|
The purpose of this document is to provide comprehensive
information on how to prepare Linux and Unix servers for the installation of H-Sphere
components by the Positive Software team or by customers themselves.
It covers the following topics:
Please also read the following:
Note: We don't install H-Sphere on live servers and we
don't take responsibility if your functional services go down
during the H-Sphere installation.
Preferred Operating Systems
Before requesting H-Sphere installation, make sure
to install one of the following operating systems:
a) Linux RedHat 7.2, 7.3, RedHat Enterprise Linux, RedHat Advanced Server
Note: Versions earlier than Linux RedHat 7.2 as well as version 8.0 and 9.0 are not supported by H-Sphere
b) FreeBSD 4.x starting from version 4.3
We also recommend that you read a
related discussion
in our forum.
HDD Partitioning
Although latest versions of RedHat suggest ext3 partition
as the default, we recommend installing H-Sphere Web Boxes users directories
to ext2 partitions. Time has shown that ext3 often causes disk quota to fail,
especially with RedHat earlier than 7.3.
H-Sphere is installed to the /hsphere directory. It
can be located on any partition, preferably other than root, and
a symlink to this directory is created, e.g.:
# mkdir -p /home/hsphere
# ln -s /home/hsphere /hsphere
The ideal solution, however, is to dedicate a partition
solely to H-Sphere files and mount it as /hsphere. As the result,
you should have at least two partitions, / and /home.
Having only one partition can cause certain problems. For instance,
if disk quota gets damaged, you cannot repair it without server
reboot and fsck check in the single user mode.
One Server Installation
If you are installing H-Sphere to one box, make sure to
have at least two IPs available, because some features (like OpenSRS)
require at least two DNS servers.
Click here for details.
Also, note that on one server installations the postgresql hosting
feature isn't included, because of the H-Sphere system database.
If you are going to install H-Sphere to one box, consider
the following example for a computer with 20 GB HDD:
/root partition 0.5 - 1.5 GB (/etc, /tmp, /root)
/usr 1.5 - 3 GB
/var 3 - 5 GB - used for mail and MySQL files
/hsphere (or /home) - the remaining disk space for H-Sphere installation
and hosting: the more users, the more disk space is required. If
you want to have SiteStudio, it will also be installed onto this
partition. However, this will require at least 512 RAM and a 500MHz processor.
In addition, you can create a separate mail partition
for the H-Sphere mail system. Its size will depend on your mail
quotas for users and the number of mailboxes.
Multiple Server Installation
If you have three boxes, it is recommended to put your
control panel on a separate box. Consider the following partitioning
scheme for a three-server configuration:
1) Control Panel:
The partitioning requirements are the same as those for the
operating system. This box will have the H-Sphere control panel,
system database, and SiteStudio.
2) Web + DNS2:
/ -500 MB - /etc, /tmp, /root
/usr -3GB
/var -3GB
/hsphere - takes the rest of the space and is the biggest partition
3) Mail + DNS1 + MySQL+PostgreSQL:
/ -500 MB
/usr -3GB
/var - takes the rest of the space for mail and MySQL files.
There are no more requirements to partitioning the servers, just
make sure there is enough disk space to store user and other H-Sphere
data.
Required Components and Configuration
Prior to the installation, make sure your server has
the following:
OpenSSH
- Install OpenSSH package on each H-Sphere box.
You can use standard RPMs under Linux or packages under FreeBSD.
Usually, the standard Linux and FreeBSD installations contain
the OpenSSH package, you can use it without any restrictions.
However, we recommend to update the package to the last version.
SSH keys need to be configured under the cpanel user.
- To enable Permit Root Login, open file /etc/ssh/sshd_config
and uncomment the line:
PermitRootLogin yes
Make sure PermitRootLogin is set to yes. Then restart SSH:
/etc/rc.d/init.d/sshd restart
- Make sure that the .ssh directory has permissions 700
and the authorized_keys and authorized_keys2
files have permissions 600.
- Enable the OpenSSH daemon start at server startup.
- Start the OpenSSH daemon.
Disk Quota
Enable the disk quota feature on each H-Sphere web server
by doing the following steps:
- Log in as root.
- Insert the usrquota directive (userquota for FreeBSD) into the /etc/fstab file
for the corresponding partition. On Linux, it must look similar to this:
LABEL=/hsphere /hsphere ext2 defaults,usrquota 1 1
On FreeBSD, it must look similar to this:
LABEL=/hsphere /hsphere ext2 defaults,userquota 1 1
- Execute the following commands:
quotaoff /partition_with_userquota_enabled
mount -o remount /partition_with_userquota_enabled (Linux only, skip this line with FreeBSD)
rm -rf /partition_with_userquota_enabled/aquota.user /partition_with_userquota_enabled/quota.user
quotacheck /partition_with_userquota_enabled
quotaon /partition_with_userquota_enabled
Warning: we don't recommend enabling the disk quota feature on root partitions.
Use other partitions for this! Since it is not recommended to switch this feature on for
the root partition, we advise not to place H-Sphere files on the root partition.
There is no need to enable disk quota on other H-Sphere boxes.
If you want to have H-Sphere installed under FreeBSD, disk quota must be enabled in a
kernel configuration.
Note: quota versions can have some differences on different OSs.
You may need to execute the quotacheck command with some
additional parameters. Please read the command manual before
performing this action.
Ports
In your firewall settings, open the following ports in both directions and
specify the connection type - tcp or udp or both.
* We need that firewall be configured by our customers.
| Port |
Usage |
CP Server |
Web Server |
Mail Server |
DNS Server |
MySQL Server |
PGSQL Server |
Real Server |
Windows Server |
MS SQL Server |
| 20 |
FTP-DATA |
tcp |
tcp |
|
|
|
|
|
tcp |
|
| 21 |
FTP |
tcp |
tcp |
|
|
|
|
|
tcp |
|
| 22 |
SSH |
tcp |
tcp |
tcp |
tcp |
tcp |
tcp |
tcp |
|
|
| 25 |
SMTP |
|
|
tcp |
|
|
|
|
tcp |
|
| 53 |
DNS |
|
|
|
tcp and udp * |
|
|
|
|
|
| 80 |
HTTP |
|
tcp |
tcp |
|
|
|
tcp |
tcp |
tcp |
| 110 |
POP |
|
|
tcp |
|
|
|
|
|
|
| 143 |
IMAP |
|
|
tcp |
|
|
|
|
|
|
| 443 |
HTTPS |
|
tcp |
|
|
|
|
|
tcp |
|
| 873 |
RSYNC |
tcp between H-Sphere servers |
tcp between H-Sphere servers |
tcp between H-Sphere servers |
tcp between H-Sphere servers |
tcp between H-Sphere servers |
tcp between H-Sphere servers |
tcp between H-Sphere servers |
tcp between H-Sphere servers |
tcp between H-Sphere servers |
| 1433 |
MS SQL |
|
|
|
|
|
|
|
tcp |
tcp |
| 1922 |
IMAGEMAKER |
tcp for localhost only |
|
|
|
|
|
|
|
|
| 3306 |
MySQL |
|
|
|
|
tcp |
|
|
tcp |
|
| 3389 |
Terminal Service |
|
|
|
|
|
|
|
tcp |
tcp |
| 5432 |
Postgres |
|
|
|
|
|
tcp |
|
tcp |
|
| 5631 |
pcAnywhere |
|
|
|
|
|
|
|
tcp (optional) |
tcp (optional) |
| 8007 |
Apache JServ |
tcp for localhost only |
|
|
|
|
|
|
|
|
| 8080 |
HTTP |
tcp |
|
|
|
|
|
|
|
|
| 8443 |
SSL |
tcp |
|
|
|
|
|
|
|
|
| 55000 |
OpenSRS |
tcp (if used) |
|
|
|
|
|
|
|
|
* For highest security, open:
- udp permanently;
- tcp worldwide during H-Sphere installation and post-installation tests;
- tcp between H-Sphere DNS servers permanently.
DNS Server
If your DNS server is using bind 8.x, it can be
upgraded to run with H-Sphere, but old domains would still have to
be managed by hand. Please agree your DNS server upgrade with
our installation team.
* As of now we don't provide support for Reverse DNS configuration.
gcc Compiler
Make sure you have gcc compiler installed on each box.
compat3x package
On FreeBSD 4.X servers, make sure to have the compat3x package installed
for compatibility with 3.x. To diagnose if your compat3x is missing, run
/stand/sysinstall
and then go to Configure -> Distributions
|
