Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. It reduces bandwidth and improves response times by caching and reusing frequently-requested web pages. Squid has extensive access controls and makes a great server accelerator. It runs on most available operating systems, including Windows and is licensed under the GNU GPL.

This tutorial describes how to install a very simple implementation of Squid on your network.

1. Getting started

The first thing you want to do is to download Squid. In this tutorial, we're going to work in the /usr/local/src directory.


Then you want to extract Squid and change to its directory:


We're now ready to compile and install Squid!

2. Compiling/installing Squid

Compiling and installing Squid is very easy:


If the configure command fails because you don't have Perl, you can simply install it like this:


Then re-run the configure command.

3. Configuring Squid

First of all, you need to add the "visible_hostname" setting in your Squid configuration file. The main configuration file is:


Open it with your favorite editor and find this block:


At the end of the block (before the next "TAG" block), insert a new line and put something like this:


Replace "freebsd" with any hostname you want Squid to use - it can be a local hostname or a fully qualified domain name. Save the file.

Now you need to adjust some permissions before Squid can be initialized...


Squid can now be initialized. Use this command:


Squid is now ready to run!

4. Starting/stopping Squid

Starting Squid:


Stopping Squid:


You can start Squid automatically at boot time by creating the /usr/local/etc/rc.d/squid.sh file with this content:


You also need to allow execution of this file:


5. Using Squid with your browser

To use Squid with your browser, you simply need to set it as a proxy in your browser's settings. Squid is listening on TCP port 3128. So if your FreeBSD machine's IP is 1.2.3.4, you will configure your proxy to be 1.2.3.4, port 3128.

Once configured, all the traffic over the chosen protocols (usually your browser lets you choose for which protocols you want to use a proxy) will go through your Squid server.

6. "Overriding" Web sites addresses

The first place where Squid is looking when it comes to resolving URL's to IP addresses is in the /etc/hosts file. If you want to "override" Web sites addresses, simply add them in the /etc/hosts file along with the IP address where you want to redirect traffic.

For example, let's say that you want your Squid's users to be sent to 1.2.3.4 when they request www.google.com instead of to the real google.com. To do so, you will add this line in your /etc/hosts file:


Replace "1.2.3.4" with the IP of the machine where you want to redirect traffic. This isn't really a "redirect" as the users will never see 1.2.3.4 in their browser. For them, it will look like just as if they were really on www.google.com, not on 1.2.3.4.

NOTE: you NEED to restart Squid when you make changes in /etc/hosts.

Conclusion

Squid is very simple to install and use. Though, it's also VERY powerful and flexible: it has literally thousands of options! This tutorial only covered the very basic use - refer to the Squid users guide if you want to customize squid.conf.

Resources

* Squid
* Configuration guide
* Configuration examples
* Users guide

This weekend we converted all SPI mutlihomed hosting email mailboxes from the mbox format to maildir.

What is the difference between mbox and maildir?

Mbox is the traditional way of storing mail messages in the Unix world. In this format, a regular text file which serves as the mail user's mailbox file is created.

Pros: Format is universally supported, Appending a new mail into the mailbox file is fast, Searching text inside a single mailbox file is fast.

Cons: Has file locking problems, Has problems when used with network file systems, Format is prone to corruption.

Maildir is a new way of storing mail messages. In this format, a directory usually named Maildir is created for each mail user. Under this directory are three more directories named new, cur and tmp.

Pros: Locating, retrieving and deleting a specific mail is fast, Minimal to no file locking needed, Immune to mailbox corruption (assuming the hardware will not fail).

Cons: Some filesystems may not efficiently handle a large number of small files, Searching text, which requires all mail files to be opened is slow.

Why we chose Maildir

We've decided to upgrade to Maildir because its more reliable (entire mailbox never fully corrupts) and thanks to no locking it is noticeably much faster to access your mail over Maildir.

Ongoing mbox file locking issues were driving us nuts.

SPI is using the Dovecot mail server on all machines. Dovecot is one of the highest performing IMAP servers. Luckily it supports both mbox and maildir, so all we had to do was: Convert old email messages from mbox to maildir.

Mb2md

Mb2md is a Perl script that takes one or more Mbox format mailbox files in a directory and convert them to Maildir format mailboxes.

Replace USERNAME below with the unix username whose mailbox you are converting

Step 1: Set environment variables for Mb2md


Step 2: Convert the inbox folder and create Maildir folder


Step 3: Convert other folders the user created


Step 4: Copy IMAP subscriptions


Step 5: Tell sendmail to deliver new mail to the user's /Maildir


Step 6: Delete old mbox files


Testing & Troubleshooting

To test, use sendmail to send a test message to your user:


If all works well, your email message will be delivered to the user's Maildir.

If you see the mail appended to /var/mail/USERNAME (do a tail -f /var/mail/USERNAME), this means sendmail is failing to invoke .procmailrc and deliver the email message to Maildir.

This is usually due to the /home or /home/USERNAME folders not having the correct file permissions.

Run this command to troubleshoot:

In a recent post, we explained how to run FreeBSD on Windows using VirtualBox. Today we will show you how to achieve the same thing but using VMware Server. VirtualBox is a very nice application: it's fast, simple and lightweight; but VMware Server has some very interesting features to offer:

* It can run any number of virtual machines in the background. You don't need to keep any window opened and you can simply access your virtual machines using SSH if you wish.

* It supports any guest operating system, including 64-bit versions.

* All the administration is done via a great Web interface.

As VirtualBox, VMware Server is also 100% free. Another product that is competing VMware Server, and that is also free, is Microsoft VirtualServer. It has the same features but is harder to install, harder to use and is a lot more fragile. After months of testing, VMware Server proved to be the best on performance, stability and usability.

1. Download VMware Server

The first step is obviously to download VMware Server. Go there: http://www.vmware.com/products/server/ and click on the "Download" button on the left. You will need to register to download the software. Once you're registered and logged in, copy the "VMware Server 2 for Windows" serial number displayed in the "Licensing" section of the page and paste it somewhere - you will need it later. Then grab the "VMware Server 2" EXE image under the "Binaries" section. The file is around 500MB.

2. Install VMware Server

Installing VMware Server is very straightforward: basically, you simply run the setup file and hit next, next, next, next... without changing anything. There's no real options except which shortcuts you want to create.

At the end of the setup, you will be asked to enter your serial number. Because of the virtual network adapters VMware Server installs, you will also be required to reboot: you need to do it immediately if you want to go further in this tutorial.

3. Download FreeBSD

In this tutorial, we'll be installing FreeBSD 7.2 minimal. If you have a 64-bit CPU, download this one (amd64 release):

ftp://ftp.freebsd.org/pub/FreeBSD/re...md64-disc1.iso

If you have a 32-bit CPU, download this one (i386 release):

ftp://ftp.freebsd.org/pub/FreeBSD/re...i386-disc1.iso

The ISO file is around 600MB.

4. Create the FreeBSD Virtual Machine

Start the VMware Server Web Access using the Start Menu shortcut (called "Web Access") or use your favorite browser and go to this URL: http://127.0.0.1:8308/ui/

Log into the VMware Server Web Access using your Windows account.

The first thing to do is to add a Datastore to your VMware Server configuration. To do so, click on your machine name on the left panel and click on the "Add Datastore" link on the right panel. The Datastore is a folder where everything about virtual machines will get created and stored. Simply give it a name and specify the directory (example: name: VM, directory: d:\VM).

Click on the "Create Virtual Machine" on the right panel:

* Name the virtual machine "FreeBSD", select the Datastore you've just created and hit next.

* Choose "Other operating systems", choose "FreeBSD" (32 or 64-bit, depending on your CPU) in the combo box and hit next.

* Assign the amount of memory you want your virtual machine to have (usually the recommended amount is quite good, unless you need a high-performance virtual machine). If you have a multi-core CPU (or many CPU's), you can choose the number of CPU's you want your virtual machine to use. Hit next when you're satisfied with your settings.

* Select "Create a New Virtual Disk" and hit next.

* Choose the size you want your virtual disk to have and hit next.

* Select "Add a Network Adapter" and hit next.

* Leave the settings to "Bridged" and hit next.

* In the CD/DVD section, select "Use an ISO Image" and hit next.

* Move the FreeBSD 7.2 ISO image you've just downloaded somewhere under the directory you're using as your Datastore. Then select it and hit OK. Then hit next.

* Select "Don't Add a Floppy Drive"

* Select "Don't Add a USB Controller"

* Check "Power on your new virtual machine now" and Hit "Finish"

5. Installing FreeBSD

Now that your FreeBSD virtual machine is created, it's time to install FreeBSD! First of all, in the VMware Server Web Access, click on the FreeBSD virtual machine on the left panel. Then click on the "Console" tab on the right, and click anywhere in the black screen. A small console window will popup: that's your FreeBSD machine, just like if you were sitting in front of a computer running FreeBSD.

NOTE: the console window "steals the focus"; at any time, press CTRL+ALT to release focus from this window. And simply click into the console window to use it.

It should boot from the ISO image you've specified in the setup: it's now time to install FreeBSD:

* Choose "United States" and hit enter.

* Choose "Standard" and hit enter.

* In the Disk Geometry screen, hit "a", then "q".

* Choose "BootMgr" and hit enter.

* In the Partition screen, hit "a", then "q".

* In the "Choose Distributions" screen, select "Minimal" and hit space to check it. Then hit tab, then enter on the OK button.

* Choose CD/DVD and hit enter. The base system will install.

* Network:

Hit "yes" to configure network.
Choose the "em0" network interface.
Hit "yes" to configure using DHCP.
Enter an hostname and hit enter many times.
Choose "no" to use this machine as a gateway.
Hit "no" to enable inetd.
Hit "yes" to enable SSH.
Hit "no" to anonymous FTP.
Hit "no" to NFS server.
Hit "no" to NFS client.

* Last settings:

Hit "no" to customize console.
Hit "yes" to timezone and choose your timezone.
Hit "no" to PS/2.
Hit "no" to package collection.
Hit "no" to create a user.
Set the "root" password.
Hit "no" to visit the options menu.

At the main menu, hit tab to go to the "Exit Install" option, hit enter and then hit "yes". Close the console. In the VMware Server Web Access, select the FreeBSD Virtual Machine on the left panel and hit the red "stop" sign at the top. Then hit the green "play" sign and return in the console. Your FreeBSD system should boot normally.

6. Mounting a shared folder using Samba

It's very convenient to be able to easily and quickly share files between your Windows and FreeBSD machine.

First of all, share a folder on your Windows machine (ex: share). It can be any folder, just share it normally. Then choose a mount point for that folder on your FreeBSD (ex: /mnt/share). We're now going to configure your FreeBSD machine so the shared folder will be automatically mounted at boot time.

Here's the sample informations (replace with yours):

Windows machine: win
Windows IP addr: 192.168.0.100
Windows share: share
Windows user: administrator
Windows password: mypass
FreeBSD mount point: /mnt/share (do not forget to create the directory!)

In /etc/nsmb.conf, add:
NOTE: the caps are important


Then in /etc/fstab, add:


NOTE: before rebooting FreeBSD to test, I recommend testing the mounting manually with a command like this:


Finally, reboot your FreeBSD machine and then go check in your mount point (like /mnt/share) if it works! Try creating folders from FreeBSD and from Windows and verify if it's working correctly. If it's not, the problem is probably on the authentication side.

7. Starting the virtual machine automatically

One other great VMware Server feature is the ability to start virtual machines automatically when you boot Windows.

To configure this, in the VMware Server Web Access, click on your Windows machine name on the left panel, and then click on "Edit Virtual Machine Startup/Shutdown Settings". Select your FreeBSD virtual machine and click "Move Up" to put it in the "Any Order" category.

Conclusion

You now have a FreeBSD virtual machine, acting just like if it was a real server sitting somewhere in your house! Virtual machines are great for development and testing. Please let me know if you have any problems getting this tutorial working!

Step 1 - Download and install VirtualBox

VirtualBox is a general-purpose full virtualizer for x86 hardware. It allows running any flavor Unix system on a Windows box.

You can download the latest version of VirtualBox for Windows Hosts here

Step 2 - Download FreeBSD 6

Download the single-file dvd iso here FreeBSD 6.4 download repository

Download 7-zip and extract the 6.4-RELEASE-i386-dvd1.iso.gz file to a folder on your machine

Step 3 - Create a new FreeBSD VirtualBox machine

Create a new VirtualBox machine, selecting BSD as the operating system and FreeBSD as the version.



Click Next to accept all defaults, but when you get to the 'Virtual Disk Location and Size' screen, change the disk size to 50GB.

Double-click the new machine to start it.

Step 4 - Install FreeBSD on new Virtual Machine

You will be greeted with a 'Welcome to the first run' wizard.

A 'Select Installation Media' screen will then popup. Pick the 'Image File' option, click the icon and locate the folder on your machine where you previously saved the FreeBSD iso file.



Click next a few times, keeping all default options.

FreeBSD install will boot in the VirtualBox

Select OK for United States
Select Standard Installation
Click A for 'Use Entire Disk', followed by Q
Click Enter for BootMgr
Click A for 'Auto Defaults', followed by Q
Select option 4 (Developer) and Yes to install ports
Select 1 for Install from CD

You will see a message saying All file information saved successfully. FreeBSD install will then begin running.

Step 5 - Configuration

Select YES to configure Ethernet network devices and pick your Ethernet card on the next screen

Select YES for DHCP

Select NO for network gateway and NO for iNetD

Select YES to enable SSH login

Select NO for FTP and NFS server/client

Select NO for all remaining questions

Pick a password for your root user

From the VirtualBox menu, select Devices - then Unmount CDRom

Enter X to exit install and reboot the FreeBSD virtual machine

View 1 Comment(s)

Earlier tonight, at 1:30am EST, SoftLayer - one of the tier 1 data centers we use, experienced a power outage in their primary facility, rendering thousands of sites dead.



SPI engineers were alerted to the outage within seconds (we take monitoring very seriously). After establishing that the core problem was a total data-center failure, we verified load balancers are properly redirecting traffic to other locations.

The Power Outage lasted a total of 2 hours and 3 minutes according to our friends at Pingdom:



All SPI client sites are multi-homed, which means we host everything in two independent data centers: Rackspace, Softlayer, NTT Verio and iWeb.

SPI utilizes redundant global load balancing, to immediately redirect end users from west coast to east coast, when such global outages happen.

How it works

New end users hitting your mydomain.com are diverted to active servers.

Old users / scripts (which keep a cached version of your website ip address) continue getting routed to the old server until their local DNS cache is cleared.

What's Next

While the DNS ttl (time to live) is setup as 60 seconds, some browsers and ISPs don't honor that and can take up to 2 hours until the DNS entry is refreshed.

As a workaround for these type of catastrophes where active users have cached a malfunctioning server's ip address, we'll be configuring the load balancers to reply back with all available server ip addresses, letting an end-user's machine rotate ips internally.

We understand the importance of keeping your sites up at all times and although our current setup ensures 100% uptime for new users, we are determined to come up with a solution for users with a cached version of a malfunctioning server ip address.

Your SPI account manager will contact you with any specific steps you have to take, in order to enable this setup for your domains.

If you're using MySQL InnoDB tables with these two lines in your /etc/my.cnf, for the most part, your database should gracefully handle unexpected shutdowns without data corruption:


I was working on such a database today, that experienced a power outage.

While all InnoDB data remained intact (I verified the checksum to ensure database is in sync), replication relay logs got corrupted.

Trying to SLAVE START failed with this nasty error message:


Here's how to recover from such an error -

Step 1: Identify the corrupted file

Issue a SHOW SLAVE STATUS followed by a SHOW MASTER STATUS and record the relay log filenames and positions.

In my case those were: mysql-bin.000313 position 1037717439 and mysql-bin.000249 position 326501604

Running mysqlbinlog to read the first block in each of these files, starting at the last position, immediately reveals the problematic file:


Notice the ERROR on the first line. This tells us we've found the corrupted replication file

Step 2 - Skip the bad block

This involves some trial and error, but what we want to do is use mysqlbinlog to manually parse MySQL replication log file to the end, bypassing the 'Event too small' bad block.

Once done, we have to update relay-log.info, so that MySQL doesn't try to process this file again.

Replaced this:


With:


(Telling MySQL to advance to the next file mysql-bin.000314)

Step 3 - Restart database

While this may be a bit of an overkill, I prefer restarting the entire database, before issuing a SLAVE START