This is version 1 2 3 4 . It is not the current version, and thus it cannot be edited.

Back to current versionRestore this version

Inrichten server hood#

I thought it was time to upgrade my current openvz system to a newer one, preferably an Ubuntu server.

Here is a summary of the steps:

Base install#

• Download Hardy Heron (8.04) server 32 bit edition live-CD* install it on a separate partition
• use the almost minimal install, just add the SSH server
• first boot with normal kernel goes wrong, I have to add the acpi=off kernel parameter, then it boots fine
• then install virtual package linux-openvz
• this kernel does not boot properly, see https://bugs.edge.launchpad.net/ubuntu/+source/linux/+bug/210672
• now I got some patches, but those ones are source patches, so I have to compile the kernel myself
• first install some required packages:
  • debhelper
  • dh-make
  • build-essential
  • and more, but I forgot

Kernel compile#

General instructions on howto compile an Ubuntu Linux kernel
If you want to change your kernel config, you should modify ./debian/binary-custom.d/openvz/config.i386
Then I got the following instructions from https://bugs.edge.launchpad.net/ubuntu/+source/linux/+bug/210672/comments/17 :

I can confirm that the 2.6.24-16 kernel compiled from the ubuntu kernel git, boots and works as expected.
http://kernel.ubuntu.com/git?p=ubuntu/ubuntu-hardy.git;a=summary

$ git-clone git://kernel.ubuntu.com/ubuntu/ubuntu-hardy.git openvz
$ cd openvz
$ AUTOBUILD=1 NOEXTRAS=1 /usr/bin/fakeroot debian/rules custom-binary-openvz
$ cd ..
$ sudo dpkg -i linux-image-2.6.24-17-openvz_2.6.24-17.31_i386.deb

Thanks for making this happen ;-)
Karoly

OpenVZ#

See the Installation Docs

• apt-get install vzctl vzquota
• add the following to /etc/sysctl.conf:

#
#     OpenVZ settings :
#
# On Hardware Node we generally need
# packet forwarding enabled and proxy arp disabled

net.ipv4.conf.default.forwarding=1
net.ipv4.conf.default.proxy_arp = 1
net.ipv4.ip_forward=1

# Enables source route verification
net.ipv4.conf.all.rp_filter = 1

# Enables the magic-sysrq key
kernel.sysrq = 1

# TCP Explict Congestion Notification
#net.ipv4.tcp_ecn = 0

# we do not want all our interfaces to send redirects
net.ipv4.conf.default.send_redirects = 1

• sysctl -p
• add deb respositories :

echo -e "\ndeb http://download.openvz.org/debian-systs etch openvz" >> /etc/apt/sources.list
wget -q http://download.openvz.org/debian-systs/dso_archiv_signing_key.asc -O- | apt-key add - && apt-get update

• install more openvz tools : apt-get install vzprocps vzdump

Templates#

In order to run a guest, you need a template.
The openvz wiki has a Hardy TODO page with some usefull information, including a link to a already precreated template.

• download a Hardy Heron template from above mentioned wiki page
• ln -s /var/lib/vz /vz
• move above downloaded gzip file in the /vz/template/cache directory
• vzctl create 101 --ostemplate ubuntu-8.04-i386-minimal
• vzctl set 101 --hostname blackpearl.computerhok.nl --save
• vzctl set 101 --ipadd 10.0.0.201 --save :

Adding IP address(es): 10.0.0.201
vps-net_add WARNING: Function proxy_arp for eth0 is set to 0. Enable with 'sysctl -w net.ipv4.conf.eth0.proxy_arp=1'. See /usr/share/doc/vzctl/README.Debian.
Saved parameters for VE 101

• set DNS :

root@hood:~# vzctl set 101 --nameserver 195.18.114.5 --save
File resolv.conf was modified
Saved parameters for VE 101

==> modified sysctl.conf : net.ipv4.conf.default.proxy_arp=1

• set root pw fr VE: vzctl set 101 --userpasswd root:test (login and change it !)
• apt-get update en apt-get upgrade op blackpearl
• added net.ipv4.conf.eth0.proxy_arp=1 to /etc/sysctl.conf to prevent warnings on start of VE
• cloned VE 101 to VE 102 : cp -pR /vz/private/101 /vz/private/102 and copying 101.conf to 102.conf + edit
• apt-get install ntp
• apt-get install cupsys
• reboot, just to see if everyhing comes up fine ==> OK
• apt-get install apache2-mpm-worker apache2-doc
• apt-get install apachetop
• apt-get nagios2
• htpasswd -bc /etc/nagios2/htpasswd.users nagiosadmin ******
• tweak /etc/nagios2/apache2.conf en cgi.cfg
• /etc/hosts copy from old server
• apt-get openvpn
• apt-get ntop
• ntop -A -u ntop ==> Ntop 3.2 running , builddate: May 21 2007 17:35:55
• reboot, just to see if everyhing comes up fine ==> OK
• openvpn config copied from old server (grafspee)
• set reasonable beancounters (for a java based server):

vzctl set 101 --lockedpages 10000:12000 --save
vzctl set 101 --privvmpages 900000:1000000 --save
vzctl set 101 --numproc 512:640 --save
vzctl set 101 --numtcpsock 700:800 --save
vzctl set 101 --numiptent 400:500 --save
vzctl set 101 --diskspace 1000000:1100000 --save

Setup blackpearl (VE guest)#

After the initial start of the blackpearl (10.0.0.201), we clone it to 102 (backup), we will do this more often in between to have some nice checkpoints, so that in case of failures, we can quickly fallback by copying 102 back to 101.

• apt-get update and apt-get upgrade
• cloned VE 101 to VE 102 : rm -rf /vz/private/102/*;cp -pR /vz/private/101/* /vz/private/102
• apt-get install apache2-mpm-worker apache2-doc apachetop
• cloned VE 101 to VE 102 : rm -rf /vz/private/102/*;cp -pR /vz/private/101/* /vz/private/102
• apt-get intall openjdk-6-jdk : lot of error messages about not being able to set locale en_US, and ending with an not working java:

*** glibc detected *** /usr/lib/jvm/java-6-openjdk/bin/java: double free or corruption (out): 0xb7584280 ***
======= Backtrace: =========
/lib/tls/i686/cmov/libc.so.6[0xb7e49a85]
/lib/tls/i686/cmov/libc.so.6(cfree+0x90)[0xb7e4d4f0]
/usr/lib/jvm/java-6-openjdk/jre/lib/i386/client/libjvm.so[0xb79551e1]
/usr/lib/jvm/java-6-openjdk/jre/lib/i386/client/libjvm.so[0xb790a9cb]
/usr/lib/jvm/java-6-openjdk/jre/lib/i386/client/libjvm.so[0xb790b150]
/usr/lib/jvm/java-6-openjdk/jre/lib/i386/client/libjvm.so[0xb790fd68]
/usr/lib/jvm/java-6-openjdk/jre/lib/i386/client/libjvm.so(JNI_CreateJavaVM+0x64)[0xb777bed4]
/usr/lib/jvm/java-6-openjdk/bin/java(JavaMain+0x98)[0x804a308]
/lib/tls/i686/cmov/libpthread.so.0[0xb7f3b4fb]
/lib/tls/i686/cmov/libc.so.6(clone+0x5e)[0xb7eb4e5e]

• backed out to previous checkpoint : rm -rf /vz/private/101/*;cp -pR /vz/private/102/* /vz/private/101
• I found out that this failing java 6 instal was due to the too strict set beancounters (privvmpages), so I increased several UBC's, see above). Now Java6 works fine
• apt-get install wget
• tomcat install:
  • wget http://mirror.muntinternet.net/pub/apache/tomcat/tomcat-6/v6.0.16/bin/apache-tomcat-6.0.16.tar.gz
  • tar -xzvf apache-tomcat-6.0.16.tar.gz
  • mv apache-tomcat-6.0.16 /usr/local/tomcat
• webmin: wget http://surfnet.dl.sourceforge.net/sourceforge/webadmin/webmin_1.410_all.deb
• apt-get install man
• apt-get install perl (required by webmin)
• webmin requires some more: apt-get install libauthen-pam-perl libio-pty-perl libmd5-perl libnet-ssleay-perl webmin ==> webmin available
• lsof now also works , and therefore probably webmin process openfiles also works
• add users tomcat and metskem
• take checkpoint: root@hood:/vz/private# rm -rf 103/*;cp -pR 102/* 103;rm -rf 102/*;cp -pR 101/* 102
• apt-get install language-pack-en-base
• apt-get install gallery2 ==> installs a whole bunch of package including apache
• apt-get install mysql-server
• add apache2 Alias for /gallery2/ => /usr/share/gallery2/
• take checkpoint: root@hood:/vz/private# rm -rf 103/*;cp -pR 102/* 103;rm -rf 102/*;cp -pR 101/* 102
• gallery2 customization/install:
  • copy datadir from old blackpearl: scp blackpearl:/mnt/data/gallery/* /var/lib/gallery/g2data
  • (with webmin) create DB gallery2, create user gallery and DB permission
  • copy mysql database , op oude blackpearl db unload: mysqldump gallery2 -u root -p > mysqldump-gallery2.sql
  • start gallery upgrade install dialog
  • mkdir /var/lib/gallery2/g2data
  • chmod 755 /var/lib/gallery2/g2data
  • chown www-data:www-data /var/lib/gallery2/g2data
  • create admin user gallery2/gallery/All/localhost
  • activate a bunch of plugins
  • changes for Google Analytics, see InrichtenServer
• take checkpoint: root@hood:/vz/private# rm -rf 103/*;cp -pR 102/* 103;rm -rf 102/*;cp -pR 101/* 102
• apt-get install postfix (removing exim4)
• autoboot tomcat: copy /etc/init.d/tomcat from old blackpearl, changing startproc to start-stop-daemon
  • adding export JAVA_OPTS="-Dcom.sun.management.jmxremote.port=5001 -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=false " to /etc/init.d/tomcat
• update-rc.d tomcat defaults
• manually start with invoke-rc.d tomcat start
• copy homedirs from metskem and tomcat
• root@blackpearl:/var# scp -r 10.0.0.101:/var/jspwiki .
• edit /etc/apache2/conf.d/charset: van comment halen AddDefaultCharset UTF-8
• copy user.conf from old server to /etc/apache2/conf.d/user.conf
• add additional modules:

root@blackpearl:/etc/apache2/mods-enabled# ln -s ../mods-available/rewrite.load rewrite.load
root@blackpearl:/etc/apache2/mods-enabled# ln -s ../mods-available/deflate.conf deflate.conf
root@blackpearl:/etc/apache2/mods-enabled# ln -s ../mods-available/deflate.load deflate.load
root@blackpearl:/etc/apache2/mods-enabled# ln -s ../mods-available/headers.load headers.load
root@blackpearl:/etc/apache2/mods-enabled# ln -s ../mods-available/info.conf info.conf      
root@blackpearl:/etc/apache2/mods-enabled# ln -s ../mods-available/info.load info.load
root@blackpearl:/etc/apache2/mods-enabled# ln -s ../mods-available/proxy.conf proxy.conf
root@blackpearl:/etc/apache2/mods-enabled# ln -s ../mods-available/proxy.load proxy.load
root@blackpearl:/etc/apache2/mods-enabled# ln -s ../mods-available/proxy_http.load proxy_http.load
root@blackpearl:/etc/apache2/mods-enabled# ln -s ../mods-available/ssl.conf ssl.conf              
root@blackpearl:/etc/apache2/mods-enabled# ln -s ../mods-available/ssl.load ssl.load

• ssl meuk overzetten: scp -r 10.0.0.101:/etc/apache2/computerhok-ssl /etc/apache2
• diverse tweaks in /etc/apache2/conf.d/user.conf
• overcopieren /srv/www/htdocs naar /var/www
• overcopieren /home/metskem/bin
• overschakelen van de ajp connector naar Apache ProxyPass met http://
• in /etc/apache2/modes-enabled/proxy.conf de Forward Proxy uitzetten (staat default aan :-) ) : ProxyRequests Off
• aanleggen /usr/local/tomcat/logs/[krm|dhfds|lesuitval]
• scp mysql-connector-java-3.1.8-bin.jar 10.0.0.201:/usr/local/tomcat/lib
• create SQL users:

metskem@blackpearl:~$ mysql -u root -p
Enter password: 
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 26
Server version: 5.0.51a-3ubuntu5 (Ubuntu)

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql>  create user '*********'@'localhost' identified by "*********";
Query OK, 0 rows affected (0.00 sec)

mysql>  create user '*********'@'localhost' identified by "*********";
Query OK, 0 rows affected (0.00 sec)

mysql> grant select,insert,update,delete on krmdb.* to kruimeluser;
Query OK, 0 rows affected (0.00 sec)

• apt-get install vsftpd
• vsftpd config aanpassen:

root@blackpearl:/etc# diff vsftpd.conf.orig vsftpd.conf
26c26
< #local_enable=YES
---
> local_enable=YES
29c29
< #write_enable=YES
---
> write_enable=YES
38c38
< #anon_upload_enable=YES
---
> anon_upload_enable=YES
94a95
> ftpd_banner="Welcome to Dirty Harry's FTP service."
140a142,143
> pasv_min_port=21000
> pasv_max_port=21002

• hood: apt-get ufw
• install webmin on hood:

root@hood:/tmp# dpkg -i webmin_1.410_all.deb 
Selecting previously deselected package webmin.
(Reading database ... 34833 files and directories currently installed.)
Unpacking webmin (from webmin_1.410_all.deb) ...
dpkg: dependency problems prevent configuration of webmin:
 webmin depends on libnet-ssleay-perl; however:
  Package libnet-ssleay-perl is not installed.
 webmin depends on libauthen-pam-perl; however:
  Package libauthen-pam-perl is not installed.
 webmin depends on libio-pty-perl; however:
  Package libio-pty-perl is not installed.
 webmin depends on libmd5-perl; however:
  Package libmd5-perl is not installed.
dpkg: error processing webmin (--install):
 dependency problems - leaving unconfigured
Errors were encountered while processing:
 webmin
root@hood:/tmp# apt-get install libmd5-perl libio-pty-perl libauthen-pam-perl libnet-ssleay-perl 
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following NEW packages will be installed:
  libauthen-pam-perl libio-pty-perl libmd5-perl libnet-ssleay-perl
0 upgraded, 4 newly installed, 0 to remove and 0 not upgraded.
1 not fully installed or removed.
Need to get 266kB of archives.
After this operation, 1339kB of additional disk space will be used.
Get:1 http://nl.archive.ubuntu.com hardy/main libnet-ssleay-perl 1.30-1 [186kB]
Get:2 http://nl.archive.ubuntu.com hardy/universe libauthen-pam-perl 0.16-1 [32.2kB]
Get:3 http://nl.archive.ubuntu.com hardy/universe libio-pty-perl 1:1.07-1 [42.3kB]
Get:4 http://nl.archive.ubuntu.com hardy/universe libmd5-perl 2.03-1 [5680B]
Fetched 266kB in 1s (217kB/s) 
Selecting previously deselected package libnet-ssleay-perl.
(Reading database ... 49948 files and directories currently installed.)
Unpacking libnet-ssleay-perl (from .../libnet-ssleay-perl_1.30-1_i386.deb) ...
Selecting previously deselected package libauthen-pam-perl.
Unpacking libauthen-pam-perl (from .../libauthen-pam-perl_0.16-1_i386.deb) ...
Selecting previously deselected package libio-pty-perl.
Unpacking libio-pty-perl (from .../libio-pty-perl_1%3a1.07-1_i386.deb) ...
Selecting previously deselected package libmd5-perl.
Unpacking libmd5-perl (from .../libmd5-perl_2.03-1_all.deb) ...
Setting up libnet-ssleay-perl (1.30-1) ...
Setting up libauthen-pam-perl (0.16-1) ...
Setting up libio-pty-perl (1:1.07-1) ...
Setting up libmd5-perl (2.03-1) ...
Setting up webmin (1.410) ...
Webmin install complete. You can now login to https://hood:10000/
as root with your root password, or as any user who can use sudo
to run commands as root.

• webmin hood available
• webmin install , and arrange preliminary firewall setup:

root@hood:/tmp# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy DROP)
target     prot opt source               destination         
ACCEPT     all  --  localnet/24          anywhere            
ACCEPT     tcp  --  anywhere             10.0.0.201          tcp multiport dports ftp,ssh,smtp,www,https 

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination        

• gallery does not show pictures anymore, backout!
• increased numflock, and tcp buffers
• the problem should be solved by first installing the gd libraries, then gallery, then you can activate the required GD plugin (required for creating thumbnails and so on)
• root@hood:/vz/private# rm -rf 101/*;cp -pR 102/* 101
• it appears that I took a later checkpoint , so vsftpd , apache config, tomcat config is already present
• date gives UTC format, create file /etc/default/locale with contents:

LANG=en_US.UTF-8
TZ=Europe/Amsterdam

• double checkpoint again:
  • root@hood:/vz/private# rm -rf 103/*;cp -pR 102/* 103
  • root@hood:/vz/private# rm -rf 102/*;cp -pR 101/* 102
• copy the (contents of) /root/.my.cnf
• bring down MaxClients in /etc/apache2/apache2.conf (generating thumbnails in Gallery brings down the whole server due to memory overload)

Cloning to other hardware#

Now that the basic server setup is complete, and we switched to the new server, it is time to clone it for backup purposes.
The basic idea is to copy the whole partitions. The following steps have to be done :

• boot the new pc from a (Ubuntu Hardy) liveCD
• partition your harddisk using gparted (make it 5 GB for the HN, the rest voor VE's)
• mount the 5 GB partition on /tmp/ff
• install sshd: apt-get install openssh-server

• now run the following 'copy' commands to clone the HN:

cd /;tar -c bin boot etc home initrd* lib media mnt opt root sbin srv usr vmlinuz*  | ssh -c blowfish 10.0.0.201 tar -x -C /tmp/ff
cd /var;tar -c  cache  local  lock  log  mail  opt  run  spool  tmp  webmin  www | ssh -c blowfish 10.0.0.201 tar -x -C /tmp/ff/var
cd /var/lib;tar -c apparmor defoma initscripts mlocate sgml-base urandom x11 apt dhcp3 libuuid nagios2 snmp vim xml-core aptitude dpkg locales ntop ucf belocs exim4 logrotate ntp ufw vzctl dbus initramfs-tools misc python-support update-manager vzquota | ssh -c blowfish 10.0.0.201 tar -x -C /tmp/ff/var/lib

• find out the UUID with sudo vol_id -u /dev/sda1
• edit the menu.lst in /tmp/ff to reflect the right partition number,partition UUID and kernel name
• install GRUB in the MBR : grub-install --root-directory=/tmp/ff /dev/sda
• boot it..........:

This kernel requires the following features not present on the CPU:
0:6
Please use a kernel that is compatible with your system.

This is explained in Bug 222253. This Intel Centrino does not have PAE, while the older Pentium 4 laptop does:

root@blackpearl:/var/jspwiki/pages# cat /proc/cpuinfo 
processor       : 0
vendor_id       : GenuineIntel
cpu family      : 15
model           : 2
model name      : Intel(R) Pentium(R) 4 CPU 2.60GHz
stepping        : 7
cpu MHz         : 2599.358
cache size      : 512 KB
fdiv_bug        : no
hlt_bug         : no
f00f_bug        : no
coma_bug        : no
fpu             : yes
fpu_exception   : yes
cpuid level     : 2
wp              : yes
flags           : fpu vme de pse tsc msr pae mce cx8 sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe up pebs bts sync_rdtsc cid
bogomips        : 5209.52
clflush size    : 64

Recompile to get PAE out :

• install gcc-4.1
• run make menuconfig
• turn off PAE (and I found out that you have to explicitly modify the .config and set the option to CONFIG_X86_PAE=n, instead of leaving it a comment)
• run debian/rules updateconfigs
• run AUTOBUILD=1 NOEXTRAS=1 fakeroot debian/rules custom-binary-openvz
• make sure you have a backup of your kernel, initramdisk and grub menu.lst
• run cd ..;dpkg -i linux-image-2.6.24-18-openvz_2.6.24-18.32_i386.deb
• check /boot/config-2.6.24-18-openvz to see if it has PAE off
• add acpi=off to all your boot parameters in menu.lst
• reboot
• after booting the non-pae laptop, it still complains with the same error, anyway, the laptop had a bad harddisk and has been switched by an TECRA 9100 512 MB Pentium IIII (with PAE :-) )
• new try:
  • tar -c bin boot etc initrd* lib media mnt opt root sbin srv usr var vmlinuz* |ssh -c blowfish 10.0.0.152 tar -x -C /tmp/sda1
  • grub-install --root-directory=/tmp/sda1 /dev/sda
  • vol_id -u /dev/sda1 ==> inkleuren in /tmp/sda1/boot/grub/menu.lst

Miscellaneous tweaks#

• ln -s ../mods-available/proxy_ajp.load proxy_ajp.load and switched to the ajp connector so I get the real client IP-address.
• see bug report 216990 , updated files /etc/pam.d/common-password and /etc/pam.d/common-auth
• add following to /etc/webmin/conf : webprefix=/webmin webprefixnoredir=1 referer=www.computerhok.nl
• apt-get install fail2ban
• edit /var/lib/ntop/init.cfg => change eth0=>eth1
• changed nagios' mail command from /bin/mail => /usr/bin/mail
• tweaked grafspee's firewall a bit more
• apt-get install webalizer
• apt-get install locate
• disable DNS lookups tomcat's server.xml: <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" enableLookups="false"/>
• change /etc/logrotate.d/apache2 : weekly => monthly
• created /usr/share/gallery2/php.ini with contents : upload_max_filesize = 8M (I bought myself a new digcam).
• set the proper timezone:

root@blackpearl:~# dpkg-reconfigure tzdata

Current default timezone: 'Europe/Amsterdam'
Local time is now:      Fri Oct 31 21:49:38 CET 2008.
Universal Time is now:  Fri Oct 31 20:49:38 UTC 2008.

• apt-get install acl
• apt-get install logwatch
• apt-get install htop

Power saving#

The fan blows almost all of the time, making an irritating noise.
http://www.lesswatts.org has some nice tips.
I did the following to get CPU frequency scaling to work :

root@grafspee:/boot# lsmod|grep -i freq
cpufreq_stats           7104  0 
freq_table              5536  1 cpufreq_stats
root@grafspee:/boot# modprobe -i cpufreq_powersave
root@grafspee:/boot# modprobe -i acpi-cpufreq
root@grafspee:/boot# lsmod|grep freq
acpi_cpufreq           10668  0 
cpufreq_powersave       2688  0 
cpufreq_stats           7104  0 
freq_table              5536  2 acpi_cpufreq,cpufreq_stats
processor              37000  3 acpi_cpufreq,thermal
root@grafspee:/sys/devices/system/cpu/cpu0/cpufreq# l
total 0
drwxr-xr-x 3 root root    0 2008-05-24 11:40 .
drwxr-xr-x 5 root root    0 2008-05-24 11:40 ..
-r--r--r-- 1 root root 4096 2008-05-24 11:40 affected_cpus
-r--r--r-- 1 root root 4096 2008-05-24 11:40 cpuinfo_max_freq
-r--r--r-- 1 root root 4096 2008-05-24 11:40 cpuinfo_min_freq
-r--r--r-- 1 root root 4096 2008-05-24 11:40 scaling_available_frequencies
-r--r--r-- 1 root root 4096 2008-05-24 11:40 scaling_available_governors
-r--r--r-- 1 root root 4096 2008-05-24 11:40 scaling_cur_freq
-r--r--r-- 1 root root 4096 2008-05-24 11:40 scaling_driver
-rw-r--r-- 1 root root 4096 2008-05-24 11:40 scaling_governor
-rw-r--r-- 1 root root 4096 2008-05-24 11:40 scaling_max_freq
-rw-r--r-- 1 root root 4096 2008-05-24 11:40 scaling_min_freq
drwxr-xr-x 2 root root    0 2008-05-24 11:40 stats
root@grafspee~: cat /sys/devices/system/cpu/cpu0/cpufreq/scaling_governor 
performance
root@grafspee~: cat /sys/devices/system/cpu/cpu0/cpufreq/scaling_available_governors
powersave performance 
root@grafspee~: echo powersave > /sys/devices/system/cpu/cpu0/cpufreq/scaling_governor
root@grafspee~: cat /sys/devices/system/cpu/cpu0/cpufreq/scaling_governor 
powersave

Although the scaling_available_governors does not mention ondemand I did echo this string to scaling_governor, doing cat /proc/cpuinfo|grep MHz shows that the frequency does switch between 1200 MHz and 1800 MHz when under load.

• modify /etc/modules => append cpufreq_powersave acpi-cpufreq
• add echo powersave > /sys/devices/system/cpu/cpu0/cpufreq/scaling_governor to /etc/init.d/bootmisch

Now the average temperature drops from 46 to 41 degrees. Here you can see the temperature over time

TO DO#

• sshdfilter (werkt niet lekker)

SVN#

• sudo apt-get install subversion
• mkdir /srv/svn
• svnserve --daemon --root /srv/svn
• svnadmin create /srv/svn
• groupadd svn
• useradd -m -d /srv/svn/ -g svn svn
• mkdir -p /srv/svn/repositories/default
• chown -R www-data:www-data /srv/svn/repositories/default
• su - svn

Ok, that was for svnserver, now for SVN over https with webDAV:

• svnadmin create /srv/svn/repositories/default
• sudo apt-get install libapache2-svn libapache-mod-dav
• htpasswd -c -m /etc/apache2/dav_svn.passwd metskem
• /etc/apache2/mods-enabled# ln -s ../mods-available/dav* .
• modify the /etc/apache2/mods-enabled/dav_svn.conf
• try https://www.computerhok.nl/svn/default

Done the same on blackpearl

SVN Resources#

• http://queens.db.toronto.edu/~nilesh/linux/subversion-howto/
• http://alephzarro.com/blog/2007/01/07/installation-of-subversion-on-ubuntu-with-apache-ssl-and-basicauth/

Backup VPS procedure#

Regularly I take a full backup of all VPS's.

• boot HN hood (on 10.0.0.151)
• logon to grafspee (on 10.0.0.152)
• shutdown ntop on hood (takes too much CPU resources while sending lots of data over ssh)
• on grafspee: cd /vz && tar -c private template | ssh -c blowfish hood tar -x -C /vz
• takes a while......
• on hood : vzlist -a and start the VPS 101: vzctl start 101
• check on 10.0.0.201
• administer that you have done a backup : here