Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Linux sever building

485 views

Published on

Published in: Career, Technology
  • Be the first to comment

  • Be the first to like this

Linux sever building

  1. 1. EdmondYu, 2013.4.26余水保, yushb0602@gmail.com
  2. 2. Linux server• Select the hardware and distribution• Security systemLAMPWeb API
  3. 3. Rent server from IDCInfrastructure as a Service (IaaS)• Amazon, DigitalOcean• 阿里云Platform as a Service (PaaS)• OpenShift …• 新浪云
  4. 4. Linux Distribution Timeline Redhat Enterprise LinuxCentOSCommunity ENTerprise Operating Systemhttp://en.wikipedia.org/wiki/CentOS
  5. 5. Command Linevim –bd a.txt b.txtgit log –SmymodificationTUI (Text-based User Interface)gdb –tui myappgit log –graphGUILot of tools have no GUIGUI has bug
  6. 6.  Kernel-based Virtual Machine (KVM) is avirtualization infrastructure for the Linux kernelincluded in mainline Linux, as of 2.6.20• kvm.ko, kvm-intel.ko QEMU(qemu-kvm) can make use of KVM whenrunning a target architecture that is the same asthe host architectureqemu-img create -f qcow2 vdisk.img 10Gqemu-system -hda vdisk.img -cdrom /boot-media.iso -boot d -m 384
  7. 7.  Daemon is a process run in background. two types of daemon:1. xinetd (extended Internet daemon) super-server daemon which runs onmany Unix-like systems and manages Internet-based connectivity.2. httpd, sshd etc. Use fork to create subprocess Run The demo: nc localhost 20011
  8. 8.  Disable root account in sshd Disable ports Anti- attack( OS level using Iptables) Anti- attack (Application level) Selinux(Security Enhanced Linux)ls -alZ /var/www/htmlgetsebool –agetsebool -a|fgrep httpallow_httpd_anon_write --> offallow_httpd_mod_auth_ntlm_winbind --> offallow_httpd_mod_auth_pam --> offallow_httpd_sys_script_anon_write --> offhttpd_can_network_connect --> offhttpd_can_sendmail --> off
  9. 9.  Linux kernel firewall andthe chains and rules itstores.#iptables -I INPUT -p tcp --dport 80 -j ACCEPT#iptables -I INPUT -p tcp --dport 443 -j ACCEPT#iptables-save
  10. 10.  a tool to transfer data from or to a server, usingone of the supported protocols (HTTP, HTTPS,FTP, FTPS, SCP, SFTP, TFTP, DICT,TELNET,LDAP or FILE) Cross-platform, libcurl, Trace the protocol• curl –v –O http://42.120.16.118/json.php• http://www.thegeekstuff.com/2012/04/curl-examples/
  11. 11. Linux server Select the hardware and distribution Security systemLAMPWeb API
  12. 12. Apachehttpd vs Apache Software FoundationApache license: business-friendIndustry open source softwarehttp://projects.apache.org/indexes/category.htmlTomcat, Lucene, Chemistry
  13. 13.  Apache HTTP server started from1995. In 2009 it became the first web server software to surpass the 100million website milestone Implemented as compiled modules to extend the core functionalityphp, perl(mod_perl.so) , python(mod_python.so)mod_dav_svnmod_mono. A module to deploy an ASP.NET application with Mono MultiProcessing Modules1)a process-based, 2)hybrid (process and thread)3)event-hybrid modeTo use the event MPM, add --with-mpm=event to the configurescripts arguments when building the httpd.
  14. 14.  PHP is a server-side scripting languagedesigned for web development Extension• http://pecl.php.net/packages.php PECL is a repository for PHP Extensions• yum install gcc make php-pear• pecl install mongo• http://pecl.php.net/packages.php Extensions in Zend Repos• yum search php|fgrep "extension"
  15. 15.  MongoDB stores structured data as JSON-likedocuments with dynamic schemas offersimplicity and power. Installation• Configure yum 10gen repos• yum install mongo-10gen mongo-10gen-server• chkconfg mongod on• Service mongod start Self-installation:• $ nohup ./mongod &• Or run command “./mongod & ” in /etc/init.d/rc.local Demo
  16. 16. VsftpVery Secure FTPD is a *nix FTP ServerWiki server:CentOS + Apache+MySQL+PHPhttp://pdcwiki.cn.kodak.comBugzilla, Perlhttps://bugzilla.redhat.com/show_bug.cgi?id=701559
  17. 17. Linux server Select the hardware and distribution Security systemLAMPWeb API
  18. 18.  Review the http protocol• curl -X GET http://42.120.16.118/json.php?name=edmond -v> GET http://42.120.16.118/json.php?name=edmond HTTP/1.1> User-Agent: curl/7.24.0 (x86_64-redhat-linux-gnu) libcurl/7.24.0 NSS/3.13.5.0 zlib/1.2.5 libidn/1.24libssh2/1.4.1> Host: 42.120.16.118> Accept: */* Proxy-Connection: Keep-Alive• List of HTTP header fields,http://en.wikipedia.org/wiki/List_of_HTTP_header_fieldsA real case about http header: Cache-Control: no-cache HTTP methods and CRUD(Create,Read, Update, and Delete)operations• To create a resource on the server, use POST.• To retrieve a resource, use GET.• To change the state of a resource or to update it, use PUT.• To remove or delete a resource, use DELETE
  19. 19.  a REST(Representational State Transfer) Webservice follows four basic design principles:• Use HTTP methods explicitly.• Be stateless.• Expose directory structure-like URIs.• Transfer XML, JavaScript Object Notation (JSON), or both.
  20. 20. curl -X GET http://42.120.16.118/json.php?name=edmond -vcurl --data "name=aaa&tel=00000" http://42.120.16.118/json.phpcurl -X DELETE --data "name=aaa&tel=00000" http://42.120.16.118/json.phpcurl -X PUT -d "phone=1-800-999-9999" http http://42.120.16.118/json.php
  21. 21. Restful API -> php -> mongo
  22. 22.  Which is the daemon process, which is thesubprocess? What is TUI? List the languages apache which support. What is the fireware name? How to quickly create a daemon service?

×