Linux sever building

Click here to load reader

  • date post

  • Category


  • view

  • download


Embed Size (px)



Transcript of Linux sever building

  • EdmondYu, 2013.4.26, [email protected]
  • Linux server Select the hardware and distribution Security systemLAMPWeb API
  • Rent server from IDCInfrastructure as a Service (IaaS) Amazon DigitalOcean Platform as a Service (PaaS) OpenShift
  • Linux Distribution Timeline Redhat Enterprise LinuxCentOSCommunity ENTerprise Operating System
  • Command Linevim bd a.txt b.txtgit log SmymodificationTUI (Text-based User Interface)gdb tui myappgit log graphGUILot of tools have no GUIGUI has bug
  • Kernel-based Virtual Machine (KVM) is avirtualization infrastructure for the Linux kernelincluded in mainline Linux, as of 2.6.20 kvm.ko, kvm-intel.ko QEMU(qemu-kvm) can make use of KVM whenrunning a target architecture that is the same asthe host architectureqemu-img create -f qcow2 vdisk.img 10Gqemu-system -hda vdisk.img -cdrom /boot-media.iso -boot d -m 384
  • Daemon is a process run in background. two types of daemon:1. xinetd (extended Internet daemon) super-server daemon which runs onmany Unix-like systems and manages Internet-based connectivity.2. httpd, sshd etc. Use fork to create subprocess Run The demo: nc localhost 20011
  • Disable root account in sshd Disable ports Anti- attack( OS level using Iptables) Anti- attack (Application level) Selinux(Security Enhanced Linux)ls -alZ /var/www/htmlgetsebool agetsebool -a|fgrep httpallow_httpd_anon_write --> offallow_httpd_mod_auth_ntlm_winbind --> offallow_httpd_mod_auth_pam --> offallow_httpd_sys_script_anon_write --> offhttpd_can_network_connect --> offhttpd_can_sendmail --> off
  • Linux kernel firewall andthe chains and rules itstores.#iptables -I INPUT -p tcp --dport 80 -j ACCEPT#iptables -I INPUT -p tcp --dport 443 -j ACCEPT#iptables-save
  • a tool to transfer data from or to a server, usingone of the supported protocols (HTTP, HTTPS,FTP, FTPS, SCP, SFTP, TFTP, DICT,TELNET,LDAP or FILE) Cross-platform, libcurl, Trace the protocol curl v O
  • Linux server Select the hardware and distribution Security systemLAMPWeb API
  • Apachehttpd vs Apache Software FoundationApache license: business-friendIndustry open source software, Lucene, Chemistry
  • Apache HTTP server started from1995. In 2009 it became the first web server software to surpass the 100million website milestone Implemented as compiled modules to extend the core functionalityphp, perl( , python( A module to deploy an ASP.NET application with Mono MultiProcessing Modules1a process-based, 2hybrid (process and thread)3event-hybrid modeTo use the event MPM, add --with-mpm=event to the configurescripts arguments when building the httpd.
  • PHP is a server-side scripting languagedesigned for web development Extension PECL is a repository for PHP Extensions yum install gcc make php-pear pecl install mongo Extensions in Zend Repos yum search php|fgrep "extension"
  • MongoDB stores structured data as JSON-likedocuments with dynamic schemas offersimplicity and power. Installation Configure yum 10gen repos yum install mongo-10gen mongo-10gen-server chkconfg mongod on Service mongod start Self-installation: $ nohup ./mongod & Or run command ./mongod & in /etc/init.d/rc.local Demo
  • VsftpVery Secure FTPD is a *nix FTP ServerWiki server:CentOS + Apache+MySQL+PHP, Perl
  • Linux server Select the hardware and distribution Security systemLAMPWeb API
  • Review the http protocol curl -X GET -v> GET HTTP/1.1> User-Agent: curl/7.24.0 (x86_64-redhat-linux-gnu) libcurl/7.24.0 NSS/ zlib/1.2.5 libidn/1.24libssh2/1.4.1> Host:> Accept: */* Proxy-Connection: Keep-Alive List of HTTP header fields, real case about http header: Cache-Control: no-cache HTTP methods and CRUD(Create,Read, Update, and Delete)operations To create a resource on the server, use POST. To retrieve a resource, use GET. To change the state of a resource or to update it, use PUT. To remove or delete a resource, use DELETE
  • a REST(Representational State Transfer) Webservice follows four basic design principles: Use HTTP methods explicitly. Be stateless. Expose directory structure-like URIs. Transfer XML, JavaScript Object Notation (JSON), or both.
  • curl -X GET -vcurl --data "name=aaa&tel=00000" -X DELETE --data "name=aaa&tel=00000" -X PUT -d "phone=1-800-999-9999" http
  • Restful API -> php -> mongo
  • Which is the daemon process, which is thesubprocess? What is TUI? List the languages apache which support. What is the fireware name? How to quickly create a daemon service?