Ams
De Admin -- TALEVAS.
(Différences entre les versions)
(→Frontaux) |
(→PHP 5.4 Apache Spec) |
||
| (16 révisions intermédiaires par un utilisateur sont masquées) | |||
| Ligne 73 : | Ligne 73 : | ||
front01.prod.allmyski.info -- front02.prod.allmyski.info | front01.prod.allmyski.info -- front02.prod.allmyski.info | ||
| − | + | apt-get install linux-image-3.2.0-31-generic | |
| − | + | update-grub2 | |
| + | vim /boot/grub/grub.cfg => changer le default | ||
| + | |||
apt-get update | apt-get update | ||
| + | apt-get upgrade | ||
apt-get install openvpn | apt-get install openvpn | ||
| − | apt-get install htop tree nfs-client openntpd htop php5 php5-mysql python-soappy python keepalived memcached | + | apt-get install htop tree nfs-client postfix openntpd htop php5 php5-mysql python-soappy python keepalived memcached php5-memcached syslog-ng |
lvcreate -L 50G -nwww vg | lvcreate -L 50G -nwww vg | ||
mkfs.ext3 /dev/mapper/vg-www | mkfs.ext3 /dev/mapper/vg-www | ||
| Ligne 87 : | Ligne 90 : | ||
mount /var/www/shared | mount /var/www/shared | ||
| − | === PHP 5.4 === | + | === PHP 5.4 Apache Spec === |
apt-get install python-software-properties | apt-get install python-software-properties | ||
add-apt-repository ppa:ondrej/php5 | add-apt-repository ppa:ondrej/php5 | ||
| Ligne 94 : | Ligne 97 : | ||
| − | a2enmod rewrite | + | a2enmod rewrite ssl |
service apache2 restart | service apache2 restart | ||
| − | + | === Keepalived Spécifiques === | |
| − | + | ||
| − | + | chmod +x /etc/keepalived/front01.failover.py | |
| − | + | chmod +x /etc/keepalived/front02.failover.py | |
| − | + | ||
| − | + | ifconfig tunl0 ${VIP_HTTPS} netmask 255.255.255.255 broadcast ${VIP_HTTPS} | |
| − | + | ifconfig tunl0 87.98.251.179 netmask 255.255.255.255 broadcast 87.98.251.179 | |
| + | |||
| + | iptables -t mangle -I PREROUTING -i eth0 -p tcp -m tcp -s 0/0 -d 87.98.251.179 --dport 80 -j MARK --set-mark 0x1 | ||
| + | iptables -t mangle -I PREROUTING -i tunl0 -p tcp -m tcp -s 0/0 -d 87.98.251.179 --dport 80 -j MARK --set-mark 0x0 | ||
| + | - virtual_server 87.98.251.179 80 { | ||
| + | + virtual_server fwmark 1 { | ||
| − | + | === Mise en place de SkiVoiturage === | |
| − | + | ==== injection DB ==== | |
| − | + | ||
| − | + | Erreur | |
| − | + | ||
| + | Requête SQL: | ||
| + | |||
| + | -- | ||
| + | -- Contraintes pour la table `ams_user_data` | ||
| + | -- | ||
| + | ALTER TABLE `ams_user_data` ADD CONSTRAINT `ams_user_data_ibfk_2` FOREIGN KEY ( `uda_usr_id` ) REFERENCES `ams_user` ( `usr_id` ) ON DELETE CASCADE ON UPDATE NO ACTION , | ||
| + | ADD CONSTRAINT `fk_ams_user_data_ams_city1` FOREIGN KEY ( `uda_cty_id` ) REFERENCES `ams_city` ( `cty_id` ) ON DELETE NO ACTION ON UPDATE NO ACTION ; | ||
| + | |||
| + | MySQL a répondu: Documentation | ||
| + | #1452 - Cannot add or update a child row: a foreign key constraint fails (`allmyski`.<result 2 when explaining filename '#sql-d72_72'>, CONSTRAINT `fk_ams_user_data_ams_city1` FOREIGN KEY (`uda_cty_id`) REFERENCES `ams_city` (`cty_id`) ON DELETE NO ACTION ON UPDATE ) | ||
| − | |||
| + | ==== Le PHP qd on met en 'production' ==== | ||
| − | + | Oct 22 07:21:42 10.8.1.16 skivoiturage_error: [Mon Oct 22 07:21:42 2012] [error] [client 82.227.229.68] PHP Fatal error: Uncaught exception 'Zend_Config_Exception' with message 'Section 'production' cannot be found in /var/www/skiVoiturage/application/configs/eventManager.ini' in /var/www/skiLibraries/Zend/Config/Ini.php:151\nStack trace:\n#0 /var/www/skiLibraries/Zend/Application.php(386): Zend_Config_Ini->__construct('/var/www/skiVoi...', 'production')\n#1 /var/www/skiLibraries/Zend/Application.php(130): Zend_Application->_loadConfig('/var/www/skiVoi...')\n#2 /var/www/skiLibraries/Zend/Application.php(92): Zend_Application->setOptions(Array)\n#3 /var/www/skiVoiturage/public/index.php(33): Zend_Application->__construct('production', Array)\n#4 {main}\n thrown in /var/www/skiLibraries/Zend/Config/Ini.php on line 151 | |
| + | Oct 22 07:21:42 10.8.1.12 skivoiturage_error: [Mon Oct 22 07:21:42 2012] [error] [client 82.227.229.68] PHP Warning: require_once(Zend/Application.php): failed to open stream: No such file or directory in /var/www/skiVoiturage/public/index.php on line 19 | ||
| + | Oct 22 07:21:42 10.8.1.12 skivoiturage_error: [Mon Oct 22 07:21:42 2012] [error] [client 82.227.229.68] PHP Fatal error: require_once(): Failed opening required 'Zend/Application.php' (include_path='/var/www/skiVoiturage/libraries::.:/usr/share/php:/usr/share/pear') in /var/www/skiVoiturage/public/index.php on line 19 | ||
| + | === bench === | ||
| − | + | siege -b -t30s 87.98.251.179/index.php | |
| − | + | ** SIEGE 2.72 | |
| − | + | ** Preparing 15 concurrent users for battle. | |
| − | + | The server is now under siege... | |
| − | + | Lifting the server siege... done. | |
| − | + | ||
| + | Transactions: 203907 hits | ||
| + | Availability: 100.00 % | ||
| + | Elapsed time: 29.69 secs | ||
| + | Data transferred: 8.17 MB | ||
| + | Response time: 0.00 secs | ||
| + | Transaction rate: 6867.87 trans/sec | ||
| + | Throughput: 0.28 MB/sec | ||
| + | Concurrency: 14.88 | ||
| + | Successful transactions: 203907 | ||
| + | Failed transactions: 0 | ||
| + | Longest transaction: 0.05 | ||
| + | Shortest transaction: 0.00 | ||
=== MONIT === | === MONIT === | ||
Version actuelle en date du 28 octobre 2012 à 17:42
Sommaire |
Admin
admin.prod.allmyski.info
newaliases
Installation
lvcreate -L10G -ngit vg mkfs.ext3 /dev/mapper/vg-git mkdir /home/config echo "/dev/mapper/vg-git /home/config ext3 defaults 0 0" >> /etc/fstab mount /home/config lvcreate -L 100G -nfrontlog vg mkfs.ext3 /dev/mapper/vg-frontlog mkdir /home/log echo "/dev/mapper/vg-frontlog /home/log ext3 defaults 0 0" >> /etc/fstab mount /home/log lvcreate -L 100G -nbackup vg mkfs.ext3 /dev/mapper/vg-backup mkdir /home/backup echo "/dev/mapper/vg-backup /home/backup ext3 defaults 0 0" >> /etc/fstab mount /home/backup rm -rf /home/backup/lost* rm -rf /home/log/lost* rm -rf /home/config/lost* rm -rf /home/lost* rm -rf /tmp/lost* apt-get update apt-get install tree htop zip openntpd git-core proftpd rsnapshot apt-get install -yq openvpn
http://doc.ubuntu-fr.org/openvpn
git config --global user.name "Damien" git config --global user.email "damien@talevas.com" git config --global core.autocrlf input git config --global core.safecrlf true
backups
Tout les jours à 3h30 on récupère le contenu de /var/www/upload dans /home/backup/. Toutes les semaines (le Lundi à 4h ) on archive une version.
mkdir /home/backup/front/ cat /etc/cron.d/rsnapshot # This is a sample cron file for rsnapshot. # The values used correspond to the examples in /etc/rsnapshot.conf. # There you can also set the backup points and many other things. # # To activate this cron file you have to uncomment the lines below. # Feel free to adapt it to your needs. 30 3 * * * root /usr/bin/rsnapshot -c /etc/rsnapshot-front.conf daily 0 4 * * 1 root /usr/bin/rsnapshot -c /etc/rsnapshot-front.conf weekly
Ainsi les archives sont consultables dans /home/backup/ et s'ordonnent ainsi :
tree /home/backup/
.
└── front
├── daily.0
│ └── var
│ └── www
│ └── upload
└── daily.1
└── var
└── www
└── upload
Frontaux
front01.prod.allmyski.info -- front02.prod.allmyski.info
apt-get install linux-image-3.2.0-31-generic update-grub2 vim /boot/grub/grub.cfg => changer le default apt-get update apt-get upgrade apt-get install openvpn apt-get install htop tree nfs-client postfix openntpd htop php5 php5-mysql python-soappy python keepalived memcached php5-memcached syslog-ng lvcreate -L 50G -nwww vg mkfs.ext3 /dev/mapper/vg-www echo "/dev/mapper/vg-www /var/www ext3 defaults 0 0" >> /etc/fstab mount /var/www mkdir /var/www/shared/ # mount -t nfs 10.16.101.6:/nas-000108/mininas-001386 /var/www/shared/ echo "10.16.101.6:/nas-000108/mininas-001386 /var/www/shared/ nfs rw,_netdev,mountproto=tcp 0 0 " >>/etc/fstab mount /var/www/shared
PHP 5.4 Apache Spec
apt-get install python-software-properties add-apt-repository ppa:ondrej/php5 apt-get update apt-get install php5
a2enmod rewrite ssl service apache2 restart
Keepalived Spécifiques
chmod +x /etc/keepalived/front01.failover.py
chmod +x /etc/keepalived/front02.failover.py
ifconfig tunl0 ${VIP_HTTPS} netmask 255.255.255.255 broadcast ${VIP_HTTPS}
ifconfig tunl0 87.98.251.179 netmask 255.255.255.255 broadcast 87.98.251.179
iptables -t mangle -I PREROUTING -i eth0 -p tcp -m tcp -s 0/0 -d 87.98.251.179 --dport 80 -j MARK --set-mark 0x1
iptables -t mangle -I PREROUTING -i tunl0 -p tcp -m tcp -s 0/0 -d 87.98.251.179 --dport 80 -j MARK --set-mark 0x0
- virtual_server 87.98.251.179 80 {
+ virtual_server fwmark 1 {
Mise en place de SkiVoiturage
injection DB
Erreur Requête SQL: -- -- Contraintes pour la table `ams_user_data` -- ALTER TABLE `ams_user_data` ADD CONSTRAINT `ams_user_data_ibfk_2` FOREIGN KEY ( `uda_usr_id` ) REFERENCES `ams_user` ( `usr_id` ) ON DELETE CASCADE ON UPDATE NO ACTION , ADD CONSTRAINT `fk_ams_user_data_ams_city1` FOREIGN KEY ( `uda_cty_id` ) REFERENCES `ams_city` ( `cty_id` ) ON DELETE NO ACTION ON UPDATE NO ACTION ; MySQL a répondu: Documentation #1452 - Cannot add or update a child row: a foreign key constraint fails (`allmyski`.<result 2 when explaining filename '#sql-d72_72'>, CONSTRAINT `fk_ams_user_data_ams_city1` FOREIGN KEY (`uda_cty_id`) REFERENCES `ams_city` (`cty_id`) ON DELETE NO ACTION ON UPDATE )
Le PHP qd on met en 'production'
Oct 22 07:21:42 10.8.1.16 skivoiturage_error: [Mon Oct 22 07:21:42 2012] [error] [client 82.227.229.68] PHP Fatal error: Uncaught exception 'Zend_Config_Exception' with message 'Section 'production' cannot be found in /var/www/skiVoiturage/application/configs/eventManager.ini' in /var/www/skiLibraries/Zend/Config/Ini.php:151\nStack trace:\n#0 /var/www/skiLibraries/Zend/Application.php(386): Zend_Config_Ini->__construct('/var/www/skiVoi...', 'production')\n#1 /var/www/skiLibraries/Zend/Application.php(130): Zend_Application->_loadConfig('/var/www/skiVoi...')\n#2 /var/www/skiLibraries/Zend/Application.php(92): Zend_Application->setOptions(Array)\n#3 /var/www/skiVoiturage/public/index.php(33): Zend_Application->__construct('production', Array)\n#4 {main}\n thrown in /var/www/skiLibraries/Zend/Config/Ini.php on line 151
Oct 22 07:21:42 10.8.1.12 skivoiturage_error: [Mon Oct 22 07:21:42 2012] [error] [client 82.227.229.68] PHP Warning: require_once(Zend/Application.php): failed to open stream: No such file or directory in /var/www/skiVoiturage/public/index.php on line 19
Oct 22 07:21:42 10.8.1.12 skivoiturage_error: [Mon Oct 22 07:21:42 2012] [error] [client 82.227.229.68] PHP Fatal error: require_once(): Failed opening required 'Zend/Application.php' (include_path='/var/www/skiVoiturage/libraries::.:/usr/share/php:/usr/share/pear') in /var/www/skiVoiturage/public/index.php on line 19
bench
siege -b -t30s 87.98.251.179/index.php ** SIEGE 2.72 ** Preparing 15 concurrent users for battle. The server is now under siege... Lifting the server siege... done. Transactions: 203907 hits Availability: 100.00 % Elapsed time: 29.69 secs Data transferred: 8.17 MB Response time: 0.00 secs Transaction rate: 6867.87 trans/sec Throughput: 0.28 MB/sec Concurrency: 14.88 Successful transactions: 203907 Failed transactions: 0 Longest transaction: 0.05 Shortest transaction: 0.00
MONIT
<cib epoch="10" num_updates="1" admin_epoch="0" validate-with="pacemaker-1.2" crm_feature_set="3.0.5" update-origin="front01.prod.allmyski.info" update-client="cibadmin" cib-last-written="Mon Oct 8 11:40:50 2012" have-quorum="1" dc-uuid="c2032697-6411-4735-be3d-d3f16349b485">
<configuration>
<crm_config>
<cluster_property_set id="cib-bootstrap-options">
<nvpair id="cib-bootstrap-options-dc-version" name="dc-version" value="1.1.6-9971ebba4494012a93c03b40a2c58ec0eb60f50c"/>
<nvpair id="cib-bootstrap-options-cluster-infrastructure" name="cluster-infrastructure" value="Heartbeat"/>
</cluster_property_set>
</crm_config>
<nodes>
<node id="c2032697-6411-4735-be3d-d3f16349b485" type="normal" uname="front01.prod.allmyski.info"/>
<node id="ef24c295-5bf3-4efa-b4ff-5413e70ce0a0" type="normal" uname="front02.prod.allmyski.info"/>
</nodes>
<resources>
<primitive class="lsb" id="haproxy" type="haproxy">
<operations>
<op id="haproxy-monitor-1s" interval="1s" name="monitor"/>
</operations>
</primitive>
</resources>
<constraints>
<rsc_colocation id="haproxy-with-public-IPs" rsc="haproxy" score="INFINITY" with-rsc="failover-ip"/>
<rsc_order first="failover-ip" id="haproxy-after-IP" score="INFINITY" then="haproxy"/>
</constraints>
<rsc_defaults>
<meta_attributes id="rsc-options">
<nvpair id="rsc-options-resource-stickiness" name="resource-stickiness" value="100"/>
</meta_attributes>
</rsc_defaults>
</configuration>
<status>
<node_state id="c2032697-6411-4735-be3d-d3f16349b485" uname="front01.prod.allmyski.info" ha="active" in_ccm="true" crmd="online" join="member" expected="member" crm-debug-origin="do_state_transition" shutdown="0">
<transient_attributes id="c2032697-6411-4735-be3d-d3f16349b485">
<instance_attributes id="status-c2032697-6411-4735-be3d-d3f16349b485">
<nvpair id="status-c2032697-6411-4735-be3d-d3f16349b485-probe_complete" name="probe_complete" value="true"/>
</instance_attributes>
</transient_attributes>
<lrm id="c2032697-6411-4735-be3d-d3f16349b485">
<lrm_resources>
<lrm_resource id="failover-ip" type="IPaddrFO" class="ocf" provider="heartbeat">
<lrm_rsc_op id="failover-ip_last_0" operation_key="failover-ip_monitor_0" operation="monitor" crm-debug-origin="build_active_RAs" crm_feature_set="3.0.5" transition-key="4:3:7:435c0652-727e-4f25-97c9-700ccbf60c97" transition-magic="0:7;4:3:7:435c0652-727e-4f25-97c9-700ccbf60c97" call-id="2" rc-code="7" op-status="0" interval="0" op-digest="8ce385c47ac3d840d034c58ed9c92acf"/>
</lrm_resource>
</lrm_resources>
</lrm>
</node_state>
<node_state id="ef24c295-5bf3-4efa-b4ff-5413e70ce0a0" uname="front02.prod.allmyski.info" ha="dead" in_ccm="false" crmd="offline" join="down" crm-debug-origin="do_state_transition"/>
</status>
</cib>
<configuration>
<crm_config>
<cluster_property_set id="cib-bootstrap-options">
<nvpair id="cib-bootstrap-options-dc-version" name="dc-version" value="1.1.6-9971ebba4494012a93c03b40a2c58ec0eb60f50c"/>
<nvpair id="cib-bootstrap-options-cluster-infrastructure" name="cluster-infrastructure" value="Heartbeat"/>
</cluster_property_set>
</crm_config>
<nodes>
<node id="c2032697-6411-4735-be3d-d3f16349b485" type="normal" uname="front01.prod.allmyski.info"/>
<node id="ef24c295-5bf3-4efa-b4ff-5413e70ce0a0" type="normal" uname="front02.prod.allmyski.info"/>
</nodes>
<resources>
<primitive class="lsb" id="haproxy" type="haproxy">
<operations>
<op id="haproxy-monitor-1s" interval="1s" name="monitor"/>
</operations>
</primitive>
</resources>
<constraints>
<rsc_colocation id="haproxy-with-public-IPs" rsc="haproxy" score="INFINITY" with-rsc="failover-ip"/>
<rsc_order first="failover-ip" id="haproxy-after-IP" score="INFINITY" then="haproxy"/>
</constraints>
<rsc_defaults>
<meta_attributes id="rsc-options">
<nvpair id="rsc-options-resource-stickiness" name="resource-stickiness" value="100"/>
</meta_attributes>
</rsc_defaults>
</configuration>
Databases
db01.prod.allmyski.info -- db02.prod.allmyski.info
# creation de l'espace disque lvcreate -L50G -nmysql vg lvcreate -L10G -nbinlog vg mkfs.ext3 /dev/mapper/vg-mysql mkfs.ext3 /dev/mapper/vg-binlog mkdir /var/lib/mysql mkdir /var/log/mysql-binlog echo "/dev/mapper/vg-mysql /var/lib/mysql ext3 defaults 0 0" >> /etc/fstab echo "/dev/mapper/vg-binlog /var/log/mysql-binlog ext3 defaults 0 0" >> /etc/fstab mount /var/lib/mysql mount /var/log/mysql-binlog chown mysql:mysql /var/log/mysql-binlog/ rm -rf /var/lib/mysql/lost* rm -rf /home/lost* rm -rf /tmp/lost* rm -rf /var/log/mysql-binlog/lost* # installation de Mysql apt-get update apt-get install -yq openvpn openntpd htop apt-get install -yq mysql-server # DB01 iptables -A INPUT -p tcp -s 188.165.240.126 --dport 3306 -j ACCEPT # DB02 iptables -A INPUT -p tcp -s 188.165.241.29 --dport 3306 -j ACCEPT # front01 iptables -A INPUT -p tcp -s 94.23.12.228 --dport 3306 -j ACCEPT # front02 iptables -A INPUT -p tcp -s 94.23.241.220 --dport 3306 -j ACCEPT # admin iptables -A INPUT -p tcp -s 91.121.8.205 --dport 3306 -j ACCEPT iptables -A INPUT -p tcp --dport 3306 -j DROP iptables-save > /etc/iptables.rules
# recup des données openvpn depuis le master scp admin.ams.talevas.com:/home/config/db02/etc/openvpn/* /etc/openvpn/ /etc/init.d/openvpn start
Procédure de bascule
couper le master
iptables partout
allow writes sur le slave
suppression du fichier de conf
pointage des frontaux
édition du fichier host
Le script
#!/bin/bash
ServerList="front01.prod.allmyski.info front02.prod.allmyski.info"
MasterDb="db01.prod.allmyski.info"
SlaveDb="db02.prod.allmyski.info"
# couper le master => IPTABLES sur les frontaux
for server in $ServerList
do
echo "$server => iptables -A OUTPUT -p tcp -d 188.165.241.29 -j DROP"
ssh $server "iptables -A OUTPUT -p tcp -d 188.165.241.29 -j DROP"
done
# supression du read_only sur le slave
# restart du slave
echo "supression du read_only sur le slave"
ssh $SlaveDb "rm /etc/mysql/conf.d/slave.cnf; service mysql restart"
# changement du master dans les fichiers host des frontaux
for server in $ServerList
do
echo "On change l'entree master pour le front $server."
ssh $server "cp /etc/hosts /etc/hosts.ori"
ssh $server "echo '188.165.241.29 $MasterDb' >> /etc/hosts"
done
