Web | Morgan Jones

You are reading this post on my newly migrated slicehost xen virtual machine.

This is my first hosting experience: until now my web site was running off of a machine under my desk at home. This is obviously not ideal for bandwidth or reliability. Slicehost caters to a technical demographic that just wants a stripped down OS and little or no management tools. And it’s cheap to start.

Initially I installed mysql, apache2, php and various supporting packages. I loaded databases for WordPress and Gallery2 and rsynced my data over. With a little tweaking everything was up and running.

As you may know Gallery2 generates thumbnails on the fly as users visit the site. I cleared the thumbnails during some troubleshooting so they had to all be regenerated on my slicehost. What I found was that on the 256mb slice the system spent an inordinate amount of time in iowait and in many cases Gallery pages would timeout. It took noticeably longer than the Pentium III 350mhz I just migrated from.

After added swap files without improvement I finally upgraded to a 512mb slice. Result: it screams. Ultimately the 256mb slice is just not enough to contain the OS and an application of any significant size.

My intial thoughts were that slicehost was a disaster and I should run but really their baseline packages is just *really* lean on memory. If you’re having problems you might want to try upgrading before any further troubleshooting: they bill pro-rated and will allow you to fall back at no charge if you don’t like the updated slice.

There are (at least) two Apache 2.0 modules that allow ldap authentication against ldap. This is of course not unusual. It is unusual that they have the same name. It would have saved me a lot of time if I’d read a post like this one before attempting to configure Apache’s mod_auth_ldap from an example that used Muhammad Muquit’s mod_auth_ldap.

Redhat AS4 and FC5 ship with Apache’s mod_auth_ldap.

Muhammad’s mod_auth_ldap seems to provide a few more options, notably ldap debugging.

Details here:

mod_auth_ldap that ships with Apache 2.0 and
mod_auth_ldap from Muhammad Muquit

The syntax is different. The basic functionality is the same. Muhammad’s module seems a little more configurable. They both work fine. Here are examples of each:

Muhammad’s mod_auth_ldap:



    # ...
    AuthType Basic
    LDAP_Debug On
    LDAP_Port 389
    Base_DN "dc=morganjones,dc=org"
    LDAP_Protocol_Version 3
    LDAP_Server ldap.morganjones.org
    LDAP_Port 389
    # I have not tried require valid-user with Muhammad's mod_auth_ldap but
    # I surmise it will work.
    # I have seen require user work like this:
    # require user user1 user2 user3
    require valid-user

Apache’s mod_auth_ldap:



    # ...
    AuthLDAPURL ldap://ldap.morganjones.org/dc=morganjones,dc=org
    Require valid-user

Morgan Jones

freelance devops engineer/IT consultant, amateur photographer, and motorcyclist

Category Archives: Web

Slicehost: a first impression

mod_auth_ldap or mod_auth_ldap?