root / doc / source / install.rst @ 228b82fe
History | View | Annotate | Download (6.6 kB)
| 1 |
staLUN installation instructions |
|---|---|
| 2 |
================================ |
| 3 |
|
| 4 |
Below is an example installation process on a basic system with the following conditions: |
| 5 |
|
| 6 |
* Standard Debian system |
| 7 |
* Nginx as reverse proxy |
| 8 |
* Gunicorn as WSGI server |
| 9 |
* Mysql as database |
| 10 |
* Memcached as caching system |
| 11 |
* ProFTPd to receive data sent from the EMC |
| 12 |
|
| 13 |
but all of the steps should be easily adapted for other setups. Note that python-django-taggit is |
| 14 |
only packaged in Debian Jessie and later - for Wheezy or earlier you must install it manually by |
| 15 |
e.g. easy_install |
| 16 |
|
| 17 |
:: |
| 18 |
|
| 19 |
==== ON THE STALUN HOST ==== |
| 20 |
|
| 21 |
aptitude install python-django python-django-taggit python-rrdtool python-numpy python-memcache \ |
| 22 |
python-gevent python-simplejson python-django-south python-mysqldb \ |
| 23 |
nginx-light gunicorn mysql-server mysql-client memcached proftpd-basic git |
| 24 |
[..set root mysql passwd when asked..] |
| 25 |
[..set to run proftpd from inetd when asked..] |
| 26 |
|
| 27 |
cd [..PARENT OF INSTALL DIR..] |
| 28 |
|
| 29 |
git clone https://code.grnet.gr/git/stalun |
| 30 |
|
| 31 |
cd stalun |
| 32 |
|
| 33 |
cp settings.py.dist settings.py |
| 34 |
$EDITOR settings.py |
| 35 |
[..standard django edits, and ensure the password is the same as the one used in the database |
| 36 |
setup below, and $EMC_STATS_DIR is the same as in the ftpd setup below..] |
| 37 |
|
| 38 |
cp apache/django.wsgi.dist apache/django.wsgi |
| 39 |
$EDITOR apache/django.wsgi |
| 40 |
|
| 41 |
mysql -u root -p << EOF |
| 42 |
create database stalun; |
| 43 |
create user 'stalun'@'localhost' identified by '[..PASSWORD..]'; |
| 44 |
grant all on 'stalun'.* to 'stalun'@'localhost' identified by '[..PASSWORD..]'; |
| 45 |
flush privileges; |
| 46 |
EOF |
| 47 |
|
| 48 |
./manage.py syncdb |
| 49 |
|
| 50 |
./manage.py migrate |
| 51 |
|
| 52 |
$EDITOR /etc/nginx/sites-available/stalun |
| 53 |
==8<== |
| 54 |
server {
|
| 55 |
listen 80; ## listen for ipv4 |
| 56 |
listen [::]:80; ## listen for ipv6 |
| 57 |
server_name stalun.domain.com; |
| 58 |
root /usr/share/nginx/www; |
| 59 |
index index.html index.htm; |
| 60 |
access_log /var/log/nginx/stalun.access.log; |
| 61 |
error_log /var/log/nginx/stalun.error.log; |
| 62 |
location / {
|
| 63 |
return 301 https://stalun.domain.com; |
| 64 |
} |
| 65 |
location /nginx_status {
|
| 66 |
stub_status on; |
| 67 |
access_log off; |
| 68 |
allow 127.0.0.1; |
| 69 |
allow ::1; |
| 70 |
deny all; |
| 71 |
} |
| 72 |
} |
| 73 |
server {
|
| 74 |
listen 443; ## listen for ipv4 |
| 75 |
listen [::]:443; ## listen for ipv6 |
| 76 |
server_name stalun.domain.com; |
| 77 |
access_log /var/log/nginx/stalun-ssl.access.log; |
| 78 |
error_log /var/log/nginx/stalun-ssl.error.log; |
| 79 |
ssl on; |
| 80 |
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; |
| 81 |
ssl_prefer_server_ciphers on; |
| 82 |
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256; |
| 83 |
ssl_session_cache shared:SSL:10m; |
| 84 |
ssl_session_timeout 10m; |
| 85 |
ssl_dhparam /etc/ssl/dhparams-2048.pem; |
| 86 |
ssl_certificate /etc/ssl/certs/stalun_domain_com-chained.crt; |
| 87 |
ssl_certificate_key /etc/ssl/private/stalun_domain_com.key; |
| 88 |
keepalive_timeout 60; |
| 89 |
# HSTS support on nginx, max-age 1 month |
| 90 |
add_header Strict-Transport-Security max-age=2592000; |
| 91 |
location /static {
|
| 92 |
root /srv/stalun/public; |
| 93 |
} |
| 94 |
location / {
|
| 95 |
proxy_pass http://127.0.0.1:8090; |
| 96 |
allow [..EXAMPLE IPv4 RANGE..]; |
| 97 |
allow [..EXAMPLE IPv6 RANGE..]; |
| 98 |
deny all; |
| 99 |
} |
| 100 |
} |
| 101 |
==>8== |
| 102 |
|
| 103 |
ln -s /etc/nginx/sites-available/stalun /etc/nginx/sites-enabled/stalun |
| 104 |
|
| 105 |
service nginx restart |
| 106 |
|
| 107 |
$EDITOR /etc/gunicorn.d/stalun |
| 108 |
==8<== |
| 109 |
CONFIG = {
|
| 110 |
'mode': 'django', |
| 111 |
'working_dir': '[..INSTALL_DIR..]', |
| 112 |
'user': 'www-data', |
| 113 |
'group': 'www-data', |
| 114 |
'args': ( |
| 115 |
'--bind=127.0.0.1:8090', |
| 116 |
'--workers=2', |
| 117 |
'--timeout=30', |
| 118 |
'--debug', |
| 119 |
'--log-level=debug', |
| 120 |
'--log-file=/var/log/gunicorn/stalun.log', |
| 121 |
), |
| 122 |
} |
| 123 |
==>8== |
| 124 |
|
| 125 |
service gunicorn restart |
| 126 |
|
| 127 |
$EDITOR /etc/proftpd/conf.d/emc-stats.conf |
| 128 |
==8<== |
| 129 |
<Anonymous [..EMC_STATS_DIR..]> |
| 130 |
User ftp |
| 131 |
Group nogroup |
| 132 |
UserAlias anonymous ftp |
| 133 |
DirFakeUser on ftp |
| 134 |
DirFakeGroup on ftp |
| 135 |
RequireValidShell off |
| 136 |
MaxClients 10 |
| 137 |
DisplayLogin welcome.msg |
| 138 |
DisplayChdir .message |
| 139 |
<Directory *> |
| 140 |
<Limit WRITE> |
| 141 |
DenyAll |
| 142 |
</Limit> |
| 143 |
</Directory> |
| 144 |
<Directory incoming> |
| 145 |
Umask 022 022 |
| 146 |
<Limit READ WRITE> |
| 147 |
DenyAll |
| 148 |
</Limit> |
| 149 |
<Limit STOR> |
| 150 |
AllowAll |
| 151 |
</Limit> |
| 152 |
</Directory> |
| 153 |
</Anonymous> |
| 154 |
==>8== |
| 155 |
|
| 156 |
service proftpd restart |
| 157 |
|
| 158 |
|
| 159 |
==== ON THE EMC ==== |
| 160 |
|
| 161 |
$EDITOR lun-stats.sh |
| 162 |
==8<== |
| 163 |
#!/bin/sh |
| 164 |
HOMEDIR='/home/[..USER..]' |
| 165 |
STATSDIR='emc-stats' |
| 166 |
FTPHOSTS='[..STALUN_HOST..]' |
| 167 |
FTPUPDIR='incoming/' |
| 168 |
FULLDIR=$HOMEDIR/$STATSDIR |
| 169 |
[ -d $FULLDIR ] || mkdir -p $FULLDIR |
| 170 |
DATE=`date +%s` |
| 171 |
/nas/sbin/navicli -h spa getlun -name -brw -rwr >$FULLDIR/lun-stats.out-$DATE |
| 172 |
echo $DATE >$FULLDIR/lun-stats.mid-$DATE |
| 173 |
echo "LUN,Blocks Read,Blocks Write,Read Reqs,Write Reqs," >>$FULLDIR/lun-stats.mid-$DATE |
| 174 |
sed -e '/LOGICAL UNIT NUMBER/d' \ |
| 175 |
-e '/Name *LUN.*/,+5d' \ |
| 176 |
-e 's/Name *Celerra_NS-480_\(\w*\).*/\1/g' \ |
| 177 |
-e 's/Blocks \(read\|written\): *\(\w*\)/\2/g' \ |
| 178 |
-e 's/\(Read\|Write\) Requests: *\(\w*\)/\2/g' \ |
| 179 |
$FULLDIR/lun-stats.out-$DATE >>$FULLDIR/lun-stats.mid-$DATE |
| 180 |
cat $FULLDIR/lun-stats.mid-$DATE | sed -e '1n;2n;N;N;N;N;N;s/\n/,/g' | \ |
| 181 |
egrep -v "0,0,0" >$FULLDIR/lun-stats.final.out-$DATE |
| 182 |
rm -f $FULLDIR/lun-stats.out-$DATE |
| 183 |
rm -f $FULLDIR/lun-stats.mid-$DATE |
| 184 |
cd $HOMEDIR |
| 185 |
for ftphost in $FTPHOSTS; do |
| 186 |
lftp $ftphost <<EOF |
| 187 |
cd $FTPUPDIR |
| 188 |
mput -c $STATSDIR/lun-stats.final.out-* |
| 189 |
EOF |
| 190 |
done |
| 191 |
mv $FULLDIR/lun-stats.final.out-* $FULLDIR/sent/ |
| 192 |
==>8== |
| 193 |
|
| 194 |
$EDITOR lun-stats-archive.sh |
| 195 |
==8<== |
| 196 |
#!/bin/sh |
| 197 |
HOMEDIR='/home/[..USER..]' |
| 198 |
STATSDIR='emc-stats' |
| 199 |
FULLDIR=$HOMEDIR/$STATSDIR/sent |
| 200 |
DATE=`date +%Y%m%d` |
| 201 |
find $HOMEDIR/$STATSDIR/sent -print0 -mtime +30 | \ |
| 202 |
tar -zcvf /$HOMEDIR/$STATSDIR/sent-monthly-$DATE.tar.gz -T - |
| 203 |
find $HOMEDIR/$STATSDIR/sent -mtime +30 -delete |
| 204 |
==>8== |
| 205 |
|
| 206 |
crontab -e |
| 207 |
==8<== |
| 208 |
*/5 * * * * /home/[..USER..]/lun-stats.sh |
| 209 |
30 3 1 * * /home/[..USER..]/lun-stats-archive.sh |
| 210 |
==>8== |