Ubuntu: Difference between revisions
(→Zimba Install: Added "High CPU Workaround") |
(→Zimba Install: Added "Backup") |
||
Line 203: | Line 203: | ||
*/60 * * * * /opt/zimbra/libexec/zmstatuslog | */60 * * * * /opt/zimbra/libexec/zmstatuslog | ||
</pre> | </pre> | ||
</ | |||
==== Backup ==== | |||
# SU to Zimbra admin | |||
#* <code> su - zimbra </code> | |||
# Stop Zimbra services | |||
#* <code> zmcontrol stop </code> | |||
# Exit Zimbra user and create copy of directory | |||
#* EG <code> cp -rp /opt/zimbra /home/simons/zimbra_backup_100301 </code> | |||
== MySQL == | == MySQL == |
Revision as of 20:53, 2 March 2010
Initial Setup
Much of this section is borrowed from http://www.howtoforge.com/perfect-server-ubuntu8.04-lts and http://www.howtoforge.com/how-to-install-ubuntu8.04-with-software-raid1, they are well worth a read!
This section will create a Ubuntu VM installed on one partition, software RAID'ed across two VMDK's (my ESX's storage isn't resilient, hence the software RAID across VMDK's on separate physical disks, if you've got resilient storage you should not use software RAID).
Prepare Virtual Machine
- Create a virtual machine with the following options (use Custom)
- Guest OS: Linux > Ubuntu 32bit
- CPU: 1
- Memory: 756 MB
- Disk: 36GB
- Then add a second 36GB disk on a separate physical datastore (if you intend to use software RAID)
- Attach Ubuntu install ISO to the CD-ROM
OS Installation
Follow the default or sensible choices for your locale, however, use the following notes as well...
- Configure the network
- Enter the server's hostname (not a FQDN, just the hostname)
- Partition Disks
- If setting up software RAID follow the steps below, otherwise just select Guided - use entire disk and set up LVM
- Select "Manual
- Then create a partition...
- Select the first disk (
sda
) and on the next screen, Yes, to Create new empty partition table on this device? - Select the FREE SPACE, then Create a new Partition, and use all but the last 2GB of space,
- And then select type of Primary, and create at Beginning
- Change Use as to physical volume for RAID, and change the Bootable flag to Yes, the select Done setting up this partition
- Select the first disk (
- Repeat the above on the remaining FREE SPACE on
sda
, to create another primary physical volume for RAID, but 'not bootable - Select the second disk,
sdb
, and repeat the steps taken forsda
to create two identical partitions - On the same screen, select the Configure Software RAID option (at the top), and then confirm through the next screen
- Create a RAID pack/multidisk...
- Select Create MD device, then select RAID1 (ie a mirror), then confirm 2 Active devices, and 0 Spare devices
- Select both
/dev/sda1
and/dev/sdb1
partitions, and then select Finish
- Repeat the above to create a RAID volume using
/dev/sda2
and/dev/sdb2
partitions - Now select the RAID device #0 partition (select the #1 just under RAID1 device line), and change the Use as and select Ext3...
- Change the Mount point to /, then select Done configuring this partition
- Now select the RAID device #1 partition (select the #1 just under RAID1 device line), and change the Use as and select Swap area
- Then select Done configuring this partition then finally Finish partitioning and write changes to disk, and confirm to Write the changes to disks
- Accept the "The kernel was unable to re-read...system will need to restart" complaints for each RAID multidisk, after which the install will continue (note there's a little more to do post install to ensure you can boot using the second disk should the first fail).
- If setting up software RAID follow the steps below, otherwise just select Guided - use entire disk and set up LVM
- Software Selection
- DNS Server - Only required in order to configure split DNS, which is required for an exchange server install
- OpenSSH Server - Required (allows you to Putty/SSH to the server)
Post OS Install Config
- Enable Root
- Use the command
sudo passwd root
- Enter user password, and then a strong password for the root account
- Use the command
- Finish Software RAID config - only if configured during install
- Start-up grub (by entering
grub
and enter the following commands (seems to work better via SSH than direct console)...device (hd1) /dev/sdb
root (hd1,0)
setup (hd1)
quit
- Then edit the
/boot/grub/menu.lst
config file. Go to the end of the file where the boot options are, and create a copy of the first option and edit the following linestitle
Add "Primary disk fail" or something similar to endroot
Changehd0
tohd1
- To check the RAID setup of your drives use
mdadm --misc -D /dev/md0
mdadm --misc -D /dev/md1
- Start-up grub (by entering
Change IP Address
- Edit the
/etc/network/interfaces
file in the following fashion
# The primary network interface auto eth0 iface eth0 inet static address 192.168.1.150 netmask 255.255.255.0 network 192.168.1.1 broadcast 192.168.1.255 gateway 192.168.1.1
- Then check the local hosts file
/etc/hosts
, so that the IP v4 part looks like...
127.0.0.1 localhost 192.168.10.210 mail.home.int mail
- Check that DNS resolution is setup correctly (add DNS nameservers as required, as found in
/etc/resolv.conf
in order of pref...
nameserver 127.0.0.1
- Then restart networking
sudo /etc/init.d/networking restart
Install VM Tools
- Select "Install VM Tools" from the VI Client
- Mount the VM Tools CD-ROM
mount /media/cdrom0/
- Copy to home directory
cp /media/cdrom/VMwareTools-4.0.0-219382.tar.gz /home/user/
- Uncompress and then move into the
vmware-tools-distrib
directorytar xf VMwareTools-4.0.0-219382.tar.gz
cd vmware-tools-distrib
- Run the install script (which might complain enough to make you thing its failed, but check its worked via the VI Client)
./vmware-install.pl
- Note - Whilst VM Tools installs, the vmmemctl modules do not, which means the VM memory management features won't be active
Update the OS
- Run the following command to update the apt package database
apt-get update
- To install any updates
apt-get upgrade
Exchange Server
DNS Records
Firstly, you need to own a public domain name, then get your ISP to create two DNS records...
- MX record - Mail Exchanger (MX) record
- EG
sandfordit.com [MX] -> mail.sandfordit.com
sandfordit.com
is the domain you own, andmail
is hostname of your email server (can be anything you like)
- EG
- A record - Standard DNS record
- EG
mail.sandfordit.com [A] -> 158.25.34.124
158.25.34.124
is the static IP address assigned by your ISP. You'll need to set-up a NAT on your router (often oddly called a virtual server in domestic routers) to map incoming mail on TCP 25 to your email server's actual address (EG158.25.34.124:25 -> 192.168.1.150:25
.
- EG
Note, instead of an A record you can use a CNAME record if you prefer, though obviously the CNAME record will still need to point to a valid A record. Using a CNAME might be preferable, if for example you've multiple services running from a single public IP, that you might want to split out in the future to run on separate IP's, at which point you can replace the CNAME records with A records.
OS DNS Setup
In order to get round the fact that your exchange server won't have the same IP (or name even) on the public internet as it will on your internal network, a DNS server is installed on the exchange server to provide MX record resolution. Procedure assumes DNS (Bind) is already installed.
Terminology...
- Private = Home or internal network IP address and network name (eg
192.168.1.150
andmail.home.int
) - Public = Global internet, ISP assigned IP address and registered domain name (eg
158.25.34.124
andmail.sandfordit.com
)
Firstly, add the IP('s) of the DNS servers you use for resolution on your other machines to your local DNS server's list of forwarders (so that your exchange server forwards DNS resolution requests for unknown names to your normal DNS servers), edit /etc/bind/named.conf.options
options { directory "/var/cache/bind"; query-source address * port 53; forwarders { 192.168.1.1; 158.25.30.10; }; auth-nxdomain no; # conform to RFC1035 };
Edit /etc/resolv.conf
to force the server to use its local DNS server for resolution
nameserver 127.0.0.1
Restart bind using /etc/init.d/bind9 restart
and check you can resolve external addresses properly.
Now create the internal zone that will eventually contain the local MX record for your exchange server, append the following to /etc/bind/named.conf.local
, using your publicly registered domain name
zone "sandforit.com" { type master; file "/etc/bind/db.sandfordit.com"; };
Lastly create the database file for you DNS domain /etc/bind/db.sandfordit.com
, using your publicly registered domain name and private (internal) IP address for your exchange server...
; ; BIND data file for sandfordit.com ; $TTL 604800 @ IN SOA mail.sandfordit.com. admin.sandfordit.com. ( 070725 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 604800 ) ; Negative Cache TTL ; @ IN NS mail IN MX 10 mail IN A 192.168.1.150 mail IN A 192.168.1.150
Zimba Install
Reference http://wiki.zimbra.com/index.php?title=Ubuntu_8.04_LTS_Server_%28Hardy_Heron%29_Install_Guide
- Copy the install to the server
- EG
pscp C:\Users\Simon\Downloads\zcs-6.0.5_GA_2213.UBUNTU8.20100202225756.tgz simons@mail:zcs-6.0.5_GA_2213.UBUNTU8.20100202225756.tgz
- EG
- Uncompress the package
tar -xzf zcs-6.0.5_GA_2213.UBUNTU8.20100202225756.tgz
- Start the install
./install.sh
- The install will fail due to missing packages!
- Install the missing prerequisite packages
- EG
apt-get install libpcre3 libgmp3c2 libstdc++5 sysstat
- EG
- Restart the install
- Part-way through the install will complain about your domain not having a DNS record, change the domain to your publicly registered domain (without server hostname, so
sandfordit.com
rather thanmail.sandfordit.com
- At the end of the install, address the unconfigured item (ie an admin password)
Once the install is completed, login to administer the exchange server using https://mail:7071
To enforce https for Zimbra Desktop clients use the following commands (requires a restart to take effect)...
su - zimbra zmtlsctl https
High CPU Workaround
Zimbra seems to have some real issues with constant high CPU spikes every minute, to limit reduce the logging retention and failed process checking.
su - zimbra zmlocalconfig -e zmmtaconfig_interval=6000 zmprov mcf zimbraLogRawLifetime 7d zmprov mcf zimbraLogSummaryLifetime 30d /opt/zimbra/libexec/zmlogprocess crontab -e */60 * * * * /opt/zimbra/libexec/zmstatuslog
Backup
- SU to Zimbra admin
su - zimbra
- Stop Zimbra services
zmcontrol stop
- Exit Zimbra user and create copy of directory
- EG
cp -rp /opt/zimbra /home/simons/zimbra_backup_100301
- EG
MySQL
Install
- Run the following command to update the package database
apt-get update
- Run the following command to install MySQL
apt-get install mysql-server
To allow access from remote hosts...
- Open MySQL service TCP/IP port by editing the
/etc/mysql/my.cnf
config file and restarting- Change bind IP to server's IP, EG
bind-address = 192.168.1.123
- Restart service
/etc/init.d/mysql restart
- Change bind IP to server's IP, EG
- Allow remote access to a user account
- EG
GRANT ALL PRIVILEGES ON *.* TO 'user'@'%' IDENTIFIED BY 'pass' WITH GRANT OPTION;
- EG