wiki:ServerIntro

Version 5 (modified by davea, 10 years ago) (diff)

--

Setting up a BOINC server

You can potentially use any Unix system as a BOINC server. Our recommendations are:

  • Hardware: use a host with good CPU capacity (dual Xeon or Opteron), at least 2 GB of RAM, and at least 40 GB of free disk space. Do whatever you can to make it highly reliable (UPS power supply, RAID disk configuration, hot-swappable spares, tempurature-controlled machine room, etc.). If you anticipate a high-traffic project, use a machine whose RAM capacity is 8 GB or more and that uses 64-bit processors. If your server capacity is exceeded, you can increase capacity using multiple server hosts. However, we recommend that you not do this initially. In most cases one host is enough.
  • Software: use a recent Linux release.

Groups and permissions

BOINC server programs run as two different users:

  • The scheduler and file upload handler are CGI programs, so they run as the same user as the web server (typically user 'apache', group 'apache').
  • BOINC daemons runs as whoever created the project (let's say user 'boincadm', group 'boinc').

By default, the directories created by user apache are not world-writeable. This causes problems: for example, when the file upload handler creates a directory in the upload hierarchy, it's owned by (apache, apache), and the file deleter (which runs as boincadm) won't be able to delete the files there.

Recommended solution

Edit /etc/group so that apache belongs to group boinc, i.e. the line:

boinc:x:566:

becomes:

boinc:x:566:apache

(Apache will need to be stopped/restarted for this to take effect.)

When you create a BOINC project using make_project, the critical directories are owned by boincadm and have the set-GID bit set; this means that any directories or files created by apache in those directories will have group boinc (not group apache). The BOINC software makes all directories group read/write. Thus, both apache and boinc will have read/write access to all directories and files, but other users will have no access.

On an existing project, do:

chmod 02770 upload
chmod 02770 html/cache
chmod 02770 html/inc
chmod 02770 html/languages
chmod 02770 html/languages/compiled
chmod 02770 html/user_profiles

You may also need to change the ownership of these directories and all their subdirectories to boincadm/boinc. If you're running several projects on the same server and want to isolate them from each other, you can create a different user and group for each project, and add apache to all of the groups.

Installing BOINC software

Operating system configuration

Some parts of the BOINC server (the feeder and scheduling server) use shared memory. Hosts where these run must have shared memory enabled, with a maximum segment size of at least 32 MB. How to do this depends on the operating system; some information is here.

MySQL notes

  • After installing and running the server, grant permissions for your own account and for the account under which Apache runs ('nobody' in the following; may be different on your machine). All mysql accounts should be password protected including root.
    mysql -u root
    grant all on *.* to yourname@localhost identified by 'password';
    grant all on *.* to yourname identified by 'password';
    grant all on *.* to nobody@localhost identified by 'password';
    grant all on *.* to nobody identified by 'password';
    
  • Set your PATH variable to include MySQL programs (typically /usr/local/mysql and /usr/local/mysql/bin).
  • You'll need to back up your database. Generally this requires stopping the project, making a copy or snapshot, and restarting. An example is here.
  • BOINC gets MySQL compiler and linker flags from a program called mysql_config which comes with your MySQL distribution. This sometimes references libraries that are not part of your base system installation, such as -lnsl or -lnss_files. You may need to install additional packages (often you can use something called 'mysql-dev' or 'mysql-devel') or fiddle with Makefiles.
  • MySQL can be the bottleneck in a BOINC server. To optimize its performance, read about configuring MySQL for BOINC.
  • Notes on running MySQL on a cluster.

MySQLclient notes

  • Configure mysql with the --enable-thread-safe-client switch.
  • Set your LD_LIBRARY_PATH to refer to the correct library.

Apache notes

In httpd.conf, set the default MIME type as follows (otherwise you'll get file upload signature verification errors):

DefaultType application/octet-stream

To limit denial-of-service attacks, we recommend turning off directory indexing by adding -Indexes to the Options directive.

PHP notes

  • Make sure 'magic quotes' are enabled (this is the default). The file /etc/php.ini should contain
    magic_quotes_gpc = On
    
  • By default, BOINC uses PHP's mail function to send email to participants. This uses sendmail. If this doesn't work, you can use PHPMailer instead, which is a very flexible mail-sending mechanism. To do this:
    • Download PHPMailer and put it under PROJECT/html/inc/phpmailer.
    • Set the following variables in your PROJECT/html/project/project.inc file (substitute your own values):
       = true;
       = "xxx.xxx.xxx";
       = "smtp";