PageSpeed with HTTPS, Apache and Tomcat
Feb 21, 2016
PageSpeed is a tool by Google which rewrites/optimizes resources served by your web server so that your site loads faster. I think it was designed to work with sites that largely serve static content. Most PHP based sites are like that. For example, Wordpress installations can directly reside in the DocumentRoot of Apache. That makes it straightforward to configure PageSpeed. But if you are using a Java web application fronted by Apache, the PageSpeed documentation doesn't help you much.
PageSpeed configuration for dynamic content
If your web application serves content using a URL which does not map to a physical location in your DocumentRoot, PageSpeed will not be able to find it. For example, this blog runs on Apache Roller which serves static files using a logical path and not a physical path. If relative to your web application's root, the CSS files are present in this phsyical location:
roller/themes/alaru/css/And the CSS files are served with this logical URL:
https://satishchilukuri.com/blog/resource/css/PageSpeed will try to look for this physical location relative to DocumentRoot:
blog/resource/cssUsability improvements that Websphere console could use
Aug 24, 2015
Websphere offers a web based console to manage its settings and deployments. Sometimes, this web console is all that users have access to if their company security policy dictates that users should not have access to actual Websphere install location. Though the web console is quite powerful in that it allows you to control Websphere to a great degree, it could use some usability enhancements that will save time for its users.
From what I have seen, the most common use cases for the Websphere console are - deploying war/ear files and viewing log files. So it makes sense for Websphere console to provide these options right away when a user logs in. The current design just shows a Welcome page once a user logs in. From there, to deploy a war/ear, the user has to:
- Click on "Applications" link in the left navigation sidebar.
- The click in "Application types"
- Finally click on "Websphere enterprise applications" to bring up the screen where they can deploy.
Instead of showing the welcome screen, the Websphere console can take the user to the "Websphere enterprise applications" screen after they login. This eliminates three additional steps to get to the deploy step.
Another common task is restarting deployed applications. Currently, to do this, users have to tick a checkbox for the application, click on "Stop" button, then tick the checkbox for the application again and click on "Start" button. A "Restart" button can combine the two step stop/start operation into a single step.
Backing up your data
Feb 14, 2015
Backing up your data is important because it is always possible for you to lose your data. It can be due to you accidentally deleting it, your hard drive crashing or because you lost access to your server. In any case, it is a good idea to set up automated backups both on your server and on another machine that is not in the same physical location as your server.
Here are some resources I used to setup backups on this server which is running Debian Wheezy:
Backing up Postgresql
First create a read only user to perform the back ups as described here. If you don’t want to create a linux user for the read only user, you may need to edit your pg_hba.conf file to change the auth-method to md5 instead of peer which is the default.
Then use this backup script which can make daily, weekly and monthly backups. The script contains the documentation on how to use it.
Backup config and application data files
Next backup any config files that you have modified. Most of your configuration should be in the /etc directory. So you can just backup the whole directory. Then you need to back up your web applications data files as well - files like images, videos etc.. that aren’t stored in your database but are stored on the file system.
To automate the backup of these files, I created a simple shell script with cp commands to copy files to a backup directory. I then dropped this script into /etc/cron.daily so that the script runs daily. If you don’t know how to use cron, this is a good place to start.
Copying your backups to another machine
To automate copying your backups to another machine, you can use rsync. The process is a bit involved. I referred to these guides to setup my rsync backups:
- A general backup guide that also explains how to use
rsync. - To automate
rsyncbackups to another machine, we need to use ssh keys and when using those, it is a good idea to create user just to run rsync and prevent that user from running anything else. This explains how to do that.
Using Apache HTTP Server in front of Tomcat 8
Feb 04, 2015
Previously, I wrote about installing Java 8 and Tomcat 8. In this post, we’ll see how to use an Apache HTTP server in front of Tomcat 8. Note that the configuration described in this post is what worked for me. The official documentation (here and here) is heavy on the various configuration options that are available, but doesn’t help much if you are looking for a simple example of how to configure Tomcat with Apache HTTP server, and then tweak that simple configuration as you need. So depending on your goal, the information in this post may not be sufficient. With that caveat, here’s how I got things working:
Install and configure the Tomcat-Apache connector
(The version of Apache HTTP server that I’m using is 2.2, from Debian Wheezy repositories).
Install the Apache-Tomcat connector module:
sudo apt-get install libapache2-mod-jkThat should also enable the jk module in Apache. But just to be sure, enable it explicitly:
sudo a2enmod jkThe Apache-Tomcat connecter uses worker processes to handle requests forwarded by the Apache HTTP server. The configuration of thes processes is in /etc/libapache2-mod-jk/workers.properties. There, update the paths to tomcat_home and java_home. as I described in my previous post, if you are using separate Tomcat directories - one for Tomcat binaries and one for the config files and webapps, then tomcat_home should point to directory having the webapps.
Installing Java 8 and Tomcat 8 on Debian Wheezy
Feb 01, 2015
Installing Java 8
By default, Debian repositories only have Open JDK and on Wheezy, the Open JDK version is the equivalent of Java 7. To get the latest Java 8, we need to install it manually. First download the Java 8 server JRE which comes with JVM monitoring tools. Or you could just download the Java 8 JDK which includes those monitoring tools and more. I prefer to install only the bare minimum setup that is necessary.
When manually installing software on Linux, it is recommended that it go into /opt directory. So unpack the JRE or JDK into /opt.
Create a symbolic link "java8" pointing to the JRE/JDK directory. This will make it easier when installing updates to the JRE/JDK. All Java dependent applications will refer to the symbolic link and when you do update the JRE/JDK, you don’t need to update the path to Java for all those applications. You just need to update the symbolic link.
cd /opt
sudo ln -s jdk1.8.0_25 java8Add the Java bin directory to your PATH so that the Java commands are available to you. Edit your .profile file
vi ~/.profileSetting up your Virtual Private Server
Jan 15, 2015
After you've bought a VPS, it's time to set it up. First, you need to decide which operating system you are going to install. I chose Debian for two reasons - one because it's Linux and Linux makes for an excellent server OS in that once you set things up, it requires minimal maintenance. The other reason is that I'm very familiar with Debian based distros like Ubuntu and Linux Mint. Ubuntu was the primary OS on my laptop for years, and now Linux Mint has that position.
I could have chosen Ubuntu itself, as the 2014 release comes with 5 year support. But I wanted to play with Debian, so I chose it over Ubuntu. And even though Debian hasn't officially said that the current stable release will get long term support, their release cycle is very conservative and the releases are usually supported for a long time. It's better to install a release that is supported for a long period instead of choosing a cutting edge release which may require you to frequently upgrade your OS. Running a server should require minimal maintenance effort from you, unless playing with cutting edge stuff is your goal.
After deciding the OS, it's time to install it. Most likely your VPS provider has guides on how to do this. There are also plenty of guides available on the Internet. These are the guides I followed:
Getting Started - this information is specific to linode. Your VPS should have a similar guide.
Securing Your Server - how to create users, setup SSH keys, disable root login, setup a firewall, and installing Fail2Ban - which prevents dictionary login attacks.
Unattended upgrades - in line with our goal of having to do as little maintenance as possible, we want our server to automatically install package updates - which in a stable Debian release are mostly security updates.
Hosting a Website and installing LAMP. I only installed Apache. It is the most popular http server with a lot of features, so you may want to use that. nginx is another popular alternative which is faster than Apache, but to use Google's PageSpeed module, you have to manually build nginx from sources. I don't like having to manually build sources every time there's an update to either nginx or PageSpeed. If there are any security vulnerabilities, I'd like the OS to automatically install updates instead of me having to install them. Since the http server is the entry point for web traffic, it's important that it stays up to date.
For the database, I went with PostgreSQL as I had already used Mysql before and wanted to try PostgreSQL. Also, since I plan to use Java and not PHP, Mysql is not a requirement. The Java world, with it's emphasis on abstraction and ORM frameworks, is relatively database agnostic and gives you the freedom to chose your own database. Many PHP applications like Wordpress require Mysql.
Setting up an SFTP jail - you should use Secure FTP and never FTP to transfer files to your VPS. This guide tells you to setup a separate user to do that for security purposes.
That covers the base setup of our VPS. To run Java web applications, we are going to need Java and a web server like Tomcat. I'll cover that in future posts.
Buying a Domain and a Virtual Private Server
Jan 14, 2015
Domain
Before buying a domain you need to decide what domain name you want to use for your website. Decide on a few names beforehand as the name you want may not be available and so you will need to use an alternate name. Also decide what top level domain you want to use - like .com, .net, .io etc... After deciding on a few names, it's time to pick a domain name registrar. You can buy domains only through a registrar (Some hosting providers also sell domains).
There are a lot of domain name registrars in the market with very competitive pricing. Just shop around, and read a few reviews. Registrars who have poor service will usually have negative reviews. It's by searching on the Internet and reading reviews did I decide on using Hover as my domain registrar. Another option is to ask someone who you know who owns a domain name. And be wary of supercheap pricing. As it is, domains don't cost much and if you are only buying one or two of them, paying an extra $2-$5 an year doesn't really matter. The level of service tends to be proportional to the pricing.
Why buy a Virtual Private Server (VPS)
Before asking which VPS hosting service to use, is using a VPS worth it? Depending on your needs, it may not be. If you just want a simple site where you don't expect much traffic, you can go for shared hosting which is cheaper than buying a VPS.
But if you want complete control over your site and how it runs, or simply like playing around with a server, a VPS is your option. In my case, in addition to both those reasons, I also wanted to run a site using Java. There are very few shared hosting providers who host Java web applications. The majority of them concentrate solely on hosting PHP applications.
A caveat though - maintaining a VPS is serious work. You have to do everything yourself - install an operating system, install and configure a web server and a database, and the software for your site. And even if you have that technical know how, you may not really have the time to do all that. So consider that before buying a VPS. Shared hosting starts at $4-$5 a month (some even throw in the cost of domain registration in their price plans), whereas a VPS starts at $8-$10 a month. If you aren't going to fully utilize a VPS, there's no point in paying the extra money.
Which VPS
Choosing a VPS provider is a tad harder than chosing a domain registrar. A VPS costs more than a domain so you want to be sure that the money is well spent. Know that most personal websites/blogs don't need much hardware power. So don't be tempted to pay for more RAM or CPU. Disk space depends on whether you plan to use it for backing up your data. If you aren't going to, don't bother paying for all that extra disk space. A lean Linux install weighs in like 2-3 GB, with the web server, database and other softwares installed. And blogs with hundreds of posts and thousands to comments don't take up more than hundreds of MB of database space (unless your site is heavy on photos or video). So even a 20 GB hard disk space is plenty.
I settled on my VPS provider, linode, as I already use it for running a Wordpress site for some friends. So ask people you know, if they've used a VPS and what their experience was.
Hosting a blog on your own server
Jan 14, 2015
These series of posts document the steps I took to host this blog on my own Virtual Private Server (VPS). I'll keep updating this post as and when I make new posts on this topic.