1. Instalasi joomla di OpenSolaris zones dengan konsep three tier Ryan Fabella [email_address] IT Architect Sun Microsystems Indonesia

2. Agenda

Introduksi virtualisasi

Definisi

3. Tipe tipe Kondisi infrastruktur server 4. Introduksi OpenSolaris Container

Definisi

5. Fitur 6. Perintah perintah 7. Status 8. Tipe root Langkah instalasi Joomla di OpenSolaris 9. Zones 10. Apakah itu virtualisasi ?Dalam ilmu komputer, virtualisasi (Inggris: virtualization) adalah istilah umumyang mengacu kepada abstraksi dari sumber daya komputer.Definisi lainnya adalah "sebuah teknik untuk menyembunyikankarakteristik fisik dari sumber daya komputer dari bagaimana cara sistemlain, aplikasi atau pengguna berinteraksi dengan sumber daya tersebut.Hal ini termasuk membuat sebuah sumber daya tunggal(seperti server, sebuah sistem operasi, sebuah aplikasi, atauperalatan penyimpanan terlihat berfungsi sebagai beberapa sumber daya logikal;atau dapat juga termasuk definisi untuk membuat beberapa sumber daya fisik(seperti beberapa peralatan penyimpanan atau server) terlihatsebagai satu sumber daya logikal."[1] Istilah virtualisasi sudah digunakan secara luas sejak 1960-an,dan telah diaplikasikan kepada beberapa aspek komputerdarikeseluruhan sistem komputer sampai sebuah kemampuan atau komponen individu.Secara umum semua teknologi virtualisasi mengacu kepada "menyembunyikan detilteknis" melalui enkapsulasi. Sumber wiki 11. Tipe - tipe virtualisasi ? Full virtualisasi VM membuat abstraksi total di bawah Guest OS Guest OS = OS yang terinstall di hardware fisik Resource dan performance menjadi turunContoh Microsoft Virtual Server and Vmware ESX Server Para virtualisasi VM sebagai hypervisor, software / hardware yang menjembataniLangsung ke hardware fisik (para-API) Guest OS perlu modifikasi supaya bisa berkomunikasi dengan hypervisor Contoh Xen, Qemu, OpenVZ/Virtuozzo, Linux-VServer, FreeBSD Jails,FreeVPS, iCore Virtual Accounts and AIX Workload Partitions. 12. kondisi umum 1 LAN DB + App Tier 1 Client Tier 2 13. kondisi umum 2 LAN DB Tier 1 App Tier 2 Client Tier 3 Proxy + internetgateway 14. Fakta

Utilisasi server 20 40 %

15. Listrik habis lebih banyak 16. Butuh tempat 2 3tower server 17. Apa itu OpenSolaris zone ? OpenSolaris Zone adalah lingkungan virtualisasi diatas opensolaris 18. Apa itu OpenSolaris container ? OpenSolaris container adalah satu atau lebih zone dalamsuatu aturan pembagian resource. 19. Fitur Zone Isolasi Antar zone layaknya server lain Kesalahan di zone tidak menyebabkan zone lain terganggu Hacker menembus zone satu tidak menyebabkan zone duaterkena imbas Granularity CPU Memory 8000 + zone 20. Perintah di Zone zonecfg /etc/zones Membuat zone Mengkonfigurasikan zone zoneadm Administrasi Install, halt, boot, reboot,dll zlogin Login ke zone 21. Status Zone 22. Tipe root zone filesystemSparse-root / usr,/sbin,/lib,/platform di mount readonly Whole-root Semua dicopy dari global zone 23. Instalasi Joomla 24. Membuat zone 1 Membuat zfs filesystem #zfs create -o mountpoint=/zones rpool/zones Membuat konfigurasi dari zone #cat > /var/tmp/webserv-z.cfg create set zonepath=/zones/webserv-z set autoboot=false add net set address=172.16.31.199/24 set physical=e1000g set defrouter=172.16.31.1 end verify commit exit global 25. Membuat konfigurasi zone 1#zonecfg -z webserv-z -f /var/tmp/webserv-z.cfg Instalasi zone 1 *Apabila terdapat proxy eksekusi perintah ini #export http_proxy=http://username:password@ip-proxy:port/#zoneadm -z webserv-z install A ZFS file system has been created for this zone. Authority: Using http://pkg.opensolaris.org/release/. Image: Preparing at /zones/webserv-z/root ... Cache: Using /var/pkg/download. Installing: (output follows) Refreshing Catalog 1/1 opensolaris.org Creating Plan /DOWNLOADPKGSFILESXFER (MB) SUNWPython6/52213/78621.71/72.41Completed52/527862/786272.41/72.41PHASEACTIONS Install Phase3637/12939global 26. Membuat konfigurasi internal di zone 1 #zoneadm -z webserv-z mount #cat > /zones/webserv-z/root/etc/sysidcfg system_locale=C timezone=Asia/Jakarta terminal=xterms security_policy=NONE timeserver=localhost name_service=DNS { domain_name=priv name_server=172.16.31.199 } nfs4_domain=dynamic security_policy=none Ctrl-d #zoneadm -z webserv-z unmount global 27. Boot zone 1 #zoneadm -z webserv-z boot Cek dengan zlogin ke zone 1 #zlogin -C webserv-z [Connected to zone 'webserv-z' console] Loading smf(5) service descriptions: 27/68 ... 68/68 Reading ZFS config: done. Mounting ZFS filesystems: (5/5) Creating new rsa public/private host key pair Creating new dsa public/private host key pair Configuring network interface addresses: bge0:1. webserv-z console login: root Password:global 28. Membuat Zone 2 Create konfigurasi db-z #Cat > /var/tmp /db-z.cfgcreate set zonepath=/zones/db-z set autoboot=true add net set address=172.16.31.198/24 set physical=bge0 set defrouter=172.16.31.1 end verify commit exit Ctrl-d Inisialisasi zone db-z #zonecfg -z db-z -f /var/tmp / db-z.cfgglobal 29. Cloning zone webserv-z #zoneadm -z db-z clone webserv-z sys-unconfig started Wed May 13 09:31:49 2009 rm: cannot remove `/zones/db-z/root/etc/vfstab.sys-u': No such file ordirectory grep: /zones/db-z/root/etc/dumpadm.conf: No such file or directory sys-unconfig completed Wed May 13 09:31:50 2009 Boot zone db-z # zoneadm -z db-z boot #zlogin -C db-z[Connected to zone 'db-z' console] You did not enter a selection. What type of terminal are you using? 1) ANSI Standard CRT 2) DEC VT100 3) PC Console 4) Sun Command Tool 5) Sun Workstation 6) X Terminal Emulator (xterms) 7) Other Type the number of your choice and press Return: 2 global 30. Enter the host name which identifies this system on the network.The name must be unique within your domain; creating a duplicate host name will cause problems on the network after you install Solaris. A host name must have at least one character; it can contain letters, digits, and minus signs (-). Host name for bge0:1 db-z> Press F2 to go to the next screen. Tekan F2 db-z 31. > Confirm the following information.If it is correct, press F2; to change any information, press F4. Host name: db-z Tekan F2 Specify Yes if the system will use the Kerberos security mechanism. Specify No if this system will use standard UNIX security. Configure Kerberos Security [ ] Yes [X] No Tekan F2 db-z 32. > Confirm the following information.If it is correct, press F2; to change any information, press F4. Configure Kerberos Security: No Tekan F2 On this screen you must provide name service information.Select the name service that will be used by this system, or None if your system will either not use a name service at all, or if it will use a name service not listed here. > To make a selection, use the arrow keys to highlight the option and press Return to mark it [X]. Name service [ ] NIS+ [ ] NIS [ ] DNS [ ] LDAP [X] None Tekan F2 db-z 33. > Confirm the following information.If it is correct, press F2; to change any information, press F4. Name service: None Tekan F2 NFS version 4 uses a domain name that is automatically derived from the system's naming services. The derived domain name is sufficient for most configurations. In a few cases, mounts that cross domain boundaries might cause files to appear to be owned by "nobody" due to the lack of a common domain name. The current NFSv4 default domain is: "" NFSv4 Domain Configuration [X] Use the NFSv4 domain derived by the system [ ] Specify a different NFSv4 domain Tekan F2 db-z 34. > Confirm the following information.If it is correct, press F2; to change any information, press F4. NFSv4 Domain Name:> Tekan F2 > To make a selection, use the arrow keys to highlight the option and press Return to mark it [X]. Countries and Regions [ ] Bahrain[ ] Bangladesh [ ] Bhutan[ ] Brunei[ ] Cambodia[ ] China[ ] Cyprus[ ] East Timor [ ] Georgia[ ] Hong Kong[ ] India[X] Indonesia [ ] Irandb-z 35. > To make a selection, use the arrow keys to highlight the option and press Return to mark it [X]. Time zones [X] Java & Sumatra [ ] west & central Borneo [ ] east & south Borneo, Celebes, Bali, Nusa Tengarra, west Timor [ ] Irian Jaya & the Moluccas Tekan F2 > Confirm the following information.If it is correct, press F2; to change any information, press F4. Time zone: Java & Sumatra (Asia/Jakarta) Tekan F2 db-z 36. Install Apache 2.2, PHP 5.2 dan MySQL di webserv-z Apabila dibelakang proxy maka perlu diset proxy Contoh proxy server dengan ip 192.168.1.1 dengan port 3128#export http_proxy= http://192.168.1.1:3128/ #pkg install SUNWphp524 SUNWphp524doc SUNWphp524manSUNWphp524-mysql SUNWapch22 SUNWapch22m-php52 SUNWmemcached SUNWmysql5-base Setup apache #svccfg import /var/svc/manifest/network/http-apache22.xml #svcadm enable network/http:apache22 webserv-z 37. Testing Apache dan PHP #cd /var/apache2/2.2/htdocs; #cat>test.php Ctrl-d Buka browser di global zone webserv-z 38. global 39. Instalasi source joomla di webserv-z Menambahkan unzip ke webserv # pkg install SUNWunzip Kemudian #cd /var/apache2/2.2/htdocs; #mkdir joomla; #chmod 755 joomla; #cd joomla; #w gethttp://joomlacode.org/gf/download/frsrelease/9910/37908/Joomla_1.5.10-Stable-Full_Package.zip #unzip Joomla_1.5.10-Stable-Full_Package.zip webserv-z 40. Install MySQL 5 di db-z # pkg install SUNWmysql5 SUNWmysql5-base Menyalakan mysql 5.0 # svccfg import /var/svc/manifest/application/database/mysql.xml # svcadm enable mysql:version_50 # svcs -a|grep mysql offline*9:56:44 svc:/application/database/mysql:version_50 # svcs -a|grep mysql online9:56:46 svc:/application/database/mysql:version_50 db-z 41. Tambahkan path mysql ke profile # vim ~/.profileUbah PATH menjadi PATH=/usr/gnu/bin:/usr/bin:/usr/X11/bin:/usr/sbin:/sbin:/usr/mysql/bin Eksekusi ~/.profile untuk mendapatkan PATH yang baru # . ~/.profileroot@db-z:~# svccfg import /var/svc/manifest/application/database/mysql.xmlMelihat arsitektur komputer# isainfo amd64 i386 Menjalankan mysql dengan mengaktifkan properti 64 bit # svccfg -s mysql:version_50 setprop mysql/enable_64bit=true # svcadm refresh mysql:version_50 db-z 42. Mencoba login ke mysql # mysql -u root -p Enter password:ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES) # mysqladmin -u root password 'admin' # mysql -u root -p Enter password:Welcome to the MySQL monitor.Commands end with ; or g. Your MySQL connection id is 3 Server version: 5.0.67 Source distribution Type 'help;' or 'h' for help. Type 'c' to clear the buffer. mysql> show databases; +--------------------+ | Database| +--------------------+ | information_schema || mysql|| test|+--------------------+ 3 rows in set (0.00 sec) db-z 43. Mencoba login ke mysql dari webserv-z # /usr/mysql/bin/mysql -h 172.16.31.198 -p Enter password:ERROR 1130 (00000): Host '172.16.31.199' is not allowed to connect to this MySQL server Kembali ke db-z untuk melakukan setup privilege # mysql -p Enter password:Welcome to the MySQL monitor.Commands end with ; or g. Your MySQL connection id is 5 Server version: 5.0.67 Source distribution Type 'help;' or 'h' for help. Type 'c' to clear the buffer. mysql> use mysql; Database changed Db-z /webserv-z 44. mysql> select host,user from user; +-----------+------+ | host| user | +-----------+------+ | 127.0.0.1 | root || db-z||| db-z| root || localhost ||| localhost | root |+-----------+------+ 5 rows in set (0.36 sec) mysql> UPDATE mysql.user SET Password=PASSWORD('admin') WHERE User='root'; mysql> DELETE FROM mysql.user WHERE User=''; mysql> DELETE FROM mysql.user WHERE User='root' AND Host!='localhost'; mysql> update user set host='%' where user='root' and host='localhost'; mysql> FLUSH PRIVILEGES; db-z 45. Hasilnya mysql> select host,user from user; +------+------+ | host | user | +------+------+ | %| root |+------+------+ 1 row in set (0.00 sec) db-z 46. 47. 48. 49. 50. 51. 52. 53. 54. Masuk ke webserv-z Didalam direktori joomla hapus direktori installation rm -fr /var/apache2/2.2/htdocs/joomla/installation/Akhirnya........ 55. 56. Referensi Solaris Containers http://docs.sun.com/app/docs/doc/817-1592/zones.intro-1?l=en&a=view Joomla http://www.joomla.org/ blogs.sun.com http://blogs.sun.com/blogfinger/entry/how_to_add_a_solaris 57. Matur Nuwun [email_address] http://zer0d4y.blogspot.com/ open artwork and icons by chandan: http://blogs.sun.com/chandan