Soflophp 2013 - SysAdmin skills for PHP developers
Upcoming SlideShare
Loading in...5
×
 

Soflophp 2013 - SysAdmin skills for PHP developers

on

  • 4,401 views

A developer is not a complete one without basic server/system administration skills. We will go over linux and network administration tips, Apache and MySQL configuration, basic security and other ...

A developer is not a complete one without basic server/system administration skills. We will go over linux and network administration tips, Apache and MySQL configuration, basic security and other related topics.

Statistics

Views

Total Views
4,401
Slideshare-icon Views on SlideShare
4,401
Embed Views
0

Actions

Likes
1
Downloads
10
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Soflophp 2013 - SysAdmin skills for PHP developers Soflophp 2013 - SysAdmin skills for PHP developers Presentation Transcript

    • SysAdmin skills for PHP developers Pablo Godel @pgodel - March 13, 2013 South Florida PHP Users Group http://joind.in/8376Thursday, March 14, 13
    • Agenda - Why SysAdmin Skills - Introduction to LAMP - Hosting options - Linux distributions - Installing PHP options - Deploying PHP - Various production tips - Monitoring - BackupsThursday, March 14, 13
    • Who Am I? ⁃ Born in Argentina, living in the US since 1999 ⁃ PHP & Symfony developer ⁃ Founder of the original PHP mailing list in spanish ⁃ Master of the parrillaThursday, March 14, 13
    • Who Am I? ⁃ Born in Argentina, living in the US since 1999 ⁃ PHP & Symfony developer ⁃ Founder of the original PHP mailing list in spanish ⁃ Master of the parrillaThursday, March 14, 13
    • Thursday, March 14, 13
    • ServerGrove! ⁃ Founded ServerGrove Networks in 2005 ⁃ Provider of web hosting specialized in PHP, Symfony, ZendFramework, and others ⁃ Now with servers in Miami, FL and Dublin, Ireland ⁃ Mongohosting.com!Thursday, March 14, 13
    • Community is our teacher ⁃ Very active open source supporter through code contributions and usergroups/conference sponsoringThursday, March 14, 13
    • Who needs them? Sysadmin SkillsThursday, March 14, 13
    • Text IT is busy / Different PrioritiesThursday, March 14, 13
    • !Rocket ScienceThursday, March 14, 13
    • Lack of controlThursday, March 14, 13
    • Less downtimeThursday, March 14, 13
    • Better PerformanceThursday, March 14, 13
    • What do you prefer?Thursday, March 14, 13
    • Or this?Thursday, March 14, 13
    • I am limited to line commands. I don’t do line commands in Linux. Either they can install the Centos desktop, or they can just send me the files. An example...Thursday, March 14, 13
    • What is LAMPThursday, March 14, 13
    • Thursday, March 14, 13
    • Thursday, March 14, 13
    • Thursday, March 14, 13 LAMP
    • Thursday, March 14, 13 LAMP
    • Thursday, March 14, 13 LAMP
    • Scott BealeThursday, March 14, 13 LAMP
    • Thursday, March 14, 13 LNMP
    • Thursday, March 14, 13 LNMP
    • Thursday, March 14, 13 LNPP
    • Thursday, March 14, 13 LANMMPP
    • Why? LANMMPPThursday, March 14, 13
    • Why LANMMPP ProvenThursday, March 14, 13
    • Why LANMMPP StableThursday, March 14, 13
    • Why LANMMPP SecureThursday, March 14, 13
    • Why LANMMPP FreeThursday, March 14, 13
    • Why LANMMPP Free*Thursday, March 14, 13
    • Why LANMMPP InexpensiveThursday, March 14, 13
    • Why LANMMPP Easily AvailableThursday, March 14, 13
    • Hosting OptionsThursday, March 14, 13
    • Hosting Options Shared Hosting + - - Inexpensive - Shared resources - Widely available - No/Limited Shell - Easy to use - Many restrictions - No maintenance - No control - No updates - Fixed versions - Instant provisioning - Multitude of CPs - DNS/Email servicesThursday, March 14, 13
    • Hosting Options Dedicated Servers + - - Full control - Hard to plan - No sharing - Software updates - Best performance - SysAdmin skills - Software / Hardware - Expensive to start to specs - Parts replacements - Control Panel licensesThursday, March 14, 13
    • Hosting Options Virtual Servers / VPS - - Shared resources - Software updates - SysAdmin skills - Limited/No CP - Lack of emailThursday, March 14, 13
    • Hosting Options Virtual Servers / VPS + + - Inexpensive - Custom configurations - Widely available - Snapshots - Choice of OS - Multiple Envs - Root access - Full shell - Fast provisioning - Custom softwareThursday, March 14, 13
    • Hosting Options Cloud Hosting + - Depends on implementationThursday, March 14, 13
    • Hosting Options Cloud Hosting Some are a shared hosting with a fancy new nameThursday, March 14, 13
    • Hosting Options Cloud Hosting Some are a shared hosting with a fancy new name Others let you start small and scale easilyThursday, March 14, 13
    • Hosting Options Cloud Hosting Some are a shared hosting with a fancy new name Others let you start small and scale easily Gets really expensive at scaleThursday, March 14, 13
    • Hosting Options Cloud Hosting Most suffer from some of the shared hosting problems: - vendor lock-in - lack of control - high learning curve - limited environmentThursday, March 14, 13
    • Hosting Options Which one to choose?Thursday, March 14, 13
    • Hosting Options Which one to choose? IT DEPENDSThursday, March 14, 13
    • Linux DistributionsThursday, March 14, 13
    • Distributions RedHat based - Fedora - RedHat Enterprise Linux (RHEL) - CentOS - Scientific LinuxThursday, March 14, 13
    • Distributions Debian based - Debian - UbuntuThursday, March 14, 13
    • Distributions Others - Gentoo - Slackware - OpenSuse - Archlinux - any many many more! http://distrowatch.com/ http://en.wikipedia.org/wiki/Linux_distributionThursday, March 14, 13
    • Distributions Key differences - Configuration files - Package Manager - Managing Services - Software versions - UpdatesThursday, March 14, 13
    • Distributions Key differences - Configuration files CentOS /etc/sysconfig/network-scripts/ifcfg-eth0 Ubuntu /etc/network/interfacesThursday, March 14, 13
    • Distributions Key differences - Package Manager CentOS yum install php-cli Ubuntu apt-get install php5Thursday, March 14, 13
    • Distributions Key differences - Package Manager CentOS yum search php-cli Ubuntu apt-cache search phpThursday, March 14, 13
    • Distributions Key differences - Managing Services CentOS service restart httpd chkconfig --list httpd chkconfig httpd on Ubuntu service restart apache2 sudo update-rc.d apache2 enableThursday, March 14, 13
    • Distributions Key differences - Software versions CentOS httpd-2.2.3 Ubuntu apache-2.2.17Thursday, March 14, 13
    • Distributions Key differences - Updates CentOS 5.x PHP 5.1.6 Ubuntu 11 PHP 5.3.5Thursday, March 14, 13
    • Distributions Key similarities - Based on Linux Kernel - Screwed up or ancient PHP - Lack of PHP extensionsThursday, March 14, 13
    • Distributions Which one to choose? IT DEPENDSThursday, March 14, 13
    • Distributions Which one to choose? - Best feeling - Previous experience - Workplace selection - Coworker / friend knowledgeThursday, March 14, 13
    • Sysadmin skills for PHP DevsThursday, March 14, 13
    • First ExperienceThursday, March 14, 13
    • First Experience - Run Linux natively - Mac OSX - Virtual Machine: - VirtualBox - Parallels - VMware - VPSThursday, March 14, 13
    • First Experience #!/bin/bashThursday, March 14, 13
    • First Experience #!/bin/bashThursday, March 14, 13
    • First Experience #!/bin/bashThursday, March 14, 13
    • First Experience #!/bin/bashThursday, March 14, 13
    • First Experience #!/bin/bash Recommended Books: - Learning the bash Shell - bash CookbookThursday, March 14, 13
    • First Experience #!/bin/bash Most Common Commands: $ ls -l /path/ $ cd /path $ pwd $ cat /etc/passwd $ less /etc/resolv.conf $ tail -f /var/log/* $ last $ lastb $ vi /etc/hostsThursday, March 14, 13
    • First Experience #!/bin/bash User`s config files: ~/.bash_history ~/.bash_logout ~/.bash_profile PATH=$PATH:$HOME/bin export PATH ~/.bashrc alias rm=rm -i alias cp=cp -i alias mv=mv -iThursday, March 14, 13
    • First Experience #!/bin/bash Most common directories: /etc /tmp /var/log /var/run /root /home /usr/local /optThursday, March 14, 13
    • Installing Apache/PHPThursday, March 14, 13
    • Installing Apache/PHP # CentOS $ yum install httpd php-cli mod_php # Ubuntu $ apt-get install apache2 libapache2-mod-php5 Mac OSX - MAMP - Native Apache + Liip PHP installation - Zend Server CE Windows - WAMP - IIS + PHPThursday, March 14, 13
    • Installing PHP CentOS Third Party Repositories - Remi RPM http://blog.famillecollet.com/ - Webtatic http://www.webtatic.com/ - ServerGrove: PHP 5.3.x / 5.4.x (always latest) http://repos.servergrove.comThursday, March 14, 13
    • Installing PHP CentOS Third Party Repositories cd /etc/yum.repos.d/ wget http://repos.servergrove.com/servergrove-centos-5/ servergrove-centos-5.repo yum install php53 # or php54Thursday, March 14, 13
    • Installing PHP Ubuntu Third Party Repositories PHP 5.3.x / 5.4.x - Dotdeb: http://www.dotdeb.org/ - ServerGrove: (always latest) http://repos.servergrove.comThursday, March 14, 13
    • Installing PHP Ubuntu Third Party Repositories echo “deb http://repos.servergrove.com/servergrove-ubuntu- precise precise main” >> /etc/apt/sources.list.d/ servergrove.list apt-get install php53 # or php54Thursday, March 14, 13
    • Installing PHP From Source wget http://us2.php.net/get/php-5.4.12.tar.bz2/from/ www.php.net/mirror tar jxvf php-5.4.12.tar.bz2 cd php-5.4.12 ./configure make && make installThursday, March 14, 13
    • Installing PHP Recompiling php -i |grep configure ./configure --with-apxs2=/usr/sbin/apxs --prefix=/usr/local/ php53 --with-config-file-scan-dir=/etc/php53/conf.d -- enable-bcmath --enable-ctype --enable-exif --enable- mbstring --enable-ftp --enable-intl --enable-sockets -- enable-sysvmsg --enable-pcntl --with-bz2 --with-curl -- with-gettext --with-gd --enable-gd-native-ttf --enable-exif -- with-freetype-dir=/usr --with-jpeg-dir=/usr --with-t1lib=/usr --with-mcrypt --with-openssl --with-kerberos --with-iconv --with-xsl --with-xmlrpc --with-zlib --with-mysql=mysqlnd -- with-mysqli=mysqlnd --with-pdo-mysql=mysqlnd make && make installThursday, March 14, 13
    • Installing PHP Compiling for Apache ./configure --with-apxs2=/usr/sbin/apxs make && make installThursday, March 14, 13
    • Installing PHPCompiling for Nginx / PHP-FPM ./configure --enable-fpm make && make installThursday, March 14, 13
    • Installing PHP Compiling extension ./configure --with-curl --enable-ftp make && make installThursday, March 14, 13
    • Installing PHP Compiling extension (dynamic) cd ext/curl phpize ./configure make && make install echo “extension=curl.so” >> php.iniThursday, March 14, 13
    • Installing PHP Compiling extension http://pecl.php.net/Thursday, March 14, 13
    • Installing PHP Compiling extension (PECL) pecl install apc # or pecl download apc tar zxvf APC-3.1.13.tgz cd APC-3.13 phpize ./configure make && make install echo “extension=apc.so” >> php.iniThursday, March 14, 13
    • Installing PHP Automate! - Chef - Puppet - ...Thursday, March 14, 13
    • Installing PHP Configuration Default location /usr/local/lib/php.ini Other common locations /etc/php/php.ini /etc/php5/cli/php.ini /etc/php5/apache2/php.iniThursday, March 14, 13
    • Installing PHP Configuration php -i | grep php.ini Configuration File (php.ini) Path => /usr/local/php5/lib Loaded Configuration File => /usr/local/php5-20110426-093151/ lib/php.ini Scan this dir for additional .ini files => /usr/local/php5/php.d Additional .ini files parsed => /usr/local/php5/php.d/10- extension_dir.ini,Thursday, March 14, 13
    • Installing PHP Configuration php -i | grep mongo /usr/local/php5/php.d/50-extension-mongo.ini, mongo mongo.allow_empty_keys => 0 => 0 mongo.allow_persistent => 1 => 1 mongo.auto_reconnect => 1 => 1 mongo.chunk_size => 262144 => 262144 mongo.cmd => $ => $ mongo.default_host => localhost => localhost mongo.default_port => 27017 => 27017Thursday, March 14, 13
    • Installing PHP Configuration php -m [PHP Modules] apc bcmath bz2 Core ctype curl date dom eregThursday, March 14, 13
    • Installing PHP Configuration php.ini extension_dir=/usr/lib/php/extensions/no- debug-non-zts-20090626 extension=apc.so extension=mongo.soThursday, March 14, 13
    • Installing PHP Configuration php.ini php -i | grep extension_dir extension_dir => /usr/local/php5/lib/php/extensions/no-debug- non-zts-20090626Thursday, March 14, 13
    • Installing PHP Configuration php.ini date.timezone=UTC display_errors = off log_errors = on error_log = /var/log/php.logThursday, March 14, 13
    • Installing PHP Configuration Security memory_limit = 128M max_execution_time = 30 display_errors = off expose_php = off mail.log = /var/log/phpmails.log disable_functions = exec allow_url_fopen = offThursday, March 14, 13
    • Installing PHP Configuration File uploads on .htaccess php_value memory_limit 128M php_value max_file_uploads 20 php_value max_input_time -1 php_value post_max_size 8M php_value upload_max_filesize 2M php_value max_execution_time 0 AllowOverride=All in Apache!Thursday, March 14, 13
    • Installing PHP Configuration Include .htaccess <Directory /path/to/document/root> Include /path/to/.htaccess </Directory> AllowOverride=None in Apache!Thursday, March 14, 13
    • Installing PHP Configuration Apache php_value date.timezone UTC php_flag display_errors 1 php_value memory_limit 128M php_value max_execution_time 0 Don’t forget to restart ApacheThursday, March 14, 13
    • Installing PHP Web Server User Permissions issues with clear cache and uploads, Anyone? Possible users - apache - nobody - www-data - ftp / ssh user (sometimes)Thursday, March 14, 13
    • Installing PHP Web Server User Permissions issues with clear cache and uploads, Anyone? Fix: rm -rf app/cache/* rm -rf app/logs/* sudo chmod +a "www-data allow delete,write,append,file_inherit,directory_inherit" app/cache app/logs sudo chmod +a "`whoami` allow delete,write,append,file_inherit,directory_inherit" app/cache app/logs http://symfony.com/doc/current/book/installation.htmlThursday, March 14, 13
    • Deploying PHPThursday, March 14, 13
    • Deploying PHP Before going live Make sure ntpd is installed and running to ensure accurate server time yum install ntp chkconfig ntpd on ntpdate pool.ntp.orgThursday, March 14, 13
    • Deploying PHP Before going live - Disable PHP in specific directories <Location /uploads> php_admin_flag engine off </Location>Thursday, March 14, 13
    • Deploying PHP Before going live - Limit access by IP <Location /admin> Order Deny,Allow Deny from all Allow from 1.2.3.4 </Location>Thursday, March 14, 13
    • Deploying PHP Before going live - Add HTTP Authentication <Location /admin> Require valid-user AuthType Basic AuthName "SG" AuthUserFile /path/users </Location>Thursday, March 14, 13
    • Deploying PHP Before going live - Quiet down Apache ServerTokens ProdThursday, March 14, 13
    • Deploying PHP Before going live Move document root with .htaccess RewriteEngine On RewriteRule ^.htaccess$ - [F] RewriteCond %{REQUEST_FILENAME} -f RewriteRule ^.*$ - [NC,L] RewriteCond %{REQUEST_URI} !^/web/.*$ RewriteRule ^(.*)$ /web/$1Thursday, March 14, 13
    • Deploying PHP Before going live - Case senstive filesystem IPCheck_Form_Index_Login != IpCheck_Form_Index_Login /path/to/file/IpCheck_Form_Index_Login.php <?php class IPCheck_Form_Index_Login { ...Thursday, March 14, 13
    • Deploying PHP - server-side vi - plain old FTP - SFTP - scp - rsync + ssh - git - tar / gzip - rpm / deb packages - capistrano / capifonyThursday, March 14, 13
    • Deploying PHP - server-side vi - plain old FTP - SFTP - scp - rsync + ssh - git - tar / gzip - rpm / deb packages - capistrano / capifonyThursday, March 14, 13
    • Deploying PHP Effing Package Management Build packages for multiple platforms (deb, rpm, etc) with great ease and sanity. fpm -s dir -t rpm -n "sfapp" -v 1.0 /var/www/sfapp fpm -s dir -t deb -a all -n sfapp -v 1.0 /etc/apache2/ conf.d/my.conf /var/www/sfapp https://github.com/jordansissel/fpmThursday, March 14, 13
    • Deploying PHP Capistrano / Capifony - multiple servers - multiple environments - setup shared folders (vendors, cache, logs, etc) - copy files - update vendors - multi versions - rollback - restart apacheThursday, March 14, 13
    • Deploying PHP Setting up SSH $ ssh-keygen -t dsa ~/.ssh/id_dsa.pub $ ssh-copy-id user@remote-host ~/.ssh/authorized_keys ~/.ssh/authorized_keys2 $ ssh-addThursday, March 14, 13
    • Deploying PHP Setting up SSH ~/.ssh/config Host * ForwardAgent yes Port 22123 Host gh HostName github.com Port 22 PreferredAuthentications publickey IdentityFile ~/.ssh/me_rsaThursday, March 14, 13
    • Deploying PHP Setting up SSH /etc/ssh/sshd_config Port 22 Port 22123 PermitRootLogin no PasswordAuthentication noThursday, March 14, 13
    • Deploying PHP Automate! <?php exec(/usr/bin/env  -­‐i  HOME=/var/ www/vhosts/m.sunshinephp.com/m-­‐ sunshine  git  pull  origin  master); http://m.sunshinephp.com/deploy.php https://github.com/pgodel/m-sunshinephp/blob/master/web/deploy.phpThursday, March 14, 13
    • DNS TipsThursday, March 14, 13
    • DNS Tips The Power of the hosts fileThursday, March 14, 13
    • DNS Tips The Power of the hosts file /etc/hosts 10.0.1.1 www.lottery.comThursday, March 14, 13
    • DNS Tips The Power of the hosts file /etc/hosts 10.0.1.1 example1.com example2.comThursday, March 14, 13
    • DNS Tips Virtual Document Root UseCanonicalName Off VirtualDocumentRoot /var/www/vhosts/%0/web <Location /var/www/vhosts> AllowOverride All Options +FollowSymLinks </Location> example.com => /var/www/vhosts/example.com/web example2.com => /var/www/vhosts/example2.com/webThursday, March 14, 13
    • DNS Tips Nameservers/Expiration whois servergrove.com ... Name Servers: ns1.servergrove.com ns2.servergrove.com ns3.servergrove.com Creation date: 19 May 2005 23:34:36 Expiration date: 19 May 2014 23:34:00Thursday, March 14, 13
    • DNS Tips DNS records dig -t A google.com ;; ANSWER SECTION: google.com. 184 IN A 74.125.230.227 google.com. 184 IN A 74.125.230.228 google.com. 184 IN A 74.125.230.229 google.com. 184 IN A 74.125.230.230 google.com. 184 IN A 74.125.230.231 google.com. 184 IN A 74.125.230.232 google.com. 184 IN A 74.125.230.233 google.com. 184 IN A 74.125.230.238 google.com. 184 IN A 74.125.230.224 google.com. 184 IN A 74.125.230.225 google.com. 184 IN A 74.125.230.226Thursday, March 14, 13
    • DNS Tips DNS records dig -t A servergrove.eu @ns1.servergrove.com ;; ANSWER SECTION: servergrove.eu. 3600 IN A 149.5.47.100Thursday, March 14, 13
    • DNS Tips DNS Delegation http://www.simpledns.com/lookup-dg.aspxThursday, March 14, 13
    • DNS Tips traceroute traceroute google.com traceroute to google.com (173.194.37.33), 30 hops max, 40 byte packets 1 2.69-195-222.static.servergrove.com (69.195.222.2) 0.360 ms 0.365 ms 0.432 ms 2 t0-1-0-5.br2.mia.terremark.net (66.165.161.45) 1.558 ms 1.546 ms 1.532 ms 3 core1-1-0-0.mia.net.google.com (198.32.124.133) 0.238 ms 0.224 ms 0.230 ms 4 209.85.253.74 (209.85.253.74) 0.266 ms 0.283 ms 0.312 ms 5 209.85.254.252 (209.85.254.252) 12.764 ms 12.757 ms 12.749 ms 6 64.233.175.92 (64.233.175.92) 14.177 ms 14.257 ms 14.359 ms 7 atl14s07-in-f1.1e100.net (173.194.37.33) 13.653 ms 13.606 ms 13.618 msThursday, March 14, 13
    • DNS Tips http://whereisitup.comThursday, March 14, 13
    • DNS Tips mtrThursday, March 14, 13
    • MonitoringThursday, March 14, 13
    • Monitoring Apache Requests <Location /server-status> SetHandler server-status Order deny,allow Deny from all Allow from .your_domain.com </Location> ExtendedStatus OnThursday, March 14, 13
    • Monitoring Apache RequestsThursday, March 14, 13
    • Monitoring - Cacti - Ganglia - Zabbix - collectd - statsd / StatsDBundle - graphiteThursday, March 14, 13
    • Monitoring statsd / StatsDBundle / GraphiteThursday, March 14, 13
    • Monitoring CPU / Memory / IO topThursday, March 14, 13
    • Monitoring IO iotopThursday, March 14, 13
    • Monitoring Network iptrafThursday, March 14, 13
    • Monitoring Handling logs - Centralize logs with syslog error_log = syslog - Monolog supports syslog - logstash, logster, loggly, logioThursday, March 14, 13
    • Monitoring Handling logs $ grep POST /var/log/apache2/access_logThursday, March 14, 13
    • Speeding upThursday, March 14, 13
    • Speeding up - nginx/php-fpm - APC - ZendOptimizer+ - Memcache - nginx reverse proxy cache - VarnishThursday, March 14, 13
    • BackupsThursday, March 14, 13
    • Backups - rsync - rdiff-backup - Unison - Bacula - AmandaThursday, March 14, 13
    • Backups Don’t forget to backup your DB!http://blog.servergrove.com/2012/01/24/backup-your-mysql- database-using-mysqldump/Thursday, March 14, 13
    • Reading List - Automating UNIX and Linux Administration - Running Linux - Learning the bash Shell: Unix Shell ProgrammingThursday, March 14, 13
    • The End Questions? Sysadmin skills for PHP developersThursday, March 14, 13
    • Sysadmin skills for PHP developers http://joind.in/8376 Thank you! Pablo Godel @pgodelThursday, March 14, 13