Forum OpenACS Development: Virtual hosting with AS4 and OpenACS 5

I set up two separate OpenACS 5 instances running with AOLserver 4 on the same server.

Now, willing to exploit the built in virtual hosting capabilities of AOLserver 4 I tried to follow Vinod's hints but without success.

Could someone post or send me a working config.tcl example?

TIA, Claudio

Collapse
Posted by Chris Davies on
I just converted 4 of my sites this weekend.  I went from 34 threads and 484mb in use to 12 threads and 224mb in use.

basically following Vinod's instructions got me about 95% there.  I ran into a hitch with the version of AOLServer.  There is a timing bug that I ran into where the server would actually turn off the IPs because it took openacs 5.1 too long to spool up.  AOLServer 4.0.3 from the debian/unstable repository works fine with it.

Here's my frontend.tcl file
--------------------------------------

ns_log notice "nsd.tcl: starting to read frontend config file..."
ns_log notice "nsd.tcl: sourcing backend server configs..."

source /etc/aolserver4/bc.tcl
source /etc/aolserver4/mh.tcl
source /etc/aolserver4/lal.tcl
source /etc/aolserver4/ifs.tcl

ns_log notice "nsd.tcl: done loading backend server configs..."

set bindir                  /usr/lib/aolserver4/bin

# Load nssock globally
ns_section ns/modules
ns_param  nssock          ${bindir}/nssock.so

ns_section ns/module/nssock
ns_param  port            80
ns_param  hostname        bc.daviesinc.com
ns_param  address        0.0.0.0
ns_param  maxinput          [expr 8000 * 1024]
ns_param  timeout            120

# Map headers to server-name
ns_section ns/module/nssock/servers
ns_param  bc.daviesinc.com        bc.daviesinc.com
ns_param  bc.daviesinc.com        bc.daviesinc.com:80
ns_param  matthewhousden.com        matthewhousden.com
ns_param  matthewhousden.com        matthewhousden.com:80
ns_param  xxx.com        xxx.com
ns_param  xxx.com        xxx.com:80
ns_param  xxx2.com        xxx2.com
ns_param  xxx2.com        xxx2.com:80

#
# Global server parameters
#

ns_section ns/parameters
#ns_param  serverlog          ${serverroot}/log/error.log
ns_param  serverlog          /var/log/aolserver/error.log
ns_param  home              $homedir
ns_param  maxkeepalive      0
ns_param  logroll            on
ns_param  maxbackup          5
ns_param  debug              off

ns_section ns/threads
ns_param  mutexmeter        true      ;# measure lock contention
ns_param  stacksize          500000

ns_section ns/mimetypes
ns_param  Default            text/plain
ns_param  NoExtension        text/plain
ns_param  .pcd              image/x-photo-cd
ns_param  .prc              application/x-pilot
ns_param  .xls              application/vnd.ms-excel
ns_param  .doc              application/vnd.ms-word

ns_log notice "nsd.tcl: finished reading frontend config file."

-------

and here's bc.tcl -- I commented out most of the things that  were sourced in the main config.  Also, don't forget that your error log is specified in frontend.tcl.  Some of the error messages are quite unintuitive.
---------------------------------------

ns_log notice "bc.tcl: starting to read bc.daviesinc.com"

######################################################################
#
# Instance-specific settings
# These default settings will only work in limited circumstances
# Two servers with default settings cannot run on the same host
#
######################################################################

# which database do you want? postgres or oracle
set database              postgres

if {$database == "oracle"} {
    set db_password        "mysitepassword"
}

# change to 80 and 443 for production use
# Bind; 66.28.59.17:80
set httpport              80
set httpsport            443

# The hostname and address should be set to actual values.
#set hostname              [ns_info hostname]
set hostname              bc.daviesinc.com
set address                66.28.59.17

set server              "bc.daviesinc.com"
set db_name            $server
set user_account        www-data
set servername          "Bonnie & Chris - Davies, Inc."

set serverroot          "/var/www/aolserver4/${server}"

# if debug is false, all debugging will be turned off
set debug false

set homedir                /usr/lib/aolserver4
#set bindir                  [file dirname [ns_info nsd]]
set bindir                  /usr/lib/aolserver4/bin

# which modules should be loaded?  Missing modules break the server, so
# don't uncomment modules unless they have been installed.

ns_section ns/server/${server}/modules
#ns_param  nssock          ${bindir}/nssock.so
ns_param  nslog          ${bindir}/nslog.so
ns_param  nssha1          ${bindir}/nssha1.so
ns_param  nscache        ${bindir}/nscache.so
ns_param  nsrewrite      ${bindir}/nsrewrite.so
#ns_param  libtdom        ${bindir}/libtdom.so
ns_param  libtdom        /usr/lib/tdom0.7.8/libtdom0.7.8.so
ns_param  nsdb      ${bindir}/nsdb.so

# nsopenssl will fail unless the cert files are present as specified
# later in this file, so it's disabled by default
#ns_param  nsopenssl      ${bindir}/nsopenssl.so

# Full Text Search
#ns_param  nsfts          ${bindir}/nsfts.so

# PAM authentication
#ns_param  nspam          ${bindir}/nspam.so

# LDAP authentication
#ns_param  nsldap          ${bindir}/nsldap.so

# These modules aren't used in standard OpenACS installs
#ns_param  nsperm          ${bindir}/nsperm.so
#ns_param  nscgi          ${bindir}/nscgi.so
#ns_param  nsjava          ${bindir}/libnsjava.so

######################################################################
#
# End of instance-specific settings
#
# Nothing below this point need be changed in a default install.
#
######################################################################

######################################################################
#
# AOLserver's directories. Autoconfigurable.
#
######################################################################

#
# Where are your pages going to live ?
#
set pageroot                ${serverroot}/www
set directoryfile          index.tcl,index.adp,index.html,index.htm

#
# Global server parameters
#

#ns_section ns/parameters
#ns_param  serverlog          ${serverroot}/log/error.log
#ns_param  home              $homedir
#ns_param  maxkeepalive      0
#ns_param  logroll            on
#ns_param  maxbackup          5
#ns_param  debug              $debug

#
# Thread library (nsthread) parameters
#
#ns_section ns/threads
#ns_param  mutexmeter        true      ;# measure lock contention
#ns_param  stacksize          500000

#
# MIME types.
#
#  Note: AOLserver already has an exhaustive list of MIME types, but in
#  case something is missing you can add it here.
#

#ns_section ns/mimetypes
#ns_param  Default            text/plain
#ns_param  NoExtension        text/plain
#ns_param  .pcd              image/x-photo-cd
#ns_param  .prc              application/x-pilot
#ns_param  .xls              application/vnd.ms-excel
#ns_param  .doc              application/vnd.ms-word

#
# Tcl Configuration
#
ns_section ns/server/${server}/tcl
ns_param  library        ${serverroot}/tcl
ns_param  autoclose      on
ns_param  debug          $debug

######################################################################
#
# Server-level configuration
#
#  There is only one server in AOLserver, but this is helpful when multiple
#  servers share the same configuration file.  This file assumes that only
#  one server is in use so it is set at the top in the "server" Tcl variable
#  Other host-specific values are set up above as Tcl variables, too.
#
######################################################################

ns_section ns/servers
ns_param  $server    $servername

#
# Server parameters
#
ns_section ns/server/${server}
ns_param  directoryfile      $directoryfile
ns_param  pageroot          $pageroot
ns_param  maxconnections    5
ns_param  maxdropped        0
ns_param  maxpost            10485760
ns_param  maxthreads        5
ns_param  minthreads        1
ns_param  threadtimeout      120
ns_param  globalstats        false    ;# Enable built-in statistics
ns_param  urlstats          false    ;# Enable URL statistics
ns_param  maxurlstats        1000    ;# Max number of URL's to do stats on
#ns_param  directoryadp    $pageroot/dirlist.adp ;# Choose one or the other
#ns_param  directoryproc    _ns_dirlist          ;#  ...but not both!
#ns_param  directorylisting  fancy              ;# Can be simple or fancy

#
# Special HTTP pages
#

ns_param  NotFoundResponse    "/global/file-not-found.html"
ns_param  ServerBusyResponse  "/global/busy.html"
ns_param  ServerInternalErrorResponse "/global/error.html"

######################################################################
#
# ADP (AOLserver Dynamic Page) configuration
#
######################################################################

ns_section ns/server/${server}/adp
ns_param  map          /*.adp    ;# Extensions to parse as ADP's
#ns_param  map          "/*.html" ;# Any extension can be mapped
ns_param  enableexpire  false    ;# Set "Expires: now" on all ADP's
ns_param  enabledebug  $debug    ;# Allow Tclpro debugging with "?debug"
ns_param  defaultparser fancy

ns_section ns/server/${server}/adp/parsers
ns_param  fancy    ".adp"

######################################################################
#
# Socket driver module (HTTP)  -- nssock
#
######################################################################

#ns_section ns/server/${server}/module/nssock
#ns_param  timeout            120
#ns_param  address            $address
#ns_param  hostname          $hostname
#ns_param  port              $httpport

######################################################################
#
# OpenSSL
#
######################################################################

#ns_section "ns/server/${server}/module/nsopenssl"
#
#ns_param ModuleDir                      ${serverroot}/etc/certs
#
## NSD-driven connections:
#ns_param ServerPort                      $httpsport
#ns_param ServerHostname                  $hostname
#ns_param ServerAddress                  $address
#ns_param ServerCertFile                  certfile.pem
#ns_param ServerKeyFile                  keyfile.pem
#ns_param ServerProtocols                "SSLv2, SSLv3, TLSv1"
#ns_param ServerCipherSuite              "ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP"
#ns_param ServerSessionCache              false
#ns_param ServerSessionCacheID            1
#ns_param ServerSessionCacheSize          512
#ns_param ServerSessionCacheTimeout      300
#ns_param ServerPeerVerify                true
#ns_param ServerPeerVerifyDepth          3
#ns_param ServerCADir                    ca
#ns_param ServerCAFile                    ca.pem
#ns_param ServerTrace                    false
#
## For listening and accepting SSL connections via Tcl/C API:
#ns_param SockServerCertFile              certfile.pem
#ns_param SockServerKeyFile              keyfile.pem
#ns_param SockServerProtocols            "SSLv2, SSLv3, TLSv1"
#ns_param SockServerCipherSuite          "ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP"
#ns_param SockServerSessionCache          false
#ns_param SockServerSessionCacheID        2
#ns_param SockServerSessionCacheSize      512
#ns_param SockServerSessionCacheTimeout  300
#ns_param SockServerPeerVerify            true
#ns_param SockServerPeerVerifyDepth      3
#ns_param SockServerCADir                internal_ca
#ns_param SockServerCAFile                internal_ca.pem
#ns_param SockServerTrace                false
#
## Outgoing SSL connections
#ns_param SockClientCertFile              certfile.pem
#ns_param SockClientKeyFile              keyfile.pem
#ns_param SockClientProtocols            "SSLv2, SSLv3, TLSv1"
#ns_param SockClientCipherSuite          "ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP"
#ns_param SockClientSessionCache          false
#ns_param SockClientSessionCacheID        3
#ns_param SockClientSessionCacheSize      512
#ns_param SockClientSessionCacheTimeout  300
#ns_param SockClientPeerVerify            true
#ns_param SockServerPeerVerifyDepth      3
#ns_param SockClientCADir                ca
#ns_param SockClientCAFile                ca.pem
#ns_param SockClientTrace                false
#
## OpenSSL library support:
##ns_param RandomFile                      /some/file
#ns_param SeedBytes                      1024

######################################################################
#
# Database drivers
# The database driver is specified here.
# Make sure you have the driver compiled and put it in {aolserverdir}/bin
#
######################################################################

ns_section ns/db/drivers
if { $database == "oracle" } {
    ns_param  ora8            ${bindir}/ora8.so
} else {
    ns_param  postgres        ${bindir}/nspostgres.so  ;# Load PostgreSQL driver
}

#
# Database Pools: This is how AOLserver  ``talks'' to the RDBMS. You need
# three for OpenACS: main, log, subquery. Make sure to replace ``yourdb''
# and ``yourpassword'' with the actual values for your db name and the
# password for it, if needed.

# AOLserver can have different pools connecting to different databases
# and even different different database servers.
#
ns_section ns/db/pools
ns_param  ${server}pool1      "${server}Pool 1"
ns_param  ${server}pool2      "${server}Pool 2"
ns_param  ${server}pool3      "${server}Pool 3"

ns_section ns/db/pool/${server}pool1
ns_param  maxidle            1000000000
ns_param  maxopen            1000000000
ns_param  connections        5
ns_param  verbose            $debug
ns_param  extendedtableinfo  true
ns_param  logsqlerrors      $debug
#if { $database == "oracle" } {
#    ns_param  driver            ora8
#    ns_param  datasource        {}
#    ns_param  user              $db_name
#    ns_param  password          $db_password
#} else {
    ns_param  driver            postgres
#    ns_param  datasource        colo26.mia.colo-cation.com::${db_name}
    ns_param  datasource        localhost::${db_name}
    ns_param  user              $user_account
    ns_param  password          ""
#}

ns_section ns/db/pool/${server}pool2
ns_param  maxidle            1000000000
ns_param  maxopen            1000000000
ns_param  connections        5
ns_param  verbose            $debug
ns_param  extendedtableinfo  true
ns_param  logsqlerrors      $debug
#if { $database == "oracle" } {
#    ns_param  driver            ora8
#    ns_param  datasource        {}
#    ns_param  user              $db_name
#    ns_param  password          $db_password
#} else {
    ns_param  driver            postgres
    ns_param  datasource        localhost::${db_name}
    ns_param  user              $user_account
    ns_param  password          ""
#}

ns_section ns/db/pool/${server}pool3
ns_param  maxidle            1000000000
ns_param  maxopen            1000000000
ns_param  connections        5
ns_param  verbose            $debug
ns_param  extendedtableinfo  true
ns_param  logsqlerrors      $debug
#if { $database == "oracle" } {
#    ns_param  driver            ora8
#    ns_param  datasource        {}
#    ns_param  user              $db_name
#    ns_param  password          $db_password
#} else {
    ns_param  driver            postgres
    ns_param  datasource        localhost::${db_name}
    ns_param  user              $user_account
    ns_param  password          ""
#}

ns_section ns/server/${server}/db
ns_param  pools              "${server}pool1,${server}pool2,${server}pool3"
ns_param  defaultpool        ${server}pool1

ns_section ns/server/${server}/redirects
ns_param  404                "global/file-not-found.html"
ns_param  403                "global/forbidden.html"

######################################################################
#
# Access log -- nslog
#
######################################################################

ns_section ns/server/${server}/module/nslog
ns_param  file                ${serverroot}/log/${server}.log
ns_param  enablehostnamelookup false
ns_param  logcombined          true
#ns_param  logrefer            false
#ns_param  loguseragent        false
ns_param  maxbackup            1000
ns_param  rollday              *
ns_param  rollfmt              %Y-%m-%d-%H:%M
ns_param  rollhour            0
ns_param  rollonsignal        true
ns_param  rolllog              true

######################################################################
#
# nsjava - aolserver module that embeds a java virtual machine.  Needed to
#          support webmail.  See http://nsjava.sourceforge.net for further
#          details. This may need to be updated for OpenACS4 webmail
#
######################################################################

ns_section ns/server/${server}/module/nsjava
ns_param  enablejava        off  ;# Set to on to enable nsjava.
ns_param  verbosejvm        off  ;# Same as command line -debug.
ns_param  loglevel          Notice
ns_param  destroyjvm        off  ;# Destroy jvm on shutdown.
ns_param  disablejitcompiler off
ns_param  classpath          /usr/local/jdk/jdk118_v1/lib/classes.zip:${bindir}/nsjava.jar:${pageroot}/webmail/java/activation.jar:${pageroot}/webmail/java/mail.jar:${pageroot}/webmail/java

######################################################################
#
# CGI interface -- nscgi, if you have legacy stuff. Tcl or ADP files inside
# AOLserver are vastly superior to CGIs. I haven't tested these params but they
# should be right.
#
######################################################################

#ns_section "ns/server/${server}/module/nscgi"
#      ns_param  map "GET  /cgi-bin/ /web/$server/cgi-bin"
#      ns_param  map "POST /cgi-bin/ /web/$server/cgi-bin"
#      ns_param  Interps CGIinterps

#ns_section "ns/interps/CGIinterps"
#      ns_param .pl "/usr/bin/perl"

######################################################################
#
# PAM authentication
#
######################################################################

ns_section ns/server/${server}/module/nspam
ns_param  PamDomain              "pam_domain"

ns_log notice "nsd.tcl: finished reading config file."

I start the server like this:

/usr/sbin/aolserver4-nsd -t /etc/aolserver4/frontend.tcl -b 0.0.0.0:80 -u www-data -g www-data

of course, your info may vary slightly.  I'm sure I did something wrong somewhere, but, it works for all 4 servers on that machine, and, now that I'm not bouncing off swap, I might put a 5th and 6th instance on there.  For low-volume servers, I think I can get away with 6 instances and be safe within 512mb.

Collapse
Posted by Claudio Pasolini on
Many thanks for answering Chris!

Today I will not be in the office but I'm anxious to retry and I'll post the results.

Collapse
Posted by Mark Aufflick on
Chris, where did your number of threads (and memory) saving come from? You're still running an nsd process per backend server right?
Collapse
Posted by Claudio Pasolini on
Virtual hosting with AOLserver 4 is really easy, when you know how to!

Thank you again, Chris and Vinod!

Collapse
Posted by Don Baccus on
You can reduce the number of threads because you can configure it so that all your virtual servers share the same thread pool.

Presumably the bet is that the odds that all sites will simultaneously reach peak activity is low.  If you have four AOLserver instances you need to configure each for max traffic, if you share the pool space you can scrimp.

You can also set up thread pools for the virtual servers separately, and by URL space I think ... it's very flexible.

The only downside is that you can't restart the individual servers individually.

Collapse
Posted by xx xx on
Yes, this really helped a bunch.

I just ran into trouble when commenting out section "ns_section ns/server/${server}/module/nssock". So I suppose that wasn't optimal (when using the chat package)

If one wants to run another virtual server on another port (8080) just add to frontend.tcl:

------------------------------------------------

source service1.tcl
#set ns/servers in the backend file service1.tcl
    #ns_section ns/servers
    #ns_param  service1 "Development site"

ns_section ns/modules
ns_param  nssock8080      ${bindir}/nssock.so

ns_section ns/module/nssock8080
ns_param  port            8080
ns_param  hostname        mydomain.nl
ns_param  address        0.0.0.0
ns_param  maxinput        [expr 8000 * 1024]
ns_param  timeout        120

ns_section ns/module/nssock8080/servers
ns_param  service1      mydomain.nl:8080