Search This Blog

Wednesday, 30 November 2011

I have not been posted for some time as I was busy preparing for Linux certification.
So, I just obtained Comptia Linux+, LPIC level 1 and 2 certificates few days ago.

Friday, 14 October 2011

DHCP Failover Configuration

1. Install DHCP server on nodes:

root@node1:~# apt-get install dhcp3-server
root@node2:~# apt-get install dhcp3-server

2. Important. Synchronize time on both nodes using NTP service.

3. We need to configure a config which should be identical 
   on both machines. 
   It will describe fail-over peer and range of IP addresses, 
   as well as other information as described below.
   Create it in /etc/dhcp/ and name as general or common, 
   or master. Do not forget to change dhcpd.conf include accordingly
   (see below).
 
root@node1:~# vim /etc/dhcp/dhcpd.general
root@node2:~# vim /etc/dhcp/dhcpd.general

4. Paste in each of them and change according to your needs:

ddns-update-style none;
log-facility local7;
subnet 192.168.2.0 netmask 255.255.255.0 {
  pool {
    failover peer "dhcp";
    range 192.168.1.100 192.168.1.200;
  }
  option routers 192.168.1.254;
  option subnet-mask 255.255.255.0;
# option broadcast-address 192.168.1.255;
  option domain-name "your domain";
  option domain-name-servers 192.168.1.1, 192.168.1.2;
# option ntp-servers 192.168.1.1, 192.168.1.2;
# option netbios-node-type 8;

  default-lease-time 600;
  max-lease-time 7200;

5. Configure dhcpd.conf for each node:

5.1. First node: 
   
root@node1:~# vim /etc/dhcp/dhcpd.conf
  failover peer "dhcp" {
  primary;
  address 192.168.1.1;
  port 519;
  peer address 192.168.1.2;
  peer port 520;
  max-response-delay 60;
  max-unacked-updates 10;
  mclt 600;
  split 128;
  load balance max seconds 3;
}
include "/etc/dhcp/dhcpd.general";

5.2. Second node: 
   
root@node2:~# vim /etc/dhcp/dhcpd.conf
  failover peer "dhcp" {
  primary;
  address 192.168.1.2;
  port 520;
  peer address 192.168.1.1;
  peer port 519;
  max-response-delay 60;
  max-unacked-updates 10;
  mclt 600;
  split 128;
  load balance max seconds 3;
}
include "/etc/dhcp/dhcpd.general";

6. Testing

root@node1:~# cat /var/lib/dhcp/dhcpd.leases
root@node2:~# cat /var/lib/dhcp/dhcpd.leases



Wednesday, 21 September 2011

Implementing Failover Redundancy in Ubuntu 11.10 with Heartbeat + Rsync


1. Install Heartbeat on both hosts:

[root@host1 ~]# apt-get install heartbeat
[root@host2 ~]# apt-get install heartbeat


 2. Rsync can be used to synchronize any file/directory for any service,
    however in this example we will use Apache service:

[root@host1 ~]# apt-get install rsync
[root@host2 ~]# apt-get install rsync


 3. Check fully qualified domain names (fqdn) on host 1 and host2:

[root@host1 ~]# uname –n
[root@host2 ~]# uname –n

In my case host names (fqdn): host1.corp.un
Second Machine name (fqdn): host2.corp.un
IP Address of host1: 192.168.1.130
IP Address of host2: 192.168.1.131
Default Gateway of both hosts: 192.168.1.1
DNS Server: 192.168.1.1
DNS Server: 192.168.1.2

 4. Make sure that you have httpd installed:

 service apache2 status

You should see the following:

Apache2 is running (pid xxxx).

Where xxxx is the PID number.

5. Configure network settings for both nodes and check by pinging and resolving hostnames.

5.1. For host1:

[root@host1 ~]# cat /etc/network/interfaces

# The primary network interface
auto eth0
iface eth0 inet static

        address   192.168.1.130
        netmask   255.255.255.0
        network   192.168.1.0
        broadcast 192.168.1.255
        gateway   192.168.1.1

[root@host1 ~]# cat /etc/resolv.conf

domain corp1.un
nameserver 192.168.1.1
nameserver 192.168.1.2

[root@host1 ~]# cat /etc/hosts

127.0.0.1       localhost
192.168.1.130    host1.corp.un host1
192.168.1.131    host2.corp.un host2

5.2. For host2:

[root@host2 ~]# cat /etc/network/interfaces

# The primary network interface
auto eth0
iface eth0 inet static

        address   192.168.1.131
        netmask   255.255.255.0
        network   192.168.1.0
        broadcast 192.168.1.255
        gateway   192.168.1.1

[root@host2 ~]# cat /etc/resolv.conf

domain corp1.un
nameserver 192.168.1.1
nameserver 192.168.1.2

[root@host2 ~]# cat /etc/hosts

127.0.0.1       localhost
192.168.1.130    host1.corp.un host1
192.168.1.131    host2.corp.un host2

6. Configuring Heartbeat on both computers
Heartbeat has three main configuration files:

/etc/ha.d/authkeys
/etc/ha.d/ha.cf
/etc/ha.d/haresources

6.1. Configuring /etc/ha.d/authkeys File

The authkeys file must be owned by root and be chmod 600.
The actual format of the authkeys file is two-lines simple format.
There is an auth directive with an associated method ID number,
and there is a line that has the authentication method and
the key that go with the ID number of the
auth directive. There are three supported authentication methods:

crc, md5 and sha1.

[root@host1 ~]# vim /etc/ha.d/authkeys

Add the following :

auth 1

1 sha1 ThisIsALongPasswordForSecurityReasons

And change the permission of the authkeys file:

[root@host1 ~]# chmod 600 /etc/ha.d/authkeys

6.2. Configuring /etc/ha.d/ha.cf File

Edit the /etc/ha.d/ha.cf file in your favorite text editor:

[root@host1 ~]# vim /etc/ha.d/ha.cf

Add the following lines in the ha.cf file:

Configuration 1 (taken from Linux Journal with some changes)

keepalive 1
deadtime 10
initdead 120
warntime 5
udpport 694
# host1 heartbeat ip address is 192.168.1.130
# host2 heartbeat ip address is 192.168.1.131
# For simple two-server clusters, ucast or bcast can be used
ucast eth0 192.168.1.130
# bcast eth0
# serial /dev/ttyS1
# baud 19200
auto_failback off
stonith_host host1 wti_nps ares.example.com erisIsTheKey
stonith_host host2 wti_nps ares.example.com erisIsTheKey
# The following names must match the output of uname -n
node host1
node host2
use_logd yes
# logfile /var/log/ha-log
# logfacility local0

We can use, however, an example from usr/share/doc/heartbeat/
and adjust it according our needs:

zless /usr/share/doc/heartbeat/ha.cf.gz

6.3. Configuring /etc/ha.d/haresources File

This file contains the information about resources which we want to make highly available.
All services that we want Heartbeat to manage must be removed from the system init
for all init levels.

The command to accomplish this task is:
[root@host1 ~]#  /usr/sbin/update-rc.d -f <service_name> remove
[root@host2 ~]#  /usr/sbin/update-rc.d -f <service_name> remove
[root@host1 ~]#  vim /etc/ha.d/haresources

For minimalistic configuration add the following lines:

host1.corp.un IPaddr::192.168.1.132/24/eth0 apache2
This will assign a virtual ip address to the eth0 which can be verified by
ifconfig command:
eth0:0    Link encap:Ethernet  HWaddr 06:00:27:1e:07:db
          inet addr:192.168.1.132  Bcast:192.168.1.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
        
6.4. Copy the /etc/ha.d/ directory from host1 to host2:

[root@host1 ~] scp -r /etc/ha.d/ root@host2:/etc/

7. Configuring rsycn

For synchronization of the content we will use rsync package which by default is installed in

/usr/bin/rsync:

[root@host1 ~] crontab -e

*/1 * * * * /usr/bin/rsync -avz --perms --delete --links -e ssh /var/www/

host2:/var/www/

[root@host2 ~] crontab -e

*/1 * * * * /usr/bin/rsync -avz --perms --delete --links -e ssh /var/www/

host1:/var/www/

Note:

*/1 Check directories every minute and if there any changes,

perform transfer the changed files/directories.
/usr/bin/rysnc start rsync
-a archive
-v verbosity
-z perform compression
--perms means retain the original permissions
--delete delete extra files from host2 which are not found on node1
--links copy the symbolic links as it is.
-e define rsh command, in our case it is ssh

8. Starting Services and Testing

8.1. Start heartbeat:

[root@host1 ~]# /etc/init.d/heartbeat start
[root@host2 ~]# /etc/init.d/heartbeat start


The following will be observed:

Starting High-Availability services: IPaddr[xxxx]: INFO:  Resource is stopped

Done.

8.2. Open an SSH terminal on each cluster member and type:

[root@host1 ~]# tail -f /var/log/syslog
[root@host1 ~]# tail -f /var/log/ha-debug
[root@host1 ~]# tail -f /var/log/ha-log
[root@host1~]#  cl_status nodestatus host1.corp.un
[root@host2 ~]# tail -f /var/log/syslog
[root@host2 ~]# tail -f /var/log/ha-debug
[root@host2 ~]# tail -f /var/log/ha-log
[root@host2~]#  cl_status nodestatus host2.corp.un


Observe if there are any problems.

8.3. Configuring Apache2

Create the file index.html on both nodes:
On host1:

[root@host1 ~]# echo "host1 apache test" > /var/www/html/index.html
On host2:

[root@host2 ~]# echo "host1 apache test" > /var/www/html/index.html

Open web-browser and type in the URL: http://192.168.1.132
It will show host1 apache test.
Stop the heartbeat daemon on host1:

[root@host1 ~]# service heartbeat stop

In the browser type in the URL http://192.168.1.132 and press Enter.
It will show host2 apache test.
Bring the node back by issuing the command:

[root@host1 ~]# service heartbeat start

Now stop the heartbeat daemon on host2:

[root@host2 ~]# service heartbeat stop

In the browser type in the URL http://192.168.1.132 and press Enter.
It will show host1 apache test.
Bring the node back by issuing the command:

[root@host2 ~]# service heartbeat start

A virtual network interface and the associated IP address (192.168.1.132) is created by Heartbeat,
no manual configuration is required.
Also all services placed in /etc/ha.d/haresources file will start automatically.
Don't use the IP addresses 192.168.1.130 and 192.168.1.131 for services.
These addresses are used by heartbeat for communication between host1 and host2.
If used for virtual addressing, it will cause disturbance and heartbeat and will not work properly.


Saturday, 27 August 2011

Failover Redundancy in Ubuntu 11.10 with CARP

Failover Redundancy in Ubuntu 11.10 
 
1. Install ucarp:

root@master:~# apt-get install ucarp
root@slave:~#    apt-get install ucarp



2. For the primary (master) host change /etc/network/interfaces as follows:

# This file describes the network interfaces available on your system 
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface

auto lo 
iface lo inet loopback

# The primary network interface

auto eth0 
iface eth0 inet static

address 192.168.1.130 
netmask 255.255.255.0 
network 192.168.1.0 
broadcast 192.168.1.255 
gateway 192.168.1.1

# The secondary network interface

auto eth1 
iface eth1 inet static 
address 192.168.2.1 
netmask 255.255.255.0 
network 192.168.2.0 
broadcast 192.168.2.255

ucarp-vid 1 
ucarp-vip 192.168.2.254 
ucarp-password secret 
ucarp-advskew 14 
ucarp-advbase 1 
ucarp-facility local1 
ucarp-master yes 
ucarp-upscript /usr/share/ucarp/vip-up 
ucarp-downscript /usr/share/ucarp/vip-down

iface eth1:ucarp inet static 
address 192.168.2.254 
netmask 255.255.255.0

3. For the secondary (slave) host change /etc/network/interfaces as follows:

# This file describes the network interfaces available on your system 
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface

auto lo 
iface lo inet loopback

# The primary network interface

auto eth0 
iface eth0 inet static

address 192.168.1.130 
netmask 255.255.255.0 
network 192.168.1.0 
broadcast 192.168.1.255 
gateway 192.168.1.1

# The secondary network interface

auto eth1 
iface eth1 inet static

address 192.168.2.2 
netmask 255.255.255.0 
network 192.168.2.0 
broadcast 192.168.2.255

ucarp-vid 1 
ucarp-vip 192.168.2.254 
ucarp-password secret 
ucarp-advskew 14 
ucarp-advbase 1 
ucarp-facility local1 
ucarp-master no 
ucarp-upscript /usr/share/ucarp/vip-up 
ucarp-downscript /usr/share/ucarp/vip-down

iface eth1:ucarp inet static

address 192.168.2.254 
netmask 255.255.255.0

4. Add to the /etc/rc.local:

root@master:~# ucarp -i eth1 -s 192.168.2.1 -v 1 -p secret -a 192.168.2.254 -u /etc/vip-up.sh -d /etc/vip-down.sh -z -B

root@slave:~# ucarp -i eth1 -s 192.168.2.2 -v 1 -p secret -a 192.168.2.254 -u /etc/vip-up.sh -d /etc/vip-down.sh -z -B


5. To check if works correctly check ip addresses on the interfaces on both hosts:

ip addr show

The virtual ip assigned to the ucarp interface should be seen only on the master host.
Ping the virtual ip to check if it is reachable.
Shutdown the master and observe that the slave takes over and virtual ip now can be seen.
Again, ping the virtual ip.

Installing Virtual Hosts on Apache2 Webserver

Installing Virtual Hosts on Apache2
1. Create a folder for the domain:
mkdir -p /usr/share/tomcat/webapps/example

2. Within the /etc/apache2/sites-available/ folder create unique files for each of domains. For example, a file called “example” in that directory:
sudo nano /etc/apache2/sites-available/example

3. Copy content of default site to the newly created file:
sudo cp /etc/apache2/sites-available/default /etc/apache2/sites-available/example
(directories for Apache and Tomcat can be placed in a convenient place, however must be the same. For Tomcat server root folder for applications is webapps)

4. Adjust document roots as necessary and append to the file the following:

ServerName (name of the host)
JkMount /jsp/* worker1
JkMount /jsp worker1
#JkAutoAlias /usr/share/tomcat7/webapps/examples/
(appends requests for resources after webapps)
5. Enable mod_rewrite in Apache2:
sudo a2enmod rewrite

6. Now enable the site:
sudo a2ensite example

This site is now available (as in configured) and enabled (as in listening) once the Apache service is restarted:
sudo /etc/init.d/apache2 reload
sudo /etc/init.d/apache2 reload
sudo /etc/init.d/tomcat7 restart
 

Testing

7. To test your configuration you can, temporarily, configure the /etc/hosts file to point the domain to your IP address and see if your server loads up the correct site. This is only needed if the hostname or domain name does not already resolve to your IP address. Editing the /etc/hosts by adding the following line:
ip.address domain.tld (For instance 67.207.131.28 example.com)

8. Open a browser, try to access http://example and see if it loads the contents from the local DocumentRoot (from the configuration above). You might want to drop a file in the DocumentRoot to verify its pulling your local content:
sudo mv /var/www/index.html /usr/share/tomcat/webapps/examples/

9. Check PHP libraries:
sudo cp /var/www/test.php /usr/share/tomcat/webapps/examples/ or
sudo nano /usr/share/tomcat/examples/test.php
Write in it the only line:
<?php phpinfo(); ?>

10. Point the web browser to http://example/test.php and observe server’s phpinfo.

Monday, 22 August 2011

Connecting Tomcat 7.0.25 with Apache 2 (mod_jk)


Connecting Tomcat 7 with Apache2 (mod_jk)
1. Install Connector
sudo apt-get install libapache2-mod-jk

Create a file worker.properties in Tomcat directory / usr/share/tomcat7/conf/workers.properties :

sudo nano / usr/share/tomcat7/conf/workers.properties   

And add the following lines:
# workers.properties
# --------------------------------------------------------------------------
# File:        workers.properties
#

# Purpose:     AJP Bridge for Apache/Tomcat
#
# Location:    $TOMCAT_HOME/conf
#
# Certified:   Ubuntu 11.04 / Apache 2.2.17/ Tomcat 7.0 / JDK-1.7.0
#
# Note:        This file should be appended or included into jk.load
# --------------------------------------------------------------------------
#
# This file provides jk derived plugins with the needed information to
# connect to the different tomcat workers.  Note that the distributed
# version of this file requires modification before it is usable by a
# plugin.
#
# As a general note, the characters $( and ) are used internally to define
# macros. Do not use them in your own configuration!!!
#
# Whenever you see a set of lines such as:
# x=value
# y=$(x)\something
#
# the final value for y will be value\something
#
# Normaly all you will need to do is un-comment and modify the first three
# properties, i.e. workers.tomcat_home, workers.java_home and ps.
# Most of the configuration is derived from these.
#
# When you are done updating workers.tomcat_home, workers.java_home and ps
# you should have 3 workers configured:
#
# - An ajp13 worker that connects to localhost:8009
# - A jni inprocess worker.
# - A load balancer worker
#
# However by default the plugins will only use the ajp13 worker. To have
# the plugins use other workers you should modify the worker.list property.
#
# OPTIONS ( very important for jni mode )
#
# workers.tomcat_home should point to the location where you
# installed tomcat. This is where you have your conf, webapps and lib
# directories.
#
workers.tomcat_home=$CATALINA_HOME
#
# workers.java_home should point to your Java installation. Normally
# you should have a bin and lib directories beneath it.
#
workers.java_home=$JAVA_HOME
#
# You should configure your environment slash... ps=\ on NT and / on UNIX
# and maybe something different elsewhere.
#
ps=/
#
#------ ADVANCED MODE ------------------------------------------------
#---------------------------------------------------------------------
#
#------ DEFAULT worket list ------------------------------------------
#---------------------------------------------------------------------
#
# The workers that your plugins should create and work with
#
worker.list=worker1,worker2,worker3
#
#
#------ DEFAULT WORKER DEFINITION ------------------------------------
#---------------------------------------------------------------------
#
# Defining a worker named worker1 and of type ajp13
# Note that the name and the type do not have to match.
#
worker.worker1.port=8009
worker.worker1.host=localhost
worker.worker1.type=ajp13
#
# Specifies the load balance factor when used with
# a load balancing worker.
# Note:
#  ----> lbfactor must be > 0
#  ----> Low lbfactor means less work done by the worker.
worker.worker1.lbfactor=1
#
# Specify the size of the open connection cache.
#worker.worker1.cachesize
#
#------ OTHER WORKERS DEFINITION ------------------------------------
#---------------------------------------------------------------------
#
worker.worker2.port=8109
worker.worker2.host=localhost
worker.worker2.type=ajp13
#
# Specifies the load balance factor when used with
# a load balancing worker.
# Note:
#  ----> lbfactor must be > 0
#  ----> Low lbfactor means less work done by the worker.
worker.workerworker2.lbfactor=1
#
# Specify the size of the open connection cache.
#worker.workerworker2.cachesize
#
worker.worker3.port=8209
worker.worker3.host=localhost
worker.worker3.type=ajp13
#
# Specifies the load balance factor when used with
# a load balancing worker.
# Note:
#  ----> lbfactor must be > 0
#  ----> Low lbfactor means less work done by the worker.
worker.workerworker3.lbfactor=1
#
# Specify the size of the open connection cache.
#worker.workerworker3.cachesize
#
#------ DEFAULT LOAD BALANCER WORKER DEFINITION ----------------------
#---------------------------------------------------------------------
#
# The loadbalancer (type lb) workers perform wighted round-robin
# load balancing with sticky sessions.
# Note:
#  ----> If a worker dies, the load balancer will check its state
#        once in a while. Until then all work is redirected to peer
#        workers.
worker.loadbalancer.type=lb
worker.loadbalancer.balanced_workers=worker1, worker2, worker3
#
#------ DEFAULT JNI WORKER DEFINITION---------------------------------
#---------------------------------------------------------------------
#
# Defining a worker named inprocess and of type jni
# Note that the name and the type do not have to match.
#
worker.inprocess.type=jni
#
#------ CLASSPATH DEFINITION -----------------------------------------
#---------------------------------------------------------------------
#
# Additional class path components.
#
#worker.inprocess.class_path=$(workers.tomcat_home)$(ps)lib$(ps)tomcat.jar
#
# Setting the command line for tomcat.
# Note: The cmd_line string may not contain spaces.
#
#worker.inprocess.cmd_line=start
#
# Not needed, but can be customized.
# worker.inprocess.cmd_line=-config
# worker.inprocess.cmd_line=$(workers.tomcat_home)$(ps)conf$(ps)server.xml
# worker.inprocess.cmd_line=-home
# worker.inprocess.cmd_line=$(workers.tomcat_home)
#
# The JVM that we are about to use
#
# This is for Java2
#
# Windows
# worker.inprocess.jvm_lib=$(workers.java_home)$(ps)jre$(ps)bin$(ps)classic$(ps)jvm.dll
# IBM JDK1.3
# worker.inprocess.jvm_lib=$(workers.java_home)$(ps)jre$(ps)bin$(ps)classic$(ps)libjvm.so
# Unix - Sun VM or blackdown
worker.inprocess.jvm_lib=$(workers.java_home)$(ps)jre$(ps)lib$(ps)i386$(ps)classic$(ps)libjvm.so
#
# And this is for jdk1.7.X
#
# worker.inprocess.jvm_lib=$(workers.java_home)$(ps)bin$(ps)javai.dll
#
# Setting the place for the stdout and stderr of tomcat
#
#worker.inprocess.stdout=$(workers.tomcat_home)$(ps)logs$(ps)inprocess.stdout
#worker.inprocess.stderr=$(workers.tomcat_home)$(ps)logs$(ps)inprocess.stderr
#
# Setting the tomcat.home Java property
#
# worker.inprocess.sysprops=tomcat.home=$(workers.tomcat_home)
#
# Java system properties
#
# worker.inprocess.sysprops=java.compiler=NONE
# worker.inprocess.sysprops=myprop=mypropvalue
#
# Additional path components.
#
# worker.inprocess.ld_path=d:$(ps)SQLLIB$(ps)bin




2. Configuring JK to connect jk.load to workers.properties


Open /etc/apache2/modes-available/jk.load and append the following: 

# jk.load
# --------------------------------------------------------------------------
# File:        jk.load
#
# Purpose:     Configuration file for Apache/Tomcat
#
# Location:    /Apache2/mods-available/
#
# Certified:   Ubuntu 11.04 / Apache 2.2.17/ Tomcat 7.0 / JDK-1.7.0
#
# Note:        This file should be appended into jk.load module
# --------------------------------------------------------------------------
#
# Configure the jk module
## Update this path to match your conf directory location 
#
JkWorkersFile / usr/share/tomcat7/conf/workers.properties #
# Update this path to match your logs directory location (put mod_jk.log next to access_log)
JkLogFile     /var/log/apache2/mod_jk.log#
# Update this path to match your local state directory or logs directory
JkShmFile     /var/log/apache2/mod_jk.shm 
#
# Log Level: May be debug, info, error, or emerg.
# If not set, defaults to no log
#
JkLogLevel error#
# Select the timestamp log format
JkLogStampFormat "[%a %b %d  %H:%M:%S  %Y] "
#
# Root context mounts for Tomcat
#
#JkMount /*.jsp ajp13
#JkMount /servlet/* ajp13
#
# Examples delivered with Tomcat, mapped in server.xml
# Use this only for Development and Testing
#
# AutoAlias /examples "/usr/local/tomcat/webapps/examples"
# JkMount /examples/servlet/* ajp13
# JkMount /examples/*.jsp ajp13
3. Disable the default configuration file for apache with: 
 
sudo a2dissite default
 
4. If there is an error: Apache2: Could not determine the server's fully qualified domain name, using 127.0.0.1 for ServerName then:

echo "ServerName localhost" | sudo tee /etc/apache2/conf.d/fqdn

Useful Links:
http://tomcat.apache.org/connectors-doc/reference/apache.html



Installing Tomcat 7.0.25 on Ubuntu 11.10

1.  Installing Tomcat 7.0.25

1.1. cd ~/downloads
1.2. SOURCETOM=apache-tomcat-7.0.25.tar.gz
1.3. SOURCETOMWEB=http://apache.mirror.nexicom.net/tomcat/tomcat-7/v7.0.25/src/apache-tomcat-7.0.25-src.tar.gz
1.4.sudo wget $SOURCETOMWEB
1.5.sudo mkdir /usr/share/tomcat7
1.6. Unpack the source
sudo tar zxvf $SOURCETOM
1.7.Move the generated content of folder apache-tomcat-7.0.25 to /usr/share/tomcat7:
 sudo mkdir –p /usr/share/tomcat7
 sudo mv apache-tomcat-7.0.25/* /usr/share/tomcat7/
 
1.8. Delete apache-tomcat-7.0.25 directory:
 sudo rm –r apache-tomcat-7.0.25
1.9. Clean up the variable (and the compressed file)
 rm –f  $SOURCETOM
1.10.            sudo nano /etc/environment
Now let's set up the directories where we have installed Java in my case this is as follows:
JAVA_HOME="/usr/lib/jvm/ jdk1.0.7/"
JRE_HOME="/usr/lib/jvm / jdk1.0.7/jre/"
PATH=”…… :$JAVA_HOME:JRE_HOME”
1.11.            Configuring Tomcat users. The changes should be made in the file "tomcat-users.xml" directory tomcat7/conf. Command to edit the file:
sudo nano /usr/share/tomcat7/conf/tomcat-users.xml


The file would be as follows (add to the end of the file):

<tomcat-users>
<role rolename="manager-gui"/>
<role rolename="manager-script"/>
<role rolename="manager"/>
<role rolename="admin-gui"/>
<role rolename="admin-script"/>
<role rolename="admin"/>

<user username="ubuntu" password="ubuntu" roles="manager-gui,admin-gui,manager,admin,manager-script,admin-script"/>
</tomcat-users>

1.12.            Now we will attempt to start Tomcat7. First the server should be brought up with the following command:
sudo /usr/share/tomcat7/bin/startup.sh

The following output will be observed on console:

Using CATALINA_BASE: /usr/share/tomcat7/
Using CATALINA_HOME: /usr/share/tomcat7/
Using Catalina TMPDIR: /usr/share/tomcat7/tmp
Using JRE_HOME: /usr/lib/jvm /
jdk1.0.7/jre
Using CLASSPATH: /usr/share/tomcat7/ apache-tomcat \ 7.0.25/bin/bootstrap.jar:/usr/share/tomcat7/bin/tomcat-juli.jar

Create the tomcat user and group:

sudo groupadd tomcat
sudo useradd –g tomcat –d /usr/share/tomcat7 tomcat
sudo passwd tomcat
sudo chown –R tomcat:tomcat /usr/share/tomcat7
 

1.13.            Automatic starting

To make tomcat automatically start when we boot up the computer, we can add a script to make it auto-start and shutdown.
sudo touch /etc/init.d/tomcat7
sudo nano /etc/init.d/tomcat7

1.14.            Now paste in the following:

#!/ bin/sh
# Tomcat7 Autostart Script
# Description: Provides Autostart Tomcat7 Servlet Engine
# processname: tomcat
# Default start: 3 5
# Default stop: 0 1 2 6
# Pidfile: /var/run/tomcat.pid
case $1 in
start)
echo –n “Starting Tomcat7\n”
sh /usr/share/tomcat7/bin/startup.sh
echo –n “Starting Tomcat7… done\n”
;;
stop)
echo –n “Stopping Tomcat7\n”
sh /usr/share/tomcat7/bin/shutdown.sh
echo –n “Stopping Tomcat7… done\n”
;;
restart)
echo –n “Restarting Tomcat7\n”
sh /usr/share/tomcat7/bin/shutdown.sh
sh /usr/share/tomcat7/bin/startup.sh
echo –n “RestartingTomcat7… done\n”
;;
esac
exit 0

The script should be made executable by running the chmod command:
sudo chmod 755 /etc/init.d/tomcat7 or sudo chmod +x /etc/init.d/tomcat7

The last step is actually linking this script to the startup folders with a symbolic link. Execute these two commands and we should be on our way.
sudo ln -s /etc/init.d/tomcat7 /etc/rc1.d/K99tomcat
sudo ln -s /etc/init.d/tomcat7 /etc/rc2.d/S99tomcat

sudo /etc/init.d/tomcat7 restart
Tomcat should now be fully installed and operational.

Useful Links:
Securing Tomcat Server
(OWASP Project)




Installing LAMP Server and JDK 1.0.7 on Ubuntu 11.10

1.  Installing LAMP
1.1. sudo tasksel install lamp-server
2.  Installing Java Development Kit (JDK)
2.1.mkdir ~/downloads
2.2.cd ~/downloads
2.3. Download the source
 SOURCEJ=
jdk-7-linux-i586.tar.gz
(for x86)
(for x64)
2.4. sudo wget $SOURCEJWEB
2.5. Unpack the source
 sudo tar zxfv $SOURCEJ
2.6. Clean up the variable (and the compressed file)
 rm –f  $SOURCEJ
2.7.  Move the generated content of folder jdk1.0.7 to a more appropriate directory:  
sudo mkdir –p /usr/lib/jvm/
    sudo mv jdk1.0.7 /usr/lib/jvm/
2.8.Check how many alternatives you have:
 
sudo update-alternatives --config java
2.9.  To add your new JDK 7 installation into alternatives list:
sudo update-alternatives --install /usr/bin/java java /usr/lib/jvm / jdk1.0.7/jre/bin/java 1
       sudo update-alternatives --config java
       java –version

* sudo apt-get python-software-properties