I’ve been meaning to install Apache’s VCL (Virtual Computer Lab) in my new kvm environment. I’m looking to get a job in a college or university and this solution works incredibly well. How do I know? Well, becasue I recently went back to finish my undergraduate degree, I used all these new systems as a student and the VCL was one of them. I don’t have my provisioning system up and running as of yet so we’re gonna do this by hand:
root@kvm:/var/lib/libvirt/images# virt-install -n ApacheVCL -r 1024 /
--disk path=/var/lib/libvirt/images/ApacheVCL.qcow2,bus=virtio,size=8,format=qcow2 -c /
/var/lib/libvirt/images/CentOS-6.5-x86_64-minimal.iso --accelerate /
--network network=default,model=virtio --connect=qemu:///system --vnc /
--noautoconsole -v --os-type=linux --os-variant=rhel6
Perform the minimal install, boot it, connect to the console using vnc, login as root, edit /etc/sysconfig/network-scripts/ifcfg-eth0 and change ONBOOT=no to ONBOOT=yes, now reboot. From here I’m going to ssh to my kvm host and then ssh to the ApacheVCL guest, so when the CentOS guest comes back up login on the console one more time and get the ip address, ifconfig should work. (As a side note, in CentOS 7, RedHat decided that ifconfig is obsolete and removed it from the minimal install, the new command is “ip”).
Now do a yum update, reboot and ssh back in.
Go get the ApacheVCL tarball:
curl -O http://mirrors.gigenet.com/apache/vcl/apache-VCL-2.3.2.tar.bz2
Extract the files:
tar -jxvf apache-VCL-2.3.2.tar.bz2
Install MySQL:
yum install mysql-server -y
(note here, if you are trying this on CentOS 7, mysql-server has been replaced with mariadb-server)
Now configure the MySQL daemon (mysqld) to start automatically:
/sbin/chkconfig --level 345 mysqld on
Start the MySQL daemon:
/sbin/service mysqld start
Run the MySQL command-line client:
mysql
Create a database:
CREATE DATABASE vcl;
Create a user with SELECT, INSERT, UPDATE, DELETE, and CREATE TEMPORARY TABLES privileges on the database you just created:
GRANT SELECT,INSERT,UPDATE,DELETE,CREATE TEMPORARY TABLES ON vcl.* TO 'vcluser'@'localhost' IDENTIFIED BY 'vcluserpassword';
Exit the MySQL command-line client
exit
Import the vcl.sql file into the database. The vcl.sql file is included in the mysql directory within the Apache VCL source code
mysql vcl < apache-VCL-2.3.2/mysql/vcl.sql
Install the required Linux packages and PHP modules:
yum install httpd mod_ssl php php-gd php-mysql php-xml php-xmlrpc php-ldap php-process -y
Configure the web server daemon (httpd) to start automatically:
/sbin/chkconfig --level 345 httpd on
Add hostname to /etc/hosts
Start the web server daemon
/sbin/service httpd start
Check if SELinux is enabled:
[root@vcl ~]# sestatus
SELinux status: enabled
SELinuxfs mount: /selinux
Current mode: enforcing
Mode from config file: enforcing
Policy version: 24
Policy from config file: targeted
If SELinux is enabled, run the following command to allow the web server to connect to the database:
/usr/sbin/setsebool -P httpd_can_network_connect=1
Check IP Tables:
[root@vcl ~]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT icmp -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT)
target prot opt source destination
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
If the iptables firewall is being used, port 80 and 443 should be opened up in the iptables config file:
vi /etc/sysconfig/iptables
Add these rules:
-A INPUT -m state --state NEW -p tcp --dport 80 -j ACCEPT
-A INPUT -m state --state NEW -p tcp --dport 443 -j ACCEPT
Restart iptables
service iptables restart
Now let’s work on the frontend web code.
Copy the web directory to a location under the web root of your web server and navigate to the destination .ht-inc subdirectory:
cp -r apache-VCL-2.3.2/web/ /var/www/html/vcl
cd /var/www/html/vcl/.ht-inc
Copy secrets-default.php to secrets.php:
cp secrets-default.php secrets.php
Edit the secrets.php file:
vi secrets.php
Set the following variables to match your database configuration:
$vclhost
$vcldb
$vclusername
$vclpassword
Create random passwords for the following variables:
$cryptkey
$pemkey
Save the secrets.php file
Run the genkeys.sh
./genkeys.sh
Copy conf-default.php to conf.php:
cp conf-default.php conf.php
Modify conf.php to match your site
vi conf.php
Modify every entry under “Things in this section must be modified”. Descriptions and pointers for each value are included within conf.php. COOKIEDOMAIN - set this to the domain name your web server is using or leave it blank if you are only accessing the web server by its IP address
Set the owner of the .ht-inc/maintenance directory to the web server user (normally ‘apache’):
chown apache maintenance
Open the testsetup.php page in a web browser:
If you set up your site to be https://192.168.122.110/vcl/ open https://192.168.122.110/vcl/testsetup.php
Debug any issues reported by testsetup.php
Now Log In to the VCL Website
Open the index.php page in your browser (https://192.168.122.110/vcl/index.php)
- Select Local Account
- Username: admin
- Password: adminVc1passw0rd
-
Set the admin user password:
- Click User Preferences
- Enter the current password: adminVc1passw0rd
- Enter a new password
- Click Submit Changes
That’s it for this post, in the next post I’ll finish off the installation by adding a management node to the database.