The steps outlined will outline how to configure an existing Linux OS installation for Orca by adding required packages and making configuration changes to the system. You may already have some of the components on the server so adjust accordingly.
Orca for Linux requires the following minimum system configuration:
- Red Hat Enterprise Linux / CentOS 7 64-bit
- Intel or AMD Quad-Core Processor or better
- 8GB or more RAM
- 30GB or more free disk space
Orca requires Apache2, PHP 7.0 or later, and several php modules and utility packages. It is recommended that you obtain PHP 7.x and other required packages and configure your system using the steps outlined below.
When you have completed configuring your server using the guide below, you can install Orca by extracting the tar file on the server and issuing the following command:
Add The EPEL And Webtatic RPM Repositories
PHP 7.x and other required components are available from these repositories.
rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
We have had recent reports that the Webtatic repositories have an expired SSL certificate. Please refer to the rpm/yum documentation on how to configure your server to skip certificate verification, or obtain replacement PHP packages from another source.
Install PHP 7.1 And Required Modules
yum install -y php71w-cli php71w-common php71w-mbstring php71w-mcrypt php71w-mysqlnd php71w-xml php71w-posix php71w-bcmath php71w-ldap
PHP Configuration Settings
The following PHP configuration settings should be applied to PHP on the server. Edit the settings in the php.ini config file on your system (default is /etc/php.ini).
- max_execution_time = 0
- max_input_time = 0
- upload_max_filesize = 500M
- post_max_size = 100M
- memory_limit = 4095M
Note: If you are installing Orca on a server running as a virtual server, you must set the memory_limit value just below the actual available memory for the virtual machine.
Install Apache2 And Additional Packages
yum install -y httpd mod_ssl mod_php71w iproute net-tools
Orca requires that Apache be configured to allow specific rewrite, proxy, and override functions.
After the above packages have been installed, Please refer to the Apache HowTo for specific steps required to configure Apache. Once you have made the Apache configuration changes make sure to restart Apache so the changes take effect.
Configure The Orca Database
Orca requires a database system to store all of its data in. You can install a database on the local system or you can connect Orca to an existing database server. You will be prompted for the database connection information during the installation process.
You can connect Orca to the following database servers:
- SQL Server
Using MySQL/MariaDB is strongly recommended. This database server typically provides the best performance.
Your database server must be accessable via PHP. If you are using MySQL/MariaDB and installed the php-mysqlnd module PHP should already be configured to connect to MySQL/MariaDB servers. For Oracle or SQL Server, ensure the PHP on the system has the appropriate modules and configuration files required for PHP based connections.
Installing a local MySQL/MariaDB
If you would like to use MariaDB on the local system, it can be installed with the following steps:
yum install -y mariadb-server mariadb systemctl enable mariadb systemctl start mariadb
You will need to create the Orca database and grant permissions for Orca to the database. The following example creates a database called ‘orca’ using the same name for authentication. You can alter the connection information as required.
mysql -u root create database orca; grant all on orca.* to 'orca'@'localhost' identified by 'orca';
If you are using MySQL/MariaDB as the backend database for Orca, you must increase the packet size that can be used with the server. Add the following option to the MySQL/MariaDB configuration file /etc/my.cnf in the [mysqld] section:
You must restart the database server after making this change in order for it to take effect.
Linux OS System Settings
The following OS system settings are recommended for best performance. Unpredictable results can occur if Orca exceeds system resource limits.
Linux SELinux And IPv6
Orca’s backend processes and the web application make connections to various services locally and remote. For best results, you should disable IPv6 and SELinux. If you need these services to be active, make sure to adjust the system policies so that Orca and IPv4 access are not negatively impacted. You can disable SELinux and IPv6 with the following steps:
Add the following lines to /etc/sysctl.conf
net.ipv6.conf.all.disable_ipv6 = 1 net.ipv6.conf.default.disable_ipv6 = 1
Set the SELinux policy in /etc/selinux/config to
You will need to reboot the system in order for the changes to take effect.
Linux Max Open Files
You should increase the open file limits on the system to at least the values shown below. The following file can be created to automatically set the open file limits at system boot.
File: /etc/security/limits.d/21-nofile.conf Contents:
soft nofile 16384 hard nofile 16384
If you plan to run the Linux firewall service be sure to open the port for the Orca Agent service. Orca accepts incoming network connections on an agent port (port 9999) for incoming job connections. You can add exceptions to the firewall system by creating the following file and restarting the filewall service.
File: /usr/lib/firewalld/services/orca-agent.xml Contents:
<?xml version="1.0" encoding="utf-8"?> <service> <short>orca-agent</short> <description>Orca Agent Service</description> <port protocol="tcp" port="9999"/> </service>
After creating the above files, run the following commands to activate the changes and ensure the appropriate ports are open for Orca.
firewall-cmd --reload firewall-cmd --add-service=https --permanent firewall-cmd --add-service=orca-agent --permanent
If you do not plan to use the Linux firewall service, be sure to stop and disable it.
systemctl stop firewalld systemctl disable firewalld