Archive

Archive for the ‘LAMP: Linux Apache MySQL PHP’ Category

New Website for Activo: www.activo.com

November 23rd, 2010
Comments Off

I have good news and bad news to tell you, well it is not really bad news, but just wanted to use that saying…

The bad news is that this website is has just become absolute. Meaning we will no longer publish anything new or introduce any new content on this website. The good news is that we already have a new website and the new website can be found at www.activo.com. Notice that we got the domain name that we always wanted to have for Activo – Yeah!

Activo

For those of you who are interested, the new website was launched in late August of 2010. The domain was purchased back in November of 2009. The site currently already have twice the amount of traffic that this website has. The site also reflects a few changes in Activo:

  1. We moved our offices from Santa Clara to Los Angeles – and we love it down here. In fact LA is a great hub for techies and entrepreneurs, believe it or not.
  2. We now have a virtual team of developers, designers, and project managers. Yes – it was a decision we had to make back in the days before we moved and it turned out to work great. Our customers love it.
  3. We have decided to focus on Magento Development and Magento Extensions. I got to say, what a great decision that was!

So, check out the new website and our new blog. I (Ron Peled) will continue to post regularly about our daily grind and share with you as much as possible from what I am doing at any given time. Drop me a line if you have any suggestions or recommendations.

.NET Framework, AJAX, Content Management Systems, eCommerce, Ektron, Joomla, LAMP: Linux Apache MySQL PHP, Magento, Performance Optimization, PHP/MySQL, Project Management, Search Engine Optimization (SEO), Web Application Hosting, Web Design, Web Development, Web-based User Interfaces, ZenCart

CentOS 5.3 Install Essentials

August 23rd, 2009
Comments Off

When I setup a new server, I typically install it with nothing checked in the packages list of the installation process. I like using yum update first and then running yum install on the packages that I absolutely need. Clean and mean is my favorite way to run a Linux server. Two main reason are behind this: one is performance, this is a bit obvious: the less you got on the HD and processes running in the background the faster the server. Two is security: the less software you have installed your vulnerability “surface area” is smaller.

While installing it clean is great, I do have a minimum set of tools that I usually need in any server. Most of these tools are small and do not require background services so I install them almost by default. You should check if they suite your needs and use it at your discretion. Hint: the goal here is to copy and paste once a new server is installed.

(correction) Before I can use the next command I need to install wget:

yum install wget

Add the Atomic repository (newer versions of LAMP, some security packages):

wget -q -O - http://www.atomicorp.com/installers/atomic.sh | sh

Install basic packages:

yum install unzip sendmail ntsysv fail2ban logrotate pdns

LAMP: Linux Apache MySQL PHP, Web Application Hosting ,

Tightening up iptables for a dedicated DB server (MySQL and CentOS)

March 25th, 2009

In a typical high performing web servers environment I have a few web servers running apache/php and a separate DB server to support them. If the need ever comes to increase the capacity of the DB server it can easily be done via the MySQL clustering configuration. In any case, one of the most redundant tasks before setting up all servers is to tighten the security. In particular, setting the firewall is a repetitive task. Hence I am setting this page as a guide to myself and anyone who cares, Enjoy!

  1. SSH to the server, login as root
  2. type vi myiptables-mysql
  3. Insert the following commands:
    NOTE: you will need to insert the web server’s ip addresses where I placed <ip address#>. These are the ip addresses that MySQL queries will originate from.

    #!/bin/bash
    #
    # iptables example configuration script
    #
    # Flush all current rules from iptables
    #
    iptables -F
    #
    # Allow SSH connections on tcp port 22
    # This is essential when working on remote servers via SSH to prevent locking yourself out of the system
    #
    iptables -A INPUT -p tcp --dport 22 -j ACCEPT
    
    iptables -I INPUT 1 -i lo -p tcp --dport mysql -j ACCEPT
    iptables -I INPUT 2 -i lo -p udp --dport mysql -j ACCEPT
    iptables -I INPUT 3 -i eth0 -p tcp --dport mysql -s <ip address1> -j ACCEPT
    iptables -I INPUT 3 -i eth0 -p tcp --dport mysql -s <ip address2> -j ACCEPT
    
    #
    # Set default policies for INPUT, FORWARD and OUTPUT chains
    #
    iptables -P INPUT DROP
    iptables -P FORWARD DROP
    iptables -P OUTPUT ACCEPT
    #
    # Set access for localhost
    #
    iptables -A INPUT -i lo -j ACCEPT
    #
    # Accept packets belonging to established and related connections
    #
    iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
    #
    # Save settings
    #
    /sbin/service iptables save
    #
    # List rules
    #
    iptables -L -v
  4. save and exit
  5. Allow the file to execute by typing this command: chmod +x myiptables-mysql
  6. Run the file by tying this command: ./myiptables-mysql
  7. Test it and Enjoy!

Security notice: yes, for an even tighter security it is possible to change the ports.

LAMP: Linux Apache MySQL PHP, Web Development ,

pdnsd – Decrease DNS response time and save bandwidth

December 25th, 2008
Comments Off

Sometimes, when you realize that you could have improved the system with so little effort, we blush. This is what happened to me when I realized that most of the neworking delays could have been avoided with this tiny but wity utility. I knew that having a local caching DNS or the like is the answer but I did not want to use a full fletched DNS server. I found pdnsd – a small proxy DNS server with permanent caching. Perfect!

In a nutshel, pdnsd is a small utility that caches DNS translations locally on the HD, hence next time the server queries the address the response time is likely to be minimal. Usually, the server has to query your ISP’s DNS or whatever DNS server you specified in the /etc/resolve.conf file. In a high performing web servers you are constantly competing with other packets on the network or your network resources. This is a great advantage. By installing pdnsd you achieve the following:

  • Decrease the average DNS response time sharply!
  • Increase your server performance, especially if this server needs to communicate externally a lot like an eCommerce server which constantly needs to communicate with shipping and credit card servers.
  • Save on bandwidth.

Here is how you go about setting up pdnsd on a CentOS server:

1. Download the latest stable rpm:
go to pdnsd download page and look for your relevant rpm. For CentOS 5.2 64bit I got the latest version as of yesterday:

wget http://www.phys.uu.nl/~rombouts/pdnsd/releases/pdnsd-1.2.7-par_sl5.x86_64.rpm

2. Install the rpm:

rpm -i pdnsd-1.2.7-par_sl5.x86_64.rpm

3. Configure pdnsd to use your current DNS servers:

vi /etc/pdnsd.conf

Paste the following, of-course you should use your DNS servers instead:

server {
label="opendns";
ip = 208.67.222.222,208.67.220.220;
}

4. Start pdnsd and test that it is actually working

service pdnsd start
 dig @127.0.0.1 yahoo.com

If you get the IP, it is working. Notice the response time, if you try again you will see a sharp decrease in response time. My servers’ second response time is almost always between 1-0 ms.

5. Set pdnsd to start automatically on boot

vi /etc/default/pdnsd

Enter the following and save:

START_DAEMON=yes

Also make sure the daemon is set to auto start on boot. I use ‘ntsysv’, you can use chkconfig or whatever you are used to.

6. Set your server to use the pdnsd instead of your DNS servers

vi /etc/resolv.conf

Make sure that the first nameserver line is ’127.0.0.1′. Should look like this:

nameserver 127.0.0.1

7. Restart your network service:

service network restart

How do you know that it is working? try to use any script that needs to go outside to the network, like ‘yum update’. In most cases, you will notice that the second time is much faster. Enjoy!

LAMP: Linux Apache MySQL PHP, Performance Optimization, Web Application Hosting, Web Development , , , ,

CentOS for Linux Servers: a cut above

November 30th, 2008
Comments Off

It has been almost a year that we are using CentOS for all of our new servers instead of Ubuntu Server, and it is a great success! This article describes the few reasons behind our transition from Ubuntu to CentOS. Of-course, there is always something here and there but 99% of the cases are resolved easily and actually have nothing to do with CentOS. If time will permit we will transition all of our existing Linux boxes to CentOS 5.2. Oh, and yes, if you are looking for a solid Linux server distro – it is CentOS hands down.

We noticed that more and more hosting companies offer CentOS as their default distro and recently CentOS can claim at least 1% of all world supercomputers. The support that is offered for CentOS is abundant at this point and clearly targets the more advanced system administrators out there. All in all it seems like CentOS is maturing as a great distro for Linux server purposes.

If you are curious, we are using CentOS 5.2 64 bit by default with no software installed (at all). If needed we use the LAMP stack and the XEN virtualization software, all from the CentOS default repositories.

So, what is your experience with CentOS out there?

LAMP: Linux Apache MySQL PHP, Web Development , , , , ,

Understanding MySQL Query Caching Process

November 5th, 2008

These days, websites are expected to perform. No excuses. I also mentioned before that website performance is key for SEO. Well, one easy thing that can be done is turning on MySQL caching. Most servers ship with MySQL in its default configuration which has caching turned off. There are many resources out there if you search enough, however I have found a presentation by Baron Shcwartz: MySQL Query Cache which explains in detail advanced concepts of MySQL Caching. Here is the slide that summarizes the process of MySQL Query Caching:

LAMP: Linux Apache MySQL PHP, Performance Optimization, PHP/MySQL , , ,

About Linux Distros: Ubuntu and CentOS

April 13th, 2008

A few weeks ago, we setup a new production LAMP server to host a few of our client’s sites, medium size eCommerce websites. I wanted to share our experience as we came across the three big (and free) Linux distributions while we evaluated and setup the machines. We have previously setup Ubuntu Server 7.04 for our development and staging environment while researching the related family of North American Linux distributions: RedHat, Fedora and CentOS.

CentOS vs Ubuntu Install Screenshot

I’ll start with the positive: in the last few years Linux distributions in general have become main stream OS and most of the installation process is user friendly. Almost each distro offers the ‘server’ edition of the OS which comes mostly configured with what a production LAMP server needs to have installed already. The installation packages are clearly labeled for i386 or x64 bit, and most even offer a net install which in CentOS case only requires downloading about 7MB of ISO file and the rest is done on the fly.

Now, let’s delve into the differences that affected our decisions, labeled according to key points and in order of importance to us:

Setup Efficiency: ROI and Learning Curve

I had the experience for setting up both Ubuntu server and CentOS server editions on two different machines. Both machines had similar configurations of two 500GB harddrives mirrored in hardware Raid1 with a 3ware card, and Intel Pro dual NIC. The rest of the hardware setup is pretty much the standard Intel based processors. Both Ubuntu and CentOS had no problem in recognizing all the hardware on the machines and the setup process went pretty smoothly. The differences began showing after the initial setup: while CentOS shows an additional very helpful setup (NIC assignments, firewall, and services setup) Ubuntu had no such thing and showed the login prompt right after boot. What I found surprising is that Ubuntu required additional steps in order to download and install SSH using aptitude – if one chooses a server edition, shouldn’t it be setup for you by default?

Although aptitude is a great package management software, I have found that the server version of Ubuntu is just not mature enough or simply chooses the minimalistic approach which doesn’t fit my understanding of a server distro. Many of the tasks that were performed by CentOS by default or had options for that during the install were missing in Ubuntu. At the end of the day, setting up Ubuntu took days while CentOS took hours. Did I say ROI? CentOS is the clear winner.

Package Management Systems

Ubuntu prides itself on apt-get and aptitude which builds itself on top of the debian package management system while CentOS, Fedora and RedHat, use the rpm and yum package management systems. After using all systems I can clearly say that I favor the yum and rpm package management systems.

First, with apt-get/apt-cache/aptitude I had to constantly refer back to the documentation on Ubuntu’s site and I still cannot remember which one do I use for searching, installing, upgrading, describing, or removing packages – do we really need the separation? With both yum and rpm simply provide a separate option and you are good to go, all the information is flowing into the terminal and it took me only one glance of ‘man yum’ to understand what and where.

Second, in the particular case of apache, vhosts, and extensinos, aptitude allows flexibility at the price of re-arranging the apache.conf and vhosts.conf into a collection of files and folders. Yum does a similar thing as well, however I still found yum’s method to keep the original httpd.conf mostly intact which allowed my familiarity with the basic apache configuration skill to take over and finalize install in no time. In my opinion, the deviation from the standard has no benefit whatsoever. The price of flexibility comes over familiarity but yet yum had the upper hand and ease of use.

Third, setting up a package that requires dependencies is equally good in both systems: they both do a very good job of finding the dependencies, looking their download sources, installing and setting it all up. However, I did find that yum had the best reporting system and after it gathered all the information it showed a useful status report while asking permission to proceed – this is valuable for sys admins and it does save time. Once more, yum feels like a more mature package management system.

Production OS? Stability vs Cutting Edge

Here is where I wanted to introduce a bit of the feeling we all shared after setting it up, plus the feeling of some colleagues of mine who I consider to be Linux Admin Gurus. At the end of the day, when all is setup and configured, the feeling from the CentOS system was much more secure and I knew exactly what is installed and what is not. Conversely, Ubuntu server did not give me that worm fuzzy feeling that ‘all is good’ and if I needed to make a change, I would have to refer to documentation first before I touch the server.

When I ask some Linux Guru colleages who manage production linux clusters on a regular basis, they all point to CentOS or RedHat due to stability and performance record. In other words, you won’t get the latest cutting edge packages like Ubuntu or Fedora – but it is guaranteed to be much less flawed.

Conclusion

The bottom line is that distro preference is a personal decision. Personal to the individual who administers the systems and personal to the organization. We’ve chosen CentOS over Ubuntu, Fedora, and RedHat. The only option I see that might change is adopting RedHat due to the technical support that is offered for a fee. Hands down, CentOS provided the fastest configuration time, lowest learning curve, better ROI, superior package management system, and a good fuzzy feeling of stability. Thanks to CentOS, we can get back to our main passion: Web Development…

LAMP: Linux Apache MySQL PHP, Web Application Hosting , , , , , , , ,