Tuesday 6 August 2019

Kubernetes basic installation and how to check cluster is running or not.

Kubernetes:
yum update -y

sestatus (status for selinux)
cat /etc/sysconfig/selinux (disable selinux)
SELINUX = disable

systemctl disable firewalld (disable firewall)
yum remove chrony -y
yum install ntp -y
systemctl enable ntpd.service
systemctl start ntpd.service

/etc/hosts
master server(IP address)
node1 server (IP address)
node2 server (IP address)
validate the kubernetes master and nodes each other
ping master
ping node1
ping node2

On the Master Node following components will be installed
API Server         – It provides kubernetes API using Jason / Yaml over http, states of API objects are stored in etcd
Scheduler          – It is a program on master node which performs the scheduling tasks like launching containers in worker nodes based on resource availability
Controller Manager – Main Job of Controller manager is to monitor replication controllers and create pods to maintain desired state.
etcd               – It is a Key value pair data base. It stores configuration data of cluster and cluster state.
Kubectl utility    – It is a command line utility which connects to API Server on port 6443. It is used by administrators to create pods, services etc.

On Worker Nodes following components will be installed
Kubelet            – It is an agent which runs on every worker node, it connects to docker and takes care of creating, starting, deleting containers.
Kube-Proxy – It routes the traffic to appropriate containers based on ip address and port number of the incoming request.
In other words we can say it is used for port translation.
Pod    – Pod can be defined as a multi-tier or group of containers that are deployed on a    single worker node or docker host.

vim /etc/yum.repo.d/kubernetes
[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg
        https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg

yum install -y kubelet kubeadm docker kubectl

start docker kubelet
systemctl start docker ;
syatemctl enable docker;

systemctl start kubelet;
syatemctl enable kubelet;
sysctl -p

kubadm init --pod-network-cidr=172.30.0.0/16

   After install it will show you to create folder just run those commands.
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

goto node1
ssh to master
docker images
docker -ps

To check cluster is running or not
kubectl get nodes
kubectl get pods (to check is any pods are running or not)
kubectl get pods --all-namespaces

goto gihub/flannel copy the link and paste it in master
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

kubectl get pods --all-namespaces
kubectl get nodes

Bugzilla to cloud jira using local jira server

APPROACH -1

BUGZILLA TO CLOUD JIRA MIGRATION

· Take backup from cloud Jira

1. Convert all the next-gen projects to classic projects (As Below Step).

Note: Make sure before taking backup convert all the projects to classic.

2. Create a backup for Jira Cloud

3. To create a backup for cloud: Goto > Jira settings > System

4. Click on IMPORT AND EXPORT section, click Backup manager.

5. Under Backup for cloud, select Create backup for cloud.

6. Tick the Include additional files option if you want to include issue attachments, user avatars, and project logos in the export.

7. After the backup is complete, select Download backup file.

Note: Before click on backup make sure convert all Next-gen projects to class

· Convert all the next-gen projects to classic projects

1. create a new project, while creating select classic option and Scrum (or) Kanban type (Select Create project > Classic project > Kanban).

2. After creating classic project, Goto > settings > system > Import&Export > backup option in Jira then you can see all next-gen projects. here for every project it will show two options move issues & delete project.

3. Click on move issues it will redirect to new page with multiple options.

4. Select Move Issues option and hit Next.

5. Now select the project and issue type then map the project to newly created classic project and map the issue type as the project. (On the Select Projects and Issue Types screen, you'll need to select where the issues from your old project will go. Select a destination project and issue type and hit Next. This is the issue type that each issue in your old project will become in the new project.)

6. On the final screen, click Confirm.

7. Things to keep in mind if you migrate from next gen to classic

a. Reports: Reports data won't be saved. Even though your issues will be retained, data for your project's Velocity and Burnup reports won't transfer over and will be lost.

b. Story points estimation: This data will be lost. This is because the custom field that Jira uses to store estimates in classic projects (Story points) is different to the custom field used in next-gen projects (Story point estimate).

8. Things to keep in mind if you migrate from classic to next-gen

a. Next-gen projects and classic projects are technically quite different, so a few things can break when you migrate from a classic software project to a next-gen software project. Here's what we know so far:

b. Active sprints: Sprints in progress in your classic project won't move to your next-gen project. Issues that were in the active sprint in your classic project will be in the backlog of your next-gen project.

c. Epic links: Links between epics and other issues (Story, Bugs, Tasks, etc...) in your classic project won't exist in your next-gen project. The issues themselves will still exist, but the links between them won't.

d. Custom fields: These must be recreated in your new next-gen project.

e. Story points estimation: This data will be lost. however, you'll be able to start using story points estimation by enabling the Estimation feature in your next-gen project.

f. Reports: Data for your project's Velocity report won't be saved. The Velocity report will show that no points were completed in past sprints.

g. Report history: All reporting history is lost in this migration process. The Burnup report and Velocity report won't be migrated.

9. After the backup is complete, select Download backup file.

10. This is the structure of backup.zip file

JIRA-backup.zip file

· activeobjects.xml

· entities.xml

· data

a. attachments

b. avatars

· logos

Note: For instances with large backups (2GB or larger), we recommend importing any attachments separately. To do this:

· Unzip your Jira Cloud backup file.

· Move data and logos folder into a safe place.

· Recompress the backup folder with the activeobjects.xml and entities.xml files only.

· Restore to local Jira server

1. Choose > Settings > System.

2. Select Import & Export > Restore System to open the Restore Jira applications data from Backup page.

3. Copy the backup.zip file to Jira path (/var/Atlassian/application-data/Jira/import).

4. Now on the filename just give backup filename that you saved or copied to that Jira path.

5. Mention the license key of local Jira server (Goto > settings > select Applications > select Versions&Licence).

6. Copy the license key and disable the outgoing mail option and click restore.

7. If you are unzip the backup file and just restore the both .xml files then place the Attachments, Avatars and Logos to the directory where Jira can access them.

8. All the Attachments, Logos and Avatars you can directly copy those folders to below

mentioned paths.

9. PATHS: (Make sure that Jira has read and write permissions to this directory and its subdirectories.)
/var/Atlassian/application-data/Jira/data
/var/Atlassian/application-data/Jira/data/attachments
/var/Atlassian/application-data/Jira/data/avatars
/var/Atlassian/application-data/Jira/Logos

10. Once everything is done restart local Jira and MySQL.

11. Log into your new Jira Server instance and change the password

12. Log in to your new Jira product, using the following credentials:

i. Username: sysadmin

ii. Password: sysadmin

13. Change the password immediately after logging in.

· Import all the Bugzilla projects to local Jira using Bugzilla plugin

14. Log in to JIRA

15. Choose > settings > System > Select Import & Export > External System Import to open the Import external projects page.

16. Select Bugzilla Plugin to open the Bugzilla Import Wizard.

17. On the Bugzilla Import Wizard: Setup page, complete the following fields/options:
Bugzilla URL:
Specify credentials:
Database type:
Hostname:
Port:
Database:
Username:
Password:

18. Click the Next button to proceed to the Setup project mappings step of the Bugzilla Import Wizard.

19. On the Setup project mappings page, select which Bugzilla projects you wish to import into JIRA.

20. Select the project from Bugzilla to import in Jira (here you can create new project name or choose existing project name).

21. Click Next to map the custom fields and then map their values and click next.

22. Once mapping is done click on Begin Import.

23. After import, if you face any error just click on Download a detailed log then you can all the process and you can easily figure out the error.

· Take the backup of local Jira server

24. So, now all the Jira cloud data and Bugzilla data are in local Jira server.

25. Goto > settings > systems > import-export > backup.

26. It will show you the filename option:

27. Just mention filename (give any new name) it will create that file in Export directory.

28. If you Goto this path (/var/Atlassian/application-data/Jira/export) you can see the backup file.

Now, backup file is ready then get attachments, avatars, logs from local Jira path related folders then zip all the folders make as one zip file then upload that file to restore in cloud Jira.

· Restore backup file to cloud Jira

29. Login to cloud Jira and choose > settings > system > import-export > restore.

30. Download the final backup file from local Jira and upload to cloud jira to start restoring.

Troubleshoot process for the errors while we faced in migration:

Ø If you are facing this error while the process of uploading the backup file.

Ø Rename the file with out any spaces or special characters then try again.

Ø Java Heap Space Error:

https://confluence.atlassian.com/jirakb/startup-check-increasing-jira-application-memory-limits-939939840.html#Startupcheck:IncreasingJIRAapplicationmemorylimits-guidance

https://confluence.atlassian.com/adminjiraserver/connecting-jira-applications-to-mysql-5-7-966063305.html

Guidance:

1. 40,000 issues will import at a time by using space of 1GB.

2. So, STO having around 1,40,000 issues. We increased the java heap space to around 8GB so that we can import all the projects at one go.

To increase heap space memory in Linux installations:

1. In your <JIRA application installation directory>/bin (or <Tomcat Installation Directory>/bin for JIRA WAR installations), open the setenv.sh file.

2. Find the sections JVM_MINIMUM_MEMORY=

JVM_MAXIMUM_MEMORY=

Monday 6 May 2019

REST APIs

Introduction to REST APIs
➢ Today I am going to talk about the term which you people heard a lot as
Rest APIs. REST states as Representational State Transfer (REST) and is an
architectural style that uses simple HTTP calls for inter-machine
communication instead of more complex options (RPC, SOAP).

➢ REST uses message-based communication and relies on the HTTP standard
to describe these messages. Using HTTP protocol means REST is a simple
Request/Response mechanism and each request returns a subsequent
response. The REST architecture uses 6 – key constraints as guidelines.

Client-Server: This model creates a uniform interface which separates clients
from Servers.
Stateless: protocol where no client context is stored on the server between
requests. Each request from any client contains all the information necessary to
service the request, and session state is held in the client.
Cacheable: Messages are enabled caching within the network path so
intermediate servers can cache the data for re-use.
Layered system: A client cannot tell whether it is connected directly to the end
server. This layered approach improves scalability, load balancing and shared
caching.
Uniform interface: The uniform interface simplifies and decouples the
architecture, which enables each part to evolve independently.
Code on demand: Is an optional constraint which allows permits Servers the
ability to extend.
Java applets and JavaScript as needed.

REST was built on the principles of HTTP and these Services can return types data
such as;
• XML
• JSON - (JavaScript Object Notation)
• HTML
• Plain Text
• Binary/octet (Images, PDF’s…)

What is HATEOAS and why is it important for REST API?

HATEOAS stands for Hypertext as The Engine of Application State. It means that
hypertext should be used to find a way through the API. Note the Server responds
with a "link" tag and URL needed to complete the specified action in the GET
method.

An example:
GET /account/12345 HTTP/1.1

HTTP/1.1 200 OK
<?xml version="1.0"?>
    <account>
       <account_number>12345</account_number>
        <balance currency="usd">-25.00</balance>
        <link rel="deposit" href="/account/12345/deposit" /> </account>

Why is REST popular?

➢ RESTful Web services are easily leveraged by most tools, including those
that are free and inexpensive. RESTful Services are less complex, more
efficient (use smaller message format) and provide better performance than
SOAP (Simple Operation Access Protocol).

➢ REST provides a lightweight architecture that promotes scalability and a
very loose coupling as it supports billions of users that are unaware of
network topology. In short REST is the architecture of the Web as it works
today and building Web Applications to use the architecture make a lot of
sense.

Benefits
• Extensibility
• Customizability
• Reusability
• Visibility
• Portability
• Reliability

Typical REST API calls:
HTTP is a Request/Response protocol. A client makes a Request to the Server and
the Server sends back a Response. The client builds a Request consisting of
Headers and Payload and Sends to a URL with an HTTP Method GET, PUT,
POST, HEAD, DELETE.
• GET – Retrieves a resource
• POST – Creates a resource
• PUT – Updates a resource
• DELETE – Deletes a resource

The Server builds a Response with Headers & Payload and sends it back to the
Client along with a status code validating the “response”.

NAGIOS INSTALLATION STEPS

yum install -y httpd httpd-tools php gcc glibc glibc-common gd gd-devel make net-snmp
useradd nagios
groupadd nagcmd
usermod -G nagcmd nagios
usermod -G nagcmd apache
mkdir /root/nagios
cd /root/nagios
wget https://assets.nagios.com/downloads/nagioscore/releases/nagios-4.3.4.tar.gz
wget https://nagios-plugins.org/download/nagios-plugins-2.2.1.tar.gz
tar -xvf nagios-4.3.4.tar.gz
tar -xvf nagios-plugins-2.2.1.tar.gz
ls -l
cd nagios-4.3.4/
./configure --with-command-group=nagcmd
make all
make install
make install-init
make install-commandmode
make install-config
vi /usr/local/nagios/etc/objects/contacts.cfg
make install-webconf
htpasswd -s -c /usr/local/nagios/etc/htpasswd.users nagiosadmin
service httpd start
systemctl start httpd.service
cd /root/nagios
cd nagios-plugins-2.2.1/
./configure --with-nagios-user=nagios --with-nagios-group=nagios
make
make install
/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg
chkconfig --add nagios
chkconfig --level 35 nagios on
chkconfig --add httpd
systemctl enable nagios
systemctl enable httpd
service nagios start
systemctl start nagios.service
PublicIP/nagios (in browser)
nagiosadmin(user name)
password

Wednesday 24 April 2019

DevOps Project with GIT--JENKINS--Docker

DevOps Project
Launch an EC2 instance for Docker host
Install docker on EC2 instance and start services
yum install docker
service docker start
create a new user for Docker management and add him to Docker (default) group
useradd dockeradmin
passwd dockeradmin
usermod -aG docker dockeradmin
Write a Docker file under
/opt/docker
mkdir /opt/docker

### vi Dockerfile
From tomcat:8-jre8
MAINTAINER "sai"
COPY ./webapp.war /usr/local/tomcat/webapps

Login to Jenkins console and add Docker server to execute commands from Jenkins
Manage Jenkins --> Configure system --> Publish over SSH --> add Docker server and credentials
Create Jenkins job
A) Source Code Management
Repository : GITHUB URL
Branches to build : */master
B) Build Root POM: pom.xml
Goals and options : clean install package
: MVN Clean Package
C) send files or execute commands over SSH Name: docker_host
Source files : webapp/target/*.war Remove prefix : webapp/target Remote directory : //opt//docker
Exec command[s] :
docker stop demo;
docker rm -f demo;
docker image rm -f demo;
cd /opt/docker;
docker build -t imagedemo .
D) send files or execute commands over SSH
Name: docker_host
Exec command : docker run -d --name demo -p 8090:8080 imagedemo
Login to Docker host and check images and containers. (no images and containers)
Execute Jenkins job
check images and containers again on Docker host. This time an image and container get creates through Jenkins job
Access web application from browser which is running on container
<docker_host_Public_IP>:8090

Sunday 21 April 2019

Web Server (Apache)

1. What is Web server and explain it?
A Web server is a system that delivers content or services to end users over the Internet. A Web server consists of a physical server, server operating system (OS) and software used to facilitate HTTP communication.

A computer that runs a Web site. Using the HTTP protocol, the Web server delivers Web pages to browsers as well as other data files to Web-based applications.
The Web server includes the hardware, operating system, Web server software, TCP/IP protocols and site content (Web pages, images and other files). If the Web server is used internally and is not exposed to the public, it is an "intranet server" and if the Web server is used in the internet and is exposed to the public, it is an Internet server.

2. What is Protocol?
A uniform set of rules that enable two devices to connect and transmit the data to one another. Protocols determine how data are transmitted between computing devices and over networks. They define issues such as error control and data compression methods. The protocol determines the following type of error checking to be used, data compression method (if any), how the sending device will indicate that it has finished a message and how the receiving device will indicate that it has received the message.
Internet protocols include TCP/IP (Transmission Control Protocol / Internet Protocol),
HTTP (Hyper Text Transfer Protocol),
FTP (File Transfer Protocol) and
SMTP (Simple Mail Transfer Protocol).

3. How a Web server works?
(i) If the user types an URL in his browsers address bar, the browser will splits that URL into a number of separate parts including address, path name and protocol.
(ii) A DNS (Domain Naming Server) translates the domain name the user has entered into its IP address, a numeric combination that represents the site's true address on the internet.
(iii) The browser now determines which protocol (rules and regulation which the client machine used to communicate with servers) should be used. For example FTP (File Transfer Protocol) and HTTP (Hyper Text Transfer Protocol).
(iv) The server sends a GET request to the Web Server to retrieve the address it has been given. For example when a user types http://www.example.com/Myphoto.jpg , the browser sends a GET Myphoto.jpg command to example.com server and waits for a response. The server now responds to the browser's requests. It verifies that the given address exist, finds the necessary files, runs the appropriate scripts,exchanges cookies if necessary and returns the results back to the browser. If it cannot locate the file, the server sends an error message to the client.
(v) Then the browser translates the data it has been given into HTML and displays the results to the user.

4. In how many ways can we host the websites?
IP based Web Hosting :
IP based web hosting is usedIP address or hostname web hosting.
Name based Web Hosting :
Hosting the multiple websites using single IP address.
Port based Web Hosting :
Web hosting using another port number ie., other than the default port number.
User based Web Hosting :
We can host the Web sites using the user name and password.

5. What is Apache Web Server?
Apache is a open source web server. It is mostly used web server in the internet. httpd is the deamon that speaks the http or https protocols. It is a text based protocol for sending and receiving the objects over a network connection. The http protocol is sent over the wired network in clear text using default port number 80/tcp. To protect the website we can use https web server for data encryption.

6. What is the profile for Web server?
Package : httpd
script : /etc/init.d/httpd
Deamon : httpd
Configuration file : /etc/httpd/conf/httpd.conf (for http)
/etc/httpd/conf.d/ssl.conf (for https)
Document Root : /var/www/html
Log files : /var/log/httpd/access_log
/var/log/httpd/error_log
Port Number : 80/http and 443/https
* If we want to configure the httpd server, we have to follow the ISET rules. where
I - Install,
S - Start,
E - Enable and
T - Test.
* To access the websites using the CLI mode e-links, curl tools are used and to access the websites using the browser in Linux Firefox is used.

7. How to make the http web server available to the cleint?
(a) First assign the static IP address and hostname to the server.
(b) Check whether the server package by # rpm -qa httpd* command.
(c) If not installed, install the web server package by # yum install httpd* -y command.
(d) Start the web server and enable web server service at next boot.
# service httpd start (to start the webserver deamon in RHEL - 6)
# chkconfig httpd on (to enable the service at next boot in RHEL - 6)
# systemctl restart httpd (to start the webserver deamon in RHEL - 7)
# systemctl enable httpd (to enable the service at next boot in RHEL - 7)
(e) Open the browser and access the web server document.
# firefox (to open the firefox browser)
* Then in address bar type as http://localhost/manual and press Enter key.

8. How to configure the IP based virtual host Web server?
(a) First assign the static IP address and hostname to the server.
(b) Check whether the server package by
# rpm -qa httpd* command.
(c) If not installed, install the web server package by
# yum install httpd* -y command.
(d) Check the configuration file to configure the http web server by
# rpm -qac httpd command.
(e) If required open the web server document by
# rpm -qad httpd command.
(f) Go to the configuration file directory by
# cd /etc/httpd/conf.d
(g) Create the configuration for IP based hosting.
# vim /etc/httpd/conf.d/ip.conf
<VirtualHost <IP address of the web server> : 80>
ServerAdmin root@<hostname of the web server>
ServerName <hostname of the web server>
DocumentRoot /var/www/html
</VirtualHost>

<Directory "/var/www/html">
AllowOverride none
Require All Granted
</Directory> (save and exit this file)
Example :
# vim /etc/httpd/conf.d/ip.conf (create the configuration file)
<VirtualHost 172.25.9.11:80>
ServerAdmin root@server9.example.com
ServerName server9.example.com
DocumentRoot /var/www/html
</VirtualHost>

<Directory "/var/www/html">
AllowOverride none
Require All Granted
</Directory>
(h) Go to document root directory and create the index.html file.
# cd /var/www/html
# vim index.html
<html>
<H1>
This is IP based Web Hosting
</H1>
</html> (save and exit this file)
(i) Restart the web server deamon.
# service httpd start (to start the webserver deamon in RHEL - 6)
# chkconfig httpd on (to enable the service at next boot in RHEL - 6)
# systemctl restart httpd (to start the webserver deamon in RHEL - 7)
# systemctl enable httpd (to enable the service at next boot in RHEL - 7)
(j) Add the service to the IP tables and firewall.
In RHEL - 6 :
# iptables -A INPUT -i eth0 -p tcp -m tcp --deport 80 -j ACCEPT
# iptables -A OUTPUT -i eth0 -p tcp -m tcp --deport 80 -j ACCEPT
# service iptables save
# service iptables restart
In RHEL - 7 :
# firewall-cmd --permanent --add-service=http
# firewall-cmd --complete-reload
(k) Go to client system, open the firefox browser and type as http://server9.example.com in address bar and check the index page is displayed or not.
(l) We can also access the website using elinks CLI tool.
# yum install elinks* -y (install the elinks package)
# elinks --dump server9.example.com (access the index page)

9. How to configure the name based web hosting?
(a) Make a directory for virtual or named based hosting.
# mkdir /var/www/virtual
(b) Go to the configuration file directory by
# cd /etc/httpd/conf.d
(c) Create the configuration for name based hosting.
# vim /etc/httpd/conf.d/virtual.conf
<VirtualHost <IP address of the web server> : 80>
ServerAdmin root@<hostname of the web server>
ServerName <virtual hostname of the web server>
DocumentRoot /var/www/virtual
</VirtualHost>

<Directory "/var/www/virtual">
AllowOverride none
Require All Granted
</Directory> (save and exit this file)
Example :
# vim /etc/httpd/conf.d/virtual.conf (create the configuration file)
<VirtualHost 172.25.9.11:80>
ServerAdmin root@server9.example.com
ServerName www9.example.com
DocumentRoot /var/www/virtual
</VirtualHost>

<Directory "/var/www/virtual">
AllowOverride none
Require All Granted
</Directory>
(d) Go to named based virtual directory and create the index.html file.
# cd /var/www/virtual
# vim index.html
<html>
<H1>
This is Name based Web Hosting
</H1>
</html> (save and exit this file)
(e) Restart the web server deamon.
# service httpd start (to start the webserver deamon in RHEL - 6)
# chkconfig httpd on (to enable the service at next boot in RHEL - 6)
# systemctl restart httpd (to start the webserver deamon in RHEL - 7)
# systemctl enable httpd   (to enable the service at next boot in RHEL - 7)
(f) Add the service to the IP tables and firewall.
In RHEL - 6 :
# iptables -A INPUT -i eth0 -p tcp -m tcp --deport 80 -j ACCEPT
# iptables -A OUTPUT -i eth0 -p tcp -m tcp --deport 80 -j ACCEPT
# service iptables save
# service iptables restart
In RHEL - 7 :
# firewall-cmd --permanent --add-service=http
# firewall-cmd --complete-reload
(g) Go to client system, open the firefox browser and type as http://www9.example.com in address bar and check the index page is displayed or not.
(h) We can also access the website using elinks CLI tool.
# yum install elinks* -y (install the elinks package)
# elinks --dump www9.example.com (access the index page)

10. How to configure the port based web hosting?
(a) Make a directory for port based hosting.
# mkdir /var/www/port
(b) Go to the configuration file directory by
# cd /etc/httpd/conf.d
(c) Create the configuration for port based hosting.
# vim /etc/httpd/conf.d/port.conf
<VirtualHost <IP address of the web server> : 8999>
ServerAdmin root@<hostname of the web server>
ServerName <port based hostname of the web server>
DocumentRoot /var/www/port
</VirtualHost>

<Directory "/var/www/port">
AllowOverride none
Require All Granted
</Directory> (save and exit this file)
Example :
# vim /etc/httpd/conf.d/virtual.conf (create the configuration file)
<VirtualHost 172.25.9.11:8999>
ServerAdmin root@server9.example.com
ServerName port9.example.com
DocumentRoot /var/www/port
</VirtualHost>

<Directory "/var/www/port">
AllowOverride none
Require All Granted
</Directory>
(d) Go to port based virtual directory and create the index.html file.
# cd /var/www/port
# vim index.html
<html>
<H1>
This is Port based Web Hosting
</H1>
</html> (save and exit this file)
(e) Generally port based web hosting requires DNS server. So, we can solve this problem by the following way.
For that open the /etc/hosts file enter the server name and IP addresses on both server and client.
# vim /etc/hosts
172.25.9.11 port5.example.com (save and exit this file)
(f) By default the web server runs on port number 80. If we want to configure on deferent port number, we have to add the port number in the main configuration file.
# vim /etc/httpd/conf/httpd.conf
* Go to Listen : 80 line and open new line below this line and type as,
Listen : 8999 (save and exit this file)
(g) By default SELinux will allow 80 and 8080 port numbers only for webserver. If we use different port numbers other than 80 or 8080 then execute the following command.
# semanage port -a -t http_port_t -p tcp 8999
(h) Restart the web server deamon.
# service httpd start (to start the webserver deamon in RHEL - 6)
# chkconfig httpd on (to enable the service at next boot in RHEL - 6)
# systemctl restart httpd (to start the webserver deamon in RHEL - 7)
# systemctl enable httpd (to enable the service at next boot in RHEL - 7)
(i) Add the service to the IP tables and firewall.
In RHEL - 6 :
# iptables -A INPUT -i eth0 -p tcp -m tcp --deport 8999 -j ACCEPT
# iptables -A OUTPUT -i eth0 -p tcp -m tcp --deport 8999 -j ACCEPT
# service iptables save
# service iptables restart
In RHEL - 7 :
# firewall-cmd --permanent --add-service=http
# firewall-cmd --permanent -add-port=8999/tcp
# firewall-cmd --complete-reload
(j) Go to client system, open the firefox browser and type as http://port9.example.com in address bar and check the index page is displayed or not.
(k) We can also access the website using elinks CLI tool.
# yum install elinks* -y (install the elinks package)
# elinks --dump port9.example.com (access the index page)

11. How to configure user authentication based web hosting?
It will ask user name and password to access this website. So, we have to provide http password.
(f) Go to the configuration file directory by # cd /etc/httpd/conf.d
(g) Create the configuration for user authentication based hosting.
# vim /etc/httpd/conf.d/userbase.conf
<VirtualHost <IP address of the web server> : 80>
ServerAdmin root@<hostname of the web server>
ServerName <hostname of the web server>
DocumentRoot /var/www/html
</VirtualHost>

<Directory "/var/www/html">
AllowOverride none
Require All Granted
AuthType Basic
AuthName "This site is protected"
AuthUserFile /etc/httpd/pass
Require User <user name>
</Directory> (save and exit this file)
Example :
# vim /etc/httpd/conf.d/userbase.conf (create the configuration file)
<VirtualHost 172.25.9.11:80>
ServerAdmin root@server9.example.com
ServerName server9.example.com
DocumentRoot /var/www/html
</VirtualHost>

<Directory "/var/www/html">
AllowOverride none
Require All Granted
AuthType Basic
AuthName "This site is protected"
AuthUserFile /etc/httpd/pass
Require User raju
</Directory>
(h) Go to document root directory and create the index.html file.
# cd /var/www/html
# vim index.html
<html>
<H1>
This is User Authentication based Web Hosting
</H1>
</html> (save and exit this file)
(i) Restart the web server deamon.
# service httpd start (to start the webserver deamon in RHEL - 6)
# chkconfig httpd on (to enable the service at next boot in RHEL - 6)
# systemctl restart httpd (to start the webserver deamon in RHEL - 7)
# systemctl enable httpd   (to enable the service at next boot in RHEL - 7)
(j) Add the service to the IP tables and firewall.
In RHEL - 6 :
# iptables -A INPUT -i eth0 -p tcp -m tcp --deport 80 -j ACCEPT
# iptables -A OUTPUT -i eth0 -p tcp -m tcp --deport 80 -j ACCEPT
# service iptables save
# service iptables restart
In RHEL - 7 :
# firewall-cmd --permanent --add-service=http
# firewall-cmd --complete-reload
(k) Create the user and assign the http password.
# useradd raju
* Don't give the normal password because this user requires the http password.
# htpasswd -c m /etc/httpd/pass <user name>
Example : # htpasswd -c m /etc/httpd/pass raju
(l) Go to client system, open the firefox browser and type as http://server9.example.com in address bar and check the index page is displayed or not. Then it asks password, so we have to provide http password.
(m)We can also access the website using elinks CLI tool.
# yum install elinks* -y (install the elinks package)
# elinks --dump server9.example.com (access the index page)
* Then it asks password, so we have to provide http password.

12. How to restrict the web sites access from hosts or domains or networks?
(a) Go to the configuration file directory by # cd /etc/httpd/conf.d
(b) Create the configuration for IP based hosting.
# vim /etc/httpd/conf.d/restrict.conf
<VirtualHost 172.25.9.11:80>
ServerAdmin root@server9.example.com
ServerName server9.example.com
DocumentRoot /var/www/html
</VirtualHost>

<Directory "/var/www/html">
AllowOverride none
Require All Granted
Order Allow, Deny
Allow from 172.25.9.0 or 172.25.0 (allows 172.25.9 network or 172.25 network to access the websites)
Deny from .my133t.org(deny the systems of *.my133t.org domain to access the websites)
</Directory>

13. How to Redirect the website?
* Redirecting means whenever we access the website, it redirects to another website.
(a) Go to the configuration file directory by # cd /etc/httpd/conf.d
(b) Create the configuration for redirect based hosting.
# vim /etc/httpd/conf.d/rediect.conf
<VirtualHost 172.25.9.11:80>
ServerAdmin root@server9.example.com
ServerName server9.example.com
DocumentRoot /var/www/html
Redirect / "http://www.google.com"
</VirtualHost>

<Directory "/var/www/html">
AllowOverride none
Require All Granted
</Directory> (save and exit this file)
(c) Go to document root directory and create the index.html file.
# cd /var/www/html

# vim index.html
<html>
<H1>
This is Redirect based Web Hosting
</H1>
</html> (save and exit this file)
(d) Restart the web server deamon.
# service httpd start (to start the webserver deamon in RHEL - 6)
# chkconfig httpd on (to enable the service at next boot in RHEL - 6)
# systemctl restart httpd (to start the webserver deamon in RHEL - 7)
# systemctl enable httpd (to enable the service at next boot in RHEL - 7)
(e) Add the service to the IP tables and firewall.
In RHEL - 6 :
# iptables -A INPUT -i eth0 -p tcp -m tcp --deport 80 -j ACCEPT
# iptables -A OUTPUT -i eth0 -p tcp -m tcp --deport 80 -j ACCEPT
# service iptables save
# service iptables restart
In RHEL - 7 :
# firewall-cmd --permanent --add-service=http
# firewall-cmd --complete-reload
(f) Go to client system, open the firefox browser and type as http://server9.example.com in address bar and check the redirection google web page is displayed or not.
(g) We can also access the website using elinks CLI tool.
# yum install elinks* -y (install the elinks package)
# elinks --dump server9.example.com (access the index page)
* This website redirects to the google website.

14. How to configure the website with alias name?
(a) Go to the configuration file directory by # cd /etc/httpd/conf.d
(b) Create the configuration for alias based hosting.
# vim /etc/httpd/conf.d/alias.conf
<VirtualHost 172.25.9.11:80>
ServerAdmin root@server9.example.com
ServerName server9.example.com
DocumentRoot /var/www/html
Alias /private /var/www/html/private
</VirtualHost>

<Directory "/var/www/html/private">
AllowOverride none
Require All Granted
</Directory> (save and exit this file)
(c) Create private directory in /var/www/html.
# mkdir /var/www/html/private
(c) Go to document root private directory and create the index.html file.
# cd /var/www/html/private
# vim index.html
<html>
<H1>
This is Alias based Web Hosting
</H1>
</html> (save and exit this file)
(d) Restart the web server deamon.
# service httpd start (to start the webserver deamon in RHEL - 6)
# chkconfig httpd on (to enable the service at next boot in RHEL - 6)
# systemctl restart httpd (to start the webserver deamon in RHEL - 7)
# systemctl enable httpd (to enable the service at next boot in RHEL - 7)
(e) Add the service to the IP tables and firewall.
In RHEL - 6 :
# iptables -A INPUT -i eth0 -p tcp -m tcp --deport 80 -j ACCEPT
# iptables -A OUTPUT -i eth0 -p tcp -m tcp --deport 80 -j ACCEPT
# service iptables save
# service iptables restart
In RHEL - 7 :
# firewall-cmd --permanent --add-service=http
# firewall-cmd --complete-reload
(f) Go to client system, open the firefox browser and type as http://server9.example.com/privae in address bar and check the private or alias based web page is displayed or not.
(g) We can also access the website using elinks CLI tool.
# yum install elinks* -y (install the elinks package)
# elinks --dump server9.example.com/private (access the index page)
15. How to configure the directory based web hosting?
(a) Go to the configuration file directory by # cd /etc/httpd/conf.d
(b) Create the configuration for direct based hosting.
# vim /etc/httpd/conf.d/confidential.conf
<VirtualHost 172.25.9.11:80>
ServerAdmin root@server9.example.com
ServerName server9.example.com
DocumentRoot /var/www/html
</VirtualHost>

<Directory "/var/www/html/confidential">
AllowOverride none
Require All Granted
</Directory> (save and exit this file)
(c) Create confidentialdirectory in /var/www/html.
# mkdir /var/www/html/confidential
(c) Go to confidential directory and create the index.html file.
# cd /var/www/html/confidential
# vim index.html
<html>
<H1>
This is Alias based Web Hosting
</H1>
</html> (save and exit this file)
(d) Restart the web server deamon.
# service httpd start (to start the webserver deamon in RHEL - 6)
# chkconfig httpd on (to enable the service at next boot in RHEL - 6)
# systemctl restart httpd (to start the webserver deamon in RHEL - 7)
# systemctl enable httpd   (to enable the service at next boot in RHEL - 7)
(e) Add the service to the IP tables and firewall.
In RHEL - 6 :
# iptables -A INPUT -i eth0 -p tcp -m tcp --deport 80 -j ACCEPT
# iptables -A OUTPUT -i eth0 -p tcp -m tcp --deport 80 -j ACCEPT
# service iptables save
# service iptables restart
In RHEL - 7 :
# firewall-cmd --permanent --add-service=http
# firewall-cmd --complete-reload
(f) Go to client system, open the firefox browser and type as http://server9.example.com/confidential in address bar and check the directory based web page is displayed or not.
(g) We can also access the website using elinks CLI tool.
# yum install elinks* -y (install the elinks package)
# elinks --dump server9.example.com/confidential (access the index page)
16. How to configure the web server to display the user defined home page not the index.html page?
Normally Apache will look the index.html as the home page by default. If the name changed it will display the home page without configure that one. For that we can do the above as follows.
(i) Go to configuration file directory by # cd /etc/httpd/conf.d command.
(ii) Create a userpage configuration file.
# vim userpage.conf
<VirtualHost 172.25.9.11:80>
ServerAdmin root@server9.example.com
ServerName server9.example.com
DocumentRoot /var/www/html
DirectoryIndex userpage.html
</VirtualHost>

<Directory "/var/www/html">
AllowOverride none
Require All Granted
</Directory> (save and exit this file)
(iii) Go to document root directory by # cd /var/www/html command.
(iv) # vim userpage.html
<html>
<H1>
This is userpage as home page web hosting
</H1>
</html> (save and exit this file)
(d) Restart the web server deamon.
# service httpd start (to start the webserver deamon in RHEL - 6)
# chkconfig httpd on (to enable the service at next boot in RHEL - 6)
# systemctl restart httpd    (to start the webserver deamon in RHEL - 7)
# systemctl enable httpd (to enable the service at next boot in RHEL - 7)
(e) Add the service to the IP tables and firewall.
In RHEL - 6 :
# iptables -A INPUT -i eth0 -p tcp -m tcp --deport 80 -j ACCEPT
# iptables -A OUTPUT -i eth0 -p tcp -m tcp --deport 80 -j ACCEPT
# service iptables save
# service iptables restart
In RHEL - 7 :
# firewall-cmd --permanent --add-service=http
# firewall-cmd --complete-reload
(f) Go to client system, open the firefox browser and type as http://server9.example.com in address bar and check the user defined web page is displayed or not.
(g) We can also access the website using elinks CLI tool.
# yum install elinks* -y (install the elinks package)
# elinks --dump server9.example.com (access the index page)

17. How to configure CGI based web hosting?
CGI content will change dynamically every time the client accessed it. Normal web server will not be used to support this type of web hosting. To access these dynamic pages, we have to configure the web server as ".wsgi" server. The following steps will configure the CGI web server.
(a) Install the CGI package by # yum install mod_wsgi* -y command.
(b) Download or create the CGI script file in web server's document root directory.
Example : # cp webapp.wsgi /var/www/html
(c) Create the configuration file for CGI based web hosting.
<VirtualHost 172.25.9.11:80>
ServerAdmin root@server9.example.com
ServerName webapp9.example.com
DocumentRoot /var/www/html
WSGIScriptAlias / /var/www/html/webapp.wsgi
</VirtualHost>
(d) Restart the web server deamon.
# service httpd start (to start the webserver deamon in RHEL - 6)
# chkconfig httpd on (to enable the service at next boot in RHEL - 6)
# systemctl restart httpd (to start the webserver deamon in RHEL - 7)
# systemctl enable httpd (to enable the service at next boot in RHEL - 7)
(e) Add the service to the IP tables and firewall.
In RHEL - 6 :
# iptables -A INPUT -i eth0 -p tcp -m tcp --deport 80 -j ACCEPT
# iptables -A OUTPUT -i eth0 -p tcp -m tcp --deport 80 -j ACCEPT
# service iptables save
# service iptables restart
In RHEL - 7 :
# firewall-cmd --permanent --add-service=http
# firewall-cmd --complete-reload
(f) Go to client system, open the firefox browser and type as http://webapp9.example.com in address bar and check the CGI based web page is displayed or not.
(g) We can also access the website using elinks CLI tool.
# yum install elinks* -y (install the elinks package)
# elinks --dump webapp9.example.com (access the index page)

18. What is secured web server?
Secured web server means normal Apache web server with SSL support. In normal web server the data communication is done in plain text format. So, there is no security for data because everyone can access the data. If we want to provide security to the data, then we have to configure the web server with SSL support.

19. What is the profile of secured web server?
Package : mod_ssl
Configuration file : /etc/httpd/conf.d/ssl.conf
Private key location : /etc/pki/tls/private
Public key location : /etc/pki/tls/certs
Authentication certificate : /etc/pki/tls/certs
Port number : 443
* Private key extention is " . key " and public key extention is " . crt "

20. How to configure the secured web server?
(a) Install the web server and secure shell packages.
# yum install httpd* mod_ssl* -y command.
(b) Download the private key and public certificates.
# cd /etc/pki/tls/private
# wget http://classroom.example.com/pub/tls/private/server<no.> . key
# cd /etc/pki/tls/certs
# wget http://classroom.example.com/pub/tls/certs/server<no.> . crt
# wget http://classroom.example.com/pub/example-ca.crt
(c) Create the configuration file for secured web server.
# vim /etc/httpd/conf.d/https.conf
<VirtualHost 172.25.9.11:443>
ServerAdmin root@server9.example.com
ServerName server9.example.com
DocumentRoot /var/www/html
</VirtualHost>
(d) We have to copy 7 lines from ssl.conf file to https.conf file.
# vim -O ssl.conf https.conf
Copy the line numbers 70, 75, 80, 93, 100, 107, 116 copy and paste them in https.conf file.
So, after copied those line the https.conf file should be as below.
<VirtualHost 172.25.9.11:443>
ServerAdmin root@server9.example.com
ServerName server9.example.com
SSLEngine on
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
SSLCertificateFile /etc/pki/tls/certs/server9.crt
SSLCertificateKeyFile /etc/pki/tls/private/server9.key
#SSLCertificateChainFile /etc/pki/tls/certs/example-ca.crt
DocumentRoot /var/www/html
</VirtualHost>
<Directory "/var/www/html">
AllowOverride
Require All Granted
</Directory> (save and exit this file)
(e) Go to document root directory by # cd /var/www/html command.
(f) # vim index.html
<html>
<H1>
This is a secured web hosting
</H1>
</html> (save and exit this file)
(g) Restart the web server deamon.
# service httpd start (to start the webserver deamon in RHEL - 6)
# chkconfig httpd on (to enable the service at next boot in RHEL - 6)
# systemctl restart httpd (to start the webserver deamon in RHEL - 7)
# systemctl enable httpd (to enable the service at next boot in RHEL - 7)
(h) Add the service to the IP tables and firewall.
In RHEL - 6 :
# iptables -A INPUT -i eth0 -p tcp -m tcp --deport 443 -j ACCEPT
# iptables -A OUTPUT -i eth0 -p tcp -m tcp --deport 443 -j ACCEPT
# service iptables save
# service iptables restart
In RHEL - 7 :
# firewall-cmd --permanent --add-service=http
# firewall-cmd --permanent --add-service=https
# firewall-cmd --complete-reload
(i) Go to client system, open the firefox browser and type as https://server9.example.com/ in address bar and check the secured web page is displayed or not.
21. How to generate our own private and public keys using crypto-utils package?
(i) Install the package by # yum install crypto-utils* -y command.
(ii) Create our own public and private keys by # genkey <hostname of the server> command.
Example :
#genkey server9.example.com (one window will be opened and we have to enter the details)
Click on Next ---> Don't change the default size ---> Next ---> No --->The keys are generated their directories.
Other useful commands :
# httpd -t (to check the web server configuration file for syntax errors)

Browsing And Finding

Search This Blog

Tuesday 6 August 2019

Kubernetes basic installation and how to check cluster is running or not.

Bugzilla to cloud jira using local jira server

Now, backup file is ready then get attachments, avatars, logs from local Jira path related folders then zip all the folders make as one zip file then upload that file to restore in cloud Jira.

Monday 6 May 2019

REST APIs

NAGIOS INSTALLATION STEPS

Wednesday 24 April 2019

DevOps Project with GIT--JENKINS--Docker

Sunday 21 April 2019

Web Server (Apache)

Popular Posts

Search This Blog

Tuesday 6 August 2019

Now, backup file is ready then get attachments, avatars, logs from local Jira path related folders then zip all the folders make as one zip file then upload that file to restore in cloud Jira.

Monday 6 May 2019

Wednesday 24 April 2019

Sunday 21 April 2019

Subscribe To