WEB64: Simple Web Server (64-bit) - Implementation Design

Base Class

WEB64 is based on LUX64 appliance with its volumes resized (as described below).

Class Volumes

WEB64 has the following volume setup:

• boot, 140MB, mounted as "/", writeable, instantiable
• usr, 400MB, mounted as "/usr", read-only, common
• content, mounted as "/mnt/content", read-only, placeholder

The boot and usr volumes contain a basic Linux installation with apache web-server (all modules included). The content volume is a placeholder meant to serve as document root of the web server.

Packages

Here is the list of packages installed on top of a basic LUX64 appliance installation.

• alsa-lib-1.0.12-3.el5
• apr-1.2.7-11
• apr-util-1.2.7-6
• aspell-0.60.3-7.1
• aspell-en-6.0-2.1
• atk-1.12.2-1.fc6
• audiofile-0.2.6-5
• audit-libs-python-1.3.1-1.el5
• avahi-0.6.16-1.el5
• avahi-glib-0.6.16-1.el5
• bind-libs-9.3.3-9.0.1.el5
• bind-utils-9.3.3-9.0.1.el5
• cairo-1.2.4-1.fc6
• chkfontpath-1.10.1-1.1
• cryptsetup-luks-1.0.3-2.2.el5
• cups-libs-1.2.4-11.5.3.el5
• curl-7.15.5-2.el5
• cyrus-sasl-2.1.22-4
• dbus-1.0.0-6.el5
• dbus-glib-0.70-5
• dbus-python-0.70-7.el5
• distcache-1.4.5-14.1
• dmidecode-2.7-1.28.2.el5
• esound-0.2.36-3
• fontconfig-2.4.1-6.el5
• freetype-2.2.1-17.el5
• gamin-0.1.7-8.el5
• GConf2-2.14.0-9.el5
• gd-2.0.33-9.3.fc6
• ghostscript-8.15.2-9.1.el5
• ghostscript-fonts-5.50-13.1.1
• gmp-4.1.4-10.el5
• gnome-keyring-0.6.0-1.fc6
• gnome-mime-data-2.4.2-3.1
• gnome-mount-0.5-3.el5
• gnome-vfs2-2.16.2-4.el5
• gnutls-1.4.1-2
• gtk2-2.10.4-16.el5
• hal-0.5.8.1-19.el5
• hesiod-3.1.0-8
• hicolor-icon-theme-0.9-2.1
• httpd-2.2.3-7.el5.centos
• hwdata-0.194-1
• ImageMagick-6.2.8.0-3.el5.4
• ImageMagick-perl-6.2.8.0-3.el5.4
• kbd-1.12-19.el5
• kernel-headers-2.6.18-8.1.10.el5
• lcms-1.15-1.2.2
• libart_lgpl-2.3.17-4
• libbonobo-2.16.0-1.fc6
• libbonoboui-2.16.0-1.fc6
• libc-client-2004g-2.2.1
• libcroco-0.6.1-2.1
• libdaemon-0.10-5.el5
• libevent-1.1a-3.2.1
• libfontenc-1.0.2-2.2.el5
• libFS-1.0.0-3.1
• libgcrypt-1.2.3-1
• libglade2-2.6.0-2
• libgnome-2.16.0-6.el5
• libgnomecanvas-2.14.0-4.1
• libgnomeui-2.16.0-5.el5
• libgpg-error-1.4-2
• libgsf-1.14.1-6.1
• libgssapi-0.10-2
• libICE-1.0.1-2.1
• libIDL-0.8.7-1.fc6
• libidn-0.6.5-1.1
• libjpeg-6b-37
• libnotify-0.4.2-6.el5
• libpng-1.2.10-7.0.2
• librsvg2-2.16.1-1.el5
• libSM-1.0.1-3.1
• libtiff-3.8.2-7.el5
• libusb-0.1.12-5.1
• libutempter-1.1.4-3.fc6
• libwmf-0.2.8.4-10.1
• libwnck-2.16.0-4.fc6
• libX11-1.0.3-8.0.1.el5
• libXau-1.0.1-3.1
• libXcursor-1.1.7-1.1
• libXdmcp-1.0.1-2.1
• libXext-1.0.1-2.1
• libXfixes-4.0.1-2.1
• libXfont-1.2.2-1.0.2.el5
• libXft-2.1.10-1.1
• libXi-1.0.1-3.1
• libXinerama-1.0.1-2.1
• libxml2-2.6.26-2.1.2
• libxml2-python-2.6.26-2.1.2
• libXpm-3.5.5-3
• libXrandr-1.1.1-3.1
• libXrender-0.9.1-3.1
• libXres-1.0.1-3.1
• libxslt-1.1.17-2
• libXt-1.0.2-3.1.fc6
• mailcap-2.1.23-1.fc6
• mod_auth_mysql-3.0.0-3.1
• mod_perl-2.0.2-6.3.el5
• mod_ssl-2.2.3-7.el5.centos
• mysql-5.0.22-2.1.0.1
• nfs-utils-1.0.9-16.el5
• nfs-utils-lib-1.0.8-7.2
• notification-daemon-0.3.5-8.el5
• ntsysv-1.3.30.1-1
• ORBit2-2.14.3-4.el5
• pango-1.14.9-3.el5.centos
• pciutils-2.2.3-4
• perl-AppConfig-1.65-1.el5.rf
• perl-BSD-Resource-1.28-1.fc6.1
• perl-DBD-MySQL-3.0007-1.fc6
• perl-DBI-1.52-1.fc6
• perl-GD-2.35-1.el5.rf
• perl-MailTools-1.77-1.el5.centos
• perl-Pod-POM-0.17-1.2.el5.rf
• perl-String-CRC32-1.4-2.fc6
• perl-Template-Toolkit-2.15-1.el5.rf
• perl-Text-Autoformat-1.13-1.2.el5.rf
• perl-Text-Reform-1.11-1.2.el5.rf
• perl-TimeDate-1.16-1.el5.centos
• php-5.1.6-15.el5
• php-cli-5.1.6-15.el5
• php-common-5.1.6-15.el5
• php-gd-5.1.6-15.el5
• php-imap-5.1.6-15.el5
• php-mysql-5.1.6-15.el5
• php-pdo-5.1.6-15.el5
• php-pear-1.4.9-4
• php-pgsql-5.1.6-15.el5
• pkgconfig-0.21-1.fc6
• pm-utils-0.19-3.el5.centos.1
• policycoreutils-1.33.12-3.el5
• portmap-4.0-65.2.2.1
• postgresql-libs-8.1.9-1.el5
• procmail-3.22-17.1.el5.centos
• rsync-2.6.8-3.1
• samba-client-3.0.23c-2.el5.2.0.2
• samba-common-3.0.23c-2.el5.2.0.2
• sendmail-8.13.8-2.el5
• shared-mime-info-0.19-3.el5
• startup-notification-0.8-4.1
• sudo-1.6.8p12-10
• tcpdump-3.9.4-8.1
• telnet-0.17-38.el5
• ttmkfdir-3.0.9-23.el5
• unzip-5.52-2.2.1
• urw-fonts-2.3-6.1.1
• xorg-x11-filesystem-7.1-2.fc6
• xorg-x11-font-utils-7.1-2
• xorg-x11-xfs-1.0.2-4
• zip-2.31-1.2.2

Theory of Operation

The WEB64 appliance provides a web-server functionality through installed Apache web server. The httpd daemon is compiled and runs in prefork mode.

Build Procedure

1. Create an application with only LUX64 and NET in it; configure the NET appliance
2. Branch LUX64
3. Resize volumes

   1. vol resize LUX64.boot size=300M 

   2. vol resize LUX64.usr size=700M 

4. Edit the class (in EDT)
   1. add a placeholder volume (name: content; mount on /dev/hda3; shared, ro)
   2. make the usr volume rw
   3. Update terminals: in | In | http db | Out | mysql fs | Out | nfs log| Out | cifs aux| Out | any net| Out | any mon| Out | cce
   4. mark net terminal as gateway
   5. change the class icon color to blue
   6. change the class name to WEB64
   7. change the class description
   8. change class category to 'Web Servers'
   9. Add the following properties:
      • host_name : type = string , dflt = ""
      • admin_email : type = string , dflt = root@localhost
      • content_on_fs : type = string , values = on|off , dflt = off
      • docs_dir : type = string , dflt = ""
      • docs_loc : type = string , dflt = ""
      • scripts_dir : type = string , dflt = ""
      • scripts_loc : type = string , dflt = ""
      • logs_enabled : lowercase , type = string , values = off|on , dflt = off
      • logs_base_dir : type = string , dflt = /
      • access_log_filename : type = string , dflt = ""
      • error_log_filename : type = string , dflt = ""
      • error_log_level : lowercase , type = string , values = debug|info|notice|warn|error|crit|alert|emerg , dflt = warn
      • cgi_ext : type = string , dflt = .cgi
      • shared_perl_ext : type = string , dflt = ""
      • index_files : type = string , dflt = "index.html index.html.var"
      • use_htaccess : lowercase , type = string , values = off|on , dflt = off
      • max_connections : type = integer , min = 1 , max = 256 , dflt = 128
      • persistent_connections : lowercase , type = string , values = off|on , dflt = on
      • idle_timeout_sec : type = integer , dflt = 15
      • data_timeout_sec : type = integer , dflt = 300
      • default_charset : type = string , dflt = off
      • info_level : lowercase , type = string , values = full|os|minor|major|prod , dflt = prod
      • server_signature : lowercase , type = string , values = off|on , dflt = off
      • env : type = string , dflt = ""
   10. Set resources
       • CPU: 0.10 | 4 | 0.30
       • MEM: 128M | 8G | 512M
       • BW: 1M |100M | 1M
5. Connect the net terminal of WEB64 to the net appliance
6. Create a volume and use it the WEB64 placeholder
7. Save the application
8. Start the application in debug mode
9. Login the WEB64 and do

   mkdir -p /mnt/content /mnt/log 

10. Install rpms:

       yum upgrade
       yum -y install httpd mod_perl ImageMagick.x86_64 ImageMagick-perl mod_ssl mod_auth_mysql sudo
       yum -y install php php-mysql php-gd php-imap php-pgsql php-pear 
       yum -y install perl-TimeDate perl-String-CRC32 perl-MailTools perl-DBD-MySQL
       yum -y install nfs-utils samba-client rsync ntsysv bind-utils sendmail  zip unzip tcpdump telnet words
       

    
    rpm -Uv perl-AppConfig-1.65-1.el5.rf.noarch.rpm (Current link)
    rpm -Uv perl-Pod-POM-0.17-1.2.el5.rf.noarch.rpm (Current link)
    rpm -Uv perl-Text-Reform-1.11-1.2.el5.rf.noarch.rpm (Current link)
    rpm -Uv perl-Text-Autoformat-1.13-1.2.el5.rf.noarch.rpm (Current link)
    rpm -Uv perl-Template-Toolkit-2.15-1.el5.rf.x86_64.rpm (Current link)
    rpm -Uv perl-GD-2.35-1.el5.rf.x86_64.rpm (Current link)
    yum clean all
    rpm --rebuilddb
11. Copy the following files in WEB64
    • /appliance/alias_set.sh
    • /appliance/appl_dyn.pl
    • /appliance/appliance.sh
    • /appliance/execute_command.sh
    • /appliance/feed_apache_counters.sh
    • /appliance/httpd_prerun.sh
    • /etc/ccad.conf
    • /etc/fstab
    • /etc/httpd/conf/httpd.conf
    • /etc/httpd/conf.d/appl.conf
    • /etc/httpd/conf.d/appl_dyn.conf
    • /etc/httpd/conf.d/rpaf.conf
    • /etc/sysconfig/httpd
    • /usr/lib64/httpd/modules/mod_rpaf.so

Additional instructions for building mod_rpaf:

• • start application (--debug because apache won't start)
  • wget http://stderr.net/apache/rpaf/download/mod_rpaf-0.5.tar.gz
  • tar xzvf mod_rpaf-0.5.tar.gz
  • cd mod_rpaf-0.5
  • edit mod_rpaf-2.0.c and on line 127 replace if (strcmp(remote_ip, list[i]) = 0)= with if (strcmp(remote_ip, list[i]) = 0 || strcasecmp("any", list[i]) = 0)
  • yum install httpd-devel.x86_64 make
  • apxs -c -n mod_rpaf-2.0.o mod_rpaf-2.0.c
  • apxs -i -n mod_rpaf-2.0.so mod_rpaf-2.0.la
  • mv /etc/httpd/modules/mod_rpaf-2.0.so /etc/httpd/modules/mod_rpaf.so
  • yum remove apr-devel apr-util-devel binutils cpp cyrus-sasl-devel db4-devel expat-devel gcc glibc-devel glibc-headers libgomp openldap-devel httpd-devel make

1. Fix init scripts

      chkconfig --levels 12345 sendmail off
      chkconfig --levels 12345 xfs off
      chkconfig --levels 12345 haldaemon off
      chkconfig --levels 12345 avahi-daemon off
      chkconfig --levels 12345 messagebus off
      chkconfig --levels 345 httpd on
      

2. Setup permissions of scripts

      chgrp nobody /var/lib/php/session
      cd /appliance ;chown root * ; chmod +x appliance.sh execute_command.sh feed_apache_counters.sh httpd_prerun.sh
      rm  /etc/httpd/conf.d/proxy_ajp.conf
      

3. Fix log rotation by editing /etc/logrotate.conf and ensuring the following are set:

      rotate 4
      size 512k
      

4. Stop the application
5. Mount the boot volume of WEB64 (vol mount WEB64.boot) and cleanup.

    
      rm -f root/.bash_history root/.lesshst appliance/log appliance/vmalog appliance/passwd.stamp etc/resolv.conf
      find var/log -type f -exec rm {} \;
      touch /var/log/lastlog
      rm -f tmp/*
      echo -n "" > etc/applogic_network.conf
      echo -n "" > etc/hosts
      echo -n "" > etc/applogic/appliance.desc
      echo -n "" > etc/applogic.sh
      

6. Umount the boot volume (vol umount WEB64.boot)
7. Edit class
   • add /etc/httpd/conf.d/appl.conf to the configuration files tab (volume: boot; qte method: none)
   • make the usr volume ro
8. Save the application
9. Vol resize

      vol resize WEB64.boot size=140M
      vol resize WEB64.usr size=400M
      

10. Move the class to the /proto catalog or any other catalog of your choice.

Configuration

The Apache web-server is configured by two files:

• /etc/httpd/conf.d/appl.conf (instrumented configuration file). Here is a list of apache directives configured by appliance properties
  • ServerAdmin, configured by admin_email
  • ServerTokens, configured by info_level
  • KeepAliveTimeout, configured by idle_timeout_sec
  • Timeout, configured by data_timeout_sec
  • KeepAlive, configured by persistent_connections
  • LogLevel, configured by error_log_level
  • DirectoryIndex, configured by index_files
  • ServerSignature, configured by server_signature
  • AddDefaultCharset, configured by default_charset
• /etc/httpd/conf.d/appl_dyn.conf (dynamically built configuration file)
  • ServerName, configured by host_name
  • ErrorLog, configured by logs_base_dir, error_log_filename and logs_enabled
  • CustomLog, configured by access_log_filename, logs_base_dir and logs_enabled
  • AllowOverride, configured by use_htaccess
  • ScriptAlias, configured by scripts_loc
  • CGI script extensions (AddHandler cgi-script) configured by cgi_ext
  • mod_perl handler extensions (AddHandler perl-script) configured by shared_perl_ext
  • MaxClients, configured with respect to the available memory

Log Files

If not configured otherwise the web server logs into /var/log/httpd/ directory which is rotated daily by logrotate (/etc/logrotate.d/httpd configuration file).

Important Notes

None.

-- IvanPeikov - 26 Sep 2007