18Sep/190

LEMP: Debian, NGINX + Certbot, MariaDB, PHP

This tutorial shows you how to prepare your Debian VPS for hosting your website.
We are not going to perform any fine-tuning or optimization on the default configuration files. So neither NGINX, MySQL or PHP (LEMP) will get any other than the necessary configuration changes in order to run a website properly.

1. Install the Software

NGINX, Certbot, PHP installation:

:~# apt install nginx python3-certbot-nginx php-fpm php-mysql zip unzip pwgen

MariaDB can be installed as follows:

:~# apt install mariadb-server

Installing MariaDB by using the default-package repositories might not install the latest version of MariaDB. For the latest MariaDB version visit Official MariaDB Repo and follow the instructions.

2. Configure the Software

You should secure your MariaDB installation first:

:~# mysql_secure_installation && mysql_upgrade
:~# mysql

 Welcome to the MariaDB monitor.  Commands end with ; or \g.
 Your MariaDB connection id is 55
 Server version: 10.4.6-MariaDB-1:10.4.6+maria~buster mariadb.org binary distribution
 Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
 Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. 

We will now run Certbot for our default vmXXXX.contaboserver.net hostname, you could also simply add any other website.

Important:
In case you want to secure multiple domains you can simply add them with another "-d" option behind the command, e.g.:

:~# certbot --nginx -d $(hostname) -d vmXXXX.contaboserver.net

Certbot will also create a default configuration for your website within /etc/nginx/sites-enabled/

Let's configure PHP, so NGINX knows where to send PHP-Files for interpreting. Check where PHP-FPM listens to:

:~# grep "listen =" /etc/php/7.3/fpm/pool.d/www.conf
listen = /run/php/php7.3-fpm.sock

The pool configuration file got a lot of parameters which can be adjusted according to the hardware your server is running and the type of scripts hosted on your website.
Open /etc/nginx/sites-enabled/default and you will see a PHP section which is commented out, you could install multiple PHP-Versions, add a server or VPS for PHP interpreting only and much more.
We will add the following lines to any "server {}" configuration we want PHP to be available on:

location ~ .php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.3-fpm.sock;
}

You also need to expand the "index" line with "index.php" :

 index index.php index.html index.htm; 

:~# systemctl restart nginx

We will now download and install phpMyAdmin and make it available. On Debian 10 phpMyAdmin is not available via "apt install phpmyadmin" command, they are probably going to add the package once the Alpha got stable.
For downloads visit Official phpMyAdmin Website . As we are using PHP 7.3 we need to download the Alpha Version, which is still in testing phase.

:~# mkdir /var/www/phpmyadmin
:~# cd /var/www/phpmyadmin/
:~# wget https://files.phpmyadmin.net/phpMyAdmin/5.0.0-alpha1/phpMyAdmin-5.0.0-alpha1-all-languages.zip
&& unzip phpMyAdmin-5.0.0-alpha1-all-languages.zip
:~# mv phpMyAdmin-5.0.0-alpha1-all-languages/* .

Create a database user and import the database; run "pwgen" to generate random passwords.

:~# mysql < sql/create_tables.sql
:~# mysql

CREATE USER 'phpmyadminuser'@'localhost'  IDENTIFIED BY 'USE ONLY SECURE PASSWORDS !!';
GRANT SELECT, INSERT, UPDATE, DELETE ON phpmyadmin.* TO 'phpmyadminuser'@'localhost'
IDENTIFIED BY 'USE ONLY SECURE PASSWORDS !!'; FLUSH PRIVILEGES;

Let's configure phpMyAdmin to use the database. Uncomment the following lines in config.inc.php:

/* User used to manipulate with storage */
  $cfg['Servers'][$i]['controlhost'] = 'localhost';
  $cfg['Servers'][$i]['controlport'] = '3306';
  $cfg['Servers'][$i]['controluser'] = 'phpmyadminuser';

:~# cp -p config.sample.inc.php config.inc.php
:~# pwgen 32 1 #Copy the password for blowfish secret
:~# chown www-data: /var/www/phpmyadmin -R

Last but not least, configure the webserver to make the content available.
Add the following section to the domain you want to expose it on:

    location /phpmyadmin {
           root /var/www/phpmyadmin/;
           index index.php index.html index.htm;
           location ~ ^/phpmyadmin/(.+\.php)$ {
                   try_files $uri =404;
                   root /var/www/phpmyadmin/;
                   fastcgi_pass unix:/run/php/php7.3-fpm.sock;
                   fastcgi_index index.php;
                   fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
           }
           location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
                   root /var/www/phpmyadmin/;
           }
    }

5Sep/190

Webspace: Creating a Blog in Minutes

This tutorial will show you how to create a blog and publish it world wide in just a couple of minutes.

The requirement for the Softaculous automatic WordPress installation is a Webspace package L or higher.
Alternatively, WordPress can be installed manually by uploading files via FTP.

1. Login to your cPanel account after receiving the e-mail containing the login information.

2. Within "Softaculous Apps Installer" click on "WordPress" to open the following site:

3. This site shows all existing WordPress installations, as we are setting up WordPress for the first time we will hit "Install Now" in order to install our first WordPress site.

In case you want the WordPress site to be hosted on a subdomain or alternate directory you will be able to adjust the configuration to meet your requirements. We are going to use the main domain the Webhosting package was set up with, in this case we will have to remove the "wp" within the "in directory" option.

Set a secure password, adjust the remaining configuration options and hit "start installation".

That's it!
The Blog is installed, you are ready to upload content and share it world wide.

We recommend enabling automatic updates or at least perform manually updates often.
WordPress is a very common software used for websites, especially for blogs. As a very high amount of websites run WordPress, hackers always work on finding new security holes in order to hijack or even infect the website with malware.
WordPress updates are very important in order to run a safe website.
You should make sure to not run any outdated software on a website, even WordPress plugins need to be updated as well.

In case you want to reinstall the blog, use another software or the Contabo Website Builder instead, you are able to remove WordPress at any time using the Softaculous App Installer WordPress site within your cPanel login.

Posted by: Gianni-Donato | Tagged as: , , , , , No Comments
24Jul/190

Debian & Ubuntu Upgrade

At Contabo, we always offer you the latest version of many popular Linux operating systems. This tutorial shows you how to upgrade from an old version to the latest Debian (stable) or Ubuntu LTS.

Important:
Before proceeding make sure to have a local backup of all important files, the upgrade might fail and your server becomes inoperable!
In case you are upgrading a VPS with 100% SSD, creating a prior snapshot will be sufficient for backup.
The upgrade really depends on the customization performed on the system and the amount of software installed. The higher the amount of additional software, the higher the risk of package-conflicts which need to be solved manually.

1. Preparation

The system needs to get all pending updates for your software packages, prior to proceeding. If you have not installed updates recently this might take some time.
Packages which were installed due to dependencies and are not needed anymore should be deleted as well.

:~#apt-get update && apt-get upgrade -y
:~#apt-get autoremove

2. Adjusting the apt.conf (Debian)

The following commands will replace "stretch" with "buster" in any repository entry.
In case you manually added additional repositories they might fail, you will have to manually investigate or disable those package sources.

:~#sed -i 's/stretch/buster/g' /etc/apt/sources.list
:~#sed -i 's/stretch/buster/g' /etc/apt/sources.list.d/*

Usually there should be no additional package sources configured and your sources list will have the following configuration:

:~# cat /etc/apt/sources.list
deb http://asi-fs-n.contabo.net/debian buster main non-free contrib
deb http://security.debian.org/debian-security buster/updates main contrib non-free
deb-src http://security.debian.org/debian-security buster/updates main contrib non-free
deb http://asi-fs-n.contabo.net/debian buster-updates main contrib non-free

3. a) Start upgrade (Debian)

The following commands will start the upgrade and will also update the packages.

:~#apt clean && apt update
:~# apt upgrade -y
:~# apt dist-upgrade -y
:~# apt autoremove
:~# cat /etc/os-release
PRETTY_NAME="Debian GNU/Linux 10 (buster)"
NAME="Debian GNU/Linux"
VERSION_ID="10"
VERSION="10 (buster)"
VERSION_CODENAME=buster
ID=debian
HOME_URL="https://www.debian.org/"
SUPPORT_URL="https://www.debian.org/support"
BUG_REPORT_URL="https://bugs.debian.org/"

3. b) Start upgrade (Ubuntu)

Ubuntu has got a Tool/command for this purpose: "do-release-upgrade" it will update to next available LTS version, so 14.04 LTS to 16.04 or 16.04 LTS to 18.04 LTS.
In case the command was not found and the tool is missing, it can be installed with following command:

:~# apt-get install update-manager-core

4. Restart server

In order to use the recently installed kernel, you will have to reboot your server. After rebooting you are running the latest version of Debian (stable)/ Ubuntu LTS.

In case of any issues or inquiries, our customer support team is available to assist you.

Posted by: Gianni-Donato | Tagged as: , , , , , No Comments
21Mar/180

How to manage your RAID controller in Windows

Not long ago, we have shown you in a different tutorial how to manage your raidcontroller in Linux. Below you can find the respective guideline for Windows.

Monitoring a RAID array

A hardware RAID has certain advantages, but also a hardware RAID has to be monitored. We always rely on tried and tested hardware to minimize the risk of a hardware failure, but there is always the risk that hardware fails, therefore monitoring the hardware is even more important to guarantee that the server will keep running properly.

In the case of a software RAID, the operating system generates messages about the RAID; with a hardware RAID, the controller does it itself - but you need a special software to read these messages.

This blog entry shows the installation and use of the Adaptec and LSI software on Windows operating systems.
There are also graphical interfaces available for managing raidcontrollers, such as a web interface.

Please contact our support department in case you are not sure which controller was added to your server.

Updating the controller's firmware or the operating system's driver may lead to a complete loss of all data stored on that RAID!

1. Adaptec

1.1 Installation of the arcconf binary

Open the Powershell as Administrator, you will start at the "Administrator" User folder.
Create a new folder and change to that folder, e.g.:

mkdir C:\raid; chdir C:\raid

The binary can be downloaded via Powershell as well, type in the following command:

iwr -URI http://download.adaptec.com/raid/storage_manager/arcconf_v2_03_22476.zip' -OUTFILE arcconf_v2_03_22476.zip; start arcconf_v2_03_22476.zip

(You could also download the binary with your webbrowser from here )

You should see some directories including the "windows_x64" directory, select that directory and copy it to "C:\raid\".

1.2 Monitoring the raidcontroller

Open the Powershell and change the directory using the following command:

chdir C:\raid\windows_x64\cmdline

You should be able to run the executable by using the following command: " .\arcconf.exe getconfig 1" - this will display all information.

You will get all information regarding the 1st controller installed in your system. In case you have installed more than one controller you could display the information of the 2nd controller by typing ".\arcconf.exe GETCONFIG 2".

A list of available options can be displayed by typing ".\arcconf.exe" .
The most important status can be filtered out by typing ".\arcconf.exe GETCONFIG 1 | findstr Status" into the Powershell.

PS C:\raid\windows_x64\cmdline> .\arcconf.exe GETCONFIG 1 | findstr Status
Controller Status : Optimal
Status : ZMM not installed
Status of Logical Device : Optimal

"ZMM not installed" shows that this controller currently has no BBU (battery backup unit) installed, a BBU can be installed at any time as an upgrade.

A "Degraded" status on a LD (Logical Device) indicates that there must be an issue.

PS C:\raid\windows_x64\cmdline> .\arcconf.exe GETCONFIG 1 | findstr Status
Controller Status : Optimal
Status : ZMM not installed
Status of Logical Device : Degraded

To check if there is any failed drive (in this scenario the SSD failed), type in the following command and you will see the "State : Failed" information:

PS C:\raid\windows_x64\cmdline> .\arcconf.exe GETCONFIG 1 PD
Controllers found: 1
----------------------------------------------------------------------
Physical Device information
----------------------------------------------------------------------
Device #0
Device is a Hard drive
State : Failed
Block Size : 512 Bytes
Failed logical device segments : True
Supported : Yes
Transfer Speed : Failed
Reported Channel,Device(T:L) : 0,0(0:0)
Reported Location : Connector 0, Device 0
Vendor :
Model : Crucial_CT275MX3
Firmware : M0CR040
Serial number : 11111111111111
World-wide name : 500A075116639956
Total Size : 262321 MB
Write Cache : Enabled (write-back)
FRU : None
S.M.A.R.T. : No
S.M.A.R.T. warnings : 0
Power State : Full rpm
Supported Power States : Full power,Powered off,Standby
SSD : Yes
Temperature : Not Supported
NCQ status : Enabled

To replace a failed drive just contact us, we will immediately take care of it. To speed up the process you should provide us with the above output. It shows the S/N and the port that drive is attached to. In this case the S/N is "11111111111111" and the attached Port is "0".

As soon as the drive got replaced the rebuild should start automatically:

PS C:\raid\windows_x64\cmdline> .\arcconf.exe GETCONFIG 1 | findstr Status
Controller Status : Optimal
Status : ZMM not installed
Status of Logical Device : Degraded, Rebuilding ( Rebuild : 1 % )

Depending on your RAID setup this will probably take several hours.

1.3 Installing an available webinterface

For Adaptec controllers there is the "MaxView Storage Manager" available, it can be downloaded here: https://storage.microsemi.com/de-de/speed/raid/storage_manager/msm_windows_x64_v2_03_22476_zip.php

The installer is located within the directory called "manager" - that directory will be created when unpacking the downloaded archive.
You can start the installation by starting "setup_asm_x64.EXE" .
Afterwards you should be able to reach the webinterface on https://<SERVERIP>:8443 .

2. LSI

2.1 Installation of the StorCLI binary

Download of the commandline Binary :

iwr -URI 'https://docs.broadcom.com/docs-and-downloads/raid-controllers/raid-controllers-common-files/1.21.16_StorCLI.zip' -OUTFILE StorCLI.zip;explorer.exe .\StorCLI.zip\versionChangeSet\univ_viva_cli_rel\

A Windows Explorer should popup when using the above command. Now copy "storcli_ALL_OS.zip" to the "C:\raid" directory:

 

Now unzip that file.

 

2.2 Monitoring the raidcontroller

Go to your Powershell and type the following command to access the recently unpacked files:

chdir C:\raid\storcli_All_OS\storcli_All_OS\Windows\

You should be able to call "storCLI.exe", there is also a 64Bit binary.

You can display the current status of the raidcontroller by typing:

PS C:\raid\storcli_All_OS\storcli_All_OS\Windows> .\storcli64.exe /c0 show

TOPOLOGY :
========
-----------------------------------------------------------------------------
DG Arr Row EID:Slot DID Type  State BT       Size PDC  PI SED DS3  FSpace
-----------------------------------------------------------------------------
0 -   -   -        -   RAID1 Optl  N  255.656 GB dflt N  N   dflt N
0 0   -   -        -   RAID1 Optl  N  255.656 GB dflt N  N   dflt N
0 0   0   64:4     12  DRIVE Onln  N  255.656 GB dflt N  N   dflt -
0 0   1   64:5     13  DRIVE Onln  N  255.656 GB dflt N  N   dflt -
----------------------------------------------------------------------------

Example for a failed HDD:

TOPOLOGY :
========
----------------------------------------------------------------------
DG Arr Row EID:Slot DID Type  State BT Size PDC  PI SED DS3  FSpace
----------------------------------------------------------------------
0 -   -   -        -   RAID1 Dgrd  N  255 GB dflt N  N   dflt N
0 0   -   -        -   RAID1 Dgrd  N  255 GB dflt N  N   dflt N
0 0   0   -        -   DRIVE Msng  -  255 GB -    -  -   -    -
0 0   1   64:5     13  DRIVE Onln  N  255 GB dflt N  N   dflt -
---------------------------------------------------------------------

 

PS C:\raid\storcli_All_OS\storcli_All_OS\Windows> .\storcli64.exe /c0 /sall show

Controller = 0
Status = Failure
Description = No drive found!
Detailed Status :
===============
----------------------------------------
Drive Status ErrCd ErrMsg
----------------------------------------
/c0/sALL Failure 255 Drives not found
----------------------------------------

To display the current status of the rebuild you can run:

PS C:\raid\storcli_All_OS\storcli_All_OS\Windows> .\storcli64.exe /c0 /eall /sall show rebuild


Controller = 0
Status = Success
Description = Show Drive Rebuild Status Succeeded.
---------------------------------------------------------
Drive-ID Progress% Status Estimated Time Left
---------------------------------------------------------
/c0/e64/s4 0 In progress -
/c0/e64/s5 - Not in progress -
---------------------------------------------------------

2.3 Installation of a graphical interface

You can download the latest MegaRAID Storage Manager using the following link:

https://docs.broadcom.com/docs-and-downloads/raid-controllers/raid-controllers-common-files/16.05.04.00_MSM_Windows.zip

After downloading, unzip all files. You should be able to access the directory, just run the installation wizard.

Usually you will not have any LDAP authentication, in this case you have to unmark the checkbox when running the installer - otherwise you cannot connect to the manager.

A new shortcut will appear on your desktop, now run that shortcut and type in your login credentials. The following MSM interface should show up:

 

 

 

Posted by: Gianni-Donato | Tagged as: , , , , , No Comments
7Mar/180

How to manage your RAID controller in Linux

Please note: This tutorial focusses on Linux OS. Should you be a Windows user instead, please confer our respective tutorial on how to manage your RAID controller in Windows.

Monitoring a RAID array

A hardware RAID has certain advantages, but also a hardware RAID has to be monitored. We always rely on tried and tested hardware to minimize the risk of a hardware failure, but there is always the risk that hardware fails, therefore monitoring the hardware is even more important to guarantee that the server will keep running properly.

In the case of a software RAID, the operating system generates messages about the RAID; with a hardware RAID, the controller does it itself - but you need a special software to read these messages.

This blog entry shows the installation and use of the Adaptec and LSI software on Linux operating systems.
There are also graphical interfaces available for managing raidcontrollers, such as a web interface.

Please contact our support department in case you are not sure which controller was added to your server.

Please note: Updating the controller's firmware or the operating system's driver may lead to a complete loss of all data stored on that RAID!

For this tutorial some additional software is needed, for Ubuntu 17.10 it can be installed using the following command "apt install zip unzip net-tools"

1. Adaptec

An overview of available software for your Adaptec controller can be found here: https://storage.microsemi.com/en-us/support/series6/index.php

1.1 Installation of the arcconf binary

Installing the binary with the Linux commandline is very easy, you can manage the controller using that binary afterwards.

A download link for the latest available binary can be found on the above mentioned website by clicking on the "Storage Manager Downloads" link.
The "arcconf" binary can be used for various Adaptec products, usually there is no need for additional software.
In this tutorial we are going to download the following binary: https://storage.microsemi.com/en-us/speed/raid/storage_manager/arcconf_v2_03_22476_zip.php

On your commandline just type:

wget http://download.adaptec.com/raid/storage_manager/arcconf_v2_03_22476.zip && unzip arcconf_v2_03_22476.zip

Now move the binary to your binary folder and make it executable:

mv linux_x64/cmdline/arcconf /usr/sbin/ && chmod +x /usr/sbin/arcconf

The "arcconf" command should be available now.

root@contabo:~# arcconf
Controllers found: 1
| UCLI | Adaptec by PMC uniform command line interface
| UCLI | Version 2.03 (B22476)
| UCLI | (C) Adaptec by PMCS 2003-2016
| UCLI | All Rights Reserved

1.2 Monitoring the raidcontroller

Usually the RAID should have an "OPTIMAL" value, in case one HDD fails the controller will start to send an audible alarm signal. That signal will be recognized by our technicians working in the datacenter, in this case we will contact you and inform you about a possible hardware failure.

With the parameter "arcconf GETCONFIG 1" you will get all information regarding the 1st controller installed to your system. In case you have installed more than one controller you could display the information of the 2nd controller by typing "arcconf GETCONFIG 2".

A list of available options can be displayed by typing "arcconf getconfig".

The most important status can be filtered out by typing "arcconf getconfig 1 | grep Status" into the commandline.

root@contabo:~# arcconf getconfig 1 | grep Status
Controller Status : Optimal
Status : ZMM not installed
Status of Logical Device : Optimal

"ZMM not installed" shows that this controller currently has no BBU (batterie backup unit) installed, a BBU can be installed at any time as an upgrade.

A "Degraded" status on a LD (Logical Device) indicates that there must be an issue.

root@contabo:~# arcconf getconfig 1 | grep Status
Controller Status : Optimal
Status : ZMM not installed
Status of Logical Device : Degraded

To check if there is any failed drive (in this scenario the SSD failed), type in the following command and you will see the "State : Failed" information:

root@contabo:~# arcconf getconfig 1 PD
Controllers found: 1
----------------------------------------------------------------------
Physical Device information
----------------------------------------------------------------------
Device #0
Device is a Hard drive
State : Failed
Block Size : 512 Bytes
Failed logical device segments : True
Supported : Yes
Transfer Speed : Failed
Reported Channel,Device(T:L) : 0,0(0:0)
Reported Location : Connector 0, Device 0
Vendor :
Model : Crucial_CT275MX3
Firmware : M0CR040
Serial number : 11111111111111
World-wide name : 500A075116639956
Total Size : 262321 MB
Write Cache : Enabled (write-back)
FRU : None
S.M.A.R.T. : No
S.M.A.R.T. warnings : 0
Power State : Full rpm
Supported Power States : Full power,Powered off,Standby
SSD : Yes
Temperature : Not Supported
NCQ status : Enabled

To replace a failed drive just contact us, we will immediately take care of it. To speed up the process you should provide us with the above output. It shows the S/N and the port that drive is attached to. In this case the S/N is "11111111111111" and the attached Port is "0".

As soon as the drive got replaced the rebuild should start automatically:

root@contabo:~# arcconf getconfig 1 | grep Status
Controller Status : Optimal
Status : ZMM not installed
Status of Logical Device : Degraded, Rebuilding ( Rebuild : 1 % )

Depending on your RAID setup this will probably take several hours.

1.3 Installing an available Webinterface

For Adaptec there is the "MaxView Storage Manager" available, it can be downloaded here: https://storage.microsemi.com/de-de/speed/raid/storage_manager/msm_linux_x64_v2_03_22476_tgz.php

You could also just download it via commandline:

wget http://download.adaptec.com/raid/storage_manager/msm_linux_x64_v2_03_22476.tgz && tar -xzf msm_linux_x64_v2_03_22476.tgz

The installer is located within the directory called "manager" - that directory will be created when unpacking the downloaded archive.
For our system (Ubuntu 17.04) we will install the package using the following command:

dpkg -i manager/StorMan-2.03-22476_amd64.deb

Afterwards you should be able to reach the webinterface at https://<SERVERIP>:8443

2. LSI

2.1 Installation of the StorCLI binary

Download of the commandline Binary :

wget https://docs.broadcom.com/docs-and-downloads/raid-controllers/raid-controllers-common-files/1.21.16_StorCLI.zip --no-check-certificate && unzip 1.21.16_StorCLI.zip && cd versionChangeSet/univ_viva_cli_rel/ && unzip storcli_All_OS.zip

For our system we will install the Ubuntu package by typing:
dpkg -i storcli_All_OS/Ubuntu/storcli_1.21.06_all.deb

Create a link to make the "storcli" command available to your shell.
ln -s /opt/MegaRAID/storcli/storcli64 /usr/sbin/storcli

2.2 Monitoring the raidcontroller

You can display the current status of the raidcontroller by typing:

root@contabo:~#storcli /c0 show

TOPOLOGY :
========
-----------------------------------------------------------------------------
DG Arr Row EID:Slot DID Type  State BT       Size PDC  PI SED DS3  FSpace
-----------------------------------------------------------------------------
0 -   -   -        -   RAID1 Optl  N  255.656 GB dflt N  N   dflt N
0 0   -   -        -   RAID1 Optl  N  255.656 GB dflt N  N   dflt N
0 0   0   64:4     12  DRIVE Onln  N  255.656 GB dflt N  N   dflt -
0 0   1   64:5     13  DRIVE Onln  N  255.656 GB dflt N  N   dflt -
----------------------------------------------------------------------------

Example of a failed HDD:

TOPOLOGY :
========
----------------------------------------------------------------------
DG Arr Row EID:Slot DID Type  State BT Size PDC  PI SED DS3  FSpace
----------------------------------------------------------------------
0 -   -   -        -   RAID1 Dgrd  N  255 GB dflt N  N   dflt N
0 0   -   -        -   RAID1 Dgrd  N  255 GB dflt N  N   dflt N
0 0   0   -        -   DRIVE Msng  -  255 GB -    -  -   -    -
0 0   1   64:5     13  DRIVE Onln  N  255 GB dflt N  N   dflt -
---------------------------------------------------------------------

root@contabo:~#storcli /c0 /sall show


Controller = 0
Status = Failure
Description = No drive found!
Detailed Status :
===============
----------------------------------------
Drive    Status  ErrCd ErrMsg
----------------------------------------
/c0/sALL Failure   255 Drives not found
----------------------------------------

To display the current status of the rebuild you can run:

root@contabo:~#storcli /c0 /eall /sall show rebuild

Controller = 0
Status = Success
Description = Show Drive Rebuild Status Succeeded.
---------------------------------------------------------
Drive-ID   Progress% Status          Estimated Time Left
---------------------------------------------------------
/c0/e64/s4         0 In progress     -
/c0/e64/s5         - Not in progress -
---------------------------------------------------------

2.3 Installing an available webinterface

Unfortunately, there is currently no webinterface available for Linux.

 

Posted by: Gianni-Donato | Tagged as: , , , , , No Comments
11Aug/172

Overview of available RAID levels

With this tutorial we will explain certain types of RAID levels to you.
Some of you might have already experienced a loss of data, no matter if it was an SD card holding some vacation photos or a hard disk holding important files. Losing data can be very costly if you try to restore them by some specialist. An expert is needed and the procedure takes a lot of time, the easiest way to avoid those costs is simply to avoid any data loss in the first place.

This overview is not relevant for any VPS, your VPS systems are already running safe on a RAID system monitored by experienced technicians.

Creating backups is still very important, a RAID does not replace any backup!

You can find further instructions within the following tutorial: Data loss and how to avoid it

There are some points which you should think about first, there are several results depending on your requirements.

  1. How important is the performance?
  2. How much data security should be provided by the RAID?
  3. Are system resources available to manage the RAID, such as CPU and RAM

Depending on the results of the above questions and your budget, there are several options available:
A hardware RAID is always more expensive but provides the best performance and security (if combined with a battery backup unit).
A software RAID is the easiest way to go for a RAID, it is able to handle almost any type of RAID and can be set up within a few minutes.

An overview of available RAID levels is shown below:


RAID 0

The RAID 0 provides increased write and read performance, the data will be distributed to at least two disks. Since there is no redundancy all data will be lost in case one disk fails.

  • At least two hard disks are needed
  • No disk redundancy at all
  • Maximum (complete) storage capacity available
  • Improved read and write performance


RAID 1

The RAID 1 provides increased read performance (depending on the software/hardware controller used), all data will be mirrored to a second disk. There is also a RAID 1E available - in that case all data will be mirrored to additional disks too.

  • At least two hard disks are needed
  • n-1 disks can fail
  • 1/n of storage available (n = number of disks, with two disks = > 1/2 of total storage)
  • Improved read performance


RAID 5

The RAID 5 provides increased write and read performance, the data is written to at least two disks, an additional disk is always used for storing parity data. The parity data has to be calculated for every write - so for very write intensive applications the RAID 5 requires a lot of performance due to the necessary calculations.

  • At least three hard disks are needed
  • One disk can fail
  • n-1/n of storage available (n = number of disks, with three disks = > 2/3 of total storage)
  • Improved read and write performance
  • Requires a lot of CPU time


RAID 6

The RAID 6 provides increased read performance, the data is written to at least two disks, two additional disks are always used for storing parity data. The parity data has to be calculated for every write - so for very write intensive applications the RAID 6 requires a lot of performance due to the necessary calculations. As there are two parity bits saved on the disks, the needed CPU time is very high.

  • At least four hard disks are needed
  • Two disks can fail simultaneously
  • n-2/n of storage available (n = number of disks, with two disks = > 2/4 (half) of total storage)
  • Improved read performance
  • Requires the most CPU time


RAID 01

A RAID 01 is a combination of two or more volume groups. Each volume group is configured to have a RAID 0, those volume groups are mirrored in a RAID 1. With a total number of four disks one entire volume group can fail with both disks and no data will be lost.

  • At least four hard disks are needed
  • Two disks can fail simultaneously if they belong to the same logical volume group
  • Half of total storage capacity is available
  • Improved read and write performance


RAID 10

A RAID 10 is a combination of two or more volume groups. Each volume group is configured to have a RAID 1, those volume groups are striped in a RAID 0. With a total number of four disks, two disks can fail simultaneously and no data will be lost - the failed disks must not belong to the same volume group.

  • At least four hard disks are needed
  • Two disks can fail simultaneously if they do not belong to the same logical volume group
  • Half of total storage capacity is available
  • Improved read and write performance


 

The difference between RAID 01 and RAID 10 is only visible with six or more disks, if you have six disks a RAID 10 will provide a higher calculated security rate. We do recommend using a RAID 10 instead of using a RAID 01 even if you do only have four disks. Some RAID controllers do not even support a RAID 01 anymore. RAID 5 and RAID 6 require the highest CPU time since a checksum has to be calculated on every writing process to the disk. Only a few enterprise RAID controllers do support RAID 5 and RAID 6, due to the need of calculating checksums the writing speed might suffer which might then cause problems when using write intensive applications.

For our dedicated servers it is always possible to order additional hard disks or RAID controllers, current prices can be found on our web site. If you need a special configuration, please contact our support team any day between 8 am and 11 pm (German timezone, UTC+2).

Posted by: Gianni-Donato | Tagged as: , , , , , 2 Comments
3Jul/170

Now available : Configuring the latest available PHP Version on your Webspace package

Today we performed some great update on our Webspace hosts, you are now able to choose between the following PHP Versions for your Website:

  • PHP 5.6 (oldstable)
  • PHP 7.0 (stable)
  • PHP 7.1 (testing)

To configure your desired PHP Version just login to your cPanel interface and navigate to "Software" -> "Multi PHP Manager".

To configure the PHP.INI and add additional configuration just open the "MultiPHP INI Editor".

Click here for an overview of our webspace offers.

Posted by: Gianni-Donato | Tagged as: , , , , No Comments
14Jun/175

The SSL certificate

Some of you might wonder in which situations an SSL certificate should be used. This tutorial will help you to find an answer whether or not you should upgrade your website or anything else by adding encryption.

The most important parts of a certificate are the public key and the private key.
The following image shows you what is happening when a client tries to establish an encrypted connection to some webserver.

 

ssl

First the client contacts the server and offers available encryption types, the server and the client come to an agreement on which type to use.
The web server sends the public key to the client so the client will be able to encrypt its requests. The webserver got his private key to decrypt all encrypted client requests. With the private key you are able to decrypt all client requests which were encrypted with the public key, that is why you should never hand out your private key to any third party.

To show you the advantage of using encryption, we created an HTML page containing a simple form which can be found on many websites. In the textfields we entered a username and password.

The username we chose: test@contabo.de

The password we entered: "unencryptedpassword"

To show the difference between encrypted messages and not encrypted messages, we captured some packets using a networking-tool.

Without any encryption we could easily extract the username and password used, we could also see which sites we visit.

pw_unencrypted

With encryption enabled we could not find neither username nor password.
It just shows a packet containing some encrypted data, without the private key we cannot determine which data was actually sent.
pw_encrypted

If you are running a website, an email server or just an FTP server, it is always up to you to offer encryption or not. Offering encryption to your customers is the best way to act professionally.

There are many types of encryption, this post just handles certificates. Usually encryption algorithms have not changed for years, if you are going to optimize your server you will of course have to think about encryption types, etc.

 


The real meaning of those connection warnings:

If you are running a web interface (cPanel, Plesk, Webmin etc.) you probably encountered a warning as follows:

ssl_err_en

"The connection is not private", usually you should rethink if you really want to proceed. There is the possibility that some server got hijacked and you are redirected to the wrong website. In this case the warning pops up because the certificate is not valid for the domain we entered. On a web interface you will get a similar warning when using a so called "self signed certificate". Your browser got a list of authorities which it will trust, signed certificates by one of those authorities will not show any warning.

It can be really unwanted if that warning is showing to all of your customers, sometimes this warning is misinterpreted and the website will be left.

There is only one way to remove this warning, you need to get a certificate signed by some official authority.

Some official authorities, such as "Lets Encrypt", will sign your certificate for free, this is a nice option but not really recommended on a production environment. Usually the domain validated certificate or wildcard  certificate is being used for production environment, those certificates usually are valid for 365 days (1 year).

There are some differences between single domain, multi domain and wildcard certificates. Usually you would want a certificate for "yourdomain.tld" or "www.yourdomain.tld". A single domain certificate will be valid only for one of those domains, a multi domain certificate alias UCC (Unified Communications Certificate) is valid for all domains included within that certificate. In case you want "www.yourdomain.tld", "yourdomain.tld" and "subdomain.yourdomain.tld" within a single certificate, a UCC should fit your needs.

There is also some extended validation available, some bigger companies take advantage of this (e.g. PayPal pp_ev). At this point I want to mention that the private key and certificate will always remain the same, there is no encryption change, the certificate will just get signed.

Right after you got your certificate signed by some official authority, everyone will be able to access your encrypted website without any warning.

ssl_ok_en

Important:
Encryption is important, all services (email server, FTP server, web server, etc.) running on your server should offer a way to establish an encrypted connection. There is no need of installing a signed certificate on each service, for most services self-signed certificates are fine.

 

Posted by: Gianni-Donato | Tagged as: , , , , 5 Comments
13Apr/170

Installing Windows Hyper-V 2016 on a dedicated server

Welcome to our tutorial about installing Hyper-V on your Dedicated Server with Windows Server 2016.

Step 1

Installing Hyper-V

After receiving the login information to your dedicated server you might want to find out how Hyper-V can be installed. Hyper-V is an additional Server-Role for Windows which can be added within the Server manager.

On the upper right side you will find the option "Add Roles and Features"

 

After clicking on that option a new windows will popup.

Navigate to "Server Roles" and select Hyper-V

Now select the checkbox and click on next.
You will be asked if the install manager is allowed to automatically reboot your server.


At least one reboot is required !

The installation can take up to one hour, depending on the rented dedicated server model and the storage configuration it might be completed within several minutes.

 

 

Step 2

Configuring Hyper-V

For configuration we are going to use the Hyper-V Manager, you can access this tool by clicking on "Tools" on the upper right side within your Server-Manager window.

Before creating a virtual machine, we have to configure the network interface. Open the "virtual Switch Manager" to perform the necessary steps.

Now we are going to create a new external switch:

Enter a name and description (notes) of your choice.

Select the external network and make sure that the checkbox "allow management operating system to share this network adapter" was selected. If it was not selected your server might be inaccessible afterwards.

Step 3

Configuration of the Network

On the taskbar at the very right side you will see the network icon.
Perform a rightclick to open the following dialogue:

Another window will open, navigate to your network devices:

Now rightclick on the recently created network device and select "Properties":

Select "Internet Protocol Version 4" and once more select "Properties"

Insert your Server's IP-Configuration.

Please double check the information you are setting up, otherwise your server will be inaccessible.

Step 4

Creating a virtual machine

For now we are almost done, the next step shows you how to create a virtual machine.

Within the Hyper-V Manager select "New" to create a new VM:

Configure the VM with your preferences:

Tip: Selecting "Generation 2" for Windows 8 (Windows Server 2012) VMs and later will improve the performance.

As network device you should select the Hyper-V Switch we have created before.

Select the .ISO you want to install and start the installation.

After the installation was completed you need to set up a public IP within the VM.
If you do not have any additional public IPs assigned to your account, please contact us at support@contabo.com to order additional IPs.

After a public IP was set up, your VM will be able to establish connections.

2Mar/172

Changing the Windows Administrator password – The easy way

Today we are going to show you how to change your Windows Administrator password the easy way.
This tutorial works with almost all Windows versions starting from Windows XP/NT (Windows Server 2003).
On Windows 10 or Windows Server 2016 you should make sure that you are using local user accounts - not any online accounts.

Start the CMD.exe with administrator privileges, e.g. "Windowsbutton +R" and type in CMD.exe

cmd_en

The CMD.exe application should now pop up soon, the syntax for changing the password is very simple:

net user <username of the account you want to change the password> <new password>

Example :

net user administrator SomesecurePW2016

Of course you should never use this as a password, nor should you ever use it only for "testing" purpose.

Another option would be to use "*", this will prompt you to enter a password. On a desktop Windows operating system like Windows 10, you could remove the password by just entering an empty value.

pw_en

Posted by: Gianni-Donato | Tagged as: , , , , 2 Comments