1 <?xml version='1.0' encoding='UTF-8'?>
\r
2 <chapter xmlns="http://docbook.org/ns/docbook" xmlns:xi="http://www.w3.org/2001/XInclude"
\r
3 xmlns:xl="http://www.w3.org/1999/xlink" version="5.0" xml:id="adminmisc">
\r
6 <title>Server Operations and Maintenance</title>
\r
7 <indexterm><primary>receipt template editor</primary></indexterm>
\r
9 <para>This chapter deals with basic server operations such as starting and stopping <application>Evergreen</application> as well wall
\r
10 security, backing up and troubleshooting <application>Evergreen</application>.</para>
\r
13 <section xml:id="startingopensrf">
\r
14 <title>Starting, Stopping and Restarting</title>
\r
15 <para>Occasionally, you may need to restart <application>Evergreen</application>. It is imperative that you understand the basic
\r
16 commands to stop and start the <application>Evergreen</application> server. You can start and stop <application>Evergreen</application> from the command line of
\r
17 the server using the <command>osrf_ctl.sh</command> script located in the
\r
18 <filename class="directory">openils/bin</filename> directory.</para>
\r
19 <note><para><command>The osrf_ctl.sh</command> command must be run as the <systemitem class="username">opensrf</systemitem> user.</para></note>
\r
20 <para>To view help on <command>osrf_ctl.sh</command> and get all of its options, run:</para>
\r
21 <screen><userinput>osrf_ctl.sh -h</userinput></screen>
\r
22 <para>To start Evergreen, run:</para>
\r
23 <screen><userinput>osrf_ctl.sh -l -a start_all</userinput></screen>
\r
24 <para>The <option>-l</option> flag is used to indicate that Evergreen is configured to use <systemitem class="domainname">localhost</systemitem> as
\r
25 the host. If you have configured <filename>opensrf.xml</filename> to use your real hostname, do not use the <option>-l</option> flag. The <option>-a</option>
\r
26 option is required and indicates the <emphasis>action</emphasis> of the command. In this case
\r
27 <option>start_all</option>.
\r
30 <para>If you receive the error message: <errortext>osrf_ctl.sh: command not found</errortext>, then your environment variable
\r
31 <varname>PATH</varname><indexterm><primary>environment variable</primary><secondary>PATH</secondary></indexterm> does not include the
\r
32 <filename class="directory">/openils/bin</filename> directory. You can set it using the following command:</para>
\r
33 <screen><userinput>export <varname>PATH</varname>=$PATH:<filename class="directory">/openils/bin</filename></userinput></screen>
\r
34 <para>If you receive the error message <errortext>Can't locate OpenSRF/System.pm in @INC … BEGIN
\r
35 failed–compilation aborted</errortext>, then your environment variable <varname>PERL5LIB</varname><indexterm><primary>environment
\r
36 variable</primary><secondary>PERL5LIB</secondary></indexterm> does not
\r
37 include the <filename class="directory">/openils/lib/perl5</filename> directory. You can set it
\r
38 using the following command:</para>
\r
39 <screen><userinput>export <varname>PERL5LIB</varname>=$PERL5LIB:<filename class="directory">/openils/lib/perl5</filename></userinput></screen>
\r
41 <para>It is also possible to start a specific service. For example:</para>
\r
42 <screen><userinput>osrf_ctl.sh -l -a start_router</userinput></screen>
\r
43 <para>will only start the <systemitem class="service">router</systemitem> service.</para>
\r
45 <para>If you decide to start each service individually, you need to start them in a specific order
\r
46 for Evergreen to start correctly. Run the commands in this exact order:</para>
\r
47 <screen><userinput>osrf_ctl.sh -l -a start_router</userinput></screen>
\r
48 <screen><userinput>osrf_ctl.sh -l -a start_perl</userinput></screen>
\r
49 <screen><userinput>osrf_ctl.sh -l -a start_c</userinput></screen>
\r
51 <para>After starting or restarting Evergreen, it is also necessary to restart the <systemitem class="service">Apache web server</systemitem>
\r
52 <indexterm><primary>web server</primary><secondary>Apache</secondary></indexterm> for the OPAC to work correctly.</para>
\r
53 <para>To stop <application>Evergreen</application>, run:</para>
\r
54 <screen><userinput>osrf_ctl.sh -l -a stop_all</userinput></screen>
\r
55 <para>As with starting, you can choose to stop services individually.</para>
\r
56 <para>To restart <application>Evergreen</application>, run:</para>
\r
57 <screen><userinput>osrf_ctl.sh -l -a restart_all</userinput></screen>
\r
59 <section xml:id="backingup">
\r
60 <title>Backing Up</title>
\r
61 <indexterm><primary>databases</primary><secondary>backing up</secondary></indexterm>
\r
63 <para>Backing up your system files and data is a critical task for server and database administrators.
\r
64 Having a strategy for backing up and recovery could be the difference between a minor annoyance for users and
\r
65 a complete catastrophe.</para>
\r
67 <title>Backing up the <application>Evergreen</application> Database</title><indexterm><primary>databases</primary></indexterm>
\r
68 <para>Most of the critical data for an <application>Evergreen</application> system – patrons, bibliographic records, holdings,
\r
69 transactions, bills – is stored in the <application>PostgreSQL</application><indexterm><primary>databases</primary>
\r
70 <secondary>PostgreSQL</secondary></indexterm> database. You can therefore use normal
\r
71 <application>PostgreSQL</application> backup procedures to backup this data. For example, the simplest method of backing up the Evergreen
\r
72 database is to use the <command>pg_dump</command> command to create a live backup of the database without having to
\r
73 interrupt any Evergreen services. Here is an example pg_dump command which will dump a local Evergreen database into a the file <filename>evergreen_db.backup</filename>:</para>
\r
74 <screen><userinput>pg_dump -U evergreen -h localhost -f evergreen_db.backup evergreen</userinput></screen>
\r
75 <para>To restore the backed up database into a new database, create a new database using the
\r
76 template0 database template and the UTF8 encoding, and run the <command>psql</command> command, specifying the new
\r
77 database as your target:</para>
\r
78 <screen><userinput>createdb -T template0 -E UTF8 -U evergreen -h localhost new_evergreen</userinput></screen>
\r
79 <screen><userinput>psql -U evergreen -h localhost -f evergreen_db.backup new_evergreen</userinput></screen>
\r
81 <para>This method of backup is only suitable for small Evergreen instances. Larger sites
\r
82 should consider implementing continuous archiving (also known as <quote>log shipping</quote>) to provide
\r
83 more granular backups with lower system overhead. More information on backing up <application>PostgreSQL</application>
\r
84 databases can be found in the official <link xl:href="http://www.postgresql.org/docs/"><application>PostgreSQL</application> documentation</link>.</para>
\r
88 <title>Backing up Evergreen Files</title>
\r
89 <indexterm><primary>directories</primary><secondary>backing up</secondary></indexterm>
\r
90 <para>When you deploy Evergreen, you will probably customize many aspects of your system including
\r
91 the system configuration files, <application>Apache</application> configuration files, OPAC and Staff Client. In order to
\r
92 protect your investment of time, you should carefully consider the best approach to backing up
\r
94 <para>There are a number of ways of tackling this problem. You could create a script that regularly
\r
95 creates a time-stamped tarball of all of these files and copies it to a remote server - but that
\r
96 would build up over time to hundreds of files. You could use <link xl:href="http://www.samba.org/rsync/"><application>rsync</application></link>
\r
97 <indexterm><primary>rsync</primary></indexterm> to ensure that the files of
\r
98 interest are regularly updated on a remote server - but then you would lose track of the changes to
\r
99 the files, should you make a change that introduces a problem down the road.</para>
\r
100 <para>Perhaps one of the best options is to use a version control system like <link xl:href="http://bazaar.canonical.com">
\r
101 <application>Bazaar</application></link><indexterm><primary>Version Control System</primary><secondary>Subversion</secondary></indexterm>,
\r
102 <link xl:href="http://git-scm.com/"><application>git</application></link><indexterm><primary>Version Control System</primary><secondary>git</secondary></indexterm>
\r
103 or <link xl:href="http://subversion.apache.org/"><application>Subversion</application></link><indexterm><primary>Version Control System</primary>
\r
104 <secondary>Subversion</secondary></indexterm> to regularly push updates of the files you care about to a repository on a
\r
105 remote server. This gives you the advantage of quickly being able to run through the history of the
\r
106 changes you made, with a commenting system that reminds you why each change was made, combined with
\r
107 remote storage of the pertinent files in case of disaster on site. In addition, your team can create
\r
108 local copies of the repository and test their own changes in isolation from the production
\r
109 system. Using a version control system also helps to recover system customizations after an
\r
113 <title>Full System Backup</title>
\r
114 <para>A full system backup archives every file on the file system. Some basic methods require you
\r
115 to shut down most system processes; other methods can use mirrored RAID<indexterm><primary>RAID</primary></indexterm> setups or
\r
116 SAN<indexterm><primary>SAN</primary></indexterm> storage to
\r
117 take <quote>snapshot</quote> backups of your full system while the system continues to run. The subject of how
\r
118 to implement full system backups is beyond the scope of this documentation.</para>
\r
121 <section xml:id="security">
\r
122 <title>Security</title>
\r
123 <indexterm><primary>security</primary></indexterm>
\r
124 <para>As with an ILS and resource accessible from the world wide web careful consideration needs to be
\r
125 given to the security of your <application>Evergreen</application> servers and database. While it is impossible to cover all aspects
\r
126 of security, it is important to take several precautions when setting up production <application>Evergreen</application> site.</para>
\r
129 <para>Change the Evergreen <systemitem class="username">admin</systemitem> password and keep it secure. The
\r
130 default admin password is known by anyone who has installed <application>Evergreen</application>. It is not a secret
\r
131 and needs to be changed by the Administrator. It should also only be shared by those who
\r
132 need the highest level of access to your system.</para>
\r
135 <para>Create strong passwords using a combination of numerical and alphabetical characters
\r
136 for all of the Administrative passwords including the <systemitem class="username">postgres</systemitem> and
\r
137 <systemitem class="username">opensrf</systemitem> users</para>
\r
140 <para>Open ports in the firewall<indexterm><primary>firewall</primary></indexterm> with caution - It is only necessary to open ports
\r
141 <systemitem class="protocol">80</systemitem> and <systemitem class="protocol">443</systemitem>
\r
142 for <systemitem class="protocol">TCP</systemitem> connections to the Evergreen server from the OPAC and the staff client. It is critical for administrators to
\r
143 understand the concepts of network security and take precautions to minimize vulnerabilities.
\r
147 <para>Use permissions <indexterm><primary>permissions</primary></indexterm> and permission groups wisely - it is important to understand the
\r
148 purpose of the permissions and to only give users the level of access that they require.
\r
153 <section xml:id="logfiles">
\r
154 <title>Managing Log Files</title>
\r
155 <indexterm><primary>logs</primary><secondary>managing</secondary></indexterm>
\r
156 <para><application>Evergreen</application> comes with a sophisticated logging system, but it is important to manage the <application>OpenSRF</application>
\r
157 and <application>Evergreen</application> logs. This section will provide a couple of log management techniques and tools.</para>
\r
159 <title>Using the <systemitem class="service">logrotate</systemitem> Utility to Manage Log Size</title>
\r
160 <indexterm><primary>logs</primary><secondary>Log Rotate</secondary></indexterm>
\r
161 <para>Fortunately, this is not a new problem for <systemitem class="osname">Unix</systemitem> administrators, and there are a number of ways of keeping your logs under control.
\r
162 On <systemitem class="osname">Debian</systemitem> and <systemitem class="osname">Ubuntu</systemitem>, for example,
\r
163 the <systemitem class="service">logrotate</systemitem> utility controls when old log files are compressed and a new log file is started.
\r
164 <systemitem class="service">logrotate</systemitem> runs once a day and checks all log files that it knows about to see if a
\r
165 threshold of time or size has been reached and rotates the log files if a threshold condition has been met.</para>
\r
166 <para>To teach <systemitem class="service">logrotate</systemitem> to rotate Evergreen logs on a weekly basis, or if they are > 50MB in size,
\r
167 create a new file <filename>/etc/logrotate.d/evergreen</filename> with the following contents: </para>
\r
170 /openils/var/log/*.log {
\r
171 # keep the last 4 archived log files along with the current log file
\r
172 # log log.1.gz log.2.gz log.3.gz log.4.gz
\r
173 # and delete the oldest log file (what would have been log.5.gz)
\r
175 # if the log file is > 50MB in size, rotate it immediately
\r
177 # for those logs that don't grow fast, rotate them weekly anyway
\r
183 <title>Changing Logging Level for <application>Evergreen</application></title>
\r
184 <indexterm><primary>logs</primary><secondary>logging levels</secondary></indexterm>
\r
185 <para>Change the Log Levels in your config files. Changing the level of logging will help
\r
186 narrow down errors.</para>
\r
188 <para>A high logging level is not wise to do in a production environment since it
\r
189 will produce vastly larger log files and thus reduce server performance.</para>
\r
191 <para>Change logging levels by editing the configuration file
\r
192 <filename>/openils/conf/opensrf_core.xml</filename><indexterm><primary>configuration files</primary><secondary>opensrf_core.xml</secondary></indexterm></para>
\r
193 <para>you will want to search for lines containing <loglevel>.</para>
\r
194 <para> the default setting for loglevel is 3 which will log <emphasis>errors</emphasis>,
\r
195 <emphasis>warnings</emphasis> and <emphasis>information</emphasis>.</para>
\r
196 <para>The next level is 4 which is for debugging and provides additional information
\r
197 helpful for the debugging process.</para>
\r
198 <para>Thus, lines with:</para>
\r
199 <programlisting><loglevel>3</loglevel></programlisting>
\r
200 <para>Should be changed to:</para>
\r
201 <programlisting><loglevel>4</loglevel></programlisting>
\r
202 <para>to allow debugging level logging</para>
\r
203 <para>Other logging levels include <emphasis>0</emphasis> for no logging,
\r
204 <emphasis>1</emphasis> for logging errors and <emphasis>2</emphasis> for logging warnings
\r
208 <section xml:id="InstallingPostgreSQL">
\r
209 <title>Installing PostgreSQL from Source</title>
\r
210 <indexterm><primary>databases</primary><secondary>PostgreSQL</secondary></indexterm>
\r
211 <para>Some <systemitem class="osname">Linux</systemitem> distributions, such as <systemitem class="osname">Debian Etch (4.0)</systemitem>, do not offer PostgreSQL
\r
212 version 8.2 as an installable package. Before you continue, examine the software dependencies listed in <xref linkend="serversideinstall-software-dependencies"/>
\r
213 to ensure that your Linux distribution supports the required version of PostgreSQL.</para>
\r
216 <para>Some <systemitem class="osname">Linux</systemitem> distributions, such as <systemitem class="osname">Debian Etch (4.0)</systemitem>, do not offer PostgreSQL
\r
217 version 8.2 as an installable package. Before you continue, examine the software dependencies listed in <xref linkend="serversideinstall-software-dependencies"/>
\r
218 to ensure that your Linux distribution supports the required version of PostgreSQL.</para>
\r
223 <para>Install the application <application>stow</application> on your system if it is not already installed. Issue the following command as
\r
224 the <systemitem class="username">root</systemitem> user:</para>
\r
226 <userinput>apt-get install stow</userinput>
\r
230 <para>Download, compile, and install the latest release for PostgreSQL 8.2 (which was version <literal>8.2.12</literal> at the time of this writing).
\r
231 As the <systemitem class="username">root</systemitem> user, follow these steps:</para>
\r
235 wget http://wwwmaster.postgresql.org/redir/198/h/source/v8.2.17/postgresql-8.2.17.tar.bz2
\r
236 tar xzf postgresql-8.2.17.tar.gz
\r
237 cd postgresql-8.2.17
\r
238 ./configure --with-perl --enable-integer-datetimes --with-openssl --prefix=/usr/local/stow/pgsql
\r
254 <para>Create the new user <systemitem class="username">postgres</systemitem> to run the PostgreSQL processes.
\r
255 As the <systemitem class="username">root</systemitem> user, execute this command:</para>
\r
256 <screen><userinput>adduser postgres</userinput></screen>
\r
259 <para>Initialize the database directory and start up PostgreSQL. As the <systemitem class="username">root</systemitem> user, follow these steps:</para>
\r
263 mkdir -p /usr/local/pgsql/data
\r
264 chown postgres /usr/local/pgsql/data
\r
266 initdb -D /usr/local/pgsql/data -E UNICODE --locale=C
\r
267 pg_ctl -D /usr/local/pgsql/data -l /home/postgres/logfile start
\r
271 <para>If an error occurs during the final step above, review the path of the home directory for the
\r
272 <systemitem class="username">postgres</systemitem> user. It may be <literal>/var/lib/postresql</literal> instead of <literal>/home/postres</literal>.</para>
\r
277 <section xml:id="configuringPostgreSQL">
\r
278 <title>Configuring PostgreSQL</title>
\r
279 <indexterm><primary>databases</primary><secondary>PostgreSQL</secondary></indexterm>
\r
280 <para>The values of several PostreSQL configuration parameters may be changed for enhanced performance. The following table lists the default values
\r
281 and some suggested updates for several useful parameters:</para>
\r
283 <title>Suggested configuration values</title>
\r
284 <tgroup align="left" cols="3" colsep="1" rowsep="1">
\r
285 <colspec colnum="1" colwidth="1.0*"/>
\r
286 <colspec colnum="2" colwidth="1.0*"/>
\r
287 <colspec colnum="3" colwidth="1.0*"/>
\r
290 <entry>Parameter</entry>
\r
291 <entry>Default</entry>
\r
292 <entry>Suggested</entry>
\r
297 <entry>default_statistics_target</entry>
\r
302 <entry>work_mem</entry>
\r
304 <entry>128Mb</entry>
\r
307 <entry>shared_buffers</entry>
\r
309 <entry>512Mb</entry>
\r
312 <entry>effective_cache_size</entry>
\r
313 <entry>128Mb</entry>
\r
projects / working / Evergreen.git / blob