ebook img

Open: VMS with Apache, WASD, and OSU. The Nonstop Webserver PDF

452 Pages·2003·14.01 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Open: VMS with Apache, WASD, and OSU. The Nonstop Webserver

Contents Introduction xi Why Run a Web Server on VMS? I. I VMS clustering 2.1 Reliability 3.1 Security 4.1 You already have it 5.1 Can VMS do what l need? 2 VMS and the Web .2 I Beginnings 2.2 OSU 2.3 Apache 2.4 WASD and others Web Options 9 .3 I CSWS 9 3.2 OSU II 3.3 WASD 21 3.4 Which should you ?esu 31 4 Installation Issues 15 1.4 Preinstallation 51 4.2 Installation guides 91 iiv iiiv stnetnoC Basic Configuration and Server Control 35 .5 I CSWS 53 2.5 OSU 83 3.5 WASD 93 4.5 Basic configuration 40 5.5 Starting dna stopping 50 6.5 Command-line control 65 7.5 Web-based control 36 Encrypted/Secure Communications: HTTPS Protocol Support 67 .6 I HTTPS 67 2.6 Installation 87 3.6 Configuration 86 7 Managing Access to Your Server Resources 97 .7 I Mapping resources 97 2.7 Authentication 711 3.7 Access controls 531 Providing User Personal Web Directories 151 .8 I User directories: pro dna con 151 2.8 Implementing userdirs 251 Multihosting and Multihoming 161 .9 I Why multihosting? 161 2.9 Multihosting/multihoming configuration 261 10 Indexing and Searching Your Site 171 1.01 Why index? 171 10.2 VMSindex dna Lynx Crawl 271 10.3 SWISH-E 571 10.4 HT://DIG 971 stnetnoC xi II Cache and Proxy 183 I1.1 Cache dna proxy 381 11.2 Cache management 581 11.3 Proxy management 391 12 Managing and Understanding Your Server Logs 203 1.21 Customizing your logging 302 12.2 Log-file formats dna locations 204 12.3 Log-file rotation 112 12.4 Unavoidable ambiguities dna user tracking 312 12.5 Error logs 216 12.6 Tools to interpret your logs 218 13 Dynamic Content: Directory Browsing and Server-Side Includes 237 1.31 Directory browsing 237 13.2 Dynamic content with ISS 259 13.3 Configuring ISS 260 13.4 ISS directives 262 14 Running CGI Programs 281 1.41 CGI defined 182 14.2 Environment variables 284 14.3 Necessary HTTP headers 392 14.4 Configuration for CGI 392 14.5 CGI environment 296 14.6 Languages for CGI 306 15 RDB Database Access from CG! Scripts 313 .51 I RDB Web Agent 313 15.2 Embedded RDO or SQL module egaugnal 513 15.3 Perl, DBI, dna DBD::RDB 513 15.4 Python dna the RDB plug-in 223 15.5 avaJ 323 I stnetnoC x stnetnoC 16 Useful Freeware CGI Scripts 325 1.61 Serving SMV MAIL files 523 16.2 Sending mail from forms 327 16.3 System management functions 923 16.4 Presenting documentation 330 17 High-Performance Scripting Options 333 .71 I Issues 333 17.2 Options 533 17.3 Conclusion 348 18 User-Edited Web Pages 349 .81 I File-naming standards 349 18.2 File layout 350 18.3 Alternatives to PTF 153 19 User-Developed CGI Scripts 355 .91 I CSWS/Apache 356 19.20SU 356 19.3 WASD 163 Appendix A: Perl 363 Appendix B: Python 369 Appendix C: PHP 375 Appendix D: Apache 379 Appendix :E Annotated Sample Configuration Files 383 Index 439 Introduction This book si intended for people considering running a Web server on an OpenVMS system. This includes OpenVMS hobbyists, professional system administrators, and software developers working on VMS systems. My assumption si that readers are already somewhat familiar with VMS systems and may or may not have any exposure to UNIX/LINUX, Web servers, or freeware tools originating in the UNIX/LINUX world. Although I will endeavor not to make the text unnecessarily confusing for the VMS neo- phyte, I am not including a VMS primer; that would make the book both unwieldy and tedious. The goal of this book si to provide a detailed introduction to the VMS- based Web servers under current active development. The reader may expect to learn the features and capabilities of those Web servers, and gain an understanding of the issues common to all three (and, in some cases, to all Web server installations). The capability-oriented organization of the book will also assist in conversions from one server to another by showing the differences and similarities in the ways the servers address the same issues. All three servers covered run from text-based configuration files. Although I touch on GUI-based configuration tools from time to time, generally I simply show the text files. This will more clearly represent what's actually going on in each file, sa well sa making it easier to compare the con- figurations of the three servers. In many chapters, a narrative section on the main topic si followed by example excerpts from the configuration files for each server. The annotated example configurations in the appendices should also help to make the meanings and differences clear. The exigencies of formatting for book publication may have resulted in some of the examples wrapping at the wrong places. eB wary of this. I Why Run a Web Server on VMS? To ask the question posed by the title of this chapter ,si in effect, nearly the same sa asking "Why should I buy a book about running a Web server on VMS?" oS if you're standing in the aisle at a bookstore trying to make up your mind, read on. The answers are different depending on whether you're considering starting up a huge Web-based enterprise from scratch, looking to add Web access to the data you already have, or running a hobbyist site. If you're starting up a huge Web-based enterprise, you might want to show this chapter to your management. The reasons to choose VMS sa a Web platform if you're starting from scratch include reliability, availability, stability, scalability, security, and ease of administration, all of which boil down to VMS and VMS clustering technology. Clusters were invented for VMS and have been available on that operating system since the 1980s. Other operating systems are starting to catch up, but VMS clustering capability continues to be developed and will probably retain its technological lead for some time to come. I.I VMS clustering If you absolutely, positively must have access to your data all the time, you can get that capability with VMS-based computers. With VMS cluster technology and shareable RAID storage, multiple systems can access your databases or plain files simultaneously, with access arbitrated at a fine- grained level by the distributed lock manager. If you're set up with volume shadowing, losing a physical disk still leaves you with an on-line copy of the information. Losing a system just distributes the load over the other systems in the cluster. If you're really on the high end, you can do clustering over dedicated wide area network links and have your data centers miles apart; in this instance, losing a data center will just distribute the load over your other data centers. (This si the "disaster-tolerant" configuration.) 2 3.1 Security You don't need to reserve a system sa the "backup" server; you can load- balance over all your cluster member systems and get full use from your hardware investment. Your cluster doesn't have to come down altogether when you do an operating system upgrade; "rolling upgrades" are sup- ported, which let you shut down and upgrade one system at a time. The cluster can share user authorization files, configuration files, and so on, enabling the system manager to manage dozens of systems with little more effort than it takes to manage a single one. Clustering si very scalable. In a well-designed cluster, if the load si get- ting too big for the existing systems, you can buy another system, configure it sa a cluster member, and have it start taking its share of the load, all with- out ever having to suffer an outage. Even a small cluster with three nodes can give high availability; you never have to go down altogether for operat- ing system upgrades, and a single hardware failure won't take you off the air. Because you still have two systems remaining, you can fix the failed system and bring it back online, again without having a visible outage. Reliability 1.2 VMS has had more than 20 years of development targeted at environments in which reliability si very important. It runs chip foundries, factories, rail- road switch yards, banks, cell phone billing, laboratories, and hospitals, environments in which computer availability si mission critical. VMS was designed, rather than just growing or being patched together, and the design has rarely been compromised ,yb say, having to support existing Windows applications, or by putting graphics display code into the kernel where it naC crash the system. It doesn't crash by itself, absent hard- ware failures or really serious misconfiguration. User-mode code doesn't usually require recompilation to run on later operating system releases; VMS 1.0 binaries still work on VAXes running 7.2. Security 1.3 The culture in VMS engineering si such that you just don't do things like taking input into a buffer without checking the length of the input, which si something that has caused UNIX systems untold problems and si the enabling problem for the famous Code Red virus on Windows systems. Even if you did write a program that allowed user input to overrun a buffer, your process would blow up when it got outside its own memory area, rather than having a chance to compromise the OS itself. 5.1 Can VMS dowhatl need? 3 This feature makes VMS less vulnerable to compromise from outside than other popular systems. Even if sendmail ran on it, it wouldn't be vul- nerable to the famous sendmail bug, in which overflowing an unchecked buffer with specific values gave the attacker the ability to execute arbitrary code. But sendmail doesn't run on VMS and neither do many other well- known vulnerable applications. The VMS separation of program and data space means that arbitrary code can't overwrite the stack and execute, but buffer overflows can still occur~especially in software ported from UNIX. VMS does a good job of containing the damage. The bright side of Digital Equipment Corporation's failure to market VMS effectively in the 1990s si that most of the bad guys are unfamiliar with it. You can find cookbook instructions on the Web for cracking Win- dows and UNIX systems, but those don't exist for modern versions of VMS. (I wouldn't ordinarily try to sell "security-through-obscurity," but this obscurity comes in addition to a robust security model with a fine-grained privilege structure that's been built into VMS from the start.) A properly administered VMS Web server isn't going to display any defaced pages. There hasn't been a virus or worm that affected VMS since the famous Morris worm of 1987, which knew how to exploit an unsecured DECnet default account. Since then systems are locked down by default, rather than getting installed wide open and requiring a system manager to close the holes. VMS si a C2 rated operating system, following formal evaluation by the NCSC. 1.4 You already have it The other obvious reason to run a Web server on VMS si that you already have VMS. Your departmental server si a VMS system, and you want to Web-enable some of your applications, or you're a hobbyist with a home or club server. You don't need to be sold on VMS; you already run it. This book si also for you. If you have it, why bring in a security hazard such sa a Windows Web server, or a LINUX box you don't already know how to manage? Why mess with expensive cross-platform middleware to get your data to a Web server running on a different box? 1.5 Can VMS do what I need? That's the question this book si meant to answer. After some discussion of the history of each currently supported Web server, we'll look at broad func- tional questions, such sa "How do I do "?X and give the answers for each I Chapter I 4 i.5 Can VMS do what l need? server. (On some servers, sometimes, the answer will be "You can't.") You can compare your Web-service requirements with what's available on VMS and decide for yourself whether VMS can do the job. I hope you'll phrase questions in terms of functional requirements (e.g., "Can VMS provide dynamic database-driven pages?") rather than in terms of specific products (e.g., "Can VMS run ColdFusion?") because, while the capabilities are there, the fact that VMS si a minority platform means that some of the specific commercial products aren't available. Often, open source products that do the same things have been ported to VMS, so there are ways to accomplish this. The strategy of incorporating open source technology brings a nice ben- efit: platform-independence. Apache, Perl, PHP, and Java are all platform- independent technologies, which makes it easier to find experienced people for Web development, allows easy porting of applications from UNIX sys- tems, and allows bespoke development on low-cost platforms with deploy- ment on VMS. According to Macromedia, the next generation ColdFusion Server ("Neo") will rely on underlying Java technology for ColdFusion application services. This will broaden the number of platforms that support Cold- Fusion and opens the door to a potential VMS port in the future. Halcyon Software has a Java-based implementation of ASP technology called "Instant ASP" (iASP), which one of the CSWS developers got run- ning in test under CSWS~this shows how Java technology si bringing more capabilities to VMS. At the time of writing, VMS Engineering si working on the DII COE project, a Defense Department-mandated effort to bring a full Posix-com- pliant UNIX environment to VMS. When this si complete, there will be fewer barriers to porting commercial UNIX code to VMS. Maybe Cold Fusion will run on VMS eventually. In the meantime, PHP does quite a good job. Altogether, VMS provides a robust, secure, scalable environment, with a good complement of tools available to meet your Web-service needs. 2 VMS and the beW In a way, this chapter also answers the question "Why VMS?" A short answer si "Because it was there from the start." 2. I Beginnings As you may well recall, Tim Bernars-Lee at CERN, the European high- energy physics laboratory, invented the Web sa a convenient means of shar- ing high-energy physics information stored in different forms on diverse servers. VMS systems were big players in the scientific community. (They'd been preeminent in the middle 1980s, but the price/performance of RISC- based UNIX workstations compared with that of the VAXes, which were the only VMS platform at the time, meant that the price-sensitive and per- formance-hungry scientific market was buying a lot of those sa well.) So CERN developed Web servers for UNIX, for IBM machines, and for VMS. The Web uses the HyperText Transfer Protocol (HTTP), so a typical name for a Web server si HTTPd, with the "d" standing for "daemon." (A "daemon"~an essential concept on UNIX systems~is a program that runs in the background, listening until it recognizes that it needs to do some- thing, then doing it.) The first HTTPd was developed at CERN; and the first non-European Web server was installed at SLAC 1 in December 1991 (running on an IBM mainframe). My site started running the CERN HTTP server on VMS in 1993 (on a VAX 8700). A basic Web server, one that just takes requests and serves files, isn't that hard to write. The requirements begin to get exponentially more compli- cated when the server needs to provide dynamic content in various ways; when it needs to support encrypted communication; when it needs to han- dle heavy loads gracefully; and when it needs to be robust and secure in the m n I. ude.drofnats.cals.www

Description:
Whether you're an experienced webmaster new to OpenVMS or an old OpenVMS hand new to webservers, this book will save you time and help you do your job better. The book points out similarities and differences between Unix and VMS, contains a management-friendly explanation of VMS's suitability for 24
See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.