Thomas Mullaly

DevOps, Security and IT Leadership

Apache VCL Install on CentOS 6.5

I’ve been meaning to install Apache’s VCL (Virtual Computer Lab) in my new kvm environment. I’m looking to get a job in a college or university and this solution works incredibly well. How do I know? Well, becasue I recently went back to finish my undergraduate degree, I used all these new systems as a student and the VCL was one of them. I don’t have my provisioning system up and running as of yet so we’re gonna do this by hand:

root@kvm:/var/lib/libvirt/images# virt-install -n ApacheVCL -r 1024 /
--disk path=/var/lib/libvirt/images/ApacheVCL.qcow2,bus=virtio,size=8,format=qcow2 -c /
 /var/lib/libvirt/images/CentOS-6.5-x86_64-minimal.iso --accelerate /
 --network network=default,model=virtio --connect=qemu:///system --vnc /
 --noautoconsole -v --os-type=linux --os-variant=rhel6

Perform the minimal install, boot it, connect to the console using vnc, login as root, edit /etc/sysconfig/network-scripts/ifcfg-eth0 and change ONBOOT=no to ONBOOT=yes, now reboot. From here I’m going to ssh to my kvm host and then ssh to the ApacheVCL guest, so when the CentOS guest comes back up login on the console one more time and get the ip address, ifconfig should work. (As a side note, in CentOS 7, RedHat decided that ifconfig is obsolete and removed it from the minimal install, the new command is “ip”).

Now do a yum update, reboot and ssh back in.

Go get the ApacheVCL tarball:

curl -O

Extract the files:

tar -jxvf apache-VCL-2.3.2.tar.bz2

Install MySQL:

yum install mysql-server -y

(note here, if you are trying this on CentOS 7, mysql-server has been replaced with mariadb-server)

Now configure the MySQL daemon (mysqld) to start automatically:

/sbin/chkconfig --level 345 mysqld on

Start the MySQL daemon:

/sbin/service mysqld start

Run the MySQL command-line client:


Create a database:


Create a user with SELECT, INSERT, UPDATE, DELETE, and CREATE TEMPORARY TABLES privileges on the database you just created:


Exit the MySQL command-line client


Import the vcl.sql file into the database. The vcl.sql file is included in the mysql directory within the Apache VCL source code

mysql vcl < apache-VCL-2.3.2/mysql/vcl.sql

Install the required Linux packages and PHP modules:

yum install httpd mod_ssl php php-gd php-mysql php-xml php-xmlrpc php-ldap php-process -y

Configure the web server daemon (httpd) to start automatically:

/sbin/chkconfig --level 345 httpd on

Add hostname to /etc/hosts

Start the web server daemon

/sbin/service httpd start

Check if SELinux is enabled:

[root@vcl ~]# sestatus
SELinux status:                 enabled
SELinuxfs mount:                /selinux
Current mode:                   enforcing
Mode from config file:          enforcing
Policy version:                 24
Policy from config file:        targeted

If SELinux is enabled, run the following command to allow the web server to connect to the database:

/usr/sbin/setsebool -P httpd_can_network_connect=1

Check IP Tables:

[root@vcl ~]# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED 
ACCEPT     icmp --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:ssh 
REJECT     all  --  anywhere             anywhere            reject-with icmp-host-prohibited 

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         
REJECT     all  --  anywhere             anywhere            reject-with icmp-host-prohibited 

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

If the iptables firewall is being used, port 80 and 443 should be opened up in the iptables config file:

vi /etc/sysconfig/iptables

Add these rules:

-A INPUT -m state --state NEW -p tcp --dport 80 -j ACCEPT
-A INPUT -m state --state NEW -p tcp --dport 443 -j ACCEPT

Restart iptables

service iptables restart

Now let’s work on the frontend web code.

Copy the web directory to a location under the web root of your web server and navigate to the destination .ht-inc subdirectory:

cp -r apache-VCL-2.3.2/web/ /var/www/html/vcl
cd /var/www/html/vcl/.ht-inc

Copy secrets-default.php to secrets.php:

cp secrets-default.php secrets.php

Edit the secrets.php file:

vi secrets.php

Set the following variables to match your database configuration:


Create random passwords for the following variables:


Save the secrets.php file

Run the


Copy conf-default.php to conf.php:

cp conf-default.php conf.php

Modify conf.php to match your site

vi conf.php

Modify every entry under “Things in this section must be modified”. Descriptions and pointers for each value are included within conf.php. COOKIEDOMAIN - set this to the domain name your web server is using or leave it blank if you are only accessing the web server by its IP address

Set the owner of the .ht-inc/maintenance directory to the web server user (normally ‘apache’):

chown apache maintenance

Open the testsetup.php page in a web browser:

If you set up your site to be open

Debug any issues reported by testsetup.php

Now Log In to the VCL Website

Open the index.php page in your browser (

  • Select Local Account
  • Username: admin
  • Password: adminVc1passw0rd
  • Set the admin user password:

  • Click User Preferences
  • Enter the current password: adminVc1passw0rd
  • Enter a new password
  • Click Submit Changes

That’s it for this post, in the next post I’ll finish off the installation by adding a management node to the database.