22.1 HP ObAM-Apache Web Server
HP-UX CSE(c) Official Study Guide and Desk Reference
Authors: Keenan C.
 Published year: 2006
 Pages: 291/434
Buy this book on amazon.com >>
     

22.1 HP ObAM-Apache Web Server

The Object Action Manager framework has given us excellent system management tools, such as SAM, in the past. Recently, the number of tools that have come under the ObAM umbrella has increased; we have seen Partition Manager and Service Control Manager (up to version 2.5) to name but two.

The implementation of the Apache Web server for ObAM is located under the /usr/obam/server directory. This is the ServerRoot ; the top-level directory under which the server's configuration, error, and logfiles are kept. Whenever I reference a directory name, I reference it as a subdirectory under ServerRoot . The daemon process for the ObAM-Apache Web server is the process httpd . The configuration file for the daemon is conf/httpd.conf . The configuration file works straight out of the box for just about any installation. The ObAM-Apache Web server is simple and straightforward; it doesn't have many Dynamic Shared Modules and doesn't come with encryption capabilities (SSL = Secure Sockets Layer), so we don't need to worry about digital certificates and the like. The main issue we experience when trying to start up the ObAM-Apache Web server is that it starts up only if we have DNS configured. Part of the configuration file allows access to the Web server only if your node belongs to a DNS domain. It achieves this by using an Allow directive that limits who has access to this server: 





root@hpeos002[conf] #

pwd

/usr/obam/server/conf

root@hpeos002[conf] #

more httpd.conf

#

# Controls who can get stuff from this server.

#

    Order allow,deny



# Change below to reflect domains that may access this server.

# This greatly increases security if it is used.  System names may be

# inserted instead of domain names in order to restrict access to a set

# of specifice systems: Allow from <system1>{ <system N>}*.  Remember to

# restart (#/usr/obam/server/bin/apachectl restart) the server after changing

# anything in this file.


Allow from insert_domain_here


AuthName "HPUX Administration Tools"

    AuthType Basic

</Directory>



#

# DirectoryIndex: Name of the file or files to use as a pre-written HTML

# directory index.  Separate multiple entries with spaces.

...

root@hpeos002[conf] #






The first time we run the startup script

/sbin/init.d/webadmin start

, it fills in the domain name with the domain name it finds inside

/etc/resolv.conf

. It fails if we do not explicitly configure the

domain

keyword, even though it is not technically required if you have a

searchlist

. First, we set up the startup configuration file to ensure that the

httpd

processes start at boot time:







root@hpeos002[conf] #

vi /etc/rc.config.d/webadmin

#!/sbin/sh

# $Header: /kahlua_src/web/server/etc/webadmin 72.1 1999/09/16 03:51:04 lancer E

xp $

# WebAdmin application server configuration.

#

# WEBADMIN:             Set to 1 to start the WebAdmin application server.

#

WEBADMIN=1

root@hpeos002[conf] #






And then we can attempt to start the daemons:







root@hpeos002[conf] #

/sbin/init.d/webadmin start

ERROR: No domain is defined in /etc/resolv.conf

root@hpeos002[conf] #






As you can see, this seems

strange

, even though DNS is configured and working.







root@hpeos002[conf] #

nslookup hpeos002

Name Server:  hpeos004.maabof.com

Address:  192.168.0.35



Trying DNS

Name:    hpeos002.maabof.com

Address:  192.168.0.34



root@hpeos002[conf] #

cat /etc/resolv.conf

search maabof.com

nameserver 192.168.0.35 # master

nameserver 192.168.0.34 # slave

root@hpeos002[conf] #






It's a minor thing, but one worth knowing. Once we define our

domain

in

/etc/resolv.conf

, we have no trouble setting up the daemons:







root@hpeos002[conf] #

vi /etc/resolv.conf


domain maabof.com

search maabof.com

nameserver 192.168.0.35 # master

nameserver 192.168.0.34 # slave

root@hpeos002[conf] #

/sbin/init.d/webadmin start

/usr/obam/server/bin/apachectl start: httpd started






We can now see what the

webadmin

startup script has inserted into my

httpd.conf

file:







root@hpeos002[conf] #

more httpd.conf

...

# restart (#/usr/obam/server/bin/apachectl restart) the server after changing

# anything in this file.


Allow from maabof.com


AuthName "HPUX Administration Tools"

    AuthType Basic

</Directory>

...

root@hpeos002[conf] #






This limits access to this Web server to machines inside my domain. If you don't have DNS configured but still want to start up the ObAM-Apache Web server, then a workaround is to edit the

httpd.conf

file directly (keep a backup copy beforehand). The default text the

/sbin/init.d/webadmin

script is looking for is

Allow from insert_domain_here

. If you change that to simply say

Allow from all

, the startup script will not even check for the existence of

/etc/resolv.conf

.







root@hpeos002[conf] #

vi httpd.conf

...

# Change below to reflect domains that may access this server.

# This greatly increases security if it is used. System names may be

# inserted instead of domain names in order to restrict access to a set

# of specifice systems: Allow from <system1>{ <system N>}*. Remember to

# restart (#/usr/obam/server/bin/apachectl restart) the server after changing

# anything in this file.


Allow from all


AuthName "HPUX Administration Tools"

    AuthType Basic

...

root@hpeos002[conf] #






This does have a security

implication

in that

any

machine on your network can browse to this Web server. You could put in a list of hostnames, as you can see in the comments in the file. Some people would say that because you are not participating in a DNS network, it is highly

unlikely

you will be connected to the external Internet. I can see their point, but you need to appreciate and accept that before enabling this.




If you are going to make any changes to the

httpd.conf

file, you should check the syntax of the

httpd.conf

file (using the

/usr/obam/server/bin/apachectl

command) before restarting the

httpd

daemons. Anything other than a

Syntax OK

from a

configtest

normally stops the daemons from starting up.







root@hpeos002[conf] #

../bin/apachectl configtest

Syntax OK

root@hpeos002[conf] #

../bin/apachectl restart

../bin/apachectl restart: httpd restarted

root@hpeos002[conf] #






By default, the ObAM-Apache Web server starts up four

httpd

daemons:








root@hpeos002[conf] #

ps -ef  grep httpd

root  4428  4100  3 13:44:03 pts/0     0:00 grep httpd

webadmin  4425  4421  0 13:43:11 ?         0:00 /usr/obam/server/bin/httpd -f /usr/obam
graphics/ccc.gif
/server/conf/httpd.conf

    root  4421     1  0 13:43:11 ?         0:00 /usr/obam/server/bin/httpd -f /usr/obam
graphics/ccc.gif
/server/conf/httpd.conf

webadmin  4424  4421  0 13:43:11 ?         0:00 /usr/obam/server/bin/httpd -f /usr/obam
graphics/ccc.gif
/server/conf/httpd.conf

webadmin  4423  4421  0 13:43:11 ?         0:00 /usr/obam/server/bin/httpd -f /usr/obam
graphics/ccc.gif
/server/conf/httpd.conf

webadmin  4422  4421  0 13:43:11 ?         0:00 /usr/obam/server/bin/httpd -f /usr/obam
graphics/ccc.gif
/server/conf/httpd.conf

root@hpeos002[conf] #






The

StartServers

directive in the

httpd.conf

file controls this:







root@hpeos002[conf] #

vi httpd.conf

...

#

# Server-pool size regulation. Rather than making you guess how many

# server processes you need, Apache dynamically adapts to the load it

# sees --- that is, it tries to maintain enough server processes to

# handle the current load, plus a few spare servers to handle transient

# load spikes (e.g., multiple simultaneous requests from a single

# Netscape browser).

#

# It does this by periodically checking how many servers are waiting

# for a request. If there are fewer than MinSpareServers, it creates

# a new spare. If there are more than MaxSpareServers, some of the

# spares die off. The default values are probably OK for most sites.

#

MinSpareServers 1

MaxSpareServers 4



#

# Number of servers to start initially --- should be a reasonable ballpark

# figure.

#


StartServers 4


#

...

root@hpeos002[conf] #






Now that the daemon processes are running, we should be able to browse to the default Web page. Before we do that, we need to know the port number that the

httpd

daemons are listening on. Unlike the normal Apache configuration (which listens on port 80), the ObAM-Apache configuration listens on a non-standard port number = 1188:







root@hpeos002[conf] #

vi httpd.conf

...

#

# Port: The port to which the standalone server listens. For

# ports < 1023, you will need httpd to be run as root initially.

#


Port  1188


...

root@hpeos002[conf] #






The last piece of information we need to know is whether there is a default Web page to view once we get there. The location of documents sourced by the daemons is controlled via the

DocumentRoot

directive:







root@hpeos002[conf] #

grep DocumentRoot httpd.conf

# DocumentRoot: The directory out of which you will serve your


DocumentRoot "/opt/webadmin"


# This should be changed to whatever you set DocumentRoot to.

#    DocumentRoot /www/docs/host.some_domain.com

root@hpeos002[conf] #

root@hpeos002[conf] #

ll /opt/webadmin

total 4

dr-xr-xr-x   3 bin        bin           1024 Aug 21  2002 jpi

drwxr-xr-x   3 root       sys             96 Aug 21  2002 mx

dr-xr-xr-x   3 bin        bin             96 Aug 21  2002 obam

dr-xr-xr-x   4 bin        bin           1024 Aug 21  2002 parmgr

root@hpeos002[conf] #






The default page that the Web server displays is controlled by the

DirectoryIndex

directive. Normally, this defaults to a file called

index.html

.







root@hpeos002[conf] grep DirectoryIndex httpd.conf

# DirectoryIndex: Name of the file or files to use as a pre-written HTML


DirectoryIndex index.html


root@hpeos002[conf]






As you can see, there is much in the way of an

index.html

file in our

DocumentRoot

directory, so if we were to browse to http://www.maabof.com:1188/, we probably wouldn't see very much except some directory names (see Figure 22-1).






Figure 22-1. No default web page for ObAM-Apache Web server.


graphics/22fig01.gif






As you can see, this isn't particularly interesting. The applications that use the ObAM-Apache Web server put their own Web pages under

DocumentRoot

. One of those applications is Partition Manager:







root@hpeos002[conf] #

ll /opt/webadmin/parmgr

total 50

-r--r--r--   1 bin        bin             69 Dec 17  2001 .htaccess

dr-xr-xr-x   2 bin        bin           2048 Aug 21  2002 graphics

dr-xr-xr-x   3 bin        bin             96 Aug 21  2002 help

-r--r--r--   1 bin        bin           1151 Dec 17  2001 index.html

-r-sr-xr-x   1 root       bin          16384 Dec 17  2001 startParMgr.cgi

-r--r--r--   1 bin        bin           3774 Dec 17  2001 web_launch.html

root@hpeos002[conf] #






As we can see in Figure 22-2, there is an

index.html

file in this directory, so we should see a Web page if we browse there:






Figure 22-2. Partition Manager's default Web page.


graphics/22fig02.gif






Likewise, for any other applications that will make use of this simple Web server, e.g., Service Control Manager (up to version 2.5), we can navigate to

http://<server>:1188/mx/

. These applications require a plug-in to be applied to your local Web browser. This can be obtained via the main Web page itself. For Partition Manager (see above), the icon to press would be Configure Browser. From that page, there are instructions on how to download the plug-in and configure it for your browser (see Figure 22-3):






Figure 22-3. ObAM-Apache browser plug-in.


graphics/22fig03.jpg






Once configured, you can continue to use the browser to manage that particular application.































							

	

	

							






HP-UX CSE(c) Official Study Guide and Desk Reference

Authors: Keenan C.

Published year: 2006

Pages: 291/434		














Buy this book on amazon.com >>




	
	

	

		
	

	

		

			

	

		

	

	

		

			
			
		

		
	

	

	




	

		

			
Similar books