install memcached

Posted on by
Reply

Memcached 홈페이지 배너가 너무 Geek(덕스럽) 하다. 이 포스트가 이 블로그에서 제일 많이 들어오는 거리 중 하나라서 기념 배너를 추가해봤다.

case centos
일단centos 배포본에는 memcached가 없다 그래서 소스컴파일로 설치한다.(root로 가정)

yum install libevent libevent-devel
wget http://memcached.googlecode.com/files/memcached-1.4.9.tar.gz
tar -xvzf memcached-1.4.9.tar.gz
cd memcached-1.4.9
./configure --with-libevent=/usr/lib/
make; make install

기본 설정 파일도 만들어주자.

vi /etc/memcached.conf
#Memory a usar
-m 16
# default port
-p 11211
# user to run daemon nobody/apache/www-data
-u nobody
# only listen locally
-l 127.0.0.1

init script 도 생성해준다. 참조 사이트

일단 만들어 놓은 스크립트가 있으니 다운받아 사용도록 하자

memcached init script downlod : memcached_script.tar.gz

wget http://yupmin.net/wp-content/uploads/2010/08/memcached_script.tar.gz
tar xvfz memcached_script.tar.gz
mv start-memcached /usr/local/bin/start-memcached
mv memcached /etc/init.d/memcached
chmod 755 /usr/local/bin/start-memcached
chmod 755 /etc/init.d/memcached

case ubuntu

유분투에는 쉽게 설치 패키지가 준비되어있다.(root로 가정)

apt-get install memcached
service memcached start

case centos

memcached php 관련 패키지는 centos에 있다.

yum install php-pecl-memcache

혹은  php버젼이 업데이트 되거나 몇가지 안되는 경우가 있다 이럴땐 직접 컴파일한다.

wget http://pecl.php.net/get/memcache-2.2.5.tgz
tar xvfz memcache-2.2.5.tgz
cd memcache-2.2.5
phpize
./configure --enable-memcache
make
cp modules/memcache.so /usr/lib/php/modules

php에 모듈을 셋팅해주자.

vi /etc/php.d/memcache.ini
extension=memcache.so

memcached php test : http://dorkage.net/2009/02/memcached-test/

이외에 또한 memcache php 모듈과 다르게 memcached php모듈이 있는데 필요하면 깔아둔다.

참조 : http://libmemcached.org http://pecl.php.net/package/memcached

wget http://launchpad.net/libmemcached/1.0/0.53/+download/libmemcached-0.53.tar.gz
./configre
make; make install

wget http://pecl.php.net/get/memcached-2.0.0b2.tgz
tar xvfz memcached-2.0.0b2.tgz
cd memcached-2.0.0b2
phpize
./configure --with-libmemcached-dir=/usr/local/lib/
make; make install

vi /etc/php.d/memached.ini

extension=memcached.so

A quick way to get memcached status : http://www.mysqlperformanceblog.com/2008/11/26/a-quick-way-to-get-memcached-status/

watch "echo stats | nc 127.0.0.1 11211"

mysql 컨퍼런스에서 한 외국인 강사가 발표했던 키노트 : http://download.tangent.org/talks/Memcached%20Study.pdf

install mercurial with nginx

Posted on by
Reply

개발을 할때면 간단히 형상관리를 할수 있는 개인만의 repository를 가지고 싶어지는데, AWS 상에서 nginx서버를 이용해서 간단한 mercurial web repository 를 구성해보았다.

soruce url : http://geeksharp.com/2010/01/20/mercurial-web-with-fastcgi-nginx/ http://mercurial.selenic.com/wiki/HgWebDirStepByStep

case : ubuntu(on aws)

apt-get install nginx mercurial python-flup spawn-fcgi
mkdir /var/www/hg
chown ubuntu:www-data /var/www/hg

case : amazon linux ami(on aws)

sudo yum install nginx spawn-fcgi mercurial
sudo easy_install flup
mkdir /var/www/hg
chown ec2-user:nginx /var/www/hg

nginx를 ubuntu, yum 기본패키지를 깔수도 있고, 최신 stable 버젼으로 깔수도(http://wiki.nginx.org/Install) 있다.

vi /var/www/hg/hgwebdir.fcgi

#!/usr/bin/env python
#
# An example CGI script to export multiple hgweb repos, edit as necessary

# adjust python path if not a system-wide install:
#import sys
#sys.path.insert(0, "/path/to/python/lib")

# enable demandloading to reduce startup time
from mercurial import demandimport; demandimport.enable()

# Uncomment to send python tracebacks to the browser if an error occurs:
#import cgitb
#cgitb.enable()

# If you'd like to serve pages with UTF-8 instead of your default
# locale charset, you can do so by uncommenting the following lines.
# Note that this will cause your .hgrc files to be interpreted in
# UTF-8 and all your repo files to be displayed using UTF-8.
#
import os
os.environ["HGENCODING"] = "UTF-8"

from mercurial.hgweb.hgwebdir_mod import hgwebdir
from flup.server.fcgi import WSGIServer

# The config file looks like this. You can have paths to individual
# repos, collections of repos in a directory tree, or both.
#
# [paths]
# virtual/path1 = /real/path1
# virtual/path2 = /real/path2
# virtual/root = /real/root/*
# / = /real/root2/*
#
# [collections]
# /prefix/to/strip/off = /root/of/tree/full/of/repos
#
# paths example:
#
# * First two lines mount one repository into one virtual path, like
# '/real/path1' into 'virtual/path1'.
#
# * The third entry tells every mercurial repository found in
# '/real/root', recursively, should be mounted in 'virtual/root'. This
# format is preferred over the [collections] one, using absolute paths
# as configuration keys is not supported on every platform (including
# Windows).
#
# * The last entry is a special case mounting all repositories in
# '/real/root2' in the root of the virtual directory.
#
# collections example: say directory tree /foo contains repos /foo/bar,
# /foo/quux/baz. Give this config section:
# [collections]
# /foo = /foo
# Then repos will list as bar and quux/baz.
#
# Alternatively you can pass a list of ('virtual/path', '/real/path') tuples
# or use a dictionary with entries like 'virtual/path': '/real/path'

WSGIServer(hgwebdir('/var/www/hg/hgweb.config')).run()
sudo chmod ug+x /var/www/hg/hgwebdir.fcgi

WSGI 서버를 만들수 있도록 한다.

vi /var/www/hg/hgweb.config

[web]
baseurl = /
allow_push = *
push_ssl = false

[paths]
/ = /var/www/hg/*

WSGI 서버에서 레포지토리 연결할수 있도록 설정 파일을 설정해준다.

perl -le 'print crypt("[your-password]", "salt-hash")'
vi /var/www/hg/hgusers.config

username:encrypted-password:comment

접근 암호도 설정해준다.

vi /etc/init.d/fcgi-hg

#! /bin/sh
#
# fcgi-hg Startup script for the nginx HTTP Server
#
# chkconfig: - 84 15
# description: Loading php-cgi using spawn-cgi
# HTML files and CGI.
#
# Author: Ryan Norbauer
# Modified: Geoffrey Grosenbach http://topfunky.com
# Modified: David Krmpotic http://davidhq.com
# Modified: Kun Xi http://kunxi.org
PATH=/opt/python/bin:$PATH
DAEMON=/usr/bin/spawn-fcgi
FCGIHOST=127.0.0.1
FCGIPORT=9003
FCGIUSER=nginx # ubuntu www-data
FCGIGROUP=nginx
FCGIAPP=/var/www/hg/hgwebdir.fcgi
PIDFILE=/var/run/fcgi-hg.pid
DESC="HG in FastCGI mode"

# Gracefully exit if the package has been removed.
test -x $DAEMON || exit 0
test -x $FCGIAPP || exit 0

start() {
$DAEMON -a $FCGIHOST -p $FCGIPORT -u $FCGIUSER -g $FCGIGROUP -f $FCGIAPP -P $PIDFILE 2> /dev/null || echo -en "\n already running"
}

stop() {
kill -QUIT `cat $PIDFILE` || echo -en "\n not running"
}

restart() {
kill -HUP `cat $PIDFILE` || echo -en "\n can't reload"
}

case "$1" in
start)
echo -n "Starting $DESC: "
start
;;
stop)
echo -n "Stopping $DESC: "
stop
;;
restart|reload)
echo -n "Restarting $DESC: "
stop
# One second might not be time enough for a daemon to stop,
# if this happens, d_start will fail (and dpkg will break if
# the package is being upgraded). Change the timeout if needed
# be, or change d_stop to have start-stop-daemon use --retry.
# Notice that using --retry slows down the shutdown process somewhat.
sleep 1
start
;;
*)
echo "Usage: $SCRIPTNAME {start|stop|restart|reload}" >&2
exit 3
;;
esac

exit $?

서버 실행시 서비스 등록을 해준다.

sudo chkconfig fcgi-hg on		# case amazon linux ami or centos
sudo update-rc.d fcgi-hg defaults		# case ubuntu

fcgi-hg 에 대한 init script를 만들어주고 등록한다.

vi /etc/nginx/host.d/xxxxx

server {
	listen 80;
	server_name test.abc.com;
	root /var/www/hg/;
	gzip on;

	location / {
		include fastcgi_params;
		fastcgi_pass 127.0.0.1:9003;
		fastcgi_split_path_info ^(/)(.*)$;
		fastcgi_param  SCRIPT_NAME      $fastcgi_script_name;
		fastcgi_param  PATH_INFO        $fastcgi_path_info;
		fastcgi_param  AUTH_USER        $remote_user;
		fastcgi_param  REMOTE_USER      $remote_user;
		fastcgi_intercept_errors        off;
		limit_except GET HEAD {
			auth_basic  'Geek\'s Repositories';
			auth_basic_user_file /var/www/hg/hgusers.config;
		}
	}
	location /static/ {
		rewrite /static/(.*) /$1 break;
		root /usr/lib/python2.6/site-packages/mercurial/templates/static;
		expires 30d;
	}
}

nginx 웹설정 파일을 수정해주고 nginx를 restart 를 하면 해당 도메인으로 mercurial web repository가 뜨는 것을 볼 수 있다.

hg init /var/www/hg/[project_name]
sudo chgrp -R nginx /var/www/hg/[project_name]	# case centos
sudo chgrp -R www-data /var/www/hg/[project_name]	# case ubuntu

[project_name]의 이름의 프로젝트를 위와 같이 추가하면 각각의 프로젝트에 대해 repository 가 생기는 것을 볼수 있다.

iptables simple setting

Posted on by
Reply

linux 서버를 셋팅할때 각각 배포본마다 설정되어있는 iptables 설정은 배포본의 경계를 넘나들때나, 변경할때 귀찮기 마련이다. 그래서 마련한 간단히 셋팅을 바꿀수 있는 스크립트.

referance : http://wiki.centos.org/HowTos/Network/IPTables

case : centos

vi gen_iptable.sh

#!/bin/bash
/sbin/iptables -F
# Allow SSH connections on tcp port 22
/sbin/iptables -A INPUT -i eth0 -p tcp --dport 22 -j ACCEPT
# Set default policies for INPUT, FORWARD and OUTPUT chains
/sbin/iptables -P INPUT DROP
/sbin/iptables -P FORWARD DROP
/sbin/iptables -P OUTPUT ACCEPT
# Set access for localhost
/sbin/iptables -A INPUT -i lo -j ACCEPT
# Accept packets belonging to established and related connections
/sbin/iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
# My Firewall
/sbin/iptables -A INPUT -i eth0 -p tcp --dport 80 -j ACCEPT
/sbin/iptables -A INPUT -i eth0 -p tcp --dport 22 -s xxx.xxx.xxx.xxx -j ACCEPT
# Save settings
/sbin/service iptables save
# List rules
/sbin/iptables -L -v

case : ubuntu

vi gen_iptable.sh

#!/bin/bash
/sbin/iptables -F
# Allow SSH connections on tcp port 22
/sbin/iptables -A INPUT -i eth0 -p tcp --dport 22 -j ACCEPT
# Set default policies for INPUT, FORWARD and OUTPUT chains
/sbin/iptables -P INPUT DROP
/sbin/iptables -P FORWARD DROP
/sbin/iptables -P OUTPUT ACCEPT
# Set access for localhost
/sbin/iptables -A INPUT -i lo -j ACCEPT
# Accept packets belonging to established and related connections
/sbin/iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
# My Firewall
/sbin/iptables -A INPUT -i eth0 -p tcp --dport 80 -j ACCEPT
/sbin/iptables -A INPUT -i eth0 -p tcp --dport 22 -s xxx.xxx.xxx.xxx -j ACCEPT
# Save settings
/sbin/iptables-save > /etc/iptables.rule
# List rules
/sbin/iptables -L -v