wiki:BetaSetup

Beta box

beta.klp.org.in is the physical server that hosts a lot of the Akshara internal services. Currently it hosts

OS setup

The box runs an Debian Squeeze AMD64 Xen kernel. dom0 is Xen 4.1. Setting up the box was a bit tricky as it had to be done over an IPMI console from the EMS box. The IPMI viewer is available from http://www.nettigritty.com/downloads/IPMIView20-Win32_v2.7.15_Build100720.exe. The IP address for the KVM console is 10.28.30.131.

To establish a VPN to the Nettigritty internal network, you need to use Windows. Go to https://sslvpn.seattle-datacenter.com/ and start the VPN client there. You can also go to http://10.28.30.131 and get a console using a Java applet. Please contact Shivangi/Alok? for login details.

The VPN tunnel is almost unsable if typing is needed. Keys will repeat and it is impossible to use the arrow keys. This is why the IPMI client was used from the EMS box. This box has been sunsetted and if we need console access an alternative plan will have to be made. There are no options on the table right now.

LVM

The box has twin 500GB SATA disks. There are three volume groups (each 250GB in size)

  • base
  • raid
  • vms

The raid volume group is backed by software RAID-1. This is mounted on /srv and should be used for all critical data. The base volume group holds the OS and the home directories. The vms vg should be used for all the xen images.

Network

The box has two NICs. The IPs available to us are 173.192.162.64-71. The primary public IP is 173.192.138.66. The two interfaces are setup as:

# The loopback network interface
auto lo
iface lo inet loopback

# Private interface
auto eth0
iface eth0 inet static
        address 10.28.30.130
        netmask 255.255.255.192
        #gateway 10.28.30.129
        up ip route add 10.0.0.0/8 via 10.28.30.129     

# Public interface
# We also have static IPs 173.192.138.64-71
allow-hotplug eth1
iface eth1 inet static
        address 173.192.138.66
        netmask 255.255.255.224
        network 173.192.138.64
        broadcast 173.192.138.95
        gateway 173.192.138.65
        # dns-* options are implemented by the resolvconf package, if installed
        dns-nameservers 8.8.8.8
        dns-search interactivedns.com

Traffic on the internal IPs is unmetered and does not count against the monthly quota. Our available IPs can be allocated via virtual eth1 interfaces.

Packages

The attached file plist.txt contains the packages that aptitude will need to replicate this box. The list was created as

 $ aptitude search -F '%100p' '~i!~M' > plist.txt

To replicate the setup on a new box:

 # xargs aptitude --schedule-only install < plist.txt
 # aptitude install

Apt cacher

apt-cacher-ng is used to provide a caching proxy for all the apt needs of the VMs. No configuration is necessary. The proxy will be available on port 3142.

Xen

Edit /etc/xen/xend-config.sxp to bring up the vif bridge. Create images using xen-create-image from xen-tools. The invocations are listed within each VM section below.

After setting up the VM, there is some housekeeping to be done. The script below will take care of it

adduser --ingroup staff alok
vi /etc/hosts # Add an entry for dom0 (173.192.138.66)
cat > /etc/apt/apt.conf.d/02proxy
Acquire::http::Proxy "http://dom0:3142";
^D
apt-get update && apt-get install sudo
for i in sudo adm www-data dialout fax modem cdrom floppy tape audio dip src video users
do
    adduser alok $i
done

KLP WWW

To create:

# xen-create-image --hostname=www.klp.org.in --ip=173.192.138.69 --gateway=173.192.138.65 --lvm=vms \
--dist=squeeze --memory 2Gb --netmask=255.255.255.224 --broadcast=173.192.138.95 --swap 128Mb \
--size 32Gb --mirror=http://localhost:3142/debian --passwd

Launch with a console as:

# xm create www.klp.org.in.cfg -c

Run the above mentioned housekeeping script. FIXME: Automate this.

Packages needed

libtext-csv-perl libtext-csv-xs-perl python-webpy postgresql-8.4 postgresql-8.4-postgis postgresql-contrib-8.4 \
postgis apache2 bash-completion libapache2-mod-wsgi python-jsonpickle

Postgres Setup new (on Ubuntu 12.04 LTS)

  1. Confirm that you are on Ubuntu 12.04 LTS
    $ cat /etc/issue
    Ubuntu 12.04.4 LTS \n \l
    
  1. Edit the pgdg.list file and add the appropriate lines
$ sudo vim /etc/apt/sources.list.d/pgdg.list

and add the this line.

deb http://apt.postgresql.org/pub/repos/apt/ precise-pgdg main
  1. Get the apt-repository keys and add them locally
    $ wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add -
    
  1. Refersh the repository cache with the new package names
$ sudo apt-get update
  1. Install the postgres server, pgadmin3 (if required), postgis extensions and dblink extensions
$ sudo apt-get install postgresql-9.3
$ sudo apt-get install pgadmin3
$ sudo apt-get install postgresql-9.3-postgis-2.1
$ sudo apt-get install postgresql-contrib-9.3

For EMS DB

login to the db using psql

klpproduction# create role klpproduction login superuser

for klpwww db

klpwww# create role web superuser login
klpwww# create role klp superuser createdb login;
===  ===

Postgres setup (old - kept only for legacy reasons)Edit /etc/postgresql/8.4/main/postgresql.conf and point data_directory to /srv/postgresql/8.4/main. Copy everything in /var/lib/postgresql/8.4/main to /srv/postgresql/8.4/main chown & chgrp -R postgres postgresql/ (inside the /srv folder) Chmod 700 main (inside /srv/postgresql/8.4/ folder)

Create the klp user who will own the DBs

$ sudo -u postgres createuser -S -D -R -E -P klp

Similarly, create a web user who will have just enough privileges to read the data. Setup ident auth for your user for the above two users in pg_ident.conf if you wish to. Changes to the pg_hba.conf:

# Database administrative login by UNIX sockets
local   all         postgres                     ident
# "local" is for Unix domain socket connections only
local   all         all                               ident map=akmap

Fix the encoding problem that arises if locale is not setup right.

$ sudo -u postgres pg_dropcluster --stop 8.4 main
$ sudo -u postgres pg_createcluster --start -e UTF-8 8.4 main

If this does not work / corrupts the postgres installation follow - notes from comments here or rebuilding the template as here

To export the Share your story data,

$ pg_dump -U klp -d klpwww -t tb_sys_data -t tb_sys_qans -t tb_sys_images -f sys.dmp

This can be imported into the new DB using pg_restore.

CGit

To create:

# xen-create-image --hostname=git.klp.org.in --ip=173.192.138.68 --gateway=173.192.138.65 --lvm=vms \
--dist=squeeze --memory 256Mb --netmask=255.255.255.224 --broadcast=173.192.138.95 --swap 128Mb \
--size 2Gb --mirror=http://localhost:3142/debian --passwd

Launch with a console as:

# xm create git.klp.org.in.cfg -c

Run the above mentioned housekeeping script. FIXME: Automate this. xen-tools can help.

There's an [ITP http://bugs.debian.org/515793] for Debian but it's blocked by cgit's static linking of libgit. Until then, use the unofficial packages from http://debian.stbuehler.de/. Install lighttpd to serve as the web frontend. The lighty config is:

$HTTP["host"] == "git.klp.org.in" {
    alias.url = (
        "/static/" => "/usr/share/cgit/",
        "/" => "/usr/lib/cgi-bin/cgit.cgi",
    )
    url.rewrite-once = (
        "^/static/.*$" => "$0",
        "^/([^?/]+/[^?]*)?(?:\?(.*))?$" => "/?url=$1&$2",
    )
    cgi.assign = (
        "/usr/lib/cgi-bin/cgit.cgi" => "",
    )
}

CGit reads its configuration from /etc/cgitrc

Trac

# xen-create-image --hostname=trac.klp.org.in --ip=173.192.138.67 --gateway=173.192.138.65 --lvm=vms \
--dist=squeeze --memory 256Mb --netmask=255.255.255.224 --broadcast=173.192.138.95 --swap 128Mb \
--size 2Gb --mirror=http://localhost:3142/debian --passwd

Launch with a console as:

# xm create git.klp.org.in.cfg -c

Run the above mentioned housekeeping script. FIXME: Automate this.

Install apache2 to serve as the web-frontend and trac. The apache2 config is:

<VirtualHost *:80>
    ServerName trac.klp.org.in

    CustomLog /srv/trac/logs/access_log common
    ErrorLog /srv/trac/logs/error_log

    WSGIScriptAlias / /srv/trac/cgi-bin/trac.wsgi

    <Directory /srv/trac/cgi-bin>
        WSGIApplicationGroup %{GLOBAL}
        Order allow,deny
        Allow from all
    </Directory>

    <Location /login>
        AuthType Basic
        AuthName "KLP Trac"
        AuthUserFile /home/trac/klp/conf/trac.htpasswd
        Require valid-user
    </Location>

    # Private URLs
    <Location /wiki/KLPProblems>
        Order deny,allow
        Deny from all
        Allow from 122.166.0.102
    </Location>
    
    <Location /wiki/RebuildPositionPaper>
        Order deny,allow
        Deny from all
        Allow from 122.166.0.102
    </Location>
</VirtualHost>

Adding a note on BetaBackup

Last modified 4 years ago Last modified on 02/11/14 23:55:49

Attachments (1)

Download all attachments as: .zip