We Eat Bricks :: Web Development Blog

Good tutorial on this topic here: http://blogs.sun.com/shanti/entry/smf_support_for_apache_in

James over at mernin.com has posted a bunch of excellent Solaris tutorials. The latest is on Cloning a Solaris Zone could prove useful to the Solaris articles I’ve posted here.

Nice one James!

The post derives heavily from Shanti’s Sun Micro Systems blog.

For a succinct explanation from www.oreillynet.com .

SMF try this from or Solaris 10, Sun introduced the Service Management Facility. SMF is a framework that handles system boot-up, process management, and self-healing. It addresses the shortcomings of startup scripts and creates an infrastructure to manage daemons after the host has booted.

The following steps are required to add MySQL as a service into Solaris SMF. We added the 32-bit version on MySQL that comes with the Cool Stack CSKAmp package.

Create the manifest

A service needs a file called a manifest.  A service manifest describes the service and its management needs. It lists the service dependencies, the control scripts, and the actions to take when the service fails. The manifest starts out as an XML file that SMF imports into a central repository, which records the properties of all the services.

Create a file named /var/svc/manifest/network/cskmysql.xml with the following contents :

Create the method

Create the file /opt/coolstack/lib/svc/method/svc-cskmysql referenced in the manifest with the following contents and make it executable. You may have to create the directories below /opt/coolstack/lib first. This file needs to be edited to set DB_DIR to the path of your data directory (where data files reside), and MYSQL_DIR if you are usi
ng the 64-bit MySQL version.
Create the file /opt/coolstack/lib/svc/method/svc-cskmysql.

You will also have to manually create directories if they don’t already exist.

/opt/coolstack/lib
/opt/coolstack/lib/svc
/opt/coolstack/lib/method

This file needs to be edited to set DB_DIR to the path of your data directory ( normally /opt/coolstack/mysql_32bit), and MYSQL_DIR if you are using the 64-bit MySQL version.
Copy and past the following into the file named above. It assumes the paths of the  default installation of Cool Stack. If you have changed the paths you’ll need to reflect those changes here.

Change file ownership  

Ensure that the MySQL user and group exist and this user owns $DB_DIR. It’s also a good idea to chmod 0700 all files in $DB_DIR.

Cool Stack MySQL runs as user:group mysql:mysql.

Start the csk-mysql service
Import the new MySQL config :

Start MySQL as a  service::

A log file available at /var/svc/log/network-csk-mysql:CSKmysql.log file.
More detailed information for troubleshooting startup failures can be obtained from the command svcs -x.

If the services does not start and/or goes into maintenance mode then you will need to go through the steps above again verifying it’s correct. I initially had a problem due to incorrect privileges on  /opt/coolstack.mysql_32bit/data.  
More information on SMF can be found at  http://www.sun.com/bigadmin/content/selfheal/smf-quickstart.html

The post derives heavily from Shanti’s Sun MicroSystems blog post.

For a succinct explanation from www.oreillynet.com .

SMF try this from or Solaris 10, Sun introduced the Service Management Facility. SMF is a framework that handles system boot-up, process management, and self-healing. It addresses the shortcomings of startup scripts and creates an infrastructure to manage daemons after the host has booted.

The following steps are required to add cool stack apache as a service into Solaris SMF

1. Create the manifest

A service needs a file called a manifest.  A service manifest describes the service and its management needs. It lists the service dependencies, the control scripts, and the actions to take when the service fails. The manifest starts out as an XML file that SMF imports into a central repository, which records the properties of all the services.

Create a file named /var/svc/manifest/network/cskapache2.xml with the following contents :

2. Create the method

Create the file /opt/coolstack/lib/svc/method/svc-cskapache2 .

You will also have to manually create directories

3. Change file ownership

Cool Stack apache runs as user:group webservd:webservd. We need to ensure that this user can write to the log directory and the pid file. All these files  reside in /opt/coolstack/apache2/logs by default.

4. Disable the Solaris http service

Disable any apache processes running at present.
 You can check if it is enabled as follows :

If no output is printed, then it is disabled. If you see something like :

maintenance    11:47:11 svc:/network/http:apache2
or
online    11:47:11 svc:/network/http:apache2
then, the service is up.

Disable the service as follows :

5. Start the csk-http service

Import the new service config, the manifest xml file as follows :

Resulting output

We are now ready to start our service. Start it as follows :

A log of the service startup will be in /var/svc/log/network-csk-http:CSKapache2.log file.

We will use pkgget to install the Pureftpd software.

Install pkg-get.

Skip this if you already have it installed.

Reference: http://www.blastwave.org/howto.html

Add the pureftpd package.

This downloads and complies the Pureftpd package.
The binary is located here:

To run try this:

Or better yet use the supplied start up script located here:

Configure Pureftpd

Configuration file the start script looks at:

Rename to pureftpd.conf

Edit config file. We wanted anonymous ftp access turned off and vistual users activated.

So uncomment

Next we’ll complete the steps needed to enable Virtual Users.

We need to create the pureftpd.pdb file from /opt/csw/etc/pureftpd.passwd.

First create a password file

Make the pureftpd.pdb file

Or

The start up script expects the files to appear in /etc/
Copy files there:

and

Start Pureftpd

Start the Pureftpd program

For further documentation on using and configuring, take  a look at www.pureftpd.org

Reference: http://cooltools.sunsource.net/coolstack/

Install Coolstack

Download the x86 version of Coolstack

bunzip2 [package.pkg.bz2]

For example: bunzip2 CSKmysql_sparc.pkg.bz2

pkgadd -d [package.pkg]

This process will install the package in /opt/coolstack, along with all dependent libraries.

Document root is located at: /opt/coolstack/apache2/htdocs

Solaris zone has several instances of apache and apache2 preinstalled. These may be running and will prevent the coolstack apache from running. Disable all other apaches

Kill the currently running apache services.

# ps –ef | grep apache2

Kill <number> corresponding to apache process given above or do apache stop but since the httpd.conf file is not configured this gives an error so use kill instead.

Next ensure preinstalled apaches do not start up.

# cd /etc/rc3.d

Rename the following:

S50apache, S50cswapache and  S50cswapache2 to OFF-S50apache, OFF-S50cswapache and  OFF-S50cswapache2 .

This stops these apache services from restarting on boot up.

Configure CoolStack Apache

Edit /opt/coolstack/apache2/conf/httpd.conf

ServerName ims-arcs-zone:80

Add index.php directory index

<IfModule dir_module>

    DirectoryIndex index.html index.php

</IfModule>

Start apache

#/opt/coolstack/apache2/bin/apachectl start

Configure Mysql

Add /opt/coolstack/mysql_32bit/bin /bin to your path, and /opt/coolstack/mysql/man to your manpath.

#export PATH=/opt/coolstack/mysql_32bit/bin:$PATH

Install the db and mysql user:

# /opt/coolstack/mysql/bin/mysql_install_db

# groupadd mysql

# useradd -c "MySQL Server" -g mysql mysql

Change ownership

# chown -R mysql:mysql /opt/coolstack/mysql_32bit

 # cp /opt/coolstack/mysql_32bit/share/mysql/my-large.cnf /etc/my.cnf

Edit my.cnf if necessary. Consider uncomment skip-networking to prevent network access to the database.

Start up the server:

# su – mysql  (this line may not be necessary)

$ /opt/coolstack/mysql_32bit/bin/mysqld_safe &

$ ps -ef | grep mysql | grep –v grep  <– Make sure the mysqld process is running

$ /opt/coolstack/mysql_32bit/bin/mysqladmin -u root password ‘yourrootpassword’

$ /opt/coolstack/mysql/bin/mysqladmin -u root -h ‘yourhostname’ password ‘yourrootpassword’

Install Extra PHP Libraries.

Dowbload load from here: Packages CSKtds, CSKncurses, CSKphplibs, English

The above PHP libraries contain the useful GD graphics library for PHP. We’ll need that for the Drupal CMS which I will post next week.. Download the x86 version of Coolstack

#bunzip2 [package.pkg.bz2]

For example: bunzip2 CSKmysql_sparc.pkg.bz2

#tar -xvf ./CSKphplibsBundle_x86.tar

#pkgadd -d ./CSKphplibs_x86.pkg

Edit #/opt/coolstack/php5/lib/php.ini

Add the following line.

extension="gd.so"

Restart Apache

#/opt/coolstack/apache2/bin/apachectl start

Disable unnecessary Solaris Services

Services that you may want to disable once the Zone has booted are listed below. This procedure as the effect of locking the zone down and making it more secure.

svcadm disable ftp
svcadm disable telnet

svcadm disable ssh (left this on if you need ssh)

svcadm disable sendmail (left this on for Drupal  CMS sending emails)

svcadm disable finger
svcadm disable rlogin
svcadm disable nfs/client
svcadm disable nfs/status
svcadm disable nfs/nlockmgr
svcadm disable rpc/bind
svcadm disable rpc/gss
svcadm disable rpc/rstat
svcadm disable rpc/rusers
svcadm disable rpc/smserver
svcadm disable shell:default (left this on for us)
svcadm disable svc:/network/cde-spc:default
svcadm disable svc:/application/graphical-login/cde-login:default
svcadm disable inetdsvcadm disable rpc-100235_1/rpc_ticotsord:defaultsvcadm disable rpc-100068_2-5/rpc_udp:default
svcadm disable rpc-100083_1/rpc_tcp:default
svcadm disable x11/xfs
svcadm disable font/fc-cache