Installing A Multiserver Setup With Dedicated Web, Email, DNS And MySQL Database Servers On Debian 5.0 With ISPConfig 3
Version 1.0
Author: Till Brehm <t [dot] brehm [at] projektfarm [dot] com>
Last edited 08/10/2010This tutorial describes the installation of an ISPConfig 3 multiserver setup with dedicated web, email, database and two DNS servers all managed trough a single ISPConfig 3 control panel. The setup described below uses five servers and can be extended easily to to a higher number of servers by just adding more servers. E.g. if you want to have two mailservers, do the setup steps from chapter 2 on both of these servers. If you want to set up more web servers, then install ISPConfig on all other web servers in expert mode except of the first one.
1 Installing The Five Debian Base Systems
In this setup there will be one master server (which runs the web server and ISPConfig control panel interface) and four slave servers for database, email and DNS.
To install the clustered setup, we need five servers (or virtual servers) with a Debian 5.0 minimal install. The base setup is described in the following tutorial in the steps 1 - 6:
http://www.howtoforge.com/perfect-server-debian-lenny-ispconfig3
Install only steps 1 - 6 of the perfect server tutorial and not the other steps as they differ for a clustered setup!
In my example I use the following hostnames and IP addresses for the five servers:
Web Server
Hostname: web.example.tld
IP address: 192.168.0.105Mail Server
Hostname: mail.example.tld
IP address: 192.168.0.106DB Server
Hostname: db.example.tld
IP address: 192.168.0.107DNS Server (primary)
Hostname: ns1.example.tld
IP address: 192.168.0.108DNS Server (secondary)
Hostname: ns2.example.tld
IP address: 192.168.0.109Whereever these hostnames or IP addresses occur in the next installation steps you will have to change them to match the IP's and hostnames of your servers.
2 Installing The Web Server
Edit the hosts file and add the IP addresses and hostnames for all servers. The hostnames and IP addresses have to be adjusted to match your setup.
vi /etc/hosts
127.0.0.1 localhost 192.168.0.105 web.example.tld 192.168.0.106 mail.example.tld 192.168.0.107 db.example.tld 192.168.0.108 ns1.example.tld 192.168.0.109 ns2.example.tld # The following lines are desirable for IPv6 capable hosts ::1 localhost ip6-localhost ip6-loopback fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters ff02::3 ip6-allhostsSet the hostname of the server:
echo web.example.tld > /etc/hostname
/etc/init.d/hostname.sh startEdit the sources.list file...
vi /etc/apt/sources.list
... and ensure that it contains the following line to enable the volatile repository.
deb http://volatile.debian.org/debian-volatile lenny/volatile main contrib non-freeRun...
apt-get update
... to update the apt package database; then run...
apt-get upgrade
... to install the latest updates (if there are any).
It is a good idea to synchronize the system clock with an NTP (network time protocol) server over the Internet. Simply run...
apt-get -y install ntp ntpdate
... and your system time will always be in sync.
Install the MySQL server. A MySQL server instance is necessary on every server as ISPConfig uses it to sync the configuration between the servers.
apt-get -y install mysql-client mysql-server
Enter the new password for MySQL when requested by the installer.
We want MySQL to listen on all interfaces on the master server, not just localhost, therefore we edit /etc/mysql/my.cnf and comment out the line bind-address = 127.0.0.1:
vi /etc/mysql/my.cnf
[...] # Instead of skip-networking the default is now to listen only on # localhost which is more compatible and is not less secure. #bind-address = 127.0.0.1 [...]Then restart MySQL:
/etc/init.d/mysql restart
Now install Apache2, PHP5, phpMyAdmin, FCGI, suExec, Pear, and mcrypt as follows:
apt-get -y install apache2 apache2.2-common apache2-doc apache2-mpm-prefork apache2-utils libexpat1 ssl-cert libapache2-mod-php5 php5 php5-common php5-gd php5-mysql php5-imap phpmyadmin php5-cli php5-cgi libapache2-mod-fcgid apache2-suexec php-pear php-auth php5-mcrypt mcrypt php5-imagick imagemagick libapache2-mod-suphp libopenssl-ruby libapache2-mod-ruby sudo
You will see the following question:
Web server to reconfigure automatically: <-- apache2
Then run the following command to enable the Apache modules suexec, rewrite, ssl, actions, and include:
a2enmod suexec rewrite ssl actions include ruby dav_fs dav auth_digest
PureFTPd and quota can be installed with the following command:
apt-get -y install pure-ftpd-common pure-ftpd-mysql quota quotatool
Edit /etc/fstab. Mine looks like this (I added ,usrquota,grpquota to the partition with the mount point /):
vi /etc/fstab
# /etc/fstab: static file system information. # # <file system> <mount point> <type> <options> <dump> <pass> proc /proc proc defaults 0 0 /dev/sda1 / ext3 errors=remount-ro,usrquota,grpquota 0 1 /dev/sda5 none swap sw 0 0 /dev/hda /media/cdrom0 udf,iso9660 user,noauto 0 0 /dev/fd0 /media/floppy0 auto rw,user,noauto 0 0To enable quota, run these commands:
touch /quota.user /quota.group
chmod 600 /quota.*
mount -o remount /quotacheck -avugm
quotaon -avugInstall vlogger, webalizer, and awstats:
apt-get -y install vlogger webalizer awstats
Install Jailkit: Jailkit is needed only if you want to chroot SSH users. It can be installed as follows (important: Jailkit must be installed before ISPConfig - it cannot be installed afterwards!):apt-get -y install build-essential autoconf automake1.9 libtool flex bison
cd /tmp
wget http://olivier.sessink.nl/jailkit/jailkit-2.11.tar.gz
tar xvfz jailkit-2.11.tar.gz
cd jailkit-2.11
./configure
make
make install
cd ..
rm -rf jailkit-2.11*Install fail2ban: This is optional but recommended, because the ISPConfig monitor tries to show the log:
apt-get install fail2ban
Next we will install ISPConfig 3. To get the download URL of the latest ISPConfig 3 stable release, please visit the ISPConfig website: http://www.ispconfig.org/ispconfig-3/download/
This server is the master server in our setup which runs the ISPConfig control panel interface. To allow the other MySQL instances to connect to the MySQL database on this node during installation, we have to add MySQL root user records in the master database for every slave server hostname and IP address. The easiest way to do this is to use the web based phpmyadmin administration tool that we installed already. Open the URL http://192.168.0.105/phpmyadmin in a web browser, log in as MySQL root user and execute these MySQL queries:
CREATE USER 'root'@'192.168.0.106' IDENTIFIED BY 'myrootpassword';
GRANT ALL PRIVILEGES ON * . * TO 'root'@'192.168.0.106' IDENTIFIED BY 'myrootpassword' WITH GRANT OPTION MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_PER_HOUR 0 MAX_UPDATES_PER_HOUR 0 MAX_USER_CONNECTIONS 0 ;CREATE USER 'root'@'192.168.0.107' IDENTIFIED BY 'myrootpassword';
GRANT ALL PRIVILEGES ON * . * TO 'root'@'192.168.0.107' IDENTIFIED BY 'myrootpassword' WITH GRANT OPTION MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_PER_HOUR 0 MAX_UPDATES_PER_HOUR 0 MAX_USER_CONNECTIONS 0 ;CREATE USER 'root'@'192.168.0.108' IDENTIFIED BY 'myrootpassword';
GRANT ALL PRIVILEGES ON * . * TO 'root'@'192.168.0.108' IDENTIFIED BY 'myrootpassword' WITH GRANT OPTION MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_PER_HOUR 0 MAX_UPDATES_PER_HOUR 0 MAX_USER_CONNECTIONS 0 ;CREATE USER 'root'@'192.168.0.109' IDENTIFIED BY 'myrootpassword';
GRANT ALL PRIVILEGES ON * . * TO 'root'@'192.168.0.109' IDENTIFIED BY 'myrootpassword' WITH GRANT OPTION MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_PER_HOUR 0 MAX_UPDATES_PER_HOUR 0 MAX_USER_CONNECTIONS 0 ;CREATE USER 'root'@'mail.example.tld' IDENTIFIED BY 'myrootpassword';
GRANT ALL PRIVILEGES ON * . * TO 'root'@'mail.example.tld' IDENTIFIED BY 'myrootpassword' WITH GRANT OPTION MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_PER_HOUR 0 MAX_UPDATES_PER_HOUR 0 MAX_USER_CONNECTIONS 0 ;CREATE USER 'root'@'db.example.tld' IDENTIFIED BY 'myrootpassword';
GRANT ALL PRIVILEGES ON * . * TO 'root'@'db.example.tld' IDENTIFIED BY 'myrootpassword' WITH GRANT OPTION MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_PER_HOUR 0 MAX_UPDATES_PER_HOUR 0 MAX_USER_CONNECTIONS 0 ;CREATE USER 'root'@'ns1.example.tld' IDENTIFIED BY 'myrootpassword';
GRANT ALL PRIVILEGES ON * . * TO 'root'@'ns1.example.tld' IDENTIFIED BY 'myrootpassword' WITH GRANT OPTION MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_PER_HOUR 0 MAX_UPDATES_PER_HOUR 0 MAX_USER_CONNECTIONS 0 ;CREATE USER 'root'@'ns2.example.tld' IDENTIFIED BY 'myrootpassword';
GRANT ALL PRIVILEGES ON * . * TO 'root'@'ns2.example.tld' IDENTIFIED BY 'myrootpassword' WITH GRANT OPTION MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_PER_HOUR 0 MAX_UPDATES_PER_HOUR 0 MAX_USER_CONNECTIONS 0 ;In the above sql commands, replace the IP adresses (192.168.0.106 - 192.168.0.109) with the IP addresses of your servers and replace mail.example.tld, db.example.tld, ns1.example.tld and ns2.example.tld with the hostnames of your servers and myrootpassword with the desired root password.
Click on the reload permissions button or restart MySQL. Then close phpmyadmin.
Go back to the shell of server1.example.tld and download the latest ISPConfig 3 stable release:
cd /tmp
wget http://www.ispconfig.org/downloads/ISPConfig-3-stable.tar.gz
tar xfz ISPConfig-3-stable.tar.gz
cd ispconfig3_install/install/Then start the install script:
php -q install.php
Select language (en,de) [en]: <-- en
Installation mode (standard,expert) [standard]: <-- expert
Full qualified hostname (FQDN) of the server, eg server2.domain.tld [web.example.tld]: <-- web.example.tld
MySQL server hostname [localhost]: <-- localhost
MySQL root username [root]: <-- root
MySQL root password []: <-- Enter your MySQL root password here
MySQL database to create [dbispconfig]: <-- dbispconfig
MySQL charset [utf8]: <-- utf8
Shall this server join an existing ISPConfig multiserver setup (y,n) [n]: <-- n
Configure Mail (y,n) [y]: <-- n
Configure Jailkit (y,n) [y]: <-- y
Configure FTP Server (y,n) [y]: <-- y
Configure DNS Server (y,n) [y]: <-- n
Configure Apache Server (y,n) [y]: <-- y
Configure Firewall Server (y,n) [y]: <--y
Install ISPConfig Web-Interface (y,n) [y]: <--y
ISPConfig Port [8080]: <-- 8080Clean up the install directories:
rm -rf /tmp/ispconfig3_install/install
rm -f /tmp/ISPConfig-3-stable.tar.gzInstalling A Multiserver Setup With Dedicated Web, Email, DNS And MySQL Database Servers On Debian 5.0 With ISPConfig 3 - Page 2Copyright © 2010 Till Brehm
All Rights Reserved.
Tuesday, August 17, 2010
Installing A Multiserver Setup With Dedicated Web, Email, DNS And MySQL Database Servers On Debian 5.0 With ISPConfig 3
via howtoforge.com
Labels:
how-to
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment