Remote setup of LAMP server on CentOS 5

[satimis]

Hi folks,


Ubuntu 7.04 server amd64 (Host OS) - Fluxbox desktop
CentOS 5 x86_64 (Guest OS) - w/o desktop. X is running
UMWare - Virtualization platform
Open-ssh server and client are running on both OSs


I need to setup LAMP server on CentOS 5 remotely on Ubuntu. I have been googling a while for relevant documentation and howto with many output generated. Most of them are for Windows server. Please shed me somelight where can I find a relevant document/howto for my use. TIA


Edit:

1)
TWM - a lightweight desktop is running on CentOS 5

2)
httpd.x86_64 2.2.3-11.el5.centos installed
mysql-server.x86_64 5.0.22-2.2.el5_1.1 installed
php.x86_64 5.1.6-15.el5 installed
php-mysql.x86_64 5.1.6-15.el5 installed

have been installed on CentOS 5


B.R.
satimis

[athlon_crazy]

U need to setup LAMP on Centos from Ubuntu? What's wrong with SSH? Since everything installed, all config files on centos supposed can be done remotely via ssh.

[satimis]

U need to setup LAMP on Centos from Ubuntu?

Thanks for your advice.

Apache2 on CentOS is running. I can't visit it on Internet even stopping Apache2 on Ubuntu system.

What's wrong with SSH? Since everything installed, all config files on centos supposed can be done remotely via ssh.

SSH is working fine both ways w/o problem. CentOS can be reached on Intranet. But no body can get in CentOS on Internet. It can get out.


satimis

[athlon_crazy]

if everything ok internally, check your router, port forward & firewall setting to allow external connection.

[satimis]

if everything ok internally, check your router, port forward & firewall setting to allow external connection.

I can't touch the router which is on load from ISP. It has been password locked. I suppose ISP use the router as gateway. Ports 25, 80, 443, etc. are open.

Connection;

Server --> router --> DSL Modem --> ISP

I can replace it with my own router subject signing an agreement that no further technical assistance will be provided by ISP. Previously I talked to ISP twice on this subject matter. Since the term "no further technical assistance" seems arguable, I left it as it is.


I don't have Firewall running on Ubuntu, only iptables, the packet filtering package".

$ cat /etc/rc.local

Code:

#!/bin/sh -e
#
# rc.local
#
# This script is executed at the end of each multiuser runlevel.
# Make sure that the script will "exit 0" on success or any other
# value on error.
#
# In order to enable or disable this script just change the execution
# bits.
#
# By default this script does nothing.

#exit 0

#
# INPUT
#

# allow all incoming traffic from the management interface NIC
# as long as it is a part of an established connection
iptables -I INPUT 1 -j ACCEPT -d 220.232.213.178 -m state --state RELATED,ESTABLISHED

# allow all ssh traffic to the management interface NIC
iptables -I INPUT 2 -j ACCEPT -p TCP -d 220.232.213.178 --destination-port 22

# allow all VMware MUI HTTP traffic to the management interface NIC
iptables -I INPUT 3 -j ACCEPT -p TCP -d 220.232.213.178 --destination-port 8222

# allow all VMware MUI HTTPS traffic to the management interface NIC
iptables -I INPUT 4 -j ACCEPT -p TCP -d 220.232.213.178 --destination-port 8333

# allow all VMware Authorization Daemon traffic to the management interface NIC
iptables -I INPUT 5 -j ACCEPT -p TCP -d 220.232.213.178 --destination-port 902

# reject all other traffic to the management interface NIC
iptables -I INPUT 6 -j REJECT -d 220.232.213.178 --reject-with icmp-port-unreachable

# allows squirrelmail input
#iptables -I INPUT 7 -p ALL -i lo --source 127.0.0.1 -j ACCEPT

#
# OUTPUT
#

# allow all outgoing traffic from the management interface NIC
# if it is a part of an established connection
iptables -I OUTPUT 1 -j ACCEPT -s 220.232.213.178 -m state --state RELATED,ESTABLISHED

# allow all DNS queries from the management interface NIC
iptables -I OUTPUT 2 -j ACCEPT -s 220.232.213.178 -p UDP --destination-port 53

# reject all other traffic from localhost
#iptables -I OUTPUT 3 -j REJECT -s 127.0.0.1 --reject-with icmp-port-unreachable

# reject all other traffic from the management interface NIC
iptables -I OUTPUT 3 -j REJECT -s 220.232.213.178 --reject-with icmp-port-unreachable

On Ubuntu

$ ifconfig

Code:

......
......
vmnet1 Link encap:Ethernet HWaddr 00:50:56:C0:00:01
inet addr:172.16.59.1 Bcast:172.16.59.255 Mask:255.255.255.0
inet6 addr: fe80::250:56ff:fec0:1/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)

vmnet8 Link encap:Ethernet HWaddr 00:50:56:C0:00:08
inet addr:172.16.103.1 Bcast:172.16.103.255 Mask:255.255.255.0
inet6 addr: fe80::250:56ff:fec0:8/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)

On CentOS
# ifconfig

Code:

eth0      Link encap:Ethernet  HWaddr 00:0C:29:1D:65:AD  
          inet addr:172.16.103.128  Bcast:172.16.103.255  Mask:255.255.255.0
          inet6 addr: fe80::20c:29ff:fe1d:65ad/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:81 errors:0 dropped:0 overruns:0 frame:0
          TX packets:100 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:9632 (9.4 KiB)  TX bytes:15868 (15.4 KiB)
          Base address:0x1070 Memory:ec820000-ec840000 

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:74 errors:0 dropped:0 overruns:0 frame:0
          TX packets:74 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:19072 (18.6 KiB)  TX bytes:19072 (18.6 KiB)

satimis

[athlon_crazy]

ok better you list down what services can be reached from outside :

- Apache
- sendmail
- ssh
- vnc
- vpn
- etc

Then, which services running on which server?

Ubuntu = SSH
This will let u ssh ubuntu from outside, only then from ubuntu u can securely ssh to centos.

Centos = LAMP
U need to to port forward to this centos server unless u do some tweaking on iptables in ubuntu to redirect all LAMP request from ubuntu to centos.

I hope u get the idea...

[satimis]

ok better you list down what services can be reached from outside :

- Apache
- sendmail
- ssh
- vnc
- vpn
- etc

Then, which services running on which server?

Ubuntu = SSH
This will let u ssh ubuntu from outside, only then from ubuntu u can securely ssh to centos.

Centos = LAMP
U need to to port forward to this centos server unless u do some tweaking on iptables in ubuntu to redirect all LAMP request from ubuntu to centos.

I hope u get the idea...

Hi athlon_crazy,


This is a virtual machine for TEST. I'm trying to build up my knowhow on running VMWare server and to find out the advantage on virtualization. Both CentOS and Ubuntu are LAMP server.


Ubuntu :-
apache2 - running
postix - running and configured
ssh - server and client, running
webmin - running
usermin - running
iptables - running and configured


CentOS:-
apache2 - running
sendmail - not running nor configured
ssh - server and client, running
iptables - running


Ubuntu is in full operation. I'm now configuring CentOS


What I am prepared to do on this Test

1)
After having sendmail configured and up running, I'll stop postfix on Ubuntu running CentOS as Mail Server

2)
To run Ubuntu as Web and File server


satimis

[athlon_crazy]

1) So, u start already with centos sendmail? It's pretty easy actually. Try to configure it for LAN first(between ubuntu & centos).

2) I believe u no need to touch Ubuntu LAMP. Instead, turn off centos LAMP bcoz u wont need it. Concentrate on centos sendmail only.