Note: These directions are not complete, and may contain errors. If you encounter an omission or error, please correct this document.
- Request Server Ops setup the standard system user configuration on this system. This will include groups and system users for logs, www, and db.
- Download the following software from the ISDA software repository onto the system being configured:
Code Block httpd-2.2.4.tar.gz php-5.2.3.tar.gz MySQL/MySQL-*community-5.0.45-0.rhel4.i386.rpm MySQL/my.cnf mod_authz_mitgroup/mod_authz_mitgroup_rhel4.c
- Remove previous version of MySQL and install current version
Code Block rpm -ev cyrus-sasl-sql-2.1.19-5.EL4.i386 rpm -ev dovecot-0.99.11-4.EL4.i386 rpm -ev mysql-4.1.20-1.RHEL4.1.i386 rpm -ev mysqlclient10-3.23.58-4.RHEL4.1.i386 rpm -ivh MySQL-client-community-5.0.45-0.rhel4.i386.rpm rpm -ivh MySQL-test-community-5.0.45-0.rhel4.i386.rpm rpm -ivh MySQL-devel-community-5.0.45-0.rhel4.i386.rpm rpm -ivh MySQL-server-community-5.0.45-0.rhel4.i386.rpm
- Stop the MySQL server and reconfigure my.cnf. The MySQL server startups as part of the rpm install process.
Code Block /etc/init.d/mysql stop mv /var/lib/mysql /home/db chown -R db:db /home/db cd /etc/ cp /root/my.cnf . /etc/init.d/mysql start
- Be certain to use the my.cnf file from the ISDA software repository, as it sets the database user to be 'db' (and not the default 'mysql'), and put the home and data directories into /home/db.
- Install OpenSSL and setup certificates.
Code Block mkdir /home/www/tmp cd /home/www/tmp tar -xzvf /root/openssl-0.9.8a.tar.gz cd openssl-0.9.8a ./config --prefix=/home/www/ssl --openssldir=/home/www/ssl make make install
- Setup certificates
- get the mitca at http://ca.mit.edu/mitClient.crt and save it as /usr/local/ssl/certs/mitClient.crt
- convert mitCA.crt to pem format:
Code Block openssl x509 -in /home/www/ssl/certs/mitClient.crt -inform DER -outform PEM -out /home/www/ssl/certs/mitCA.pem
- Generate rsa key. This simply generates some random stuff:
Code Block ps > /tmp/foo ps -elf >> /tmp/foo cd /home/www/ssl/bin ./openssl genrsa -rand /tmp/foo 1024 >/home/www/ssl/private/`hostname`-key.pem
- Generate request for a certificatecd /home/www/ssl/bin
send the file /usr/local/ssl/certs/`hostname`-req.pem to mitcert@mit.edu,Code Block ./openssl req -key /home/www/ssl/private/`hostname`-key.pem -new \ >../certs/`hostname`-req.pem
- Please be aware, the organization (O) is Massachusetts Institute of Technology and the common name (CN) is the name of the server or service, including the domain name (.mit.edu). Also, some servers, such as Thalia servers, can represent an entire subdomain. These servers will need certificates issued with a wildcard in the domain name, such as *.isda-thalia-1.mit.edu.
Wiki Markup Remember, if the server is a Thalia server, if will need a wildcard certificate and DNS record for \*.\[hostname\], and if it is doing any type of authentication, it will need a joint client/server certificate to be able to connect to the Shibboleth server (and have end users connect to it as well).
- To generate a self signed temporary certificate, add the x509 and nodes options to the openssl command line.
Code Block cd /home/www/ssl/bin ./openssl req \-key /home/www/ssl/private/`hostname`-key.pem \-new \ \-x509 \-nodes >../certs/`hostname`-temp.cert
- When you receive a certificate from MIT Certificates, save it as /home/www/ssl/certs/`hostname`-cert.pem
- to look at a request:
Code Block openssl req \-in ./req.pem \-text
- to look at the private key:
Code Block openssl rsa \-in /home/www/ssl/private/`hostname`-key.pem \-text
- to look at the server certificate:
Code Block openssl x509 \-in /home/www/ssl/certs/`hostname`-cert.pem \-text
- to look at a request:
- Install Apache
Code Block cd /home/www/tmp tar -xzvf /root/httpd-2.2.4.tar.gz cd httpd-2.2.4 ./configure --prefix=/home/www/apache-2.2.4 --enable-ssl \ --with-ssl=/home/www/ssl \ --enable-modules="most mod_rewrite" --enable-so make make install ln -s /home/www/apache-2.2.4 /home/www/apache
Set up PHP - If this is a RHEL 4 system, build it for source to get ver 5.
Code Block cd /home/www/tmp tar -xzvf /root/php-5.2.3.tar.gz cd php-5.2.3 ./configure --with-mysql --with-kerberos=/usr/kerberos --prefix=/home/www/php-5.2.0 --with-apxs2=/home/www/apache-2.2.4/bin/apxs \ --enable-fastcgi --enable-magic-quotes --with-openssl --with-mysql-sock=/home/db/mysql/mysql.sock --with-mysqli --enable-sockets --enable-soap \ --with-openssl-dir=/home/www/ssl --with-pear=/usr/share/pear make make install ln -s php-5.2.0 php
If this is a RHEL 5 system, install from RPMs
...
- Secure access to the AMIT Definative Software Library on afs. If you have afs mounts available, it is located at /afs/athena.mit.edu/project/amit-dsl/Public. If you have an athena account, you can cut and paste the following, replacing the 'dracus' username with your own.
- Download the following software from the ISDA software repository onto the system being configured:
Code Block mkdir -p /home/www/tmp cd /home/www/tmp scp dracus@athena.dialup.mit.edu:/afs/athena.mit.edu/project/amit-dsl/Public/Apache/httpd-2.2.4.tar.gz \ dracus@athena.dialup.mit.edu:/afs/athena.mit.edu/project/amit-dsl/Public/PHP/php-5.2.6.tar.gz \ dracus@athena.dialup.mit.edu:/afs/athena.mit.edu/project/amit-dsl/Public/common-init/apache_home.sh \ dracus@athena.dialup.mit.edu:/afs/athena.mit.edu/project/amit-dsl/Public/common-init/web \ /home/www/tmp
- Check that the Apache installed is greater then version 2.2.3. If it is not, and this is RHEL 5 or greater, use YUM to install it.
Code Block yum -y install httpd-2.2.3 httpd-devel-2.2.3
- If the installed Apache is version 2.2.3 or greater, link the config directories into place.
Code Block mkdir /home/www/apache-2.2.3 ln -s /home/www/apache-2.2.3 /home/www/apache scp -r dracus@athena.dialup.mit.edu:/afs/athena.mit.edu/project/amit-dsl/Public/Apache/config-files/conf \ dracus@athena.dialup.mit.edu:/afs/athena.mit.edu/project/amit-dsl/Public/Apache/config-files/logs \ dracus@athena.dialup.mit.edu:/afs/athena.mit.edu/project/amit-dsl/Public/Apache/config-files/htdocs \ dracus@athena.dialup.mit.edu:/afs/athena.mit.edu/project/amit-dsl/Public/Apache/config-files/icons \ dracus@athena.dialup.mit.edu:/afs/athena.mit.edu/project/amit-dsl/Public/Apache/config-files/man\* \ /home/www/apache scp dracus@athena.dialup.mit.edu:/afs/athena.mit.edu/project/amit-dsl/Public/common-init/apache_home.sh \ dracus@athena.dialup.mit.edu:/afs/athena.mit.edu/project/amit-dsl/Public/common-init/web \ /home/www/tmp chown -R www:www /home/www mv /etc/httpd /etc/httpd.bak ln -s /home/www/apache /etc/httpd ln -s /usr/lib64/httpd/modules /home/www/apache/modules
- If the current version of MySQL is below 5.0, or if MySQL is not installed, update it to a recent version.
- Download the needed packages for RHEL 4 or 5.
- RHEL 5, 32 bit
Code Block mkdir -p /home/db/tmp cd /home/db/tmp scp dracus@athena.dialup.mit.edu:/afs/athena.mit.edu/project/amit-dsl/Public/MySQL/5.0.45/rhel5/i386/* \ dracus@athena.dialup.mit.edu:/afs/athena.mit.edu/project/amit-dsl/Public/MySQL/perl-DBI-1.52-1.rhel5.i386.rpm \ /home/db/tmp
- On RHEL 5, 64 bit systems, we are able to use the OS provided version of MySQL (5.0.45), installed through yum.
Code Block yum -y install mysql-server
- RHEL 4
Code Block mkdir /home/db/tmp cd /home/db/tmp scp root@trogdor:/opt/software-repository-tmp/MySQL/MySQL-client-community-5.0.45-0.rhel4.i386.rpm \ root@trogdor:/opt/software-repository-tmp/MySQL/MySQL-server-community-5.0.45-0.rhel4.i386.rpm \ root@trogdor:/opt/software-repository-tmp/MySQL/MySQL-shared-community-5.0.45-0.rhel4.i386.rpm \ root@trogdor:/opt/software-repository-tmp/MySQL/MySQL-shared-compat-5.0.45-0.rhel4.i386.rpm \ root@trogdor:/opt/software-repository-tmp/MySQL/MySQL-test-community-5.0.45-0.rhel4.i386.rpm \ root@trogdor:/opt/software-repository-tmp/MySQL/perl-DBI-1.52-1.fc6.i386.rpm \ root@trogdor:/opt/software-repository-tmp/MySQL/my.cnf \ /home/db/tmp
- RHEL 5, 32 bit
- Stop the MySQL server if it is running, remove the old version, and install the new one.
- RHEL 4
Code Block /etc/init.d/mysql stop rpm -ev cyrus-sasl-sql-2.1.19-5.EL4.i386 rpm -ev dovecot-0.99.11-4.EL4.i386 rpm -ev mysql-4.1.20-1.RHEL4.1.i386 rpm -ev mysqlclient10-3.23.58-4.RHEL4.1.i386 rpm -ivh MySQL-client-community-5.0.45-0.rhel4.i386.rpm rpm -ivh MySQL-test-community-5.0.45-0.rhel4.i386.rpm rpm -ivh MySQL-devel-community-5.0.45-0.rhel4.i386.rpm rpm -ivh MySQL-server-community-5.0.45-0.rhel4.i386.rpm
- RHEL 5, 32 bit
Code Block /etc/init.d/mysql stop rpm -ev cyrus-sasl-sql rpm -ev dovecot rpm -ev mysql rpm -ev mysqlclient10 rpm -ivh perl-DBI-1.52-1.rhel5.i386.rpm rpm -ivh MySQL-client-community-5.0.45-0.rhel5.i386.rpm rpm -ivh MySQL-test-community-5.0.45-0.rhel5.i386.rpm rpm -ivh MySQL-devel-community-5.0.45-0.rhel5.i386.rpm rpm -ivh MySQL-server-community-5.0.45-0.rhel5.i386.rpm
- On RHEL 5, 64 bit system, we have already installed MySQL using yum.
- RHEL 4
- Download the needed packages for RHEL 4 or 5.
- Stop the MySQL server and reconfigure my.cnf. The MySQL server startups as part of the rpm install process.
Code Block /etc/init.d/mysql stop mv /var/lib/mysql /home/db chown -R db:db /home/db ; chmod 755 /home/db cd /etc/ scp dracus@athena.dialup.mit.edu:/afs/athena.mit.edu/project/amit-dsl/Public/MySQL/my.cnf . # this one seems busted; steal my.cnf from some working machine --amb /etc/init.d/mysql start
- Be certain to use the my.cnf file from the ISDA software repository, as it sets the database user to be 'db' (and not the default 'mysql'), and put the home and data directories into /home/db.
- Install OpenSSL and setup certificates.
- If the version of OpenSSL is greater the 0.9.8, skip the install step.
Code Block openssl version
- Install OpenSSL, if needed.
Code Block mkdir /home/www/tmp cd /home/www/tmp tar -xzvf /root/openssl-0.9.8a.tar.gz cd openssl-0.9.8a ./config --prefix=/home/www/ssl --openssldir=/home/www/ssl make make install
- If the version of OpenSSL is greater the 0.9.8, skip the install step.
- Setup certificates
- Create home directories for ssl.
Code Block mkdir /home/www/ssl mkdir /home/www/ssl/certs mkdir /home/www/ssl/private
- get the MIT CA cert from http://ca.mit.edu/mitClient.crt and save it as /home/www/ssl/certs/mitClient.crt and convert mitCA.crt to pem format:
Code Block cd /home/www/ssl/certs/ wget http://ca.mit.edu/mitClient.crt openssl x509 -in mitClient.crt -inform DER -outform PEM -out mitCA.pem
- Alternatively, download mitCA.pem from the MAP repository.
Code Block scp dracus@athena.dialup.mit.edu:/afs/athena.mit.edu/project/amit-dsl/Public/common-init/mitCA.pem /home/www/ssl/certs
- Generate rsa key. This simply generates some random stuff:
Code Block ps > /tmp/foo ps -elf >> /tmp/foo # this is pretty bad. /dev/random may be a better bet. --amb openssl genrsa -rand /tmp/foo 1024 >/home/www/ssl/private/`hostname`-key.pem
- Generate request for a certificate
send the file /usr/local/ssl/certs/`hostname`-req.pem to mitcert@mit.edu,Code Block cd /home/www/ssl/private chmod 700 . openssl req -key `hostname`-key.pem -new > ../certs/`hostname`-req.pem
- Please be aware, the organization (O) is Massachusetts Institute of Technology and the common name (CN) is the name of the server or service, including the domain name (.mit.edu). Also, some servers, such as Thalia servers, can represent an entire subdomain. These servers will need certificates issued with a wildcard in the domain name, such as *.isda-thalia-1.mit.edu.
- Remember, if the server is a Thalia server, if will need a wildcard certificate and DNS record for *.[hostname], and if it is doing any type of authentication, it will need a joint client/server certificate to be able to connect to the Shibboleth server (and have end users connect to it as well).
- Also generate a self signed temporary certificate, add the x509 and nodes options to the openssl command line. This will allow continuation of the install process while waiting for the official certificate to be generated.
Code Block cd /home/www/ssl/private openssl req -key `hostname`-key.pem -new -x509 -nodes > ../certs/`hostname`-temp-cert.pem
- When you receive a certificate from MIT Certificates, save it as /home/www/ssl/certs/`hostname`-cert.pem
- to look at a request:
Code Block openssl req -in ./req.pem -text
- to look at the private key:
Code Block openssl rsa -in /home/www/ssl/private/`hostname`-key.pem -text
- to look at the server certificate:
Code Block openssl x509 -in /home/www/ssl/certs/`hostname`-cert.pem -text
- to look at a request:
- Create home directories for ssl.
- Install Apache. If you are using RHEL 5, skip this step.
Code Block cd /home/www/tmp tar \-xzvf /root/httpd-2.2.4.tar.gz cd httpd-2.2.4 ./configure \--prefix=/home/www/apache-2.2.4 \--enable-ssl \ \--with-ssl=/home/www/ssl \ \--enable-modules="most mod_rewrite" \--enable-so make make install ln \-s /home/www/apache-2.2.4 /home/www/apache
- Install additional packages to support PHP, and build it.
Code Block cd /home/www/tmp scp dracus@athena.dialup.mit.edu:/afs/athena.mit.edu/project/amit-dsl/Public/PHP/php-5.2.6.tar.gz . yum -y remove php php-common php-cli php-ldap yum -y install libxml2-devel yum -y install openssl-devel yum -y install ncurses-devel yum -y install e2fsprogs-devel yum -y install krb5-devel yum -y install libidn-devel yum -y install bzip2-devel yum -y install curl-devel yum -y install libpng-devel yum -y install gmp-devel yum -y install libxslt-devel libxslt-python yum -y install openldap-devel yum -y install httpd-devel yum -y install mysql-devel tar -xzvf php-5.2.6.tar.gz cd php-5.2.6 ./configure --enable-shared --with-mysql=shared --with-kerberos=/usr/kerberos \ --with-jpeg-dir --with-libdir=lib64 --prefix=/home/www/php-5.2.6 --with-apxs2 \ --enable-fastcgi --with-openssl --with-mysql-sock=/home/db/mysql/mysql.sock \ --with-mysqli=shared --enable-sockets --enable-soap=shared \ --with-openssl-dir=/home/www/ssl --with-pear=/usr/share/pear \ --enable-bcmath=shared --with-bz2=shared --enable-calendar=shared \ --with-curl=shared --enable-dba=shared --enable-exif=shared --enable-ftp=shared \ --with-gd=shared --with-gmp=shared --without-iconv --with-ldap=shared \ --enable-mbstring=shared --with-ncurses --enable-pcntl --with-pcre-dir \ --with-pdo_mysql=shared --with-pdo_sqlite=shared --enable-posix \ --enable-reflection --enable-session --enable-shmop --enable-simplexml \ --enable-sockets --enable-spl --enable-sysvmsg --enable-sysvsem --enable-sysvshm \ --enable-tokenizer --disable-wddx --enable-xml=shared --enable-xmlreader=shared \ --enable-xmlwriter=shared --with-xsl --enable-zip --enable-filter --enable-hash \ --enable-json --enable-dom --enable-pdo=shared --with-sqlite=shared --enable-libxml make make test make install cd /usr/local ln -s php-5.2.6 php scp dracus@athena.dialup.mit.edu:/afs/athena.mit.edu/project/amit-dsl/Public/PHP/php.ini /usr/local/php/lib scp dracus@athena.dialup.mit.edu:/afs/athena.mit.edu/project/amit-dsl/Public/PHP/phpinfo.php /home/www/apache/html chown -R www:www /home/www
- Configure PHP
Code Block - Configure Apache
- edit /home/www/apache/conf/httpd.conf (N.B.: May not be necessary after above configuration steps, but do check..)
- edit the following directives:
Code Block ServerRoot "/home/www/apache" # change to apache home directory User www # change from daemon Group www # change from daemon Include conf/extra/httpd-vhosts.conf # Uncomment Include conf/extra/httpd-ssl.conf # Uncomment
- add to /home/www/apache/conf/httpd.conf, and the bottom of the other includes:
Code Block # PHP module includes LoadModule php5_module modules/libphp5.so AddHandler php5-script .php AddType text/html .php DirectoryIndex index.php \#AddType application/x-httpd-php-source .phps
- edit the following directives:
- edit /home/www/apache/conf/extra/httpd-vhosts.conf to have ONLY one of the following VirtualHost blocks:
Code Block <VirtualHost *:80> RewriteEngine On RewriteRule ^/(.*) https://hostname.mit.edu/$1 [L,R] </VirtualHost>
- To prevent some web pages from being redirected to https, add an escape clause between "RewriteEngine On" and the RewriteRule:
Code Block RewriteCond % {REQUEST_URI} \!/WarehouseService
- edit /home/www/apache/conf/extra/httpd-ssl.conf and alter the following directives:
Code Block # points to directory for static html files DocumentRoot "/home/www/apache/htdocs" # the servername of the server ServerName gybe.mit.edu:443 # the admins of this server ServerAdmin map-support@mit.edu # error log file ErrorLog /home/www/apache/logs/error_log # access log file TransferLog /home/www/apache/logs/access_log # public server certificate SSLCertificateFile /usr/local/ssl/certs/gybe.mit.edu.pem # private server certificate SSLCertificateKeyFile /usr/local/ssl/private/https-key.pem \#certificate path SSLCACertificatePath /usr/local/ssl/certs # certificate authority key SSLCACertificateFile /usr/local/ssl/certs/mitCA.pem SSLVerifyClient require SSLVerifyDepth 10
- Set the allow and deny line for "<Directory />" section from "Deny from all" to "Allow from all" if you are testing the SSL configuration.
- add the following after the '<Directory "/home/www/apache/cgi-bin">' block in /home/www/apache/conf/extras/httpd-ssl.conf
Code Block SSLOptions +StdEnvVars +ExportCertData
- edit /home/www/apache/conf/httpd.conf (N.B.: May not be necessary after above configuration steps, but do check..)
- Setup the home and init scripts, and link them into runlevels
Code Block cp /home/www/tmp/web /etc/init.d cp /home/www/tmp/apache_home.sh /etc/profile.d/
- edit the variables in the top section of the web file to use the directories and binaries correct for this system
- be certain to check if apache is using a httpdctl or apachectl starter program, usually contained in /home/www/apache/bin, and set the apachectl variable accordingly
- set web to be executable
Code Block chmod a+rx,a-w /etc/init.d/web /etc/profile.d/apache_home.sh
- link startweb and stopweb to the web program, from wherever it is located, and link start scripts in /etc/init.d: (this should be turned into a one-line chkconfig invocation --amb)
Code Block ln -s /etc/init.d/web /root/startweb ln -s /etc/init.d/web /root/stopweb ln -s /etc/init.d/web /etc/rc.d/rc1.d/K15web ln -s /etc/init.d/web /etc/rc.d/rc2.d/K15web ln -s /etc/init.d/web /etc/rc.d/rc3.d/K15web ln -s /etc/init.d/web /etc/rc.d/rc4.d/K15web ln -s /etc/init.d/web /etc/rc.d/rc5.d/K15web ln -s /etc/init.d/web /etc/rc.d/rc6.d/K15web ln -s /etc/init.d/web /etc/rc.d/rc2.d/S15web ln -s /etc/init.d/web /etc/rc.d/rc3.d/S15web ln -s /etc/init.d/web /etc/rc.d/rc4.d/S15web ln -s /etc/init.d/web /etc/rc.d/rc5.d/S15web
- update paths in /etc/profile, by adding the following line in the path manipulation code block (you can find it by searching for /usr/local/sbin)
Code Block pathmunge /usr/local/bin pathmunge /usr/kerberos/bin
- If this is going to be a SDLS server, install Zend Platform. Otherwise, skip this step.
- Go to the web user temp directory, install the Zend Platform installer from Trogdor, and untar it.
- If this is a 32 bit system, use the 32 bit installer.
Code Block cd /home/www/tmp scp root@trogdor:/opt/software-repository-tmp/PHP/ZendPlatform-3.6.2-linux-glibc23-i386.tar.gz . tar \-xzvf ZendPlatform-3.6.2-linux-glibc23-i386.tar.gz cd ZendPlatform-3.6.2-linux-glibc23-i386
- If this is a 64 bit system, use the 64 bit installer.
Code Block cd /home/www/tmp scp root@trogdor:/opt/software-repository-tmp/PHP/ZendPlatform-3.6.2-linux-glibc23-x86_64.tar.gz . tar \-xzvf ZendPlatform-3.6.2-linux-glibc23-x86_64.tar.gz cd ZendPlatform-3.6.2-linux-glibc23-x86_64
- If this is a 32 bit system, use the 32 bit installer.
- Check that /usr/lib is listed in /etc/ld.so.conf and update it if not.
Code Block echo /usr/lib/ >> /etc/ld.so.conf ldconfig
- Shutdown Apache and (temporarily) disable vhosts and ssl. Zend Platform will not install if they are configured.
Code Block /etc/init.d/web stop
- Comment out the following lines in /home/www/apache/conf/httpd.conf:
Code Block \#Include conf/extra/httpd-vhosts.conf \#Include conf/extra/httpd-ssl.conf
- Comment out the following lines in /home/www/apache/conf/httpd.conf:
- Change to the Zend installer directory and start the installer.
Code Block cd /home/www/tmp/ZendPlatform-3.6.2-linux-glibc23-x86_64 ./install
- Press enter through the opening screens, and accept their license.
- Pick option #4, 'Manually specify a different web server' when they ask you which web server to use.
- Give the path to the apachectl program.
- If this is a OS installed version of Apache, give it the standard OS path.
Code Block /usr/sbin/apachectl
- If this is a custom build of Apache, give the Apache bin directory for the web user.
Code Block /home/www/apache/bin/apachectl
- If this is a OS installed version of Apache, give it the standard OS path.
- Select yes to autodetect the configuration directories, and confirm the startup command.
- Once the Zend installer detects the directories, confirm the directories listed are correct.
- The PID file directory will need to be changed to include the full path: /home/www/apache-2.2.3/log/httpd.pid
- The URL will need to FQDN: http://ist-dev-sdls1.mit.edu:80
- Then press '<Ok.>'
- Select 'Custom installation'.
- Select 'Cluster Manager/Standalone server'.
- Specify '/home/www/Zend/Platform' as the install directory.
- Specify 'ZendPlatform' as the directory for administrative files. It will be created under /home/www/apache/htdocs.
- Enter and confirm a password. Make it unique, secure, etc. You will need to enter it twice.
- Review the install preferences, and if they are correct, press '<Yes>'.
- Enable Web Services.
- Do not configure a Java bridge.
- Enable Session Clustering.
- Enable High Availability mode.
- Skip the domain name cookie.
- Select the IP address of the system being configured to use for session clustering.
- Enter the number of processors on the system (available in /proc/cpuinfo). This is '1' for VMs.
- Cache data to the hard disk.
- Accept the default cache size.
- If this is a stand alone server, use '127.0.1.*' for the clustering IP range. If it is part of a larger cluster, put the IP addresses of the other systems in here.
- Select 'Write Through' to store cached sessions.
- Enable Job Queues.
- Select the IP address of the system being configured to use for Job Queues.
- Enter `FQDN`:10003 for the URL and port for Job Queues.
- Enter and confirm a password for Job Queues.
- Enter an alias for the Queue server. May only contain letters and numbers. Example: 'sdlstestqueue'
- Enter the IP address of the system being configured and the IP cluster range from above.
- After a couple of minutes of processing, you should get an installation report. If all components installed successfully, press enter 3 times to get out of the installer. If not, get out of the installer, use the uninstall script in /home/www/Zend/Platform/bin/uninstall_Plat.sh to remove the installation, and move the php.ini file from /etc before making corrections and trying again.
- If Zend Platform has been successfully installed, reconfigure Apache to use SSL and Vhosts by uncommenting their associated lines in /home/www/apache/conf/httpd.conf, and bounce Apache with /etc/init.d/web.
- Go to the web user temp directory, install the Zend Platform installer from Trogdor, and untar it.
- Install the PHP info file.
Code Block scp dracus@athena.dialup.mit.edu:/afs/athena.mit.edu/project/amit-dsl/Public/PHP/phpinfo.php /home/www/apache/htdocs/
- Make certain all files have appropriate ownership.
Code Block chown -R www:www /home/www
- To start and stop tomcat and apache, use the initialization scripts in /etc/init.d. Be certain to leave them running when you are finished.
- starting
Code Block /etc/init.d/web start
- stopping
Code Block /etc/init.d/web stop
- starting