How to Install and configure Apache on Red Hat/Centos 6.x

How to Install and configure Apache on Red Hat/Centos 6.x

Apache is the most used web server on the Internet. It is reliable, fast, easy to set up, relatively secure and the Apache Foundation is on top of patches.

I thought you might want to see how easy and nice it is to work with it, so I decided to write a post.

I’ll show you how to get it installed, configured and set up a Name Based Virtual Host.

Packages Dependencies

·         httpd.x86_64

·         apr.x86_64                                   

·         apr-util.x86_64                                                      

·         apr-util-ldap.x86_64

·         httpd-tools.x86_64                      

·         mailcap.noarch

Install all packages

[root@centos63 dhcp]# yum install httpd.x86_64 apr.x86_64 apr-util.x86_64 apr-util-ldap.x86_64 httpd-tools.x86_64 mailcap.noarch –y

Once all the packages above have been installed, we can start configuring Apache.

Apache Configuration File

Apache main configuration files, reside on /etc/httpd/conf.

On Red Hat based distributions, Apache is named ‘httpd’, and its configuration files are located on /etc/httpd, its logs are stored on /var/log/httpd and the actual content or the root directory is located on /var/www/html.

Let’s explore it

[root@centos63 dhcp]# cd /etc/httpd/conf

[root@centos63 conf]# ls -l

-rw-r--r-- 1 root root 34418 Dec  5 08:59 httpd.conf

[root@centos63 conf]# vi httpd.conf

 

Note: Apache config file is very extensive; it has directives for many things. I’ll show you how to get it up and running quickly. I’ll show you more complex things on other posts i.e. mod proxy and mod rewrite which are quite useful, I think.

 

Directives to set

Email

ServerAdmin root@localhost

Change it to your email address, for example:

ServerAdmin linux-up@ntlworld.com

Server Name

#ServerName www.example.com:80

Uncomment the line above and change it to your Server’s name. For example:

ServerName www.renpippa.co.uk

That is how easy it is to get it up and running.

Setting up a virtual host

If you have multiple websites being hosted on the same server and the server only has a single public IP address, virtual hosts will help you immensely. This is also called ‘Named-Based Virtual Hosts’

 

[root@centos63]# cd /etc

[root@centos63 etc]# vi /etc/hosts
192.168.1.34  centos63 centos63.adlinux.int www.centos63.co.uk www.renpippa.co.uk

[root@centos63]# mkdir /var/www/www.centos63.co.uk

[root@centos63]# touch /var/www/www.centos63.co.uk/index.html

[root@centos63]# echo “Welcome to WWW.CENTOS63.CO.UK”
> /var/www/www.centos63.co.uk/index.html

Note: Replace the names above with your Virtual Hosts Names, the name of the domains you with to host.

[root@centos63 conf]# vi /etc/httpd/conf/httpd.conf

Add the lines below to the bottom of the httpd.conf file, save and quit.

# Virtual Hosts Configuration

NameVirtualHost *:80

<VirtualHost *:80>

    ServerAdmin webmaster@www.centos63.co.uk
    DocumentRoot /var/www/www.centos63.co.uk
    ServerName www.centos63.co.uk
    ErrorLog logs/www.centos63.co.uk-error_log
    CustomLog logs/www.centos63.co.uk-access_log common
</VirtualHost>

Restart Apache

[root@centos63]# service httpd restart

Open your browser and test teh configuration. If you are using a different PC, you need to add the Domain name to your DNS, or edit your hosts file. If your PC is Linux, all you need is to edit /etc/hosts. If your PC is Windows based, you need to edit c:\windows\system32\drivers\etc\hosts.

 

I hope you enjoy it.

 

By Renato de Oliveira

How to Setup a DHCP Server on Red Hat/Centos 6.x

How to Setup a DHCP Server on Red Hat/Centos 6.x

DHCP stands for (Host Configuration Protocol). It is used to assign IP addresses automatically at boot time to network clients.

There are basically two ways of assigning IPs to Hosts or devices on any given network; manually or by using an automated method (DHCP Server).

This is my opinion based on past experience.

I think if your network is relatively small, between 10-50 hosts/devices, I would recommend using static IPs instead of a DHCP server. There are pros and cons in doing so.

For example if you need resiliency for your network you will need to start to think about redundancy for your DHCP server. There are options, but things start to become unnecessary complex. I know some sys admins; they use DHCP for everything, including servers. I just think it is not a good idea.

Package requirement

      ·         dhcp.x86_64
      ·         dhcp-common.x86_64

Installing packages

[root@centos63 ~]# yum install dhcp.x86_64 dhcp-common.x86_64 –y

Start-up DHCP service at boot time

[root@centos63 ~]# chkconfig --level 2345 dhcpd on
 
Use the sample configuration to start with

[root@centos63 ~]# vi /etc/dhcp/dhcpd.conf

Note: Copy and paste the lines below:

# Sample DHCP generated by Renato de Oliveira

# http://ukaying.blogspot.co.uk
# option definitions (Domain Name)
option domain-name "adlinux.int";

# Lease time and expiration

default-lease-time 600;
max-lease-time 7200;

# If this DHCP server is the official DHCP server for the local

# network, the authoritative directive should be uncommented.
authoritative;

# Use this to send dhcp log messages to a different log file (you also

# have to hack syslog.conf to complete the redirection).
log-facility local7;

# DHCP netwok and mask decalaration

subnet 192.168.1.0 netmask 255.255.255.0 {
  range 192.168.1.100 192.168.1.160;
  option routers 192.168.1.1;
  option domain-name-servers "192.168.1.22";
  option domain-name "adlinux.int";
}

# Fixed IP addresses can also be specified for hosts.  

host linadws01 {
  hardware ethernet 00:0c:29:eb:dc:90;
  fixed-address 192.168.1.160;
}

Note: Make sure you change this file to suit your needs. For example, remember to change Domain Name, IP Addresses, and Name Servers etc.

Start the DHCP Server Service

[root@centos63 ~]# service dhcpd start

Note: If the service fails to start, check /var/log/messages, it will give you a very good idea on what is wrong. Most the time it is syntax or typos.

Testing

On another Linux Server, change the file /etc/sysconfig/network-scripts/ifcfg-eth0 to use DHCP, see below:

[root@centos63 ~]# vi /etc/sysconfig/network-scripts/ifcfg-eth0

DEVICE=”eth0”

BOOTPROTO=dhcp
ONBOOT=yes

Reboot the Client

 

Watch the logs on the server

[root@centos63 ~]# tail –f /var/log/messages

You should see an output similar to the one below:

Apr 14 17:26:44 centos63 dhcpd: DHCPDISCOVER from 00:0c:29:eb:dc:90 via eth0

Apr 14 17:26:44 centos63 dhcpd: DHCPOFFER on 192.168.1.160 to 00:0c:29:eb:dc:90 via eth0
Apr 14 17:26:44 centos63 dhcpd: Dynamic and static leases present for 192.168.1.160.
Apr 14 17:26:44 centos63 dhcpd: Remove host declaration linadws01 or remove 192.168.1.160
Apr 14 17:26:44 centos63 dhcpd: from the dynamic address pool for 192.168.1.0/24
Apr 14 17:26:44 centos63 dhcpd: DHCPREQUEST for 192.168.1.160 (192.168.1.34) from 00:0c:29:eb:dc:90 via eth0
Apr 14 17:26:44 centos63 dhcpd: DHCPACK on 192.168.1.160 to 00:0c:29:eb:dc:90 via eth0

Still on the client, check:

 1.    Its IP address

[root@centos63 ~]# ifconfig

2.    Check its default gateway

[root@centos63 ~]# route –n

3.  Check the /etc/resolv.conf

[root@centos63 ~]#cat /etc/resolv.conf
; generated by /sbin/dhcpclient-script
search adlinux.int
nameserver 192.168.1.22

If you can confirm the results above, then you have successfully setup a DHCP server for your network. If you have problems, just keep an eye on /var/log/messages.

Hope you enjoyed this post.

By Renato de Oliveira  

How to set up an NFS server (Red Hat/Centos 6.x)

How to Install NFS Server on Red Hat/Centos 6.x

NFS stands for (Network File System) it is a mechanism used by UNIX like hosts to share files across networks. There are two versions mostly used NVFv3 and NFSv4 – there are many differences between both. I am not going to cover them.

NFS used to be dependent on a service called portmap and used port 111, which was a bit flaky. NFS is much more reliable and faster than it used to be; we can run it over TCP and across firewalls. I am not going to demonstrate it on this post.

I am not going to go over discussions about security, and how to lock down your NFS server, or open iptables ports. I assume your iptables will be off. Security is a very complex and deep subject. My intention is only to give you the knowledge to set up an NFS quickly and start using it.

Perhaps I’ll write another post on how to secure your NFS server.

Packages requirement

·         nfs

·         nfslock

·         rpcbind

The following RPC processes facilitate NFS services:

·         rpc.mountd

·         rpc.nfsd

·         lockd

·         rpc.statd

·         rpc.rquotad

·         rpc.idmapd

Installing Packages

·         nfs-utils.x86_64

·         nfs-utils-lib.x86_64

·         rpcbind.x86_64

[root@centos63 ~]# yum install nfs-utils.x86_64 nfs-utils-lib.x86_64 rpcbind.x86_64 –y

Services to start at boot time

You need to make sure some important services are running.

 

[root@centos63 ~]# chkconfig --level 2345 rpcbind on

[root@centos63 ~]# chkconfig --level 2345 nfs on

[root@centos63 ~]# service rpcbind start

[root@centos63 ~]# service nfs start

 

Setting up the NFS export

[root@centos63 ~]# mkdir /nfs

[root@centos63 ~]# vi /etc/exports   

 

Add the line below, save and quite the file

/nfs    *(rw)

 

Note: The line about means - export /nfs folder to any client with read and write permissions.

I advise locking it down a bit and export it to your subnet, or single IPs.

[root@centos63 ~]# exportfs –a

[root@centos63 ~]# exportfs

/nfs            <world>

Note: The above command will export your folder configuration.

 

Let’s test it?!

[root@centos63 ~]# mount -t nfs localhost:nfs /media/

[root@centos63 ~]# df -h

Filesystem            Size  Used Avail Use% Mounted on

/dev/mapper/VolGroup-lv_root

                       47G  1.2G   44G   3% /

tmpfs                 499M     0  499M   0% /dev/shm

/dev/sda1             485M   73M  387M  16% /boot

localhost:nfs          47G  1.2G   44G   3% /media

It works; see the line in red above. This tells us that the file system /nfs is mounted on /media from host ‘localhost’, which is just the same server.

I hope you enjoy this post.

I will at some point write about more complex scenarios, but I would like to give you the initial knowledge, so you can get up and running quickly.

 

By Renato de Oliveira

Red Hat commands and tips (Part1)

Red Hat commands and tips (Part1)

There are many commands on Linux and many different ways of doing things.
There are some commands which are important to know and ways of piping them to give you a best result.

I am going to cover some commands which I find interesting and how to best use them.

I would like to point out that some of these commands you will be able to use in any distro, but some are Red Hat/Centos/Fedore specific.

Check which services are enables on runlevel 3
[root@centos63 ~]# chkconfig --list | grep 3:on
auditd          0:off   1:off   2:on    3:on    4:on    5:on    6:off
crond           0:off   1:off   2:on    3:on    4:on    5:on    6:off
ip6tables       0:off   1:off   2:on    3:on    4:on    5:on    6:off
iptables        0:off   1:off   2:on    3:on    4:on    5:on    6:off
Check services on runlevel 3, output process name and runlevel 3
[root@centos63 ~]# chkconfig --list | grep 3:on | awk '{print $1,$5}'
auditd 3:on
crond 3:on
ip6tables 3:on
iptables 3:on
lvm2-monitor 3:on
Disable service (smb - samba) from runlevel 3
[root@centos63 ~]# chkconfig --level 3 smb off

Enable service to start on runlevel 3
[root@centos63 ~]# chkconfig --level 3 smb on

Start, Stop and re-start services
[Start]
[root@centos63 ~]# service smb start
Starting SMB services:                                     [  OK  ]
[Stop]
[root@centos63 ~]# service smb stop
Shutting down SMB services:                                [  OK  ]
[Re-start]
[root@centos63 ~]# service smb restart
Shutting down SMB services:                                [  OK  ]
Starting SMB services:                                     [  OK  ]
Find the IP addresses of your Linux server (only IPs)
[root@centos63 ~]#ifconfig | grep "inet addr" | awk '{print $2}' | cut -d : -f 2
192.168.1.34
127.0.0.1
How to bring eth0 interface down
[root@centos63 ~]# ifdown eth0
Note: Be careful if you are logged via SSH, it will drop the connection.

How to bring eth0 interface up
[root@centos63 ~]# ifup eth0

How to set a default Gateway
[root@centos63 ~]# route add default gw 192.168.1.1

How to delete a default gateway
[root@centos63 ~]# route del default gw 192.168.1.1
How to add a static route to netwotk 192.168.3.0/24
[root@centos63~]# route add -net 192.168.3.0 netmask 255.255.255.0 gw 192.168.1.1

Check File System usage (human readable)
[root@centos63 ~]# df -h
Filesystem            Size  Used Avail Use% Mounted on
/dev/mapper/VolGroup-lv_root
                       47G  1.1G   44G   3% /
tmpfs                 499M     0  499M   0% /dev/shm
/dev/sda1             485M   52M  408M  12% /boot

Check free memory
[root@centos63 ~]# free -m
             total       used       free     shared    buffers     cached
Mem:           996        121        875          0          7         44
-/+ buffers/cache:         69        927
Swap:         2015          0       2015
Check all running processes
[root@centos63 ~]# ps -eaf
UID        PID  PPID  C STIME TTY          TIME CMD
root         1     0  0 20:40 ?        00:00:01 /sbin/init
root         2     0  0 20:40 ?        00:00:00 [kthreadd]
root         3     2  0 20:40 ?        00:00:00 [migration/0]
root         4     2  0 20:40 ?        00:00:00 [ksoftirqd/0]
root      1207  1054  0 21:53 ?        00:00:00 sshd: root@pts/0
root      1209  1207  0 21:54 pts/0    00:00:00 -bash
root      1288     1  0 22:09 ?        00:00:00 smbd -D
root      1290  1288  0 22:10 ?        00:00:00 smbd -D
root      1373  1163  0 22:20 tty1     00:00:00 -bash
postfix   1447  1131  0 22:20 ?        00:00:00 pickup -l -t fifo -u
Check if specific process is running
[root@centos63 ~]# ps -eaf | grep smb
root      1288     1  0 22:09 ?        00:00:00 smbd -D
root      1290  1288  0 22:10 ?        00:00:00 smbd -D
root      1461  1209  0 22:31 pts/0    00:00:00 grep smb
Check all open TCP ports on your Server
[root@centos63 ~]# netstat -ant
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address               Foreign Address             State
tcp        0      0 127.0.0.1:199               0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:22                  0.0.0.0:*                   LISTEN
tcp        0      0 127.0.0.1:25                0.0.0.0:*                   LISTEN
tcp        0     52 192.168.1.34:22             192.168.1.33:55348          ESTABLISHED
tcp        0      0 :::139                      :::*                        LISTEN
tcp        0      0 :::22                       :::*                        LISTEN
tcp        0      0 :::445                      :::*                        LISTEN
There are many very useful commands, these a just some of the commands and combinations I use.
If you found this useful, let me know and I will write some more useful commands to share with you.

Hope you have enjoyed.

by Renato de Oliveira

Linux (Red Hat/Centos) post Install tasks

Linux (Red Hat/Centos) post Install tasks


I assume if you are setting up a Linux server, there must be a purpose, a new service you need to deploy, you want to learn it, you want to test it etc.

 

Once you have successfully installed your Red Hat/Centos server, there are few things you need to set, and think ahead.

 

I recommend before you set to install your new server to take some time to think it through.

There are some questions you need to think about, some of them below:

Note: By no means is this a comprehensive list, it is just some ideas.

 

1.       What is the purpose of the (new) server?

·          Test, Production, learning

2.       What application the (new) server will host?

·          Web, DNS, FTP, Mail, Custom app

3.       Will the server face the Internet?

·         web app, DNS

4.       How will it be exposed to the Internet?

a.       Directly (with a Public IP)

Via a proxy (Behind a proxy sock or similar)

b.      Behind a physical Firewall (Juniper, Cisco) Being NATted

c.       Positioning of the server on your network (LAN v DMZ)

Note: If your server needs to face the Internet, I think it is a good idea to isolate it from the LAN.

5.       What Partition layout and how big each should be

I think it is always a good idea to separate the following File Systems:

                /boot – normally 100MB – you can give more if you want to

                /tmp - depending on the system 2GB is a good starting point

                /swap – depending how much memory you have etc.

                Note: Some guys like giving twice the RAM memory size. If you have enough

Memory you will not need to worry about /swap too much

                /var – a good starting point is 5GB

                /home – depending if you will be hosting users and what your users will be doing

                /usr – 5-10GB is ok (it all depends, how the server will be used, where the

                Application will be installed etc.

/ (the root file system is very important not to run out of space here.

Note: Depending on the server’s role, the level of security you need to apply to certain partitions differ. i.e /tmp need extra care if you have web applications.

 

6.       What services should be left running

I am in favour of, if the service is not needed, then it should not be enabled.

This is a good practice, for stability and security.

7.       What IP address will be assigned to the server

If your ISP provided you with a single Public IP, then you have no choice. If you on the other hand you will be protecting the server behind a Firewall. Just plan it, use private IPs.

Place the server in a different sub-net; I tend to use 192.168.0.0/24 or 172.16.0.0/24.

Split the range into separate blocks, assign blocks to different servers and services. For example: 192.168.1.1-10 to web servers, 192.168.11-30 to database servers etc.

8.       What name to give the server

There are many ways to create a name convention

9.       What Name servers to use

10.   The Default Gateway to access the Internet

11.   If you need to keep DATE/TIME in sync

 

I think I covered most things, but there is many more, depending how secure and reliable you want your server to be.

 

I start setting up the server name, see below:

Set Hostname

# cd /etc

# vi hosts

192.168.1.34  centos63 centos63.adlinux.int

 

# vi /etc/sysconfig/network (this is where you set the server name and the default gateway)

NETWORKING=yes

HOSTNAME=centos63.adlinux.int

GATEWAY=192.168.1.1

 

Set IP address

# vi /etc/sysconfig/network-scripts/ifcfg-eth0

DEVICE="eth0"

BOOTPROTO="static"

NM_CONTROLLED="no"

ONBOOT="yes"

TYPE="Ethernet"

IPADDR=192.168.1.34

NETMASK=255.255.255.0

 

Set Name servers

# vi /etc/resolv.conf

domain adlinux.int

search adlinux.int

nameserver 192.168.1.22

 

Just reboot your Linux server and all the changes will take affect at boot time.

 

There are many files which need to be set; it all depends on the role, of the server as already pointed out above. The configuration above is just the basic network configuration to get you up and running.

Don’t forget to plan, think it through, break it down into smaller tasks and take note of your plan, document it well otherwise when you need to revisit the configuration, you may not remember the reasons for setting things up the way you did.

 

Advice:

1.       Planning

2.       Documentation

3.       Backup

4.       Roll back

 

 

Hope you enjoy it.

 

By Renato de Oliveira