The purpose of this document is to provide comprehensive
information on how to prepare Linux and Unix servers for the installation of H-Sphere
components by the Positive Software team or by customers themselves.
It covers the following topics:
Note: We don't install H-Sphere on live servers and we
don't take responsibility if your functional services go down
during the H-Sphere installation.
Supported Operating Systems
Before requesting H-Sphere installation, make sure
to install one of the following 32-bit operating systems. We don't support installations on 64-bit architecture OS.
Fresh installs are not performed but existing installations are supported
4.11
** H-Sphere 2.4.3 RC 2 and up for all servers, including CP server
H-Sphere 2.4.2 - 2.4.3 RC 1 for all servers, except for CP server
5.3
*** H-Sphere 2.4.2 and up for all servers, except for CP server
5.4
*** H-Sphere 2.4.3 Patch 1 and up for all servers, except for CP server
WARNING:
* H-Sphere versions before 2.4 are no longer supported!
We only perform updates from these versions to the latest stable H-Sphere version. ** Starting with version 2.4.3 RC 2 H-Sphere includes Java 1.4.2 for FreeBSD 4.x.
Now CP server can be installed on FreeBSD 4.x. In H-Sphere versions earlier than 2.4.3 RC 2, we don't recommend
installing CP server on FreeBSD 4.x due to some problems with Java 1.3.1 implementation *** Don't install CP server on FreeBSD 5.x! FreeBSD 5.x does not provide proper support for Java!
If you are going to install H-Sphere to only one computer,
make sure it is at least Pentium III, 500MHz CPU and 512MB RAM.
This will allow to host only a small number of customers. Adding
SiteStudio will require at least 1000MHz CPU and 1GB RAM.
Single-Server and Multi-Server Installation
General Considerations
H-Sphere can be installed on one or more servers. The required number of
servers and their hardware configuration will largely depend
on the number of accounts you are planning to host,
Web and mail quotas, traffic load and other related factors.
Here are some general considerations common to H-Sphere server environment:
We recommend installing Control Panel (CP) to a separate server.
It is also acceptable to install one DNS server
to the CP server box, for example, if you are planning 2-server installation.
You must not install PostgreSQL hosting service on the same box with
Control Panel, as the latter requires a separate PostgreSQL server for its system database.
You can have several DNS servers on one box.
However, for multiserver H-Sphere installation,
you should install each DNS server on a separate box.
The best solution is to have two DNS servers on separate boxes.
More on DNS servers
We advise installing mail server on the same box with MySQL server, as mail server
requires its own MySQL database.
It is reasonable to allocate separate physical servers for the most resource-consuming services.
Usually, these are Web and mail servers, but sometimes it may be MySQL and PostgreSQL.
According to these recommendations, the following 4-server installation
may be an optimal solution:
Server 1: Control Panel (with the system PostgreSQL database);
Server 2: Web1 + DNS1;
Server 3: Mail + MySQL1 (user DB) + DNS2;
Server 4: PostgreSQL (user DB) + MySQL2 (user DB).
Later on, you may add more boxes to your system, as your needs grow:
Server 5: Web2;
Server 6: Mail2 (with its own MySQL DB);
...
Sample 1/2/3-Server Configurations
Below are sample 1/2/3-server H-Sphere installations
with preferable partitioning schemes outlined.
One Server Installation
Two Server Installation
Three Server Installation
Single-server installation includes Control Panel, DNS, Web, mail, and MySQL services.
The PostgreSQL hosting service isn't included
because of the H-Sphere system PostgreSQL database.
Make sure you have at least two IPs available,
because some features (like OpenSRS) require at least two DNS servers.
More on Single DNS
Examples:
40GB HDD:
/ root partition (/etc, /tmp, /root) - 1-3 GB /usr - 3-5 GB /var - 5-7 GB for mail and MySQL files /hsphere (or /home - see HDD Partitioning)
- the remaining disk space for H-Sphere installation and Web hosting.
80GB HDD:
/ root partition (/etc, /tmp, /root) - 2-6 GB /usr - 6-10 GB /var - 10-15 GB for mail and MySQL files /hsphere (or /home - see HDD Partitioning)
- the remaining disk space for H-Sphere installation and Web hosting.
120+ GB HDD:
/ root partition (/etc, /tmp, /root) - 3-10 GB /usr - 10-20 GB /var - 15-30 GB for mail and MySQL files /hsphere (or /home - see HDD Partitioning)
- the remaining disk space for H-Sphere installation and Web hosting.
The more users you are planning to have, the more disk space is required. If
you want to have SiteStudio, it will also be installed onto this
partition. However, this will require at least 512 RAM and a 500MHz processor.
In addition, you can create a separate mail partition
for the H-Sphere mail system. Its size will depend on your mail
quotas for users and the number of mailboxes.
Consider the following partitioning scheme for the two-server configuration:
1) Control Panel + DNS2:
The partitioning requirements are similar to those for
one server installation. This box will have the H-Sphere control panel,
the system database, DNS server, and SiteStudio (optional).
2) Web + Mail + MySQL + PostgreSQL + DNS1:
/ - 1-3 GB /usr -3-5 GB /var - 5-7 GB for mail and MySQL files. /hsphere - takes the rest of the space for
Web content and is the biggest partition.
Consider the following partitioning
scheme for a three-server configuration:
1) Control Panel
The partitioning requirements are the similar to those for the
one server installation. This box will have the H-Sphere control panel,
the system database, and SiteStudio (optional).
2) Web + DNS2:
/ - 1-3 GB /usr - 3-5 GB /var -3-5 GB /hsphere - takes the rest of the space and is the biggest partition.
3) Mail + DNS1 + MySQL + PostgreSQL:
/ - 1-3 GB /usr - 3-5 GB /var - takes the rest of the space for mail and MySQL files.
HDD Partitioning
H-Sphere is installed to the /hsphere directory.
We recommend dedicating a separate partition for the H-Sphere installation directory and
and mount it as /hsphere.
# mkdir -p /hsphere
# chmod 755 /hsphere
H-Sphere directory can be located on any other partition as well. However, we do not recommend installing
H-Sphere to the root / partition. Having H-Sphere on the root partition may cause certain problems.
For instance, if disk quota gets damaged, you cannot repair it without server reboot and fsck check
in the single user mode.
If your H-Sphere installation directory is to be located on another partition, for example, /usr/hsphere
on the /usr partition, the /hsphere symlink to this directory must be anyway created:
Important:
Do not create /hsphere as a symlink to another partition on servers with FreeBSD 5.3 and up!
Allocate the separate /hsphere partition instead!
There are no more requirements to partitioning the servers, just
make sure there is enough disk space to store user and other H-Sphere
data.
Required Components and Configuration
Prior to the installation, make sure your server has
the following:
OpenSSH
Install OpenSSH package on each H-Sphere box.
You can use standard RPMs under Linux or packages under FreeBSD.
Usually, the standard Linux and FreeBSD installations contain
the OpenSSH package, you can use it without any restrictions.
However, we recommend to update the package to the last version.
SSH keys need to be configured under the cpanel user.
To enable Permit Root Login, open file /etc/ssh/sshd_config
and uncomment the line:
PermitRootLogin yes
Make sure PermitRootLogin is set to yes. Then restart SSH:
Enable the OpenSSH daemon start at server startup.
Start the OpenSSH daemon.
Disk Quota
Enable the disk quota feature on each H-Sphere web server. There is no need to enable it
on other servers. To enable disk quota:
Log in as root.
Insert the usrquota directive (userquota for FreeBSD) into the /etc/fstab file
for the corresponding partition.
On Linux, it must look similar to this:
Execute the following commands: quotaoff /partition_with_userquota_enabled mount -o remount /partition_with_userquota_enabled
(Linux only, skip this line with FreeBSD) rm -rf /partition_with_userquota_enabled/aquota.user
/partition_with_userquota_enabled/quota.user quotacheck -mufv /partition_with_userquota_enabled(Linux) quotacheck -guv /partition_with_userquota_enabled(FreeBSD) quotaon /partition_with_userquota_enabled
[-]
If quotacheck returns the error: quotacheck: Cannot get quotafile name for /dev/xxx
Do the following:
1) # touch /partition_with_userquota_enabled/aquota.user
2) # quotacheck -m /partition_with_userquota_enabled
and ignore the message: "quotacheck: WARNING - Quotafile /partition_with_userquota_enabled/aquota.user was probably truncated.
Can't save quota settings..."
3) quotaon /partition_with_userquota_enabled
FreeBSD web server installations: Enable disk quota in the kernel configuration.
Also, in /etc/default/rc.conf set:
enable_quotas="YES"
Root Partitions: we don't recommend enabling the disk quota feature on root partitions.
Use other partitions for this! Therefore, we advise not to place H-Sphere files on the root partition.
Quotacheck: quota versions can have some differences on different OSs.
You may need to execute the quotacheck command with some additional parameters.
Please read the command manual before performing this action.
Ports (Firewall Configuration)
In your firewall settings, open the following ports in both directions and
specify the connection type - tcp or udp or both.
We need that firewall be configured by our customers.
Pix firewall doesn't work correctly with H-Sphere and SiteStudio, because
it doesn't allow servers within one H-Sphere cluster to communicate by external IPs, which is critical
for both products.
SOAP (Simple Object Access Protocol) serves data communication between
Control panel and Windows servers.
tcp between H-Sphere servers
tcp
tcp
* For highest security, open:
- udp permanently;
- tcp worldwide during H-Sphere installation and post-installation tests;
- tcp between H-Sphere DNS servers permanently.
** Open these ports only if you want to use Mail SSL.
Note: In the above table, all ports should be opened for external connections
unless specified otherwise (for example, "tcp between H-Sphere servers").
DNS Server Notes:
1. Port 953 (rndc) should be open for localhost only if your DNS server is using BIND 9.x.
2. If your DNS server is using BIND 8.x, it can be
upgraded to run with H-Sphere, but old domains would still have to
be managed by hand. Please agree your DNS server upgrade with
our installation team.
* As of now we don't provide support for Reverse DNS configuration.
Perl
H-Sphere installation script is written in Perl, therefore Perl is required on each box.
To check if Perl is installed, run:
perl -V
Caution: Do not update or change any configuration to your system Perl, as it will most likely
damage your H-Sphere installation.
