≡ Menu

centos linux

Recently, I noticed something strange about Apache 2.2.3 version running on CentOS Linux 5 64 bit version. We have centralized NFS server and all 3 web server load balanced using hardware front end (another box running LVS).

All Apache server picks up file via NFS i.e DocumentRoot is set over NFS. The small file such as 2 MB or 5 MB get downloaded correctly but large size files failed to download. Another problem was some clients reported that the file get download but cannot open due to file corruption issue.

After investigation and a little bit googling I came across the solution. You need to disable following two options:

  • EnableMMAP - This directive controls whether the httpd may use memory-mapping if it needs to read the contents of a file during delivery. By default, when the handling of a request requires access to the data within a file -- for example, when delivering a server-parsed file using mod_include -- Apache memory-maps the file if the OS supports it.
  • EnableSendfile - This directive controls whether httpd may use the sendfile support from the kernel to transmit file contents to the client. By default, when the handling of a request requires no access to the data within a file -- for example, when delivering a static file -- Apache uses sendfile to deliver the file contents without ever reading the file if the OS supports it.

However, these two directives are known to have problem with a network-mounted DocumentRoot (e.g., NFS or SMB), the kernel may be unable to serve the network file through its own cache. So just open httpd.conf on all boxes and changes the following:
EnableMMAP off
EnableSendfile off

Just restart the web server and voila!
# service httpd restart

Lighttpd / Apache : Run Xcache in Chrooted Jail

Recently I wrote about installing and running Xcache under Red hat enterprise Linux and CentOS Linux. By default Xcache use /dev/zero for caching. All you have to do is create /dev/zero in chrooted jail. Type the following command (assuming that your jail is located at /lighttpd.jail directory):
# mkdir -p /lighttpd.jail/dev
# mknod -m 666 /lighttpd.jail/dev/zero c 1 5

Just restart your web server and xcache should work under chrooted lighttpd web server.

Many people asked me to write about setting up Lighttpd under CentOS or RHEL 5 Linux using chroot() call. The instructions are almost same but you need to make little modification as compare to Debian / Ubuntu Linux instructions.

For example purpose we will build jail at /webroot location.
=> Default document root : /home/lighttpd/default/
=> Port : 80
=> IP: Your Public IP address
=> Virtual domain1: /home/lighttpd/vdomain1.com/
=> Virtual domain1 access log file: /var/log/lighttpd/vomain1.com/
=> Default access log file:/var/log/lighttpd/access.log
=> Default error log file:/var/log/lighttpd/error.log
=> Default php error log file: /var/log/lighttpd/php.log

Assumptions

These installation instructions assume you have:

  • Linux distribution
  • Required RPMs (see below for installation instructions)
    • php, php-pear, php-common, php-pdo, php-ldap, php-gd, php-cli, php-mysql
    • mysql, mysql-server etc
    • lighttpd, lighttpd-fastcgi (rpm available here)
  • Installations were tested on Red Hat Enterprise Linux v4/5 or CentOS v4/5 or Fedora Linux 7

Step # 1: Install required packages

Install php and related packages:
# yum install php php-pear php-common php-pdo php-ldap php-gd php-cli php-mysql
Install mysql and related packages:
# yum install mysql mysql-server
Install lighttpd and mod_fastcgi for lighttpd:
# rpm -ivh http://dag.wieers.com/rpm/packages/lighttpd/lighttpd-1.4.18-1.el5.rf.i386.rpm
# rpm -ivh http://dag.wieers.com/rpm/packages/lighttpd/lighttpd-fastcgi-1.4.18-1.el5.rf.i386.rpm

Step # 2: Create /webroot and related directories

# mkdir /webroot
# cd /webroot
# mkdir etc
# mkdir tmp
# chmod 1777 tmp/
# mkdir -p usr/bin
# mkdir -p home/lighttpd/default
# mkdir -p var/run/lighttpd
# mkdir -p var/log/lighttpd
# chown lighttpd:lighttpd var/run/lighttpd/
# chown lighttpd:lighttpd var/log/lighttpd/
# chown -R lighttpd:lighttpd home/

Step # 3: Install chroot script

You need to download and install my script that will help you to build lighttpd in jail:
# cd /sbin/
# wget http://www.cyberciti.biz/files/lighttpd/l2chroot.txt
# mv l2chroot.txt l2chroot
# chmod +x l2chroot

Step # 4: Install php in jail

Now copy php-cgi binary and related shared libraries using l2chroot script:
# cd /webroot/usr/bin
# cp /usr/bin/php-cgi .
# l2chroot php-cgi

Step # 5: Copy required files to /etc

Now you must copy php.ini and related all files to /etc/
# cd /webroot/etc
# cp /etc/passwd .
# cp /etc/group .
# cp /etc/hosts .
# cp /etc/nsswitch.conf .
# cp /etc/resolv.conf .
# cp /etc/php.ini .
# cp -avr /etc/php.d/ .
# cp -avr /etc/ld* .

Update (Oct-1-2008, 1:52pm) : You need to copy entire /etc/ and /usr/share/zoneinfo files to work with latest php version:
# cd /webroot/etc
# /bin/cp -avr /etc/* .

Copy all files from /usr/share/zoneinfo/:
# mkdir -p /webroot/usr/share/
# cd /webroot/usr/share/
# cp -avr /usr/share/zoneinfo/ .

Open group and passwd file and only keep entries for root and lighttpd user:
# vi /webroot/etc/group
Make sure file look as follows:
root:x:0:root
lighttpd:x:101:

Also open passwd file inside jail:
# vi /webroot/etc/passwd
Make sure file look as follows:
root:x:0:0:root:/root:/bin/bash
lighttpd:x:100:101:lighttpd web server:/srv/www/lighttpd:/sbin/nologin

Step # 5: Copy php modules

Now copy php mysql support, php gd and other all modules:
# cd /webroot/usr/lib/
# cp -avr /usr/lib/php/ .
# cd php/modules
# for l in *.so; do l2chroot $l; done

Step # 6: Configure lighttpd chroot call

Open /etc/lighttpd/lighttpd.conf file:
# vi /etc/lighttpd/lighttpd.conf
Setup default document root and chroot directory:
server.document-root = "/home/lighttpd/default/"
server.chroot="/webroot"

Save and close the file.

Step # 7: Restart lighttpd

Type the following command:
# /etc/init.d/lighttpd restart

Jail size

# du -ch /webroot/
Output:

12K     /webroot/var/log/lighttpd
16K     /webroot/var/log
4.0K    /webroot/var/run/lighttpd
8.0K    /webroot/var/run
28K     /webroot/var
8.0K    /webroot/etc/ld.so.conf.d
36K     /webroot/etc/php.d
160K    /webroot/etc
8.0K    /webroot/home/lighttpd/default
12K     /webroot/home/lighttpd
16K     /webroot/home
5.3M    /webroot/lib
4.0K    /webroot/tmp
872K    /webroot/usr/lib/sse2
1.4M    /webroot/usr/lib/mysql
676K    /webroot/usr/lib/php/modules
4.0K    /webroot/usr/lib/php/pear
684K    /webroot/usr/lib/php
9.9M    /webroot/usr/lib
2.9M    /webroot/usr/bin
13M     /webroot/usr
19M     /webroot/
19M     total

Troubleshooting

Always go thought /var/log/messages and server log files:
# tail -f /var/log/messages

Download mysql testing script

Copy and test php mysql connectivity with this script.

One of our regular reader asks:

I'm using CentOS Linux 5 server. How do I set up Xen on Linux ? How do I install guest VPS oses such as Fedora or Windows 2000 or Debian Linux inside XEN?

Xen is a free open source software virtual machine monitor for Intel / PowerPC architectures. It is software that runs on a host operating system and allows several guest operating systems to be run on top of the host on the same computer hardware at the same time (just like VMWare software). Luckily Installing and managing XEN is quite easy under CentOS 5 Linux.

Login as the root and type the following commands:
# yum install xen virt-manager kernel-xen
# chkconfig xend on
# reboot

Make sure you boot CentOS server using XEN kernel.

How do I install NetBSD / any Linux distro / Windows 2000 inside XEN?

Simply use gui tool called virt-manager:
# virt-manager &

CentOS XEN Virtual machine manager

CentOS XEN Virtual machine manager

Now just follow on screen instructions to setup new guest operating systems (VPS oses). virt-manager is Xen Management Consoles software. It can perform the common tasks of administering a Xen host such as configuring, starting, monitoring and stopping of Xen guests oses. Please note that above instructions also works on

  • RHEL 5
  • Fedora Linux 7

Installing CentOS 5.3 guest using the Internet

virt-install is a command line tool for provisioning new virtual machines using the "libvirt" hypervisor management library. Type the following command to install CentOS v5.3 64 bit as guest operating system in /vm:
# mkdir /vm
If you are using SELinux, enter:
# semanage fcontext -a -t xen_image_t "/vm(/.*)?"
# restorecon -R /vm
# ls -dZ /vm

Above will provide security context of Xen images. Finally, install CentOS 5.3 using the Internet mirror:
# virt-install \
--paravirt \
--name webserver01 \
--ram 512 \
--file /vm/webserver.nixcraft.com.img \
--file-size 10 \
--nographics \
--location http://mirrors.kernel.org/centos/5.3/os/x86_64/

Above will CentOS as a paravirtualized Xen guest, with 512 MB of RAM, a 10 GB of disk, and from a web server, in text-only mode. You need to just follow on screen instructions.

Fig.01: Centos Xen Virtualization Installation

Fig.01: Centos Xen Virtualization Installation


Once installed you can use xm command to list, start, stop and manage xen vps:
# xen list
Attach console to domain / guest called webserver01:
# xm console webserver01
See xm command cheat sheet.

Installing CentOS 5.3 guest using DVD

Install a CentOS guest, using LVM partition, virtual networking, booting from the host CDROM, using VNC server/viewer (insert DVD into drive):
# virt-install \
--connect qemu:///system \
--name mailserver
--ram 500 \
--file /dev/HostVG/mailserver.cyberciti.biz \
--network network:default \
--accelerate \
--vnc \
--cdrom /dev/cdrom

Note you need qemu and virt-viewer installed on the host system.

Installing Fedora guest using DVD iso image stored on hard disk

Install a Fedora Linux, with a real partition (/dev/sdc), using a local DVD ISO image:
# virt-install \
--name www2 \
--ram 1000 \
--file /dev/sdc \
--network bridge:eth1 \
--cdrom /tmp/fedorabootdvd.iso

Further readings:

How to: Upgrade VMWARE Server under Linux

Build 56528 is a release build of VMware Server 1.0.4. It is a maintenance bug fix release to address security issues. Upgrading VMWare server is a piece of cake under Redhat Enterprise Linux / CentOS Linux version 5.0.

Please note that following instructions are tested on RHEL 4.5, 5.0 and CentOS Linux 5.0 only. You can use tar ball based package to upgrade vmware under Debian Linux.

Find out current VMware server version

First find out current vmware server version, enter:
# vmware -v
Output:

VMware Server 1.0.3 build-44356

You can download the latest version from official site.

Shutdown all VMWARE guest oses / vps

Login to each running VM and bring down (halt) guest operating system. You can also use vmware server console or web based interface for the same purpose.
Stop VMWARE Server:
# /etc/init.d/vmware stop
Output:

Stopping VMware services:
   Virtual machine monitor                                 [  OK  ]
   Bridged networking on /dev/vmnet0                       [  OK  ]
   Virtual ethernet                                        [  OK  ]

Stop VMWARE Webbased interface:
# /etc/init.d/httpd.vmware stop
Output:

   Shutting down http.vmware:                              [  OK  ]

Download VMWARE Server

Use wget the ultimate command line downloader
# cd /tmp
# wget http://download3.vmware.com/software/vmserver/VMware-server-1.0.4-56528.i386.rpm
# wget http://download3.vmware.com/software/vmserver/VMware-mui-1.0.4-56528.tar.gz

Upgrade VMWARE server

Use rpm command to upgrade VMWARE server, enter:
# rpm -Uvh VMware-server-1.0.4-56528.i386.rpm
Output:

Preparing...                ########################################### [100%]
   1:VMware-server          ########################################### [100%]

Reconfigure VMWARE Server

Just reconfigure Vmware server with old values/options:
# vmware-config.pl
Just accept accept the End User License Agreement and press CTRL+C. Now configure server with old values:
# vmware-config.pl -d
Output:

aking sure services for VMware Server are stopped.
Stopping VMware services:
   Virtual machine monitor                                 [  OK  ]
   Bridged networking on /dev/vmnet0                       [  OK  ]
   Virtual ethernet                                        [  OK  ]
Configuring fallback GTK+ 2.4 libraries.
In which directory do you want to install the mime type icons?
[/usr/share/icons]
What directory contains your desktop menu entry files? These files have a
.desktop file extension. [/usr/share/applications]
In which directory do you want to install the application's icon?
[/usr/share/pixmaps]
Trying to find a suitable vmmon module for your running kernel.
...........
...
.....
*** Output truncated ***

Upgrade VMware Server Web-based management interface

The VMware Server Web-based management interface. Install on your VMware Server system to enable control from a Web browser. Untar and install the same:
# tar -zxvf VMware-mui-1.0.4-56528.tar.gz
# cd vmware-mui-distrib/
# perl vmware-install.pl

Just follow on screen instructions to install Web-based management interface. Finally just start all guest oses.

One of my client runs dedicated NS1 and NS2 to host more than 3000+ domains. Recently they upgraded their servers to latest Dual Core Dual AMD server with CentOS 5.0 and BIND server.

By default BIND / named will try to determine the number of CPUs present and create one thread per CPU. If it is unable to determine the number of CPUs, a single worker thread will be created. However due to some reason the BIND server failed to automatically utilize all of the system's available CPUs. So how do you force DNS Server to take advantage of multiple CPUs under CentOS Linux?

After a little investigation, named man page pointed out me in right direction ~ -n #CPU option, which creates #cpus worker threads to take advantage of multiple CPUs.

Force BIND DNS Server to take advantage of multiple CPUs

In order to enable multiple CPU open /etc/sysconfig/named file under CentOS / RHEL / Fedora Linux:
# vi /etc/sysconfig/named
To force bind to take advantage of 4 CPUs, add / modify as follows:
OPTIONS="-n 4"
Save and close the file. Restart named service:
# /etc/init.d/named restart

A note about Debian / Ubuntu Linux user

If you are a Debian / Ubuntu Linux modify /etc/defaults/bind9 file:
$ sudo vi /etc/defaults/bind9
Append config line:
OPTIONS="-n 4"
Please note append -n 4 to the end of other options (if any), for example:
OPTIONS="-4 -6 -n 4"
Save and close the file. Restart BIND server:
$ sudo /etc/init.d/bind9 restart

More more information read named man page.

This is a nice and step by step guide for installing Oracle database server under CentOS Linux. The guide has plenty of screenshots:

During OS install both GNOME and KDE desktops were selected as well as all components of all available groups except "Virtualisation", "Clustering", "Cluster Storage" KDE Session has been selected for system login. Firewall and SELINUX have been disabled.

Installing Oracle 10.2.0.1 on CentOS 5.0 (x86_64) [Oracle DBA Blog]