From b9f8c64e0210adf01c79809c0d6a8bc4f87a82fb Mon Sep 17 00:00:00 2001 From: Chris Koeritz Date: Thu, 16 Nov 2017 21:45:54 -0500 Subject: [PATCH] whew, nearly done with edits from session with jon --- .../docs/manual/cakelampvm_guide_v002.html | 233 +++++++++++++----- 1 file changed, 166 insertions(+), 67 deletions(-) diff --git a/production/sites/cakelampvm.com/docs/manual/cakelampvm_guide_v002.html b/production/sites/cakelampvm.com/docs/manual/cakelampvm_guide_v002.html index 25811392..f23c2c06 100644 --- a/production/sites/cakelampvm.com/docs/manual/cakelampvm_guide_v002.html +++ b/production/sites/cakelampvm.com/docs/manual/cakelampvm_guide_v002.html @@ -22,34 +22,46 @@ href="https://feistymeow.org/">Feisty Meow® codebase .  Together, these services provide you with a very flexible and powerful testbed for web development, especially suited for CakePHP.

+

Commands preceded by an octothorpe ('#') below are intended to be typed + into a bash shell running on the cakelampvm virtual machine.  The + bash shell can be obtained either by logging into the VM through ssh or by + logging in directly to the Virtualbox VM console.  You may find the + ssh session more convenient, because copy & paste features work as + expected.

+

Commands preceded by a greater-than symbol ('>') are intended to be + run on the Host PC in a Windows command prompt (or in a bash prompt running + on the Host PC).

Guest VM Configuration

Powering up with the Feisty Meow® scripts

The feisty meow scripts are a cohesive bash scripting environment for - getting a variety of tasks done.  The scripts recently incorporated the - "avbash" collection from Saco Designs and added those scripts to the - "site_avenger" collection of scripts.  These provide tools for bringing - up CakePHP web sites and managing the collection of repositories for those - sites.  Each website is considered an "application", and the - application name itself (e.g. "winterportlibrary") can often provide all the - details for "powering up" the site.  The feisty meow team has added - additional scripts for managing DNS domains and Apache websites that provide - the capability to "stand up" an entire website around an application, with - accompanying domain. + getting a variety of tasks done.  The feisty meow scripts recently + incorporated the "avbash" collection from Saco Designs and added those + scripts to a new "site_avenger" collection of scripts.  The site + avenger scripts provide tools for bringing up CakePHP web sites and managing + the collection of repositories for those sites.  Each website is + considered an "application", and the application name itself (e.g. + "winterportlibrary") can often provide all the details for "powering up" the + site.  The feisty meow team has added additional scripts for managing + DNS domains and Apache websites that provide the capability to "stand up" an + entire website around an application, with an accompanying DNS domain and + Apache2 site definition.

The site avenger scripts are documented separately within the feisty meow codebase.  Consult the feisty meow readme file first, as it provides some valuable information on - configuring the codebase.  The site avenger script documentation is - available in the feisty + configuring the codebase initially.  The site avenger script commands + are documented in the feisty meow command reference file.

(The feisty meow codebase is already configured for the developer account on the cakelampvm virtual machine.)

@@ -133,12 +145,17 @@ meow These are my settings, with IPv6 left disabled:
nat net config -

Start up the VM

+

Starting up the VM

Using the virtualbox interface, you should now be able to start your virtual machine.  Virtualbox will complain if it detects any remaining configuration problems in the VM, but it should start normally.  The Linux boot sequence will show many lines of text, before bringing up a black console window with a login dialog.

+

If Windows complains about the Virtualbox application slamming into its + firewall, then allow the Virtualbox to get through.  Usually, telling + Windows that once is enough, but if any odd network access problems result, + edit the Windows firewall settings and allow Virtualbox to use both + "Public" and "Private" networks.

You can log in directly on the VM console with the developer account, but it is generally more useful to connect to the cakelampvm over ssh.  If the networking has been established properly, you should be able to do @@ -152,6 +169,26 @@ meow describes how to set up Cygwin to run X server, which enable X forwarding to your local display.

...{insert that info}...

+

Updating cakelampvm to the Latest Model

+

The cakelampvm is released with the intention to not be released + again.  Version 001 was not built with that explicit intention, which + then required the release of Version 002.  We hope to not need a v003 + release.

+

There is an update feature built into the VM that is quite easy to + use.  The updates are driven by the feisty meow script repository in + conjunction with a local scripted command.  To activate the "update + process" for your VM, run the following commands (without the initial '#' + symbol):

+

# rpuffer $FEISTY_MEOW_APEX   # updates to the latest version + of feisty meow
+ # revamp_cakelampvm    # enacts any configuration changes + needed, plus fixes web folder and other permissions.

+

These two commands can be run at any time to patch up your VM to the + latest.

+

The first command ("rpuffer ...") is also useful on its own for getting + the latest version of the feisty meow code.  If there are bug fixes + you need for the scripts or you want updated cakelampvm documentation, + that is the command to use.

Using the guest VM's DNS services

The cakelampvm has been set up to provide a DNS server which will answer name lookup requests on any of the sites that the cakelampvm is hosting @@ -168,14 +205,49 @@ meow server, because a secondary DNS server can "take over" providing the name lookups, and thus foul up DNS requests that should succeed for your VM-hosted sites.

-

It is important to remember to switch back to a normal DNS server - configuration when you shut off the cakelampvm, or your machine will not - know the names of any sites on the internet any more!

-

Once the DNS server is properly set up, these ping commands should get - answering responses (from 10.28.42.20):

- 
ping cakelampvm.com
- 
ping defaultcake.cakelampvm.com
- 
ping mapsdemo.cakelampvm.com
+

If your Host PC is running Windows, see the DNS configuration section + below that is tailored to that operating system.

+

Important Note: It behooves you to remember to switch back to a normal + DNS server configuration when you shut off the cakelampvm, or your machine + will not know the names of any sites on the internet any more!

+

Once the DNS server is properly set up (by whatever means necessary), + these ping commands should get answering responses (from 10.28.42.20) on + both the cakelampvm VM and on your host PC.  Note: ping on Linux + keeps going forever, so hit control-C when you are tired of seeing the pings:

+ 
# ping cakelampvm.com
+ 
# ping mapsdemo.cakelampvm.com
+

Note that any other answer than 10.28.42.20 for the address is *bzzzt* + wrong, and means something needs to be fixed.

+

If these pings succeed (which hopefully they will!), then try accessing + the websites of each domain:

+ 
(browse to) http://cakelampvm.com
+ 
(browse to) http://mapsdemo.cakelampvm.com
+

These should show local sites on the VM rather than sites on the + internet.  If you instead get failures to find the domains, or if the + "real internet" site comes up for cakelampvm.com (the page covered with + red X marks and complaining), then the DNS is not hooked up properly yet.

+

Troubleshooting the DNS

+

If your pings are getting the wrong answers and you're certain the DNS + settings on your Host PC are right, then you may need to flush your DNS + cache, and that might be sufficient.  On Windows, the command for + flushing DNS is:

+ 
> ipconfig /flushdns
+

and on Linux the flush DNS command can be many different things, but try + these two most common options:

+ 
# sudo service dns-clean restart   # restarts the client side DNS cache.
+

or

+ 
# sudo service nscd restart   # restarts the nscd caching server.
+ After, this try the pings again.  If they still fail, please go back + over your DNS configuration very carefully.  The cakelampvm's DNS + feature *does* actually work, but operating systems sometimes do their best + to deny this.
+

Troubleshooting the Apache Sites

+

If your DNS pings and lookups are functioning properly, but you're just + not getting the right websites, then try clearing your browser's cache and + shutting the browser application down.  Then, start the browser up + and try the address again.  Often this cache dumping is enough to fix + the browser so that you start seeing the local website versions on + cakelampvm.com.

Setting up DNS on Windows

The ipconfig tool will provide helpful information about your current networking and DNS configuration:

@@ -200,15 +272,26 @@ meow for easier access.

Currently, the root of all web servers is exposed as "www".  Editing the files in those folders requires ownership by the developer user.  - Currently the defaultcake server is owned by developer.

-

One should be able to create a new directory in the www folder owned by - the developer user over the network also, which can be used for creating - new projects.  However, there is a config issue in the current vm - (v001) about this; to fix, run this command on the guest vm as the - developer user:

- 
sudo chmod g+w /var/www
-

Afterwards, the www folder should allow the developer user to create new - folders at will.

+ The existing mapsdemo site is owned by a different user ("fred") rather + than developer, mostly as a test case.  The "fred", "developer", and + "www-data" accounts on the VM have all been put into each others Unix + "groups" so that they can access each other's files, and thus you may not + notice any issues editing fred's files.

+

One should be able to create a new directory over the network also.  + Try creating a junk folder in the "www" folder, and then deleting it + again.  That should succeed, and this approach can be used to create + folders (from the Host PC) that are owned by the developer user (on the + VM).  You should be able to create folders or copy files within the + developer's home folder also ("/home/developer").

+

If you run into any permission problems that prevent file access, either + remotely or within the VM itself, then try running this command to fix + them:

+ 
# revamp_cakelampvm
+

Afterwards, the www folder and others should allow the developer user to + create new folders at will.

+

The revamp command above is also used to deliver new configuration to the + VM from the feisty meow script environment; running it after any update of + the feisty meow codebase is a good idea.

Accessing files on the host PC from the guest VM

If you want to share a folder from the host to the guest, perhaps for driver updates or other conveniences, then make the share with these @@ -222,8 +305,7 @@ meow shared, and give it a name for the guest.  We assume the folder name will be "myshare".

  • On the guest vm, run the following commands to mount the share:
    - 
    mkdir ~/shared    # for the guest's version of the shared folder
    - 
    sudo mount -t vboxsf myshare ~/shared    # mount the vm's share name onto the folder on the vm.
    + 
    # mkdir ~/shared    # for the guest's version of the shared folder
    # sudo mount -t vboxsf myshare ~/shared    # mount the vm's share name onto the folder on the vm.

    • Adding a new website and domain on the guest VM

    @@ -242,6 +324,8 @@ meow its own (e.g., "B.C" is an SLD).

    Once the DNS option has been picked and implemented, continue to the next section of "Creating a New Apache Site".

    +

    For either Option A or Option B, first connect to the cakelampvm via ssh + as the developer user, e.g.: ssh developer@cakelampvm.com

    DNS Option A: Adding a sub-domain in an existing domain

    Let us say a customer needs an application called "excalibur".  It will be a new subdomain within an existing domain, such as the @@ -251,21 +335,17 @@ meow already exist before adding the subdomain; see DNS Option B below for details on how to add a containing domain for the first time.

    Quick approach: Use the feisty meow "add_domain" command.

    -

    Connect to the cakelampvm via ssh as the developer user, e.g.: ssh - developer@cakelampvm.com

    Run this command in a bash shell on the VM:

    # add_domain excalibur.cakelampvm.com

    Done.

    Manual approach: Edit the bind9 configuration.

    Note: the manual approach is not compatible with later use of feisty meow's "remove_domain".

    - Connect to the cakelampvm via ssh as the developer user, e.g.: ssh - developer@cakelampvm.com -

    Execute the following command to edit the DNS file for the cakelampvm - domain:

    + Execute the following command to edit the DNS file for the cakelampvm + domain: 
    # sudo vi /etc/bind/cakelampvm.com.conf

    Add a stanza for the new site at the end of this file:

    - 
    excalibur.cakelampvm.com    IN A    10.28.42.20
            IN HINFO "linux server" "ubuntu"
    + 
    excalibur.cakelampvm.com.    IN A    10.28.42.20
            IN HINFO "linux server" "ubuntu"

    Restart the DNS server:

    # sudo service bind9 restart

    Afterwards, pinging excalibur.cakelampvm.com should work from both the @@ -275,48 +355,67 @@ meow config file for the new domain and add it to the bind directory.  For this example, we need to add the site "excalibur.tv" into the DNS.

    Quick approach: Use the feisty meow "add_domain" command.

    -

    Connect to the cakelampvm via ssh as the developer user, e.g.: ssh - developer@cakelampvm.com

    -

    Run this command in a bash shell on the VM:

    + Run this command in a bash shell on the VM: 
    # add_domain excalibur.tv

    Done.

    Manual approach: Edit a new DNS config file

    -

    Create a file called /etc/bind/excalibur.tv.conf for our new domain - excalibur.tv with these contents:

    - 
    $TTL 1W
    @       IN SOA          @       fred.cakelampvm.com. (
                            2017100801      ; serial
                            2H              ; refresh
                            8M              ; retry
                            14D             ; expiry
                            6H )            ; minimum

            IN NS           ns.cakelampvm.com.
            IN MX   10      mail.cakelampvm.com.

    # main domain for machine.
    excalibur.tv.                 IN A            10.28.42.20
                                  IN HINFO        "linux server" "ubuntu"
    +

    Note: the manual approach is not compatible with later use of feisty + meow's "remove_domain".

    + Create a file called /etc/bind/excalibur.tv.conf for our new domain + excalibur.tv with these contents: + 
    $TTL 1W
    @       IN SOA          @       fred.cakelampvm.com. (
                            2017100801      ; serial
                            2H              ; refresh
                            8M              ; retry
                            14D             ; expiry
                            6H )            ; minimum

            IN NS           ns.cakelampvm.com.
            IN MX   10      mail.cakelampvm.com.

    # new SLD for our excalibur site.
    excalibur.tv.                 IN A            10.28.42.20
                                  IN HINFO        "linux server" "ubuntu"
    The gnarly prefix stuff above the "excalibur.tv." listing establishes configuration info for the new domain.  This file relies on the existing cakelampvm.com infrastructure in DNS, such as the "ns" host, which is the domain's name server.  However, the new domain does not live inside the cakelampvm.com domain.
    -

    Now that the config file is in place, edit "named.conf.local" to add the - new file by adding this bit of configuration at the end:

    +

    Now that the config file is in place, edit "/etc/bind/named.conf.local" + to add the new file by adding this bit of configuration at the end:

    zone "excalibur.tv" in {
            file "/etc/bind/excalibur.tv.conf";
            type master;
            allow-query { any; };
    };

    Restart the DNS server:

    # sudo service bind9 restart

    Afterwards, pinging excalibur.tv should work from both the guest and the host.

    Creating a New Apache site

    +

    First, connect to the cakelampvm via ssh as the developer user, e.g.: ssh + developer@cakelampvm.com

    +

    Quick approach: Use the feisty meow "add_apache_site" command.

    +

    Run this command in a bash shell on the VM:

    + 
    # add_apache_site excalibur excalibur.tv
    +

    (The first parameter is the application name, the second is the domain + name.)

    +

    Done.

    +

    Manual approach: Edit an Apache config file

    +

    Note: the manual approach is not compatible with later use of feisty + meow's "remove_apache_site".

    +

    For Apache, the choice of DNS Option A or B, subdomain or SLD does not + matter.  The site configuration file just has to accurately specify + the domain in question.

    Start with the following template file for the new website, and modify it for the appropriate host name:

    - 
    <VirtualHost *:80>
        ServerName greatsite.cakelampvm.com
        ServerAlias greatsite.cakelampvm.com *.greatsite.cakelampvm.com
        DocumentRoot /var/www/greatsite
        ErrorLog ${APACHE_LOG_DIR}/greatsite.cakelampvm.com-error.log
        CustomLog ${APACHE_LOG_DIR}/greatsite.cakelampvm.com-access.log combined
        Alias /statistics "/var/www/webwork.repository/webwork/maps_demo/webroot/statistics"
        Include /etc/apache2/conf-library/basic-options.conf
        Include /etc/apache2/conf-library/rewrite-enabling.conf
    </VirtualHost>
    -

    The above example is pre-modified for DNS Option A above, the - greatsite.cakelampvm.com name.  Switching all of those to - "greatsite.tv" instead would support DNS option B.

    -

    Copy that file into /etc/apache/available-sites under an appropriate - name, which here we will call "greatsite.conf".

    -

    Tell apache to use the new file:

    - 
    a2ensite greatsite.conf
    + 
    <VirtualHost *:80>
        ServerName excalibur.tv
+    DocumentRoot /home/apps/excalibur
        ErrorLog ${APACHE_LOG_DIR}/excalibur.tv-error.log
        CustomLog ${APACHE_LOG_DIR}/excalibur.tv-access.log combined
        Include /etc/apache2/conf-library/basic-options.conf
        Include /etc/apache2/conf-library/rewrite-enabling.conf
    </VirtualHost>
    +

    The above example is appropriate for our excalibur app in the + excalibur.tv domain (using DNS Option B).  Modifying the excalibur.tv + references in it is sufficient to retarget it for any domain you want.

    +

    Copy the new site config file into "/etc/apache2/sites-available" with an + appropriate file name that includes the site's domain name.  We will + call our config file "excalibur.tv.conf".  If you developed the file + in your home folder, this would be the command to move it up to Apache:

    + 
    # sudo cp ~/excalibur.tv.conf /etc/apache2/sites-available
    +

    Then tell apache to use the new file:

    + 
    # sudo a2ensite excalibur.tv  # the '.conf' portion of the filename is unnecessary for this command.
+

    Finally, restart apache to get it to begin serving the site:

    - 
    sudo service apache2 restart
    + 
    # sudo service apache2 restart

    Test the new web site

    Given the configuration above, your host PC should now be able to access the new website.

    -

    To test this, first try pinging the hostname, e.g.: ping - greatsite.cakelampvm.com or ping greatsite.tv

    -

    Then, if there are responses to the ping, it means the DNS is - working.  If there are no responses, check the instructions in the - above DNS option section.

    +

    To test this, first try pinging the new DNS name:

    + 
    # ping excalibur.tv
    +

    If there are responses to the ping, it means the DNS is working.  If + there are no responses, check the instructions in the above DNS option + section.

    Once the DNS is working, one can try browsing to the site at: http://greatsite.cakelampvm.com or http://greatsite.tv (depending on the DNS option chosen).

    -- 2.34.1