Versions Compared

Old Version 1

changes.mady.by.user Andy Kurth

Saved on

compared with

New Version Current

changes.mady.by.user Andy Kurth

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 5.3

Excerpt
hiddentrue

How This page describes how to install and configure the frontend VCL web code components including the web server prerequisites and frontend VCL web code. It also describes how to add local web accounts to the VCL database, configure LDAP authentication, and set the timezone correctly.

Install & Configure the Web Components

Prerequisites

...

The following instructions assume these tasks have previously been completed:


Web Server:

  • Apache HTTP Server v1.3 or v2.x with SSL enabled - while VCL
  • PHP 5.0 or later
Info

The VCL web frontend may run under

...

other web server platforms capable of running PHP code,

...

but has only been tested to work with Apache HTTP Server.

Required Linux Packages:

  • httpd - Apache HTTP Server
  • PHP 5
    • php modules that should be installed (depending on your Linux distro, some of these may be compiled in to php instead of being a separate module):
  • mod_ssl - SSL/TLS module for the Apache HTTP server
  • php - The PHP HTML-embedded scripting language
  • libmcrypt - Encryption algorithms library (this requirement can be removed with a patch)

Required PHP Modules:

(Some of these may already be included with your PHP distribution)

  • php-gd
  • php-json (required if your PHP version is < 5.2 , this is not requiredor later)
  • php-mcrypt (this requirement can be removed with a patch)
  • php-mysql
  • php-openssl
  • php-sysvsem
  • php-xml
  • php-xmlrpc
  • php-ldap (if you will be using ldap LDAP authentication)

  1. Install the Required Linux Packages & PHP Modules

    1. If

...

    1. your web server is running a Red Hat-based OS, the required components can be installed with:

      ...

      Tip

...

    1. yum

...

    1. install

...

    1. httpd

...

    1. mod_ssl

...

    1. php php-gd

...

    1. php-mcrypt

...

    1. php-mysql

...

    1. php-xml

...

    1. php-xmlrpc

...

    1. php-ldap

...

    1. -y

...

      • it up on CentOS

...

      • It is useful to

...

      • configure the server

...

      • to be able to send debugging emails

...

    2. Configure the web server daemon (httpd) to start automatically:
      Tip

      /sbin/chkconfig --level 345 httpd on

    3. Start the web server daemon:
      Tip

      /sbin/service httpd start

    4. If SELinux is enabled, run the following command to allow the web server to connect to the database:
      Tip

      /usr/sbin/setsebool -P httpd_can_network_connect=1

    5. If the iptables firewall is being used, port 80 and 443 should be opened up:
      Tip

      vi /etc/sysconfig/iptables

      No Format
      
-A RH-Firewall-1-INPUT -m state --state NEW -p tcp --dport 80 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -p tcp --dport 443 -j ACCEPT
service iptables restart

  2. Install the VCL

...

  1. Frontend Web Code

    1. If you
    haven't
    1. have not already done so, download and extract
    a copy of the latest release. There is a link to it under the Project Resources section on our wiki home page. Look for "Current version".copy the "web" directory to a location somewhere
    1. the source files on the web server:
      Tip

      wget http://www.apache.org/dist/incubator/vcl/apache-VCL-2.2.1-incubating.tar.bz2
      tar -jxvf apache-VCL-2.2.1-incubating.tar.bz2

    2. Copy the web directory to a location under the web root of your web server and navigate to the destination .ht-inc subdirectory: code
      Tip

    1. cp

    1. -r

    web/

    1. apache-VCL-2.2.1-incubating/web/ /var/www/html/vcl
      cd /var/www/html/vcl

    copy/rename

    1. /.ht-inc

    2. apply patch to fix editing reservations
      Tip

      wget https://issues.apache.org/jira/secure/attachment/12477101/utils_virtual_undefined.patch
      patch < utils_virtual_undefined.patch

    3. apply patch to fix processing of block allocations
      Tip

      wget https://issues.apache.org/jira/secure/attachment/12485328/vmhostcheck_fix.patch
      patch < vmhostcheck_fix.patch

    4. Copy secrets-default.php to secrets.php:
      Tip

      cp secrets-default.php secrets.php

    modify vcl/.ht-inc/secrets.php
    1. Edit the secrets.php file:
      Tip

      vi secrets.php

      • Set the following variables to match your database configuration:
        • $vclhost
        • $vcldb
        • $vclusername
        • $vclpassword
      • Create random passwords for the following variables:
        • $mcryptkey
        • $mcryptiv (
  2. set $vclhost, $vcldb, $vclusername, and $vclpassword to match your database setup
    3. create random passwords for $mcryptkey, $mcryptiv, and $pemkey - $mcryptiv
        • must be 8 hex characters
    run
        • )
        • $pemkey
      • Save the secrets.php file
    2. Run the genkeys.sh
    script from within vcl/.ht-inc and give it $pemkey from
    1.  script.  Enter the value you set for $pemkey in secrets.php as the passphrase (3 times, copy/paste is a good idea
    here
    1. )
      Tip
    copy/rename

    1. ./genkeys.sh

    2. Copy conf-default.php to conf.php
    modify vcl/.ht-inc/You really need to modify every entry in the
    1. :
      Tip

      cp conf-default.php conf.php

    2. Modify conf.php to match your site
    - COOKIEDOMAIN needs to be the domain name your web server is using, or left blank if you are accessing it by IP only.
    *
    1. Tip

      vi conf.php

      Info

      Modify every entry under

    1. "Things in this section must be modified"

    part of the file.*
  3. *NOTICE* JpGraph 2.x is no longer available. JpGraph 3.x is released under a dual license. QPL 1.0 (Qt Free Licensee). Free for non-commercial, open-source or educational use (JpGraph Professional License for commercial use). If you are planning to use this for commercial use and don't want to pay for JpGraph, you can safely skip this step with the only side effect of not being able to display a few graphs on the statistics page.
    Download JpGraph from http://www.aditus.nu/jpgraph/jpdownload.php
    • download the 3.x series, extract it, and copy the src directory from it to vcl/.ht-inc/jpgraph

    1. . Descriptions and pointers for each value are included within conf.php.

      • COOKIEDOMAIN - set this to the domain name your web server is using or leave it blank if you are only accessing the web server by its IP address
    2. Set the owner of
    make
    1. the .ht-inc/maintenance directory
    writable by
    1. to the web server user
    - i.e. if the httpd process is running as user
    1. (normally 'apache'
    run '
    1. ):
      Tip

      chown apache

    .ht-inc/maintenance'

    1. maintenance

    2. Optionally, you can install phpseclib and apply a patch to remove the requirement of having mcrypt installed
    3. Open
    open
    1. the testsetup.php page in a web browser:
      i.e. if
      debug
        • Debug any issues reported by testsetup.php

    2. Log In to the VCL Website

      1. Open
      now, open
      1. the index.php page in your browser
    3. select Local Account and use 'admin' as the user and 'adminVc1passw0rd' as the password
      **Now would be a good time to change the password from the default by going to User Preferences
    4. click the "Management Nodes" link
    5. enter the hostname and IP of your management node
    6. click Add
      1. (https://my.server.org/vcl/index.php)
        • Select Local Account
        • Username: admin
        • Password: adminVc1passw0rd
      2. Set the admin user password (optional):
        1. Click User Preferences
        2. Enter the current password: adminVc1passw0rd
        3. Enter a new password
        4. Click Submit Changes

    8. Add a Management Node to the Database

      fill in these additional required fields:
      1. Click the Management Nodes link
        1. Click Add
        2. Fill in these required fields:
          • Hostname - The name of the management node server. This value doesn't necessarily need to be a name registered in DNS nor does it need to be the value displayed by the Linux hostname command. For example, if you are installing all of the VCL components on the same machine you can set this value to localhost.
            Info

            Take note of the value you enter for Hostname. In a later step performed during the management node installation, the value enter for Hostname must match the value you enter for FQDN in the /etc/vcl/vcld.conf file on the management node.

          • IP address - the public IP address of the management node
          • SysAdmin Email Address - error emails will be sent to this address
          • Install Path - this is parent directory under which image files will be stored - only required if doing bare metal installs or using VMWare with local disks
          • End Node SSH Identity Key Files -
      probably just
          • enter
      "
          • /etc/vcl/vcl.
      key"optionally
          • key unless you know you are using a different SSH identity key file
        2. Optionally, fill in these
      unrequired
        1. fields:
          • Address for Shadow Emails - End users are sent various emails about the status of their reservations. If this field is configured, copies of all of those emails will be sent to this address.
          • Public NIC configuration method - this defaults to Dynamic DHCP - if DHCP is not available for the public interface of your nodes, you can set this to Static. Then, the IP configuration on the nodes will be manually set using Public Netmask, Public Gateway, Public DNS Server, and the IP address set for the computer under Manage Computers
      click "
      1. Click Confirm Management Node
      "
      click
      1. Click Submit
      click
      1. Click the
      "
      1. Management Nodes
      "
      1. link
          select "
            1. Select Edit Management Node Grouping
          "
          click
            1. Click Submit
          select
            1. Select the checkbox for your management node
          click
            1. Click Submit Changes

        Further steps if using only VMWare

        Further steps if using xCAT

        Next Step: Management Node Installation

        Adding extra local accounts

        Adding Local VCL Accounts

        Local VCL accounts are contained within the VCL database.  The admin account is a local VCL account.  Additional local accounts can now be added using via the backend management node code. After you have finished the backend installmanagement node installation, run:

        Code Blocktip

        vcld

        -setup

        ...

        1. Select VCL Base Module
        2. Select Add Local VCL User Account
        3. Enter the requested information

        Adding LDAP Authentication

        instructions Follow the instruction on the Adding LDAP Authentication have been moved to a separate page page.


        ...

        Previous Step: VCL 2.2.1 Database Installation
        Next Step: VCL 2.2.1 Management Node Installation