[web2py] Re: recommendations for production system?
Greetings. my experience is on local vps. comment on my situation and I hope security comments after a clean install of debian 6, do the following: apt-get update. apt-get upgrade. apt-get install mcrypt apt-get install fail2ban (to ensure a little more ssh channel) apt-get install arno-iptables-firewall (iptables easy to configure andonly open ports 22, 80, 443) further use http://password.es/ to generate my root password, which are 16 characters long thatinclude symbols. these passwords I store them in a safe place where access viahttps and never accessible from a computer "windows" if necessary I start with a live cd of puppy linux or SliTaz then enter the vps via ssh
[web2py] Re: recommendations for production system?
It's nice to see feedback from real users of these hosts. Could you please add how much traffic you got with those plans you have? On May 18, 6:54 am, Carlos wrote: > Hi all, > > In order to prepare my web2py production system, I would really welcome all > your advice. > > I will get one node from vps.net: > > http://vps.net/product/cloud-servers > dedicated cpu = 0.6 GHz > dedicated ram = 376 MB > disk space = 10 GB > network transfer = 250 GB > > I am planning to install the following software: > > os = ubuntu 10.04 (lucid) x64 basic installation > web = apache2 > db = postgresql > sh =http://web2py.googlecode.com/hg/scripts/setup-web2py-ubuntu.sh > > Is the above the recommended configuration (based on my one node capacity @ > vps.net)?. > > I've read that nginx web server is really good, should I reconsider this?, > instead or in addition to apache?. > > Would you recommend a different configuration if I eventually add more > nodes/capacity?. > > Any other software?, e.g. web server control panels?. > > - isp manager > - webmin > - virtualmin > - landscape > > Thanks in advance for all your recommendations. > > p.s. my experience has been mostly with Windows. > > Carlos
[web2py] Re: recommendations for production system?
Hi Ross, Thanks for the links. I have seen mixed reports, certainly in the more distant past, but as I said my experience since Hardy (8.04) has been very good. On May 18, 5:03 pm, Ross Peoples wrote: > My own personal experience it with it a couple years was terrible. It > destroyed several systems that needed to be rebuilt because webmin messed > them up so bad. But again, I don't know if this has changed or not. Well, from my PoV it has! A couple of cautions though: - - Webmin/Virtualmin need a clean, freshly installed system as a starting point. If there is any configuration work done before installing them, I'd expect problems. - When I started out with my production hosting I had very limited linux-fu, and needed to use Webmin/Virtualmin to work safely (e.g. I was a bigger risk than they were!), and so I set things up to do everything apart from my narrow specialty (then the care and feeding of Zope and Plone) using the web interface, and have been very conservative about changing that. I would recommend them without hesitation to anyone in the same predicament as I was a couple of years back (an application developer with limited Linux sysadmin skills), but since you are effectively delegating your sysadmin load to that s/w in that case, it's important to be careful and test your understanding of what you can do by hand. In my case, there is an additional apache .conf file where all my Zope, Plone and web2py config lives, and that is pretty much the only thing I manage by hand, other than my Zope/Plone instances which I install to /opt and Webmin leaves well alone. My suggestion to the OP would be to fire up a VM and test the alternatives - but I'd include Webmin as one of those alternatives. HTH! -- Cheers, PhilK
[web2py] Re: recommendations for production system?
This is the original source: https://help.ubuntu.com/community/WebMin and here's a bug report about it: https://answers.edge.launchpad.net/ubuntu/+question/2873 These two are a bit old now, so I don't know if things have changed, but merely mentioning the word webmin in the Ubuntu forums a couple years ago meant you got a quick, terse reply about how webmin is bad for ubuntu systems and you shouldn't use it. Just scanning the latest entries on the forums tagged with webmin, it doesn't seem like it still has the bad reputation it once did. My own personal experience it with it a couple years was terrible. It destroyed several systems that needed to be rebuilt because webmin messed them up so bad. But again, I don't know if this has changed or not.
[web2py] Re: recommendations for production system?
Hi Carlos >> I will follow your advice about picking a strong password and >> changing the default 22 port - would this be enough?. Well, is there ever enough security? All I can say is that it has been good enough for my modest security requirements. Oh, I think I also limited the ssh access to two IP ranges. It still does not feel good to log on as root, but that is my trade-off for convenience. You will have to make your own judgements. Emergency access to files: I have an FTP server available on the server (again on a non-standard port) which I start up whenever I need to fiddle around. I very seldom use it, but on occasions it is helpful. On May 18, 3:41 pm, Carlos wrote: > Hi, > > Thank you all for your comments and recommendations. > > Based on your feedback, I'm leaning towards using Nginx (instead of Apache) > for all static and dynamic content. > > One question: is the following script up-to-date with everything I need to > setup web2py with nginx?: > > http://web2py.googlecode.com/hg/scripts/setup-web2py-nginx-uwsgi-ubun... > > I am planning on using 'root' as well, but I will follow your advice about > picking a strong password and changing the default 22 port - would this be > enough?. > > I would also want to be able to edit my application files (models, > controllers, views) remotely from my Windows environment (via sftp?), just > in case of emergencies, and hopefully use the same ide (wing) as my > development environment - is this possible via any of the following > options?: > > http://www.expandrive.com > http://www.swish-sftp.org > http://cyberduck.ch > http://winscp.net > http://us3.samba.org > http://dokan-dev.net/en > http://www.webdrive.com/products/webdrive > > ... or do you recommend another file manager client from Windows to the > remote ubuntu server (with capabilities for editing in wing ide)?. > > Furthermore, what scripts (fabric?) should I actually have in place in order > to be fully ready?. > > Btw I will be using mercurial: > - for development, pushing to bitbucket for my own remote repository, in > addition to a 2nd. respository for web2py, > - for production, with two respositories, one pulling > fromhttps://web2py.googlecode.com/hg/web2pyand another one pulling from my > bitbucket remote repository. > > Very important: please confirm that Nginx is a better (and stable) > alternative to Apache. > > Thanks very much ! > > Carlos
[web2py] Re: recommendations for production system?
Sounds like you are going in the right direction. That Nginx setup scripts looks OK at a glance. If you are already using version control, I would suggest avoiding editing files directly on your server. Instead, edit locally, push to Bitbucket and then pull from your server. It sounds tedious but it's pretty fast and ultimately a better procedure. This is where you might consider Fabric. You could very easily set it up to log in to your server and issue the "hg pull; hg update" commands. From your command like you just type "fab production update" where "production" is a description of your production environment and "update" is python function in your fabfile.
[web2py] Re: recommendations for production system?
Hi, Thank you all for your comments and recommendations. Based on your feedback, I'm leaning towards using Nginx (instead of Apache) for all static and dynamic content. One question: is the following script up-to-date with everything I need to setup web2py with nginx?: http://web2py.googlecode.com/hg/scripts/setup-web2py-nginx-uwsgi-ubuntu.sh I am planning on using 'root' as well, but I will follow your advice about picking a strong password and changing the default 22 port - would this be enough?. I would also want to be able to edit my application files (models, controllers, views) remotely from my Windows environment (via sftp?), just in case of emergencies, and hopefully use the same ide (wing) as my development environment - is this possible via any of the following options?: http://www.expandrive.com http://www.swish-sftp.org http://cyberduck.ch http://winscp.net http://us3.samba.org http://dokan-dev.net/en http://www.webdrive.com/products/webdrive ... or do you recommend another file manager client from Windows to the remote ubuntu server (with capabilities for editing in wing ide)?. Furthermore, what scripts (fabric?) should I actually have in place in order to be fully ready?. Btw I will be using mercurial: - for development, pushing to bitbucket for my own remote repository, in addition to a 2nd. respository for web2py, - for production, with two respositories, one pulling from https://web2py.googlecode.com/hg/web2py and another one pulling from my bitbucket remote repository. Very important: please confirm that Nginx is a better (and stable) alternative to Apache. Thanks very much ! Carlos
[web2py] Re: recommendations for production system?
Hi Ross, On May 18, 11:59 am, Ross Peoples wrote: > On a quick side note, you are not supposed to use Webmin with Ubuntu. It is > mentioned in several places that it breaks Debian-based systems. Ubutnu has > been pushing eBox (now Zentyal) which is more for setting up a small > business infrastructure than managing a web server. As is mentioned, > managing Apache (or whatever you intend to use) yourself is the best way, > even though it's not the easiest or the most convenient. I'm baffled by that statement - can you provide a source, please? Ubuntu (in its LTS versions) is specifically listed as a supported operating system for Webmin, and a "Grade A" supported operating system for Virtualmin [1]. As you suggest, eBox/Zentyal does *NOT* do the same job as Webmin/Virtualmin. I have used Webmin and Virtualmin for a couple of years now on LTS versions of Ubuntu, and have had a very positive experience of it. As well as web2py, I also do integration and hosting with Zope and Plone, and I've been very happy letting Virtualmin manage Apache for the "standard" virtual hosts, and managing web2py, Zope and Plone virtual hosts by hand. HTH [1] http://www.virtualmin.com/os-support --- Cheers, PhilK
[web2py] Re: recommendations for production system?
On a quick side note, you are not supposed to use Webmin with Ubuntu. It is mentioned in several places that it breaks Debian-based systems. Ubutnu has been pushing eBox (now Zentyal) which is more for setting up a small business infrastructure than managing a web server. As is mentioned, managing Apache (or whatever you intend to use) yourself is the best way, even though it's not the easiest or the most convenient.
[web2py] Re: recommendations for production system?
I use vps.net with apache and firebird DB, but when the server was under higher loads it used to easily jam and require reboot. I now do this: 1 node: Firebird DB server 2 nodes: Apache It is no longer a 'cheap' set-up, but it is the most reliable we ever had and I can effectively run as many domains as I want. It seems very robust indeed. I tried the various control panels, but they always cost me more time than simply logging in and doing things manually. The point is that when your backups and cron scripts are working ok, the server requires hardly any management at all. For me, root access is much easier from a server management point of view, but make sure you have a full strength password and always change sshd from port 22! Of course if you need high-security, you should not use root - there are just too many bots out there! On May 17, 11:54 pm, Carlos wrote: > Hi all, > > In order to prepare my web2py production system, I would really welcome all > your advice. > > I will get one node from vps.net: > > http://vps.net/product/cloud-servers > dedicated cpu = 0.6 GHz > dedicated ram = 376 MB > disk space = 10 GB > network transfer = 250 GB > > I am planning to install the following software: > > os = ubuntu 10.04 (lucid) x64 basic installation > web = apache2 > db = postgresql > sh =http://web2py.googlecode.com/hg/scripts/setup-web2py-ubuntu.sh > > Is the above the recommended configuration (based on my one node capacity @ > vps.net)?. > > I've read that nginx web server is really good, should I reconsider this?, > instead or in addition to apache?. > > Would you recommend a different configuration if I eventually add more > nodes/capacity?. > > Any other software?, e.g. web server control panels?. > > - isp manager > - webmin > - virtualmin > - landscape > > Thanks in advance for all your recommendations. > > p.s. my experience has been mostly with Windows. > > Carlos
[web2py] Re: recommendations for production system?
I have never used VPS.net so im not sure about them. Like pbreit I use rackspace(cloud) as well and the service is top notch and you get full root access. which for a vps im sure vps.net does as well. For the actual setup itself, for a small server I just moved away from apache and will never move back. I have tried nginx and uwsgi is very easy to setup on it. I personally use cherokee which is also easy to use for uwsgi as well. There is a setup script for nginx as well but i believe its fcgi (uwsgi was easier for me). either way uwsgi is easy peasy to setup for both and both of them have a much smaller memory footprint than apache. For python I do not use virtualenv either. I currently run with python2.7 on my server. I havent used fabric yet, so ill check that out. postgres is perfectly fine compared to mysql, though i tend to use mysql more and will eventually move towards monngodb when i have the time to set it up and test it for web2py. If you have a vps with root access i dont recommend using webmin. I have tried using it a couple times and have it toast multiple things on my server to the point I had to rebuild. To be honest its usually easier to manage it normally. I tried virtualmin and had the same experience. have not tried isp manager or landscape but from what I have read and heard (3rd hand) they are similar stories unless you plan to build your server around those technologies, usually for selling or letting others use your server from a web interface. if its just you i wouldnt use them. It may be a hassle. That being said, YMMV, so take what I say with a grain of salt. Hope it helps. remember to get more people's opinion before you decide. On May 17, 5:21 pm, pbreit wrote: > If you are comfortable with Apache, it's difficult to advise going with > Nginx, but with a small node like that, you would probably be better off > memory wise with Nginx. > > For pricetack.com, I currently use Ubuntu 10.04 + Nginx (uWSGI) + Postgres > on RacksSpace Cloud 512mb ( I don't have much traffic yet). I have created > Fabric scripts which are quite similar to the setup scripts. If you plan to > do this long term, you should definitely consider Fabric now or at some > point. It makes things a lot easier. I don't use any of that other software. > I currently use "root" which I'm not sure is a good idea. I see everyone > suggesting "virtualenv" which I currently do not use. I have a 2nd node that > I use for QA. > > At some point I envision that I will have separate DB and web servers. Then > multiple web servers. Then multiple DB servers. But that's down the road.
[web2py] Re: recommendations for production system?
If you are comfortable with Apache, it's difficult to advise going with Nginx, but with a small node like that, you would probably be better off memory wise with Nginx. For pricetack.com, I currently use Ubuntu 10.04 + Nginx (uWSGI) + Postgres on RacksSpace Cloud 512mb ( I don't have much traffic yet). I have created Fabric scripts which are quite similar to the setup scripts. If you plan to do this long term, you should definitely consider Fabric now or at some point. It makes things a lot easier. I don't use any of that other software. I currently use "root" which I'm not sure is a good idea. I see everyone suggesting "virtualenv" which I currently do not use. I have a 2nd node that I use for QA. At some point I envision that I will have separate DB and web servers. Then multiple web servers. Then multiple DB servers. But that's down the road.