INTRO

Steps to install TUX Web Server, using Apache as ‘secondary’ web server, handling virtual hosts & including specific info for Interworx Servers.

DISCLAIMER: It works for me on several servers and you use this information AT YOUR OWN RISK. You must realize that you can break things on your server and you must be able to restore them.

OS tested on production: RedHat 9 & CentOS 3.x with kernel 2.4.*

PREFACE

TUX is a kernel-based, multi-threaded, extremely high performance HTTP server with the ability to serve both static & dynamic data, developed by RedHat.

This is what we’ll do: TUX will listen on port 80, the default http port, so TUX will act as frontend. We’ll REconfigure Apache to listen only on localhost, port 81 (as backend), instead of port 80 (by default). This way, TUX will receive every http request, handling static files that can recognize and will redirect any request that cannot handle to Apache (PHP, for example).

If your box has RedHat Linux or CentOS, you don’t need to patch the linux kernel. It’s a great and really powerful program to boost your dedicated server.

STEP 1: Install TUX

SSH rooted, type:

# yum install tux

STEP 2: REconfiguring Apache

Remember make backups of your conf files.

Locate & edit httpd.conf

• Look for Listen 80, or Listen 0.0.0.0:80. Change it to:

Listen 127.0.0.1:81

We’re telling Apache to listen on Port 81, and accept connections just from localhost (127.0.0.1). Apache won’t reply to anyone trying to access this port from outside.

• Look for KeepAlive, and set it off:

KeepAlive Off

Setting off Apache’s KeepAlive lets TUX always have a shot on mixed requests handled by Apache (for example, PHP generates a page which load several static images). Apache serves PHP, TUX images, swf, etc.

• Don’t restart Apache yet. You changed httpd.conf but all of that won’t become ‘live’ until you restart Apache.

STEP 3: Ports & Virtual Hosts

In order to tweak this whole thing to manage the several domain folders where our web files reside, we need to tweak some configs, since we have several domains, not an unique ‘documentroot’ for Apache.

STEP 3.1: Tweaking TUX for vhosts

Some config on TUX goes through files located at folder /proc/sys/net/tux

You can’t access folder /proc/sys/net/tux until TUX has been started, so we’ll start it and stop it through ‘service tux start’ and ‘service tux stop’.

• We move to /proc/sys/net/tux and perform this command:

# echo "1" >virtual_server

So

cat virtual_server

will show:
1
and that enables TUX to add ‘domain.tld’ after /var/www/html on every request handled.

• Still on /proc/sys/net/tux folder, do:

# echo "81" >clientport

Default TUX port for ‘secondary server’ (Apache), is 8080. We have set it to be port 81.

We’re done for testing, but we’ll lose these changes on reboot. So we’ll make a config file.

Create the new file /etc/sysctl.tux

These settings worked for me, looking for performance:

net/tux/virtual_server = 1
net/tux/clientport = 81
net/tux/referer_logging = 0
net/tux/logging = 0
net/tux/max_keepalives = 2000
net/tux/keepalive_timeout = 15
net/tux/TDprintk = 0
net/tux/Dprintk = 0
net/tux/generate_cache_control = 1
net/tux/generate_etags = 1
net/tux/generate_last_mod = 1
net/tux/defer_accept = 0

STEP 3.2: Tweaking Apache for virtual hosts

We changed Apache port on STEP 2, so now we only need to tweak .conf files for each virtualhost at folder /etc/httpd/conf.d/ (on Interworx Servers)

• Every ‘siteworx account’ has a file named domain.tld.conf under the folder /etc/httpd/conf.d/

Locate & edit these files, looking for just at the first line. Change it to be:

<VirtualHost *:81>

• Check “namevirtualhost.conf” at /etc/httpd/conf.d/
  It might be empty if you have not ‘shared IP addressed’ on the box (See IP management option at Nodeworx). If it’s not empty, you’ll see a line saying: NameVirtualHost x.x.x.x:80, change it to: NameVirtualHost *:81

Caution NOTE: changing the IP to “*” will cause some confusion to Interworx on IP Management. Just wrote or comment the previous setting for your records.

STEP 4: Last TUX tuning

• Locate & edit file /etc/sysconfig/tux

You can leave TUXTHREADS commented (with #), as it will default to the number of CPUs on your box.

You also can leave DOCROOT or LOGFILE as is. You should have a folder /var/www/html, where ‘default’ Apache installation and response pages belongs.

• Locate & edit file /etc/tux.mime.types

Strip the # before TUX/redirect and change ‘redir’ to the extension(s) you want to be always redirected to the secondary server (Apache at port 81).

The line would show:

TUX/redirect                    php

if we want just ‘php’ files to be always redirected.

TUX will redirect to Apache any request that get rejected for any reason (see the TUX manual).

If you strip the # before TUX/CGI, then TUX will handle CGI requests as well, but you’ll need extra config.

STEP 5: Setting up directories

That’s the trick I wanted when I was setting up TUX. Symbolic links WON’T work if we need to link directories outside the documentroot (which is the case of Interworx). TUX follows sym-links, but just within documentroot.

Every content that TUX will try to serve ‘must’ be located on a folder named /var/www/html/domain.tld/ (it will be /var/www/html if DOCROOT is set this way on /sys/sysconfig/tux).

You can create these folders using

# mkdir /var/www/html/domain.tld/

for every ‘siteworx account’ you have created.

As far as I know, TUX can only look into the fixed DOCROOT (/var/www/html/), append a fixed-configurable substring, and also append the domain name requested stripping the www. This collides with the path where interworx store our websites, which depends on an username and configured through these .conf files created for each domain at folder /etc/httpd/conf.d

So if you have ‘mydomain.com’ as a siteworx account, you have to end with:
/home/someuser/mydomain.com/html/…(files)
/var/www/html/mydomain.com/…<---- EMPTY directory, just create it.

TUX will look at /var/www/html/mydomain.com/… for each request.
Apache (when a request is redirected), will look at /home/someuser/mydomain.com/html/

How can we handle this without putting files on each separate folder? Thanks to a message read on tux-list about this, you just have to bind a directory using MOUNT command.

# mount --bind /home/someuser/domain.tld/html/ /var/www/html/domain.tld/

This way you can move to folder /var/www/html/domain.tld and see exactly the same files you have at /home/someuser/domain.tld/html/ and so will do TUX, so it will find the files on the proper folder/directory that interworx uses. Note that you MUST create that EMPTY directories under /var/www/html in the example.

Note that you’ll lose this MOUNT if you reboot, so we can put this on /etc/fstab for each account we need:

/home/someuser/domain.tld/html /var/www/html/domain.tld none rw,bind

STEP 6: Testing!

Now all you have to do is to restart Apache, iworx (not sure if really needed), and start TUX:

# service apache restart
# service tux start
# service iworx restart

and start playing around to see if it works.

MAKING TUX AUTORUN ON BOOT

You want that TUX starts on boot, otherwise your server won’t be able to handle http requests at all, as per TUX configured to be on front.

So to make TUX autorun un boot you type this two commands as root on SSH:

chkconfig --add tux
chkconfig --level 345 tux on

VIEW LOGS:

You’ll have to look the logs to making sure TUX is working and redirecting requests to Apache. A request handled by TUX will show the http response code 200 or 304. You’ll also see that redirected requests to Apache have a “-1” code on the TUX logs. You’ll also observe that, if the configurable 404 error page for TUX is not found, it will redirect the request to Apache too.

Interworx log-files for each domain go to folder /home/someuser/var/domain.tld/logs
TUX binary-logs go (by default) to /var/log/tux

To be able to view these TUX binary-logs, you have to perform this command:

# /usr/sbin/tux2w3c /var/log/tux

If you want to disable logging, you must edit /etc/sysconfig/tux and comment (put a # character) on the line LOGFILE=…, otherwise logging will be forced even if you set logging=0 from /etc/sysctl.tux

DEBUGGING

In addition to view logs, you can:

1. View current config for a started TUX daemon, locate gettuxconfig, cd & execute it:

# gettuxconfig (better output this to a file.

2. Check active ports:

# netstat -na

That should show:
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:81 0.0.0.0:* LISTEN

(TUX at port 80, Apache at 81, for localhost eyes only)

Reference pages

http://www.redhat.com/docs/manuals/tux/
http://www.stllinux.org/meeting_notes/2001/0719/myTUX/khttpd-users-ingo.html
http://slashdot.org/articles/00/07/20/1440204.shtml

DISMISSING

I hope this how-to helps someone getting trouble making Tux work as desired. Any comments or follow-ups are always welcome.

Regards,

Juan
www.LinuxServerTips.com

I’ve updated the post. Step 5 wasn’t correct. I can assure now that I’ve used my own howto to deploy a TUX server on two clean CentOS boxes and a clean RedHat 9 box. Hope it helps.

Regards!

Thanks juangake, it’s a good howto

why do you choose TUX ?
what is, for you, the main benefits ?

The problem with this solution is that everytime you create a new siteworx account, you have to tweak it. Maybe it could be fine to also tweak /home/interworx/etc/vhost-base.conf to have <VirtualHost *:81> everytime a siteworx account is created.
The problem is for the mount --bind, I could do it automaticly as I create siteworx account by using a API and a cron php script, but for iworx users whom do not, it means they’ll have to do it manualy.

Thanks

Pascal

Hello Pascal. Thank you for point out the “*:81” annoyance

For the mount --bind being trashed on every reboot, I’ve tested putting these mounts at file /etc/fstab and it worked after rebooting the box. To test, just do mount -l once edited fstab and got the box back up.

This is an example for added lines at file /etc/fstab following the guidelines at howto’s Step 5:

/home/user1/domain1.tld/html /var/www/html/domain1.tld none rw,bind
/home/user2/domain2.tld/html /var/www/html/domain2.tld none rw,bind

Regarding why choose TUX, I was just looking for some acceleration serving static content, and having RedHat and CentOS boxes it seemed to me more easy than playing with tiny servers as khttpd, thttpd, etc. And, after reading a few both marketing and technical articles, I found TUX just brilliant.

Main benefits for me? A good multi-threaded application for Linux. I’m definitely NOT a Linux guru, but I got disappointed when found out (just read it) that you have to tell Apache2 to use multi-thread capabilities and that, if you do it, can lead to problems with PHP, if doing it, on multiprocessor machines. So I looked for information on the issue considering I just had ordered two DualCPU Xeon servers with hyper-threading.

TUX is working really nice on them and I’m letting Apache serve PHP with no multi-theading, just for care as they are e-commerce production servers. We really appreciate a boost on performance considering we have both static (lot of flash) and dynamic content (PHP/MySQL), on a distributed server matrix.

Regards,

Juan
www.sowsl.com

For the mount --bind being trashed on every reboot, I’ve tested putting these mounts at file /etc/fstab and it worked after rebooting the box. To test, just do mount -l once edited fstab and got the box back up.

I more told about the fact that you have to create manually the directory and bind it. It may be a pbm for interworx-cp whom host a lot of client domain. The only solution may be to add the mkdir and mount --bind in a shell or php script to do it automaticly everytime a new siteworx account is created

I don’t know tux, but if you were looking for an accelerator, why don’t choose something like turck mmcache ?

Pascal

I realize the problem, Pascal, perhaps it’s not worth installing tux on a server with multiple and ‘dynamic’ customers or yourself creating accounts, if there is no other solution

Anyway, Turck MMCache is installed too on our servers, but I understand this program is for caching PHP only TUX it’s a high-performance “mini-apache” for STATIC files (html, swf, txt, images…) that requires less memory per-process, multi-threaded, high-performance and that also caches static content (i.e. images) on memory. A great advantage over Apache, isn’t it? So, we have TUX serving every static file (images, swf flash scripts…) and Apache + Mod_security + Turck MMCache serving PHP scripts (so dynamic content), on the same machine. MySQL has its own dedicated server and all together is just working great where we had reached performance problems before.

Regards,

Juan

Cool

Thanks for your explanations

Do you use siteworx to manage your MySQL databases ? I wonder how it may be done using SiteWorx and a non localhost MySQL

Regards

Pascal

Well, since we don’t use our servers to sell hosting, we can just install a frontend phpmyadmin to manage server-wide MySQL databases.

Regards,

Juan

This is a very interesting thread. I had been contemplating using a complicated set of Reverse PRoxy to do the same with Lighttpd, and Apache, but this is a better solution for some new work that has come up for me.

I do have a silly question to ask - does the system log bandwidth correctly ? ALSO - does the environment variables like the IP address of the person who is trying to access the get passed properly ?

Either way, it’s a great howto

Hello,

• “Does the system log bandwidth correctly?”

It does. On interworx you’ll not see “web traffic” served by TUX, but you’ll see your traffic under “network traffic”.

• “does the environment variables like the IP address of the person who is trying to access the get passed properly?”

If you mean the origin IP address passed to Apache, yes it does, at least it wasn’t a problem for my requirements. I would do some testing anyway, considering the amount of proxy-in-the-middle situations you can face. On my tests, proxies on a friend’s side (ADSL line) were not a prob.

I heard of some ‘TUX not handling correctly proxy requests’, but they were old comments.

Regards,

Juan