Skip to content

db_builds

Jump to bottom
drinkyouroj edited this page Nov 17, 2014 · 5 revisions

How the DB1 server was made: Create a F20 system on rackspace

Note that the future plan is to have servers for each of the services that are mentioned below.

Install Commands

su -c 'yum install --nogpgcheck http://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm http://download1.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-$(rpm -E %fedora).noarch.rpm'

yum update

yum install redis mongodb mongodb-server community-mysql community-mysql-server memcached tomcat slf4j denyhosts nano

edit /etc/hosts.allow to include Your IP

systemctl enable denyhosts
systemctl start denyhosts

Now for the stupid part (firewallD’s documentation is not that great): resources: http://liquidat.wordpress.com/2013/04/09/howto-firewalld-basics/

Go to /etc/firewalld/zones/ and make this file (internal.xml):

<?xml version="1.0" encoding="utf-8"?>
<zone>
  <short>External</short>
  <description>For use on external networks. You do not trust the other computers on networks to not harm your computer. Only selected incoming connections are accepted.</description>

  <port port="8080" protocol="tcp"/>
  <port port="6379" protocol="tcp"/>
  <port port="3306" protocol="tcp"/>
  <port port="11211" protocol="tcp"/>
  <port port="27017" protocol="tcp"/>

  <service name="ssh"/>
  <masquerade/>
</zone>

Then, once you’ve done that…

firewall-cmd --permanent --zone=internal --change-interface=eth2
firewall-cmd --reload

This will make sure that your trusted eth2 (in our case our internal network between the web and database servers) is trusted and therefore show the required ports. IMPORTANT NOTE: I used internal.xml but make sure that fedora/firewall-cmd doesn’t do something funny with the xml file. revisit the thing. I used the “trusted” level and it replaced the file.

Enabling the DBs/Cache/Search

MYSQL

systemctl enable mysqld.service
systemctl start mysqld.service

Refer to this: http://www.if-not-true-then-false.com/2010/install-mysql-on-fedora-centos-red-hat-rhel/

Important command:

/usr/bin/mysql_secure_installation

Follow the instructions and it will make sure things are right.

MONGO

systemctl enable mongod.service
systemctl start mongod.service

mongo
    //note: mongo prompt should show up.
use database
db.addUser({user: "twothousand", pwd: "TT99!!!", roles: ["userAdminAnyDatabase"]})

The following are indexes for the comments collections => faster queries for comments

    //note: may need to check version of mongo if these commands dont work
db.comments.ensureIndex({'post_id': 1, 'created_at': 1})
db.comments.ensureIndex({'post_id': 1, 'full_slug_asc': 1})
db.comments.ensureIndex({'post_id': 1, 'full_slug_desc': 1})

REDIS

For redis to open its port, you have to bind the open port ip (in this case 192.168.3.1) . To do this you need to add below to /etc/redis.conf after “bind 127.0.0.1”: bind 192.168.3.1

http://redis.io/topics/security Also in the same file, make sure to enable: requirepass some-crazy-ass-md5-hash

Then you can start the services:

systemctl enable redis.service
systemctl start redis.service

Apache Solr

One big headache to remember. You need these libraries in your java folders or it won’t work: ''' cd /usr/share/java/tomcat/ cp /usr/share/java/slf4j/*.jar . '''

It sucks that the above isn’t the best solution at all

Clone this wiki locally