| HTML |
|---|
<div id="google_translate_element"></div>
<script type="text/javascript">
function googleTranslateElementInit() {
new google.translate.TranslateElement({pageLanguage: 'en'}, 'google_translate_element');
}
</script>
<script type="text/javascript" src="//translate.google.com/translate_a/element.js?cb=googleTranslateElementInit"></script> |
CentOS 6
Before You Begin
Ensure that System Requirements have been met prior to proceeding with the CentOS Configuration Guide.
...
Upgrade your current packages.
2) Install Required Packages
PHP
All installations of ProVision require at least PHP 5.6 (and related extensions). CentOS 6 comes with PHP 5.3 by default. You can either add a repository which provides PHP 5.6 or install PHP manually.
The Webtatic and Remi repos both have versions of PHP which are newer than those in the official repos. For this example, we'll be using Webtatic
Add the repository:
| Code Block |
|---|
|
rpm -Uvh https://mirror.webtatic.com/yum/el6/latest.rpm |
Update:
Install:
| Expand |
|---|
PHP5 / Apache2 / extensions - httpd
- php56w
- php56w-opcache
- php56w-mysqlnd
- php56w-pdo
- php56w-ldap
- php56w-pecl-memcache
- php56w-bcmath
- php56w-devel
- php56w-pear
- php56w-cli
Development tools for pecl / additional system packages: - curl
- openssl
- memcached
- mod_ssl
|
| Code Block |
|---|
|
yum install httpd php56w php56w-opcache php56w-mysqlnd php56w-pdo php56w-ldap php56w-pecl-memcache php56w-bcmath php56w-devel php56w-pear php56w-cli curl openssl memcached mod_ssl |
MySQL
...
MySQL is included with most CentOS installs, check for it with:
| Code Block |
|---|
|
yum list installed | grep mysql |
The default MySqL version included with most CentOS installs will need to be upgraded to the latest version:
| Code Block |
|---|
|
rpm -Uvh https://mirror.webtatic.com/yum/el6/latest.rpm |
If you have an existing installation, you can replace it with:
| Code Block |
|---|
|
yum install mysql.`uname -i` yum-plugin-replace
yum replace mysql --replace-with mysql56w |
For a fresh install:
| Code Block |
|---|
|
yum install mysql56w mysql56w-server |
Then, re-start and configure.
| Code Block |
|---|
|
service mysqld start chkconfig mysqld on |
If a new install, set the MySQL root password:
| Code Block |
|---|
|
/usr/bin/mysqladmin -u root password 'new-password' |
For an existing install / upgrade, you will need to upgrade the existing tables after the restart.
| Code Block |
|---|
|
mysql_upgrade -u root -p |
This will issue a password prompt for the user. If you don't have a root user password, remove the "-p".
DNS and Additional Utilities
...
Generate private key, CSR, and temporary key if one hasn't been provided.
...
| Code Block |
|---|
|
openssl genrsa -out ca.key 1024 openssl req -new -key ca.key -out ca.csr
openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt |
Copy the files to the correct locations
...
(shown using the vi editor, though you may use the editor of your choice)
| Code Block |
|---|
|
vi /etc/httpd/conf.d/ssl.conf |
Find the lines that start with SSHCertificateFile and change them to be like:
| Code Block |
|---|
|
SSLCertificateFile /etc/pki/tls/certs/ca.crt
SSLCertificateKeyFile /etc/pki/tls/private/ca.key |
Then restart
| Code Block |
|---|
|
/etc/init.d/httpd restart |
Add 443 virtual hosts as needed in httpd.conf. Apache
Allow overwrites in the apache vhosts
| Code Block |
|---|
|
sed -i 's/AllowOverride None/AllowOverride All/g' /etc/httpd/conf/httpd.conf |
Start Apache and make it to start on boot
...
Set the MySQL Configuration:
| Code Block |
|---|
|
mysql -p -e "SET GLOBAL sql_mode='NO_ENGINE_SUBSTITUTION';SET SESSION sql_mode='NO_ENGINE_SUBSTITUTION';" |
then enter the MySQL root password when prompted.
4) Optional configurations:
| Note |
|---|
|
Please remember - if you change the IP address of the your server, then you will need to update SELinux functions accordingly |
Most CentOS install have SELinux enabled by default. One of its protections is to not allow httpd daemon to make network connections, we need to disable this for license checks.
To view the SELinux configuration for http:
| Code Block |
|---|
|
/usr/sbin/getsebool -a | grep httpd |
To turn protection off for the httpd daemon for creating network connections:
| Code Block |
|---|
|
/usr/sbin/setsebool -P httpd_can_network_connect 1 |
IPTables is enabled by default on CentOS. Add a new rule to allow 443 from anywhere. Make sure that this rule is in the chain BEFORE any blanket reject rule:
| Expand |
|---|
| title | If you are going to run iptables, click here |
|---|
|
To list all current IPTable rules:
| Code Block |
|---|
| /etc/rc.d/init.d/iptables status |
To add a rule for 443:
| Code Block |
|---|
| /sbin/iptables RH-Firewall-1-INPUT -I 5 -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT |
| Note |
|---|
| | The -I 5 is what adds the rule to the 5th chain position. You might need to change this depending on existing rules. Look at what rules are there before running. |
To save the new config:
| Code Block |
|---|
| /etc/rc.d/init.d/iptables save |
OR (some versions of centOS have different iptables names, so the above won't work) | Code Block |
|---|
| vi /etc/sysconfig/iptables |
With the file open for editing, add: | Code Block |
|---|
| -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT |
Once complete - restart the iptables service: | Code Block |
|---|
| /etc/init.d/iptables restart |
| Info |
|---|
| Customers can alter this post install to allow only their IP space, plus the 6connect management space. |
|
...
| Code Block |
|---|
|
yum install libssh2-devel pecl install -f ssh2 echo extension=ssh2.so > /etc/php.d/ssh2.ini |
4) Install 6connect ProVision Software:
...
3. Go to http://﹤web root﹥/install/configTest.php. Follow the provided instructions, correcting any configuration errors if they occur. Once all steps are completed, you are ready to use your ProVision instance!
