Here is a single command which will install the module and all of its dependecies (known upto the date of this article). I’ve tested this several times in CentOS 5.x boxes but I dont guarantee that it’ll also work seamlessly for you as well:

# cpan Net::Amazon::S3 DateTime::Format::ISO8601 DateTime Scalar::Util ExtUtils::MakeMaker Pod::Man Test::More DateTime::TimeZone Class::Singleton Params::Validate Attribute::Handlers Module::Build Cwd DateTime::Locale Class::ISA List::MoreUtils Time::Local DateTime::Format::Builder DateTime::Format::Strptime Class::Factory::Util Task::Weaken DateTime::Format::HTTP HTTP::Date Compress::Zlib Net::FTP URI MIME::Base64 HTML::Tagset HTML::Parser XSLoader Digest::MD5 Class::Accessor::Fast base XML::LibXML::XPathContext XML::SAX XML::NamespaceSupport File::Temp XML::LibXML::Common Digest::MD5::File Regexp::Common MooseX::StrictConstructor Moose Test::Exception Test::Harness Sub::Uplevel Carp Class::MOP Sub::Name Devel::GlobalDestruction Scope::Guard Sub::Exporter Params::Util Sub::Install Data::OptList MRO::Compat Class::C3 Algorithm::C3 Data::Stream::Bulk::Callback namespace::clean B::Hooks::EndOfScope Variable::Magic Exporter Test::use::ok IO::File MooseX::Types::DateTimeX Digest::HMAC_SHA1 LWP::UserAgent::Determined

After the successful running of above command, issue the next command to check which version of module has been installed in you server:

# perl -e ‘use Net::Amazon::S3; print $Net::Amazon::S3::VERSION.”\n”‘
0.51

You should be able to get the version number. If there’s still an issue, you’ve to dig around and in that case this may help you out.

500 OOPS: vsf_sysutil_recv_peek

The solution for this problem is to load capability module:

$ modprobe capability

You may also like to read:
* 5 steps to secure your Linux Server
* Ensuring secure access to production Linux Servers
* Bash script to backup essential log files in Linux
* Quickly change your ssh port from defualt 22 to something higher
* SSH port forwarding from remote to local machine
* Save root or user history to check later
* Install and configure denyhost to prevent brute force attacks

While deploying a load balancer, we need some mechanism to inform loadbalancer to forward request to different set of servers based on the condition specified. Here I’m using HAProxy load balancer on CentOS 5 box. This is a very small test setup in Amazon EC2 environment having 3 small instances.

Let’s start the action. Login to server where you want to install HAProxy. Download it and extract it. You can download source and compile but as its a single executable file, I prefer to download precompiled file for being lazy

$ mkdir /usr/local/haproxy
$ cd /usr/local/haproxy
$ wget http://haproxy.1wt.eu/download/1.3/bin/haproxy-1.3.15.2-pcre-40kses-splice-linux-i586.notstripped.gz
$ gunzip haproxy-1.3.15.2-pcre-40kses-splice-linux-i586.notstripped.gz
$ mv haproxy-1.3.15.2-pcre-40kses-splice-linux-i586.notstripped haproxy
$ chmod 700 haproxy

As an example, we have two backend servers/domains, one to serve static contents and other for dynamic contents. Let’s create config file:

$ vi haproxy.cfg
 
  defaults
    balance roundrobin
    cookie SERVERID insert indirect</code>
 
  frontend www 10.252.130.162:80
    mode http
    acl dyn_content url_sub cgi-bin
    use_backend dyn_server if dyn_content
    default_backend stat_server
 
  backend dyn_server
    mode http
    server dserver1 dynamic.example.com:80 cookie A check
 
backend stat_server
    mode http
    server sserver1 static.example.com:80 cookie B check</code>

Here, 10.252.130.162 is the IP of your load balancer server. HAProxy configuration file has several sections called defaults, listen, frontend and backend. We used cookie to forward all subsequent requests from same user to same backend. The main thing here is the acl in frontend section which stats that if there’s a word “cgi-bin” in user’s url then use dyn_server as backend otherwise use default backend which is stat_server. You should refer HAProxy documentation for further information of configurations.

Save the file and check it for syntax:

$ ./haproxy -f ./haproxy.cfg -c

It will throw warnings regarding missing timeouts in sections, you can ignore these warnings. If there’s any error, check the config file again.

Run HAProxy:

$ ./haproxy3 -f ./haproxy.cfg -p /var/run/haproxy.pid

Put load balancer’s public IP/domain name in your browser and test this setup, it should go as expected.

You may also like to read:
* 5 steps to secure your Linux Server
* Ensuring secure access to production Linux Servers
* Bash script to backup essential log files in Linux
* Quickly change your ssh port from defualt 22 to something higher
* SSH port forwarding from remote to local machine
* Save root or user history to check later
* Install and configure denyhost to prevent brute force attacks

Management server for cluster:
Although we can set up management server for cluster in one of the data node but we should have a third node as if one of the two MySQL cluster nodes fails, and the management server is not running, then the data on the two cluster nodes will become inconsistent and if the same node fails which have management server, then we will not be able to create another node or configure cluster.

Beginning with MySQL 5.1.6, it is possible to store the non-indexed columns of NDB tables on disk, rather than in RAM as with previous versions of MySQL Cluster. Here I’m using MySQL 5.1.26-rc as its the latest version while writing this article.

Let’s dive in practical:
1. Fire up 3 instances and note down their public and private IPs, dedicate roles(mgmt, node) for them and login in management node. Install ncurses library for MySQL compilation requirement:

$ yum install ncurses ncurses-devel

2. Download mysql source from its source download page:

$ cd /usr/src
$ groupadd mysql
$ useradd -g mysql mysql
$ wget http://dev.mysql.com/get/Downloads/MySQL-5.1/mysql-5.1.26-rc.tar.gz/from/ftp://mirror.services.wisc.edu/mirrors/mysql/
$ tar xzf mysql-5.1.26-rc.tar.gz
$ cd mysql-5.1.26-rc
<pre>
 
<strong> 3. Compile and install: </strong>
<pre lang="bash">
$ ./configure --enable-community-features --with-mysqld-user=mysql --with-mysqlmanager --with-plugins=ndbcluster 
$ make && make install

4. Create required directories:

$ mkdir -p /var/lib/mysql/mysql-cluster/backup
$ chown -R mysql:mysql /var/lib/mysql
$ cd /var/lib/mysql/mysql-cluster
$ vim config.ini
[NDBD DEFAULT]
NoOfReplicas=2
DataMemory=80M    # How much memory to allocate for data storage
IndexMemory=18M   # How much memory to allocate for index storage
# For DataMemory and IndexMemory, we have used the
# default values. Since the "world" database takes up
# only about 500KB, this should be more than enough for
# this example Cluster setup.
[MYSQLD DEFAULT]
[NDB_MGMD DEFAULT]
[TCP DEFAULT]
# Section for the cluster management node
[NDB_MGMD]
# IP address of the management node (this system)
HostName=10.252.169.x
# Section for the storage nodes
[NDBD]
# IP address of the first storage node
HostName=10.254.237.x
DataDir=/var/lib/mysql/mysql-cluster
BackupDataDir=/var/lib/mysql/mysql-cluster/backup
DataMemory=2048M
[NDBD]
# IP address of the second storage node
HostName=10.251.74.x
DataDir=/var/lib/mysql/mysql-cluster
BackupDataDir=/var/lib/mysql/mysql-cluster/backup
DataMemory=2048M
 
# one [MYSQLD] per storage node
[MYSQLD]
[MYSQLD]

Save and close the file.

5. Start management server. You can also copy ndb_mgmd in system path for easy access.

$ /usr/src/mysql-5.1.26-rc/storage/ndb/src/mgmsrv/ndb_mgmd -f /var/lib/mysql/mysql-cluster/config.ini

***

Setup of Node1 and Node2:

1. These settings are identical for Node 1 and Node 2. Let’s start by adding mysql user and group:

$ groupadd mysql 
$ useradd -g mysql mysql

2. Install required ncurses library for MySQL compilation:

$ yum install ncurses ncurses-devel

3. Download, compile and install MySQL:

$ cd /usr/src
$ wget http://dev.mysql.com/get/Downloads/MySQL-5.1/mysql-5.1.26-rc.tar.gz/from/ftp://mirror.services.wisc.edu/mirrors/mysql/
$ tar xzf mysql-5.1.26-rc.tar.gz
$ cd mysql-5.1.26-rc
$ ./configure --enable-community-features --with-mysqld-user=mysql --with-mysqlmanager --with-plugins=ndbcluster 
$ make && make install

4. Install initial mysql db:

$ /usr/src/mysql-5.1.26-rc/scripts/mysql_install_db --user=mysql

5. Create directories:

$ mkdir -p /var/lib/mysql/mysql-cluster/backup
$ chown -R mysql:mysql /var/lib/mysql

6. Copy init script from mysql source to preferred location:

$ cp /usr/src/mysql-5.1.26-rc/support-files/mysql.server /etc/init.d/
$ chmod 755 /etc/init.d/mysql.server

7. Create config file for MySQL:

$ vim /etc/my.cnf
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
# Default to using old password format for compatibility with mysql 3.x
# clients (those using the mysqlclient10 compatibility package).
old_passwords=1
ndbcluster
# IP address of the cluster management node
ndb-connectstring=10.253.191.210
default-storage-engine=NDBCLUSTER
#Those are for future tuning
#max_connections=341
#query_cache_size=16M
#thread_concurrency = 4
[client]
port=3306
socket=/var/lib/mysql/mysql.sock
[mysql.server]
user=mysql
basedir=/usr/local
[mysql_cluster]
# IP address of the cluster management node
ndb-connectstring=10.253.191.x
[mysqld_safe]
log-error=/var/log/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid

Save and close the file.

8. You can also include MySQL directories in your path (Optional).

$ PATH=$PATH:/usr/local/mysql/bin:/usr/local/mysql/libexec
$ export PATH

9. Start MySQL Server now:

$ /etc/init.d/mysql.server start

10. Repeat these steps in node 2 and start MySQL on both nodes. MySQL should start without any complain. You should also update the password for root user.

Test the cluster:

1. Focus again on Management node to have a look of Cluster connectivity. Open the ndb cluster management console. You should add this directory in PATH or can copy files to your system bin. (I’m a bit lazy

$ /usr/src/mysql-5.1.26-rc/storage/ndb/src/mgmclient/ndb_mgm
-- NDB Cluster -- Management Client --

2. Issue command to view status of cluster:

ndb_mgm> show;
Connected to Management Server at: localhost:1186
Cluster Configuration
---------------------
[ndbd(NDB)]     2 node(s)
id=2    @10.254.237.x  (Version: 5.1.26, Nodegroup: 0, Master)
id=3    @10.251.74.x  (Version: 5.1.26, Nodegroup: 0)
 
[ndb_mgmd(MGM)] 1 node(s)
id=1    @10.252.169.x  (Version: 5.1.26)
 
[mysqld(API)]   2 node(s)
id=4    @10.254.237.x  (Version: 5.1.26)
id=5    @10.251.74.x  (Version: 5.1.26)</code>
ndb_mgm> quit

Everything should run fine.

3. Jump on the node 1 (or 2, doesnt matter in a cluster and try to create db, table and issue commands. BE SURE to use ENGINE=NDBCLUSTER while table creation else cluster will not work, means data will not be replicated throughtout cluster. Insert some records and check that on other node.

Conclusion:
It’s a basic test cluster and I would not recommend it for any production use. In fact, as per one of MySQL expert, “I would advise you to consider if MySQL Cluster is really a right choice for your project, it’s often not, probably in 99.9% of the cases I encountered, and does not give expected results” and when asking the alternate, “usually some MySQL/InnoDB in Master/Master, Master/Slave setup can work well enough to handle very high rate of transactions.”

Of course, ther are several considerations you have to take care, like network connectivity between instanes, backup to S3 and automatic promotion of second master in case first one failed. I’m looking on these and as well as on to setup Master/Master replication with S3 backup. I’ll post that here, once done.

You may also like to read:
* Install and configure FTP server in Amazon Instance
* Quick and simple php based script to check replication status of multiple MySQL Servers
* Setup multiple MySQL database servers in a single Linux host
* Optimize MySQL on a large Database Server
* Recover or reset root password of MySQL and PostgreSQL Servers
* How to setup MySQL Cluster 7.0 in Redhat based Linux
* Optimize and fix MySQL Server running slow without any load
* How to find out the clients connecting to your MySQL server
* Quickly repair huge corrupted or crashed table in MySQL
* Install and configure PhpMyAdmin to manage multiple MySQL Servers

Here I’m using vsftp (vsfptd) Server, which is one of the most popular and easy to configure. The instance is running from base Fedora 4 AMI but the setup should be identical to other Red Hat based distros.

Install vsftpd FTP server, if not installed earlier:

$ yum install vsftpd

Its upto you which FTP method i.e. Active or Passive you want to use. The problem with active mode is that your computer is sending a request out of port 21 when all of a sudden, the server attempts to initiate a request with your computer on port 20. Since communication on port 21 does not imply communication on port 20, it appears as if some unauthorized host has attempted to initiate a new connection with your computer. Kind of sounds like a hack right? Your firewall may think so too (or your NAT router may have no idea to which computer to route the request). Active mode is not used as default method of ftp transfer in many clients these days.

On the other hand, as the Ingress firewall is running in AWS, from the firewall’s standpoint, to support passive mode FTP the following communication channels need to be opened:

FTP server’s port 21 from anywhere (Client initiates connection).
FTP server’s port 21 to ports > 1023 (Server responds to client’s control port).
FTP server’s ports > 1023 from anywhere (Client initiates data connection to random port specified by server).
FTP server’s ports > 1023 to remote ports > 1023 (Server sends ACKs (and data) to client’s data port).

That second part is the problem: FTP server listens on a random port and hands that back to the client, so the client initiates a connection to a random server port, which you must allow.

Opening up all ports > 1023 isn’t so good for security. But what you can do is allow the ports through the distributed firewall and then setup your own filtering inside your instance. Instead, you would better open a fixed number of ports (such as 1024 to 1048) and configure your FTP Server to only use that ports.

Check whether required ports are open or not in your EC2 security group. (if you are unaware about security group, it should be ‘defaul’ unless you created a new one).

$ ec2-describe-group

This command will print all ports which are currently open. If you dont find port 20,21,1024-1048 then you need to open these ports but if you dont find the command itself i.e.

$ ec2-describe-group
-bash: ec2-describe-group: command not found

You need to install ec2 command line tools. You can find them here and the instructions to setup/configure can be found here.

Open the ports now:

$ ec2-authorize default -p 20-21
$ ec2-authorize default -p 1024-1048

Here, ‘default’ is the name of security group. You can also open ports for specific IPs. For ease of use, you better install ElasticFox, a firefox extension to manage EC2 stuff. you can find more about it here.

At this moment, you can start your FTP server and if you try to connect it, the process will get failed. By checking logs, you should find something like:

Status: Connected
Status: Retrieving directory listing...
Command: PWD
Response: 257 "/" is current directory.
Command: TYPE A
Response: 200 Type set to A
Command: PASV
Response: 227 Entering Passive Mode (216,182,238,73,129,75).
Command: LIST
Error: Transfer channel can't be opened. Reason: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.
Error: Could not retrieve directory listing

Time to configure vsftpd.conf file:

$ vi /etc/vsftpd/vsftpd.conf
#<em>---Add following lines at the end of file---</em>
	pasv_enable=YES
	pasv_min_port=1024
	pasv_max_port=1048
	pasv_address=<Public IP of your instance>

Put public IP of your EC2 instance and then Save the file. Now restart the server:

$ /etc/init.d/vsftpd restart

One another thing I noticed recently in some instances is that even after configured properly, ftp client is not able to connect. You can find the description and solution of that problem in this post on this blog.

You may also like to read:
* 5 steps to secure your Linux Server
* How to setup multiple mysql servers in a single Linux machine.
* Setup Mysql Cluster in Amazon EC2.
* Download, install and configure perlbal loadbalancer.
* How to find out clients of your Mysql server.
* Fix and optimize Mysql server running slow without any load.
* Script to sync files between web servers.
* Install and configure HAProxy loadbalancer.
* Quick web based php script to check replication status of multiple MySQL Servers