Skip to content

Joyent Server Setup

Jump to bottom Edit New page
George Snelling edited this page Oct 31, 2015 · 20 revisions

Owner: George Last Updated: 2015-10-30

Start with the Joyent base-64 box.

Joyent user name is admin3meters.

Joyent uses SmartOS, a fork of Sun's Solaris. All the files are in different places than in the main distributions of Linux, and most of the admin commands are different. Here is their mapping cheatsheet: http://wiki.smartos.org/display/DOC/The+Linux-to-SmartOS+Cheat+Sheet

To connect to the box after it is running,

ssh admin@ipAddress

Enable ssh passthrough to github

In some configs ssh passthough to github is not enabled by default. If this is the case you will not be able to clone from github. Follow these steps only if you get a failure when cloning the proxibase repository.

Copy the 3meters public key, 3meters.pub, to /home/admin/.ssh. Do not put the private key on the box, that is a big security breach. Create a new file named authorized_keys if it doesn't already exist. Edit it, and paste in the contents of 3meters.pub, followed by a blank space, followed by the string "3meters". Then

chmod 600 authorized_keys

Your client PC needs to have ssh tunneling turned on for this to work. It is turned off by default on Macs.

Make ssh passthrough work under sudo

Sometimes when ssh forwarding is working, but won't work if you sudo ssh. That is because the keys available to the logged in user are not visible to the sudo user. See this answer:

http://serverfault.com/questions/107187/ssh-agent-forwarding-and-sudo-to-another-user

sudo visudo

then add

Defaults    env_keep+=SSH_AUTH_SOCK

Update the package manager database

The Joyent package manager is pkgin

sudo pkgin update

Install needed packages

sudo pkgin install ...
    git-base   
    mongodb
    gmake
    gcc    (lately had to add gcc49 then add /opt/local/gcc49/bin to path)

gcc is needed for the C++ bson parser that is part of the mongodb javascript driver. If gcc is not working then the driver will fall back to a javascript implementation, which may be fine.

Tell the machine's dns to route api.localhost to localhost.

vim /etc/hosts

...
127.0.0.1       api.localhost localhost
...

Manage the mongod service

svcs      // lists services
svcadm    // admins them

If you have a problem with a service you usually need to run at svcadm clear before it will work again. The service logs are in /var/svc/log

enable the service:

sudo svcadm enable mongodb

You should be able to enter the mongo shell and poke around without authentication failures.

Enable mail

The proxibase service sends email. The machine does not run an email server by default. To enable it,

svcadm postfix enable

Install proxibase

cd /usr/local
mkdir prox
chown admin prox
chgrp staff prox
git clone [email protected]:3meters/proxibase prox

Then cd prox, and copy config/config.js and keys/prod from a running production instance

Install node modules

The mongodb driver is configured to use the c++ BSON parser. This requires make and gcc to be on your path when you build, otherwise it will succeed silently and fall back to the pure javascript BSON parser. If this happens prox will complain on startup about falling back to the js BSON driver.

make sure gmake and gcc are on your path, then do

cd prox
npm install

If you forget the gcc and make part,

npm rm mongodb

then install gcc and gmake from pgkin, then

npm install mongodb

Check the firewall

Make sure the Joyent firewall is enabled. This blocks all incoming network traffic on any ports other than 22, 443, or 8443.

Logs

Create and open wide the permissions for the logs

cd /var/log
sudo mkdir prox
sudo chmod -R 777 prox
sudo chown -R admin prox
sudo chgrp -R staff prox
cd /var/log/prox
mkdir old
>prox.log
>proxerr.log

Rotate Logs

cd /etc
vim logadm.conf

add these lines to the end

# Proxibase 
/var/log/prox/prox.log -c
/var/log/prox/proxerr.log -c

Run proxibase as a service

Running proxibase as an Solaris service is necessary in order to automatically restart it after a system reboot, something that has happened on occasion. See the instructions in /bin/smf/readme.md

Backups

In prox/bin there is a backup script named proxbackup. Test it manually to make sure it works. You may need to set the environment locale variable LC_ALL to the value C.

vim ~/.profile
LC_ALL=C
export LC_ALL

save and reset your profile.

Once backup is working manually, you want to add the backup task to the root user's crontab file. To do this

sudo bash
crontab -e     // edit root user's crontab file

add these lines (or similar)

#
# Backup proxibase
#
8 11 * * * /usr/local/prox/bin/proxbackup > /var/log/prox/backup.log 2>&1
#
# upload backup file to amazon s3
45 3 * * * /usr/local/prox/bin/awsupload > /var/log/prox/awsupload.log 2>&1
Add a custom footer
Add a custom sidebar
Clone this wiki locally