Haas PhD Server Configuration
Haas PhD Students have two new servers and this page details their configuration.
IP Addresses
During the configuration phase the servers will be on:
- phd-pgsql: 128.32.66.163
- phd-lamp: 128.32.66.164
Base configurations
Both servers are running CentOS release 5.5 (cat /etc/*release*), which uses the Yum package manager (yum list installed | more). Both have Gnome on Xwindows available, as well as the following common packages:
- cpp 4.1.2-48.el5.
- ftp 0.17-35.el5
- httpd 2.2.3-43.el5.centos.3
- iptables 1.3.5-5.3.el5_4.1
- mysql 5.0.77-4.el5_5.4 (note that this is the client)
- openssh 4.3p2-41.el5_5.1
- pam 0.99.6.2-6.el5_5.2
- perl 4:5.8.8-32.el5_5.2
- python 2.4.3-27.el5_5.3
- php 5.1.6-27.el5_5.3
- samba 3.0.33-3.29.el5_5.1
- squid 7:2.6.STABLE21-6.el5
Notable additional packages on pgsql are:
- postgresql.x86_64 8.1.22-1.el5_5.1
Before we start
On Both Machines
Mounting bear
It is very useful to mount your R drive
mkdir /mnt/ed mount -t cifs //bear/ed_egan/ /mnt/ed -o user=ed_egan
for the inclusion into fstab or other more sophisticated approaches there is a Centos help page.
Package additions/upgrades/removals
On lamp:
- Upgrade PhP to 5.2.17+
- Install MySQL (the server)
- Install Mediawiki
- Remove ftp
On pgsql:
- Remove httpd, mysql, ftp, sendmail, inn and other servers we don't need
- Upgrade python to version 3.1
- Install TrueCrypt
On the Wiki Server
Upgrading PhP
In order to upgrade PhP (or install a more recent version of MySQL) we will probably need access to a different repository.
You can automatically add the Atomicorp repository using:
wget -q -O - http://www.atomicorp.com/installers/atomic | sh
It has PhP version 5.2.17-1.el5.art and MySQL version 5.1.55-1.el5.art. Also install pgp-mysql.
yum list php #We were running 5.1.6-27.el5_5.3 yum upgrade php yum install php-mysql
Install MySQL
Install MySql (and update the client):
yum install mysql mysql-server
Start the server:
/etc/init.d/mysqld start
And make sure it starts automatically on reboot:
/sbin/chkconfig --levels 235 mysqld on
Set a root password for the database:
mysqladmin -u root password cheit
At this point you should configure and test the webserver and PhP, which is discussed below.
Install Mediawiki
There is no good version of mediawiki available from a yum repo. So you should do this manually. It isn't painful. Detailed instructions (you won't need them) are available from:
First change to your home directory (or somewhere 'safe') then
wget http://download.wikimedia.org/mediawiki/1.16/mediawiki-1.16.2.tar.gz
Then untar the package, either using the --owner option or as a non-root user to force extracted file ownernship to be other than 1000
su username tar xvzf mediawiki-*.tar.gz sudo su
Now copy the files into the 'right' location and change permissions
mkdir /var/www/html/w cp -r mediawiki-1.16.2/* /var/www/html/w/ chmod a+w /var/www/html/w/config
Install ImageMagick using Yum:
yum install glib glib2 libpng libjpeg libtiff ghostscript freetype ImageMagick ImageMagick-perl
On Pgsql
Removing Unneeded Servers
Remove the web, mail, news and other unneeded servers. Consider removing MySQL (but leave it for now):
yum groupremove "Web Server" yum groupremove "Mail Server" yum groupremove "News Server"
Install and Configure PostgreSQL
To install Postgres with the PLs (Procedural Languages) do:
yum install postgresql postgresql-server postgresql-pl postgresql-libs
Start the service with:
/sbin/chkconfig postgresql on /sbin/service postgresql start
Add the following to /etc/sysconfig/iptables to allow access through the firewall:
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s 128.32.66.0/24 --dport 5432 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s 128.32.67.0/24 --dport 5432 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s 128.32.74.0/24 --dport 5432 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s 10.136.0.0/23 --dport 5432 -j ACCEPT
Restart the IPtables so the changes take effect:
service iptables restart
Now create some users on the database server:
su postgres createuser root createuser -P ed_egan exit
Check the version of Postgres and Perl installed:
psql -c "select version();" template1 PostgreSQL 8.1.23 perl -v v5.8.8
Now add the perl PL to the standard template so that all new databases will be perl enabled:
createlang plperl template1
Check the specs on the machine for the configuration:
cat /proc/meminfo MemTotal: 8181356 kB cat /proc/cpuinfo 2 x Quad core CPUs cache size: 2048 KB model name: Intel(R) Xeon(TM) CPU 2.80GHz
Review the performance tuning section on the Working with PostgreSQL page and make the following changes to /var/lib/pgsql/data/postgresql.conf:
listen_addresses = '*' port = 5432
shared_buffers = 131072 #1073741824 => 131072 * 8 * 1024 work_mem = 262144 #1024 * 256 => 262144 maintenance_work_mem = 262144 #786432 => 6 * 1073741824 => 6 * 131072 * 8 * 1024 effective_cache_size = 786432
Alter /var/lib/pgsql/data/pg_hba.conf to include the lines (under IPv4):
host all all 128.32.74.0/24 md5 host all all 128.32.66.0/24 md5 host all all 128.32.67.0/24 md5 host all all 10.136.0.0/23 md5
Note that this will use encrypted database passwords, and that all accounts must have non-null passwords (i.e. be created with createuser -P username)
And restart Postgres:
/sbin/service postgresql restart
Upgrade Python?
Find out which version of Python is currently installed:
yum list python #lists version 2.4.3-27.el5_5.3
There are tarballs of version 3.2 available from Python.org's download area, but it seems to recent to have got rpm/yum support as yet.
Configuration
For both servers:
- Mount bear
- Configure Iptables
For lamp:
- Configure Apache
- Configure Mediawiki
- Add Mediawiki extensions
- Create new folder structure
For pgsql:
- Configure Postgre
On the Wiki Server
Configure Apache
Edit the main config file:
vi /etc/httpd/conf/httpd.conf ... ServerName 128.32.66.164:80 ...
To start Apache (to restart use 'restart'):
/etc/init.d/httpd start
To set Apache to start at boot:
/sbin/chkconfig --levels 235 httpd on
First, confirm your IP address:
/sbin/ifconfig
Configure IP Tables
For lamp we need a hole for port 80 for the webserver. For pgsql we need a hole for our clientware. General documentation is available in iptables from Centos
Check that iptables is running:
/sbin/lsmod | grep ip_tables
Backup the old rules:
cp /etc/sysconfig/iptables /etc/sysconfig/iptables.bak
Add a hole (or two):
vi /etc/sysconfig/iptables ... -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s 128.32.66.0/24 --dport 80 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s 128.32.67.0/24 --dport 80 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s 128.32.74.0/24 --dport 80 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s 10.136.0.0/23 --dport 80 -j ACCEPT ...
Restart the service:
/etc/init.d/iptables restart
Test the webserver and PhP
Browse to http://128.32.66.164/ you should see the test page. Write the following text file to /var/www/html/Test.php:
<?php phpinfo(); ?>
Browse to http://128.32.66.164/Test.php and you should see the PhP version page.
Configure MediaWiki
Browse to http://128.32.66.164/w/config/index.php, and set the following setting:
WikiName: HaasPhDWiki Contact: kimg@haas.berkeley.edu Admin password and dbase password: cheit All other settings as default (you do have superuser on the dbase so tick that box)
Now move the LocalSettings.php file, change the permissions, and remove the config directory.
cp config/LocalSettings.php LocalSettings.php chmod 600 LocalSettings.php chown apache LocalSettings.php mkdir /mnt/ed/configbak cp -r ./config /mnt/ed/configbak/ rm -rf ./config
You can now view your Wiki at http://128.32.66.164/w/index.php
We will now do the extensions and fine detail configuration.
Data
For lamp:
- Import Wiki pages
- Change links to pdfs and repository files