Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents
stylenone

Overview

We recommend and support the use of the cPanel installer to install and provision cPanel & WHM. However, we understand that this is not the most efficient way for a VPS (Virtual Private Server) hosting company to provision a VPS, because this process requires extra time. This article explains how hosting companies and data centers can provision a VPS or VM (Virtual Machine) with cPanel & WHM already installed for their customer. The installation of cPanel & WHM from a templated environment reduces the customer's setup time so that they can create a VPS and work on their website rather than their server.

Requirements

Note
titleNote:

You must create a SWAP file or partition automatically for each new VPS, even if you assign only 256 MB to it.


Tip
titleRemember:

The smaller the virtual disk of the template VM or VPS, the better. Since you will create this virtual disk for only a template, we recommend that you use a very small template (10GB) to deploy new servers. After you convert the template for a customer's VPS, use your virtualization software to automatically expand its virtual disk capacity to a 20 GB minimum.


Warning
titleWarning:

To ensure that cPanel, Inc. does not lock your development license, we strongly recommend that you create a VM per template and maintain it. This will require one license and IP address per templating VM and will ensure that we do not lock your license or licenses. This will also allow you to start up the VM again when you need to perform updates.



Note
titleImportant:

Because we deprecated 32-bit systems in cPanel & WHM version 58, we recommend that you only create 64-bit templates.


Tip
titleTip:

You can apply for a free development license for your template server or servers via our Developer License Application.

We recommend that you apply for one license per template.

Example: If you create two templates, one for CentOS 7 and one for CentOS 6, apply for two licenses on two separate IP addresses. We keep the IP addresses specific to the template.


Create a Minimal VM for Templating

A minimal template VM uses 10 GB of space, but you can expand it later as the customer requires.

This document creates a small template that you will expand after you set it up on the customer's VPS. Create a new minimal VPS to prepare your template.

Pre-configuration

We recommend that you customize the following files:

Code Block
languagetext
/etc/cpupdate.conf
/etc/cpsources.conf
/etc/wwwacct.conf
/var/cpanel/cpanel.config

Release tier

cPanel, Inc. offers the following release tiers:

  • EDGE
  • CURRENT
  • RELEASE
  • STABLE

cPanel & WHM automatically defaults to the RELEASE tier. But, before you install cPanel & WHM, you can configure the /etc/cpupdate.conf file to select which release tier cPanel & WHM will use.

For example, if you wished to configure cPanel & WHM to use the CURRENT release tier, run the following commands:

Code Block
languagetext
themeMidnight
# touch /etc/cpupdate.conf
# echo "CPANEL=current" >/etc/cpupdate.conf

If you wished to use EDGE or STABLE tiers, replace the word current with the desired release tier.

Note
titleNotes:
  • Your customer can change this setting within WHM at a later time.
  • You cannot downgrade major versions, and you cannot change a server's release tiers to circumvent this restriction.

Other files

Note
titleNote:

For more information on the cpanel.config file, visit our Best Practices for cPanel Virtualization Templates documentation.


Info
titleInfo:

If you are a cPanel Partner with your own FastUpdate server, you can edit the HTTPDUPDATE line in the /etc/cpsources.conf file so that all of your customers update from your FastUpdate Server.

Code Block
HTTPUPDATE=fastupdate.example.com

Read the Custom update mirrors documentation for more information.


cPanel Installation

After you finish your pre-configuration, you can install cPanel & WHM. Follow the Best Practices for cPanel Virtualization Templates as you usually would to install cPanel.

Post-Installation

After the cPanel installation is complete, you can set new defaults. You can also lock down SSH or implement other additional security requirement configurations.

Note
titleNote:
We recommend that you do not complete the Initial Setup Wizard. However, if you do choose to log in to WHM when you make the the template, remove /etc/.whostmgrft before you publish the template.


Tip
titleRemember:
After the user creates a VPS from your provided template, they will run the Initial Setup Wizard with your preconfigured default options.

Before you shut down the VM to create the template, run the following commands to ensure that cPanel, Inc. does not lock your license:

Code Block
languagetext
themeMidnight
# /scripts/restartsrv_chkservd --stop
# /scripts/restartsrv_cpsrvd --stop
# rm -f /usr/local/cpanel/cpanel.lisc

The following bash script runs the commands shown above:

Code Block
languagebash
themeMidnight
titlepost-template.sh
collapsetrue
#!/bin/bash

readonly PROGNAME=$(basename $0)
readonly PROGDIR=$(readlink -m $(dirname $0))
readonly ARGS="$@"

is_file() {
    local file=$1
    [[ -f $file  ]]
}

is_dir() {
    local dir=$1
    [[ -d $dir  ]]
}

main() {
    is_dir /usr/local/cpanel \
    && /scripts/restartsrv_cpsrvd --stop \
    && /scripts/restartsrv_chkservd --stop
    is_file /usr/local/cpanel/cpanel.lisc \
        && rm -f /usr/local/cpanel/cpanel.lisc
    is_file /etc/.whostmgrft \
        && rm -f /etc/.whostmgrft
    echo "You should now shutdown this instance and template it up"
}

main


 

 

Warning
titleWarning:

To avoid security issues before you finalize your template, be sure to remove generated SSH host keys and temporary files. Also, clear the hostname from any networking areas within the operating system and the /etc/wwwacct.conf file.

 

 

Deploy your VPS

When you deploy the customer's VPS, you must automatically update some files. If you use the libguestfs virt-sysprep command, you can achieve this via the "--firstboot" or "--firstboot-command" flags. If you do not use the libguestfs command, consult your hypervisor's documentation for an alternative option to run scripts or commands upon first boot.

Warning
titleWarning:

If you use a tool such as libguestfs virt-sysprep to help finalize your template, ensure that you do not accidentally remove any user accounts or cron jobs.

Before you deploy your VPS, complete the following steps:

  • Automatically call the /usr/local/cpanel/bin/set_hostname script on the first boot of the image before any cPanel services start. You can either randomize the hostname or set the hostname based on your customer's choice.
  • Update ADDR within /etc/wwwacct.conf to the main IP address for the VPS.
  • If you run a 1:1 NAT environment, run the /scripts/build_cpnat script to build your NAT file, and configure Apache accordingly.
  • Run the /scripts/rebuildhttpdconf script to rebuild your Apache configuration with the correct addresses.

The following bash script executes the steps above, but it does not update ADDR:

Code Block
languagebash
themeMidnight
titlecust-deploy.sh
collapsetrue
#!/bin/bash

readonly PROGNAME=$(basename $0)
readonly PROGDIR=$(readlink -m $(dirname $0))
readonly ARGS="$@"
readonly HOSTNAME=$(hostname --fqdn)
readonly CPHULKPASS=$(/usr/local/cpanel/3rdparty/bin/perl -MCpanel::PasswdStrength::Generate -e 'print Cpanel::PasswdStrength::Generate::generate_password(14)')
readonly MSECPASS=$(/usr/local/cpanel/3rdparty/bin/perl -MCpanel::PasswdStrength::Generate -e 'print Cpanel::PasswdStrength::Generate::generate_password(14)')
readonly ESTATSPASS=$(/usr/local/cpanel/3rdparty/bin/perl -MCpanel::PasswdStrength::Generate -e 'print Cpanel::PasswdStrength::Generate::generate_password(14)')
readonly LPROTPASS=$(/usr/local/cpanel/3rdparty/bin/perl -MCpanel::PasswdStrength::Generate -e 'print Cpanel::PasswdStrength::Generate::generate_password(14)')
readonly RCUBEPASS=$(/usr/local/cpanel/3rdparty/bin/perl -MCpanel::PasswdStrength::Generate -e 'print Cpanel::PasswdStrength::Generate::generate_password(14)')
readonly MYSQLPASS=$(/usr/local/cpanel/3rdparty/bin/perl -MCpanel::PasswdStrength::Generate -e 'print Cpanel::PasswdStrength::Generate::generate_password(14)')

is_file() {
    local file=$1
    [[ -f $file  ]]
}

is_dir() {
    local dir=$1
    [[ -d $dir  ]]
}

main() {
    is_dir /usr/local/cpanel \
        && /usr/local/cpanel/bin/set_hostname ${HOSTNAME} \
        && /usr/local/cpanel/bin/checkallsslcerts --allow-retry \
        && /scripts/build_cpnat \
        && /scripts/rebuildhttpdconf \
        && /scripts/mysqlpasswd root ${MYSQLPASS} \
    is_file /var/cpanel/hulkd/password \
        && /scripts/mysqlpasswd cphulkd ${CPHULKPASS} \
        && echo -e "user=\"cphulkd\"\npass=\"${CPHULKPASS}\"">/var/cpanel/hulkd/password \
        && /scripts/restartsrv_cphulkd
    is_file /var/cpanel/modsec_db_pass \
        && /scripts/mysqlpasswd modsec ${MSECPASS} \
        && echo ${MSECPASS} >/var/cpanel/modsec_db_pass
    is_file /var/cpanel/roundcubepass \
        && /scripts/mysqlpasswd roundcube ${RCUBEPASS} \
        && echo ${RCUBEPASS} >/var/cpanel/roundcubepass
    is_file /var/cpanel/eximstatspass \
        && /scripts/mysqlpasswd eximstats ${ESTATSPASS} \
        && echo ${ESTATSPASS} >/var/cpanel/eximstatspass \
        && /scripts/restartsrv_eximstats
    is_file /var/cpanel/leechprotectpass \
        && /scripts/mysqlpasswd leechprotect ${LPROTPASS} \
        && echo ${LPROTPASS} >/var/cpanel/leechprotectpass
}

main


Updating your Templates

As cPanel, Inc. releases updates, you will need to update your templates.

To avoid this situation, plan regular updates on all of your templates.

To update your template, run the following commands:

Code Block
languagetext
themeMidnight
# yum update -y
# /scripts/upcp

Before you shut down the VM to create the template, run the following commands to ensure that cPanel, Inc. does not lock your license:

Code Block
languagetext
themeMidnight
# /scripts/restartsrv_chkservd --stop
# /scripts/restartsrv_cpsrvd --stop
# rm -f /usr/local/cpanel/cpanel.lisc

The following bash script runs the commands shown above:

Code Block
languagebash
themeMidnight
titlepost-template.sh
collapsetrue
#!/bin/bash

readonly PROGNAME=$(basename $0)
readonly PROGDIR=$(readlink -m $(dirname $0))
readonly ARGS="$@"

is_file() {
    local file=$1
    [[ -f $file  ]]
}

is_dir() {
    local dir=$1
    [[ -d $dir  ]]
}

main() {
    is_dir /usr/local/cpanel \
    && /scripts/restartsrv_cpsrvd --stop \
    && /scripts/restartsrv_chkservd --stop
    is_file /usr/local/cpanel/cpanel.lisc \
        && rm -f /usr/local/cpanel/cpanel.lisc
    is_file /etc/.whostmgrft \
        && rm -f /etc/.whostmgrft
    echo "You should now shutdown this instance and template it up"
}

main


Final Notes

Most providers offer a few different templates.

For example:

cPanel & CentOS 6
cPanel & CentOS 7
cPanel & CloudLinux 6

cPanel & CloudLinux 7



Tip
titleTip:

If you wish to offer template installations of cPanel & WHM We recommend that you become a cPanel Partner. Check out our Partner NOC Requirements. cPanel Partners can use our API to automatically provision their own cPanel, CloudLinux™, and KernelCare licenses through their billing system. cPanel Partners can also enable or disable some very specific options within WHM. For more information, see our Partner NOC requirements.


Virtualization-specific Caveats

OpenVZ/Virtuozzo

Common Issues:

  • The hostname on OpenVZ/Virtuozzo may not meet the requirement of a Fully Qualified Domain Name (FQDN) on CentOS 7. Virtuozzo controls the hostname via VPS configuration (the --hostname parameter of the vzctl or prlctl commands). If you set the hostname manually from inside the VPS, Virtuozzo will reset the hostname on the next reboot. Ensure that you set up the full hostname correctly after you provision the VM, because cPanel & WHM requires an FQDN.
  • OpenVZ/Virtuozzo requires that you enable second-level quotas, which can cause quota-initiation issues. For more information read our Enable Quotas on a Virtuozzo® VPS documentation, or Virtuozzo's Documentation.
  • Jailshell requires specific steps to enable a full proc mount. For more information, read our Best Practices for cPanel Virtualization Templates documentation.

Related Documentation

Localtab Group


Localtab
activetrue
titleSuggested documentation

Content by Label
showLabelsfalse
max5
showSpacefalse
sortmodified
cqllabel = "whm" and label = "virtualization" and space = currentSpace()


Localtab
titleFor cPanel users

Content by Label
showLabelsfalse
max5
showSpacefalse
sortmodified
cqllabel = "cpanel" and label = "virtualization" and space = "DOC"


Localtab
titleFor WHM users

Content by Label
showLabelsfalse
max5
showSpacefalse
sortmodified
cqllabel = "whm" and label = "virtualization" and space in (currentSpace(),"DOC")


Localtab
titleFor developers

Content by Label
showLabelsfalse
max5
showSpacefalse
sortmodified
cqllabel = "whm" and label = "virtualization" and space in (currentSpace(),"DD")