cPanel Virtualization Templates’ Best Practices - PowerPoint PPT Presentation

About This Presentation
Title:

cPanel Virtualization Templates’ Best Practices

Description:

The best practices for cPanel virtualization templates include creating only 64-bit templates while creating templates as well as keeping templates small. – PowerPoint PPT presentation

Number of Views:47
Slides: 22
Provided by: htshosting
Category: Other

less

Transcript and Presenter's Notes

Title: cPanel Virtualization Templates’ Best Practices


1
cPanel Virtualization Templates Best Practices
2
Table of Contents
  • Introduction
  • cPanel Partner
  • Getting a Development License
  • Creating a Minimal Installation for Templating
  • Configuration Files Pre-Installation
  • Update Configuration Settings
  • Update Download Location Settings
  • Basic Server Settings
  • cPanel WHM Configuration Settings
  • cPanel WHM Installation, Post-Installation
    Tasks
  • Prevent Locked Licenses
  • Avoiding Security Vulnerabilities
  • Finalizing Template
  • Finalizing Tasks
  • Deployment Tasks
  • Updating Templates over Time
  • Common Issues in OpenVZ and Virtuozzo

3
Introduction
  • It needs to be mentioned that although the use of
    the usual cPanel WHM installation process is
    recommended and supported, it might take some
    time than that which is necessary for VPS
    (Virtual Private Server) and VM (Virtual Machine)
    hosts. The alternative is to provision VPS or VM
    systems with a templated cPanel WHM
    environment.
  • cPanel is a popular web hosting control panel
    that is used in web hosting. Web hosting is a
    service provided by web hosting companies that
    makes websites accessible over the Internet. The
    Best Website Hosting Company, the Best Cloud
    Hosting Company, the Best Windows Hosting
    Company are the terms that are used to refer to
    the best hosting service providers.

4
cPanel Partner
  • Those that offer template installations of cPanel
    WHM, are recommended to become a cPanel
    Partner. cPanel Partners have the opportunity to
    use the cPanels API for automatically
    provisioning their very own licenses for cPanel
    WHM, KernelCare, and Cloud Linux through their
    billing system. It is also possible for cPanel
    Partners to enable or disable certain specific
    options within WHM.

5
Getting a Development License
  • Prior to beginning, apply for a development
    license that is free, via the Developer License
    Application. In this context, these are the
    following points to mention
  • Application can be initiated for one license per
    template.
  • Each template has a specific IP address.

6
Creating a Minimal Installation for Templating
  • The following points are recommended while
    creating templates
  • Creating templates that are only 64-bit. 32-bit
    systems are not supported by cPanel WHM.
  • Templates should be kept small. Post converting
    the template for the VPS of a customer, you need
    to use your virtualization software for
    automatically expanding the virtual disk capacity
    to a minimum of 20 GB.Each template has a
    specific IP address.

7
Configuration Files Pre-Installation
  • Extensive documentation is available on how to
    preconfigure cPanel WHM. The need to log in to
    the VPS or VM, prior to granting access to your
    customer, is usually done away with when the
    files are preconfigured.
  • As per recommendation, the following files need
    to be customized
  • Update Configuration Settings
  • Update Download Location Settings
  • Basic Server Settings
  • cPanel WHM Configuration Settings
  • Each of these is discussed next.

8
Update Configuration Settings -
/etc/cpupdate.conf
  • Through this file you can configure cPanel
    WHMs release tier and other update settings.
    These settings can be changed by the user at any
    time, within WHM. Most of these settings can be
    found in the Update Preferences interface in WHM.
  • WHM gtgt Home gtgt Server Configuration gtgt
    Update Preferences
  • It needs to be mentioned that you cant downgrade
    major versions. Moreover, you cant change the
    release tier of a server to circumvent this
    restriction.

9
Update Download Location Settings -
/etc/cpsources.conf
  • With the aid of this file those locations can be
    determined from where your server downloads
    updates. As per the default setting, updates are
    retrieved directly by cPanel WHM servers from
    cPanel L.L.C. This happens through the
    httpupdate.cpanel.net pool of update servers.
  • If you are an existing cPanel Partner and have
    your own FastUpdate server, then it is possible
    for you to edit the HTTPDUPDATE setting in order
    to update only from that FastUpdate server.
  • HTTPUPDATEfastupdate.example.com

10
1-800-123 -8156
  • Whoa! Thats a big number, arent you
    proud?

11
Basic Server Settings - /etc/wwwacct.conf
  • Basic information related to server for cPanel
    WHM is contained in this file. This information
    includes the IP address, home directory and
    nameservers. Most of the settings which appear in
    the Basic WebHost Manager Setup interface in WHM
    are included in it.
  • WHM gtgt Home gtgt Server Configuration gtgt
    Basic WebHost Manager Setup

12
cPanel WHM Configuration Settings -
/var/cpanel/cpanel.config
  • cPanel WHMs extensive configuration options
    are contained in this file. Most of the settings
    that are present in the Tweak Settings interface
    in WHM are included in it. Additionally, it
    includes other settings throughout cPanel WHM.
  • WHM gtgt Home gtgt Server Configuration gtgt
    Tweak Settings

13
cPanel WHM Installation, Post-Installation
Tasks
  • cPanel WHM Installation cPanel WHM can be
    installed post the completion of preconfiguring
    your installation.
  • Post-Installation Tasks New defaults could be
    set, once cPanel WHM has been installed
    successfully. Additionally, SSH could be secured
    and the security configuration could be updated.
  • However, it is recommended that while making the
    template, you dont log in to WHM. If you log in,
    then you need to remove the /etc/.whostmgrft 
    file, prior to publishing the template. You
    should not shut down the VM for creating the
    template, until after you have carried out
    certain steps.

14
Prevent Locked Licenses
  • It is highly recommended that one VM be created
    per template and maintained to ascertain that
    your development license doesnt get locked by
    cPanel L.L.C. This will result in the following
  • The need for a single license and one IP address
    for each templating VM.
  • Confirm that your license or licenses do not get
    locked by cPanel L.L.C.
  • Lets you restart the VM for performing updates.
  • You need to run the below-mentioned commands in
    order to ensure that your license doesnt get
    locked by cPanel.
  • /scripts/restartsrv_chkservd --stop
  • /scripts/restartsrv_cpsrvd --stop
  • rm -f /usr/local/cpanel/cpanel.lisc
  • There is a certain BASH script that runs the
    above-mentioned commands.

15
Avoiding Security Vulnerabilities
  • You need to ensure the following, prior to
    finalizing your template, in order to avoid
    security issues
  • Removal of the generated SSH host keys and
    temporary files.
  • Clearing the hostname from within the operating
    system and the file, /etc/wwwacct.conf

16
Finalizing Template
  • All the system requirements need to be met by
    your template. Rather, it is recommended that the
    templates exceed meeting the system requirements.
    Certain different templates are offered by most
    providers.
  • It needs to be mentioned that each VPS or VM
    requires a SWAP file or partition. The partitions
    need to have at least 256 MB.

17
Finalizing Tasks
  • You need to finalize your template, prior to
    deploying your VM or VPS, and after you have
    completed the post-installation tasks. Each of
    the below-mentioned actions needs to be
    performed
  • The ADDR value needs to be updated in the file,
    /etc/wwwacct.conf , with the VPS or VMs main IP
    address.
  • The script, /usr/local/cpanel/bin/set_hostname,
    needs to be run automatically, on the images 1st
    boot, prior to any cPanel WHM services
    starting. The hostname can be randomized or it
    can be set as per the choice of your customer.
  • If a 11 NAT environment is being run, then the
    script, /scripts/build_cpnat needs to be run to
    build the NAT file.
  • The script, /scripts/rebuildhttpdconf needs to be
    run for rebuilding your Apache configuration with
    the right address.
  • A BASH script carries out all these tasks, except
    updating the ADDR value.

18
Deployment Tasks
  • Some files need to be automatically updated when
    the VPS of the customer is deployed. If the
    command, libguestfs virt-sysprep is being used,
    then it can be done via the following options
  • firstboot
  • Or
  • -firstboot-command
  • It needs to be ensured that if a tool, such as
    libguestfs virt-sysprep is being used for
    finalizing the template, then no user accounts or
    cron jobs get removed accidentally. If the
    libguestfs command isnt being used then you need
    to consult the documentation of your hypervisor
    to look for an alternative option for running
    scripts or commands upon 1st boot.

19
Updating Templates over Time
  • Templates need to be updated as and when updates
    are released by cPanel L.L.C. Regular updates
    need to be planned for all the templates in order
    to avoid this situation.
  • The below-mentioned commands need to be run in
    order to run a cPanel WHM update for the
    template.
  • yum update -y
  • /scripts/upcp
  • It needs to be mentioned that prior to shutting
    down the VPS or VM in order to recreate the
    template, the same commands that are from the
    section, Prevent Locked Licenses, need to be run.
    If that isnt ensured then your license might
    become locked.

20
Common Issues in OpenVZ and Virtuozzo
  • The common issues that are encountered while
    using OpenVZ or Virtuozzo are mentioned below
  • Hostnames The requirement for a FQDN (Fully
    Qualified Domain Name) might not be met by your
    hostname on CloudLinux 7 or 8, AlmaLinux 8,
    CentOS 7 or 8, or on Red Hat Enterprise Linux 7.
    The hostname is controlled by Virtuozzo via the
    VPS configuration. When hostname is set manually,
    it will be reset by Virtuozzo on the next reboot.
    It needs to be ensured that the full hostname is
    set up correctly post the VMs provisioning. An
    FQDN is required by cPanel WHM.
  • Quotas Second-level quotas need to be enabled
    for OpenVZ and Virtuozzo. This can result in
    issues that have to do with quota-initiation.
  • Jailshell Specific steps are required for
    enabling a full proc mount in Jailshell.

21
Thanks!
  • ANY QUESTIONS?
  • www.htshosting.org
Write a Comment
User Comments (0)
About PowerShow.com