Caso técnico: configurar Apache y Tux/RHCA para servir archivos estáticos y dinámicos

[Escribí este artículo originalmente en inglés, en 2005, tras experimentar con alternativas a Apache para servir contenido estático de forma más eficiente. Es aplicable a servidores Linux/RedHat]

INTRO

This is my personal “step-by-step playground” on installing RedHat’s TUX Web Server by Ingo Molnar, using Apache as ‘secondary’ web server (i.e. to serve PHP), and handling virtual hosts. (Please note that this article includes *specific* info for Interworx Servers).


How to install TUX Web Server (aka Red Hat Content Accelerator) on Interworx Servers
This how-to worked for me, was written on 2005 and you must use any information in this document AT YOUR OWN RISK. This article assumes that you can break things on your server and that you’re able to restore them.

DISCLAIMER:

OS tested:

Linux RedHat 9 and CentOS 3.x, CentOS 4.x, kernel 2.4.x & 2.6.x

PREFACE

TUX is a kernel-based, multi-threaded, extremely high performance HTTP server with the ability to serve both static and dynamic data, developed by RedHat.

This is what we’ll do:
TUX will listen on port 80, the default http port, so TUX will act as frontend. We’ll REconfigure Apache to listen only on localhost, port 81 (as backend), instead of port 80 (by default). This way, TUX will receive every http request, handling static files that can recognize and will redirect any request that cannot handle to Apache (PHP, for example).

If your box has RedHat Linux or CentOS, you don’t need to patch the linux kernel, the main reason I believe TUX is underestimated and underutilized. It’s a great and really powerful program to boost your dedicated server. This doc has no kernel-patching instructions, to do so follow official docs for TUX at RedHat.com

STEP 1: Installing TUX

Install TUX:
# yum install tux

STEP 2: REconfiguring Apache

!!! Make .bak copies of your conf files !!!

Locate & edit Apache’s global config file: httpd.conf

– Look for Listen 80, or Listen 0.0.0.0:80, and change it to be:

Listen 127.0.0.1:81

We’re telling Apache to listen on Port 81, and accept connections just from localhost (127.0.0.1). Apache won’t reply to anyone trying to access this port from outside.

Look for KeepAlive, and change it to be:

KeepAlive Off

Setting off Apache’s KeepAlive lets TUX always have a shot on mixed requests handled by Apache (for example, PHP generates a page which load several static images). Apache serves PHP, TUX images, swf, etc.-

Don’t restart Apache yet. Remember that you changed httpd.conf but all of that won’t become ‘live’ until you restart Apache.

STEP 3: Port and Virtual Hosts’ care on both TUX and Apache

In order to tweak this whole thing to manage the several domain folders where our web files reside, we need to tweak some configs, since we have several domains, not an unique documentroot for Apache.

STEP 3.1: Tweaking TUX for virtual hosts

Some config on TUX goes through files located at folder /proc/sys/net/tux

You can’t access folder /proc/sys/net/tux until TUX has been started, so we’ll start it and stop it though ‘service tux start‘ and ‘service tux stop‘ once installed (what we did on STEP 1).

– Now, we move to /proc/sys/net/tux and perform this command:

# echo “1” >virtual_server

So
# cat virtual_server
will show:
1

and that enables TUX to add ‘domain.tld’ after /var/www/html (which is the default ‘documentroot’ value at TUX, the location for webfiles).

– Still on /proc/sys/net/tux folder, we perform this command:

# echo “81” >clientport

Default TUX port for ‘secondary server’ (Apache), is 8080. We have set it to be port 81.

We’re done for testing, but we’ll lose these changes if the server is rebooted. So we’ll make a config file.

Create the new file /etc/sysctl.tux

These are some settings that worked for me:

net/tux/virtual_server = 1
net/tux/clientport = 81
net/tux/referer_logging = 0
net/tux/logging = 0
net/tux/max_keepalives = 2000
net/tux/keepalive_timeout = 15
net/tux/TDprintk = 0
net/tux/Dprintk = 0
net/tux/generate_cache_control = 1
net/tux/generate_etags = 1
net/tux/generate_last_mod = 1
net/tux/defer_accept = 0

STEP 3.2: Tweaking Apache for virtual hosts

We changed Apache port on STEP 2, so now we only need to tweak .conf files for each virtualhost at folder /etc/httpd/conf.d/ (as for Interworx-CP Servers)

– Every ‘siteworx account‘ has a file named domain.tld.conf under the folder /etc/httpd/conf.d/

Locate and edit these files, looking for <VirtualHost x.x.x.x:80> just at the first line. Change it to be:

<VirtualHost *:81>

– Look inside the file “namevirtualhost.conf“, also at /etc/httpd/conf.d/ It might be empty if you have not ‘shared IP addressed’ on the box (IP management option at Nodeworx Control Panel). If it’s not empty, you’ll see a line saying: NameVirtualHost x.x.x.x:80, change it to be: NameVirtualHost *:81

Caution NOTE: changing the IP to “*” fixes the “virtual domain name not being added to TUX documentroot path” error. It works well on a box with two (2) IPs where one is for shared hosting, and the other is “dedicated” (for SSL purposes), but I HAVEN’T TESTED if this can lead to problems when having more than just one ‘shared IP’ for virtual hosting. *Updated* Well, I’ve already tested and yes, that lead to problems…

STEP 4: Last TUX tuning

– Locate and edit file /etc/sysconfig/tux

You can leave TUXTHREADS commented (with #), as it will default to the number of CPUs on your box, as stated on the file commentaries.

You also can leave DOCROOT or LOGFILE as is. You should have a folder /var/www/html, where ‘default’ Apache installation and response pages belongs.

– Locate and edit file /etc/tux.mime.types

Strip the # before TUX/redirect and change ‘redir’ to the extension(s) you want to be always redirected to the secondary server (Apache at port 81).

The line would show:

TUX/redirect    php

if we want just ‘php’ files to be always redirected.

TUX will redirect to Apache any request that get rejected for any reason (see the TUX manual).

You can strip the # before TUX/CGI if you want TUX to handle CGI requests as well.

STEP 5: Setting up directories

That’s the trick I wanted when I was setting up TUX. Symbolic links WON’T work if we need to link directories outside the documentroot (which is the case of Interworx). TUX follows sym-links, but just within documentroot.

Every content that TUX will try to serve ‘must’ be located on a folder named /var/www/html/domain.tld/ (it will be /var/www/html if DOCROOT is set this way on /sys/sysconfig/tux).

You can create these folders using
# mkdir /var/www/html/domain.tld/
for every ‘siteworx account’ you have created.

As far as I know, TUX can only look into the fixed DOCROOT (/var/www/html/), append a fixed-configurable substring, and also append the domain name requested stripping the www. This collides with the path where interworx store our websites, which depends on an username and configured through these .conf files created for each domain at folder /etc/httpd/conf.d

So if you have ‘mydomain.com’ as a siteworx account, you have to end with:
/home/someuser/mydomain.com/html/…<— (files)
/var/www/html/mydomain.com/…<—- EMPTY directory, just create it.

TUX will look at /var/www/html/mydomain.com/… for each request.
Apache (when a request is redirected), will look at /home/someuser/mydomain.com/html/

How can we handle this without putting files on each separate folder? Thanks to a message read on tux-list about this, you just have to bind a directory using MOUNT command.

# mount –bind /home/someuser/domain.tld/html/ /var/www/html/domain.tld/

This way you can move to folder /var/www/html/domain.tld and see exactly the same files you have at /home/someuser/domain.tld/html/ and so will do TUX, so it will find the files on the proper folder/directory that interworx uses. Note that you MUST create that EMPTY directories under /var/www/html in the example.

Note that you’ll lose this MOUNT if you reboot, so we can put this on /etc/fstab for each account we need:

/home/someuser/domain.tld/html /var/www/html/domain.tld none rw,bind

STEP 6: Testing!

Now all you have to do is to restart Apache, iworx (not sure if really needed), and start TUX:

# service apache restart
# service tux start
# service iworx restart

and start playing around to see if it works.

MAKING TUX AUTORUN ON BOOT

You want that TUX starts on boot, otherwise your server won’t be able to handle http requests at all, as TUX is configured here to be “on top”.

So to make TUX autorun on boot you type this two commands as root on SSH:

chkconfig –add tux
chkconfig –level 345 tux on

VIEW LOGS:

You’ll have to look the logs to making sure TUX is working and redirecting requests to Apache. A request handled by TUX will show the http response code 200 or 304. You’ll also see that redirected requests to Apache have a “-1” code on the TUX logs. You’ll also observe that, if the configurable 404 error page for TUX is not found, it will redirect the request to Apache too.

Interworx log-files for each domain go to folder /home/someuser/var/domain.tld/logs

TUX binary-logs go (by default) to /var/log/tux

To be able to view these TUX binary-logs, you have to perform this command:

# /usr/sbin/tux2w3c /var/log/tux

If you want to disable logging, you must edit /etc/sysconfig/tux and comment (put a # character) on the line LOGFILE=…, otherwise logging will be forced even if you set logging=0 from /etc/sysctl.tux

DEBUGGING

In addition to view logs, you can:

1. View current config for a started TUX daemon, locate gettuxconfig, cd & execute it:
# gettuxconfig (better output this to a file using >>).
2. Check active ports:
# netstat -na

That should show:

tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:81 0.0.0.0:* LISTEN

(TUX at port 80, Apache at 81, for localhost eyes only)

Reference documentation & pages

http://www.redhat.com/docs/manuals/tux/
http://www.stllinux.org/meeting_notes/2001/0719/myTUX/khttpd-users-ingo.html
http://slashdot.org/articles/00/07/20/1440204.shtml

Esta entrada fue publicada en Apache, Servidores y etiquetada , , , , . Guarda el enlace permanente.

Deja un comentario