March 24, 2008
Operating System |
Platform |
Application(s) |
Database(s) |
Other |
|
|
|
|
N / A |
This document describes the process of setting up a Sun Java System Web Server on Sun SPARC hardware, Solaris 10, PHP5 and support for either PostgreSQL, Oracle or DB2 databases.
Keep in mind that this document does not cover hardening the system. That process is outlined in other documents from myself or others. This machine needs to be well protected. It will be in a very vulnerable position, facing that filthy and scary Internet.
Also, you will need root access to do most of these tasks. For the most part, this guide assumes access to the system through a terminal or SSH, with no attached keyboard or monitor.
First we will install a fresh copy of the OS. Power on the Sun system and open a terminal connection (if headless). Send a break to access OpenBoot. If you are installing with a CD/DVD, type boot cdrom. If you are installing via Jumpstart over NFS (and already setup that system) type boot net – install.
Configure the system to be on your local network. Choose the "Custom" installation choice if prompted. When presented with the option for which Solaris software packages to install, choose “Developer System Support" with "Custom Packages" (or F4_Customize in terminal mode). Choose whatever packages you know you need for you hardware and remove what you don't need, but be careful - dependencies for these packages within Solaris is a nightmare. Sun is definitely not a believer in the "install only what you need" mentality. You will need (or not) at least the following (- = removed, + = add):
- Apache 2
- Apache Web Server
- BIND DNS Name server and tools
- BIND Name server Manifest
+ Freeware Other Utilities
+ GNU wget - (really handy to have)
- PostgreSQL
- PostgreSQL 8.2 - (leave selected if you want PostgreSQL support)
- PostgreSQL 8.2 Developer - (leave selected if you want PostgreSQL support)
- PostgreSQL Developer
- Ser - SIP Express Router |
After it is done and rebooted, add the following line to /etc/profile just above the line export LOGNAME PATH:
Using PostgreSQL:
PATH=$PATH:/usr/local/bin:/usr/sfw/bin:/usr/ccs/bin:/usr/postgres/8.2/bin
Using Oracle10g:
LD_LIBRARY_PATH=/export/home/instantclient
PATH=$PATH:/usr/local/bin:/usr/sfw/bin:/usr/ccs/bin
export LOGNAME PATH LD_LIBRARY_PATH
Using IBM DB2:
PATH=$PATH:/usr/local/bin:/usr/sfw/bin:/usr/ccs/bin:/opt/IBM/db2/V9.1/bin |
In that $PATH you will find /usr/sfw/bin. Solaris 10 includes (as we selected it) GCC, wget, etc. – they just don't include them in the PATH! Well this does it for you, so we don't need to download them. Which I learned after downloading them. Now add a user so you can SSH into the box (I use Bash for my account's shell):
# useradd -u 500 -m -d /export/home/randy -s /bin/bash randy
# passwd randy |
You can now exit the terminal session.
We will need to connect to the system in a manner that will allow remote X display. When connecting via SSH, add the -Y parameter to your connect string, such as:
| randy@pluto ~ $ ssh -Y 192.168.0.10 (add -l username if using a different account than the local) |
Once logged on, enter the following at the command line:
| -bash-3.00$ updatemanager & |
You will need an account with Sun (free) to use the Sun Update Connection. You will be prompted - just follow along with the questions.
Like Oracle, Sun makes you go through license hurdles to get the software. You can get the bits here:
Place the sjsws-7_0u2-solaris-sparc.tar.gz file in the /usr/src directory and do the following:
# mkdir SJSWS
# mv sjsws-7_0u2-solaris-sparc.tar.gz SJSWS/
# cd SJSWS
# gunzip sjsws-7_0u2-solaris-sparc.tar.gz
# tar -xvf sjsws-7_0u2-solaris-sparc.tar
# rm sjsws-7_0u2-solaris-sparc.tar
# ./setup |
The installation of this software can be done graphically or via console. If for some reason setup can't send a remote X window, a console install will automatically start. Follow the prompts and use the defaults. Select the following answers when prompted:
- Type of Installation: Custom
- Component Selection:
- Server Core
- Administration Command Line Interface
- Sample Applications (required to add the nsapi.h file for compiling PHP support)
- Java Configuration: Reuse existing Java SE 1.5.0_09 or greater
- Path to JDK: /usr/jdk/latest
- Administration Options: Create an Administration Server and a Web Server Instance
For the rest of the installation, just use the defaults or whatever is best for your environment. Once everything is done, you can start the Administration Server by executing:
/sun/webserver7/admin-server/bin/startserv
Then you can configure the server via HTTPS and port 8989 (or whatever you chose during install).
For Oracle (InstantClient Software & SDK):
Download, extract and install the Oracle InstantClient software. If you are using your full Oracle package, the process is similar but different. Also, I'm assuming the database will live on another system, so I only detail the client install. This process also assumes you are using Oracle10g. The files should go in the /export/home directory.
Grab the following files from the Instant Client downloads for Solaris (64-bit) site:
- Instant Client Package - Basic Lite
- Instant Client Package - SDK
# cd /export/home
# unzip instantclient-basiclite-solaris64-10.2.0.3-20070101.zip
# unzip instantclient-sdk-solaris64-10.2.0.3-20070101.zip
# rm instantclient-* |
There is a bug in PHP5 that is easy to fix, however it is very annoying. The PHP5 compile, when built against the 10g client libraries, is looking for files named libclntsh.so and libocci.so. Well, it is a simple matter of creating a soft link to solve this:
# ln -s /export/home/instantclient_10_2/libclntsh.so.10.1 \
/export/home/instantclient_10_2/libclntsh.so
# ln -s /export/home/instantclient_10_2/libocci.so.10.1 \
/export/home/instantclient_10_2/libocci.so |
For IBM DB2 Client:
Downloand, extract and install the DB2 version 9 client software (use the defaults and follow the prompts!). If you are using your full DB2 Enterprise 9 package, the process is similar but different. Also, I'm assuming the database will live on another system, so I only detail the client install.
# cd /usr/src
# wget ftp://ftp.software.ibm.com/ps/products/db2/fixes2/english-us/db2sunv9/ \
fixpack/FP4_U811793/v9fp4_sunos_client.tar.gz
# gunzip v9fp4_sunos_client.tar.gz
# tar -xvf v9fp4_sunos_client.tar
# ./client/disk1/db2_install |
To install a DB2 client instance, you will need a dedicated system account and home directory (client instances are tied to a user account). You will also need to source the instance (set environment variables). IBM supplies a script for this purpose.
# useradd -m -d /export/home/plabs -s /bin/bash plabs
# passwd plabs
# /opt/IBM/db2/V9.1/instance/db2icrt -s CLIENT plabs
# . /export/home/plabs/sqllib/db2profile |
Next we need to setup the client connection to the DB2 server. This is an example. You can use any arbitrary name for the NODE, I usually just use db2node:
For PostgreSQL Client:
Already installed from the OS installation process.
For this part, I will be using some common configuration options. You can add or remove options for your specific needs. See the PHP 5 compile options (./configure --help) for more detail.
To use PHP with the Sun Java System Web Server, we will need to install the PHP engine as an NSAPI plugin.
# cd /usr/src
# wget http://www.php.net/get/php-5.2.5.tar.gz/from/this/mirror
# gunzip php-5.2.5.tar.gz
# tar -xvf php-5.2.5.tar
# rm php-5.2.5.tar
# cd php-5.2.5
Using PostgreSQL:
# ./configure --with-nsapi=/sun/webserver7 --with-zlib --with-bz2 --with-gettext \
--with-pgsql=/usr/postgres/8.2 --with-openssl --with-gd --with-jpeg-dir=/usr/lib \
--with-png-dir=/usr/lib --with-xpm-dir=/usr/lib --enable-gd-native-ttf \
--with-freetype-dir=/usr/sfw
Using Oracle 10g:
# ./configure --with-nsapi=/sun/webserver7 --with-zlib --with-bz2 --with-gettext \
--with-oci8=instantclient,/export/home/instantclient_10_2 --enable-sigchild \
--with-openssl --with-gd --with-jpeg-dir=/usr/lib --with-png-dir=/usr/lib \
--with-xpm-dir=/usr/lib --enable-gd-native-ttf --with-freetype-dir=/usr/sfw
Using IBM DB2:
# ./configure --with-nsapi=/sun/webserver7 --with-zlib --with-bz2 --with-gettext \
--with-pdo-odbc=ibm-db2,/export/home/plabs/sqllib --with-openssl --with-gd \
--with-jpeg-dir=/usr/lib --with-png-dir=/usr/lib --with-xpm-dir=/usr/lib \
--enable-gd-native-ttf --with-freetype-dir=/usr/sfw
# gmake -j5 (For SMP systems: n CPUs + 1 = -j#. Ex., my system has 4 CPUs)
# cp /usr/share/src/php-5.2.5/php.ini-recommended /usr/local/lib/php.ini |
Now we need to edit a few configuration files, starting with magnus.conf. The location of this and the other files we will edit are in the config directory of your server installation. For example, my server is named ariel.procyonlabs.com (created during the installation of SJSWS):
# cd /sun/webserver7/https-ariel.procyonlabs.com/config
# vi magnus.conf |
Add the following lines:
# Initialize PHP
Init fn="load-modules"
shlib="/sun/webserver7/bin/libphp5.so"
funcs="php5_init,php5_close,php5_execute,php5_auth_trans"
Init fn="php5_init"
errorString="PHP failed to initialize." |
Next, we need to let the configuration file obj.conf (located in the same directory as magnus.conf) know how to handle PHP MIME types. Within the code block <Object name="Default"> and </Object> is this line:
- PathCheck fn="find-index" index-names="index.html,home.html,index.jsp"
You want to add index.php to this line so those files are detected as directory indexes and parsed as such:
- PathCheck fn="find-index" index-names="index.html,home.html,index.jsp,index.php"
Add the following line somewhere between the Default object brackets like so:
<Object name="Default">
...
Service fn="php5_execute" type="magnus-internal/x-httpd-php"
...
</Object> |
Next, create an object block for PHP at the end of the file:
<Object name="php">
ObjectType fn="force-type" type="magnus-internal/x-httpd-php"
Service fn=php5_execute
</Object> |
Also, we need to add the following line to the mime.types file:
| type=magnus-internal/x-httpd-php exts=php,php4,php5 |
Now you can starting using and fine tuning your Web server instances via the administration console (that we started earlier). If you didn't change the port number, you can access https://server_address:8989. A word of caution though - back these files up! The Web administration console may kill them at will. Be alert and ready for such horror.
Have fun!
|
