On Mon, Feb 16, 2004, Clemens von Musil wrote: Clemens,
> I want to install an openPKG environenment with apache and openLDAP on a > machine, that allready runs those two servers. > Esepecially for the apache would a two-instances-on-one-machine-solution > be extremely comfortable to me. > > What I read is, that all openPKG instances on one machine are completely > seperated from each other. Doesn't that mean, they have different > (virtual) ip-addresses for different servers, listening on the same > port? > The ip:port combination must be uniqe for any services to be addressed predictable. Use a different ip, different port or both. It is not a problem for a machine to listen to multiple addresses today. I've seen a device in our datacenter that has over 4200 IP addresses in use on a single NIC. Some protocols carry additional information in their requests that allow a single service to behave differently upon request and look like being multiple services. The HTTP protocol supports so called name based virtual hosts and, of course, apache has this feature implemented. > If yes... I'm not able to keep two apaches running this way. Can anybopy > point me the right direction? > There are philosophical issues to be addressed which I do not want to discuss in depth here. If all your servers can be run by the same apache binary (having the same modules, script languages, database interfaces ... built in), are under the same administrative/organizational scope, will be maintained simultaneously in the future etc. you might only install one apache and configure virtual hosts. Even name based virtual hosts. Another requirement might be file system isolation between any two services so one cannot view or alter data and code from the other. Use chroot environments in this scenario. Available on almost any UNIX. A more secure solution would be full isolation between any two services by using FreeBSD jails or Linux vserver. The toughest virtual isolation is use of hardware emulation like bochs or vmware in the PC world or machine paritioning available in Solaris and AIX. This allows multiple operating systems to run concurrently on the same hardware. This is the server consolidation prayer. Finally, the toughest isolation is use of separate hardware for any service. This is the appliance prayer. The OpenPKG way of doing it to install multiple instances on a single machine. They are logically isolated however protection against each other is the task of the OS based on the administrative/organizational rules being deployed. The tutorial at http://www.openpkg.org/tutorial.html might help you doing the OpenPKG part of the game. Install every piece of softare into each instance (make, gcc, ...) for maximum independence. Assume you name your two instances /apache1 and /apache2 then edit each config /apache?/etc/apache/apache.conf. Example for apache1: Listen 10.1.2.3:80 NameVirtualHost 10.1.2.3:80 <VirtualHost www.example.com:80> ServerName www.example.com ServerAlias example.com ServerAdmin [EMAIL PROTECTED] ServerSignature off DocumentRoot /apache1/share/apache/www.example.com/ <Directory "/apache1/share/apache/www.example.com"> Options None AllowOverride None Order allow,deny Allow from all </Directory> </VirtualHost> Watch out to run the correct rpm and rc all the time! Example: $ /apache1/bin/rpm -Uvh apache-*.rpm #install 1st apache $ /apache2/etc/rc apache start #launch 2nd apache -- [EMAIL PROTECTED], Cable & Wireless ______________________________________________________________________ The OpenPKG Project www.openpkg.org User Communication List [EMAIL PROTECTED]
