Saturday, February 25, 2012

Basic OpenVz Commands


1] To Start the VPS.
[root@server ~]# vzctl start 101

2] To Stop the VPS.
[root@server ~]# vzctl stop 101

3] To stop the VPS quickly and forcefully.
[root@server ~]# vzctl stop 101 –fast

4] To restart the VPS.
[root@server ~]# vzctl restart 101

5] To destroy VPS.
[root@server ~]# vzctl destroy 101 (good idea to stop it first)

6] To enter into VPS.
[root@server ~]# vzctl enter 101

7] To logout from VPS.
[root@101 ~]# exit

8] To display the list of active VPS's.
[root@server ~]# vzlist

9] To display the list of all VPS.
[root@server ~]# vzlist -a

10] To check the status of a VPS.
[root@server ~]# vzctl status 101

11] To show resource usage on VPS.
[root@server ~]# vzcalc -v 101

12] Execute commands against the VPS.
[root@server ~]# vzctl exec 101 df -h

13] To set the Hostname of a VPS.
[root@server ~]# vzctl set 101 --hostname server.linuxhome.in --save

14] To set new IP to the VPS.
[root@server ~]# vzctl set 101 --ipadd 192.168.1.1 --save

15] To remove IP of VPS.
[root@server ~]# vzctl set 101 --ipdel 192.168.1.1 --save

16] To set the nameserver for VPS.
[root@server ~]# vzctl set 101 --nameserver 192.168.1.254 --save

17] To set root password of VPS.
[root@server ~]# vzctl set 101 --userpasswd root:test
18] To set boot status.
[root@server ~]# vzctl set 101 --onboot yes --save

19] To check CPU Power and Utilization.
[root@server ~]# vzcpucheck -v

20] To set the number of CPUs available to a VPS.
[root@server ~]# vzctl set 101 --cpus 2 --save

21] To set the minimum and maximum CPU limits.
[root@server ~]# vzctl set 101 --cpuunits 1500 --cpulimit 4 --save

22] To check Container's Resources Usage.
[root@server ~]# vzcalc -v 101

23] To set quota & hardisk space.
[root@server ~]# vzctl set 101 --diskspace 10G:11G --save

24] To check the disk quota of a VPS.
[root@server ~]# vzquota stat 101 -t

25] To check memory consumption.
[root@server ~]# vzmemcheck -v

26] To assign disk inodes.
[root@server ~]# vzctl set 101 --diskinodes 90000:91000 --save

27] To run yum update on VPS.
[root@server ~]# vzyum 101 -y update

28] To install package using yum on VPS.
[root@server ~]# vzyum 101 -y install vsftpd*

29] To install package using rpm on VPS.
[root@server ~]# vzrpm 101 -Uvh vsftpd*

30] To find out the templates installed on your system.
[root@server ~]# vzpkgls
Posted by at No comments:

Install OpenVz on RedHat


Introduction:-
OpenVZ is a complete server automation and virtualization software. OpenVZ creates multiple isolated Virtual Private Servers (VPSs) on a single physical server to share hardware and management effort with maximum efficiency. Each VPS performs and executes exactly like a stand-alone server for its users and applications as it can be rebooted independently and has its own root access, users, IP addresses, memory, processes, files, applications, system libraries, and configuration files.

Note:- Following steps I have used to install OpenVz on Red Hat Enterprise Linux 5.4 [32 bit].

Per quest:-
  • Configure IP = 192.168.1.1 & Hostname = server.rootuser.in
  • Create separate partition for container's private directories i.e. /vz.
  • Firewall and Selinux should be off.
  • Download Kernel and OpenVz Utilities from following link and save it on Desktop & also download precreate OS template.

Kernel Download link = http://wiki.openvz.org/Download/kernel/rhel5/
vzctl utility = http://wiki.openvz.org/Download/vzctl
vzctl-lib=http://download.openvz.org/utils/vzctl/3.0.30.2/vzctl-lib-3.0.30.2-1.i386.rpm
vzquota utility = http://wiki.openvz.org/Download/vzquota
OS template = http://download.openvz.org/template/precreated/

Install OpenVz on redhat:-
1] Install kernel binary rpm.
[root@server ~]# cd Desktop
[root@server Desktop]# rpm -i ovzkernel-2.6.18-274.12.1.el5.028stab096.1.i686

2] There are a number of kernel limits that should be set for OpenVZ to work correctly.
Edit and append sysctl.conf file.
[root@server ~]# vi /etc/sysctl.conf
net.ipv4.ip_forward = 1
net.ipv4.conf.default.proxy_arp = 0
# Enables source route verification
net.ipv4.conf.all.rp_filter = 1
kernel.sysrq = 1
# we do not want all our interfaces to send redirects
net.ipv4.conf.default.send_redirects = 1
net.ipv4.conf.all.send_redirects = 0
:wq

3] To apply changes use following command.
[root@server ~]# sysctl -p

4] Make sure SELinux is disabled.
[root@server ~]# vi /etc/sysconfig/selinux
SELINUX = disabled
:wq

5] Now, you should reboot your computer and choose "OpenVZ" kernel from the boot loader menu.

[root@server ~]# reboot

6] Install opevz utilities.
[root@server ~]# cd Desktop
[root@server Desktop]# rpm -ivh vzctl-lib-3.0.30.2-1.i386.rpm
[root@server Desktop]# rpm -ivh vzctl-3.0.23-1.i386.rpm
[root@server Desktop]# rpm -ivh vzquota-3.0.12-1.i386.rpm

7] Start vz service.
[root@server ~]# service vz start
[root@server ~]# chkconfig –level 235 vz on

Creating New Virtual Private Server:-

1] Download the corresponding OS template and place it to the /vz/template/cache directory of the physical machine.

2] Create new VPS by using following command.
Syntax :- # vzctl create <Container ID> --ostemplate <templage name> --config basic
Example :-
[root@server ~]# vzctl create 101 --ostemplate centos-5-x86 --config basic

This will create a Virtual Private Server with ID 101, the private area based on

the centos-5-x86 OS template.

3] To check container is created or not.
[root@server ~]# vzlist -a
Posted by at No comments:

Monday, February 20, 2012

SSH Server Configuration with Advance Option


Introduction:-
ssh is a program for logging into a remote machine and for executing commands on a remote machine. It is intended to replace rlogin and rsh, and provide secure encrypted communications between two untrusted hosts over an insecure network. The ssh client connects and logs into the specified host name. The user must provide his identity to the remote machine as specified in the sshd_config file, which can usually be found in /etc/ssh directory.

Per quest:-
  • Configure Server IP – 192.168.1.1 & Hostname = server.rootuser.in
  • Configure Client IP – 192.168.1.10 & Hostname = client.rootuser.in
  • Firewall should be off on server.
SSH Server Side Configuration:-
1] Three packages require to configure SSH server.
[root@server ~]# yum install openssh-server portmap xinetd

2] Now start the service sshd, xinetd, portmap
[root@server ~]# service sshd start
[root@server ~]# service xinetd start
[root@server ~]# service portmap start

3] Now make these service's on after reboot by using chkconfig command.
[root@server ~]# chkconfig –level 235 sshd on
[root@server ~]# chkconfig –level 235 xinetd on
[root@server ~]# chkconfig –level 235 portmap on

4] Create new user's.
[root@server ~]# useradd anup
[root@server ~]# passwd anup
[root@server ~]# useradd shubham
[root@server ~]# passwd shubham

SSH Client Side Configuration:-
1] Check communication with server.
[root@client ~]# ping 192.168.1.1

2] Now conncet SSH server using ssh command with root username & password.
[root@client ~]# ssh root@192.168.1.1

Advace SSH Server Configuration:-
  • Block access to root user over ssh session, By default root user able to login through ssh.
1] Edit option from main configuration file.
[root@server ~]# vi /etc/ssh/sshd_config
From - #PermitRootLogin no --> PermitRootLogin yes
    • Save file and restart sshd service and try to login from client using root user.
2] Change default port no. (22) of ssh service.
[root@server ~]# vi /etc/ssh/sshd_config [ Remove port no. from following line & add new one.]
# What ports, IPs and protocols we listen for
From - Port 22 --> Port 2705
[root@server ~]# service sshd restart
    • To Login with new port number we have to use -p option with new port no.
[root@client ~]# ssh root@192.168.1.1 -p 2705

3] SSH logins can be limited to only certain users who need remote access.
[root@server ~]# vi /etc/ssh/sshd_config [ Add following line at end of file. ]
AllowUsers anup shubham
:wq

4] Disconnect network after 3 invalid login attempt.
[root@server ~]# vi /etc/ssh/sshd_config [ Edit following line & Restart sshd service ]
From:- #MaxAuthTries = 6 To:- MaxAuthTries = 3
:wq

 5] Restrict SSH access by IP address/hostname.
[root@server ~]# vi /etc/hosts.deny [ Insert the following line at end of file ]
sshd:  192.168.1.10   OR
sshd: client.rootuser.in
:wq
[root@server ~]# service sshd restart










Posted by



at





No comments:
  


































          

        

          

        

Wednesday, February 08, 2012


          

        









Apache with DNS Server











  


Introduction:-
  The DNS translates Internet domain and host names to IP addresses. DNS automatically converts the names we type in our Web browser address bar to the IP addresses of Web servers hosting those sites.  Domain Name System to determine the IP address associated with a domain name. This process is also known as forward DNS resolution. Reverse DNS lookup is the inverse process, the resolution of an IP address to its designated domain name.



Requirement:-
  • Package  = bind, caching, httpd
    • 

  • Service  = named, httpd
    • 

  • Port  no. = 53 – DNS, 80 – HTTP
    • 

  • Configuration  file = /etc/named.caching-nameserver.conf
           /etc/named.rfc1912.zones
           /etc/httpd/conf/httpd.conf
    • 

Per quest:-
  • Configure Server IP -  192.168.1.1
    • 

  • Configure Virtual IP –  192.168.1.10 & 192.168.1.20
    • 

  • Configure Server Hostname –  server.rootuser.in
    • 

Configure DNS Server:-
1] Install required packages for DNS.
[root@server ~]# yum install bind* caching* -y



2] Edit main configuration file of DNS.
[root@server ~]# vi /etc/named.caching-nameserver.conf
listen-on port 53 { 127.0.0.1; 192.168.1.1;};
allow-query { none; 192.168.1.0/24;};
match-clients { none; 192.168.1.0/24;};
:wq



3] Add the website zone in rfc1912.zones file.
[root@server ~]# vi /etc/named.rfc1912.zones
#Go to end of the file and type as follows.
zone “rootuser.in” IN {
 type master;
 file “localhost.zone”;
 allow-update { none; };
};
zone “anup.com” IN {
 type master;
 file “localhost.zone”;
 allow-update { none; };
};
zone “shubham.com” IN {
 type master;
 file “localhost.zone”;
 allow-update { none; };
};
zone “1.168.192.in-addr.arpa” IN {
 type master;
 file “named.local”;
 allow-update { none; };
};
:wq



4] Now configure zone files.
[root@server ~]# cd /var/named/chroot/var/named
[root@server named]# cp localhost.zone localhost.zone.backup
[root@server named]# vi localhost.zone
$TTL 86400
@           SOA         server.rootuser.in.       root (
                                               42  ; serial
                                                 3H  ; refresh
                                                 15M  ; retry
                                                 1W  ; expiry
                                                 1D )  ; minimum
                                 IN NS  server.rootuser.in.
rootuser.in                IN A  192.168.1.1
www.anup.com         IN A  192.168.1.10
www.shubham.com  IN A  192.168.1.20
:wq



[root@server named]# cp named.local named.local.backup
[root@server named]# vi named.local
$TTL 86400
@          SOA         server.rootuser.in.      root.localhost.  (
                                               1997022700 ; Serial
                                               28800         ; Refresh
                                               14400         ; Retry
         
                                               3600000       ; Expiry
                                            86400 )       ; Minimum
             IN  NS server.rotuser.in.
1            IN PTR server.rootuser.in.
10          IN  PTR www.anup.com.
20          IN PTR www.shubham.com.
:wq



[root@server named]# cd



5] Set primary DNS server.
[root@server ~]# vi /etc/resolv.conf
nameserver 192.168.1.1
:wq



6] Start named service.
[root@server ~]# service named start
[root@server ~]# chkconfig named on



7] Use following command to test DNS server.
[root@server ~]# dig server.rootuser.in
[root@server ~]# dig www.anup.com
[root@server ~]# dig www.shubham.com
[root@server ~]# nslookup anup.com
[root@server ~]# nslookup shubham.com



Configure Aapche Web Server:-
8] Now install packeges for apache web server.
[root@server ~]# yum install http* -y



9] Edit & Append the following line in httpd.conf file.
[root@server ~]# vi /etc/httpd/conf/httpd.conf
#Name VirtualHosts  *:80  --> Name VirtualHosts  192.168.1.1:80



#Go to end of file.
<VirtualHost 192.168.1.1:80>
 ServerAdmin root@server.rootuser.in  
 DocumentRoot /var/www/html/rootuser.in
 ServerName server.rootuser.in
 DirectoryIndex index.html
</VirtualHost>



<VirtualHost 192.168.1.1:80>
 ServerAdmin root@server.rootuser.in
 DocumentRoot /var/www/html/anup.com
 ServerName www.anup.com
 DirectoryIndex index.html
</VirtualHost>



<VirtualHost 192.168.1.1:80>
 ServerAdmin root@server.rootuser.in
 DocumentRoot /var/www/html/shubham.com
 ServerName www.shubham.com
 DirectoryIndex index.html
</VirtualHost>
:wq



10] Create web pages for website.
[root@server ~]# cd /var/www/html
[root@server html]# mkdir rootuser.in anup.com shubham.com
[root@server ~]# cd rootuser.in
[root@server rootuser.in]# cat > index.html
<b><font size=15 color=orange><center>This is Rootuser.in</center></font></b>
^+d



[root@server rootuser.in]# cd ..
[root@server html]# cd anup.com
[root@server anup.com]# cat > index.html
<b><font size=15 color=blue><center>This is Anup.com</center></font></b>
^+d



[root@server anup.com]# cd ..
[root@server html]# cd shubham.com
[root@server shubham.com]#  cat > index.html
<b><font size=15 color=green><center>This is Shubham.com</center></font></b>
^+d
[root@server shubham.com]# cd



11] Start httpd service.
[root@server ~]# service httpd start
[root@server ~]# chkconfig httpd on



12] Point your Web Browser to following URL.
http://server.rootuser.in
http://www.anup.com
http://www.shubham.com










Posted by



at





No comments:
  


































        

      









Subscribe to:
Posts (Atom)