System Administrationhsinmu/courses/_media/nasa... · 2013. 5. 20. · File System Operations...
Transcript of System Administrationhsinmu/courses/_media/nasa... · 2013. 5. 20. · File System Operations...
![Page 1: System Administrationhsinmu/courses/_media/nasa... · 2013. 5. 20. · File System Operations Createfile / directory Removefile / directory List directory Openfile Read fromfile Write](https://reader035.fdocuments.us/reader035/viewer/2022071608/61463e2b8f9ff812542023a4/html5/thumbnails/1.jpg)
System Administration NFS & Web Servers
![Page 2: System Administrationhsinmu/courses/_media/nasa... · 2013. 5. 20. · File System Operations Createfile / directory Removefile / directory List directory Openfile Read fromfile Write](https://reader035.fdocuments.us/reader035/viewer/2022071608/61463e2b8f9ff812542023a4/html5/thumbnails/2.jpg)
NFS SERVER
![Page 3: System Administrationhsinmu/courses/_media/nasa... · 2013. 5. 20. · File System Operations Createfile / directory Removefile / directory List directory Openfile Read fromfile Write](https://reader035.fdocuments.us/reader035/viewer/2022071608/61463e2b8f9ff812542023a4/html5/thumbnails/3.jpg)
File System Operations
Create file / directory
Remove file / directory
List directory
Open file
Read from file
Write to file
…
![Page 4: System Administrationhsinmu/courses/_media/nasa... · 2013. 5. 20. · File System Operations Createfile / directory Removefile / directory List directory Openfile Read fromfile Write](https://reader035.fdocuments.us/reader035/viewer/2022071608/61463e2b8f9ff812542023a4/html5/thumbnails/4.jpg)
NFS
Network file system
File system ops over network
RPC-based
IP-based authorization
Traffic not encrypted
![Page 5: System Administrationhsinmu/courses/_media/nasa... · 2013. 5. 20. · File System Operations Createfile / directory Removefile / directory List directory Openfile Read fromfile Write](https://reader035.fdocuments.us/reader035/viewer/2022071608/61463e2b8f9ff812542023a4/html5/thumbnails/5.jpg)
From 鳥哥的Linux私房菜
![Page 6: System Administrationhsinmu/courses/_media/nasa... · 2013. 5. 20. · File System Operations Createfile / directory Removefile / directory List directory Openfile Read fromfile Write](https://reader035.fdocuments.us/reader035/viewer/2022071608/61463e2b8f9ff812542023a4/html5/thumbnails/6.jpg)
Remote Procedure Call
From SGI IRIX Network Programming Guide
![Page 7: System Administrationhsinmu/courses/_media/nasa... · 2013. 5. 20. · File System Operations Createfile / directory Removefile / directory List directory Openfile Read fromfile Write](https://reader035.fdocuments.us/reader035/viewer/2022071608/61463e2b8f9ff812542023a4/html5/thumbnails/7.jpg)
RPC – Port mapper
List which port has what service
“portmap” or “rpcbind”
List services: rpcinfo -p
![Page 8: System Administrationhsinmu/courses/_media/nasa... · 2013. 5. 20. · File System Operations Createfile / directory Removefile / directory List directory Openfile Read fromfile Write](https://reader035.fdocuments.us/reader035/viewer/2022071608/61463e2b8f9ff812542023a4/html5/thumbnails/8.jpg)
NFS Server
Debian Package: nfs-kernel-server
◦ NFS server is implemented in kernel. The package is for support utilities.
Configuration: /etc/exports
◦ See exports(5) manpage
Show exported paths
◦ exportfs
◦ showmount
![Page 9: System Administrationhsinmu/courses/_media/nasa... · 2013. 5. 20. · File System Operations Createfile / directory Removefile / directory List directory Openfile Read fromfile Write](https://reader035.fdocuments.us/reader035/viewer/2022071608/61463e2b8f9ff812542023a4/html5/thumbnails/9.jpg)
/etc/exports
/home 192.168.1.0/24(ro)
Path Client IP (modifier)
目錄 分享對象 (權限)
![Page 10: System Administrationhsinmu/courses/_media/nasa... · 2013. 5. 20. · File System Operations Createfile / directory Removefile / directory List directory Openfile Read fromfile Write](https://reader035.fdocuments.us/reader035/viewer/2022071608/61463e2b8f9ff812542023a4/html5/thumbnails/10.jpg)
Client IPs
IPs (192.168.1.1)
IP networks (192.168.1.0/24)
Hostnames (www.csie.ntu.edu.tw)
Wildcards (*.csie.ntu.edu.tw)
![Page 11: System Administrationhsinmu/courses/_media/nasa... · 2013. 5. 20. · File System Operations Createfile / directory Removefile / directory List directory Openfile Read fromfile Write](https://reader035.fdocuments.us/reader035/viewer/2022071608/61463e2b8f9ff812542023a4/html5/thumbnails/11.jpg)
Modifiers
rw / ro
sync / async
root_squash / no_root_squash
◦ all_squash
![Page 12: System Administrationhsinmu/courses/_media/nasa... · 2013. 5. 20. · File System Operations Createfile / directory Removefile / directory List directory Openfile Read fromfile Write](https://reader035.fdocuments.us/reader035/viewer/2022071608/61463e2b8f9ff812542023a4/html5/thumbnails/12.jpg)
NFS Client
Debian Package: nfs-common
◦ NFS client is implemented in kernel. The package is for support utilities.
Configuration: /etc/fstab
![Page 13: System Administrationhsinmu/courses/_media/nasa... · 2013. 5. 20. · File System Operations Createfile / directory Removefile / directory List directory Openfile Read fromfile Write](https://reader035.fdocuments.us/reader035/viewer/2022071608/61463e2b8f9ff812542023a4/html5/thumbnails/13.jpg)
/etc/fstab
# local
/dev/sda1 / ext4 rw
# nfs
nfs:/home /home nfs rw
![Page 14: System Administrationhsinmu/courses/_media/nasa... · 2013. 5. 20. · File System Operations Createfile / directory Removefile / directory List directory Openfile Read fromfile Write](https://reader035.fdocuments.us/reader035/viewer/2022071608/61463e2b8f9ff812542023a4/html5/thumbnails/14.jpg)
NFS mount options
fg / bg
hard / soft
intr / nointr (No use after 2.6.25)
rsize= & wsize=
See nfs(5) manpage
![Page 15: System Administrationhsinmu/courses/_media/nasa... · 2013. 5. 20. · File System Operations Createfile / directory Removefile / directory List directory Openfile Read fromfile Write](https://reader035.fdocuments.us/reader035/viewer/2022071608/61463e2b8f9ff812542023a4/html5/thumbnails/15.jpg)
Automount
Automatically mount filesystem when accessed
◦ Unmount after some time unused
Implemented in kernel
Package: autofs , autofs5
![Page 16: System Administrationhsinmu/courses/_media/nasa... · 2013. 5. 20. · File System Operations Createfile / directory Removefile / directory List directory Openfile Read fromfile Write](https://reader035.fdocuments.us/reader035/viewer/2022071608/61463e2b8f9ff812542023a4/html5/thumbnails/16.jpg)
WEB SERVERS
![Page 17: System Administrationhsinmu/courses/_media/nasa... · 2013. 5. 20. · File System Operations Createfile / directory Removefile / directory List directory Openfile Read fromfile Write](https://reader035.fdocuments.us/reader035/viewer/2022071608/61463e2b8f9ff812542023a4/html5/thumbnails/17.jpg)
Apache HTTP Server
Oldest(?) open source web server
Most popular according to Netcraft
Very versatile
◦ CGI/FastCGI/WSGI/PSGI/Rack/…
◦ mod_perl / mod_python / mod_ruby
◦ Many 3rd party modules
![Page 18: System Administrationhsinmu/courses/_media/nasa... · 2013. 5. 20. · File System Operations Createfile / directory Removefile / directory List directory Openfile Read fromfile Write](https://reader035.fdocuments.us/reader035/viewer/2022071608/61463e2b8f9ff812542023a4/html5/thumbnails/18.jpg)
Lighttpd
Lightweight HTTP(S) server
Single process event driven
◦ Early solution to C10k problem
CGI, FastCGI, SCGI support
Little new development
![Page 19: System Administrationhsinmu/courses/_media/nasa... · 2013. 5. 20. · File System Operations Createfile / directory Removefile / directory List directory Openfile Read fromfile Write](https://reader035.fdocuments.us/reader035/viewer/2022071608/61463e2b8f9ff812542023a4/html5/thumbnails/19.jpg)
Nginx
Web server
Reverse proxy
Load balancing
Single process event driven
FastCGI / SCGI / uWSGI
No CGI
![Page 20: System Administrationhsinmu/courses/_media/nasa... · 2013. 5. 20. · File System Operations Createfile / directory Removefile / directory List directory Openfile Read fromfile Write](https://reader035.fdocuments.us/reader035/viewer/2022071608/61463e2b8f9ff812542023a4/html5/thumbnails/20.jpg)
Multi-Processing Module
prefork ◦ 1 process per request
worker ◦ worker thread pool ◦ 1 thread per connection
Event ◦ event driven with worker thread pool ◦ 1 thread per request
More info see ◦ http://serverfault.com/questions/38352
6/how-do-i-select-which-apache-mpm-to-use
![Page 21: System Administrationhsinmu/courses/_media/nasa... · 2013. 5. 20. · File System Operations Createfile / directory Removefile / directory List directory Openfile Read fromfile Write](https://reader035.fdocuments.us/reader035/viewer/2022071608/61463e2b8f9ff812542023a4/html5/thumbnails/21.jpg)
Apache Packages
Debian meta-package
◦ apache2
MPM
◦ apache2-mpm-*
3rd party modules
◦ libapache2-mod-*
![Page 22: System Administrationhsinmu/courses/_media/nasa... · 2013. 5. 20. · File System Operations Createfile / directory Removefile / directory List directory Openfile Read fromfile Write](https://reader035.fdocuments.us/reader035/viewer/2022071608/61463e2b8f9ff812542023a4/html5/thumbnails/22.jpg)
Basic Configuration
# What port to use
Listen 80
# My name
ServerName nasa.csie.ntu.edu.tw
# Run as
User www-data
Group www-data
# PID
PidFile /var/run/apache2.pid
# log
ErrorLog /var/log/apache2/error.log
![Page 23: System Administrationhsinmu/courses/_media/nasa... · 2013. 5. 20. · File System Operations Createfile / directory Removefile / directory List directory Openfile Read fromfile Write](https://reader035.fdocuments.us/reader035/viewer/2022071608/61463e2b8f9ff812542023a4/html5/thumbnails/23.jpg)
Serving Configuration
# Where is /
DocumentRoot /var/www/base
# Permissions for /var/www/base
<Directory /var/www/base>
Options None
Order allow,deny
Allow from all
</Directory>
![Page 24: System Administrationhsinmu/courses/_media/nasa... · 2013. 5. 20. · File System Operations Createfile / directory Removefile / directory List directory Openfile Read fromfile Write](https://reader035.fdocuments.us/reader035/viewer/2022071608/61463e2b8f9ff812542023a4/html5/thumbnails/24.jpg)
Virtual Hosts
Serving many sites with 1 server
IP-based virtual hosts
◦ 1 website per IP
Port-based virtual hosts
◦ 1 website per port
Name-based virtual hosts
◦ Many websites per IP/port
◦ Differentiate with “Host” header
![Page 25: System Administrationhsinmu/courses/_media/nasa... · 2013. 5. 20. · File System Operations Createfile / directory Removefile / directory List directory Openfile Read fromfile Write](https://reader035.fdocuments.us/reader035/viewer/2022071608/61463e2b8f9ff812542023a4/html5/thumbnails/25.jpg)
Name-based Virtual Host
NameVirtualHost *
<VirtualHost *>
DocumentRoot /var/www/www
ServerName www.csie.ntu.edu.tw
<Directory /var/www/www>
Options None
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
![Page 26: System Administrationhsinmu/courses/_media/nasa... · 2013. 5. 20. · File System Operations Createfile / directory Removefile / directory List directory Openfile Read fromfile Write](https://reader035.fdocuments.us/reader035/viewer/2022071608/61463e2b8f9ff812542023a4/html5/thumbnails/26.jpg)
HTTP Authentication
401 Unauthorized ◦ Basic Password sent in plaintext
◦ Digest Challenge / Response
mod_auth ◦ mod_auth*
◦ Many backends
htpasswd ◦ Manage Apache basic password files
![Page 27: System Administrationhsinmu/courses/_media/nasa... · 2013. 5. 20. · File System Operations Createfile / directory Removefile / directory List directory Openfile Read fromfile Write](https://reader035.fdocuments.us/reader035/viewer/2022071608/61463e2b8f9ff812542023a4/html5/thumbnails/27.jpg)
HTTP Authentication <Location /locked>
# Use basic authentication
AuthType Basic
# Name to show in dialog
AuthName “Restricted”
# Use htpasswd file based
AuthBasicProvider file
# Path to password file
AuthUserFile /etc/apache/users.pw
# Any user is good
Require valid-user
</Location>
![Page 28: System Administrationhsinmu/courses/_media/nasa... · 2013. 5. 20. · File System Operations Createfile / directory Removefile / directory List directory Openfile Read fromfile Write](https://reader035.fdocuments.us/reader035/viewer/2022071608/61463e2b8f9ff812542023a4/html5/thumbnails/28.jpg)
URL Rewrite
Rewrite a URL internally
◦ Make pretty URLs to user
◦ Map old URL to new
Redirect
Regex
Conditional
Enable mod_rewrite
![Page 29: System Administrationhsinmu/courses/_media/nasa... · 2013. 5. 20. · File System Operations Createfile / directory Removefile / directory List directory Openfile Read fromfile Write](https://reader035.fdocuments.us/reader035/viewer/2022071608/61463e2b8f9ff812542023a4/html5/thumbnails/29.jpg)
URL Rewrite
# Load mod_rewrite
LoadModule rewrite_module
modules/mod_rewrite.so
# Enable rewrite
RewriteEngine On
# rewrite rule
# Redirect /blog?p=N to /new/blog/N
RewriteRule ^/blog?p=(\d+) /new/blog/$1
[R]
![Page 30: System Administrationhsinmu/courses/_media/nasa... · 2013. 5. 20. · File System Operations Createfile / directory Removefile / directory List directory Openfile Read fromfile Write](https://reader035.fdocuments.us/reader035/viewer/2022071608/61463e2b8f9ff812542023a4/html5/thumbnails/30.jpg)
FastCGI
2.2: mod_fastcgi or mod_fcgid
2.4: mod_proxy, mod_proxy_fcgi
Run PHP with FastCGI if you can
◦ php-fpm – FastCGI Process Manager
![Page 31: System Administrationhsinmu/courses/_media/nasa... · 2013. 5. 20. · File System Operations Createfile / directory Removefile / directory List directory Openfile Read fromfile Write](https://reader035.fdocuments.us/reader035/viewer/2022071608/61463e2b8f9ff812542023a4/html5/thumbnails/31.jpg)
PHP FastCGI for Apache 2.2
# Load modules
LoadModule fastcgi_module modules/mod_fastcgi.so
# Associate an alias for the 'fake' fcgi call.
Alias /php5.fcgi /var/www/php5.fcgi
# Assign the 'fake' fcgi to an 'external'
FastCGI Server
FastCGIExternalServer /var/www/php5.fcgi -flush
-host 127.0.0.1:9000
# Create the handler mappings to associate PHP
files with a call to '/php5.fcgi'
AddType application/x-httpd-fastphp5 .php
Action application/x-httpd-fastphp5 /php5.fcgi
![Page 32: System Administrationhsinmu/courses/_media/nasa... · 2013. 5. 20. · File System Operations Createfile / directory Removefile / directory List directory Openfile Read fromfile Write](https://reader035.fdocuments.us/reader035/viewer/2022071608/61463e2b8f9ff812542023a4/html5/thumbnails/32.jpg)
PHP FastCGI for Apache 2.4
# Load modules
LoadModule proxy_module
modules/mod_proxy.so
LoadModule proxy_fcgi_module
modules/mod_proxy_fcgi.so
# Pass PHP file to FastCGI handler
ProxyPassMatch ^/(.*\.php)$
fcgi://127.0.0.1:9000/var/www/$1