Difference between revisions of "User:Sbarnes"
Wiki-Sbarnes (talk | contribs) |
Wiki-Sbarnes (talk | contribs) |
||
Line 110: | Line 110: | ||
==== Mysql ==== | ==== Mysql ==== | ||
MySQL is being backed up using [http://mysqlbackup.zmanda.com MySQL-zrm] | MySQL is being backed up using [http://mysqlbackup.zmanda.com MySQL-zrm] | ||
− | |||
− | |||
==== subversion backups ==== | ==== subversion backups ==== | ||
Line 117: | Line 115: | ||
==== trac backups ==== | ==== trac backups ==== | ||
via trac-admin hotcopy to /home/back/trac_copy/ (every 3 hours) | via trac-admin hotcopy to /home/back/trac_copy/ (every 3 hours) | ||
− | ==== current | + | ==== current cron jobs for backups ==== |
+ | /etc/cron.d/backup.cron | ||
+ | |||
+ | #### Backup cron jobs | ||
+ | # min hour day month dayofweek user command | ||
+ | # | ||
+ | # Daily rsync to /home/back | ||
+ | # /etc | ||
+ | 05 10 * * * root /usr/bin/rsync -a --delete /etc/ /home/back/etc/ | ||
+ | # /var/www/html | ||
+ | 08 10 * * * root /usr/bin/rsync -a --delete /var/www/html/ /home/back/html/ | ||
+ | # Every 3 hours | ||
+ | # /var/lib/mailman | ||
+ | 20 */3 * * * root /usr/bin/rsync -a --delete /var/lib/mailman/ /home/back/mailman/ | ||
+ | # /etc/mysql-zrm | ||
+ | 33 */3 * * * root /usr/bin/rsync -a --delete /etc/mysql-zrm/ /home/back/etc/mysql-zrm/ | ||
+ | # /var/lib/mysql-zrm | ||
+ | 34 */3 * * * root /usr/bin/rsync -a --delete /var/lib/mysql-zrm/ /home/back/mysql-zrm/ | ||
+ | # call backup_trac_svn.sh to backup | ||
+ | # subversion /var/www/svn/repos | ||
+ | # trac /var/www/trac | ||
+ | 45 */3 * * * root /root/scripts/backup_trac_svn.sh | ||
+ | # once a day rsync /home/back to osgeo2.osgeo.net | ||
+ | 0 22 * * * root /root/scripts/rsync_back.pl | ||
+ | |||
= Implementation of our virtual hosts policy and transition issues = | = Implementation of our virtual hosts policy and transition issues = |
Revision as of 11:44, 31 January 2007
Sandbox Page for osgeo.org transition docs
Description of current layout and installed software
Notes from Shawn on our PEER1 system:
- OS Version: Red Hat Enterprise Linux ES release 4 (Nahant Update 4)
- For most elements of system i tried to stay with the default redhat locations and red hat el 4 rpms installed from peer 1's up2date repository. Reasoning, the servers are updated automatically against this repository and supported by PEER1 - reduce sysadmin load on keeping packages updated by using packages not available through PEER1 repository
Installed software using up2date
- apache - httpd-2.0.52-28.ent.i386
- postfix - postfix-2.2.10-1.RHEL4.2.i386
- php - php-4.3.9-3.22PIDH.i386
- python - python-2.3.4-14.3.i386
- mailman - mailman-2.1.5.1-34.rhel4.5.i386
Red Hat EL 4 rpms installed manually (rpm -i)
- MySQL-client-standard-5.0.27-0.rhel4.i386.rpm
- MySQL-server-standard-5.0.27-0.rhel4.i386.rpm
- MySQL-devel-standard-5.0.27-0.rhel4.i386.rpm
- MySQL-shared-compat-5.0.27-0.rhel4.i386.rpm
- clearsilver-0.10.1-1.2.el4.rf.i386.rpm
- sqlite-2.8.16-1.2.el4.rf.i386.rpm
- python-clearsilver-0.10.1-1.2.el4.rf.i386.rpm
- python-sqlite-1.0.1-12.el4.rf.i386.rpm
- subversion-1.4.3-0.1.el4.rf.i386.rpm
- mod_dav_svn-1.4.3-0.1.el4.rf.i386.rpm
Not specific to Red Hat EL 4 rpms installed manually
- MySQL-zrm-1.1.2-1.noarch.rpm
Source Install
- drupal-4.7.4.tar.gz
- phpldapadmin-0.9.8.3.tar.gz
- trac-0.10.3.tar.gz
Paths to services directories
Apache root directory
/var/www/html/
Subversion parent directory
/var/www/svn/repos/
Trac parent directory
/var/www/trac/
IP tables custom
All iptables rules must be written in /etc/sysconfig/iptables-custom
Current custom rules are:
/etc/sysconfig/iptables-custom/SSH
*filter -A OUTPUT -p tcp --dport 22 -j ACCEPT COMMIT
/etc/sysconfig/iptables-custom/VERITAS
note: this file was placed here by PEER1
*filter -A INPUT -s 10.0.48.0/24 -d 0/0 -p tcp -j ACCEPT -A OUTPUT -s 0/0 -d 10.0.48.0/24 -p tcp -j ACCEPT COMMIT
System login and maintenance procedures
Note: if change root password must let PEER1 know the new password for backup/restore and tickets. i would refer no root ssh login but, PEER1 admins need root access.
Subversion maintanence
Creating a repository
$ sudo mkdir /var/www/svn/repos/<repo_name> $ sudo svnadmin /var/www/svn/repos/<repo_name> $ sudo chown -R apache:apache /var/www/svn/repos/<repo_name>
Loading a repository from a dumpfile
$ sudo svnadmin load /var/www/svn/repos/<repo_name> < /path/to/dumpfile $ sudo chown -R apache:apache /var/www/svn/repos/<repo_name>
Dumping a repository
$ sudo svnadmin dump /var/www/svn/repos/<repo_name> > dumpfile
Recovering / unlocking repository
- subversion may lock if user ctl-c during checkout or checkout is interupted with an apache restart
- Need policy on who to contact and who can run 'svnadmin recover' as
priviledged access is needed (may need to stop/start apache to drop requests to repository before recover)
Subversion was upgraded to version 1.4.3 (30 Jan. 2007) to reduce the repository locking problem if ctl-c used to end a checkout.
If the repository locks the following command should be used to recover the repository:
$ sudo svnadmin --wait recover /var/www/svn/repos/<repo_name> $ sudo chown -R apache:apache /var/www/svn/repos/<repo_name>
In most cases this will work in the odd case that you are waiting a very long time for the command to run then apache may have to be restarted to drop anything accessing the repository and preventing the repository from being recovered
$ sudo /sbin/service httpd restart $ sudo svnadmin --wait recover /var/www/svn/repos/<repo_name> $ sudo chown -R apache:apache /var/www/svn/repos/<repo_name>
Backups
Daily tape backup
- PEER1 is doing daily tape backup of entire system
Other backups
Mysql
MySQL is being backed up using MySQL-zrm
subversion backups
via svnadmin dump to /home/back/svn_dump/ (every 3 hours)
trac backups
via trac-admin hotcopy to /home/back/trac_copy/ (every 3 hours)
current cron jobs for backups
/etc/cron.d/backup.cron
#### Backup cron jobs # min hour day month dayofweek user command # # Daily rsync to /home/back # /etc 05 10 * * * root /usr/bin/rsync -a --delete /etc/ /home/back/etc/ # /var/www/html 08 10 * * * root /usr/bin/rsync -a --delete /var/www/html/ /home/back/html/ # Every 3 hours # /var/lib/mailman 20 */3 * * * root /usr/bin/rsync -a --delete /var/lib/mailman/ /home/back/mailman/ # /etc/mysql-zrm 33 */3 * * * root /usr/bin/rsync -a --delete /etc/mysql-zrm/ /home/back/etc/mysql-zrm/ # /var/lib/mysql-zrm 34 */3 * * * root /usr/bin/rsync -a --delete /var/lib/mysql-zrm/ /home/back/mysql-zrm/ # call backup_trac_svn.sh to backup # subversion /var/www/svn/repos # trac /var/www/trac 45 */3 * * * root /root/scripts/backup_trac_svn.sh # once a day rsync /home/back to osgeo2.osgeo.net 0 22 * * * root /root/scripts/rsync_back.pl
Implementation of our virtual hosts policy and transition issues
FDO Repository Merge
To merge repositories you need to parse through the dumpfiles.
In the fdo merge all subprojects had the same directory strucuture, /trunk/Providers/ All dumpfiles had to be 'filtered' to just pull the /trunk/Providers/* and drop branches and tags.
SVNDUMPFILTER
$ svndumpfilter include --help
Filter out nodes without given prefixes from dumpstream
Usage: svndumpfilter include PATH_PREFIX Options: --drop-empty-revs Remove revisions emptied by filtering --renumber-revs Renumbe revisions left after filtering --preserve-revprops Don't filter revision properties --quiet Do not display filtering statistics
$ svndumpfilter exclude --help Filter out nodes with given prefixes from dumpstream Usage: svndumpfilter exclude PATH_PREFIX Options: --drop-empty-revs Remove revisions emptied by filtering --renumber-revs Renumbe revisions left after filtering --preserve-revprops Don't filter revision properties --quiet Do not display filtering statistics
This process followed for all repositories
merge fdogdal trunk
$ cat fdogdal.dmp | svndumpfilter include trunk/www/ > fdogdal-merge-trunk.www.dmp $ cat fdogdal.dmp | svndumpfilter include trunk/Providers/ > fdogdal-merge-trunk.Providers.GDAL.dmp
edit file and remove lines,
Node-path: trunk/ .... Node-action: add .... PROPS-END
Node-path: trunk/www/ .... Node-action: add .... PROPS-END
Node-path: trunk/Providers/ .... Node-action: add .... PROPS-END
Rename index.html to fdogdal-index.html
$ perl -pi.bak -e 's/^Node-path:\ trunk\/www\/index.html/Node-path:\ trunk\/www\/fdogdal-index.html/g' fdo-merge.trunk.dmp
$ svnadmin load /var/www/svn/repos/fdocore < fdogdal-merge.trunk.dmp