Tag Archives: web

WebVirtMgr with LXC support

This is the connections page backported from WebVirtMgr 4.8.7

https://github.com/daniviga/webvirtmgr/

WebVirtMgr (by retspen) is a simple but great libvirt frontend written in python with Django. It currently supports only KVM as hypervisor. However libvirt can be already used to manage other hypervisors (like XEN) and it also supports LXC containers.

Using the container libvirt feature I extended WebVirtMgr, creating a fork, which adds LXC support and other minor improvements (see https://github.com/daniviga/webvirtmgr/commits/master)

LXC support currently has some limitations:

  • The LXC container filesystem must be created manually (this is a libvirt limitation)
  • Even the LXC domain creation isn’t supported right now (you need to create the XML and define the domain manually, virt-install can be used)
  • Web remote console is under development and not yet ready (some work has been made using butterfly)
  • LXC domain deletion doesn’t remove its filesystem
  • Snapshotting is not supported (another libvirt limitation, it can be done manually with LVM or Btrfs)

But basic functions works well:

  • Management of remote hosts (via TCP, SSH, TLS, socket)
  • Start, stop, shutdown, pause
  • Autostart
  • CPU and RAM limits assignment
  • Network interfaces management
  • Clone (only the domain, filesystem must be copied manually)

My WebVirtMgr fork contains also some minor differences and improvements compared to the original:

  • The old connections list page (with a table instead of boxes) has been kept
  • It supports a very basic ACLs system (for both KVM and LXC). With this feature non-admin users can be created (using the django-admin interface) that can only have specific access to a pre-defined set of VMs/LXCs. This means that user “foo“, for example, can only start/stop/shutdown or access the remote console of the VM “my_vm

The installation procedure remains the same as the original project.

Screenshots

This is the connections page backported from WebVirtMgr 4.8.7

This is the connections page backported from WebVirtMgr 4.8.7

KVM instances

The KVM instances view

The LXC instances view

The LXC instances view

An example of a running LXC container

An example of a running LXC container

An LXC domain can be cloned, and a random MAC address can be generated

An LXC domain can be cloned, and a random MAC address can be generated

An example of an LXC deletion

An example of an LXC deletion

Instance admin interface: you can assign users

Instance admin interface: you can assign users

 Links

WordPress caching with nginx

As a part of my friend @zenkay post on his blog here it is a simple but efficient nginx configuration for proxying and caching an Apache + WordPress installation.

Assuming that:

  • nginx and Apache are on different nodes: if nginx and Apache are on the same machine is highly advised to serve static files directly from nginx;
  • static files expire header is managed by Apache (through mod_expires); if static stuff is served directly you need to specify the expire through nginx;
  • you have installed the WordPress Nginx proxy cache integrator;
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
server {
    # Listen IPv6 and IPv4 socket
    listen       [::]:80; #on Linux this means both IPv4 and IPv6
    # Name-based virtualhosts
    server_name  *.mydomain.com mydomain.com;
 
    # Add Cache-Status debug header on replies
    add_header X-Cache-Status $upstream_cache_status;
 
    # Set the vhost access-log
    access_log  /var/log/nginx/access-mydomain.log  main;
 
    location / {
 
        # Skip^1 caching variable init
        set $nocache 0;
        # Bypass^2 caching variable init
        set $purgecache 0;
 
        # Bypass^2 cache on no-cache (et al.) browser request
        if ($http_cache_control ~ "max-age=0")
            { set $purgecache 1; }
        if ($http_cache_control ~ "no-cache")
            { set $purgecache 1; }
        # Bypass^2 cache with custom header set on request
        if ($http_x_cache_purge ~* "true")
            { set $purgecache 1; }
        # Skip^1 caching when WordPress cookies are set
        if ($http_cookie ~* "comment_author_|wordpress_(?!test_cookie)|wp-postpass_" )
            { set $nocache 1; }
 
        # Cache pool
        proxy_cache             proxy-one;
        # Bypass^2 cache when $purgecache is set to 1.
        # Bypass means that content is served fresh and the cache is updated
        proxy_cache_bypass      $purgecache;
        # Skip^1 caching when $nocache is set to 1
        # Do not cache when browsing frontend as logged user
        proxy_no_cache          $nocache;
        # Define the cache resource identifier. Be careful to add $nocache
        proxy_cache_key         "$scheme$http_host$request_uri$args$nocache";
        proxy_connect_timeout   10;
        proxy_read_timeout      10;
        # use stale cache on backend fault
        proxy_cache_use_stale   error timeout invalid_header updating http_500 http_502 http_503 http_504;
        proxy_cache_valid       200 302 15m;
        proxy_cache_valid       404 1m;
        proxy_set_header        Host             $host;
        proxy_set_header        X-Real-IP        $remote_addr;
        proxy_set_header        X-Forwarded-For  $proxy_add_x_forwarded_for;
        proxy_pass              http://apache_remote_ip;
    }
 
    location ~* \/blog\/wp\-.*\.php|\/blog\/wp\-admin {
        proxy_cache             off;
        proxy_pass              http://apache_remote_ip;
    }
 
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   /usr/share/nginx/html;
    }
 
}

1^ see: http://wiki.nginx.org/HttpProxyModule#proxy_no_cache
2^ see: http://wiki.nginx.org/HttpProxyModule#proxy_cache_bypass

Fixing font in Chromium on Fedora

Font auto-hinting is disabled by default in Chromium on Fedora, so font rendering is quite ugly.

To enable fonts auto-hinting just create file 10-chromium.conf in /etc/fonts/conf.d/ with this xml:

<?xml version="1.0"?>
<!DOCTYPE fontconfig SYSTEM "fonts.dtd">
<fontconfig>
        <match target="font">
                <edit mode="assign" name="hinting">
                        <bool>true</bool>
                </edit>
        </match>
        <match target="font">
                <edit mode="assign" name="antialias">
                        <bool>true</bool>
                </edit>
        </match>
        <match target="font">
                <edit mode="assign" name="autohint">
                        <bool>true</bool>
                </edit>
        </match>
</fontconfig>

and then restart Chromium.

Riferences:

http://code.google.com/p/chromium/issues/detail?id=47865

lighttpd: attiviamo la compressione

MicroServer, il mio home-server che eroga i servizi web, è connesso alla WAN attraverso una line ADSL. Questa tecnologia, assimetrica, comporta velocità di upload abbastanza limitate (384 Kbit/s nel caso in esame): negli ultimi tempi, con un uso intenso di css e js (che arrivano anche a 200KB) nelle applicazioni web, questa limitazione è diventata ancora più evidente.

Per ovviare è possibile utilizzare la compressione trasparente delle pagine (ma non solo) lato webserver; a patto che il browser supporti la decompressione “on-the-fly” (ormai qualsiasi browser degno di tal nome la supporta) è possibile ridurre notevolmente la banda necessaria. Lo scotto è la necessità di un po’ più di potenza di calcolo, ma d’altro canto mai nel passato abbiamo avuto a disposizione tanta potenza a buon mercato.

Per attivare la compressione dei contenuti statici attraverso lighttpd è sufficiente abilitare il supporto e definire quali MIME comprimere (principalmente quelli testuali):

creiamo il file compress.conf in /etc/lighttpd/conf.d

server.modules += ( "mod_compress" )
 
compress.allowed-encodings = ("bzip2", "gzip", "deflate")
compress.filetype = ("text/plain", "text/html", "text/javascript", "text/css", "text/xml")

Per attivare la compressione dei contenuti dinamici generati dall’interprete php è sufficiente attivare il supporto a zlib nel file php.ini

zlib.output_compression = On

Al termine riavviamo i servizi

bash$ service lighttpd restart

Riferimenti:

http://redmine.lighttpd.net/projects/lighttpd/wiki#Documentation