Enabling GPM

Note: You are going to want to have GPM enabled for this if you are just using Ubuntu Server. GPM will allow you to copy and paste output from the terminal using your mouse.

sudo apt-get install gpm
sudo /etc/init.d/gpm start

Mod_Rails

To Start the installation of passenger after it has been installed via the gem run the following command:

sudo passenger-install-apache2-module

This will commence the user-friendly installer created by the Phusion team. My hats off to Phusion for making something so incredible sexy.

Run the following command in a new terminal (Alt-F2):

sudo vim /etc/apache2/apache2.conf

Scroll down the page the bottom of the configuration file and right about the "# Include of directories ignores editors" add the following from the output of the passenger install screen. Copy YOUR output NOT mine.

LoadModule passenger_module /usr/lib/ruby/gems/1.8/gems/passenger-1.0.5/ext/apache2/mod_passenger.so
RailsSpawnServer /usr/lib/ruby/gems/1.8/passenger-1.0.5/bin/passenger-spawn-server
RailsRuby /usr/bin/ruby1.8

NameVirtualHost *:80

Now that you are done with the passenger install we need to take our rails app and create a virtual host for this app. To do that run the following command.

sudo vim /etc/apache2/sites-available/test

Once the file is open for editing add the following but change the parts specific to your application.

Note: The ServerName MUST be resolvable and resolve to the host that the application is running on.

<VirtualHost *:80>
    ServerName test.demo.rails
    DocumentRoot /var/rails/test/public
</VirtualHost>

Now that the virtual host is created and we dont need the default page anymore we can enable the test app vhost and disable the default vhost.

sudo a2dissite default
sudo a2ensite test

Creating Test Application

First things first we want to make the directory that all the rails apps we will be using will be stored.

sudo mkdir -p /var/rails
cd /var/rails

Now we want to create the rails skeleton and hand the permissions over to the apache web server.

sudo rails test
sudo chown -R www-data:www-data test

Once this is complete we are now ready to start the customization of the application and setting up the databases.

Setting Up MySQL

We want to login to the mysql database using the root account and the password we set earlier.

sudo mysql -p
--Enter Password--

There are many parts of MySQL which I do not like, like their user management. It is a poor way to manage access to the database. That being said it still is one of the more popular databases and it has a smaller memory footprint than PostgreSQL.

Creating the Databases

mysql> CREATE DATABASE test_development;
mysql> CREATE DATABASE test_test;
mysql> CREATE DATABASE test;

Creating a User and Setting the Password for the test database

The code listed below will add a user called "testapp" with the password "testpass", I recommend that you make your passwords extremely complex. For example a 16 character password would work wonderfully because it is stored in the database.yml so you dont need to memorize it.

mysql> GRANT all privileges ON test_development.* to testapp@"localhost" IDENTIFIED by 'testpass';
mysql> GRANT all privileges ON test_test.* to testapp@"localhost" IDENTIFIED by 'testpass';
mysql> GRANT all privileges ON test.* to testapp@"localhost" IDENTIFIED by 'testpass';

This command below will flush the privileges so that the access levels we just added will take effect.

mysql> FLUSH PRIVILEGES;

Configuring Rails App To Connect To the Database

Now that the database is configured properly we need to tell the rails app we created about the database. This is all done in the database.yml file.

cd /var/rails/test/config
sudo vim database.yml

Now that we are editing the database.yml file, you want to make you file look as follows...

login: &login
  adapter: mysql
  username: testapp
  password: testpass
  socket: /var/run/mysqld/mysqld.sock

development:
  <<: *login
  database: test_development

test:
  <<: *login
  database: test_test

production:
  <<: *login
  database: test

Last Minute Tricks...

Passenger does not like the .htaccess file to be in the public directory of the rails app. To remove this file just run the following command.

sudo rm /var/rails/test/public/.htaccess

Testing the Test Application

Now we have setup passenger to point at our rails app and we have to just restart the webserver.

sudo /etc/init.d/apache2 restart

Edit the /etc/hosts file on your client computer if you do not have DNS setup and add the following line.

SERVER_IPADDRESS test.demo.rails

Now open a web browser and type in the URL specified in the hosts file.

You should see the default "Welcome to Rails" screen

Status Checklist

Should Be Completed

• Installed All Packages/Gems
• Installed Passenger
• Setup Apache 2.2.8 to use Passenger
• Created Test Rails App
• Created Databases
• Configure Test Rails App To Use MySQL Database
• Test Rails App is Functioning

Left To Do

• SSH Goodies
• Reader Suggestions

SSH Goodies

This section pertains to ssh security and best practices. SSH is a very important service that is run on any server and must be configured properly in order to be secure. By the end of this section you should have a "more secure" server that can securely be accessed via your computer using RSA encrypted SSH keys instead of passwords.

Creating Keys on your Client

This is a very simple process, all you need to do is run one command.

ssh-keygen

Now that this is running you will want to accept the default location to save your keys and type a password when prompted. This will password protect your keys for added security. You output should look as follows.

Generating public/private rsa key pair.
Enter file in which to save the key (/home/rvalente/.ssh/id_rsa): 
Created directory '/home/rvalente/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/rvalente/.ssh/id_rsa.
Your public key has been saved in /home/rvalente/.ssh/id_rsa.pub.
The key fingerprint is:
60:8e:b1:4c:cd:df:4d:82:b2:c4:05:97:0b:1b:56:fd rvalente@ubuntu

Now all you need to do is copy this key from your client machine to you server as follows. Make sure you use the account on your server instead of the account I list below.

scp .ssh/id_rsa.pub SERVER_IPADDRESS:.ssh/authorized_keys

Once that process completes then turn off password authentication on your ssh server. You do that but opening your /etc/ssh/sshd_config and changing this line.

#PasswordAuthentication yes
PasswordAuthentication no

That is it, now your server will use keys for authentication only.

Last but Not Least

I will be writing a part three of this guide for the capistrano/git version control and automation of a rails server. Since there are not many complete guides and they stop before the actual system administration occurs. Before I do this part three I want reader input for anything that you would like to see on top of the capistrano recipes and version control topics. Any input is greatly appreciated.

Thanks for reading!

-Ron

Installation of Software

First thing before we start installing anything on this machine we must update the server. This is very simple with Ubuntu, it is two simple commands and you are all set. You only need to reboot the machine if a kernel was installed.

sudo apt-get update
sudo apt-get dist-upgrade

Now that the machine is updated we must install some essential tools in order to build software on this server. Once we are done with the setup it would be a good idea to remove these tools to increase security on our server.

sudo apt-get install build-essential

Now we are all set with the preparation of the server and we can start installing the software we need to get going.

Web Server

For the web server I chose to use Apache 2 because of the new Passenger gem or (mod_rails). This gem is great because of the simplicity to deploy new applications.

sudo apt-get install apache2 apache2-dev

Database Server

The database server that should be used is completely up to your preference. My recommendation is PostgreSQL. PostgreSQL is a very robust and fast database server that is rock solid. It does use a lot of resources so for Slicehost it may not be the best choice. A major player for a slim and fast database for Slicehost should be SQLite3. It is a wonderful database and should be thrown out so quickly because of its lack of a client/server architecture.

For this tutorial I will install MySQL because of its popularity with the Rails community.

sudo apt-get install mysql-server

When prompted enter a root password, make this complex and write it down.

Version Control

Git is the most sexy version control system every created. I will never look back to subversion again. Now that capistraon and redmine both support git I have no reason to even thing about those awful three letters.

To install git is yet another apt-get command away. Run the following command in the terminal of your new server.

sudo apt-get install git-core curl gitweb

gitweb is an optional web frontend for your applications. I do not use it because I use GitNub a RubyCocoa application for the Mac.

Once that finishes git is completely installed and ready to go.

Ruby

Installing Ruby on Ubuntu 8.04 is quite simple. Just another apt-get and you are all set... almost. Since the inception of Ruby 1.9.0 distributions have been naming the current stable release of ruby "ruby1.8" That being said we will make a couple symlinks.

Ruby 1.8.6

To install all the tools you will want on this server run the following command:

sudo apt-get install ruby1.8 ruby1.8-dev rdoc1.8 ri1.8 libopenssl-ruby1.8

Rubygems

I refuse to install Rubygems with apt-get. This is such a terrible idea in my opinion. There is no reason to install rubygems with a package manager because it can update itself. I will go over how to update rubygems later in this howto.

wget http://rubyforge.org/frs/download.php/35283/rubygems-1.1.1.tgz
tar -xzf rubygems-1.1.1.tgz
cd rubygems-1.1.1
sudo ruby1.8 setup.rb

Optional: Once you are done with install just run the next three commands to make using gems and Rubygems just as before.

sudo ln -s /usr/bin/gem1.8 /usr/bin/gem
sudo ln -s /usr/bin/ruby1.8 /usr/bin/ruby
sudo ln -s /usr/bin/irb1.8 /usr/bin/irb

Recommended Gems

Here is a list of recommended gems that should be installed once rubygems is installed. At the very least you must install rails and passenger.

sudo gem install rails
sudo gem install capistrano
sudo gem install rspec
sudo gem install ultrasphinx
sudo gem install passenger
sudo gem install mysql

Part Two

Next week I will go over how to connect all the pieces together and get a sexy Ruby on Rails server running smoothly. I will go over configuring git on your local computer as well as setting up passenger and capistrano to function with all of the above sexy applications we just installed.

Signing Up / Making a Reservation

Currently Slicehost will let you make a reservation for the next available Slice of the size you want. They prioritize reservations on what prepayment term you commit to. The minimum being 3 months, then 6 months, 12 months, and the maximum term being 24 months. When we made our reservation we committed to a 256slice for a 12 month prepayment term. We had our Slice available within one day (the reservation page gives you an ETA on availability). Your millage will vary based on SliceHost’s current availability of hardware. Oh I should mention that a reservation is not binding, and no payment information is taken at the time of reservation.

The reason Slicehost works on a reservation system is one, they seem to be pretty popular these days, and second they do NOT over-provision their hardware. They are actually are buying new servers each week based on the reservations (there is a chance you will be placed on a vacancy on an existing server if one becomes available).

SliceManager

SliceManager is the client’s interface to the Xen back-end for maintaining their Slice. We will now through all the functions of SliceManger (it appears it was just recently updated this weekend).

First we login at http://manage.slicehost.com.

You be brought to this page once you have successfully logged in. It shows a brief overview of your current Slice(s).

Add a Slice

Under the Slices tab you can add a new Slice if you would like. I not sure if these new Slices fall under the same reservation system as when you are first signing up.
Update: Stubblechin in the comments, confirms that you jump ahead of all reservations when adding a new slice when you are already a customer.

Here are your operating system choices when creating a new Slice, Ubuntu Dapper, CentOS 4.3, Gentoo 2006.1, Debian Etch, Fedora 6. It should be noted that Ubuntu Dapper is easily upgraded to newer versions of Ubuntu via the standard Ubuntu release upgrade methods. Gentoo can be upgraded just as easy with portage.

Not much else compares to being able to add new servers (or any of the other features I’m going to show you) from the web interface with no need to contact customer support. Neat eh?

Slice Detailed

Now for a more detailed view of an individual Slice. Below shows you the first screen you will be presented with once you select a Slice. It included basic stats such as status, age, size (RAM), IP address, bandwidth used this month, and if backups are enabled.

Console

Next tab over is the console. This is probably the top feature of SliceManger and SliceHost compared to any other VPS provider. SliceManger’s console is an Ajax interface to the actual console of your Xen virtual host (Slice). This means if you somehow manage to lock yourself out of your Slice via SSH you can log in and use the console to fix whatever you broke (I’m guilty of having to do this on a few occasions). No support calls needed if you lock yourself out.

I have noticed (probably because its in a web browser) that the console doesn’t support most ctrl commands like ctrl-c, so don’t do anything that will loop forever and require such a command to break out. Note: This was on a Mac with Safari or OmniWeb for a browser.

Update: Stubblechin in the comments, clarified that Firefox on Mac allows you to issues ctrl-c commands while OmniWeb and Safari do not.

Below is top running in the web based console.

Stats

Next tab is the stats tab. This allows you to pull real time statistics from your Slice. Current time, CPU percentage, CPU time, disk read/write, and network bandwidth are all included as seen below.

Backups

Slicehost offers backups of your Slice at an added cost, from the SliceHost FAQ current pricing is “$5/$10/$15/$30 for 256/512/1024/2048 slices”. This affords you three backups, a daily backup, a weekly backup and a snapshot. Currently SysAdmins’ Chronicles does not use SliceHost’s offered backup. We opted to backup our critical files to Amazon S3, see: Backup to Amazon S3, which costs us a mere 79 cents a month.

Rename

You can rename your Slice if you wish.

Reboot

Another key feature of SliceManager is that you can reboot your Slice. Since SliceHost is using Xen and Xen does have a certain amount of control inside of the Slice, we can do a Soft Reboot. This is equivalent to doing a normal reboot from inside of Slice (technically its sending a ctrl-alt-delete to the Slice). And, of course you can do a hard reboot which is equivalent to powering off the Slice and then back on again. Again no need to call customer support for what at other companies is often a charged for support item.

Resize

So you decide to sign up for a small 256 Slice to test out the service, you start to implement various services, and you find you do not have enough RAM, bandwidth or hard drive capacity, well normally you would look at recreating the system you just setup. With Slicehost they offer the ability to upgrade or resize your Slice. This can be done without any data loss on your current Slice and only requires minimal downtime.

Rescue

If you totally botch your system to a point where even console access is not going to help you, you can just rescue your Slice. This is equivalent to booting off a Linux rescue CD on a traditional system. It will boot your Slice into a rescue environment with your Slice’s hard drive mounted, so you can hopefully fix what is broken.

Rebuild

If rescuing your Slice does not work, with SliceManger you can always just rebuild. This is a fresh operating system install that overwrites all existing data. Another instance where you want to rebuild your Slice is if you decide to change Linux distributions.

Delete

You can delete a Slice whenever you would like.

DNS

SliceManger also supports being a primary DNS server for any number of your domains.

Records

SliceManager supports most of the standard DNS record types, A, CNAME, MX, NS, SRV, TXT, and AAAA. There appears to be no limit on the number of records or domains that can be created.

Reverse DNS

The best part about DNS with Slicehost is that they let you set the reverse DNS record for your IP address, which seems to be a very rare feature with any service provider these days.

Help

Slicehost and it’s staff seem to be very community orientated. During working hours you can find at least one staff member in both the Campfire and IRC chatrooms. The staff there are always knowledgeable and able to check on your Slice or do other technical support items. There is also a typical ticket based support system. Response times have been very fast the couple of times I have used it (I have even received a response on a Sunday evening). Slicehost also has forums and a wiki for community use, as well as technical articles and a FAQ that is managed by the Slicehost staff.
Slicehost Forum
Slicehost Wiki
Slicehost FAQ
Slicehost Blog
Slicehost Technical Articles
Slicehost Twitter Stream
Slicehost Campfire
IRC: irc.freenode.org #slicehost

Account

Lastly, SliceManager lets you take care of the typical account items such as change your email address, password, name, billing address, and credit card information. You can view your current and past invoices and see your current balance and due date for the next bill. You can even cancel your account if you wish.

Referral

Slicehost also offers a referral program. If you have someone sign up for hosting with Slicehost using your email address or referral code and they keep there service for at least three months, depending on the size of Slice they signed up for, you will received $5/$10/$20 credited on your Slicehost account. Its not a ton of money, but it is a little incentive to get your friends or colleagues signed up.

If you are planning or thinking about signing up for Slicehost please consider using us as your referral. Either use the email address ben [ at ] unilogiclabs [ dot ] com or feel free to use the following link: Slicehost Referrer Link

Issues

I really have to nitpick to pick out problems with Slicehost. Ron and I have been extremely happy with our Slice over the past three months, and we plan to continue being a customer with Slicehost for the foreseeable future.

OS Selection

While not Slicehost’s fault, Xen does not have support any 64-bit (all Slicehost’s servers are running 64-bit CPUs and operating systems) BSD based operating system. As of right now the first BSD with 64-bit Xen support is likely to be NetBSD. NetBSD or FreeBSD would be Ron and I’s first choice (Solaris is somewhere in there too) for a server operating system. The Slicehost staff has told me that they plan to support any operating system that supports paravirtualization (see: Types of Virtulization) within Xen on a 64-bit architecture.

Network Downtime

I hate to even bring this up as it was not Slicehost’s fault, but on Thursday, 25th and Friday, 26th of Octber 2007 Slicehost’s dataceter had a distributed denial of service attack (with some or all of the attack pointed at Slicehost customers). Downtime was actually very limited, around thirty minutes each day. The Slicehost team was very responsive talking to people in their IRC and Campfire chatrooms, as well as posting updates on thier Twitter stream and at offsite.slicehost.net. Overall in my opinion the Slicehost staff handled the outage very well. I should also note that is the first time since we have signed up with Slicehost that we had a single problem, and from reports from other users, this is the first network outage as long as they have been signed up (8+ months). See: Network Trouble at the Slicehost blog for more details.

Secondary DNS

Although Slicehost has three nameservers setup for DNS, they do not offer secondary DNS hosting, which would be handy in our situation where we had our DNS setup with a different service when we first started using Slicehost (We still do actually at editdns). It also does not look like they allow domains to the transfered to secondary DNS from their primary DNS service. Additionally, I have not run across any settings in SliceManager to set the allowed IPs for such a setup.