Short guide on how to manually install Apache HTTP 2.4.x in CentOS 6.x

Reason: the version 2.4.x is only available in the CentOS 7 repositories
So if we are using CentOS 6.8 we need to compile from sources! This is sometimes necessary as CentOS is a conservative distribution, not having generally the latest version of a software.

In this case the chosen version will be the Apache HTTP 2.4.25.

FIRST OF ALL SOME WARNINGS!!
I`m not responsible for any damage that you might incur while or after following these tutorial, as usual I strongly recommend to make a backup before proceeding. So please take a system snapshot or at least make a copy of the current Apache HTTPD configuration files and relative installation folder tree.
Also I`m not responsible for the information provided in the external websites here provided.
Use these instructions at your own risk!

 

 

 

 

 
The symbol # means the command must be run as root.
We will consider the working directory to be /root/apache
So we create the below path and chdir to it
#mkdir -p /root/apache && cd /root/apache

Then we need to download apr and apr-util

For more info on the “Apache Portable Runtime Library” please consult the website http://apr.apache.org/

#wget https://archive.apache.org/dist/apr/apr-1.4.2.tar.bz2
#wget https://archive.apache.org/dist/apr/apr-util-1.4.1.tar.gz

And most importantly we need to download Apache HTTP 2.4.25

#wget http://mirror.hosting90.cz/apache//httpd/httpd-2.4.25.tar.bz2

Higher versions of these sources might require updating the C runtime library, which will slightly complicate the process and would require a system reboot. In fact to be able to compile Apache HTTP 2.4.25 we need at least apr and apr-util in the version 1.4.0 and unfortunately they are not in the repositories (at least the default ones) in CentOS 6.8-7

We extract all archives..

tar -xjvf httpd-2.4.25.tar.bz2
tar -xjvf apr-1.4.2.tar.bz2
tar -xzvf apr-util-1.4.1.tar.gz

Move the apr extracted folders
mv apr-1.4.2 httpd-2.4.25/srclib && mv apr-1.4.1-util httpd-2.4.25/srclib

And we create some symbolic links before moving to the correct folder.

cd /root/apache/httpd-2.4.25/srclib
ln -s apr-util-1.4.1 apr-util
ln -s apr-1.4.2 apr
cd ..

We might also need to install any required library, for examples:
pcre-7.8-7.el6.x86_64
pcre-devel-7.8-7.el6.x86_64f

# yum install -y pcre pcre-devel

Containing the Perl compatible regular expression library

And we need also to have installed and updated openssl and openssl-devel

Otherwise the “pre-check” will fail.

After that we are ready to compile and specify our path to be /usr/local/apache2.4.25
What we want is installing all configuration files, libraries, modules and binaries in this path. This comes handy if we want to run another version or backup/remove this one.

So we chdir to /root/setups/apache/httpd/httpd-2.4.25 and run

./configure --prefix=/usr/local/apache2.4.25 --exec-prefix=/usr/local/apache2.4.25 --enable-ssl --enable-so --with-included-apr;make;make install

This will take some minutes depending on the system…

After the build process is successful we check that any library is copied from /root/apache/httpd-2.4.25/srclib/ to /usr/local/apache2.4.25/lib

Afterwards we can create a SysV init script in /etc/init.d called “httpd-2.4.25” or whatever we like. Note that In CentOS 6.x systemd is not yet the default init system.

Now before starting the web server, if we have the configuration files from a previous 2.2.x version, we need to make some modifications as there are changes in several Apache directives in the 2.4 version. These are described in the sites below:

https://www.digitalocean.com/community/tutorials/migrating-your-apache-configuration-from-2-2-to-2-4-syntax
https://httpd.apache.org/docs/2.4/upgrading.html

Note that if you want to run two different versions of the Apache web server, at least for a while, you don`t only need to specify a different HTTP or HTTPS port, but also to change the PID file, otherwise the new version will refuse to start stating that it is already started.

The directive to change is (in the httpd.conf file) PidFile
for instance
PidFile /var/run/httpd2.4.25.pid

That`s it! I hope you have found it useful.

References

How to Install Apache 2.4.2 from Source on CentOS 6.2 with SSL


https://www.digitalocean.com/community/tutorials/migrating-your-apache-configuration-from-2-2-to-2-4-syntax
https://wiki.apache.org/httpd/RewriteLog
https://httpd.apache.org/docs/2.4/upgrading.html

Transferring Data with BBCP

Rsync is a quite known utility if we want synchronize data between two nodes or even between two folders in the same system, and of course also used for backup purposes. Its main peculiarity is that it sends only incremental changes; for instance, if you get a connection drop when using classic FTP you typically have to re-send the entire folder or file, but with this tool you re-run it again and it will start from where it left.

However Rsync is not so good if you want speed and it doesn`t have any multithreaded capability; so if you have GBs or even 1 TB of data to transfer it can be quite slow in the end.
To overcome these drawbacks you can use BBCP, which is a point-to-point network utility written by Andy Hanushevsky at  SLAC with the goal to get close to the line speed in a LAN or WAN connection.

You don’t need any server listening or any SSH daemon, but you have to make sure bbcp is installed and in the PATH in BOTH systems.

Assuming GIT is installed, below are the steps to install it:

$ git clone http://www.slac.stanford.edu/~abh/bbcp/bbcp.git

 

$ cd bbcp/src
Linux
$ make

 
The pre-requisites are:

GNU C++ compiler
Zlib library
Pthreads library

 

Some examples of usage are:

bbcp -P 2 -V -w 8m -s 16 /local/path/bigfile.tar remotesystem:/remote/path/bigfile.tar

-V verbose output
-P 2 display progress every two seconds
-s 16 create 16 parallel network streams (or threads)
-w sets to 8 MB the size of the disk input/output (I/O) buffers

 

To transfer a directory just use the -r option (it stands for recursive of course).

bbcp -r -P 2 -V -w 8m -s 16 /local/path/* remotesystem:/remote/path

To resume files in case of a lost connection add the -a and -k switch.

bbcp -r -k -a -P 2 -V -w 8m -s 16 /local/path/* remotesystem:/remote/path

If a firewall is blocking the communication between source and destination, use the -z option

bbcp -P 2 -V -w 8m -a -k -z -s 16 /local/path/bigfile.tar remotesystem:/remote/path/bigfile.tar

 

I have tested BBCP only on Linux, but it should be possible to compile it and install it in all major UNIX systems. The Windows platform  is not supported.

Resources:
http://www.slac.stanford.edu/~abh/bbcp/
http://pcbunn.cithep.caltech.edu/bbcp/using_bbcp.htm
https://www.olcf.ornl.gov/kb_articles/transferring-data-with-bbcp/

 

vSphere Web Client 6.0 permissions troubles

One of the VMware strategies seems to be phasing the vSphere standalone client out,  in favour of the Web Client. Moreover some tasks in the traditional client are now not available and can only be performed from the Web Client; for details see the KB 2109808.

This process is not exempt from some problems; in particular upgrading to vCenter or VMware VCSA (vCenter Server appliance) 6.0  can bring unexpected  issues or inconsistencies between the two clients with regard to permissions.
Mainly the permissions set on the vSphere client will continue to work, but they will stop on the Web Client. For instance a common issue through the Web Client, is getting an empty inventory if not using an account with an administrative role.
Some examples of issues are described in the KBs After upgrading to VMware vCenter Server Appliance 6.0 users are unable to view the inventory in the vSphere Web Client (2125628), Users are unable to power on virtual machine with the Virtual Machine Power User role in vCenter Server 6.0 (2119161) and Inventory objects fail to display in vSphere Web Client 6.0 (2144934).

In my case after the Virtual Center was upgraded to vCSA 6.0.20000 the traditional way of assigning permissions continued to work in the “classic” vSphere, but a no administrative user could not even see its virtual machines in the web client. As that account belongs to a team of developers it would be definitively not OK to just grant them administrative permissions.

There might be an easier solution than mine, but to  make the long story short, what was needed to be done in order to solve this odd issue was:

A)Their account had to be recreated under the administrative local domain vsphere.local
B)The process of granting permissions had to be done from the top level on the DataCenter, Storage and VM folders and in a propagating way.
C)The most tedious part was then to remove access to objects they should not get to by setting “no access” on the relative VM folders and especially on each single virtual machine not part of their job. Here the read only access was not an option, since they should not see servers belonging to other teams.

Update (12-11-2016):

Always refering to the Web Client the process of granting granular permissions seems to work with no particular hassles when using an Active Directory Account or group; for instance when having to grant a team permissions to clone only specific virtual machines, it was necessary to set their role with the permissions described here and then make sure that the same group is added to the cluster, datacenter and vcenter objects (be careful to not propagate on this objects).