A developer is not a complete one without basic server/system administration skills. We will go over linux and network administration tips, Apache and MySQL configuration, basic security and other related topics.
Scenario Library et REX Discover industry- and role- based scenarios
Soflophp 2013 - SysAdmin skills for PHP developers
1. SysAdmin skills for PHP developers
Pablo Godel @pgodel - March 13, 2013
South Florida PHP Users Group
http://joind.in/8376
Thursday, March 14, 13
2. Agenda
- Why SysAdmin Skills
- Introduction to LAMP
- Hosting options
- Linux distributions
- Installing PHP options
- Deploying PHP
- Various production tips
- Monitoring
- Backups
Thursday, March 14, 13
3. Who Am I?
⁃ Born in Argentina, living in the US since 1999
⁃ PHP & Symfony developer
⁃ Founder of the original PHP mailing list in spanish
⁃ Master of the parrilla
Thursday, March 14, 13
4. Who Am I?
⁃ Born in Argentina, living in the US since 1999
⁃ PHP & Symfony developer
⁃ Founder of the original PHP mailing list in spanish
⁃ Master of the parrilla
Thursday, March 14, 13
6. ServerGrove!
⁃ Founded ServerGrove Networks in 2005
⁃ Provider of web hosting specialized in PHP,
Symfony, ZendFramework, and others
⁃ Now with servers in Miami, FL and Dublin, Ireland
⁃ Mongohosting.com!
Thursday, March 14, 13
7. Community is our teacher
⁃ Very active open source supporter through code
contributions and usergroups/conference sponsoring
Thursday, March 14, 13
16. I am limited to line
commands.
I don’t do line commands
in Linux.
Either they can install the
Centos desktop, or they
can just send me the files.
An example...
Thursday, March 14, 13
37. Hosting Options
Shared Hosting
+ -
- Inexpensive - Shared resources
- Widely available - No/Limited Shell
- Easy to use - Many restrictions
- No maintenance - No control
- No updates - Fixed versions
- Instant provisioning - Multitude of CPs
- DNS/Email services
Thursday, March 14, 13
38. Hosting Options
Dedicated Servers
+ -
- Full control - Hard to plan
- No sharing - Software updates
- Best performance - SysAdmin skills
- Software / Hardware - Expensive to start
to specs - Parts replacements
- Control Panel licenses
Thursday, March 14, 13
40. Hosting Options
Virtual Servers / VPS
+ +
- Inexpensive - Custom configurations
- Widely available - Snapshots
- Choice of OS - Multiple Envs
- Root access
- Full shell
- Fast provisioning
- Custom software
Thursday, March 14, 13
41. Hosting Options
Cloud Hosting
+ -
Depends on implementation
Thursday, March 14, 13
42. Hosting Options
Cloud Hosting
Some are a shared hosting
with a fancy new name
Thursday, March 14, 13
43. Hosting Options
Cloud Hosting
Some are a shared hosting
with a fancy new name
Others let you start small
and scale easily
Thursday, March 14, 13
44. Hosting Options
Cloud Hosting
Some are a shared hosting
with a fancy new name
Others let you start small
and scale easily
Gets really expensive at
scale
Thursday, March 14, 13
45. Hosting Options
Cloud Hosting
Most suffer from some of the
shared hosting problems:
- vendor lock-in
- lack of control
- high learning curve
- limited environment
Thursday, March 14, 13
69. First Experience
#!/bin/bash
Recommended Books:
- Learning the bash Shell
- bash Cookbook
Thursday, March 14, 13
70. First Experience
#!/bin/bash
Most Common Commands:
$ ls -l /path/
$ cd /path
$ pwd
$ cat /etc/passwd
$ less /etc/resolv.conf
$ tail -f /var/log/*
$ last
$ lastb
$ vi /etc/hosts
Thursday, March 14, 13
71. First Experience
#!/bin/bash
User`s config files:
~/.bash_history
~/.bash_logout
~/.bash_profile
PATH=$PATH:$HOME/bin
export PATH
~/.bashrc
alias rm='rm -i'
alias cp='cp -i'
alias mv='mv -i'
Thursday, March 14, 13
72. First Experience
#!/bin/bash
Most common directories:
/etc
/tmp
/var/log
/var/run
/root
/home
/usr/local
/opt
Thursday, March 14, 13
74. Installing Apache/PHP
# CentOS
$ yum install httpd php-cli mod_php
# Ubuntu
$ apt-get install apache2 libapache2-mod-php5
Mac OSX
- MAMP
- Native Apache + Liip PHP installation
- Zend Server CE
Windows
- WAMP
- IIS + PHP
Thursday, March 14, 13
75. Installing PHP
CentOS
Third Party Repositories
- Remi RPM
http://blog.famillecollet.com/
- Webtatic
http://www.webtatic.com/
- ServerGrove: PHP 5.3.x / 5.4.x
(always latest)
http://repos.servergrove.com
Thursday, March 14, 13
76. Installing PHP
CentOS
Third Party Repositories
cd /etc/yum.repos.d/
wget http://repos.servergrove.com/servergrove-centos-5/
servergrove-centos-5.repo
yum install php53 # or php54
Thursday, March 14, 13
77. Installing PHP
Ubuntu
Third Party Repositories
PHP 5.3.x / 5.4.x
- Dotdeb:
http://www.dotdeb.org/
- ServerGrove: (always latest)
http://repos.servergrove.com
Thursday, March 14, 13
78. Installing PHP
Ubuntu
Third Party Repositories
echo “deb http://repos.servergrove.com/servergrove-ubuntu-
precise precise main” >> /etc/apt/sources.list.d/
servergrove.list
apt-get install php53 # or php54
Thursday, March 14, 13
79. Installing PHP
From Source
wget http://us2.php.net/get/php-5.4.12.tar.bz2/from/
www.php.net/mirror
tar jxvf php-5.4.12.tar.bz2
cd php-5.4.12
./configure
make && make install
Thursday, March 14, 13
97. Installing PHP
Configuration
Include .htaccess
<Directory /path/to/document/root>
Include /path/to/.htaccess
</Directory>
AllowOverride=None in Apache!
Thursday, March 14, 13
98. Installing PHP
Configuration
Apache
php_value date.timezone UTC
php_flag display_errors 1
php_value memory_limit 128M
php_value max_execution_time 0
Don’t forget to restart Apache
Thursday, March 14, 13
99. Installing PHP
Web Server User
Permissions issues with clear cache
and uploads, Anyone?
Possible users
- apache
- nobody
- www-data
- ftp / ssh user (sometimes)
Thursday, March 14, 13
100. Installing PHP
Web Server User
Permissions issues with clear cache
and uploads, Anyone?
Fix:
rm -rf app/cache/*
rm -rf app/logs/*
sudo chmod +a "www-data allow delete,write,append,file_inherit,directory_inherit" app/cache
app/logs
sudo chmod +a "`whoami` allow delete,write,append,file_inherit,directory_inherit" app/cache
app/logs
http://symfony.com/doc/current/book/installation.html
Thursday, March 14, 13
102. Deploying PHP
Before going live
Make sure ntpd is
installed and running
to ensure accurate
server time
yum install ntp
chkconfig ntpd on
ntpdate pool.ntp.org
Thursday, March 14, 13
103. Deploying PHP
Before going live
- Disable PHP in specific directories
<Location /uploads>
php_admin_flag engine off
</Location>
Thursday, March 14, 13
104. Deploying PHP
Before going live
- Limit access by IP
<Location /admin>
Order Deny,Allow
Deny from all
Allow from 1.2.3.4
</Location>
Thursday, March 14, 13
105. Deploying PHP
Before going live
- Add HTTP Authentication
<Location /admin>
Require valid-user
AuthType Basic
AuthName "SG"
AuthUserFile /path/users
</Location>
Thursday, March 14, 13
106. Deploying PHP
Before going live
- Quiet down Apache
ServerTokens Prod
Thursday, March 14, 13
107. Deploying PHP
Before going live
Move document root with .htaccess
RewriteEngine On
RewriteRule ^.htaccess$ - [F]
RewriteCond %{REQUEST_FILENAME} -f
RewriteRule ^.*$ - [NC,L]
RewriteCond %{REQUEST_URI} !^/web/.*$
RewriteRule ^(.*)$ /web/$1
Thursday, March 14, 13
108. Deploying PHP
Before going live
- Case senstive filesystem
IPCheck_Form_Index_Login !=
IpCheck_Form_Index_Login
/path/to/file/IpCheck_Form_Index_Login.php
<?php
class IPCheck_Form_Index_Login
{
...
Thursday, March 14, 13
109. Deploying PHP
- server-side vi
- plain old FTP
- SFTP
- scp
- rsync + ssh
- git
- tar / gzip
- rpm / deb packages
- capistrano / capifony
Thursday, March 14, 13
110. Deploying PHP
- server-side vi
- plain old FTP
- SFTP
- scp
- rsync + ssh
- git
- tar / gzip
- rpm / deb packages
- capistrano / capifony
Thursday, March 14, 13
111. Deploying PHP
Effing Package Management
Build packages for multiple platforms (deb, rpm, etc) with great ease and sanity.
fpm -s dir -t rpm -n "sfapp" -v 1.0 /var/www/sfapp
fpm -s dir -t deb -a all -n sfapp -v 1.0 /etc/apache2/
conf.d/my.conf /var/www/sfapp
https://github.com/jordansissel/fpm
Thursday, March 14, 13
118. DNS Tips The Power of the hosts file
Thursday, March 14, 13
119. DNS Tips The Power of the hosts file
/etc/hosts
10.0.1.1 www.lottery.com
Thursday, March 14, 13
120. DNS Tips The Power of the hosts file
/etc/hosts
10.0.1.1 example1.com example2.com
Thursday, March 14, 13
121. DNS Tips
Virtual Document Root
UseCanonicalName Off
VirtualDocumentRoot /var/www/vhosts/%0/web
<Location /var/www/vhosts>
AllowOverride All
Options +FollowSymLinks
</Location>
example.com => /var/www/vhosts/example.com/web
example2.com => /var/www/vhosts/example2.com/web
Thursday, March 14, 13
122. DNS Tips
Nameservers/Expiration
whois servergrove.com
...
Name Servers:
ns1.servergrove.com
ns2.servergrove.com
ns3.servergrove.com
Creation date: 19 May 2005 23:34:36
Expiration date: 19 May 2014 23:34:00
Thursday, March 14, 13
123. DNS Tips
DNS records
dig -t A google.com
;; ANSWER SECTION:
google.com. 184 IN A 74.125.230.227
google.com. 184 IN A 74.125.230.228
google.com. 184 IN A 74.125.230.229
google.com. 184 IN A 74.125.230.230
google.com. 184 IN A 74.125.230.231
google.com. 184 IN A 74.125.230.232
google.com. 184 IN A 74.125.230.233
google.com. 184 IN A 74.125.230.238
google.com. 184 IN A 74.125.230.224
google.com. 184 IN A 74.125.230.225
google.com. 184 IN A 74.125.230.226
Thursday, March 14, 13
124. DNS Tips
DNS records
dig -t A servergrove.eu @ns1.servergrove.com
;; ANSWER SECTION:
servergrove.eu. 3600 IN A 149.5.47.100
Thursday, March 14, 13
125. DNS Tips DNS Delegation
http://www.simpledns.com/lookup-dg.aspx
Thursday, March 14, 13
126. DNS Tips
traceroute
traceroute google.com
traceroute to google.com (173.194.37.33), 30 hops max, 40 byte packets
1 2.69-195-222.static.servergrove.com (69.195.222.2) 0.360 ms 0.365 ms 0.432 ms
2 t0-1-0-5.br2.mia.terremark.net (66.165.161.45) 1.558 ms 1.546 ms 1.532 ms
3 core1-1-0-0.mia.net.google.com (198.32.124.133) 0.238 ms 0.224 ms 0.230 ms
4 209.85.253.74 (209.85.253.74) 0.266 ms 0.283 ms 0.312 ms
5 209.85.254.252 (209.85.254.252) 12.764 ms 12.757 ms 12.749 ms
6 64.233.175.92 (64.233.175.92) 14.177 ms 14.257 ms 14.359 ms
7 atl14s07-in-f1.1e100.net (173.194.37.33) 13.653 ms 13.606 ms 13.618 ms
Thursday, March 14, 13
127. DNS Tips
http://whereisitup.com
Thursday, March 14, 13
130. Monitoring
Apache Requests
<Location /server-status>
SetHandler server-status
Order deny,allow
Deny from all
Allow from .your_domain.com
</Location>
ExtendedStatus On
Thursday, March 14, 13
131. Monitoring
Apache Requests
Thursday, March 14, 13
143. Backups
Don’t forget to
backup your DB!
http://blog.servergrove.com/2012/01/24/backup-your-mysql-
database-using-mysqldump/
Thursday, March 14, 13
144. Reading List
- Automating UNIX and Linux Administration
- Running Linux
- Learning the bash Shell: Unix Shell Programming
Thursday, March 14, 13
145. The End Questions?
Sysadmin skills for PHP developers
Thursday, March 14, 13
146. Sysadmin skills for PHP developers
http://joind.in/8376
Thank you!
Pablo Godel @pgodel
Thursday, March 14, 13