered udp transport module.
RPC: Registered tcp transport module.
RPC: Registered tcp NFSv4.1 backchannel transport module.
[ OK ]
[root@www ~]# 
/etc/rc.d/init.d/nfslock start 

Starting NFS statd: 
[  OK  ]

[root@www ~]# 
/etc/rc.d/init.d/netfs start 

Mounting other filesystems: 
[  OK  ]

[root@www ~]# 
chkconfig rpcbind on 

[root@www ~]# 
chkconfig rpcidmapd on 

[root@www ~]# 
chkconfig nfslock on 

[root@www ~]# 
chkconfig netfs on 

[root@www ~]# 
mount -t nfs dlp.horoppa.net:/home /home 

[root@www ~]# 
df -h 

Filesystem
Size
Used
Avail
Use%
Mounted on

/dev/mapper/VolGroup-lv_root
18G
864M
16G
6%
/

tmpfs
499M
0
499M
0%
/dev/shm

/dev/vda1
485M
47M
413M
11%
/boot

dlp.server.world:/home
18G
864M
16G
6%
/home

# home directory on NFS is mounted
[root@www ~]# 
vi /etc/fstab 

# add at the lat line: change home directory this server mounts to the one on NFS

/dev/mapper/VolGroup-lv_root
/
ext4
defaults
1 1

UUID=2078630e-e84a-49e7-af68-55f0bde8d6c3   /boot   ext4   defaults
1 2

tmpfs
/dev/shm
tmpfs
defaults
0 0

devpts
/dev/pts
devpts
gid=5,mode=620
0 0

sysfs
/sys
sysfs
defaults
0 0

proc
/proc
proc
defaults
0 0

dlp.horoppa.net:/home
/home
nfs
defaults
1 1
Posted by at 0 comments

Setting up multiple IP addresses on a single NIC in Linux

In linux, you can bind multiple IP addresses on a single NIC. This is usually done in case you are using your linux machine as a web server and is hosting multiple domains and you want to bind each domain to a unique IP address. This is how it is done.

Let us assume that you already have a NIC which is bound with a static IP address. Then you will have a file called /etc/sysconfig/network-scripts/ifcfg-eth0 .Myifcfg-eth0 file has the following entries:
# File: ifcfg-eth0
DEVICE=eth0
ONBOOT=yes
BOOTPROTO=static
IPADDR=192.168.0.1
NETMASK=255.255.255.0
BROADCAST=192.168.0.255
NETWORK=192.168.0.0
HWADDR=00:80:48:34:C2:84

Now to bind another IP address to the same NIC, I create a copy of the above file ifcfg-eth0 and name it as ifcfg-eth0:1
# cd /etc/sysconfig/networking-scripts
# cp ifcfg-eth0  ifcfg-eth0:1

Now just change the values of the DEVICE and IPADDR in the file as follows:
# File: ifcfg-eth0:1
DEVICE=eth0:1
ONBOOT=yes
BOOTPROTO=static
IPADDR=192.168.0.5
NETMASK=255.255.255.0
BROADCAST=192.168.0.255
NETWORK=192.168.0.0
HWADDR=00:80:48:34:C2:84
And lastly, restart the networking service. If you are using RedHat, then it is as simple as :
# service network restart

Note: If you do not know how to configure a NIC, see my previous posts - How to install a network card in Linux and How to assign an IP address.
Posted by at 0 comments

Tuesday, September 18, 2012

Real-time Bandwidth monitoring tool - Bmon

bmon is a portable bandwidth monitor and rate estimator. It supports various input methods for different architectures. Various output modes exist, including an interactive curses interface, lightweight HTML output, and simple ASCII output. Statistics may be distributed over a network using multicast or unicast and collected at some point to generate a summary of statistics for a set of nodes.

Install bmon
For Ubuntu or Debian systems, either click this link or run the following command in a terminal
$ sudo apt-get install bmon
Using bmon:
Open a terminal and enter the command "bmon" and you should see the following output



Read more: http://linuxpoison.blogspot.com/2010/08/real-time-bandwidth-monitoring-tool.html#ixzz26olyOkMB
Posted by at 0 comments

Lightweight Monitoring Tool for Servers and Embedded System - Monitorix

Monitorix is a free, open source, lightweight system monitoring tool designed to monitorize as many services as possible. At this time it monitors from the CPU load and temperatures to the users using the system. Network devices activity, network services demand and even the devices' interrupt activity are also monitored, and more.

The current status of any corporate server with Monitorix installed can be accessed via a web browser.
Monitorix has been designed to be used under production UNIX/Linux servers, but due its simplicity and small size you may also use it to monitor embedded devices.

Installation:
Monitorix is under GPLv2 licensing and available for download on the project homepage as source code and in numerous packages. Rpm based system (RedHat / Fedora / Centos / Opensuse) can install Monitorix using command:
rpm -ivh monitorix-1.4.2-1.noarch.rpm
Configuration of Monitorix:
Before starting the monitorix daemon, be sure to adjust the /etc/monitorix.conf to your liking. For a complete list of options and features, see the man page for monitor.conf.

our $TITLE = "Linux Poison";                                 # your company name
our $HOSTNAME = "poison.hell.com"; # hostname of this server
our $OSTYPE = "Linux-SuSE";                 # choose your OS type (see below)
our $SAMBAVER = "3";                         # Samba version (2 or 3)
our $MULTIHOST = "N";                 # Enable multihost feature
our $MULTIHOST_FOOTER = "Y";         # (multihost) display URL in image
our $MULTIHOST_IMGPERLINE = "2";         # (multihost) # of images per line
our $REPORT_LANG = "en";                         # Report language
our $THEME_COLOR = "black";                 # Default is "black", none is "white"
our $REFRESH_RATE = "150";                 # Web stats' refresh rate in seconds
our $ENABLE_CROND_MAIL = "Y";         # Error messages are sent by crond

Common settings to tweak here include company name, hostname, and theme color.
Finally you'll be able to start Monitorix with: # service monitorix start

To view your system stats, make sure your webserver is running and browse to [http://localhost/monitorix] to see the data.



Read more: http://linuxpoison.blogspot.com/2010/08/lightweight-monitoring-tool-for-servers.html#ixzz26olPYIpq
Posted by at 0 comments

Darkstat - Web Based Network Traffic & Bandwidth Monitoring Tool on Linux

darkstat is an ntop-workalike network statistics gatherer. It runs as a background process on a cable or DSL router, uses libpcap to capture network traffic, and has a Web interface that serves up reports of statistics such as data transferred by host, port, and protocol. It also has a neat bandwidth usage graph.

Author of the program, Emil Mikulic, had "ntop" in use for a long time. But he was disaffected of its stability issues and its bad memory behavior. For this reason he developed "darkstat".

Installation:
OpenSuSe user can use "1-click" installer to install darkstat - here
Ubuntu / debian: $ sudo apt-get install darkstat

To start DarkStat
# darkstat -i eth0
where “eth0″ is the interface that you monitor traffic coming in and going out. Change it as in your system.

Now, darkstat starts and sniffs in the background and loads a simple web interface at http://localhost:667 or if you are browsing from a different machine then http://:667 (example: http://192.168.1.1:667)


At the "hosts" tab you can see all the machines which take part in the communication. These can be arranged by the caused traffic or their particular IP address. By this possibility you can detect the machines, which have produced the highest traffic in the local network, very fast. Thereby the responsible system administrator has a chance to get to the bottom of a problem.



Read more: http://linuxpoison.blogspot.com/2009/12/darkstat-web-based-network-traffic.html#ixzz26okmcBdT
Posted by at 0 comments
Subscribe to: Posts (Atom)