Month: July 2016

Create Swap Virtual Memory on Centos 6 openVZ

Swap Virtual Memory help vps server with little amount of memory to add more amount of memory with Swap partition. For example, upgrade amount of RAM in system from 512 MB to 1 GB by create Swap partition 512 MB. Please note that not all vps hosting provider granted an VPS based on openVZ to create Swap Virtual Memory

Check physical memory usage, see physical memory free left only 34 MB, not good, vps server may stop working

#free -m
             total       used       free     shared    buffers     cached
Mem:           490        455         34          0         24         73
-/+ buffers/cache:        358        131
Swap:            0          0          0

Check disk space availability

#df
Filesystem     1K-blocks    Used Available Use% Mounted on
/dev/vda1        9256088 1475508   7308836  17% /
tmpfs             250996       0    250996   0% /dev/shm

Add a swap file:
Determine the size of the new swap file in megabytes and multiply by 1024 to determine the number of blocks. For example, the block size of a 512 MB swap file is 524288.
At a shell prompt as root, type the following command with count being equal to the desired block size: dd if=/dev/zero of=/swapfile bs=1024 count=524288

#dd if=/dev/zero of=/swapfile bs=1024 count=524288
524288+0 records in
524288+0 records out
524288824 bytes (512 MB) copied, 10.192 s, 105 MB/s

#mkswap /swapfile
mkswap: /swapfile: warning: don't erase bootbits sectors
        on whole disk. Use -f to force.
Setting up swapspace version 1, size = 524288KiB
no label, UUID=d2592b02-8cb8-4892-8a5a-5af7f9654cc1

#swapon /swapfile

#swapon -s
Filename                                Type            Size    Used    Priority
/swapfile                               file            524288 0       -1

#vi /etc/fstab

# Paste this following line at bottom

/swapfile swap swap defaults 0 0

To prevent the file from being world-readable, you should set up the correct permissions on the swap file:

#chown root:root /swapfile
#chmod 0600 /swapfile

Check the result!

#free -m
             total       used       free     shared    buffers     cached
Mem:           490        483          6          0          4        121
-/+ buffers/cache:        357        132
Swap:          511          0        511

Setting timezone on CentOS 6

Check current time zone of your Server

#date
Tue Jul 26 21:07:48 BST 2016

On on CentOS 6 the list of time zone files located at /usr/share/zoneinfo.

#cd /usr/share/zoneinfo
#ls -la
drwxr-xr-x. 20 root root  4096 Jul 10  2015 .
drwxr-xr-x. 63 root root  4096 Jul 25 23:56 ..
drwxr-xr-x.  2 root root  4096 Jul 10  2015 Africa
drwxr-xr-x.  6 root root  4096 Jul 10  2015 America
........................................................

Find the time zone for your location and note of the appropriate folder and file, for example: America/Chicago.
First, make a backup of the existing localtime file. It’s always good practice to make backups of original config files.

#mv /etc/localtime /etc/localtime.bak

Then create the link:

#ln -s /usr/share/zoneinfo/America/Chicago /etc/localtime

Now check the change

#date
Tue Jul 26 16:03:18 EDT 2016

Additional task is make sure the settings stay applied after on reboot

#vi /etc/sysconfig/clock

change the zone line to:

ZONE="America/Chicago"

Install Configure NTP to Synchronize Clocks of System on CentOS 6

NTP (Network Time Protocol) is an Internet protocol used to synchronize the clocks of computers to some time reference. NTP is an Internet standard protocol originally developed by Professor David L. Mills at the University of Delaware.

Install and configure NTP (Network Time Protocol)
NTP package is provided by default on CentOS /RHEL 7 repositories and can be installed with command below

#yum install ntp

Turn on service as daemon, start automatically on rebooot

#chkconfig ntpd on

Start the NTP server, NTP will continuously adjusts system time from upstream NTP server

#/etc/init.d/ntpd start

Enable gzip compression Apache Nginx for faster web speed

Gzip compression helps to reduce the size of transmitted data on Apache Nginx server

There are 2 ways to Enable gzip compression on Apache, with httpd configuration and htaccess

Enable gzip compression n Apache with httpd configuration

By default mod_deflate.so module has been active but we want to make sure and check if mod_deflate.so module has been installed and activate at httpd configuration.

#cat /etc/httpd/conf/httpd.conf | grep deflate
LoadModule deflate_module modules/mod_deflate.so

** If it is commented (#), please remove it (#) out.

Next part is add code below to httpd.conf, these lines can store at the end of the file:

#Enable gzip compression
<ifModule mod_headers.c>
SetOutputFilter DEFLATE
# You can't compress what is already compressed
SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary
SetEnvIfNoCase Request_URI \.(?:exe|t?gz|zip|bz2|sit|rar)$ no-gzip dont-vary

#Make proxies work as they should.
<ifModule mod_headers.c>
Header append Vary User-Agent
</ifModule>
</ifModule>

Restart Apache to effect the changes

#service httpd restart

Enable gzip compression on Apache with .htaccess by add configuration line below to .htaccess

#Enable gzip compression
<ifModule mod_headers.c>
# Compress HTML, CSS, JavaScript, Text, XML and fonts
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE application/rss+xml
AddOutputFilterByType DEFLATE application/vnd.ms-fontobject
AddOutputFilterByType DEFLATE application/x-font
AddOutputFilterByType DEFLATE application/x-font-opentype
AddOutputFilterByType DEFLATE application/x-font-otf
AddOutputFilterByType DEFLATE application/x-font-truetype
AddOutputFilterByType DEFLATE application/x-font-ttf
AddOutputFilterByType DEFLATE application/x-javascript
AddOutputFilterByType DEFLATE application/xhtml+xml
AddOutputFilterByType DEFLATE application/xml
AddOutputFilterByType DEFLATE font/opentype
AddOutputFilterByType DEFLATE font/otf
AddOutputFilterByType DEFLATE font/ttf
AddOutputFilterByType DEFLATE image/svg+xml
AddOutputFilterByType DEFLATE image/x-icon
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/javascript
AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/xml

#Remove browser bugs (only needed for really old browsers)
BrowserMatch ^Mozilla/4 gzip-only-text/html
BrowserMatch ^Mozilla/4\.0[678] no-gzip
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
Header append Vary User-Agent
</ifModule>

Enable gzip compression on Nginx by activate gzip on and add some configuration to etc/nginx/nginx.conf

#vi /etc/nginx/nginx.conf

Add this line below to etc/nginx/nginx.conf

#Enable gzip compression
gzip on;
gzip_comp_level 2;
gzip_min_length 1000;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/plain application/x-javascript text/xml text/css application/xml;

 

Enable Keep Alive for faster web speed Apache and Nginx

There are 2 ways to enable Keep Alive On at Apache server, with .htaccess and httpd.conf

Enable keep-alive On at Apache with httpd.conf

Keep Alive Default configuration is Off, we must change it to On

vi /etc/httpd/conf/httpd.conf

Find KeepAlive sentence and edit Off to On

.....................................
# KeepAlive: Whether or not to allow persistent connections (more than
# one request per connection). Set to "Off" to deactivate.
#
# KeepAlive Off
KeepAlive On
......................................

Restart Apache to effect the changes

#vi service httpd restart

Enable keep-alive on Apache server with .htaccess

This is alternative if we do not have access to server. Add code below to .htaccess

<ifModule mod_headers.c>
Header set Connection keep-alive
</ifModule>

Enable keep-alive On Nginx with nginx.conf

By default NGINX supports keep-alive, add this line below to nginx configuration

#vi etc/nginx/nginx.conf
# Keep Alive
keepalive_timeout 65;
keepalive_requests 100000;
sendfile on;
tcp_nopush on;
tcp_nodelay on;

Install MariaDB Server on CentOS 6

Most people said MariaDB better then old MySQL Server, so i decided to migrate Database Server from old MySQL to new MariaDB Server

For brief info MariaDB is a community-developed fork of the MySQL relational database management system intended to remain free under the GNU GPL. It is notable for being led by the original developers of MySQL, who forked it due to concerns over its acquisition by Oracle.

For CentOS system highly recommended to install MariaDB from a repository using yum.
First step make sure list of available CentOS packages is up-to-date before installing by input following commands.

#yum -y update

Then add the MariaDB repository

#vi /etc/yum.repos.d/MariaDB.repo

Insert this custom MariaDB 10.1 Stable YUM repository for CentOS 6 (64 Bit).

# MariaDB 10.1 CentOS repository list - created 2016-07-03 19:01 UTC
# http://downloads.mariadb.org/mariadb/repositories/
[mariadb]
name = MariaDB
baseurl = http://yum.mariadb.org/10.1/centos6-amd64
gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
gpgcheck=1

For complete custom MariaDB repository with linux system version please visit

https://downloads.mariadb.org/mariadb/repositories/

Install MariaDB

#yum install MariaDB-server MariaDB-client -y

Start MariaDB and set to start on every boot.

#service mysql start
#chkconfig mysql on

Secure MariaDB, Secure your MariaDB installation. The following checklist shows the steps that will be performed.
Set (Change) root password.
Remove anonymous users.
Disallow root login remotely.
Remove test database and access to it.
Reload privilege tables.
Run the secure installation command.

#mysql_secure_installation
Example output

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!

In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none):
OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.

Set root password? [Y/n] y
New password: ENTER YOUR PASSWORD
Re-enter new password: REPEAT YOUR PASSWORD
Password updated successfully!
Reloading privilege tables..
... Success!

By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] y
... Success!

Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] y
... Success!

By default, MariaDB comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] y
- Dropping test database...
... Success!
- Removing privileges on test database...
... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] y
... Success!

Cleaning up...

All done! If you've completed all of the above steps, your MariaDB
installation should now be secure.

Thanks for using MariaDB!

Restart MariaDB.

#service mysql restart