Micro Maintenance: Difference between revisions
No edit summary |
|||
| (6 intermediate revisions by 2 users not shown) | |||
| Line 1: | Line 1: | ||
<H1 ALIGN="CENTER"><FONT SIZE="-1"></FONT> |
|||
'''William Cash''' |
|||
<BR> |
|||
| ⚫ | |||
<DIV> |
|||
<P ALIGN="CENTER"><STRONG>William Cash</STRONG></P> |
|||
</DIV> |
|||
<P ALIGN="CENTER">[[ Apr 23 ]], [[2013]]</P> |
|||
<P> |
|||
<BR><HR> |
|||
<!--Table of Child-Links--> |
|||
| ⚫ | |||
== Software Updates == |
== Software Updates == |
||
| Line 151: | Line 161: | ||
The following is a summary of the tasks performed in the System Upgrade on Mar 22, 2013. |
The following is a summary of the tasks performed in the System Upgrade on Mar 22, 2013. |
||
== Prepping and Backing up the system == |
|||
This stage is crucial. There's a lot of irreplaceable data that you can vanish in heartbeat if you aren't prepared. Ideally you can create an additional RAID mirror of micro's hard drives. That way if something bad happens you can install the extra hard drive and rebuild the old RAID array. Creating an additional RAID mirror is somewhat complicated, but the steps are essentially: |
|||
1) Create identical RAID partitions and format the drive with the same file system |
|||
2) '''ADD''' the disk to RAID raid array |
|||
3) '''Grow''' the RAID array |
|||
4) Wait for the mirror to be built |
|||
It's important that you not only add the drive to the RAID array, but you also grow the array to have three disks! Simply adding the drive will not create a mirror. The mirroring process on micro's 1TB drives should take over 3 hours. You can check the status using 'cat /proc/mdstat'. If it doesn't take several hours you did something wrong. |
|||
You also need to dump all of the relevant MySQL databases so that you can restore them on the new system. You can do this using mysqldump or with phpmyadmin. Just make sure you dump them BEFORE you install the new operating system. It will save you a lot of headaches. |
|||
It's not necessary to dump the SVN repositories because you can simply copy their entire directories, but it can't hurt. |
|||
To be continued... |
|||
== Setting up web server == |
|||
Micro hosts several websites that depend on MySQL databases. As a security feature each website has its own SQL user. These users need to be created on the new system. |
|||
List of all the websites: |
|||
1) [http://micro.stanford.edu/wiki/Main_Page wiki] |
|||
2) Users home pages |
|||
2) [http://micro.stanford.edu/~caiwei/CSD-Book/ Book Computer Simulations of Dislocations] |
|||
3) [http://paradis.stanford.edu/ ParaDiS] |
|||
4) [http://micro.stanford.edu/MDpp/ MD++] |
|||
5) [https://micro.stanford.edu/viewvc/ ViewVC] |
|||
6) [https://micro.stanford.edu/svn/ SVN] |
|||
7) [https://micro.stanford.edu/journal-repository/ Journal repository] |
|||
8) [http://dislocations2008.stanford.edu/ Dislocations 2008] |
|||
Increase the maximum uploaded file size for the journal repository to 30 MB in /etc/php5/apache2/php.ini |
|||
post_max_size = 30M |
|||
== Installing Unison == |
|||
[http://www.cis.upenn.edu/~bcpierce/unison/ Unison] is installed on micro using the command |
|||
sudo apt-get install unison |
|||
Currently the version 2.40 is installed. |
|||
Unison allows file synchronization across platforms. The binary executables for Windows PCs can be downloaded at [http://www.cis.upenn.edu/~bcpierce/unison/download.html here]. [http://sourceforge.net/projects/gtk-win/?source=dlp Gtk run time libraries] need to be installed on Windows PCs for Unison to run. |
|||
== Installing Unicode == |
|||
The command '''unicode''' is installed on micro using the command |
|||
sudo apt-get install unicode |
|||
Latest revision as of 06:50, 20 May 2013
How to Maintain the Computer Server Micro.stanford.edu
William Cash
Software Updates
The computer is set up to install security updates by itself. But regular updates need to be performed manually by the following steps.
Step 1: login to micro If packages need to be updated. There should be messages like:
3 packages can be updated.
Step 2: Get updates and install
sudo apt-get upgrade
Step 3: Checking the health of RAID array
cat /proc/mdstat
The output should look like the following:
Personalities : [linear] [multipath] [raid0] [raid1] [raid6] [raid5] [raid4] [raid10]
md1 : active raid1 sda2[0] sdb2[1]
4103104 blocks super 1.2 [2/2] [UU]
md0 : active raid1 sda1[0] sdb1[1]
972524352 blocks super 1.2 [2/2] [UU]
unused devices: <none>
If the output does not look like that, then something is wrong and the issue should be addressed as soon as possible.
Reboot
It is a good idea to reboot the computer from time to time, by the following command.
sudo reboot
(We are trying to schedule the computer to reboot automatically every two weeks.)
Disks and Backup
The computer's internal hard disk is configured to be RAID 1 (mirror, 1TB).
The computer has an external hard disk (RAID 1, 750GB spread over 2 partitions), which can be mounted by the following command. (The external hard disk is really two regular internal disks in a box.)
sudo mount /dev/sdc2 /mnt/group_backup
The letter/number after /dev may change, which is a problem.
(External hard disks need to be checked.)
(We are trying to set up an automatic backup of important files and web pages on the external hard disk.)
Create New SVN
Here is how to create a new SVN repository, using PIMC++ as an example. Superuser privilege is required.
Step 1: change directory to the repository directory and create new svn directory:
cd /var/www/svn sudo svn mkdir PIMC++
Step 2: import files:
sudo svn import /path_to_files/PIMC++/ file:///var/svn/www/PIMC++ -m "Initial Import"
Step 3: change ownership from root to Apache:
sudo chown -R www-data PIMC++ sudo chgrp -R www-data PIMC++
Step 4: Modify 'svn_roots' in ViewVC config file to include new subversion:
sudo vi /etc/viewvc/viewvc.conf
...
svn_roots = DD2D: /var/www/svn/DD2D,
DDLab: /var/www/svn/DDLab,
DDLab2D: /var/www/svn/DDLab2D,
DDLab_ThinFilm: /var/www/svn/DDLab_ThinFilm,
LAMMPS: /var/www/svn/LAMMPS,
MD++: /var/www/svn/MD++,
ParaDiS: /var/www/svn/ParaDiS,
Qbox: /var/www/svn/Qbox,
VASP: /var/www/svn/VASP,
ParaDiS-global: /var/www/svn/ParaDiS-global,
PIMC++: /var/www/svn/PIMC++
...
Step 5: Add PIMC++ to the Apache https webserver:
sudo vi /etc/apache2/sites-available/default-ssl
...
<Location /svn/PIMC++>
DAV svn
# SVNListParentPath on
SVNPath /var/www/svn/PIMC++
AuthType Basic
AuthName "PIMC++ SVN"
AuthUserFile /etc/apache2/passwd/svn-passwd
AuthGroupFile /etc/apache2/passwd/svn-groups
SSLRequireSSL
Require group pimc members
</Location>
...
Step 6: Restart Apache:
sudo /etc/init.d/apache2 restart
If you want to add a new user to an existing SVN:
sudo htpasswd -m /etc/apache2/passwd/svn-passwd new_user's_name
Then add the new username to the appropriate group of svn-groups:
sudo vi /etc/apache2/passwd/svn-groups
Connecting to micro over SSH
Micro's SSH has several additional security features to prevent it from being hacked by brute force attacks. Everyday micro has numerous connection attempts from around the world, you can check the logs in /var/log/auth.log. I've disabled password authentication by setting
vi /etc/ssh/sshd_config
...
PasswordAuthentication no
...
and restarting apache.
sudo service apache2 restart
I also installed the program denyhosts to prevent someone from trying too log in too many times unsuccessfully in a short period of time.
sudo apt-get install denyhosts
To connect to micro you need to have an RSA key generated on your own computer. On a *NIX operating system you can run the command:
ssh-keygen -t rsa -b 4096
This will create a public key in ~/.ssh/id_ra.pub. You then need to copy the contents of this file to ~/.ssh/authorized_keys on micro. You can add as many keys as you like to this file to connect from all of your computers. Another option is to copy the contents of your public keys by temporarily enabling password authentication and using the command 'ssh-copy-id'.
System Upgrade
The operating system of Micro has been updated Mar 22, 2013 by William Cash. The upgraded system will receive updates until Apr 2017, after which the operating system is obsolete. Another manual update will be needed at that time.
The following is a summary of the tasks performed in the System Upgrade on Mar 22, 2013.
Prepping and Backing up the system
This stage is crucial. There's a lot of irreplaceable data that you can vanish in heartbeat if you aren't prepared. Ideally you can create an additional RAID mirror of micro's hard drives. That way if something bad happens you can install the extra hard drive and rebuild the old RAID array. Creating an additional RAID mirror is somewhat complicated, but the steps are essentially: 1) Create identical RAID partitions and format the drive with the same file system 2) ADD the disk to RAID raid array 3) Grow the RAID array 4) Wait for the mirror to be built
It's important that you not only add the drive to the RAID array, but you also grow the array to have three disks! Simply adding the drive will not create a mirror. The mirroring process on micro's 1TB drives should take over 3 hours. You can check the status using 'cat /proc/mdstat'. If it doesn't take several hours you did something wrong.
You also need to dump all of the relevant MySQL databases so that you can restore them on the new system. You can do this using mysqldump or with phpmyadmin. Just make sure you dump them BEFORE you install the new operating system. It will save you a lot of headaches.
It's not necessary to dump the SVN repositories because you can simply copy their entire directories, but it can't hurt.
To be continued...
Setting up web server
Micro hosts several websites that depend on MySQL databases. As a security feature each website has its own SQL user. These users need to be created on the new system.
List of all the websites:
1) wiki 2) Users home pages 2) Book Computer Simulations of Dislocations 3) ParaDiS 4) MD++ 5) ViewVC 6) SVN 7) Journal repository 8) Dislocations 2008
Increase the maximum uploaded file size for the journal repository to 30 MB in /etc/php5/apache2/php.ini
post_max_size = 30M
Installing Unison
Unison is installed on micro using the command
sudo apt-get install unison
Currently the version 2.40 is installed.
Unison allows file synchronization across platforms. The binary executables for Windows PCs can be downloaded at here. Gtk run time libraries need to be installed on Windows PCs for Unison to run.
Installing Unicode
The command unicode is installed on micro using the command
sudo apt-get install unicode