root / doc / source / install.rst @ 228b82fe
History | View | Annotate | Download (6.6 kB)
1 |
staLUN installation instructions |
---|---|
2 |
================================ |
3 |
|
4 |
Below is an example installation process on a basic system with the following conditions: |
5 |
|
6 |
* Standard Debian system |
7 |
* Nginx as reverse proxy |
8 |
* Gunicorn as WSGI server |
9 |
* Mysql as database |
10 |
* Memcached as caching system |
11 |
* ProFTPd to receive data sent from the EMC |
12 |
|
13 |
but all of the steps should be easily adapted for other setups. Note that python-django-taggit is |
14 |
only packaged in Debian Jessie and later - for Wheezy or earlier you must install it manually by |
15 |
e.g. easy_install |
16 |
|
17 |
:: |
18 |
|
19 |
==== ON THE STALUN HOST ==== |
20 |
|
21 |
aptitude install python-django python-django-taggit python-rrdtool python-numpy python-memcache \ |
22 |
python-gevent python-simplejson python-django-south python-mysqldb \ |
23 |
nginx-light gunicorn mysql-server mysql-client memcached proftpd-basic git |
24 |
[..set root mysql passwd when asked..] |
25 |
[..set to run proftpd from inetd when asked..] |
26 |
|
27 |
cd [..PARENT OF INSTALL DIR..] |
28 |
|
29 |
git clone https://code.grnet.gr/git/stalun |
30 |
|
31 |
cd stalun |
32 |
|
33 |
cp settings.py.dist settings.py |
34 |
$EDITOR settings.py |
35 |
[..standard django edits, and ensure the password is the same as the one used in the database |
36 |
setup below, and $EMC_STATS_DIR is the same as in the ftpd setup below..] |
37 |
|
38 |
cp apache/django.wsgi.dist apache/django.wsgi |
39 |
$EDITOR apache/django.wsgi |
40 |
|
41 |
mysql -u root -p << EOF |
42 |
create database stalun; |
43 |
create user 'stalun'@'localhost' identified by '[..PASSWORD..]'; |
44 |
grant all on 'stalun'.* to 'stalun'@'localhost' identified by '[..PASSWORD..]'; |
45 |
flush privileges; |
46 |
EOF |
47 |
|
48 |
./manage.py syncdb |
49 |
|
50 |
./manage.py migrate |
51 |
|
52 |
$EDITOR /etc/nginx/sites-available/stalun |
53 |
==8<== |
54 |
server { |
55 |
listen 80; ## listen for ipv4 |
56 |
listen [::]:80; ## listen for ipv6 |
57 |
server_name stalun.domain.com; |
58 |
root /usr/share/nginx/www; |
59 |
index index.html index.htm; |
60 |
access_log /var/log/nginx/stalun.access.log; |
61 |
error_log /var/log/nginx/stalun.error.log; |
62 |
location / { |
63 |
return 301 https://stalun.domain.com; |
64 |
} |
65 |
location /nginx_status { |
66 |
stub_status on; |
67 |
access_log off; |
68 |
allow 127.0.0.1; |
69 |
allow ::1; |
70 |
deny all; |
71 |
} |
72 |
} |
73 |
server { |
74 |
listen 443; ## listen for ipv4 |
75 |
listen [::]:443; ## listen for ipv6 |
76 |
server_name stalun.domain.com; |
77 |
access_log /var/log/nginx/stalun-ssl.access.log; |
78 |
error_log /var/log/nginx/stalun-ssl.error.log; |
79 |
ssl on; |
80 |
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; |
81 |
ssl_prefer_server_ciphers on; |
82 |
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256; |
83 |
ssl_session_cache shared:SSL:10m; |
84 |
ssl_session_timeout 10m; |
85 |
ssl_dhparam /etc/ssl/dhparams-2048.pem; |
86 |
ssl_certificate /etc/ssl/certs/stalun_domain_com-chained.crt; |
87 |
ssl_certificate_key /etc/ssl/private/stalun_domain_com.key; |
88 |
keepalive_timeout 60; |
89 |
# HSTS support on nginx, max-age 1 month |
90 |
add_header Strict-Transport-Security max-age=2592000; |
91 |
location /static { |
92 |
root /srv/stalun/public; |
93 |
} |
94 |
location / { |
95 |
proxy_pass http://127.0.0.1:8090; |
96 |
allow [..EXAMPLE IPv4 RANGE..]; |
97 |
allow [..EXAMPLE IPv6 RANGE..]; |
98 |
deny all; |
99 |
} |
100 |
} |
101 |
==>8== |
102 |
|
103 |
ln -s /etc/nginx/sites-available/stalun /etc/nginx/sites-enabled/stalun |
104 |
|
105 |
service nginx restart |
106 |
|
107 |
$EDITOR /etc/gunicorn.d/stalun |
108 |
==8<== |
109 |
CONFIG = { |
110 |
'mode': 'django', |
111 |
'working_dir': '[..INSTALL_DIR..]', |
112 |
'user': 'www-data', |
113 |
'group': 'www-data', |
114 |
'args': ( |
115 |
'--bind=127.0.0.1:8090', |
116 |
'--workers=2', |
117 |
'--timeout=30', |
118 |
'--debug', |
119 |
'--log-level=debug', |
120 |
'--log-file=/var/log/gunicorn/stalun.log', |
121 |
), |
122 |
} |
123 |
==>8== |
124 |
|
125 |
service gunicorn restart |
126 |
|
127 |
$EDITOR /etc/proftpd/conf.d/emc-stats.conf |
128 |
==8<== |
129 |
<Anonymous [..EMC_STATS_DIR..]> |
130 |
User ftp |
131 |
Group nogroup |
132 |
UserAlias anonymous ftp |
133 |
DirFakeUser on ftp |
134 |
DirFakeGroup on ftp |
135 |
RequireValidShell off |
136 |
MaxClients 10 |
137 |
DisplayLogin welcome.msg |
138 |
DisplayChdir .message |
139 |
<Directory *> |
140 |
<Limit WRITE> |
141 |
DenyAll |
142 |
</Limit> |
143 |
</Directory> |
144 |
<Directory incoming> |
145 |
Umask 022 022 |
146 |
<Limit READ WRITE> |
147 |
DenyAll |
148 |
</Limit> |
149 |
<Limit STOR> |
150 |
AllowAll |
151 |
</Limit> |
152 |
</Directory> |
153 |
</Anonymous> |
154 |
==>8== |
155 |
|
156 |
service proftpd restart |
157 |
|
158 |
|
159 |
==== ON THE EMC ==== |
160 |
|
161 |
$EDITOR lun-stats.sh |
162 |
==8<== |
163 |
#!/bin/sh |
164 |
HOMEDIR='/home/[..USER..]' |
165 |
STATSDIR='emc-stats' |
166 |
FTPHOSTS='[..STALUN_HOST..]' |
167 |
FTPUPDIR='incoming/' |
168 |
FULLDIR=$HOMEDIR/$STATSDIR |
169 |
[ -d $FULLDIR ] || mkdir -p $FULLDIR |
170 |
DATE=`date +%s` |
171 |
/nas/sbin/navicli -h spa getlun -name -brw -rwr >$FULLDIR/lun-stats.out-$DATE |
172 |
echo $DATE >$FULLDIR/lun-stats.mid-$DATE |
173 |
echo "LUN,Blocks Read,Blocks Write,Read Reqs,Write Reqs," >>$FULLDIR/lun-stats.mid-$DATE |
174 |
sed -e '/LOGICAL UNIT NUMBER/d' \ |
175 |
-e '/Name *LUN.*/,+5d' \ |
176 |
-e 's/Name *Celerra_NS-480_\(\w*\).*/\1/g' \ |
177 |
-e 's/Blocks \(read\|written\): *\(\w*\)/\2/g' \ |
178 |
-e 's/\(Read\|Write\) Requests: *\(\w*\)/\2/g' \ |
179 |
$FULLDIR/lun-stats.out-$DATE >>$FULLDIR/lun-stats.mid-$DATE |
180 |
cat $FULLDIR/lun-stats.mid-$DATE | sed -e '1n;2n;N;N;N;N;N;s/\n/,/g' | \ |
181 |
egrep -v "0,0,0" >$FULLDIR/lun-stats.final.out-$DATE |
182 |
rm -f $FULLDIR/lun-stats.out-$DATE |
183 |
rm -f $FULLDIR/lun-stats.mid-$DATE |
184 |
cd $HOMEDIR |
185 |
for ftphost in $FTPHOSTS; do |
186 |
lftp $ftphost <<EOF |
187 |
cd $FTPUPDIR |
188 |
mput -c $STATSDIR/lun-stats.final.out-* |
189 |
EOF |
190 |
done |
191 |
mv $FULLDIR/lun-stats.final.out-* $FULLDIR/sent/ |
192 |
==>8== |
193 |
|
194 |
$EDITOR lun-stats-archive.sh |
195 |
==8<== |
196 |
#!/bin/sh |
197 |
HOMEDIR='/home/[..USER..]' |
198 |
STATSDIR='emc-stats' |
199 |
FULLDIR=$HOMEDIR/$STATSDIR/sent |
200 |
DATE=`date +%Y%m%d` |
201 |
find $HOMEDIR/$STATSDIR/sent -print0 -mtime +30 | \ |
202 |
tar -zcvf /$HOMEDIR/$STATSDIR/sent-monthly-$DATE.tar.gz -T - |
203 |
find $HOMEDIR/$STATSDIR/sent -mtime +30 -delete |
204 |
==>8== |
205 |
|
206 |
crontab -e |
207 |
==8<== |
208 |
*/5 * * * * /home/[..USER..]/lun-stats.sh |
209 |
30 3 1 * * /home/[..USER..]/lun-stats-archive.sh |
210 |
==>8== |