Tuesday, June 30, 2009

Tips and tricks on installing CentOS 5.3 x86_64, Vmware 2.0.1, eRPTS on an IBM X3400.

I was in Binalonan last weekends to help my friend Bryan setup his electronic Real Property System on his brand new server. This is to share what we basically did...

Specs: Intel Quad Core 2.0 with Intel VT, 3 x 250 SATA HDD (hot swappable), 8Gb RAM DDR2

For RAID configuration, please refer to documentation as provided by the IBM supplier.

In our case, we did a RAID 1 on the first 2 HD, while the remaining HD was configure as a hot spare.

Get CentOS 5.3 x86_64 from http://centos.org. Best download speed is via Torrent. Make sure you get the x86_64 to maximize your machine.

Install CentOS. For best results, allocate partitions for the following /boot, /, swap, /tmp, /usr, /var, /home, and a separate partition for the vmware machines (e.g. /vmware).

On selecting packages to install, make sure you check on the Development Libraries and Development Tools and try to prune other packages that you may not need at all (e.g. openoffice, gimp, etc.). As a server, you may also opt to put a password on your boatloader.

Upon installation, configure network first to a static IP (e.g. 192.168.10.200) and make sure it will connect to the Internet.

Update your CentOS installation
$ yum update
Reboot after update.

Edit /etc/fstab. On the options concerning ext3 partitions, put noatime after defaults as an optimization.
/dev/sda1 /boot ext3 defaults,noatime 1 1
Then edit /etc/sysctl.conf to add the following lines at the bottom:
vm.swappiness = 0
vm.overcommit_memory = 1
vm.dirty_background_ratio = 5
vm.dirty_ratio = 10
vm.dirty_expire_centisecs = 1000
dev.rtc.max-user-freq = 1024
You must also turn off some services that your host server won't need during boottime like cups, etc.

Reboot for the new optimizations to take effect.

Install VMWare 2.0.1. Check documentation for installation instructions. Actually you can accept almost all the defaults except for the location of the virtual machine which you must set to the partition you intended solely for erpts (e.g. /vmware).

After installation, edit /etc/vmware/config:

If your CPU was 2.0 then its
host.cpukHz=2000000
Then add the following lines
host.noTSC = TRUE
ptsc.noTSC = TRUE
Access Vmware with your web browser via http://localhost:8222, with root as admin user.

Edit host configuration as desired.

We may now create a virtual machine where we will install eRPTS.

Tips: When adding a virtual disk, put a check on Allocate Disk Space Now and Split into 2Gb files. Under policies, select Optimize for Performance. We allocated 40 Gb of disk space for this VM.

Allocate at least 2Gb of RAM and use only single processor. No need to add floppy disk and USB controller. Configure NIC to Bridged.

You may now proceed with the installation of erpts. You may also partition your drive into /boot, /, swap, /tmp, /usr, /home, and /var. Take note that /var should have the biggest allocation, perhaps not lower than 20Gb for it will store the database files. Partitioning on this case will ease down I/O traffic.

Configure network to a static ip that is in range with the static IP of the host machine. (e.g. 192.168.10.100). Apply erpts patches as instructed during the trainings. Update the database into 57 tables.

Time again for some optimizations in the eRPTS Guest Machine...

Edit /etc/fstab and add noatime on /var line...
/dev/sda5 /var ext3 defaults,noatime 1 2
Download the following kernel packages (optimized kernels for vm guests)
http://people.centos.org/tru/kernel-vm/4/RPMS/i386/kernel-vm-2.6.9-78.0.22.EL.i686.rpm
http://people.centos.org/tru/kernel-vm/4/RPMS/i386/kernel-vm-devel-2.6.9-78.0.22.EL.i686.rpm
Install the kernel and development libraries with the –-nodeps option
rpm -ivh -–nodeps kernel-vm-2.6.9-78.0.22.EL.i686.rpm
rpm -ivh –-nodeps kernel-vm-devel-2.6.9-78.0.22.EL.i686.rpm
Edit /boot/grub/menu.list. Make sure the default is set to 0.

And add the following at the end of the kernel line of kernel-vm-xxxx
noapic nolapic acpi=off clocksource=acpi_pm elevator=noop
Save and exit.

Edit /etc/sysctl.conf to add the following lines
vm.swappiness = 0
vm.overcommit_memory = 1
Then remove unnecessary services during boot time like cups, smb, etc. YMMV

Reboot guest machine for settings to take effect.

On the host machine, edit the .vmx file of the just created virtual machine. Its located where you put the virtual machine itself.

Add the following lines at the bottom
MemTrimRate = “0″
sched.mem.pshare.enable = “FALSE”
MemAllowAutoScaleDown = “FALSE”
Optional!

It is possible to install the latest phpmyadmin on eRPTS. Get phpmyadmin on their website.

You may also install the mysql 4.1 package from eBPLS with instructions to be posted here soon.

Use with caution though and as always, YMMV. :)

Wait! No USB? Well now that you are a linux sysad, try using the scp command to transfer files from your host machine to the guest machine. Syntax is as follows:
scp sourcefiles root@ipaddressofguestmachine:/specific/path/of/target/folder
And how did this installation fare? We chose a certain page at eRPTS where it usually takes them around 60 to 80 seconds to open. With this setup, it now opens in only about 3 to 8 seconds.

Not bad, aye?

That's all for now, I hope this helps!

Wednesday, April 15, 2009

Faceoff: PCLOS 2009.1 vs LinuxMint KDE CE 6

In the past few days, I was lucky to be able to test drive two wonderful Linux distributions that both promises to work "out of the box" -- PCLinuxOS 2009.1 and LinuxMint KDE Community Edition 6.

My rig is only a Lenovo G400, with 1Gb of RAM, 120 Gb SATA HD, Built in Video (‎Mobile 945GM/GMS, 943/940GML Express Integrated Graphics Controller) and Sound (82801G (ICH7 Family) High Definition Audio Controller), NetLink BCM5906M Fast Ethernet PCI Express as NIC, and BCM4311 802.11b/g WLAN for Wireless.

Before using trying out these two distros, I was happily using Ubuntu 8.10 on this laptop.

PCLOS and Mint KDE share many similar characteristics. They both use the K Desktop Environment. They are both derivatives from "bigger" Linux distros. Both promised an excellent "out of the box" experience thus loaded with the necessary plugins and codecs needed for every average user to enjoy his/her everyday computer use. Both distros are using the Synaptic Package Manager for software management. Development of both distros are being led by one guy namely Texstar for PCLOS, and Clem for LinuxMint.

But the similarity ends here.

PCLOS is based on Madriva Linux while LinuxMint KDE CE is based on Ubuntu. PCLOS is a meta or rolling distro, Mint is not. PCLOS is true to its promise of being able to play almost all types of media files, with LinuxMint KDE, I don't have sound on some .3gp and .mp4 files.

Although both uses Synaptic, PCLOS uses rpms while Mint uses debs. PCLOS uses KDE 3.5.10, while LinuxMint is now using KDE 4.2.

Installation with both distros on this rig is a breeze as I didn't encountered any problems at all with both distros using easy to use wizards.

On hardware support, I had varying results.

PCLOS was not able to activate my Fn keys at the start (I had to install Keytouch), while LinuxMint was able to activate almost every key right after installation. I also have this feeling that LinuxMint KDE 6 handled power management for this laptop better than PCLinuxOS but then again, both were able to suspend my laptop well and that what matters most.

Network management is way too easy with PCLOS than that of the KNetwork Manager installed on LinuxMint KDE 6. To make matters worst for Mint, I can't seem to make my wireless work. It was so easy with Ubuntu 8.10 but a no go with Mint (this was the ultimate deal breaker for me). With PCLOS, I didn't had to install or download anything. I simply configured it with the wizard incorporated on its Control Center. No fuss or whatsoever.

Built in sound just works, the same thing with the video as both can use Compiz with it.

More softwares are installed by default with PCLOS. However, I had problems with Frostwire which I had to do a "killall" command before I can kill it. HDDTEMP and POWERTOP aren't working well on PCLOS too. HDDTEMP on PCLOS says that it doesn't support my drive but hddtemp on Mint can. PowerTop on PCLOS doesn't work on my Lenovo, but powertop on Mint just works.

However, perhaps its because of KDE 4.2, I had stability problems with LinuxMint KDE 6. Random crashes and slowdowns. I can't use the wireless card with it. Mint doesn't even have a GUI for connecting with PPPOE. And as compared with KDE 3.5 and the PCLOS Control Center, Mint doesn't offer as much tools to work onas PCLOS does.

And personally, I don't like Amarok 2 on Mint as much as I love Amarok on PCLOS. Kaffeine on PCLOS is able to play almost everything, unlike VLC or DragonPlayer on Mint which can "play" some videos but with no sound. Where is the joy in that?

After an update using mintUpdate, I found myself wondering why I can't hear anymore any sound with Youtube videos with Mint. Did I just broke something with that update? Along the way, I also unknowingly broke my Mint system as some widgets (which I love so much) suddenly ceased to function. I didn't know what happened. I just installed some apps using mintInstall then after a reboot, some of my widgets aren't functioning anymore much to my dismay.

And with Mint, sometimes when I try to restart or shut it down, sometimes it will turn off or restart, sometimes it just sits there doing nothing.

PCLOS is much more stable. Almost every app from the repos works well except for the three apps I mentioned earlier. And I haven't ever experienced breaking my system after an update.

One thing I like more about PCLOS is that it has its very own repository of applications unlike in Mint where I still see some Ubuntu lines on their /etc/apt/sources.list file.

And the mklivecd script simply rocks with PCLOS along with RedoMBR and other utilities which Mint doesn't unfortunately have. (Or perhaps they some equivalent but still mklivecd works better than the others)

My verdict?! Obviously, after installing PCLOS then wiping it out for LinuxMint, here I am again with PCLOS. So how was I able to restore my PCLOS installation so easily? Good thing that I used mklivecd to create my very own PCLinuxOS, loaded with my fave goodies and with all the updates.

I simply reinstalled the whole thing using my custom PCLOS and everything were back to its proper places. :)

Make no mistake about it. This is not an anti LinuxMint or anti KDE 4.2 post. I love LinuxMint especially its main Gnome edition. I love how KDE 4.2 looks and still fancy plasma, plasmoids, widgets or whatever you want to call them. (Hey, I miss the Picture Frame widget!!!)

But I have a life to live and a choice to make.

Perhaps someday when the Ripper Gang is finished with their KDE 4.x rendition, I won't hesitate to install and use KDE 4.x on this laptop knowing that it is finally stable to let me get my job done.

Monday, January 26, 2009

IpKungfu NAT + DHCP server + Transparent SquidI

For 2 months and a half, I forced myself to believe that an appliance router would be enough to share our (measly) internet connection within our local area network.

Well, it was actually enough to share the internet connection but not enough to control how it shares the connection and speed it up. Since it was configured as a DHCP server, we are having a hard time monitoring what PC is viewing this and that. We also cannot effectively filter out "undesireable websites" via the appliance router.

So I had to go back to my old setup... NAT + Squid + Built-in Filter and now plus DHCP server. We were using Ubuntu 8.10 and I thought it would be easy after all this time I am configuring such setup. It was actually easy, except for one thing... NETWORK setup on Intrepid.

Okay, here is the setup. I have two NICs, eth0 and eth1. eth1 is connected to the Internet with a dynamic IP while eth0 is connected to the LAN and to be configured with a static IP.

I tried to use the built-in Network Manager but there seems to be a bug on it. It won't save static IP configuration after a reboot. So, eventhough I have configured eth0 with an IP of let's say 192.168.2.1... after a reboot it would still and again ask for a dynamic IP.

Darn!

Perhaps, there could be other better solutions out there for static IP to work on Network Manager but I did it on a way that I am comfortable... get my hands dirty on /etc/network/interfaces. Here it goes!

1. Disable Network Manager
sudo update-rc.d -f NetworkManager remove
1.1 Open and edit /etc/network/interfaces (dynamic eth1, static eth0).
gksu gedit /etc/network/interfaces
My /etc/network/intercafes looks like this:
auto lo eth0 eth1
iface lo inet loopback
iface eth0 inet static
address 192.168.2.1
netmask 255.255.255.0

iface eth1 inet dhcp
Reboot

2. Install and configure DHCP

2.1 Install
sudo apt-get install dhcp3-server
2.2 Configure DHCP to provide reserved IPs to specific computers.

2.2.1 Open DHCP conf file, edit to provide ip range 192.168.2.0/24 plus reserved IPs for specific PCs.
gksu gedit /etc/dhcp3/dhcpd.conf
Copy, paste, and edit the following configuration according to your LAN settings (leave out the comments),
default-lease-time 600;
max-lease-time 7200;

option subnet-mask 255.255.255.0;
option broadcast-address 192.168.1.255;
option routers 192.168.2.1; # This should be your Squid/NAT server
option domain-name-servers 208.67.222.222, 208.67.220.220; # These are OpenDNS settings
subnet 192.168.2.0 netmask 255.255.255.0 {
range 192.168.2.160 192.168.2.169; # Edit accordingly
}
host linksys {
hardware ethernet 00:21:29:65:7a:66;
fixed-address 192.168.2.170;
}
host ecenter1 {
hardware ethernet 00:07:e9:01:b5:dc;
fixed-address 192.168.2.171;
}
host ecenter2 {
hardware ethernet 00:07:e9:01:bc:be;
fixed-address 192.168.2.172;
}
Of course, we have more PCs but I have to cut it to three. :) To get the MAC address of each PC, issue the ifconfig command (ipconfig /all for Windows PC).

2.2.3 Restart dhcpd for the settings to take effect.
sudo service dhcpd restart
3. Configure NAT via Ipkungfu (transparent redirection will be done later)

3.1 To save space, Please just read my blogspot on this at LINK . Additional info at LINK, which was actually partially based on my blogspot too. :) Don't forget to reboot thereafter.

4. Configure squid with minimal configuration. I just lifted and edited accordingly my previous post on this:

First install squid via apt-get or synaptic:
sudo apt-get install squid
After installation, edit Squid's configuration file:
sudo gedit /etc/squid/squid.conf
In the /etc/squid/squid.conf file, search and edit the following options/tags:

#TAG:http_port
http_port 3128 transparent

#OPTION WHICH AFFECT THE CACHE SIZE
cache_mem (1/4 of the your RAM) MB

(e.g. assuming your RAM is 1Gb then its "cache_mem 250 MB")

#LOGFILE PATHNAMES AND CACHE DIRECTORIES
#cache_dir ufs /var/spool/squid 100 16 256
cache_dir diskd /cache (capacity of your /cache in MB) 16 256

(make sure /cache already exists)

#RECOMENDED MINIMUM CONFIGURATION
acl netxxx src xxx.xxx.xxx.xxx/xxx.xxx.xxx.xxx

(specify your network and netmask e.g. "acl mynet src 192.168.0.0/255.255.255.0)

# AND FINALLY DENY ALL OTHER ACCESS TO THE PROXY
http_access allow netxxx

(e.g. "http_access allow mynet")

#TAG:Visible_hostname
visible_hostname (yourserver name)

At the terminal, change the ownership of the existing /cache folder:
sudo chown proxy:proxy /cache
Then create swap directories at /cache:
sudo squid -z
Then fireaway squid!
sudo /etc/init.d/squid start
5. Enable transparent redirection via IpKungfu

5.1 Open and edit /etc/ipkungfu/redirection.conf.
gksu gedit /etc/ipkungfu/redirection.conf
Uncomment the line that has 3128 on it.
tcp:80:3128:internal # transparent squid proxy
5.2 Restart IpKungfu for settings to take effect.
sudo /etc/init.d/ipkungfu restart
My squid configuration was actually configured to filter out undesirable websites and that will be tackled on my next blogpost.

Till then!