Setting up a linux webserver

[drag]

Coincidentally I'm reading a bit about Xen 3.0 right now. 3.0 coupled with the right hardware solutions from AMD and Intel should do the trick. But really, I'm more excited about the imminent G5 support. Now I just need some money...

Bah. Screw Apple hardware.

You can go out and get a IBM "OpenPower 710" machine with 1ghz of RAM (with ECC, too, full 8 memory slots aviable), 73gig Ultrascsi disk (with 4 hotswappable 3.5 drives slots), dual 1Gb/s lan ports, hotplug power, redundant hotplug cooling and 1.65ghz Power5 proccessor with 36MB cache, etc etc etc (basicly a reduced price Power server designed specificly for Linux OS)

For the about the same price (minus 200-300 bucks or so) as a dual 2.7ghz G5 with a measly 512megs of ram.

Plus then you don't have to deal with a silly kitchenware-looking OS.

Plus you get IBM's virtualization technology built into the actual hardware. It's good enough that you can run windows on it with a add-on PCI card with a Xeon proccessor.

 

[n0cmonkey]

Originally posted by: drag

Coincidentally I'm reading a bit about Xen 3.0 right now. 3.0 coupled with the right hardware solutions from AMD and Intel should do the trick. But really, I'm more excited about the imminent G5 support. Now I just need some money...

Bah. Screw Apple hardware.

You can go out and get a IBM "OpenPower 710" machine with 1ghz of RAM (with ECC, too, full 8 memory slots aviable), 73gig Ultrascsi disk (with 4 hotswappable 3.5 drives slots), dual 1Gb/s lan ports, hotplug power, redundant hotplug cooling and 1.65ghz Power5 proccessor with 36MB cache, etc etc etc (basicly a reduced price Power server designed specificly for Linux OS)

For the about the same price (minus 200-300 bucks or so) as a dual 2.7ghz G5 with a measly 512megs of ram.

Plus then you don't have to deal with a silly kitchenware-looking OS.

Plus you get IBM's virtualization technology built into the actual hardware. It's good enough that you can run windows on it with a add-on PCI card with a Xeon proccessor.

I don't mind a lot of the Apple hardware. I wouldn't be dualbooting, so I wouldn't have to deal with OS X (which I don't mind anyways).

And the OpenPower 710 I see is more expensive than the top of the line apple, which I wouldn't be able to afford anyhow.

Plus, I couldn't do the porting to a new platform. If I had the cash I'd send one to Canada though. :evil:

 

[drag]

The Power and PowerPC aren't as different as they used to be. IBM uses the terms interchangably and I think the prefered term is the 'Power Archatecture'.

For example my Debian install on my Apple laptop would run on a Power server, except for minor things like laptop specific stuff or things optimized for altivec and whatnot. There is even power-specific compiled kernels. Check out http://tuxppc.rz.uni-augsburg.de/doc/faq/

So if OBSD runs on PowerPC at least or hopefully PPC64 then it could run without much trouble on a Power5 machine.

There are two things for Openpower 710... openpower 710 and openpower 710 express. The non-express version is cheaper.
http://www-03.ibm.com/servers/eserver/openpower/hardware/710_9123710.html

I'd bet if the OpenBSD people asked very nicely IBM would send them a OpenPower machine. They could do software development on a Debian/Redhat system on one partition and have openbsd stuff running on others to help accelerate the port. Maybe play on the fact that OpenBSD has a high security record and would make a great firewall option (with network intrusion detection options!) for a Linux system running on the same machine.

 

[n0cmonkey]

Originally posted by: drag
The Power and PowerPC aren't as different as they used to be. IBM uses the terms interchangably and I think the prefered term is the 'Power Archatecture'.

For example my Debian install on my Apple laptop would run on a Power server, except for minor things like laptop specific stuff or things optimized for altivec and whatnot. There is even power-specific compiled kernels. Check out http://tuxppc.rz.uni-augsburg.de/doc/faq/

So if OBSD runs on PowerPC at least or hopefully PPC64 then it could run without much trouble on a Power5 machine.

There are two things for Openpower 710... openpower 710 and openpower 710 express. The non-express version is cheaper.
http://www-03.ibm.com/servers/eserver/openpower/hardware/710_9123710.html

Interresting. I was less worried about the kernel and more worried about the other underlying technologies.

I'd bet if the OpenBSD people asked very nicely IBM would send them a OpenPower machine. They could do software development on a Debian/Redhat system on one partition and have openbsd stuff running on others to help accelerate the port. Maybe play on the fact that OpenBSD has a high security record and would make a great firewall option (with network intrusion detection options!) for a Linux system running on the same machine.

They tried to get a laptop donated for an OpenSSH developer from IBM once. It took them like a year. :shocked:

Personally, I want a new desktop machine. :vroom;

 

[Nothinman]

No, it's just a fact for most servers out there. How many people are truly utilizing SELinux?

It's enabled by default in FC4 now, so probably a lot more than before. That's the one thing FC is good for, pushing out new things and shaking out the major bugs.

With clustering and HA downtime generally isn't necessary. Unless of course management has decided to hamstring you. Then you're screwed no matter what.

Depends on what it is. Spending 2x as much for a HA setup isn't always possible and in some cases (like one I was dealing with tonight) the HA sucks so bad that you still have to schedule downtime because you know things won't go right.

Every method of breaking out of a chroot I've seen requires root privs. and extra tools.

Maintenance should be minimal once it's setup. Hell, that stuff is default these days, isn't it?

The only place I know of that does chroot anything by default is OpenBSD, so no, for most people it's not setup by default.

If you setup SSH agent though the user should only have to type the password in once, so it isn't a big deal. Plus, things like kerberos may take most of the pain away.

Assuming they're using a decent client, I personally use ssh-agent because all of my systems run Linux. But I've never even considered hooking up an ssh-agent-like daemon on Windows.

I'm compiling constantly. Either things that aren't in the ports tree, or ports that cannot be made into a package and distributed (bad licenses), or ports that aren't distributed as packages as often. I also follow snapshots instead of real releases at home, so my package selections are a bit more sparse.

I stick to what's available in Debian unless there's a very good reason not to, and generally I can't think of a good reason to wander from their packages. Infact I think I only have 1 thing installed outside of Debian that's free software. The rest are things like Q3, ET, VMWare, etc. And hell, since the Q3 source has been released that might change in the future =)

Compiling things is so 1995, I'd rather not do it unless I have no other recourse.

 

[n0cmonkey]

Originally posted by: Nothinman
Assuming they're using a decent client, I personally use ssh-agent because all of my systems run Linux. But I've never even considered hooking up an ssh-agent-like daemon on Windows.

Setup an SSH gateway.

I stick to what's available in Debian unless there's a very good reason not to, and generally I can't think of a good reason to wander from their packages. Infact I think I only have 1 thing installed outside of Debian that's free software. The rest are things like Q3, ET, VMWare, etc. And hell, since the Q3 source has been released that might change in the future =)

Compiling things is so 1995, I'd rather not do it unless I have no other recourse.

OpenBSD doesn't have a million packages, and like I said snapshots don't usually get as many as full releases. Not much point in making alll packages if they have to be replaced in 2 days.

There are too many small projects out there that are interesting to me that don't have package maintainers. Hell, Debian doesn't even have packages for some of the things I've been playing with. :Q

 

[Nothinman]

OpenBSD doesn't have a million packages, and like I said snapshots don't usually get as many as full releases. Not much point in making alll packages if they have to be replaced in 2 days.

That's one of the reasons I run Debian, the number and quality of the packages. And there have been a few cvs packages in Debian in the past, being updated every few days or weekly. But I think they've all been phased out. If you want to run a CVS snapshot of a Debian package it's not too hard to grab the source from the Debian package, grab the CVS snapshot and build your own package.

There are too many small projects out there that are interesting to me that don't have package maintainers. Hell, Debian doesn't even have packages for some of the things I've been playing with.

I'm just getting way too lazy, if I don't find a package for something I generally don't use it unless there's an overwhelmingly good reason.

 

[anthony88guy]

Okay, I need to know what file system to install. I according to this website http://www.partimage.org I will be ok using the current file system FAT32. Any objections?

 

[n0cmonkey]

If you're using Linux you should use a Linux native filesystem. ext3 is probably one of the best to start with.

fat32 is crap. It doesn't handle journalling (or similar methods to keep the filesystem from dying), permissions, or large files.

 

[anthony88guy]

Could you suggest a good (free) partition management program, I've tried Partition Magic 8.0 but it wouldn?t work. When I try and apply desired changes it wouldn?t execute the requested task.

 

[Brazen]

gparted?

 

[Nothinman]

The installer should let you repartition the drive, are you blowing the whole thing away or trying to make room next to an existing OS?

 

[anthony88guy]

Im merging 5 pattitions into 1, and changing the file system.

 

[hooflung]

Originally posted by: n0cmonkey

Originally posted by: Nothinman

downloading and compiling apache from the command line is easy and lot more intuitive than from a gui. also it would negate the need for a KVM, since you could just SSH in.

Compiling nothing is intuitive, you need a lot more packages installed (compilers, dev headers, etc) and deciphering compiler errors can be difficult for even someone who know what they're doing. it's infinitely simpler to type 'apt-get install apache2' or 'aptitude install apache2' or even run aptitude and browse around the package lists.

There is no reason not to have development packages installed on the system anyways. But using the native package management is always better.

Until someone hacks your system due to n00bie management then recompiles the kernel with a root kit...

 

[hooflung]

Originally posted by: anthony88guy
Im merging 5 pattitions into 1, and changing the file system.

Ubuntu and Debian Sarge 3.1 will let you destroy partitions and create a new one during install time. You should make 3 partitions : boot ( denoted as /boot ), root ( denoted as / ), and a Swap.

/boot should ~32MB
swap should ~ 1024MB
/ rest of file system

There are better ways to setup a webserver partition scheme but this will be easiest for you.

Think of / as c: and /boot as a directory in c: that has its own partition.

 

[Nothinman]

Im merging 5 pattitions into 1, and changing the file system.

That doesn't really answer my question, do you want/need to keep the data on those partitions? Why not just delete those 5 and create new ones?

Until someone hacks your system due to n00bie management then recompiles the kernel with a root kit...

They'll need to already be root to install any kernel modules for the rootkit and once they're root the box is lost anyway. Not having a compiler or development packages installed means they have more work to do to become root since compiling their exploits won't work OOTB.

 

[n0cmonkey]

Originally posted by: hooflung

Originally posted by: n0cmonkey

Originally posted by: Nothinman

downloading and compiling apache from the command line is easy and lot more intuitive than from a gui. also it would negate the need for a KVM, since you could just SSH in.

Compiling nothing is intuitive, you need a lot more packages installed (compilers, dev headers, etc) and deciphering compiler errors can be difficult for even someone who know what they're doing. it's infinitely simpler to type 'apt-get install apache2' or 'aptitude install apache2' or even run aptitude and browse around the package lists.

There is no reason not to have development packages installed on the system anyways. But using the native package management is always better.

Until someone hacks your system due to n00bie management then recompiles the kernel with a root kit...

Read the rest of the thread, that's not a valid reason.

 

[anthony88guy]

Im merging 5 pattitions into 1, and changing the file system.

That doesn't really answer my question, do you want/need to keep the data on those partitions? Why not just delete those 5 and create new ones?

I have already deleted all the data on these partition by reformating it in windows XP.

Ubuntu and Debian Sarge 3.1 will let you destroy partitions and create a new one during install time. You should make 3 partitions : boot ( denoted as /boot ), root ( denoted as / ), and a Swap.

/boot should ~32MB
swap should ~ 1024MB
/ rest of file system

There are better ways to setup a webserver partition scheme but this will be easiest for you.

Think of / as c: and /boot as a directory in c: that has its own partition.

I feel like that is way to small. I have 25GB's to play around with. Maybe make two 1GB partitions and then the rest in the 3rd partition?

 

[n0cmonkey]

Originally posted by: anthony88guy

Im merging 5 pattitions into 1, and changing the file system.

That doesn't really answer my question, do you want/need to keep the data on those partitions? Why not just delete those 5 and create new ones?

I have already deleted all the data on these partition by reformating it in windows XP.

Ubuntu and Debian Sarge 3.1 will let you destroy partitions and create a new one during install time. You should make 3 partitions : boot ( denoted as /boot ), root ( denoted as / ), and a Swap.

/boot should ~32MB
swap should ~ 1024MB
/ rest of file system

There are better ways to setup a webserver partition scheme but this will be easiest for you.

Think of / as c: and /boot as a directory in c: that has its own partition.

I feel like that is way to small. I have 25GB's to play around with. Maybe make two 1GB partitions and then the rest in the 3rd partition?

/boot only holds a small amount of stuff. swap should be 1.5-2x your ram and won't hold data. / is the drive you'll be using for storage and whatnot, so your 25GB of data will sit under there.

 

[Nothinman]

I have already deleted all the data on these partition by reformating it in windows XP.

Then don't f'ing with Windows/DOS tools and just boot the CD and use the partitioner on there.

I feel like that is way to small. I have 25GB's to play around with. Maybe make two 1GB partitions and then the rest in the 3rd partition?

How is it too small? /boot will only ever hold kernels and initrd images, my laptop here currently has 3 kernels on it and there's 6.7M used, do you really think you'll need to have over 500 kernrels installed at once? And swap isn't all that important any more, it's recommended to make it the same size as your physical memory just in case, but unless you do some crazy sh!t you shouldn't need much.

 

[anthony88guy]

Thanks Alot guys, I'm using linux to reply to this thread.

Now next step would be installing apatche i saw some links I will now go and follow.

 

[anthony88guy]

So I've installed apache, PHP and MYSQL. Now do I install Cpanel? Also I wasn't able to set up any FTP access, I have install a package I believe.

 

[n0cmonkey]

You shouldn't need cpanel.

Enable your ftp server, shouldn't need a whole lot of configuration.

 

[anthony88guy]

Originally posted by: n0cmonkey
You shouldn't need cpanel.

Enable your ftp server, shouldn't need a whole lot of configuration.

I want to let some freinds have access to my server. Ideas about the FTP?

 

[n0cmonkey]

Originally posted by: anthony88guy

Originally posted by: n0cmonkey
You shouldn't need cpanel.

Enable your ftp server, shouldn't need a whole lot of configuration.

I want to let some freinds have access to my server. Ideas about the FTP?

What do you want to do with FTP? Which FTP daemon did you install? What have you tried already?

You shouldn't need cpanel. SSH should work just fine.