Install BT (aaPanel) in Oracle ARM-based Virtual Instance with Oracle Linux 8 - NETSEC

Latest

Learning, Sharing, Creating

Cybersecurity Memo

Saturday, July 24, 2021

Install BT (aaPanel) in Oracle ARM-based Virtual Instance with Oracle Linux 8

Oracle’s newly exited ARM can actually have up to 4 cores, 24G memory, 4G bandwidth, and 200G storage instances. But the CPU is an arm architecture, so in actual use, when installing the pagoda panel, we encountered some problems and could not complete the installation. Actually, it was caused by associated software. This post shows the step by step guide how you can get aaPanel (BT) installed on Oracle ARM based Linux OS. The following is the default installation under Oracle Linux 8.

Many people will install Debian through DD, but this is risky. Oracle has deleted / blocked many of those because they are detected to be idle by the system. The DD system will cause some default Oracle cloud detection functions to fail, so DD another system is not recommended. 

Update System

First update the system software package and repositories:


Update Oracle Linux 8 system to latest:

 [root@arm1 ~]# yum upgrade -y && yum update -y


Download & Install aaPanel (BT)

For aaPanel:
Centos / Oracle Linux:yum install -y wget && wget -O install.sh http://www.aapanel.com/script/install_6.0_en.sh && bash install.sh aapanel
Ubuntu/Deepin:wget -O install.sh http://www.aapanel.com/script/install-ubuntu_6.0_en.sh && sudo bash install.sh aapanel
Debian:wget -O install.sh http://www.aapanel.com/script/install-ubuntu_6.0_en.sh && bash install.sh aapanel
For BT: (Chinese Version of aaPanel)
curl -sSO http://download.bt.cn/install/install_panel.sh && bash install_panel.sh





Install LNMP

Log in to aaPanel using the link and credentials showing in the command line:

[root@ocp3arm1oracle ~]# bt
===============aaPanel CLI==================
(1) Restart panel                           (8) Change panel port
(2) Stop panel                              (9) Clear panel cache
(3) Start panel                             (10) Clear login limit
(4) Reload panel                            (11) Cancel entrance limit
(5) Change panel password                   (12) Cancel domain binding limit
(6) Change panel username                   (13) Cacel IP access limit
(7) Forcibly change MySQL root password     (14) View panel default info
(22) Display panel error log                (15) Clear system rubbish
(23) Turn off BasicAuth authentication      (16) Repair panel (check for errors and update panel files to the latest version)
(24) Turn off Google Authenticator          (17) Set log cutting on/off compression
(25) Set whether to back up the panel automatically  (18) Set whether to save a historical copy of the file
(26) Keep/Remove local backup when backing up to cloud storage
(0) Cancel
===============================================
Pls enter command number:14
===============================================
EXECUTING
===============================================
==================================================================
aaPanel default info!
==================================================================
aaPanel Internet Address: http://120.28.16.109:8888/2e939bb
aaPanel Internal Address: http://10.0.0.243:8888/2e939bb
username: nkbrpcr
password: a211621
Warning:
If you cannot access the panel,
release the following port (8888|888|80|443|20|21) in the security group
==================================================================
[root@ocp3arm1oracle ~]#

After you logged in Web Gui, it will prompt you for recommended software packages, either LNMP or LAMP.

If there is any installation for LNMP not completed, you will need to install dependencies following the previous section's instruction. 




Eventually, you will have folloing packages installed. 











Install all dependencies (Optional) if App Installation Failed

To install LNMP software, you might need some dependencies installed first.
For example, to Install LNMP (Nginx2.2.4 ,PHP 8.0, Mysql 5.7)


  • yum install gcc build-essential
  • yum install gcc gcc-c++ autoconf automake
  • yum -y install zlib zlib-devel openssl openssl-devel pcre pcre-devel


If you got a message to say:
No match for argument: build-essential
Error: Unable to find a match: build-essential


We can try :
  • yum install gcc gcc-c++ make

This works equivalent of build-essential in CentOS.




You might also need following package, Libiconv

Configure libiconv:

  • ./configure -prefix=/usr/local --build arm-pc-linux
Compile and install:

  • make
  • make install

Create a link to Libiconv (创建文件链接到Libiconv库)

  • ln -s /usr/local/lib/libiconv.so /usr/lib
  • ln -s /usr/local/lib/libiconv.so.2 /usr/lib/libiconv.so.2



If install Nginx 1.21 through aaPanel or BT panel, no matter using compiled method or fast method, you will meet Error: The HTTP image filter module requires the GD library, the easy fix is to install gd and gd-devel packages.
  • yum install gd gd-devel







Enable BBR

Google developed a TCP Congestion Control Algorithm (CCA) called TCP Bottleneck Bandwidth and RRT (BBR) that overcomes many of the issues found in both Reno and CUBIC (the default CCAs). This new algorithm not only achieves significant bandwidth improvements, but also lower latency. TCP BBR is already employed with google.com servers, and now you can make it happen--so long as your Linux machine is running kernel 4.9 or newer.

BBR is a new TCP congestion control algorithm that uses estimated congestion rather than loss to determine when to back off.

wget -N --no-check-certificate https://github.com/teddysun/across/raw/master/bbr.sh && chmod +x bbr.sh && bash bbr.sh

Check if BBR has been installed and started:


sysctl net.ipv4.tcp_available_congestion_control
sysctl net.ipv4.tcp_congestion_control
sysctl net.core.default_qdisc
lsmod | grep bbr
ps -ef | grep bbr



References





No comments:

Post a Comment