Open main menu

OpenVZ Virtuozzo Containers Wiki β

Changes

Talk:Shared webhosting

2,589 bytes added, 10:10, 19 March 2012
MySQL Socket Sharing
== Sharing mysql socket ==
Wouldn't it be easier to just link the directory containing the socket using 'mount --bind'? Don't think that inode will change. [[Special:Contributions/62.195.200.207|62.195.200.207]] 16:39, 15 July 2011 (UTC)
 
== Linking to howto pages ==
I probably did something stupid, but how can I link from the HOWTO's to this page?
--[[User:Hvdkamer|Hvdkamer]] 08:23, 2 August 2006 (EDT)
I probably did something stupid, but how can I link from the HOWTO's to this page?
: If you want to link to the Category:HOWTO, you put it like this
: <code><nowiki>[[:Category:HOWTO HOWTOs (i.e. this is link text)]]</nowiki></code>
I suggest renaming the article to something like "Application separation" or "Services separation" since this is what you actually describe :) --[[User:Kir|Kir]] 10:22, 2 August 2006 (EDT)
: Go ahead if you think it describes the content better. I started to investigate OpenVZ because I had serious problems with shared hosting. The minimal servers (it is only a rough draft at this moment) are the solution to that. You could see this as application seperation, but for the end-user it is a "normal" webhosting account. Only he/she can do much more and can not break his/her prison :-)--[[User:Hvdkamer|Hvdkamer]] 10:28, 2 August 2006 (EDT) :: May be to explain better my choice. After some serious problems with PHP (users who knew where an include with passwords lived, could see the content) I started to investigate the option of Apache threads with its own user credentials. That was the abonded project perchild. So there is not an easy technical solution. Also users hate safe_mode and open_basedir because it breaks there applications. They also want obscure CGI-scripts and all the things we administrators hate. I already used chrooted OpenSSH shell accounts. With the minimal servers I take that one step further. Now every user has total control (he/she can even be root) over his/her space. :: If I had to do my research again, I think I would still start with "shared webhosting". Not "application seperation". I think that my term, although not exactly correct, will draw more people to this site. I think of it as "user seperation", but that is the whole point of OpenVZ? As said, its your Wiki, so change it if you think it is better :-) --[[User:Hvdkamer|Hvdkamer]] 10:2840, 2 August 2006 (EDT) ::: I changed the introduction to give some examples of the problems shared webhosting is facing. I think that you now could see were it is going? I'm still in the process of setting up this server. So I thought to start this page while I'm working on it. Because if you do it weeks later, most subtle points are lost :-) --[[User:Hvdkamer|Hvdkamer]] 11:42, 2 August 2006 (EDT) == Proxying == I would suggest using [http://www.apsis.ch/pound/ Pound] as the Proxy Server running on your Frontend VE. Its a pretty lightweight and _fast_ Proxy. Besides proxying it does also support load balancing, failover and SSL. I've been using it for various projects over the past few years, its proven to be pretty stable and reliable. --[[User:Torsten|Torsten]] 14:51, 9th Nov 2006 (CST) == MySQL Socket Sharing == 2011-11-15 I had this issue using mysql :<pre> Could not connect to database: Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2) 111115 22:05:40 [ERROR] Can't start server: Bind on TCP/IP port: Cannot assign requested address 111115 22:05:40 [ERROR] Do you already have another mysqld server running on port: 3306 ?</pre>changing bind-address in /etc/mysql/my.cnf from bind-address = 127.0.0.1to bind-address = 10.100.100.220fixed it for us. using ubuntu 11.10
May be to explain better my choice. After some serious problems with PHP (users who knew where an include with passwords lived, could see the content) I started to investigate :i had the option of Apache threads with its own user credentialssame error message. That my mistake was the abonded project perchildthat i had no loopback-interface configured. So there is not an easy technical solution. Also users hate safe_mode adding auto lo iface lo inet loopback:to /etc/network/interfaces and open_basedir because restarting networking fixed it breaks there applicationsfor me. They also want obscure CGI-scripts and all the things we administrators hate. I already used chrooted OpenSSH shell accounts. With the minimal servers I take that one step further. Now every user has total control (he/she can even be rootdebian) over his/her space.------------
If I had to do my research againThere's a good guide, I think I would still start with using "shared webhostingmount --bind"available at http://sudhaker. Not com/2008/04/isolated-mysql-installation-openvz-cluster/, but I couldn't get it to work.Also the "application seperationln /var/lib/vz/private/101/var/run/mysqld/mysqld.sock ..."mentioned in the article itself does not work for me: the mysqld. I think that my termsock only appears in /vz/root/123, although not exactly correct/vz/private/123.Additionally, will draw more people "mysql -u root -p -S /vz/root/123/var/run/mysqld/mysqld.sock" fails with: ERROR 2002 (HY000): Can't connect to this sitelocal MySQL server through socket '/var/lib/vz/root/1234/var/run/mysqld/mysqld. I think of it as "user seperation", but that sock' (111)This is the whole point of OpenVZ? As said, its your Wiki, so change it if you think it is better :-with Ubuntu Hardy (fixed kernel from Git).--[[User:HvdkamerBlueyed|HvdkamerBlueyed]] 1016:4023, 2 August 2006 28 April 2008 (EDT)
I changed === Decreased security ===Isn't sharing sockets blocking advantages promoted in <blockquote>"As an extra security measure you can use the introduction to give some examples of the problems shared webhosting is facinginternal IP-address as well. I think that you now could see were it is going? "</blockquote> I'm still d actually would like to have mysql reject root user logins unless logging in the process of setting up this from VE actually housing mysql server. So I thought to start this page while IThat'm working s impossible on using Unix sockets since it. Because if you do 's always using "localhost" then, isn't it weeks later, most subtle points are lost :-)?
Anonymous user