Dedicated Server School

Webmin is a free and open source graphical system administration interface for Unix-like operating systems. In previous posts, we have explored some of the ways that you can use Webmin to make your system administration easier. We also learned how to install Webmin on CentOS. Today, we will look at another popular Linux-based operating system: Debian.

Many of the world’s dedicated servers run Debian or Debian-based distributions (such as Ubuntu). It uses “deb” packages by default, and the Webmin developers make a deb package of Webmin available for download on the project’s website.

Before you begin, you should install any necessary dependencies for Webmin:

apt-get install perl libnet-ssleay-perl openssl libauthen-pam-perl libpam-runtime libio-pty-perl apt-show-versions python

Then, follow these instructions:

1. Download the Webmin Debian package from webmin.com:

wget http://prdownloads.sourceforge.net/webadmin/webmin-1.580_all.deb

2. Install Webmin with the dpkg command:

dpkg --install webmin_1.580_all.deb

By default, dpkg will install Webmin to /usr/share/webmin, and the default username will be “root” with whatever your current root password is.

3. Open your web browser and type in your server’s default domain or ip address with the port “10000”.

http://99.999.999.99:10000/

If all goes well, you should have a working installation of Webmin on your server. For more installation information and full documentation, visit the Webmin website.

In a previous posts, we have discussed the finer points of creating custom error pages for an Apache web server installation. But what should you do if your web server is Nginx rather than Apache? The process of configuring an error page is somewhat different.

To begin, you will need to create a normal HTML document, just as you would for an Apache error page. You can make the contents of the page whatever you want. Assuming you are making a 404 Not Found error page, you should definitely include that message somewhere in the document. When you are finished, save the file to your document root. The location may vary depending on your operating system, but the default location should be something like  /usr/local/nginx/html

The next step is to edit the Ngnix configuration file and add the correct information. You may find the configuration file at this location: /usr/local/nginx/conf/nginx.conf

Find the line in the file that mentions the error code you want to change. If the line is not there, you can append it to the end of the file. It should look like this:

error_page   404  =  /404-notfound.html;

That is all it takes for a basic error page. You can add one for each error code. Whenever an error is triggered by a user, the web server will locate the file you have specified and display its contents.

For more information about error docs or the web server in general, consult the Nginx documentation.

As you welcome in the new year, now is a great time to run some basic security checks on your server to make sure it is running in top shape and continues to be a safe haven for your websites. The following five security checks are ones that you should not delay until later in the year, if you have not done them recently.

Vulnerability Scan – It may take some time, and that may be why you have delayed it, but scanning for vulnerabilities is a great preventative measure. You can ensure that your server will not be attacked because of a weakness you could have prevented.

File Integrity Check – This is a check that can also take some time, at least during the initial setup. Once you have it going, however, it will be easy to periodically recheck your file integrity.

Log File Check – It is quite possible that you have missed silent intrusions or intrusion attempts on your server. You can do a comprehensive log file sweep to find out if any nefarious activity is taking place on your server.

Web Application Updates – Check all of your server’s web applications to make sure they have the latest versions installed.  It is so easy for a hacker to find a content management system or blog with old software and launch an attack.

User Password Check – This is more of a policy enforcement than an actual check. Make sure all of your users have strong passwords. You can setup some automated system tools that will force them to create new passwords and also reject weak passwords.

2011 came and went, and you still do not have a dedicated server. There are plenty of reasons why you might not be ready for one, and we have covered some of those reasons in previous posts. But inevitably, there are some of you out there who are ready to get a dedicated server, but you are still reluctant. The following are 7 reasons why you should go ahead and take the next step.

1. Full control over your websites – No one can tell you what you can or cannot do with your sites. You can limit users however you want and expand your site or sites to the full limit of your server.
2. Choice – You can choose your operating system, software, and web tools.
3. Better security – The well-being of your server will no longer depend on the conduct of people who share it with you.
4. Truly dedicated – Just as the name implies, your entire server will be dedicated solely to your websites.
5. Save money – If you are truly ready for a dedicated server, you are probably paying more than you should for space, bandwidth, memory, and other shared hosting premiums.
6. Shell and Root access – Are you a systems geek who is not afraid of the command line? A dedicated server can be your playground.
7. Priorities – With your own server, you can prioritize CPU and memory usage and balance your server load however you want.

Webmin is a web-based system administration tool for Linux and other Unix-like servers. Webmin provides a graphical interface for many of the tasks you would normally have to perform from the command line. Best of all, it is free and open source. One task you might have trouble performing from the Linux shell is creating cron jobs. Fortunately, Webmin has a cron job module.

1. Navigate to the cron job module page
2. Click “Create a new scheduled cron job”
3. Under “Execute cron job as”, enter the username you want to run the cron job
4. Select whether you want the cron job to be active (selecting no will create it but leave it inactive until you change this setting)
5. Type the command string in the command field
6. If you have data you need sent to the command, enter it in the “input to command” field
7. Select the time you want for “when to execute”. The dropdown menu will give general times like “hourly”. Alternatively, you can use “Times and dates selected below” and setup your own schedule.
8. Optionally, setup “Date range to execute” to limit the cron job to a time period. After it expires, it will not run again.
9. Click “create” to finish.

Virtualization gained many fans in 2011. More system administrators than ever before are seeing the benefit of creating virtual machines for a variety of purposes, from sectioning off business operations to hosting virtual private servers for customers. The more virtual machines you have, the more difficult it can be to manage all of them. Fortunately, a free and open source tool called Archipel can help make the task easier.

The Archipel Project offers virtual machine management for the smallest projects (such as a single computer), the largest projects (multiple data centers), and everything in between. It works with libvirt-supported virtualization techniques, including Xen, KVM, OpenVZ, and VMware.

The web-based application includes the following features:

• real-time management, making use of the XMPP protocol, allowing virtual machines to send and receive messages
• Modular design – this makes it easily expandable
• Built-in VNC client for remote virtual machine graphical management, right within the browser
• Global connectivity – Using XMPP, servers can communicate with each other no matter where they are.
• Open Source – Released under the AGPL, Archipel is free to download, install, use, modify, and give away.

Archipel is currently in beta, but you can still download it and give it a try by visiting the project’s website.

Most MySQL users manage their databases using some type of graphical user interface (GUI), whether it is a web-based tool like phpMyAdmin or a desktop tool like MySQL Administrator. For a dedicated server system administrator, however, there are times when it may actually be more convenient to use queries in the MySQL text-only command line interface.

You can easily add and drop users from MySQL, each with a single command string. Assuming you are already logged into your server via the physical console or SSH, the first thing you need to do is login to the MySQL command interface.

# mysql -p

You will then be prompted for your MySQL password. Type it and press Enter. If the login is successful, your normal shell prompt will be replaced by the MySQL prompt:

mysql>

To add a user, type the following string at the prompt:

mysql> CREATE USER user@host IDENTIFIED BY 'password';

Replace “user” with the username you want to create and “host” with your server IP or “localhost” for the current machine.

To remove a user, type the following:

mysql> DROP USER user@host;

A new year has arrived, and this is an excellent time to consider applying any upgrades that you were putting off until the end of 2011. In some cases, you may have delayed software upgrades in order to verify compatibility with your web applications, or you may have simply delayed your upgrades to make sure you did not have any server downtime. The new year is usually a great time for transitioning, so here is a checklist you can use if you decide to upgrade.

1. Backup and Check Backups – Before you upgrade, do a system-wide backup, including databases. Then, check the backups to make sure they were completed correctly. If you somehow manage to cripple your system, you will still have all of your data on your backup device.

2. Run Virtual Machine Tests – If you have any qualms about upgrading to the latest version of a particular software package, use virtualization to test it in a safe environment. If it works in a virtual machine configured to match your server, you should be fine.

3. Schedule A Maintenance Window – Even if it is expected to be a routine upgrade with no downtime, you never know what might happen. Tell your customers ahead of time that you will be performing maintenance. If all goes well, they will only be pleasantly surprised that the maintenance had no effect on their sites or service.

4. Run Post-Upgrade Diagnostics – After the upgrade, make sure all services are functioning properly and also working together with your upgraded software the way you intended. Once you have verified all normality, you can kickoff the new year with your up-to-date software.

2011 has come and gone, and your dedicated server has survived the year. While 2012 is still fresh, it is a good idea to make some plans for the new year. Think of them as your server’s own new year resolutions.

1. Backup schedule – If your server was not already doing regular automated backups, now is the time to create a schedule for the year.
2. Upgrades – Now might be a good time to consider hardware upgrades before things get too busy in the new year.
3. System update schedule – Like backups, you should already have a schedule for regular updates, but if you do not, now is the time to establish one and plan to stick to it.
4. Major changes – People expect major changes at the beginning of a new year anyway. If you are planning to implement changes that will affect your users or customers, prepare them now and implement them within the next couple of weeks.
5. Purge the old – Start with a clean slate. Purge old caches, outdated logs, deactivated users, unused databases, and old package manager repository files.

The new year is a new start. Take a hard look at the past year, at your successes and failures. Learn to grow from the successes, and strive to prevent the failures from happening again. As you begin the new year, set goals for 2012, and make sure you have a plan to achieve those goals.

It is generally preferable to run updates on your server as soon as possible after they are made available. This is particularly important if when they are security updates. In most cases, you can just schedule these updates to run during off hours.

In some situations, however, your web applications or other software may depend on a certain version of currently-installed software, and updating may risk breakage. For those instances, you may want to hold off on updating. Unfortunately, holding off for too long could also cause security issues. The end of the year is therefore a good time to take a look at your software and see what is current and what is not.

If you have delayed updates for certain software, it might be a good idea to run the updates before the new year, especially if you are running a business website that is not very active at the end of the year. By waiting until the end of the year, you can also take time to test the updates on a virtual machine to make sure they will be compatible with your applications.

The end of the year is always a good time to check your server’s overall health, and checking your updates status is one of those important tasks that will ensure your server stays healthy.

As we move one day closer to the end of the year, it is increasingly important that you take some time to look at your server and find out what needs improving. You might also want to do some general house keeping, especially if you have neglected these clean-up tasks throughout the course of the long year. One such task is removing old, deactivated accounts.

What usually happens is that a user or customer leaves or does something to get his account suspended. Because there is a chance that he or she might come back, you do not delete the account right away. Do this often enough, and you will wind up with droves of stale users taking up disk space. The end of the year is a great time to clear out those users and make room for new ones.

The only real question you might want to ask yourself is if you are sure the user you are deleting is not coming back. That will usually depend on the circumstances. In most situations, those users who are valuable enough that you would consider keeping their accounts around even after a year will be quite apparent to you. Aside from that, removing the users should be pretty straightforward and should not cause any problems in the future.

As the end of the year approaches, you have probably fallen behind on some of your routine security checks. The holiday season is a busy time for hackers who try to exploit the increased online user activity, especially the activity of holiday shoppers. Sometimes security can cost you money, so it is a good idea to do some type of security audit before the end of the year, allowing you to make to present a clearer picture of the next year’s budget.

Using a vulnerability scanner, you can check your server for abnormalities that would-be attackers might be able to use to launch attacks against your server or those belonging to others. During a check, you may even discover that some vulnerabilities have already been exploited, and this will allow you to neutralize any threats.

Protecting your dedicated server or VPS is an ongoing process, and you should be diligent in locking it down at all times of the year. Still, the end of the year is a great time to do a more thorough check, just to be sure you have not missed something during your normal scans. Then, you can start the new year with confidence knowing that your server is safe and your data is secure.

As we come to the close of another year, it is a good time to perform some routine tasks on your server, especially if you have been putting them off until “the right time”. The beginning of a new year is usually busy, so you should take the time now to get those tasks done and make sure your server is optimized for the coming year.

One of the most important tasks that you should regularly perform on your server is the backing up of essential data. Every so often, it is also a good idea to check the integrity of your backups. Nothing is worse than actually needing to restore your backups one day and finding out that they do not work or are in some way corrupted.

Your backups are likely stored in compressed archives, so you will need to extract the files from the archives in order to check them. It may be enough to simply verify that the file names and sizes match the files you have. Therefore, it is important to check the latest backup, and that should be sufficient to confirm that the backups are working as expected. If you have any concerns, you can run a more in-depth file system integrity check on the backups.

Your VPS, dedicated server, and backup device all have something in common: a finite amount of space. Fortunately, you can always free up space, add a new drive, or compress files as needed. But you never want to get into a situation where the lack of space surprises you. On a Unix or Linux server, you can use “du” to find out information about your current disk usage.

To get the most basic disk usage information, type “du” without any other options. The output will look something like this (in kilobytes):

3600  ./Directory1/Subdirectory
5080 ./Directory2
36  ./Directory3
8716

To get a summary of all disk usage without a complete list of directories, type this:

du -s

The output will only show the total:

8716

In both instances, the total will show you how much disk space has been used in the specified directory and its sub-directories. On a server, the number may look something more like 141830722. To put that number into something more digestible, add the “-h” option to the command, which makes it “human readable”:

du -sh

The output will look like this:

141G

On a Linux server, you can also do the opposite: find out how much disk space you have available with the “df” (disk free) command. Simply type:

df

and the output will look like this:

Filesystem           1K-blocks      Used Available Use% Mounted on
/dev/sda1             73990360  51367736  18864084  74% /
udev                   1472472         4   1472468   1% /dev
tmpfs                   592988      1220    591768   1% /run
none                      5120         0      5120   0% /run/lock
none                   1482468      2692   1479776   1% /run/shm

For more information about du or df, type “man du” or “man df” from the command line for complete documentation.

If you are managing a Linux server for the first time, you are probably using a web-based control panel, such as cPanel/WHM.  While a control panel may fill most of your basic needs as a system administrator, there are some tasks best left to the command line. On a remote Linux server, you can access the command line via SSH.

Some Basic Tips

1. $ – this symbol at the command prompt means you are logged in as a normal user with limited privileges.
2. # – indicates you are logged in as root and have full system privileges
3. ~ – tells you that you are within the local user’s home directory. For example “user@locahost:~/webs” would refer to the “webs” directory in the user’s home directory tree.
4. / – the highest (or root) directory in the file system. Every path, even separate partitions on your hard drive, will fall under “/”.
5. Ctrl+C – cancels a command in progress
6. Ctrl+Z – stop user interaction with a command without terminating it (returns you to the command prompt)
7. Up Arrow key – used to browse through command history (Type history for a full list)
8. ls – lists all files in the current directory
9. rm – removes the specified file (i.e. rm filename.txt)
10. cp – copies files from one destination to another
11. cd – change directory. Examples:
    cd subdirectory – changes to a sub directory within the current one
    cd .. – moves you up one directory
    cd / – moves you to the root filesystem directory

The cloud has become quite popular in the IT world. One could say that the cloud is taking the tech world by “storm”. There are many reasons for this, some financial, others practical, but ultimately it is an option that is worth considering.

The most popular form of cloud computing is the public cloud. In this model, the cloud service provider offers an application or platform for the public, which they either use for free (as in the case of Gmail and other web-based email) or pay a service fee, a process often called SaaS (software as a service). There is, however, another model called a private cloud, and many companies and individuals are opting for this method and using open source software to create their own clouds.

Read the rest of this entry »

As we have repeatedly told you and even warned you on this site, backing up your server is of the utmost importance. Back up every important piece of data you have, and if you really want to be safe, make backups of your backups. One useful backup solution is Rsync. We have already explained how to use rsync, but it might also be useful to examine some of the intricacies of using it as a backup solution.

Automated Backups – You can always throw an rsync backup script into cron.daily, cron.weekly, or cron.monthly, but if your backup device is at another physical location (which it should be), you will need to provide the SSH password every time rsync wants to connect. That is impossible with cron, out of the box.

One solution is to setup password-less login with an SSH key. This will encrypt the sign in, but it does mean that a third party that gains access to your server can also easily get access to your backup server. A fix for that is to limit the SSH key to a single command (in this case rsync). That way, the worst a hacker can do is backup your files for you.

Incremental Backups – By definition, rsync is an incremental copying solution. This means that files that have already been copied will not be recopied. Some server administrators, however, expect incremental backups to also provide snapshots of backups, creating separate backup files for each backup instance. For something like this, you might consider using irsync for point-in-time incremental backups.

Linux servers have a distinct advantage over most proprietary operating systems because of their extensive package management systems. Whether a server uses YUM or APT, it is much easier and faster to install and update software than using traditional manual installation methods. This raises the question: is it ever a good idea to install software manually in Linux?

There are two types of software packages that a user might manually install in Linux. The first is a program that has no binary packages for the distribution you are running. In such a case, you may be forced to build the software from source. The second type of program is one that is distributed in a generic binary form. Many proprietary software vendors will offer generic Linux binaries that typically work on most current Linux distributions.

In the above-mentioned scenarios, you may have no choice but to manually install the software, but there may be some situations where you might consider manually installing software even when binary packages are available for your distribution. Some of those situations are:

• The package in your distribution is older than the latest available from the developer
• Your distribution’s package is missing some key components (especially true if there are legal implications, such as certain video codec support in FFMPEG)
• In some cases, a program compiled from source may get better performance
• The package in your distribution has a major bug that you cannot wait for the developers to fix and send downstream. You can apply a patch to a version compiled from source.

When installing files manually, you always run the risk of breaking something, but in some cases, the benefits outweigh the risks.

APT is a package management system for Debian and other Linux distributions based on it, such as Ubuntu. For the most part, APT is easy to use for installing, removing, and updating packages.

With a normal APT install, using the apt-get command, a package will install without any problems. Installing a package in an APT repository will cause apt-get to automatically search for and install any necessary dependencies. In rare instances, often when you are mixing in third-party dependencies, there is a chance that apt-get may end up giving you an error telling you that a package installation could not be completed.

One of the most basic fixes for a problem like this is to run apt-get with “-f install”. The “-f” in this case stands for “fix broken”. APT will look for the best solution to resolve dependency problems. If you manually installed a package that had unmet dependencies, apt-get will install those dependencies, if possible. If it is not possible, it may simply remove the package that you installed in order to return sanity to your system.

Since removing the package you are trying to install may not be ideal, you might also try finding a repository that has the packages you need to satisfy the dependencies. Finally, if all else fails, you can attempt to satisfy the dependencies yourself, either by finding and installing the necessary packages, or by installing them from source and then creating “deb” packages for them.

In a previous post, you learned how to suspend a Linux user account on your dedicated server. Although this method is effective in shutting down users with shell access, it may not shut off any websites or other unique hosting features that they have. For that you will probably need to suspend their accounts within your hosting control panel. In cPanel, this is very easy to do. Simply follow these instructions.

1. Login to cPanel as the administrator
2. On the WHM home screen, click “Account Functions”
3. Choose “Suspend/Unsuspend an Account”
4. Select the account that you want to suspend based on domain or users
5. Check the box “Prevent resellers from unsuspending”
6. Click “Suspend”

At this point, instead of seeing the users normal site, anyone who visits the user’s website will see a message indicating the account has been suspended.  If you want to customize the way this suspended page appears, you can edit it using the Web Template Editor. The good thing about this method of suspending user accounts is that it will also suspend shell access, which means you will not need to suspend the user from the command line as well.

To unsuspend an account, usually after the user has paid a delinquent bill, simply return to the same page, select the user, and click “unsuspend”. cPanel will use the same method of disabling a user’s account that you would use from the command line. This means that the user’s password will be listed as “invalid” until you unsuspend it. It also uses an .htaccess file to redirect site visitors away from the user’s normal web pages. Therefore, you must have .htaccess enabled for it to work.

Using a web-based control panel is the ultimate convenience for dedicated server system administrators. Many of the tasks that once took multiple commands or even complex scripts to run can now be accomplished with a few clicks. Control panels also provide visual interfaces for those who have grown up in the era of graphical computing. Nevertheless, there are still times when the good old fashioned command line is better.

These days most web servers, even those privately owned, are accessed remotely through a secure shell (SSH). Having access to the console through SSH is still very important.  The following are some of the most significant benefits that SSH offers:

• A more secure method of access than a web browser, especially if you are on a public terminal
• advanced commands that may not be available in the control panel
• the ability to string together multiple commands using command strings or scripts
• more advanced trouble-shooting of applications and websites
• the ability to log in as other users or even log on to another server (such as a backup server) all from within the same SSH session

In some cases, using SSH even has speed benefits over the control panel. Even a low-powered device, such as a mobile phone can access SSH quickly and easily, whereas the control panel will require more processing power. To put it plainly, if you are working in the world of dedicated servers, use of SSH is far from extinct.

In a previous post, we explained how to send a message of the day (MOTD) to all users whenever they log into your server’s shell. It is a perfect way to reach users when they log in, but it will not allow you to send new messages to users who are currently logged in. For that you need a tool called “wall”.

Wall is a small program for Linux and UNIX operating systems that allows you to send real-time messages to all users, useful for broadcasting important alerts or simply communicating with regular shell users.

To send a message to users, first you need to create a text file containing the message. You can use your standard text editor (i.e. vi or nano). For example:

nano newmessage.txt

Then type the message: “This is a warning to all users. It’s my birthday!”

Save the message and then type the wall command followed by the file name to send it:

wall newmessage.txt

The output on users’ screens will look like this:

Broadcast Message from root@serverschool
(/dev/pts/1) at 18:15 …

This is a warning to all users. It’s my birthday!

Users must have their “mesg” permission set to “yes” in order for them to receive the wall message. Since this is enabled by default, that should not be a problem. Now, you can send messages to users anytime you want, as long as it is 20 lines or less.

I hope the time never comes when you have to take action against a user on your dedicated server, but if the situation does arise, you should know how to handle it. With a Linux server, there are several ways to disable an account without completely deleting it. This is useful if you have a temporary account that you only use at certain times or if you need to temporarily suspend a user.

One method for suspending a user is to make it impossible for the user to login with his/her password by altering the password in /etc/shadow. A typical user entry in the shadow file will look like this:

fakeuser:$6$8ZaG7yBk$9fv0ItyR3RyY.:13852:0:99999:7:::

The second field with a bunch of random-looking characters represents the password. You can disable the password by replace those characters with a “*” to make it look like this:

fakeuser:*.:13852:0:99999:7:::

The next time the user tries to login, it will fail. In the event that you eventually decide to re-activate the account, you can do so by giving it a new password.

Obviously the disadvantage of this method is that the user loses his/her password and needs a new one. Another method is to use the passwd command:

passwd fakeuser -l

The same effect can be accomplished by simply adding a “!” in front of the encrypted password in the /etc/shadow file.

To re-enable the account, just type:

passwd fakeuser -u

This is a simple way to suspend a user account. If your user has a website with a control panel, you may need to use your control panel to disable the account from there. Otherwise, you are all set.

Linux-based dedicated servers typically run two primary types of programs: those which require user interaction and those which perform tasks in the background without user intervention. Those programs that run in the background are commonly called “services” or “daemons”.

Servers usually require numerous services to run the background, such as the web server, mail server, database server, DNS system, firewall, and possibly many others. Because of this, it is important to know how to manage services, including how to start, stop, restart, and check their status.

The available methods for starting and stopping services may vary according to Linux distributions. On the most popular server distributions, Red Hat Enterprise Linux and CentOS, there are two commonly-used ways for starting and stopping them. The first is to call the programs directly:

/etc/init.d/service-name start

The other method is to use the “service” command, which will usually work for anything found in the “/etc/init.d” directory. Therefore, if you wanted to start the same service using this method, you would type as root:

service service-name start

To stop a service, type:

service service-name stop
or
/etc/init.d/service-name stop

To check the status of a service (i.e. see if it is currently running):

service service-name status
or
/etc/init.d/service-name status

To restart a service, type:

service service-name restart
or
/etc/init.d/service-name restart

Some services may have additional command settings available. To find out which ones are available, type the command without anything after it. For example:

service rsync

Usage: /etc/init.d/rsync {start|stop|reload|force-reload|restart|status}

Once a service that was not running starts, it will continue to run as long as the service stays on. If you reboot, only services that have been configured to start at boot will run initially.

These days many personal email accounts are hosted on cloud servers, leaving many web servers without the need to send and deliver emails to their users. For plenty of businesses, however, having a mail server is still very much a part of the dedicated server experience.

If you host your own mail server, whether Postfix, Sendmail, or something else, you need to make sure it is reliable and secure. Under normal conditions, a mail server does not place a heavy burden on a dedicated server, even with spam filtering and virus scanning. In some instances, however, something goes wrong, causing the mail server to use more than its fair share of CPU cycles and RAM. To investigate, consider the following:

1. Are your server logs showing a dramatic increase in mail server activity? It may be that you truly are just seeing in influx in the amount of mail sent on a particular day, but it could also be an attack on your server.

2. Check your mail server’s security and make sure someone has not hijacked it to send spam. This is a very common thing for spammers to do, exploiting a user’s account or an open relay on the SMTP server to send spam to people all over the world.

3. It could be that your server is receiving a spam attack, where it receives a large amount of spam, significantly more than usual. This could be intentional or just be a bad day for email.

Once you locate the source of the problem, you can start looking for solutions. Some problems will go away with time while others require action.

As energy costs continue to rise and new environmental regulations come into effect, many businesses are looking for ways to reduce data center costs. A server uses a lot of power for processing and cooling. By using low-powered servers for certain tasks, you can reduce energy costs and help save the environment.

When Is a Low-Powered Server Appropriate?

Obviously, not every server operation will work on a low-powered server. Therefore, it is important to evaluate server usage before you make drastic changes. If you find a web server, for example, that only uses half of the power available, you may be able to replace the hardware with something that more efficiently rations power only as needed.

What are the Hardware Options?

The major processor manufacturers, Intel and AMD, both offer a variety of power-saving options. Some of them provide offer great speeds and features while also reducing power usage when necessary. Others require a significant sacrifice of speed and processing power in order to save on energy costs. These are appropriate only when the server’s applications do not require much processing power. Finally, there are also chip manufacturers like ARM and VIA that are now entering the server market with extremely low-energy-consuming processors.

Planning for the Future

When choosing a low-powered option, it is important to think about your current needs to reduce energy consumption while also planning for scalability. Used in combination with other data center energy-saving techniques, the use of low-powered servers can transform your IT operations into models of green efficiency.

Of all the topics we have repeatedly stressed, none is more significant that backing up your server. It is the only way to ensure that your data will be safe even if the most inconceivable disaster occurs. Once you have working backups for your server, it is important to evaluate your backups and also make sure you using a method that is reliable and safe. The following tips should help you get better backups.

1. Use a remote server. You always have the option of using local backups, but this is not ideal. A backup hard drive on your server is only good as long as the entire server keeps running, and a backup server within the same data center is only as good as the security and dedicated power of the data center. If disaster hits one or the other, both your server and backups could be destroyed.

2. Incremental backups. Using a tool like rsync, you can create incremental backups and save yourself some bandwidth costs. It will also be faster and use less server load.

3. Automate the backup process. You may be extremely meticulous, but having to always manually backup your server is just inefficient when there are automation options (like cron) available.

4. Backup website files and databases. People often backup home files but forget databases, or the opposite, only backing up their databases. Both will leave you with partial websites, should you need to restore a backup.

5. Test your backups periodically. You may think they are in working order, but you need to make sure.

Backing up your data can save your server, and using smart techniques for backup and retrieval will make your server much more reliable.

Creating a chroot jail is a great way to separate certain activities on a dedicated server from the rest of the server at large. Purposes for this can range from creating virtual private server containers to simply needing an isolated test environment. One common problem you may experience after create a chroot jail is that the chrooted user does not have network access.

In these situations, you will typically find that no usable network interface is present when you run the “ifconfig” command. Any attempts at adding one will fail, and the system will behave as though you do not have a network card installed. Even if you have setup all of the necessary filesystems: /proc, /dev,/dev/pts, and /sys, you may still not be able to connect to the network or the Internet.

Fortunately, the solution to this problem is quick and easy. In order for the chroot environment to connect to the Internet, you need to copy the DNS resolution information from your standard Linux installation to the new chrooted installation that you have created. Simply copy the resolv.conf file from one installation to the other. The following is an example:

#  cp /etc/resolv.conf /var/chroot/etc/resolv.conf

In the example, /var/chroot is the location of the chroot system that the user has created. Adjust it accordingly to fit your system. After you have successfully copied the file, you should now be able to chroot into the new file system and access the Internet.

Websites have graduated far beyond simple text-based one-page documents. Most include all sorts of multimedia, from videos to full animated applications. Many small website owners may rely on cloud service providers for their music and video streaming, but if you ever need to host your own media content, you will probably need a program that can handle media conversion and streaming. FFMPEG does this very well.

Your frontend web application will likely give no indication about the complex media encoding going on underneath, but FFMPEG will handle a lot of the heavy lifting. On CentOS, you can easily install FFMPEG and get it up and running in just a few minutes.

First, it is important to note that you will only be able to do this with your own dedicated server or VPS, as you will need root access. Just follow these instructions:

1. Edit the YUM repository file, /etc/yum.repos.d/CentOS-Base.repo, and add the following lines:

[dag]
name=Dag RPM Repository for Centos
baseurl=http://apt.sw.be/redhat/el$releasever/en/$basearch/dag
enabled=1

2. Save the file and exit your text editor

3. Run this command as root:

yum install ffmpeg

That is all there is to it. In some situations, the version supplied in the Dag repository may not support the codec you need or may be too outdated. In that case, you can always build FFMPEG from source. You may also want to install other features, like the PHP extension, useful for scripts and web applications that need access to FFMPEG.

Virtualization can save you time and money when used efficiently. This has made it very popular for small, medium, and large sized data center operations. Whether you have a single server or a fleet of them, virtualization has its benefits.

KVM and Xen are two virtualization options for Linux servers, both with their advantages. Xen is more mature but KVM is now included in the Linux kernel out of the box. KVM requires hardware support for its extensions, meaning that you must have a processor that supports technology like Intel VT-x or AMD-V. In other words, if you are running low-powered Atom-based servers, you will need to go with Xen.

On the other hand, Xen requires you to install a Xen-based kernel onto your server. If you are running a server leased from a service-provider, this may not even be an option if Xen is not already installed. There is, however, big commercial support for Xen, with companies like Amazon running it on their EC2 servers.

Ultimately, the decision depends largely on your circumstances. If you are running a Red Hat-based distribution, KVM is already on your system and well supported. That makes it the best option unless your hardware cannot support it. If you are running another distribution that favors Xen or are using a hosting company with commercial support for it, Xen is the best choice.