Zone Your Photo Archive With LinPHA

Hello,

In our family, most of our relatives live far away. Consequently, the only way that they can get to our digital picture collection is over the Internet. We could upload our pictures to flickr, picasa or some other digital photo hosting service. However with many family thousands of family photos in our digital collection and only a handful of people would really be interested in, I chose to go another route. I chose to use the Linux Photo Archive (LinPHA) to host my own picture archive.

With LinPHA you put all your pictures under the /albums directory. As you explore through the pictures of your LinPHA web site, LinPHA dynamically creates thumbnails and stores information each sub-folder and picture in a database. I used MySQL to store all that data. Note though that LinPHA only maintains a directory depth of three sub-directories. Any sub-directories deeper than three will be ignored.

For me, LinPHA is a great solution because I wanted flexibility and virtually unlimited storage. I also wanted to avoid duplicating storage. So instead of copying all the files to a separate directory for LinPHA, I instead used the beauty of the read-only loopback mount option of The Zone Manager to read-only mount my Pictures directory from my backup zone into the /albums directory of my LinPHA web server zone.

Lets say that from the global zone perspective, the backup data of my backup zone is stored in /zones/mybackup/root/backup. Further, lets say that my picture archive are stored in /zones/mybackup/root/backup/Pictures. The following invocation of The Zone Manager creates a LinPHA zone, configures the networking, installs all the requisite software, read-only mounts my Pictures directory into the LinPHA zone, and installs the LinPHA software via the linpha.sh script.

# zonemgr -a add -n LinPHA -z /zones -P pw -s lock \
-I "192.168.0.10|bfe0|24|linpha" -C /linpha.sh -X /linpha.sh \
-G apache2 -G mysql5 -G ap2_modphp5 -G php5_mysql -G php5_gd \
-G imagemagick  -G pm_libxmlperl -G pm_xmlparser \
-r "/zones/mybackup/root/backup/Pictures|/opt/csw/apache2/share/htdocs/albums/Pictures" \
-C /etc/resolv.conf -C /etc/nsswitch.conf

Now that the LinPHA zone is up and running, I can finish the setup of my LinPHA photo archive by entering http://192.168.0.10/install/install.php . Below is what you see on the initial install screen. Here you select your preferred language and click on "Continue"



Next if all of the requisite checking completed successfully, you can just click on "Continue".



On this screen, you select your preferred database. I chose MySQL.



On this page you fill in the database authentication, set up a LinPHA administrative user, and select a few preferences. After making your selections, scroll down to the bottom of the page and click on the "Continue" button which in this picture got cut off the page.



That concludes the basic setup for LinPHA. There are lots of features and plugins that you should explore by logging in as the administrative user specified on the previous page. Clicking on the "Continue" button takes you to the home page of your new LinPHA photo archive.



Here is the main page.



To make things fun, I clicked on the "Pictures" folder to show you the contents of this sample site. Here you see the folder browse view.



Clicking on the myfam.jpg thumbnail picture, you see the larger view.



That is about it for the basic setup. You can get a copy of the script here: /linpha.sh script.

I hope you enjoy setting up your own personal Linux Photo Archive with Solaris Zones via The Zone Manager.

Brad

Put A New Face On Your Mail Server

Hello again,

I personally have run my own mail servers for many years. There are lots of good reasons for that choice. The two most compelling reasons for me have been: unlimited encrypted storage and encrypted IMAP and SMTP via SSL. In my experience, the weakest area of open source mail services has been the lack of a good opensource webmail interface that supports IMAPS and SMPTS. Back in 2005, the RoundCube WebMail project came on the scene. Other webmail projects have been around but in my opinion RoundCube is still the best opensource option.

So what does this have to do with The Zone Manager? I'm glad you asked! How would you like to be able to set up your own RoundCube WebMail service IN ONE STEP? Impossible you say!!! Well delight in the following example of the power of Solaris Zones coupled with The Zone Manager.

# zonemgr -a add -n rcmail -z /zones -P pw -s lock \
-I "192.168.1.12|bfe0|24|rcmail" -C /rcmail.sh \
-G apache2 -G mysql5 -G ap2_modphp5 -G php5_mysql \
-G pcre -G php5_imap -C /etc/resolv.conf \
-C "/etc/nsswitch.dns|/etc/nsswitch.conf" \
-X "/rcmail.sh -m pw -r pw -R webmail.example.com \
-h imap.example.com -H smtp.example.com"

Note that I replaced my actual serer names and the TCP/IP address with generic ones. The above invocation of The Zone Manager results in the following actions:

• Adds a sparse non-global zone named rcmail,
  
• Places the zone in /zones/rcmail,
  
• Sets the root user's password,
  
• Adds a network interface,
  
• Sets up name resolution,
  
• Remotely installs apache, mysql5, mod_php5, php5_mysql, pcre, and php5_imap from the Blastwave,
  
• Copies and runs my simple /rcmail.sh script in the non-global zone.

Upon completion, I can access the webmail with https://webmail.example.com. Here is a snapshot of the login page.



And here is a snapshot of the main page after successfully logging in.



You can easily write your own simple installer script like my /rcmail.sh script to automate the installation of just about any opensource kit.

To learn more about and see more screen shots of RoundCube WebMail, visit their web site.

Enjoy!

Brad

Zoned MySQL With Secure phpMyAdmin

Hello again,

In light of Sun's announcement of intent to acquire of MySQL AB, I thought it would be cool to show you how easy it is to set up a zone running MySQL with a fully configured and secure MySQL web console courtesy of phpMyAdmin.

This example does the following

• adds a non-global zone called mysql,
  
• places the zone in /zones/mysql,
  
• sets the non-global zone root user password,
  
• disables all un-necessary services,
  
• adds a network interface,
  
• sets up name resolution (e.g. DNS),
  
• remotely installs apache2, phpmyadmin, mysql5, and php5_mysql from blastwave.org,
  
• copies the simple mysql.sh script from the global zone into the non-global zone,
  
• and lastly runs the mysql.sh script in the non-global zone.

Here is the example invocation of The Zone Manager:

# zonemgr -a add -n mysql -z /zones -P pw -s lock \
    -I "192.168.1.22|bfe0|24|mysql" \
    -C /etc/resolv.conf \
    -C "/etc/nsswitch.dns|/etc/nsswitch.conf" \
    -G apache2 -G phpmyadmin -G mysql5 -G php5_mysql \
    -C /mysql.sh -X /mysql.sh 

Upon completion, I enter into my browser the secure URL https://mysql and voila, I get the following phpMyAdmin login page.

The default control user is myadmin and the default password is pw. However, you can specify these by passing the appropriate parameters to the mysql.sh script listed below:

Usage: mysql.sh [options]
where options include the following:
-m <password> # MySQL root user password. Defaults to pw
-u <user>     # Control user. Defaults to myadmin
-p <password> # Control user password. Defaults to pw
-h <zonehost> # Zone host name? Defaults to mysql

Of course, there are many other things that you could have also done with The Zone Manager like

• Read-write mounted one or more directories from the global zone into the non-global zone with the -w flag,
  
• Read-only mounted one or more directories from the global zone into the non-global zone with the -r flag,
  
• Set the root user's home directory and shell,
  
• Minimize (for whole root zones). e.g. Remove all un-necessary packages, or
  
• Assign or revoke specific privileges of the zone.
  

Enjoy!

Brad

PS: In order to tantalize your taste buds, the next version of The Zone Manager also has the ability to assign to a non-global zone shared and dedicated resources such as CPUs, RAM, and swap. This next version also has a unified filesystem management format for formatting (optional) and mounting just about any storage device (including a file) for the dedicated use of a specific zone. Way cool!

Zones Automation In The Real World

Hello again,

I am putting together a zones automation presentation for an internal training event for Sun that is occurring toward the end of February. One of the goals for that presentation is to provide 5-10 real world fully automated deployment scenarios using zones that can be delivered through the Zone Manager. For example, last week I posted an example titled The WebPress® 2-Step. If you have ideas of service deployment automation that you have done or would like to see done through the Zone Manager, send those ideas to me via e-mail or through a comment to this blog. When I complete the presentation, I will share the presentation and any other great deployment examples through this blog.

If you would like to see my existing presentations for the Zone Manager, they are available here.

Thats it for now. Blessings to you all!

Brad

The WordPress® 2-Step

Hello again,

On my blogging pilgrimage, one of the things that I decided to do was to see how easy it would be to set up a WordPress® blog using the zone manager. As it turns out, if you assemble a simple WordPress® install script like this one its as simple as two steps. Here are the two steps that I used to create a secure self-contained WordPress zone using the zone manager.

1. Create a zone named wordpress. In the following invocation of the zone manager a zone named wordpress is created, given an IP address, properly sets up name resolution, installs the apache, mysql4, mod_php, and php4_mysql packages from blastwave, and copies the simple wordpress install script into the zone and then runs it once the zone is created.

# zonemgr -a add -n wordpress -z /zones -P pw \
-C "/wordpress.sh|/wp.sh" -C /etc/resolv.conf \
-C "/etc/nsswitch.dns|/etc/nsswitch.conf" \
-I "192.168.0.100|bfe0|24|gsblog" -X /wp.sh \
-G apache -G mysql4 -G mod_php -G php4_mysql

2. Configure WordPress through your favorite web browser. In my case, here was my URL:

http://64.182.70.45/wordpress/

From an product installation perspective, that is it. You are done. Now of course I'm not going to leave you hanging there. Here in pictorial form are the rest of the basic steps for setting up the blog to make it accessible.

Here is what you see when the browser returned when I entered the URL.



I clicked on "create a wp.config.php file through a web interface". The following page was returned.



Of course, I clicked on "let's go"! Then I entered the configuration details in the web page seen below.



That concluded the basic configuration. Next I applied the configuration and completed the WordPress® installation by clicking on "run the install".



Next I needed to name my blog and enter my e-mail. Note that the e-mail and web address don't really exist.



Clicking on "Install WordPress" button returned the following administrative details.



Voila, I now have a working WordPress® running in a Sun Solaris zone!



Hope you enjoyed the WordPress® 2-Step!

Brad

A Little History

Hello Friend,

Welcome to The Zone Manager blog. Some of my friends in the blogging realm have poked and prodded me over the past couple of years to make the plunge into the blogging realm. I have resisted because I know that blogging can take a tremendous amount of time that frankly I don't usually have to give. However, one of my passions is in the realm of virtualization and in particular Sun's container technology called zones. I intend to use this blog to share with you the nuggets that I learn along the way. So to my friend John Clingan as of this moment, I am no longer a non-blogging heathen. ;-)

Now for a historical perspective on the Zone Manager. I first gained a deep appreciation of zones during my days in the Solutions Deployment Engineering team at Sun. One of my roles on that team was to help setup the labs for our Software Summit conferences. We typically had 2 or 3 lab rooms that were equipped with between 20-40 computers. The computers were typically a light weight workstation or a laptop. Each lab room would have 3 to 4 different labs sessions per day where each session was regarding a completely different topic. So in order to set up the systems for their respective sessions, we had three options. We could jumpstart the servers with custom install scripts, jumpstart them with a FLAR image, or create a unique zone for each lab session. We tried each option for different conferences but eventually found the zone option to be the most flexible and least risk prone.

The problem with the custom scripted and FLAR jumpstart options was that we had to re-jump all 40-120 systems between each lab to properly configure the systems for the next lab. This process could take anywhere from 30 minutes to a couple of hours depending on the complexity of operations to be performed. And if something went wrong, you just didn't get to use the systems for that lab because there wasn't enough time to repeat the jump. You see we typically only had about 10-15 minutes between lab sessions. Eeek!!!

Once zones became available I and the members of my team started looking at how we might be able to create a zone (or set of zones) per lab. Then when it was time to start the next lab we just shutdown all the zones but the zone(s) necessary for the next lab. This turned out to be a much better strategy than our jumpstart centered strategies. However, we had to do a lot of custom scripting for setting up the zones and prepping them for each lab. I realized at that point that we needed a general purpose script for automating 80-90% of all zone creation and management. Thus the zonemgr script was birthed.

All work from that point until now has been an incremental process of refining and improving the zonemgr script to greatly simplify creation and management of zones. I hope that you will try out the zonemgr script for yourself. It is an open source project. So please feel free to contribute your ideas and code to the project for everyone's benefit.

In closing, I want to re-iterate that the purpose of this blog will be to share with you my thoughts on zones, the zonemgr script's evolution and practical ways to use it along the way.

Blessings to you and yours!

Brad