How to install Drupal in a cluster

From FedoraProject

(Difference between revisions)
Jump to: navigation, search
(Added background, setup, and assumptions topics.)
(Add a note for hapless RHEL 6 users like me)
 
(6 intermediate revisions by one user not shown)
Line 8: Line 8:
 
These instructions were built using three virtualized instances of CentOS 5.5 running on Fedora 13 under QEMU.  SELinux was activated at the QEMU level to provide secure virtualization.
 
These instructions were built using three virtualized instances of CentOS 5.5 running on Fedora 13 under QEMU.  SELinux was activated at the QEMU level to provide secure virtualization.
  
The master server is running '''SELinux in permissive mode''' and utilizes Apache (httpd), php, and MySQL to serve up Drupal.
+
The master server is running SELinux in enforcing mode and utilizes Apache (httpd), php, and MySQL to serve up Drupal.
  
The slave servers are running '''SELinux in permissive mode''' and utilized Apache (httpd) and php to serve up Drupal.
+
The slave servers are running SELinux in enforcing mode and utilized Apache (httpd) and php to serve up Drupal.
  
 
Basically the trick to stand up slave servers and have them utilize the master's database.  In this way each Drupal instance sees the same information at the same time.  There are some additional setup requirements to do this on both the master and the slaves.
 
Basically the trick to stand up slave servers and have them utilize the master's database.  In this way each Drupal instance sees the same information at the same time.  There are some additional setup requirements to do this on both the master and the slaves.
Line 17: Line 17:
  
 
== Assumptions ==
 
== Assumptions ==
It is assumed that all servers are running SELinux and that the MySQL database was properly cleaned and hardened utilizing the ''mysql_secure_installation'' script.  It is also assumed that IPTables has been modified to allow port 80 (httpd) and port 3306 (mysqld) through.  It is highly recommended that port 3306 be secured to the specific IP addresses that will be connecting to the database.  Opening up port 3306 to the world is inviting trouble.
+
It is assumed that all servers are running SELinux.  It is also assumed that IPTables has been modified to allow port 80 (httpd) and port 3306 (mysqld) through.   
 +
 
 +
{{admon/warning | It is highly recommended that port 3306 be secured to the specific IP addresses that will be connecting to the database.  Opening up port 3306 to the world is inviting trouble.}}
 +
 
 +
{{admon/note | Drupal on RHEL 6 | If you happen to be using RHEL 6 or a compatible OS, you may need the following changes to adapt SELinux policy for Drupal:
 +
 
 +
<ol><li> Install the ''policycoreutils-python'' package which contains the ''/usr/sbin/semanage'' tool.</li>
 +
<li>Run the following commands:
 +
<pre>semanage fcontext -a -t httpd_sys_rw_content_t "/etc/drupal(6)?(/.*)?"
 +
semanage fcontext -a -t httpd_sys_rw_content_t "/var/lib/drupal(6)?(/.*)?"
 +
semanage fcontext -a -t httpd_sys_content_t "/usr/share/drupal(6)?(/.*)?"
 +
restorecon -rv /usr/share/drupal6 /etc/drupal6 /var/lib/drupal6</pre></li></ol>
 +
}}
  
 
== Web and SQL server setup ==
 
== Web and SQL server setup ==
Line 29: Line 41:
 
> install drupal
 
> install drupal
 
> run ts</pre></li>
 
> run ts</pre></li>
 +
 +
<li>Secure the database
 +
<pre>mysql_secure_installation</pre>
 +
{{admon/note | This script helps you properly setup the database.}}
 +
 +
<li>Edit '/etc/my.cnf'
 +
<pre>bind-address=<server ip address></pre></li>
  
 
<li>If you have not already done so, start the MySQL database server:
 
<li>If you have not already done so, start the MySQL database server:
Line 52: Line 71:
  
 
mysql> GRANT ALL PRIVILEGES ON drupal.* TO drupaladmin@localhost IDENTIFIED BY 'DRUPAL_PASSWORD';
 
mysql> GRANT ALL PRIVILEGES ON drupal.* TO drupaladmin@localhost IDENTIFIED BY 'DRUPAL_PASSWORD';
 +
Query OK, 0 rows affected (0.00 sec)
 +
 +
mysql> GRANT ALL PRIVILEGES ON drupal.* TO drupaladmin@<slave IP address> IDENTIFIED BY 'DRUPAL_PASSWORD';
 
Query OK, 0 rows affected (0.00 sec)
 
Query OK, 0 rows affected (0.00 sec)
  
Line 60: Line 82:
 
Bye</pre>
 
Bye</pre>
  
The ''drupaladmin'' account and the ''DRUPAL_PASSWORD'' you used above are the ones you will use in Drupal's installation process shortly.</li>
+
The ''drupaladmin'' account and the ''DRUPAL_PASSWORD'' you used above are the ones you will use in Drupal's installation process shortly.
 +
 
 +
{{admon/note | You should create an account for each server that will be attaching to the server.}}
 +
</li>
 
</ol>
 
</ol>
  
Line 82: Line 107:
 
<pre>cp /etc/drupal/default/default.settings.php /etc/drupal/default/settings.php
 
<pre>cp /etc/drupal/default/default.settings.php /etc/drupal/default/settings.php
 
chmod 666 /etc/drupal/default/settings.php</pre></li>
 
chmod 666 /etc/drupal/default/settings.php</pre></li>
 +
 +
<li>Allow httpd to access the settings.php
 +
<pre>chcon -t httpd_sys_content_t '/etc/drupal/default/settings.php'</pre></li>
  
 
<li>Edit the {{filename|/etc/php.ini}} file to set the <code>date.timezone</code> for PHP on the system.  Uncomment the line and insert your timezone, for example:
 
<li>Edit the {{filename|/etc/php.ini}} file to set the <code>date.timezone</code> for PHP on the system.  Uncomment the line and insert your timezone, for example:

Latest revision as of 16:43, 5 April 2011

Warning (medium size).png
This page is a draft only
It is still under construction and content may change. Do not rely on the information on this page.

Contents

[edit] Background

The goal of these instructions is to learn how to setup a master Drupal instance, with a local database, and the setup multiple slave Drupal instances that point back to the master's database so that all instances of Drupal show the same information at the same time.

This is useful if you have multiple application servers behind a load balancer but do not have the need for a high-availability setup.

[edit] The setup

These instructions were built using three virtualized instances of CentOS 5.5 running on Fedora 13 under QEMU. SELinux was activated at the QEMU level to provide secure virtualization.

The master server is running SELinux in enforcing mode and utilizes Apache (httpd), php, and MySQL to serve up Drupal.

The slave servers are running SELinux in enforcing mode and utilized Apache (httpd) and php to serve up Drupal.

Basically the trick to stand up slave servers and have them utilize the master's database. In this way each Drupal instance sees the same information at the same time. There are some additional setup requirements to do this on both the master and the slaves.

The /usr/share/doc/drupal-*/drupal-README.fedora page on your system also has up-to-date instructions for your versions of Fedora and Drupal.

[edit] Assumptions

It is assumed that all servers are running SELinux. It is also assumed that IPTables has been modified to allow port 80 (httpd) and port 3306 (mysqld) through.

Warning (medium size).png
It is highly recommended that port 3306 be secured to the specific IP addresses that will be connecting to the database. Opening up port 3306 to the world is inviting trouble.
Note.png
Drupal on RHEL 6
If you happen to be using RHEL 6 or a compatible OS, you may need the following changes to adapt SELinux policy for Drupal:
  1. Install the policycoreutils-python package which contains the /usr/sbin/semanage tool.
  2. Run the following commands:
    semanage fcontext -a -t httpd_sys_rw_content_t "/etc/drupal(6)?(/.*)?"
    semanage fcontext -a -t httpd_sys_rw_content_t "/var/lib/drupal(6)?(/.*)?"
    semanage fcontext -a -t httpd_sys_content_t "/usr/share/drupal(6)?(/.*)?"
    restorecon -rv /usr/share/drupal6 /etc/drupal6 /var/lib/drupal6

[edit] Web and SQL server setup

  1. Switch to the root account. Enter the root password at the prompt.
    su -
  2. Install necessary packages:
    yum shell
    > groupinstall 'Web Server' 'MySQL Database'
    > install drupal
    > run ts
  3. Secure the database
    mysql_secure_installation
    Note.png
    This script helps you properly setup the database.
  4. Edit '/etc/my.cnf'
    bind-address=<server ip address>
  5. If you have not already done so, start the MySQL database server:
    service mysqld start
  6. If you have not already done so, set up the MySQL database server's administrator account. First, provide a root password.
    Warning (medium size).png
    Do not use root account password
    Do not provide the system administrator's password for your Linux system here. Use a different strong password, since this is a separate authentication for a MySQL user called "root."
    mysqladmin -u root password $PASSWORD
  7. Create a database for Drupal:
    mysqladmin -u root -p create drupal
    Note.png
    Database creation
    You will be prompted to enter the MySQL "root" password from the previous step.
  8. Grant rights for a Drupal administrator on this database:
    [root@publictest1 ~]# mysql -u root -p
    Enter password: 
    Welcome to the MySQL monitor.  Commands end with ; or \g.
    Your MySQL connection id is 5
    Server version: 5.1.41 Source distribution
    
    Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
    
    mysql> GRANT ALL PRIVILEGES ON drupal.* TO drupaladmin@localhost IDENTIFIED BY 'DRUPAL_PASSWORD';
    Query OK, 0 rows affected (0.00 sec)
    
    mysql> GRANT ALL PRIVILEGES ON drupal.* TO drupaladmin@<slave IP address> IDENTIFIED BY 'DRUPAL_PASSWORD';
    Query OK, 0 rows affected (0.00 sec)
    
    mysql> FLUSH PRIVILEGES;
    Query OK, 0 rows affected (0.00 sec)
    
    mysql> QUIT;
    Bye

    The drupaladmin account and the DRUPAL_PASSWORD you used above are the ones you will use in Drupal's installation process shortly.

    Note.png
    You should create an account for each server that will be attaching to the server.

[edit] Drupal setup

  1. Edit the /etc/httpd/conf.d/drupal.conf file. If you are installing on the same system where you run your Web browser, uncomment the line below:
    Allow from 127.0.0.1

    If you are installing on a different system on your network, change the previous lines so they read as follows:

    #Deny from All
    Allow from All
    Save the file.
  2. Edit the /usr/share/drupal/.htaccess file. Uncomment the line below:
    RewriteBase /drupal
    Save the file.
  3. If necessary, change your firewall settings to permit TCP port 80 (HTTP) traffic.
  4. Copy and change the permissions on the default settings file:
    cp /etc/drupal/default/default.settings.php /etc/drupal/default/settings.php
    chmod 666 /etc/drupal/default/settings.php
  5. Allow httpd to access the settings.php
    chcon -t httpd_sys_content_t '/etc/drupal/default/settings.php'
  6. Edit the /etc/php.ini file to set the date.timezone for PHP on the system. Uncomment the line and insert your timezone, for example:
    date.timezone = America/New_York
    If you are unsure what to put here, look in the Drupal system's /usr/share/zoneinfo directory. You can use the relative name of a file in that directory for the timezone setting here.
  7. Start the Apache web server:
    service httpd start
  8. Point your web browser at the system to be installed and follow the instructions on screen. When prompted for database information, remember to use the information for the drupal MySQL database you installed earlier. When the site asks for Drupal administrator account information later, you should use a different user name and passphrase.
  9. Remove write permissions from the settings file:
    chmod 644 /etc/drupal/default/settings.php