Tag Archives: centos

Installing Postgres 9.1 on CentOS

20 Oct

Notes on installing Postgres 9.1 on CentOS…

Dump Postgres 9.0 DB if you are upgrading from 9.0 to 9.1

  • mkdir -p /opt/pg/dump
  • Dump Postgres 9.0
    • /usr/pgsql-9.0/bin/pg_dump -U pgadmin -f /opt/pg/dump/shard1_90dump shard_1

STOP Postgres 9.0 if you are upgrading 9.0 to 9.1

  • service postgresql-9.0 stop
  • Ensure no Postgres process is running:
    • ps -ef | grep postgres
  • IF any Postgres process is running kill it:
    • pkill -f postgres
  • Turn off Postgres Service in CentOS Startup
    • chkconfig postgresql-9.0 off

Install and configure the PostgreSQL Yum Repository Configuration

  • mkdir /opt/pgdq91
  • cd /opt/pgdg1
  • Download the Repository Configuruation RPM for the Postgres 9.1
  • Run rpm -ivh pgdg-centos-9.1-1.noarch.rpm
    • The file /etc/yum.repos.d/pgdg-<version>.repo is created
  • Configure the Base repository to ignore request for Postgres RPMs
    • cd /etc/yum.repos.d
    • vi CentOS-Base.repo
      • Add exclude=postgresql* to the bottom of the file
    • vi CentOS-updates.repo
      • Add exclude=postgresql* to the bottom of the file

Install/Upgrade Postgres packages

  • yum install postgresql91 postgresql91-server postgresql91-contrib

Copy Postgres binaries to /usr/bin

  • The postgres91 packages install binaries/executables such as psql to /usr/pgsql-9.1/bin. We need to copy these to /usr/bin so it’s available in the default path.
    • Note: use the \ before cp otherwise you’ll be prompted to confirm each file that is copied/overwritten.
    • \cp /usr/pgsql-9.1/bin/* /usr/bin

If Upgrading From Postgres 9.1 to a later release

  • yum upgrade postgresql91*
  • service postgresql-9.1 restart

Important File and Directory Locations for Postgres

Postgres is installed in the following directories:

  • /usr/pgsql-9.1 – this dir contains the postgres libraries and executables for managing the postgres process.
  • /usr/pgsql-9.1/bin/* and /usr/bin/pg* (Postgres CLI commands)
  • /var/lib/pgsql/9.1 – this dir contains the postgres database and configuration files
  • /var/lib/pgsql/9.1/data/*.conf (Postgres Configuration files)
  • /var/lib/pgsql/9.1/data/pg_log (Postgres Log Files)

Intialize Postgres DB

  • The following command assumes you are using Postgres 9.1 version:
    • service postgresql-9.1 initdb

Setup Postgres service management on CentOS

  • This will automatically start/stop Postgres on system startup/shutdown
    • chkconfig postgresql-9.1 on

User Authentication Configuration

  • Change Postgres 9.1 authentication configuration to use md5
    • vi /var/lib/pgsql/9.1/data/pg_hba.conf
    • change all occurrences of ident and peer as follows. Should look like this:
      # TYPE  DATABASE        USER            ADDRESS                 METHOD
      # "local" is for Unix domain socket connections only
      local   all             all                                     trust
      # IPv4 local connections:
      host    all             all               md5
      # IPv6 local connections:
      host    all             all             ::1/128                 md5


Start Postgres 9.1

  • service postgresql-9.1 start
  • To subsequently stop: service postgresql-9.1 stop

Test psql command line client and setup pgadmin user

  • Test psql access
    • export LD_LIBRARY_PATH=/usr/pgsql-9.1/lib:$LD_LIBRARY_PATH
      • this step is required because we have both Postgres 9.0 and 9.1 on the same machine
    • /usr/pgsql-9.1/bin/psql -d template1 -U postgres (or, psql -d shard_1 -U pgadmin -E, etc…)
    • Exit from psql prompt by typing Ctrl-D

Setup pgpass file for DB instance

  • Setup pgpass for user root:
    • Ensure you are in root shell, if you are still su – postgres then enter exit
    • vi /root/.pgpass
    • Enter the following, save and exit.


    • Set the correct privileges for the pgpass file
      ***chmod 0600 /root/.pgpass

Stop Postgres

  • service postgresql-9.1 stop

Start Postgres

  • service postgresql-9.1 start

Initialize and Import shard_1 Database


  • export LD_LIBRARY_PATH=/usr/pgsql-9.1/lib:$LD_LIBRARY_PATH
    • this step is required because we have both Postgres 9.0 and 9.1 on the same machine

Create the shard_1 DB

    1. /usr/pgsql-9.1/bin/createdb -U pgadmin -T template1 shard_1

Create pgadmin user

  • /usr/pgsql-9.1/bin/createuser -P pgadmin -U postgres
  • Enter password for new role: xxxx
  • Enter it again: xxxx
  • Shall the new role be a superuser? (y/n) y

Create Extension citext

  • /usr/pgsql-9.1/bin/psql -d template1 -U postgres
    • CREATE EXTENSION citext;

Import shard_1 Database contents

  • /usr/pgsql-9.1/bin/psql -U postgres shard_1 -f /opt/pg/dump/shard1_90dump &> /tmp/pgload123
  • Check the pgload file for any glaring errors.
  • THE ONLY errors you should see should be related to “citext function already exists”. This is because citext in Postgres 9.0 is a contrib module whereas in Progres 9.1 it’s an Extension.

Configuring/Tuning Postgres for Remote Access

Performance Settings.

  • Note: these settings are not suitable for development environments.
  • For a m2.4xlarge EC2 instance:
    • Within /var/lib/pgsql/9.1/data/postgresql.conf:
      • shared_buffers = 17500MB
      • max_connection = 5000
    • effective_cache_size = 34000MB
    • checkpoint_segments = 8
    • max_prepared_transactions = 1000
    • listen_addresses=’*’
    • log_min_messages= FATAL (LOG or ERROR levels cause trigger outputs to be published)

Configure Two-Phase commit

  • Within /var/lib/pgsql/9.1/data/postgresql.conf:
    • Set max_prepared_transactions = 100 in order to enable two-phase commit transactions (required for DDL updates).

TCP/IP configuration

  • For security reasons, a PostgreSQL server “out of the box” doesn’t listen on TCP/IP ports. Instead, it has to be enabled to listen for TCP/IP requests. This can be done by adding listen_addresses=’*’ for Version 8.0.x and above; this will make the server accept connections on any IP interface.
  • cd /var/lib/pgsql/9.1/data/
  • vi postgresql.conf
    • Set listen_addresses=’*’

Remote Host Connectivity Settings

  • vi /var/lib/pgsql/9.1/data/pg_hba.conf
    • This is an example of allowing connections from all hosts. But the “allowed” hosts would be controlled via Firewall settings. This
      would be how we would do it on Amazon EC2.
      Example below:

       TYPE  DATABASE        USER            CIDR-ADDRESS            METHOD
      # "local" is for Unix domain socket connections only
      local   all             all                                     trust
      # IPv4 local connections:
      host    all             all                  md5
      # IPv6 local connections:
      host    all             all             ::/0                    md5


    • If you want just your Windows desktop to connect to this Postgres server, add ‘host all all $ipOfWindowsOs/24 md5’ in the appropriate section (scroll to the bottom of the file).
    • The $ipOfWindowOs is typically of the form 192.168.X.X, and will be provided by the pgadmin error message initially saying something along the lines of ‘this host does not access…’.
    • You can either have an entry for each host or a set of hosts.
    • See the documentation in the pg_hba.conf file for more info.
    • SEE http://developer.postgresql.org/pgdocs/postgres/auth-pg-hba-conf.html for more information

Restart Postgres after all Configuration changes

  • service postgresql-9.1 restart


  • http://www.depesz.com/index.php/2011/03/02/waiting-for-9-1-extensions/
  • Email/Bug report with Postgres
    "Stan S" writes:
    > shard_1=# CREATE TABLE users (nickname CITEXT PRIMARY KEY,pass TEXT   NOT
    > NULL);
    > NOTICE:  CREATE TABLE / PRIMARY KEY will create implicit index "users_pkey"
    > for table "users"
    > shard_1=# INSERT INTO users VALUES ( 'larry',  'aaa' );
    > INSERT 0 1
    > shard_1=# INSERT INTO users VALUES ( 'Tom',   'bbb' );
    > ERROR:  could not determine which collation to use for string comparison
    > HINT:  Use the COLLATE clause to set the collation explicitly.
    Hmm, I can't replicate this here ...
    > shard_1=# CREATE TABLE users (nickname CITEXT COLLATE "C" PRIMARY KEY,pass
    > ERROR:  collations are not supported by type citext
    This suggests strongly that you're using a 9.0-or-earlier citext
    installation that you've not upgraded to 9.1.  If that's the right
    guess, you need to do CREATE EXTENSION citext FROM unpackaged
    to fix it.
                            regards, tom lane

Installing CAS Server on Centos

21 Jul

Install Prereq software

Download and install CAS Server

Setup custom authentication

  • cd /opt/cas/cas-server-3.4.7
  • cp modules/cas-server-support-generic-3.4.7.jar /usr/share/tomcat6/webapps/cas-server-webapp-3.4.7/WEB-INF/lib
  • Edit /usr/share/tomcat6/webapps/cas-server-webapp-3.4.7/WEB-INF/lib/deployerConfigContext.xml
    • Comment out bean definition for SimpleTestUsernamePasswordAuthenticationHandler
    • Add the following bean definition replace username and password with appropriate value.
      <bean class="org.jasig.cas.adaptors.generic.AcceptUsersAuthenticationHandler">
          <property name="users">
                <entry key="<username>" value="<password>" />


Setup SSL support using Self-Signed Certificates

— Change the server.xml and add the following:

<!– Define a SSL HTTP/1.1 Connector on port 8443

This connector uses the JSSE configuration, when using APR, the

connector should be using the OpenSSL style configuration

described in the APR documentation –>

<Connector port=”8443″ protocol=”HTTP/1.1″ SSLEnabled=”true”

maxThreads=”150″ scheme=”https” secure=”true”

clientAuth=”false” sslProtocol=”TLS” keystorePass=”changeit”/>

— More details at http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html#Configuration

  • Restart Tomcat
    • service tomcat6 restart

Redis on Centos

2 Jul

Setup Latest Redis

  • Download and build latest redis
    1. cd /opt/redis
    2. Dowload the latest stable version from http://redis.io

      {info:title=Make Note}

      As of this writing the latest Redis version is 2.2.7. Ensure you are installing the appropriate Redis version before




    3. tar xzf redis-2.2.7.tar.gz
    4. cd redis-2.2.7
    5. make
  • Create the “latest version” symlink
    1. cd /opt/redis
    2. ln -s redis-2.2.7 latest
  • Start Redis Server
    1. cd src
    2. ./redis-server

Test CLI interface

  • Open another terminal window to test CLI interface
  1. cd /opt/redis
  2. ./redis-cli -h localhost -p 6379

Setup Redis Service Management

  • Create the file /etc/init.d/redis and enter the script commands below:
    # redis this script starts and stops the redis daemon
    # chkconfig: - 85 15
    # description: redis is a non-relational database storage system.
    # processname: redis
    # config: /opt/redis/latest/conf
    # binary: /opt/redis/latest/src/redis-server
    test -x $DAEMON || exit 0
    set -e
    case "$1" in
            echo -n "Starting Redis... \n"
            echo  "\n"
             /opt/redis/latest/src/redis-server &> /dev/null &
            [ $RETVAL -eq 0 ] && touch /var/lock/subsys/redis
            echo -n "Stopping Redis... \n"
            echo  "\n"
            #killall -q /opt/redis/latest/src/redis-server
            /opt/redis/latest/src/redis-cli -p 6379 shutdown
            [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/redis
                echo "Usage: $N {start|stop}" >&2
                exit 1


  • chmod +x /etc/init.d/redis
  • chkconfig –add redis
  • chkconfig redis on
  • service redis stop
  • service redis start

Mongo DB and PHP-Mongo

22 Jan

Installing from Yum repository

  • vi /etc/yum.repos.d/10gen.repo
  • Add the following text to the 10gen.repo file
    • For 64bit CentOS
      name=10gen Repository
      baseurl=http://downloads-distro.mongodb.org/repo/redhat/os/x86_64/ gpgcheck=0


    • For 32 bit CentOs
      name=10gen Repository
      baseurl=http://downloads-distro.mongodb.org/repo/redhat/os/i686/ gpgcheck=0


  • yum remove mongo-stable mongo-stable-server mongo-stable-debuginfo
  • yum install mongo-10gen mongo-10gen-server mongo-10gen-debuginfo

Manual RPM install


Skip these steps if your Yum install was successful


Do a RPM uninstall of 32 bit
  • cd /tmp
  • rpm -U mongo-10gen-2.0.1-mongodb_1.i686.rpm
  • rpm -U mongo-10gen-server-2.0.1-mongodb_1.i686.rpm
Do a RPM uninstall of 64 bit
  • cd /tmp
  • rpm -U mongo-10gen-2.0.1-mongodb_1.x86_64.rpm
  • rpm -U mongo-10gen-server-2.0.1-mongodb_1.x86_64.rpm
Install 32 bit
Install 64 bit

Setup MongoDB service management on CentOS

  • This will automatically start/stop on system startup/shutdown
    • chkconfig mongod on

Start MongoDB

  • mkdir -p /data/db/
  • /usr/bin/mongod –journal
    => –journal needs to be manually defined on 32 bit systems and is automatically defined on 64 bit systems.

Test mongo command line client (In New Terminal Window)

  • mongo –help
  • mongo
    • Connects to localhost by default

Mongo QuickStart Tutorial

Setting up Shards

mkdir /data/db/mastera /data/db/masterb

/usr/bin/mongod –master –shardsvr –dbpath /data/db/mastera –port 10000

/usr/bin/mongod –master –shardsvr –dbpath /data/db/masterb –port 10001

mkdir /data/db/config

/usr/bin/mongod –configsvr –dbpath /data/db/config –port 20000 > /tmp/config.log &

cat /tmp/config.log

/usr/bin/mongos –configdb localhost:20000 > /tmp/config.log &

cat /tmp/config.log

Setting up Master/Slave

mkdir /data/db/slave0 /data/db/slave1 /data/db/slave2 /data/db/slave3

/usr/bin/mongod –slave –source localhost:10000 –dbpath /data/db/slave0/ –port 10002

/usr/bin/mongod –slave –source localhost:10000 –dbpath /data/db/slave1/ –port 10003

/usr/bin/mongod –slave –source localhost:10001 –dbpath /data/db/slave2/ –port 10004

/usr/bin/mongod –slave –source localhost:10001 –dbpath /data/db/slave3/ –port 10005

Install and Configure php-mongo

  • pecl install mongo
    • php mongo is installed in /usr/lib/php/modules/mongo.so
  • echo “extension=mongo.so” > /etc/php.d/mongo.ini
  • service httpd restart

PHP Mongo Tutorial


Installing NGINX and PHP-FPM on CentOS

20 Dec

We wanted to run some benchmarks comparing Apache/Mod_PHP and NGINX/PHP-FPM. Here are the steps I followed to install NGINX/PHP-FPM on our CentOS servers.

Configure Additional Yum Repositories

  • If you haven’t already added the EPEL and REMI repositories execute the following steps:
  1. Install the EPEL YUM Repository
  2. Install the REMI Yum Repository
  3. For more information see EPEL and REMI

NGINX installation

  1. yum install nginx

Install PHP packages

  1. Follow the steps specific to PHP installation at https://stansantiago.wordpress.com/2010/06/10/installing-apache-mysql-php-and-memcached-on-centos/

Install PHP-FPM

  1. yum –enablerepo=remi install php-fpm
  1. To upgrade to the latest PHP/PHP-FPM packages: yum –enablerepo=remi upgrade

Enable the NGINX and PHP-FPM as CentOS services

  1. chkconfig nginx on
  2. chkconfig php-fpm on

NGINX and PHP configuration changes

nginx.conf changes

  • Add the following fastcgi settings in the location for php section in the nginx.conf file:


            # pass the PHP scripts to FastCGI server listening on
            location ~ \.php$ {
                root /usr/share/nginx/html;
                fastcgi_index  index.php;
                #fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
                fastcgi_param  SCRIPT_FILENAME  $fastcgi_script_name;
                fastcgi_intercept_errors off;
                include        fastcgi_params;

php.ini changes

  • Set log_error On in php.ini to enable php error logging.
    • The error output will be written to /var/log/httpd/error_log

NGINX Troubleshooting

  • If you see an error in the log file related to eventfd() and you are unable to access a web page, you will
    have to build NGINX from source
    • Install pre-reqs
      • yum install libaio libaio-devel
    • Download latest version of PCRE from http://www.pcre.org/ and extract under /opt/pcre
    • Download latest version of NGINX from http://nginx.org/en/download.html under /opt/nginx
    • Build nginx
      • cd /opt/nginx/nginx-XX
      • ./configure –with-pcre=/opt/pcre/pcre-XX
      • make
      • make install
  • The nginx scripts and config files are installed under /usr/local/nginx
  • If you already have installed NGINX using the yum method you can update /etc/init.d/nginx to point to the nginx executable
    and configuration under /usr/local/nginx

Important file2 and directory locations after installation


  • /etc/nginx/nginx.conf (NGINX Configuration file)
  • /usr/share/nginx/html (NGINX Document Root)
  • /var/log/nginx/* (NGINX Log Files)


  • /etc/php-fpm.conf
  • /etc/php-fpm.d/www.conf


  • /etc/php.ini (Php INI file)

Start/Stop Scripts

  1. NGINX
    1. service nginx stop
    2. service nginx start
    3. service nginx restart
  2. PHP-FPM (Used with NGINX)
    1. service php-fpm stop
    2. service php-fpm start
    3. service php-fpm restart


  1. PHP-FPM configuration
  2. PHP-FPM vs FastCGI comparison
  3. http://www.cyberciti.biz/faq/rhel-fedora-install-configure-nginx-php5/
  4. http://vladgh.com/blog/install-nginx-and-php-533-php-fpm-mysql-and-apc

Rsync tips…

9 Oct

rsync if not installed:

    • On CentOS: yum install rsync

Commands to synchronize servers:

  • Synchronize deploy_server/ (destination) with source_server/ (source)
    • Rsync Tips
      • The leading “/” in the source directory is significant
      • Replace myuserid with your userid
    • Source Code
      • rsync -rav -e “ssh -l myuserid” /opt/myapp
    • Xhprof
      • rsync -r -a -v -e “ssh -l myuserid” /opt/xhprof/xhprof-0.9.2
    • PHP.ini
      • rsync -rav -e “ssh -l myuserid” /etc/php.ini
      ***rsync -rav -e “ssh -l myuserid” /etc/httpd/conf/httpd.conf
    • NGINX
      ***rsync -rav -e “ssh -l myuserid” /etc/nginx/nginx.conf


Installing Apache, MySQL, PHP and Memcached on CentOS

10 Jun


This page covers installation and configuration of Apache, MySQL, PHP and Memcached.

Configure Additional Yum Repositories

  1. Install the EPEL YUM Repository
  1. Install the REMI Yum Repository
  2. For more information see EPEL and REMI

MySQL installation

Install MySQL packages

    1. yum –enablerepo=remi install mysql-server mysql mysql-devel
    2. chkconfig mysqld on (enables /etc/init.d/mysqld to run at startup)
    3. /etc/init.d/mysqld start OR service mysqld start

Setup MYSQL users:

    1. Setup a user/password for localhost. Replace ‘XXXXX’ with password.
      1. /usr/bin/mysqladmin -u root password ‘XXXXX’
    2. Setup remote users. Replace ‘XXXXX’ with password

      Setup Localhost user

      #mysql -p
      Enter password:
      Welcome to the MySQL monitor.  Commands end with ; or \g.
      Your MySQL connection id is 6
      Server version: 5.0.77 Source distribution
      Type 'help;' or '\h' for help. Type '\c' to clear the buffer.
      mysql> CREATE USER 'root'@'' IDENTIFIED BY 'XXXXX';
      Query OK, 0 rows affected (0.00 sec)
      mysql> CREATE USER 'root'@'' IDENTIFIED BY 'XXXXX';
      Query OK, 0 rows affected (0.00 sec)
      Query OK, 0 rows affected (0.01 sec)
      Query OK, 0 rows affected (0.00 sec)
      Query OK, 0 rows affected (0.00 sec)

Memcached (server-side) installation

Install Memcached packages

    1. yum install libevent
    2. yum install memcached
    3. chkconfig memcached on (enables /etc/init.d/memcached to run at startup)

To start Memcached

  1. Add memcached startup options to /etc/sysconfig/memcached


    1. To start memcached:
      1. /etc/init.d/memcached start OR service memcached on
    2. Listens on port 11211 with memory size of 2GG

Apache Installation

  • yum install httpd
  • chkconfig httpd on (enables /etc/init.d/httpd to run at startup)
  • /etc/init.d/httpd start OR service httpd start

PHP Installation

The following PHP packages will be installed:

  • php
  • mysql (Mysql CLI)
  • php-mysql
  • php-bcmath
  • php-xml
  • APC
    • php-pear
    • php-devel
    • httpd-devel
  • Memcache (client side)
    • zlib-devel (this is a prerequisite for the pecl memcache client library)

Install the PHP packages

Install all packages except APC.
  1. yum –enablerepo=remi install php mysql php-mysql php-bcmath php-xml
  1. To upgrade to the latest PHP/PHP-FPM packages: yum –enablerepo=remi upgrade
Install APC support.
  1. yum –enablerepo=remi install php-pear php-devel httpd-devel
  2. pear install pecl/apc-beta
  3. echo “extension=apc.so” > /etc/php.d/apc.ini
Install Memcache (client side) support.
  1. yum install zlib-devel
  2. pear install pecl/memcache
  3. echo “extension=memcache.so” > /etc/php.d/memcache.ini
Install Memcached (client-side) support.
  1. These three packages are required for the next step to build the libmemcached source code:
    1. yum install libevent memcached gcc-c++
  2. Download the latest version from http://libmemcached.org:
    1. mkdir /opt/libmemcached
    2. cd /opt/libmemcached
    3. wget http://launchpad.net/libmemcached/1.0/0.42/+download/libmemcached-0.42.tar.gz
    4. tar xvfz libmemcached-0.42.tar.gz
    5. cd libmemcached-0.42
    6. ./configure
    7. make
    8. make install (installs the libmemcached files to /usr/local)
  3. Next install the pecl/memcached client
    1. yum install zlib-devel (not required if you already installed it as part of memcache (client-side) support)
    2. pear install pecl/memcached
    3. echo “extension=memcached.so” > /etc/php.d/memcached.ini
Install PCRE
  1. yum install pcre pcre-devel
Compile and Install Bstrlib
  1. Download and extract the bstrlib source code from http://bstring.sourceforge.net/
  2. After extracting run the following commands to compile and install the package
    1. gcc -c -fPIC -O3 bstrlib.c -o bstrlib.o
      1. Note: -fPIC is required for 64bit systems. Optional otherwise.
    2. ar rcs libbstrlib.a bstrlib.o
    3. cp libbstrlib.a /usr/lib

Installing rpc.rstatd for remote performance monitoring

  1. yum install rusers-server
  2. chkconfig rstatd on
  3. /etc/init.d/rstatd start
  • We’ll be using HP LoadRunner for performance testing. rstatd is required by Loadrunner for Unix kernel performance metrics.
  • See http://www.pirzyk.org/?p=504 for more details on rstatd

Configuring SELinux on CentOS to enable Apache remote networking

This step is required otherwise PHP won’t be able to connect to a remote MySQL instance.

  • setsebool -P httpd_can_network_connect true