How to Install OpenVPN on CentOS 7

OpenVPN® is open-source software that lets the user implement and create virtual private networks; these networks serve as a secure connection between two points, allowing traffic to move unobstructed while remaining private and secure. OpenVPN allows peers to use a pre-shared secret key, certificate, or username and password combination to authenticate traffic and communications. It can also function in multi-client environments, providing each client with an authentication certificate from the server.


OpenVPN was first published in 2001 and has become a favorite VPN solution for multiple platforms and device types; OpenVPN functions on Windows, Mac OS X, iOS, Android, and many Linux-style systems. Additionally, OpenVPN has been enhanced and modified for use across different router firmware implementations.

Getting Started

To get started installing OpenVPN, you will need a node running on a cloud server, dedicated server, or virtual private server; your operational needs or personal preference can be the deciding factor. When you’ve chosen a node, it will need to have an up-to-date version of CentOS 7 running.

CentOS 7 is a popular Linux-style operating system and you can learn more about the CentOS Project on the project website.

Additionally, you may choose to use a domain or sub-domain later in this guide. If you’re choosing to use a domain or sub-domain, you may want to set this up before setting up OpenVPN.

How to Install OpenVPN on CentOS 7

Once you’ve chosen your cloud, dedicated, or virtual private server node, verified your CentOS 7 installation, and have root access available, you’re ready to begin. As mentioned above, if you are using a domain or sub-domain for this setup, you may want to have that available before walking through the steps to install OpenVPN.

The first step during this installation is to make sure your server node is up-to-date and then reboot, processing any updates if needed:
yum update -y && sleep 5 && reboot

After your system reboots, you can install the EPEL (Extra Packages for Enterprise Linux) repository:
yum install epel-release -y

When complete, it’s time to install OpenVPN and EasyRSA (a small key management package for use with OpenVPN) for generating RSA keys:
yum install openvpn easy-rsa -y

Once OpenVPN and EasyRSA are installed, you can copy the example configuration:
cp /usr/share/doc/openvpn-*/sample/sample-config-files/server.conf /etc/openvpn

Now it’s time to edit the server configuration file:
nano /etc/openvpn/server.conf

This step is optional, but if you want to push all traffic through the VPN, you will want to uncomment the following line:
dh dh2048.pem
user nobody
group nobody

After you’ve edited the configuration file, create a folder to store the key. Then copy the key and the script:
mkdir -p /etc/openvpn/easy-rsa/keys
cp -rf /usr/share/easy-rsa/2.0/* /etc/openvpn/easy-rsa

When you’ve finished copying the keys and script, you can edit the vars file to make changes to the default value:
nano /etc/openvpn/easy-rsa/vars

Now copy the OpenSSL configuration:
# These are the default values for fields
# which will be placed in the certificate.
# Don't leave any of these fields blank.
export KEY_CITY="Montreal"
export KEY_ORG="Globotech"
export KEY_EMAIL="abuse@example.com"
export KEY_OU="IT"
# X509 Subject Field
export KEY_NAME="server"
export KEY_CN=vpn.example.com

Then copy the OpenSSL configuration:
cp /etc/openvpn/easy-rsa/openssl-1.0.0.cnf /etc/openvpn/easy-rsa/openssl.cnf

It’s time to start generating keys and certificates. Then you can load the vars file to automate the setup process:
cd /etc/openvpn/easy-rsa
source ./vars

Before proceeding, we want to use a fresh install to clean up a bit. Make sure to do this on a fresh install, since you will lose all your certificates:

After cleaning up, we’re going to generate keys making sure to match our KEY_NAME value:
./build-key-server server

Take the generated key, copy it, and place the copy in your OpenVPN folder:
cd /etc/openvpn/easy-rsa/keys
cp dh2048.pem ca.crt server.crt server.key /etc/openvpn

Now we’re going to generate our client certificate, replacing the “client” with the username you choose:
cd /etc/openvpn/easy-rsa
./build-key client

When complete, we want to configure the routing parts of CentOS 7 for use with the VPN installation:
yum install iptables-services -y
systemctl mask firewalld
systemctl enable iptables
systemctl stop firewalld
systemctl start iptables
iptables --flush

We want to add some forwarding rules before enabling our VPN service:
iptables -t nat -A POSTROUTING -s -o eth0 -j MASQUERADE
iptables-save > /etc/sysconfig/iptables
nano /etc/sysctl.conf

net.ipv4.ip_forward = 1

Once you’ve completed your configuration and forwarding rules, it’s time to enable the OpenVPN service and start it up:
systemctl -f enable openvpn@server.service
systemctl start openvpn@server.service

After starting and enable the service, we want to configure the client, copy the “ca” certificate, and copy the “client” key. Each of these copied files is necessary to use the VPN:

To get started using the VPN, we need to create a .ovpn file configuration for use with OpenVPN:
nano client.ovpn
dev tun
proto udp
remote "your_server_ip" 1194
resolv-retry infinite
verb 3
ca ca.crt
cert client.crt
key client.key

Once you’ve created your .ovpn file it’s time to use the certificate:
Windows: Copy all file to C:Program FilesOpenVPNconfig
MacOS: Import .ovpn file with Tunnelblick
Linux: sudo openvpn --config client.ovpn


Congratulations, you’ve installed OpenVPN on your cloud or dedicated server node running CentOS 7. If you found this guide on how to install OpenVPN helpful, please share it with other users going through the same process. Additionally, check out our other guides and learn more about other options available for your cloud server or dedicated server nodes.

How to install CentOS WebPanel on CentOS 7

CentOS, short for Community Enterprise Operating System, is a Linux distribution that is free, community-supported, and enterprise-class; CentOS is designed to be usable in organizations or enterprises. CentOS 7, the operating system being used in this guide, was released in 2015 and is the current major release of this software.

To help manage the different web servers an organization may use that have CentOS installed the CentOS WebPanel was created. Web Panel offers a free control panel that provides easy supervision of dedicated and virtual private servers; Web Panel removes the need for users to use the ssh (secure shell) console for each action, providing a more user-friendly interface with a variety of options.

CentOS WebPanel

Getting Started

In this guide, we are using CentOS 7, which was first released in August of 2015. You will need a node running on a cloud server or dedicated server, and it needs to have CentOS 7 already installed.

Additionally, you will need at least one (1) dedicated IP address and a valid domain name to function as your hostname during the installation. A dedicated IP address is a unique address that is assigned to a single hosting account; using a dedicated address allows you to view the site via the IP address and provides faster response times even during high traffic loads.

Once you have a virtual or dedicated installation of CentOS 7, an IP address, and a valid domain name, you’re ready to start installing CentOS WebPanel.

Installing the CentOS WebPanel on CentOS 7

The first step to installing Web Panel is verifying that your CentOS 7 installation is updated and running the most recent version of the software. The CentOS Project website provides additional details about current releases, upcoming changes, and release notes; you can verify your CentOS version number with the current release listed on the project website.

To verify that your operating system is current, you can run the following command:
yum update -y && sleep 5 && reboot

Once you’ve run any necessary updates, it’s time to set your hostname and verify that the hostname resolves to your dedicated IP address:
hostnamectl set-hostname server.example.com

After assigning the hostname and verifying it resolves to your IP address, make sure that you meet the requirements for the installation script with the following command:
yum install wget -y

When verification is complete, you can proceed with the Web Panel installation script:
cd /usr/local/src
wget http://centos-webpanel.com/cwp-el7-latest
sh cwp-el7-latest

Wait for the installation to complete, and then it’s time to check the success of your Web Panel install. You can access the control panel at http://SERVER-IP:2030/, replacing “SERVER-IP” with your IP address.

Your username will be “root,” and your password will be your selected root password.

Username: root
Pass: Your root password.


Congratulations, you’re installed the CentOS 7 WebPanel and are ready to start using your control panel instead of an ssh console. In this guide, we’ve walked through the steps to install the Web Panel on your node running CentOS 7. If you found this guide helpful during the process, please share it with other users walking through the same process.

How to Install Galera on CentOS 7

Galera is a shortened name for Galera Cluster, which is a multi-master database cluster that provides synchronous replication for MySQL or MariaDB. With Galera in use, the read and write requests can be directed to different nodes based on need; this allows a node to be compromised or lost without experiencing an interruption in normal operation. Galera provides improvements for high levels of availability in MySQL and MariaDB; Galera manages to offer robust data integrity and performance in ways that previous solutions have failed to accomplish.

Install Galera

Getting Started

To get started installing Galera on CentOS 7, you will need to have three nodes that already have Linux CentOS 7 installed, up to date, and running with root access. The nodes you choose can be on a cloud server or a dedicated server, whichever you prefer.

How to Install Galera on CentOS 7

Mentioned previously, the first thing to do is to ensure that you have root access to your node and the CentOS 7 operating system.

First, you will need to disable SELinux on each of the three CentOS 7 nodes you have running:
Local IP :
node1 :
node2 :
node3 :

Once the nodes have SELinux disabled, it’s time to create the MariaDB repository to install Galera on each of the three nodes:
nano /etc/yum.repos.d/mariadb.repo
name = MariaDB
baseurl = http://yum.mariadb.org/10.0/centos7-amd64

After the repository has been created, it’s time to install Galera and any software requirements on each of the three nodes:
yum install MariaDB-Galera-server MariaDB-client rsync galera socat -y

Now you can start MySQL and secure MySQL on each node:
systemctl start mysql
systemctl stop mysql

When MySQL is secured, you can add the Galera configuration to each node:
nano /etc/my.cnf.d/server.cnf

There are changes that need to be made to the second and third node.

The change to node 2:

The change to node 3:

After completing the changes, start the cluster on node 1 only:
/etc/init.d/mysql start --wsrep-new-cluster

When complete, it’s time to log into MySQL on each node to verify the cluster is functioning correctly:
systemctl start mysql

Now you can create a database to test the cluster on node 1:
mysql -u root -p
MariaDB [(none)]> show status like 'wsrep%';

| wsrep_local_state_comment | Synced |
| wsrep_incoming_addresses |,, |
| wsrep_cluster_size | 3 |

It’s time to log into node 2 and node 3, checking if the database created in node 1 exists:
MariaDB [(none)]> create database globotech;
MariaDB [(none)]> show databases;
| Database |
| globotech |
| information_schema |
| mysql |
| performance_schema |
4 rows in set (0.00 sec)


Congratulations, you’ve successfully completed the installation of Galera on your nodes running CentOS 7. Now you can move your database cluster into production. If you found this tutorial helpful, please share it with other users setting up Galera on CentOS as well.

The Apache Foundation

How To Set Up Apache Virtual Hosts on CentOS 7

An Apache Virtual Hosts allows multiple websites to run on the same server. If you only have one CentOS 7 server or VPS, this is an efficient way to host multiple sites or domains that are cleanly separated from each other. There is no limit to the number of virtual hosts for the Apache server however you must keep your hardware limitations in mind.

Getting Started

To complete this walkthrough successfully the following are required:
• A node (Dedicated or Cloud Server)running CentOS 7
• All commands must be entered as root
• A complete LAMP implementation

Tutorial – Apache Virtual Hosts

For the purpose of this article, we will set up a virtual host for globo.tech on our instance of Apache.

We will start with disabling SELinux. This will make testing the setup easier and can be re-enabled later with the proper context to handle the new virtual host.
setenforce 0
sed -i 's/enforcing/disabled/' /etc/sysconfig/selinux
sed -i 's/enforcing/disabled/' /etc/selinux/config

Each virtual host must have its own top-level directory under /var/www. Use the mkdir command to create the directory for globo.tech and the public_html subdirectory.
mkdir -p /var/www/globo.tech/public_html/

Since this directory is owned by the root user, we will need to specifically grant access rights to Apache.
chown -R apache. /var/www/
chmod -R 755 /var/www/globo.tech/

Apache will also need to know where to look for additional *.conf files as each virtual host will have one. Open the main configuration file for Apache at /etc/httpd/httpd.conf and add this line at the end.
nano /etc/httpd/conf/httpd.conf
IncludeOptional sites-enabled/*.conf

Now we will create two additional folders enable virtual hosts on the system. One directory will hold all the virtual host files while the other will hold symbolic links for each virtual host published by Apache.
mkdir /etc/httpd/sites-available
mkdir /etc/httpd/sites-enabled

Once that is done we can create the *.conf file for the virtual host. In this case, we will create the globo.tech.conf file in /etc/httpd/site-available directory. Remember that we’ve already instructed Apache to look for additional config files at this location.
cd /etc/httpd/sites-available/
nano globo.tech.conf

<VirtualHost *:80>
ServerAdmin webmaster@globo.tech
ServerName www.globo.tech
ServerAlias globo.tech
DocumentRoot /var/www/globo.tech/public_html
ErrorLog /var/www/globo.tech/error.log
CustomLog /var/www/globo.tech/access.log combined

Then we will need to create the symbolic link for globo.tech in the /etc/httpd/sites-enabled directory.
ln -s /etc/httpd/sites-available/globo.tech.conf /etc/httpd/sites-enabled/globo.tech.conf

After all the above steps have been completed, it is now time to restart Apache. Use this command in order for the server to publish the globo.tech virtual host.
systemctl restart httpd.service

If the instructions have been followed completely, you can place your website files in the root document directory of globo.tech at /var/www/globo.tech/public_html. All you need to do is point your browser to the domain name at the server IP to see your virtual host.


We hope you have enjoyed learning about setting up an Apache virtual host on CentOS 7. You can always experiment further by adding more sites to your server. If you have found this article useful, please consider sharing it.

How to Install Cassandra on CentOS 7

Cassandra is a reliable, clusterable, highly-scalable database capable of handling large quantities of data on commodity hardware. If you have big data needs, and are looking for a proven open source solution that has received battle testing from many large companies, then Cassandra may be exactly what you’re looking for. If you have a CentOS 7 server, this guide will get you up and running with a single Cassandra node. It will use pre-packaged Cassandra distributions built for CentOS, making installation and upgrades a snap. You can then build it out by performing additional installations on other servers, then clustering the resulting instances for higher scalability and reliability. This article will guide you on how to install Apache Cassandra on CentOS 7 Server.

Getting Started

You’ll need the following in place in order to complete this guide:
• 1 server (Cloud Server or Dedicated Server) with CentOS 7
• Root access


Begin by applying all available patches and security updates to your CentOS 7 server.

yum -y update

Cassandra is written in Java. As such, you’ll need the Java VM installed in order to run it. Do so via Yum.

yum -y install java

Packages for Cassandra are shipped in a Datastax repository. In order to automatically retrieve these packages, and to fetch upgrades in the future, we’ll create this repository so Yum can use it.

nano /etc/yum.repos.d/datastax.repo

name = DataStax Repo for Apache Cassandra
baseurl = http://rpm.datastax.com/community
enabled = 1
gpgcheck = 0

Now Cassandra is ready to be installed.

yum -y install dsc20

With Cassandra installed, we must now start the daemon via systemd.
/etc/init.d/cassandra start

The systemd unit is now created. Use “systemctl start cassandra” to launch the new unit.

systemctl enable cassandra.service

While the database should be running, it is not yet configured to launch on boot. Let’s tell systemd that Cassandra should automatically launch whenever your system boots.

[root@cassandra ~] systemctl status cassandra

cassandra.service - SYSV: Starts and stops Cassandra
Loaded: loaded (/etc/rc.d/init.d/cassandra)
Active: active (exited) since Thu 2016-09-15 04:36:47 UTC; 14s ago
Docs: man:systemd-sysv-generator(8)
Process: 9413 ExecStart=/etc/rc.d/init.d/cassandra start (code=exited, status=0/SUCCESS)

Let’s ensure that Cassandra is running using this command.

[root@cassandra ~] cqlsh

Connected to Test Cluster at localhost:9160.
[cqlsh 4.1.1 | Cassandra 2.0.17 | CQL spec 3.1.1 | Thrift protocol 19.39.0]
Use HELP for help.

Cassandra ships with a powerful command line utility, cqlsh. Launch it to perform various vital tasks with your database.

[root@cassandra ~] nodetool status

Datacenter: datacenter1
|/ State=Normal/Leaving/Joining/Moving
-- Address Load Tokens Owns (effective) Host ID Rack
UN 46.21 KB 256 100.0% 7dd2b7d9-404e-4a77-a36d-cc8f55168c0d rack1
[root@cassandra ~]#

Likewise, the nodetool command shows the status of your Cassandra node.


You now have a fresh Cassandra instance into which you can load large amounts of data. Share this guide with anyone you may know of who is in search of a big data solution, so they too can enjoy the benefits of an easy Cassandra installation. If you found this article helpful, feel free to share it with your friends and let us know in the comments below!

Swapping is a valuable Linux process that can allow you to essentially add more memory to your Linux instance than it actually possesses by overwriting new new information into a preconfigured swap space. By default, our GloboTech Cloud instances come without swap enabled as swap can slow down the performance of a system. However, depending on your landscape you may still find the ability to artificially increase your memory a useful tool even at the cost of some performance.

Swapping will first and foremost allow you to circumvent a system needing more memory than is physically available. If a running process does not have enough memory, your Linux instance will switch to using the swap space and start swapping out less used RAM (random access memory) chunks known as pages and giving this memory to the process. In any Linux system, a significant number of memory pages that used by applications are in fact only used during their initialization. This means that even when running at full memory capacity, your Linux system will still have the capacity to utilize swap and free the memory from these unused pages.

However, as stated above, swapping does have a downside as it can be a slow process due to its direct reading and writing off of the main hard disk instead of to memory. While memory speeds are measured in nanoseconds, disk speed is instead measured in milliseconds. This means that when using swap, you may find that accessing the disk can be even tens of thousands of times slower than accessing the physical memory, and the more swapping that occurs, the slower your system will become. If you have an instance that a system is constantly swapping memory, and not only for a few particular use cases, then the only true solution will be increasing the RAM. If not, then swap is a reliable choice that can save you trouble in situations of tight memory availability. Without swap on your server, you can run into cases where your instance is simply out of memory and will crash, taking your applications temporarily offline. This makes swap ideal as a back-up plan in the case that your memory is overloaded, so that you can rest in peace knowing your system will be protected from memory-induced crashes.

If you find swap to be a good choice for your Linux-based instance, this guide will show you how you can add swap memory to your GloboTech Linux-based instance. Note that the information in this guide will pertain to the majority of Linux-based distributions such as CentOS, RHEL, Fedora, Ubuntu, and Debian.


Swap memory can be allotted to your instance in one of two ways. The first, more complicated method requires the creation of a new partition to be used for swapping. For this, you will oftentimes have to repartition your disk in order to create the empty partition required and this can create more difficulties for your landscape and can be rather risky.

The second method, creating a swap file, removes this requirement and is the preferred way to add swap memory with as little impact as possible on your existing infrastructure. The swap file acts as a swap partition with the advantage being that you will not need an actual empty partition or need to repartition the disk to use it. The size allotted to the file will determine the amount of swap memory that will be available on your server. This is the easiest method of adding swap memory as it is fail-proof, requires zero risky repartitioning, and can be done in only a few easy steps.

1. Ensure you have enough space

The swap file we create will require filesystem space. You will need to check your available space to make sure that you have enough by using the command:

df -h

The output should show something like the following example, where you can see that we have 8.8GB available on the disk:

Filesystem Size Used Avail Use% Mounted on
udev 491M 0 491M 0% /dev
tmpfs 100M 4.4M 95M 5% /run
/dev/sda1 9.7G 877M 8.8G 9% /
tmpfs 497M 0 497M 0% /dev/shm

2. Allocate the swap file

Having ensured that we have enough space on our system, we will now actually create the swap using the fallocate utility. You can also create your swap file using dd, but the fallocate tool is quicker and simpler to use and is the preferred method. Since our system only has 8.8GB of available disk space, we will create a swap file that is 1GB only. If you have more space on your system, you can create a larger swap file. As the root user, execute the following command replacing the size with your desired size to create a swap file in /swapfile. Use M to indicate Megabytes and G for Gigabytes when giving the size:

fallocate -l 1G /swapfile.swap

If you run into any issues using fallocate, you can always use dd as a fallback. Execute the following as root:

dd if=/dev/zero of=/swapfile.swap bs=1024 count=1048576

3. Set file permissions

With the file created, we will need to set restrictive permissions on it in order to prevent it from accidental alterations by system users, which would break the file.

chmod 600 /swapfile.swap

4. Prepare the swap file

Next, we will use the mkswap utility to configure the created file to be used as swap space. Execute the following command to turn the file into swap:

mkswap /swapfile.swap

5. Mount the swap file

The file is not yet available in your system until you mount it. Activate it using swapon:

swapon /swapfile.swap

To make the changes permanent, we will add the swap file to the fstab file. This will allow the new swap file to be mounted automatically on boot. Open the /etc/fstab file in any text editor such as nano shown below:

nano /etc/fstab

Add the following line to the file:

/swapfile.swap none swap defaults 0 0

6. Prevent system processes from abusing of the swap

Since swap memory is not as able to handle heavy usage as regular RAM without taking performance hits, we can takes steps to ensure that processes won’t abuse the swap space. This will help keep your system from slowing down, and can be accomplished by modifying the swappiness sysctl parameter. This parameter represents the preference/avoidance of the kernel for swap space, and can take any value from 0 to 100 with the default being 60. A lower swappiness value will improve the responsiveness on your system by reducing RAM swapping. Set the swappiness by opening the sysctl file in any text editor (for example, nano):

nano /etc/sysctl.d/99-sysctl.conf

Find the line for the vm.swappiness parameter, and modify it to look like the following with a swappiness value of 10:


Save and close the file when you are finished.


Congratulations! Having completed all steps in this guide, your Linux instance. Now that all steps are completed, your system has a permanent swap file created which will be auto mounted at every reboot. Enjoy the extra memory!

Ark: Survival Of The Fittest

How to install ARK: Survival of the Fittest server on CentOS 7

Ark: Survival of the Fittest is a popular action game that features survival-themed crafting, combat, and most notably, the ability to tame and ride dinosaurs. Ark: Survival of the Fittest is a special game mode with fast-paced rounds in which the last player standing wins.

Ark: Survival of the Fittest must be played using specific servers. This guide will walk you through the steps of setting up this server on CentOS 7.

Getting started

Here’s what you’ll need in order to install the Ark: Survival of the Fittest server:
• 1 server (Cloud Server or Dedicated Server) running a fresh installation of CentOS 7.
• Root access to the server
• For basic support of up to 10 players, 2 vCores and 6GB of RAM or the equivalent will be needed.


The very first step is to update your system. This is also the time to install the basic dependencies.

yum update -y
yum install nano wget tar glibc.i686 libgcc.i686 libstdc++.i686 -y

Create an user specifically to access the Steam related content you’ll need for installation. It’s unsafe to use the root user for this purpose.

adduser -s /usr/sbin/nologin steam

Let’s make some quick preparations to your system before installation. First, for the purposes of the server, you’ll need to increase the amount of simultaneous system files that can be opened by altering sysctl.conf.

echo "fs.file-max=100000" >> /etc/sysctl.conf
sysctl -p

Then, alter the system limits configuration file with the following:

echo "* soft nofile 1000000" >> /etc/security/limits.conf
echo "* hard nofile 1000000" >> /etc/security/limits.conf

Finally, enable the PAM limits module on the system to prepare it for use as a multiuser server.

echo "session required pam_limits.so" >> /etc/pam.d/system-auth

Now you can proceed with the installation of the Ark: Survival Evolved server.

cd /home/steam
/home/steam# su -s /bin/bash steam
wget https://steamcdn-a.akamaihd.net/client/installer/steamcmd_linux.tar.gz
tar -zxvf steamcmd_linux.tar.gz
rm steamcmd_linux.tar.gz

After entering the Steam command line interface, type this command to install the game server.

login anonymous
force_install_dir ./arkserver
app_update 445400 validate

You will have to wait while the server software downloads. This can take a variable amount of time depending on your connection, but you are done once you see the following.

Update state (0x61) downloading, progress: 99.95 (3222988684 / 3224465090)
Success! App '445400' fully installed.

Now that the server is installed, exit the command line interface with quit.

Switch over to the root user so you can set up the server configuration.

In order for the Ark server to automatically start on boot, you can create an init script. This is what you will name it:

nano /etc/systemd/system/arkserver.service

And now, simply add the following content to the file: (Make sure that the ExecStart line corresponds to what you had in the previous file)

Description=ARK Survival Server
ExecStart=/home/steam/arkserver/ShooterGame/Binaries/Linux/ShooterGameServer TheIsland?listen?SessionName=?ServerPassword=?ServerAdminPassword= -server -log
ExecStop=killall -TERM srcds_linux

Now start the Ark server, and enable it to start on boot.

systemctl --system daemon-reload
systemctl start arkserver.service
systemctl enable arkserver.service

Use systemctl to verify that the server is actually running. Here’s the command you should use, and an example of expected output:

service arkserver status

? arkserver.service - ARK Survival Server
Loaded: loaded (/etc/systemd/system/arkserver.service; disabled; vendor preset: disabled)
Active: active (running) since Fri 2016-08-12 23:57:27 UTC; 3s ago
Main PID: 27027 (ShooterGameServ)
CGroup: /system.slice/arkserver.service
??27027 /home/steam/arkserver/ShooterGame/Binaries/Linux/ShooterGameServer TheIsland?listen?SessionName..

Adjust the firewall rules from the default settings. (If you have already altered the firewall in some way, you may need to make further adjustments.) You’ll have to open up these ports to allow traffic to flow to and from the Ark server:

firewall-cmd --add-port=27015/udp
firewall-cmd --add-port=7777/udp
firewall-cmd --add-port=32330/tcp

This is what each port is for:
• UDP 27015: Query port for Steam’s server browser
• UDP 7777: Game client port
• TCP 32330: RCON for remote console server access (optional)

Here’s an equivalent command you can use with iptables, if you prefer:

iptables -A INPUT -p udp -m udp --sport 27015 --dport 1025:65355 -j ACCEPT
iptables -A INPUT -p udp -m udp --sport 7777 --dport 1025:65355 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --sport 32330 --dport 1025:65355 -j ACCEPT


Installation is now complete. If you’ve set it up properly, you should now be able to host games of Ark: Survival of the Fittest for up to 10 players. Add more vCores and RAM to enable even more players to join your server.

The Linux, Apache, MySQL and PHP (LAMP) stack is a versatile application environment. Resource use and configuration is minimal, making it a prime candidate for commodity hosting environments. Deployment is easy, and ranges from making simple in-place edits to full virtualization and containerization. Developers are familiar with LAMP, and it is simple to gain and acquire talent to build and launch LAMP-based applications and sites. This guide will deploy a secure and capable LAMP stack on the CentOS 7 operating system.

Getting Started

Before you begin, make sure you have the following:
• 1 server (Cloud Server or Dedicated Server) running a fresh installation of CentOS 7

At this guide’s conclusion, this server will be capable of hosting one or more LAMP-based sites.


Let’s go. Start by updating all the installed packages on your server. This will apply all current bugfixes and security patches. When complete, reboot so the new server environment is active. Perform this step regularly to keep your system updated and secure.

yum update -y && shutdown -r now

We’ll begin by installing the Apache web server. Apache will both serve up your content and interpret PHP scripts. This is easier to reason about than other solutions, which split PHP execution into separate processes.

yum install httpd

Now we start the Apache server.

systemctl start httpd.service

We must also enable it to start on boot, otherwise it will not launch automatically when the system restarts.

systemctl enable httpd.service

Next we’ll install the database. Instead of MySQL, we’ll use MariaDB. MariaDB is a drop-in MySQL replacement that is backwards-compatible with MySQL and all of its tooling. It includes a number of additional storage engines and scalability features that make it a better fit for large-scale database use.

Start by installing the mariadb package.

yum install mariadb-server mariadb

Again, we’ll start the server itself.

systemctl start mariadb

We now need to set the MySQL root password, which is needed for administering databases and permissions. When asked for your current root password, simply press enter. Keep this password in a secure place, as you’ll need it whenever adding or modifying databases.


Set root password? [Y/n]
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
... Success!
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n] y
... Success!
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] y
... Success!
By default, MariaDB comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] y
- Dropping test database...
... Success!
- Removing privileges on test database...
... Success!
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] y
... Success!
Cleaning up...
All done! If you've completed all of the above steps, your MariaDB
installation should now be secure.
Thanks for using MariaDB!

You can now enable MariaDB to start on boot.

systemctl enable mariadb.service

Next we install the PHP runtime. We’ll begin by installing the base package needed by all PHP scripts.

yum install php php-mysql

With PHP installed, Apache must be restarted so it integrates with the newly-installed runtime.

systemctl restart httpd.service

PHP is an incredibly modular language. Chances are high that you’ll need a number of extensions to deploy or develop PHP apps. Many of these modules are packaged for CentOS. Here we show how to use Yum to find and install the php-gd module. Use this for any modules your PHP site requires.

yum search php-
php-bcmath.x86_64 : A module for PHP applications for using the bcmath library
php-cli.x86_64 : Command-line interface for PHP
php-common.x86_64 : Common files for PHP
php-dba.x86_64 : A database abstraction layer module for PHP applications
php-devel.x86_64 : Files needed for building PHP extensions
php-embedded.x86_64 : PHP library for embedding in applications
php-enchant.x86_64 : Enchant spelling extension for PHP applications
php-fpm.x86_64 : PHP FastCGI Process Manager
php-gd.x86_64 : A module for PHP applications for using the gd graphics library
php-intl.x86_64 : Internationalization extension for PHP applications
php-ldap.x86_64 : A module for PHP applications that use LDAP
php-mbstring.x86_64 : A module for PHP applications which need multi-byte string handling
php-mysql.x86_64 : A module for PHP applications that use MySQL databases

yum install php-gd -y

We’re almost done. Let’s test the installation to ensure everything is working.

cd /var/www/html

In CentOS, the document root directory is /var/www/html. All of your PHP scripts must be located here by default in order to be run by Apache.

To test, we’ll create a PHP info file at index.php. This will use a simple function call to display lots of information about your PHP environment. More fundamentally, it will ensure that Apache is executing PHP scripts. The file should be called index.php.

nano index.php


To test your environment, access your server at http://your_ip. If that doesn’t work, try http://your_ip/index.php. If all goes well, you’ll see lots of PHP diagnostic details about the environment and loaded modules.


You now have a flexible environment into which you can deploy any number of PHP sites. Simply upload a PHP application, follow its installation instructions, and easily run blogs, wikis or other powerful tools and services. If you found this article helpful, feel free to share it with your friends and let us know in the comments below!

How to setup a MySQL Master-Slave Replication on CentOS 7

MySQL replication is a technique by which a master database will be automatically copied to one or more slave databases, making data backup, recovery, and analysis a much easier prospect. The following guide will walk you through a basic MySQL replication setup using just two servers, one master and one slave. We’ll also be using MariaDB, a popular drop-in replacement for MySQL.

Getting Started

Before you begin, make sure you have the following:
• 2 servers (Cloud Server or Dedicated Server), both running a fresh installation of CentOS 7
• Root access to both machines


Note: these are the local IP addresses our servers will be using for the purposes of this guide.
• Server Master IP:
• Server Slave IP:

Before starting, we need to make sure that Selinux is disabled on each of our servers.

setenforce 0
sed -i 's/enforcing/disabled/' /etc/sysconfig/selinux
sed -i 's/enforcing/disabled/' /etc/selinux/config

Let’s also install MariaDB on each server, making sure to secure the installation.

yum install mariadb-server mariadb -y
systemctl start mariadb.service

Now we can begin the setup, focusing first on the master server. Go to my.cnf on the master server and add these 3 lines:

nano /etc/my.cnf


Replace globotech with the name of the database that you want to replicate.

To save the changes, you will have to restart MariaDB.

systemctl restart mariadb.service

Now let’s load up MariaDB itself so that we can better configure the replication.

mysql -u root -p

MariaDB [(none)]> grant replication slave on *.* to 'slave_user'@'%' identified by 'globopassword';
MariaDB [(none)]> flush privileges;

Replace slave_user with the slave username and globopassword with its password.
MariaDB [(none)]> show master status;
| File | Position | Binlog_Do_DB | Binlog_Ignore_DB |
| mariadb-bin.000001 | 475 | | |
1 row in set (0.00 sec)

Make a note of the log file “mariadb-bin.000001” and the log position “475” for later on in the guide.
MariaDB [(none)]> exit

The next step is to configure with the slave server. Like before, open up its my.cnf and add these 2 lines:

Of course, replace globotech with the name of your own database.

Next, restart MariaDB so the changes will be recognized.

systemctl restart mariadb.service

We will now configure the slave to connect to the master.

mysql -u root -p

MariaDB [(none)]> stop slave;
MariaDB [(none)]> change master to master_host='' , master_user='slave_user' , master_password='globopassword' , master_log_file='mariadb-bin.000001' , master_log_pos=475;
MariaDB [(none)]> start slave;

Replace with the IP address for your master server, and add in the log file and log position that you noted earlier.

We’re almost done. Let’s check the replication status.

MariaDB [(none)]> SHOW SLAVE STATUS\G;
*************************** 1. row ***************************
Slave_IO_State: Waiting for master to send event
Master_User: slave_user
Master_Port: 3306
Connect_Retry: 60
Master_Log_File: mariadb-bin.000001
Read_Master_Log_Pos: 475
Relay_Log_File: mariadb-relay-bin.000002
Relay_Log_Pos: 531
Relay_Master_Log_File: mariadb-bin.000001
Slave_IO_Running: Yes
Slave_SQL_Running: Yes
Replicate_Do_DB: globotech
Last_Errno: 0
Skip_Counter: 0
Exec_Master_Log_Pos: 475
Relay_Log_Space: 827
Until_Condition: None
Until_Log_Pos: 0
Master_SSL_Allowed: No
Seconds_Behind_Master: 0
Master_SSL_Verify_Server_Cert: No
Last_IO_Errno: 0
Last_SQL_Errno: 0
Master_Server_Id: 1
1 row in set (0.00 sec)

Finally, let’s test that replication is actually occurring. Log in to the master server and enter MariaDB.

mysql -u root -p

Create the database globotech and insert a table.
MariaDB [(none)]> create database globotech;
MariaDB [(none)]> use globotech;
MariaDB [globotech]> create table staff (c int);
MariaDB [globotech]> insert into staff (c) values (3);
MariaDB [globotech]> select * from staff;
| c |
| 3 |
1 row in set (0.00 sec)

Once logging into the slave server, you should see the same database and table.
mysql -u root -p

MariaDB [(none)]> use globotech;
MariaDB [globotech]> select * from staff;
| c |
| 3 |
1 row in set (0.00 sec)


With MySQL (or in this case, MariaDB) replication, you’ll be able to better protect your databases in the case of failure, and safely analyse data without worrying about corrupting your production copy. If you found this article helpful, feel free to share it with your friends and let us know in the comments below!

How to install Counter-Strike: GO server on CentOS 7

Counter-Strike: Global Offensive, also known as “GO” or “CS:GO” for short, is the fourth game in the popular Counter-Strike game series developed by Valve and distributed on its online platform, Steam. Able to run as a console game on Windows, MacOSX, and most recently, Linux, Counter-Strike:GO is a first-person shooter that features brand new maps, characters, and game modes alongside with classic Counter-Strike content. This game is notable for the fact that it allows players to host their own servers, resulting in a high degree of possible gameplay through the ability to introduce individual customization. The high flexibility in gameplay thanks to the personal servers makes Counter-Strike:GO a game that will entertain most people, and can provide a good break from a hard day’s work.

If you are interested in setting up your CentOS 7 server to run Counter-Strike: Global Offensive, this guide will show you the necessary steps.

Getting Started

The following prerequisite is necessary to complete this tutorial:
• 1 Node (Cloud Server or Dedicated Server) running CentOS 7.
• Root access to the node.

In this tutorial, a new user will also be created specifically for running the game. If you want to enable online play, you will additionally need the following (optional):
• Steam Account
• Counter-Strike: Global Offensive Game Ownership


Before we can progress to the actual installation and setup process of Counter-Strike:GO for your server, it is good practice to ensure that you have the latest information from the Linux package repository concerning available packages and package versions. Using the default package manager, yum, we can fetch this information first with the command update, before then upgrading the available packages. Make sure your system is up to date by executing these two commands as root to update the information and then upgrade required packages. If you are not the root user, but your current user has superuser privileges, precede both of the following commands (and all further root commands) with the additional command sudo to execute it as root. You may be prompted for the root password when using sudo.

yum update
yum upgrade

Counter-Strike:GO uses the digital distribution platform Steam, which is also developed by Valve. In order to be able to access Steam as well as complete the rest of the tutorial, you will need to install the following prerequisite libraries and packages using yum, this time with the install command:

yum install glibc.i686 libstdc++.i686 wget nano tar screen

With the prerequisites installed, now it is time to create a new user on our system to handle all Steam-related content. Ensure that you are logged in as root or can use sudo, then execute the following two simple commands. The first command will create the new user, while the second will then set the password. In our tutorial, we will name the user “csgo,” but you are free to replace the text below with whichever name you choose. This also applies to the password, which for the case of simplicity we have kept the same as the username.

adduser csgo
passwd csgo

Installing Steam and Counter-Strike:GO

At this point in the guide, we will switch to the Steam user we just created with the command su. Upon entering this command, you will be prompted for the Steam user’s password. Afterwards, we will navigate to that user’s home directory by using the ~ shortcut:

su csgo
cd ~

As the GO user, you will need to install the SteamCMD software in order to be able to install the Counter-Strike server. This software will allow you to interact with the Steam digital platform in order to download and manage games and applications such as Counter-Strike:Global Offensive. Download the SteamCMD package as an archive using the web utility wget:

wget https://steamcdn-a.akamaihd.net/client/installer/steamcmd_linux.tar.gz

The file downloaded above is a compressed TAR archive that containers the installer for SteamCMD. To be able to access its contents and run the installation script, you will need to unarchive the file using the command tar.

tar xf steamcmd_linux.tar.gz

Next, we will open the Steam command line interface, from which we will be able to install the Counter-Strike:GO server. First, ensure that you are in the correct directory that has the SteamCMD script. This directory should be located at the following location in the csgo home repository:

cd ~/Steam

Open the SteamCMD interface by running the steamcmd.sh bash script from the unarchived package:


By running steamcmd.sh, you will open the terminal shell for SteamCMD. In this command line interface, you must execute the following commands, which will login to Steam as an anonymous user in order to force install Counter-Strike:GO to the /csgo directory. Note that the 740 in the final line refers to the Counter-Strike:GO application and is its identification code for updates.

login anonymous
force_install_dir ./csgo
app_update 740 validate

The installation process will complete when all the contents are downloaded and the screen will say the following message:

Success! App '740' fully installed

When your installation has completed, you will need to return to the csgo user shell. To exit the SteamCMD interface, type the following and press the Enter key:


Note that for updating your Counter-Strike:GO server, you will need to run the above commands in SteamCMD from open to exit each time you want to update.

As the SteamCMD installer has installed Counter-Strike:GO in the Steam user’s location, we will switch back to the csgo user in order to complete the remainder of the setup for Counter-Strike:GO. As a reminder, you can switch back to the root user at any time by opening a new root user shell or by exiting the current csgo user shell. To open a new root shell when you need it, type the following and give the root password when prompted:


Setting Up Remote Play

The current setup without any further configuration will limit players only to local connections, known as LAN. This means that other players on the same network as you will be able to access the server, but it will be inaccessible to other networks. In order to be able to connect to the Internet and play remotely with other users, you will need to obtain something called a “Game Server Login Token,” or GSLT. This token can only be obtained if you have a Steam account and own the Counter-Strike: Global Offensive game. For more information, you can see Valve’s wiki page, which covers what is needed to play online.

We will briefly cover how to register the game server login token, also known as the “GSLT,” if you do in fact have both a Steam account and own the original game. As per the wiki page instructions, you must access the following URL:


At the above URL, you will need to login with the Steam account that possesses Counter-Strike:GO. There, you will find a creation utility. Follow the on-screen instructions, using the App ID 730. Note that although the application itself is 740 (as in the case when updating with SteamCMD above), you will need to use the ID 730 for the token registration online. The creation utility will also prompt you to set an optional memo describing your new server. After validating the form, you will be provided with the GSLT and some information concerning the server, such as the last connection made. This page should look similar to the following:

Authentication token (GSLT)
Last connection
730 *********************************

After you have copied the token, you will need to use the sv_setsteamaccount command in order to enable online play. Replace LOGIN_TOKEN in the line below with your own token value and execute:

sv_setsteamaccount LOGIN_TOKEN

It is important to provide the token information to Counter-Strike:GO before the configuration file for the server, as is detailed further on in this tutorial. The reason is that the server.cfg file used for server configuration is executed too late in the startup process for the GLST to be registered, resulting in your server failing during login.

Configuring the Counter-Strike:GO Server

The Counter-Strike:Global Offensive server configuration file will allow you to make the modifications you want to your server. Open and/or create this file for editing using the nano text editor in the same location as your CS:GO user’s home repository:

nano ~/csgo/csgo/cfg/server.cfg

Within this file, add the following lines, replacing the text ServerName and RconPassword with your desired values for the server. These will be used by individuals in order to access it:

hostname "ServerName"
rcon_password RconPassword

Beyond these two basic settings, you can find far more in the developer wiki for Counter-Strike: Global Offensive. Save and close the file for the changes to take into effect. You can start up your CS:GO server at any time by using the following command:

cd /home/csgo/csgo/
screen -dmS csgo ./srcds_run -game csgo -console -port 27015 +game_type 0 +game_mode 1 +mapgroup mg_bomb +map de_nuke -autoupdate

To make your life easier, you can also easily create a small script that will start up your server for you. Create the following file using the text editor nano:

nano ~/startcsgo.sh

Edit this file to have the following contents. You may need to ensure that the directories correspond correctly to your own file structure.

cd /home/csgo/csgo
screen -S "Counter-Strike: Global Offensive Server" ./srcds_run -game csgo -usercon +game_type 0 +game_mode 1 +mapgroup mg_bomb +map de_dust2

Notice that the command above used the value 1 after game_mode and 0 after game_type. These two options are used to determine the gameplay on your server. You have the following possible combinations to modify the gameplay:

Mode game_mode game_type
Classic Casual 0 0
Classic Competitive 0 1
Arms Race 1 0
Demolition 1 1

When you have configured the file as you want, save and close. To be able to execute this file, you will need to edit its permissions using the command chmod to add the +x for “executable” to the script:

chmod +x ~/startcsgo.sh

Since we created this file, we can now also use it instead of the above command to start the server by running it as the CS:GO user:

cd ~/ && ./startcsgo.sh

On CentOS 7, systemd is responsible for starting up various programs to run on boot. You can use systemd to enable your Counter-Strike:GO server start up at boot. To do this, we will need to create a new service named for CS:GO. As the root user, use nano to open up the following file in the folder for systemd:

nano /lib/systemd/system/csgo.service

Input the following text into the file in order to create the daemon for systemd. Replace the text GSLT_CODE with the actual code of your token. Note again that the game mode and game type have been set. These you are free to modify as you wish according to the instructions following the initial, simple startup script.

Description=My CSGO Server
ExecStart=/home/steam/csgo/srcds_run srcdds -game csgo -console -usercon +game_type 0 +game_mode 1 +mapgroup mg_active +map de_dust2 +sv_setsteamaccount GSLT_CODE -net_port_try 1
ExecStop=killall -TERM srcds_linux

Having saved and closed the file, it is necessary to update your CentOS 7 system with the information about the new service we just added. Interact with systemd by using the command systemctl as root:

systemctl --system daemon-reload
systemctl start csgo.service
systemctl enable csgo.service

You can now easily check if the Counter-Strike:GO server is running with one simple call to systemctl to check its status:

systemctl status csgo.service

Configuring Your Firewall

If you have a firewall running on your server, which is likely as it runs by default for fresh server installations, you will also need to open up some ports so that the Counter-Strike:GO server will be able to be accessed. You have two options at this point: choose to remain with firewalld, or switch to iptables configurations. We recommend sticking with firewalld, as it is the default shipped with CentOS 7. However, those who have previously had experience with iptables may prefer it so we have also provided the instructions for how to configure the firewall.

Recommended Firewall Option: firewalld

The following lines of code will add the TCP and UDP ports 27015 to your firewall before reloading the firewall.

firewall-cmd --zone=public --add-port=27015/tcp --permanent
firewall-cmd --zone=public --add-port=27015/udp --permanent
firewall-cmd --reload

The ports we opened in the previous step are required for enabling play in the server. The ways the specific ports are used for Counter-Strike:GO are detailed below:

UDP 27000 to 27015: Game client traffic
UDP 27015 to 27030: Typically Matchmaking and HLTV
UDP 4380: Steamworks P2P Networking and Steam voice chat

Alternate Firewall Option: iptables

If you prefer to use iptables, the classic user application for managing Linux firewalls, instead for modifying the ports, you will have to make some modifications to your system first. This is because in CentOS 7, iptables was replaces by firewalld. If you still want to use iptables, you will have to disable the running firewall and use the package manager yum to install the necessary package and enable it to run on boot:

systemctl stop firewalld
systemctl mask firewalld
yum install iptables-services
systemctl enable iptables

Afterwards, you will be able to use stop,start, and restart to manage the service as shown in the below line:
systemctl [stop|start|restart] iptables

The modification of ports using iptables will take the following form, as seen in this example to open TCP on port 3030:
iptables -I INPUT -p tcp --dport 3030 -j ACCEPT

For each port listed in the instructions for firewalld, you will need to replicate those commands using the syntax shown in the above example for TCP port 3030:
iptables -A INPUT -p udp -m udp --sport 27000:27030 --dport 1025:65355 -j ACCEPT
iptables -A INPUT -p udp -m udp --sport 4380 --dport 1025:65355 -j ACCEPT

You can easily find more information online about how to apply configurations for iptables if you want to learn more about its usage. To save your new iptables configurations when finished, use:
service iptables save

Regardless of whether you choose to remain with firewalld or use iptables, completing this steps will allow connections to be made to your server for remote gameplay.


Congratulations on finishing! Having installed and configured the Counter-Strike:GO server on your CentOS 7 slave, you are now free to enjoy the customizable gaming experience! See just what your server can handle and relax a little from a long work day. If this guide was helpful to you, please share it with others who might also be interested in setting up their own Counter-Strike servers.