Vincent Mercier, profile picture
Uploaded byVincent Mercier
PDF, PPTX400 views

DevOPS training - Day 1/2

The document outlines a DevOps workshop led by Vincent Mercier, covering the integration of voice applications, infrastructure domains, and modern web architecture essentials including HTTP/2. It details the setup of a web server environment with Linux, MariaDB, PHP, and Nginx for running a Symfony application, along with best practices for configurations, SSL certificates, and backups. The content is designed to guide participants through the installation and management of a server while addressing potential PHP errors and solutions.

Embed presentation

Download as PDF, PPTX
DevOPS – Day 1 Thursday, May 20th 2016
About me Vincent Mercier vincemercier System Architect Integrate voice applications to your professional tools. Our features include: managing calls in real time, Call Tracking, Call Controlling, Push SMS, Click-To-Call, real time statistics, audio conferences, … Smart Voice Services
What about you?
Basics of DevOPS What you should know…
Infrastructure domains Network Database System Virtualization Security Anna Creative Director
Several roles in the team Engineer Technical expert Architect Global vision of the infrastructure Administrator Deploy services defined by engineers Execute daily tasks CTO Define technical roadmap based on business objectives Technician Customer support / Helpdesk Execute daily tasks
DevOPS DEV Develops applications based on business objectives OPS Deploy services to run applications with production constraints Production Company business
IT revolutions World Wide Web 1989 Cloud services 2006 What’s next? ~2020 Virtualization 1999 Containers 2013
Monolithic architecture Server Application
3 tiers architecture Server Presentation Application Data
Modern web architecture Frontend Client side Backend API CDN Application Hub CI Deployment tools Queue system DNS Database Cache
Server HTTP(macro) Body Client HTTP/1.1 200 OK Date: Thu, 19 May 2016 08:25:10 GMT Content-Type: text/html; charset=UTF-8 Content-Encoding:UTF-8 Content-Length:89 Last-Modified: Sun, 29 May 2016 08:25:10 GMT Server:Apache/2.2.15 (CentOS) Accept-Ranges:bytes Connection:close <html> <head> <title>Blog</title> </head> <body> Welcome on MyCorp! </body> </html> GET /contact HTTP/1.1 Host: blog.mycorp.local User-Agent:cli/1.0 Accept: text/html Header
Virtual hosting • Method to host multiple websites on the same server • 2 methods: • Per IP • 1 IP address per website • Works with all protocols • Difficult in production • Per domain names • HTTP/1.1 required • Server Name Indication(SNI) for HTTPS Headers fields are key-value in clear-text. HTTP headers are in request and response. Popular headers: Host, Content- Type, Etag, X-Forwarded-For HTTP headers
Virtual hosting Server Blog Extranet Always define a default website. Best practice GET /contact HTTP/1.1 Host: blog.mycorp.local User-Agent:cli/1.0 Accept: */* GET /calendar HTTP/1.1 Host: extranet.mycorp.local User-Agent:cli/1.0 Accept: */*
HTTPS • Create a secure channel over network • Not a protocol, just HTTP with a secure layer (TLS or SSL) • Certificates must be signed by a certificate authority
HTTPS 16 Application Presentation Session Transport Network Data link Physical OSI model HTTP HTTP request TCP IPv4 / IPv6 HTTP HTTPS request TCP IPv4 / IPv6 SSL / TLS
HTTPS Browser Server Root certificate authorities Public certificate CSR SSL Key Root certificate public keys Root certificate public keys Pre-installed root public certificates
HTTP2 Second major version of HTTP since HTTP 1.1 in 1999! Revolution Server Push Server push cache content to browser Compression Compress HTTP body and HTTP headers. Differential encoding (Headers are stored) Multiplexed Allowing multiple requests and responses to be sent at the same time. Binary HTTP/2 is a binary protocol SPDY Based on SPDY protocol created at Google to reduce web page load latency and improve web security
Request 2 HTTP1 GET /contact HTTP/1.1 Host: blog.mycorp.local Referer: http://blog.mycorp.local/ Date: Tue, 17 May 2016 20:16:21 GMT Via: 1.1 varnish Cache-Control: max-age=600 Expires: Mon, 16 May 2016 08:57:14 GMT X-Served-By: cache-fra1238-FRA X-Cache: HIT X-Cache-Hits: 1 Server: Apache/2.2.15 (CentOS) Vary: Accept-Encoding,Country-Code X-Fastly-Request-ID: 2cfe9ab75a31cf355f59f0ab2491932398432831 X-Powered-By: PHP/5.3.3 Server: Apache/2.2.15 (CentOS) [Body] HTTP1 vs HTTP2 02 Request 1 HTTP1 GET /home HTTP/1.1 Host: blog.mycorp.local Referer: http://blog.mycorp.local/ Date: Tue, 17 May 2016 20:16:06 GMT Via: 1.1 varnish Cache-Control: max-age=600 Expires: Mon, 16 May 2016 08:57:14 GMT X-Served-By: cache-fra1238-FRA X-Cache: HIT X-Cache-Hits: 1 Server: Apache/2.2.15 (CentOS) Vary: Accept-Encoding,Country-Code X-Fastly-Request-ID: 2cfe9ab75a31cf355f59f0ab2491932398432831 X-Powered-By: PHP/5.3.3 Server: Apache/2.2.15 (CentOS) [Body] Request 2 HTTP2 :method: GET :scheme: http :host: blog.mycorp.local :path: /home Via: 1.1 varnish Cache-Control: max-age=600 Expires: Mon, 16 May 2016 08:57:14 GMT Connection: keep-alive X-Served-By: cache-fra1238-FRA X-Cache: HIT X-Cache-Hits: 1 Server: Apache/2.2.15 (CentOS) Vary: Accept-Encoding,Country-Code X-Fastly-Request-ID: 2cfe9ab75a31cf355f59f0ab2491932398432831 X-Powered-By: PHP/5.3.3 Server: Apache/2.2.15 (CentOS) [Body] Request 2 HTTP2 :path: /contact referer: http://blog.mycorp.local/home X-Fastly-Request-ID: 2cfe9ab75a31cf355f59f0ab2491932398434234 Expires: Mon, 16 May 2016 09:43:23 GMT [Body]
HTTP1 vs HTTP2HTTP1 HTTP2 Domainsharding Asset contatenation Keep-alive Domain sharding Asset contatenation TCP connexion
Let’s go for HTTP2? • Clients and servers libraries are quiet new… • HTTP2 is implemented only with TLS in most of browsers • http://caniuse.com/#feat=http2 • https://github.com/http2/http2-spec/wiki/Implementations • Next step? • QUIC! • Built on top of UDP • https://www.chromium.org/quic
Resources for DevOPS • MAN… • Helpful websites • https://www.howtoforge.com • http://highscalability.com • French mailing list • http://www.frsag.com • Meetup
Lunch break! 23
Workshop Webhosting for a Symphony application 24
Goals • Install a webserver • Linux • MariaDB • PHP • Nginx • Running a Symphony application • Backup and restore the website
Technical details • Server • Virtual machine (Virtualbox + Vagrant) • IP: 192.168.42.42 • Linux / Nginx / PHP / MariaDB • Website • Domain: blog.mycorp.local • SSL • Symphony application
Layers PHP interpreter /var/run/php-fpm.socket Database TCP 3306 Virtualization system Managed by Vagrant Web server TCP 80 and TCP 443 Web application /var/www/blog.mycorp.local Linux Debian Nginx Symphony Linux PHP MariaDB Virtualbox 01 03 05 02 04 06
Linux Debian • One of the most popular Linux distribution • Focused on collaborative software development (Social contract / DFSG) • Used by Ubuntu • Release names come from Toy Story movies • Current stable version : 8.4 (Linux kernel 3.16.0)
Linux Debian – Installation • Initialize Vagrant environment(create Vagrantfile) • Edit vagrant configuration file • Add private network interface • Start virtual machine • Connect to the server vagrant init debian/jessie64 vim Vagrantfile config.vm.network"private_network",ip: "192.168.42.42" vagrant up vagrant ssh
Sudo? • Switch to super user • Edit vagrant filesudo -i $ is a user # is a super user The prompt
Installation • Install a text editor • Install GIT • Install troubleshooting tools • Install system administration tools apt-get install vim apt-get install git apt-get install curl tcpdump apt-get install htop
MariaDB • MySQL fork • https://mariadb.com/kb/en/mariadb/mariadb-vs-mysql-features/ • Current stable version : 10.1
MariaDB – Installation • Install MariaDB • Connect to the database • Create database • Create user apt-get install mariadb-server mysql -p CREATE DATABASE mycorp_blog; GRANT ALL PRIVILEGES ON mycorp_blog.*TO mycorp_blog@localhost IDENTIFIED by 'hackme';
PHP • Current stable version : 5.6.21 / 7.0.6 • ⚠️ 5.6.20 in Debian
PHP – Installation • Install PHP • Install PHP additional modules • Edit PHP configuration files • Set timezone to UTC • Restart PHP FPM apt-get install php5-fpm apt-get install php5-mysql php5-intl vim /etc/php5/cli/php.ini/etc/php5/fpm/php.ini date.timezone = UTC service php5-fpm restart
PHP composer – Installation • Install PHP composer • Check PHP composer version curl -sS https://getcomposer.org/installer | sudo php -- --install-dir=/usr/local/bin--filename=composer composer -V
Nginx • Current stable version : 1.9.15 • ⚠️ 1.6.2 in Debian
Nginx – Installation • Install Nginx • Check default page apt-get install nginx curl -v http://192.168.42.42
SSL certificate – Installation • Go to private SSL certificates directory • Define filename • Generate SSL private key and CSR • Generate self-sign SSL certificate cd /etc/ssl/private/ FQDN=blog.mycorp.local openssl req -nodes -newkey rsa:2048-sha256 -keyout $FQDN.key -out $FQDN.csr openssl x509 -req -days 365 -in $FQDN.csr -signkey $FQDN.key -out $FQDN.crt
SSL certificate – Installation • Restrict access to the SSL key file • Allow root to modify the key and www-data to read it chmod 0640 blog.mycorp.local.key chown root:www-data blog.mycorp.local.key
Download website source code • Go to websites directory • Clone Git repository • Copy default configuration file • Edit database parameters cd /var/www/ git clone https://github.com/vmercierfr/training-ops-1.gitblog.mycorp.local cd blog.mycorp.local/app/config/ cp parameters.yml.distparameters.yml vim parameters.yml
Nginx – Configuration • Go to nginx configuration directory • Create blog.mycorp.local cd /etc/nginx/sites-available/ vim blog.mycorp.local
Nginx – Configuration server { listen 80; server_name blog.mycorp.local; return 301 https://blog.mycorp.local/$1; } server { listen 443 ssl; server_name blog.mycorp.local; ssl on; ssl_certificate /etc/ssl/private/blog.mycorp.local.crt; ssl_certificate_key /etc/ssl/private/blog.mycorp.local.key; root /var/www/blog.mycorp.local; access_log /var/log/nginx/blog.mycorp.local.log; error_log /var/log/nginx/blog.mycorp.local.error.log info; } Force HTTPS SSL
Nginx – Configuration • Go to Nginx configuration directory • Link configuration file • Check Nginx configuration • Reload Nginx cd /etc/nginx/sites-enabled/ ln -s ../sites-available/blog.mycorp.local nginx -t service nginx reload
DNS configuration • Edit your local hosts file • Add following line • Connect to the website sudo vim /etc/hosts 192.168.42.42 blog.mycorp.local curl -v https://blog.mycorp.local %SystemRoot%System32driversetchosts Windows host file
Nginx + PHP – Configuration • Edit website configuration file • Add the following lines • Check and reload Nginx configuration vim /etc/nginx/sites-available/blog.mycorp.local root /var/www/blog.mycorp.local/web; location / { try_files $uri /app.php$is_args$args; } location ~ ^/app.php(/|$) { fastcgi_pass unix:/var/run/php5-fpm.sock; fastcgi_split_path_info ^(.+.php)(/.*)$; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name; fastcgi_param DOCUMENT_ROOT$realpath_root; internal; } nginx -t && service nginx reload
PHP errors • Check the errors log file tail -f /var/log/nginx/blog.mycorp.local.error.log 2016/05/18 23:02:12 [error] 8885#0: *119 FastCGI sent in stderr: "PHP message: PHP Warning: require(/var/www/blog.mycorp.local/app/../vendor/autoload.php): failed to open stream: No such file or directory in /var/www/blog.mycorp.local/app/autoload.php on line 11 PHP message: PHP Fatal error: require(): Failed opening required '/var/www/blog.mycorp.local/app/../vendor/autoload.php' (include_path='.:/usr/share/php:/usr/share/pear') in /var/www/blog.mycorp.local/app/autoload.php on line 11" while reading response header from upstream, client: 192.168.42.1, server: blog.mycorp.local, request: "GET /en/blog/ HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm.sock:", host: "blog.mycorp.local", referrer: "https://blog.mycorp.local/" 2016/05/18 23:03:07 [error] 8885#0: *119 FastCGI sent in stderr: "PHP message: PHP Warning: require(/var/www/blog.mycorp.local/app/../vendor/autoload.php): failed to open stream: No such file or directory in /var/www/blog.mycorp.local/app/autoload.php on line 11 PHP message: PHP Fatal error: require(): Failed opening required '/var/www/blog.mycorp.local/app/../vendor/autoload.php' (include_path='.:/usr/share/php:/usr/share/pear') in /var/www/blog.mycorp.local/app/autoload.php on line 11" while reading response header from upstream, client: 192.168.42.1, server: blog.mycorp.local, request: "GET /en/blog/ HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm.sock:", host: "blog.mycorp.local"
Initiate application • Go to website directory • Install application’s requirements with composer • Set rights on app directory • Initialize the database • Load fixtures cd /var/www/blog.mycorp.local/ composer install chown -R www-data app php app/console doctrine:schema:create php app/console doctrine:fixtures:load
Configure backup • Install backup ninja • Launch ninjabackup wizard • Create a backup job • Run a backup job apt-get install backupninja ninjahelper
Restore database backup (Quick and very dirtymethod) • Connect to MySQL • Delete database • Create database • Select database • Import backup mysql -p DROP DATABASE mycorp_blog; CREATE DATABASE mycorp_blog; use mycorp_blog; source /var/backups/mysql/sqldump/mycorp_blog.sql; Don’t delete database in production, rename it! (Need to move each tables) Best pratice
Q&A

More Related Content

PDF
DevOPS training - Day 2/2
byVincent Mercier
 
PPTX
Continues Integration and Continuous Delivery with Azure DevOps - Deploy Anyt...
byJanusz Nowak
 
PDF
DevOps Interview Questions and Answers 2019 | DevOps Tutorial | Edureka
byEdureka!
 
PPTX
La importancia de versionar el código: GitHub, portafolio y recursos para est...
byCloudNativeElSalvado
 
PDF
LFX Nov 16, 2021 - Find vulnerabilities before security knocks on your door
byEric Smalling
 
PDF
What is Continuous Integration? | Continuous Integration with Jenkins | DevOp...
byEdureka!
 
PDF
Microsoft Tech Summit Switzerland 2019 - DOCKER + AZURE DEVOPS + KUBERNETES = ♥
byMarc Müller
 
PDF
OpenAPI Generator The Babel Fish of The API World - apidays Live Paris
byCliffano Subagio
 
DevOPS training - Day 2/2
byVincent Mercier
 
Continues Integration and Continuous Delivery with Azure DevOps - Deploy Anyt...
byJanusz Nowak
 
DevOps Interview Questions and Answers 2019 | DevOps Tutorial | Edureka
byEdureka!
 
La importancia de versionar el código: GitHub, portafolio y recursos para est...
byCloudNativeElSalvado
 
LFX Nov 16, 2021 - Find vulnerabilities before security knocks on your door
byEric Smalling
 
What is Continuous Integration? | Continuous Integration with Jenkins | DevOp...
byEdureka!
 
Microsoft Tech Summit Switzerland 2019 - DOCKER + AZURE DEVOPS + KUBERNETES = ♥
byMarc Müller
 
OpenAPI Generator The Babel Fish of The API World - apidays Live Paris
byCliffano Subagio
 

What's hot

PPTX
DevOps Interview Questions Part - 2 | Devops Interview Questions And Answers ...
bySimplilearn
 
PPTX
DevNet @TAG - Spark & Tropo APIs - Milan/Rome May 2016
byCisco DevNet
 
PDF
Docker Jenkins Pipeline Tutorial | Microservices Using Docker & Jenkins | Dev...
byEdureka!
 
PPTX
DevOps made simple - Understand DevOps and steps to become a DevOps expert
byThinkCerti
 
PPTX
How to Contribute to Ansible
byCisco DevNet
 
PDF
What HPC can learn from DevOps?
byWalid Shaari
 
PDF
Introduction to DevOps Tools | DevOps Training | DevOps Tutorial for Beginner...
byEdureka!
 
PDF
CI and CD Across the Enterprise with Jenkins (devops.com Nov 2014)
byCloudBees
 
PPTX
Modern CI/CD Pipeline Using Azure DevOps
byGlobalLogic Ukraine
 
PDF
Devops interview-questions-PDF
byMayank Kumar
 
PPTX
Power of Azure Devops
byAzure Riyadh User Group
 
PPTX
PHP Performance: Principles and tools
by10n Software, LLC
 
PDF
Standardizing Jenkins with CloudBees Jenkins Team
byDeborah Schalm
 
PPTX
Azure DevOps Extensions
byChristian Waha
 
PPTX
Azure DevOps - Version Controlling with Git
byEng Teong Cheah
 
PPTX
DevOps Interview Questions Part - 1 | Devops Interview Questions And Answers ...
bySimplilearn
 
PDF
Tampere Docker meetup - Happy 5th Birthday Docker
bySakari Hoisko
 
PPTX
Infrastructure as Code for Network
byDamien Garros
 
PPTX
CI/CD on AWS
byBhargav Amin
 
PPTX
Advanced Postman for Better APIs - Web Summit 2018 - Cisco DevNet
byCisco DevNet
 
DevOps Interview Questions Part - 2 | Devops Interview Questions And Answers ...
bySimplilearn
 
DevNet @TAG - Spark & Tropo APIs - Milan/Rome May 2016
byCisco DevNet
 
Docker Jenkins Pipeline Tutorial | Microservices Using Docker & Jenkins | Dev...
byEdureka!
 
DevOps made simple - Understand DevOps and steps to become a DevOps expert
byThinkCerti
 
How to Contribute to Ansible
byCisco DevNet
 
What HPC can learn from DevOps?
byWalid Shaari
 
Introduction to DevOps Tools | DevOps Training | DevOps Tutorial for Beginner...
byEdureka!
 
CI and CD Across the Enterprise with Jenkins (devops.com Nov 2014)
byCloudBees
 
Modern CI/CD Pipeline Using Azure DevOps
byGlobalLogic Ukraine
 
Devops interview-questions-PDF
byMayank Kumar
 
Power of Azure Devops
byAzure Riyadh User Group
 
PHP Performance: Principles and tools
by10n Software, LLC
 
Standardizing Jenkins with CloudBees Jenkins Team
byDeborah Schalm
 
Azure DevOps Extensions
byChristian Waha
 
Azure DevOps - Version Controlling with Git
byEng Teong Cheah
 
DevOps Interview Questions Part - 1 | Devops Interview Questions And Answers ...
bySimplilearn
 
Tampere Docker meetup - Happy 5th Birthday Docker
bySakari Hoisko
 
Infrastructure as Code for Network
byDamien Garros
 
CI/CD on AWS
byBhargav Amin
 
Advanced Postman for Better APIs - Web Summit 2018 - Cisco DevNet
byCisco DevNet
 

Viewers also liked

PPTX
Enterprise DevOps: Crossing the Great Divide with DevOps Training
byITpreneurs
 
PDF
Key note "Developing MOOCs for continuous professional training and developm...
byOlivier Bernaert
 
DOCX
Devops training in Hyderabad
byDevops Trainer
 
PDF
DevOps for Enterprise Systems - Sanjay Chandru
byNRB
 
PPTX
Devops Online Training - Edubodhi
byRamesh Pabba - seeking new projects
 
PDF
Folha Dominical - 14.02.10 - Nº309
byComunidades Vivas
 
PDF
620
byFavian Morales
 
PPTX
Charla master BBK TIC
byDaniel Aparicio Arriola
 
PDF
Revista chilena de nutrición un nuevo aporte a la toxicología de colorantes...
byFredy Gerardo Caldas Vasquez
 
PDF
URS 2010 Annual Report
byJaredSmith
 
PDF
Desperta ferro vol 4
byBrutal Assault
 
DOCX
AUXFOG Canada
byJim Sutton
 
PDF
¿Como es Panamá Papers?
byOscar Antonio Funes Araujo
 
PDF
Comunicado nº 3 del 2016.
byCentro Tecnología
 
PDF
UltraProlink Catalogue Sept 2014
bymirchi28
 
Enterprise DevOps: Crossing the Great Divide with DevOps Training
byITpreneurs
 
Key note "Developing MOOCs for continuous professional training and developm...
byOlivier Bernaert
 
Devops training in Hyderabad
byDevops Trainer
 
DevOps for Enterprise Systems - Sanjay Chandru
byNRB
 
Devops Online Training - Edubodhi
byRamesh Pabba - seeking new projects
 
Folha Dominical - 14.02.10 - Nº309
byComunidades Vivas
 
620
byFavian Morales
 
Charla master BBK TIC
byDaniel Aparicio Arriola
 
Revista chilena de nutrición un nuevo aporte a la toxicología de colorantes...
byFredy Gerardo Caldas Vasquez
 
URS 2010 Annual Report
byJaredSmith
 
Desperta ferro vol 4
byBrutal Assault
 
AUXFOG Canada
byJim Sutton
 
¿Como es Panamá Papers?
byOscar Antonio Funes Araujo
 
Comunicado nº 3 del 2016.
byCentro Tecnología
 
UltraProlink Catalogue Sept 2014
bymirchi28
 

Similar to DevOPS training - Day 1/2

PDF
A Tale of 2 Systems
byDavid Newman
 
PDF
23 LAMP Stack #burningkeyboards
byDenis Ristic
 
PDF
Massively Scaled High Performance Web Services with PHP
byDemin Yin
 
PDF
ApacheCon 2014 - What's New in Apache httpd 2.4
byJim Jagielski
 
PDF
Make your cheap VM fly
byCode Enigma
 
PDF
Web Services Tutorial
byLorna Mitchell
 
ODP
MNPHP Scalable Architecture 101 - Feb 3 2011
byMike Willbanks
 
PPT
Presentation (PPT)
bywebhostingguy
 
PDF
Web services tutorial
byLorna Mitchell
 
ODP
HAProxy scale out using open source
byIngo Walz
 
PDF
What's New and Newer in Apache httpd-24
byJim Jagielski
 
PDF
Web Services PHP Tutorial
byLorna Mitchell
 
PDF
Servers for Hackers Server Administration for Programmers 1 (2018-06-19) Edit...
byemausalsonal
 
PDF
Servers for Hackers Server Administration for Programmers 1 (2018-06-19) Edit...
bymummdhnhy3994
 
PDF
haproxy_Load_Balancer.pdf
bycrezzcrezz
 
PPTX
haproxy_Load_Balancer.pptx
bycrezzcrezz
 
PDF
PHP projects beyond the LAMP stack
byCodemotion
 
PDF
Don't screw it up! How to build durable API
byAlessandro Cinelli (cirpo)
 
PPTX
Delivering High Performance Websites with NGINX
byNGINX, Inc.
 
PPTX
WordPress Performance
bydsero
 
A Tale of 2 Systems
byDavid Newman
 
23 LAMP Stack #burningkeyboards
byDenis Ristic
 
Massively Scaled High Performance Web Services with PHP
byDemin Yin
 
ApacheCon 2014 - What's New in Apache httpd 2.4
byJim Jagielski
 
Make your cheap VM fly
byCode Enigma
 
Web Services Tutorial
byLorna Mitchell
 
MNPHP Scalable Architecture 101 - Feb 3 2011
byMike Willbanks
 
Presentation (PPT)
bywebhostingguy
 
Web services tutorial
byLorna Mitchell
 
HAProxy scale out using open source
byIngo Walz
 
What's New and Newer in Apache httpd-24
byJim Jagielski
 
Web Services PHP Tutorial
byLorna Mitchell
 
Servers for Hackers Server Administration for Programmers 1 (2018-06-19) Edit...
byemausalsonal
 
Servers for Hackers Server Administration for Programmers 1 (2018-06-19) Edit...
bymummdhnhy3994
 
haproxy_Load_Balancer.pdf
bycrezzcrezz
 
haproxy_Load_Balancer.pptx
bycrezzcrezz
 
PHP projects beyond the LAMP stack
byCodemotion
 
Don't screw it up! How to build durable API
byAlessandro Cinelli (cirpo)
 
Delivering High Performance Websites with NGINX
byNGINX, Inc.
 
WordPress Performance
bydsero
 

Recently uploaded

PPTX
How Does LNG Regasification Work | INOXCVA
byINOXCVA
 
PDF
NS unit wise unit wise 1 -5 so prepare,.
bykumaransudhan1512
 
PPTX
A professional presentation on Cosmos Bank Heist
byssuser7f0075
 
PPT
Oracle Advanced subquery and types of subquery
bytejaswinikulkarni549
 
PDF
(en/zhTW) Heterogeneous System Architecture: Design & Performance
byDanny Jiang
 
PPTX
ME3592 - Metrology and Measurements - Unit - 1 - Lecture Notes
bypprakash21252
 
PPTX
1.Module 4-Clamping of jigs and fixtures for manufacturing.pptx
bycondieki
 
PDF
Module 4 python programming-1BPLCK105B-2025 by Dr.SV.pdf
bySURESHA V
 
PPTX
Introduction to AI and Applications Module-4.pptx
byKalaiselviSubramania2
 
PPTX
GET 211- Computing and Software Engineering (1).pptx
byfestusdaniel142
 
PDF
Shear Strength of Soil/Mohr Coulomb Failure Criteria-1.pdf
byMahmoodKhalid11
 
PDF
Industrial Tools Manufacturers In India : Torso Tools
bytorsotools8
 
PDF
Shear Strength of Soil (Direct shear test).pdf
byMahmoodKhalid11
 
PDF
AWS Re:Invent 2025 Recap by FivexL - Guilherme, Vladimir, Andrey
byAndrey Devyatkin
 
PDF
Chemical Hazards at Workplace – Types, Properties & Exposure Routes, CORE-EHS
byCORE EHS
 
PPTX
uADPF Topology_SFP requirements_locked slides.pptx
byMd Bellal Hossain
 
PPTX
This Bearing Didn’t Fail Suddenly — How Vibration Data Predicts Failure Month...
byMaintWiz Technologies Private Limited
 
PDF
Basics of Electronics Task by Vivaan Jo Varghese.pdf
byVivaan Jo Varghese
 
PPTX
Designing Work for Humans, Not Machines: Human-Centered Maintenance Excellence
byMaintWiz Technologies Private Limited
 
PDF
Ericsson 6230 Training Module Document.pdf
byMd Bellal Hossain
 
How Does LNG Regasification Work | INOXCVA
byINOXCVA
 
NS unit wise unit wise 1 -5 so prepare,.
bykumaransudhan1512
 
A professional presentation on Cosmos Bank Heist
byssuser7f0075
 
Oracle Advanced subquery and types of subquery
bytejaswinikulkarni549
 
(en/zhTW) Heterogeneous System Architecture: Design & Performance
byDanny Jiang
 
ME3592 - Metrology and Measurements - Unit - 1 - Lecture Notes
bypprakash21252
 
1.Module 4-Clamping of jigs and fixtures for manufacturing.pptx
bycondieki
 
Module 4 python programming-1BPLCK105B-2025 by Dr.SV.pdf
bySURESHA V
 
Introduction to AI and Applications Module-4.pptx
byKalaiselviSubramania2
 
GET 211- Computing and Software Engineering (1).pptx
byfestusdaniel142
 
Shear Strength of Soil/Mohr Coulomb Failure Criteria-1.pdf
byMahmoodKhalid11
 
Industrial Tools Manufacturers In India : Torso Tools
bytorsotools8
 
Shear Strength of Soil (Direct shear test).pdf
byMahmoodKhalid11
 
AWS Re:Invent 2025 Recap by FivexL - Guilherme, Vladimir, Andrey
byAndrey Devyatkin
 
Chemical Hazards at Workplace – Types, Properties & Exposure Routes, CORE-EHS
byCORE EHS
 
uADPF Topology_SFP requirements_locked slides.pptx
byMd Bellal Hossain
 
This Bearing Didn’t Fail Suddenly — How Vibration Data Predicts Failure Month...
byMaintWiz Technologies Private Limited
 
Basics of Electronics Task by Vivaan Jo Varghese.pdf
byVivaan Jo Varghese
 
Designing Work for Humans, Not Machines: Human-Centered Maintenance Excellence
byMaintWiz Technologies Private Limited
 
Ericsson 6230 Training Module Document.pdf
byMd Bellal Hossain
 

DevOPS training - Day 1/2

  • 1.
    DevOPS – Day1 Thursday, May 20th 2016
  • 2.
    About me Vincent Mercier vincemercier SystemArchitect Integrate voice applications to your professional tools. Our features include: managing calls in real time, Call Tracking, Call Controlling, Push SMS, Click-To-Call, real time statistics, audio conferences, … Smart Voice Services
  • 3.
  • 4.
    Basics of DevOPS Whatyou should know…
  • 5.
  • 6.
    Several roles inthe team Engineer Technical expert Architect Global vision of the infrastructure Administrator Deploy services defined by engineers Execute daily tasks CTO Define technical roadmap based on business objectives Technician Customer support / Helpdesk Execute daily tasks
  • 7.
    DevOPS DEV Develops applications based onbusiness objectives OPS Deploy services to run applications with production constraints Production Company business
  • 8.
    IT revolutions World WideWeb 1989 Cloud services 2006 What’s next? ~2020 Virtualization 1999 Containers 2013
  • 9.
  • 10.
  • 11.
    Modern web architecture Frontend Clientside Backend API CDN Application Hub CI Deployment tools Queue system DNS Database Cache
  • 12.
    Server HTTP(macro) Body Client HTTP/1.1 200 OK Date:Thu, 19 May 2016 08:25:10 GMT Content-Type: text/html; charset=UTF-8 Content-Encoding:UTF-8 Content-Length:89 Last-Modified: Sun, 29 May 2016 08:25:10 GMT Server:Apache/2.2.15 (CentOS) Accept-Ranges:bytes Connection:close <html> <head> <title>Blog</title> </head> <body> Welcome on MyCorp! </body> </html> GET /contact HTTP/1.1 Host: blog.mycorp.local User-Agent:cli/1.0 Accept: text/html Header
  • 13.
    Virtual hosting • Methodto host multiple websites on the same server • 2 methods: • Per IP • 1 IP address per website • Works with all protocols • Difficult in production • Per domain names • HTTP/1.1 required • Server Name Indication(SNI) for HTTPS Headers fields are key-value in clear-text. HTTP headers are in request and response. Popular headers: Host, Content- Type, Etag, X-Forwarded-For HTTP headers
  • 14.
    Virtual hosting Server Blog Extranet Always definea default website. Best practice GET /contact HTTP/1.1 Host: blog.mycorp.local User-Agent:cli/1.0 Accept: */* GET /calendar HTTP/1.1 Host: extranet.mycorp.local User-Agent:cli/1.0 Accept: */*
  • 15.
    HTTPS • Create asecure channel over network • Not a protocol, just HTTP with a secure layer (TLS or SSL) • Certificates must be signed by a certificate authority
  • 16.
    HTTPS 16 Application Presentation Session Transport Network Data link Physical OSI model HTTP HTTPrequest TCP IPv4 / IPv6 HTTP HTTPS request TCP IPv4 / IPv6 SSL / TLS
  • 17.
  • 18.
    HTTP2 Second major versionof HTTP since HTTP 1.1 in 1999! Revolution Server Push Server push cache content to browser Compression Compress HTTP body and HTTP headers. Differential encoding (Headers are stored) Multiplexed Allowing multiple requests and responses to be sent at the same time. Binary HTTP/2 is a binary protocol SPDY Based on SPDY protocol created at Google to reduce web page load latency and improve web security
  • 19.
    Request 2 HTTP1 GET /contactHTTP/1.1 Host: blog.mycorp.local Referer: http://blog.mycorp.local/ Date: Tue, 17 May 2016 20:16:21 GMT Via: 1.1 varnish Cache-Control: max-age=600 Expires: Mon, 16 May 2016 08:57:14 GMT X-Served-By: cache-fra1238-FRA X-Cache: HIT X-Cache-Hits: 1 Server: Apache/2.2.15 (CentOS) Vary: Accept-Encoding,Country-Code X-Fastly-Request-ID: 2cfe9ab75a31cf355f59f0ab2491932398432831 X-Powered-By: PHP/5.3.3 Server: Apache/2.2.15 (CentOS) [Body] HTTP1 vs HTTP2 02 Request 1 HTTP1 GET /home HTTP/1.1 Host: blog.mycorp.local Referer: http://blog.mycorp.local/ Date: Tue, 17 May 2016 20:16:06 GMT Via: 1.1 varnish Cache-Control: max-age=600 Expires: Mon, 16 May 2016 08:57:14 GMT X-Served-By: cache-fra1238-FRA X-Cache: HIT X-Cache-Hits: 1 Server: Apache/2.2.15 (CentOS) Vary: Accept-Encoding,Country-Code X-Fastly-Request-ID: 2cfe9ab75a31cf355f59f0ab2491932398432831 X-Powered-By: PHP/5.3.3 Server: Apache/2.2.15 (CentOS) [Body] Request 2 HTTP2 :method: GET :scheme: http :host: blog.mycorp.local :path: /home Via: 1.1 varnish Cache-Control: max-age=600 Expires: Mon, 16 May 2016 08:57:14 GMT Connection: keep-alive X-Served-By: cache-fra1238-FRA X-Cache: HIT X-Cache-Hits: 1 Server: Apache/2.2.15 (CentOS) Vary: Accept-Encoding,Country-Code X-Fastly-Request-ID: 2cfe9ab75a31cf355f59f0ab2491932398432831 X-Powered-By: PHP/5.3.3 Server: Apache/2.2.15 (CentOS) [Body] Request 2 HTTP2 :path: /contact referer: http://blog.mycorp.local/home X-Fastly-Request-ID: 2cfe9ab75a31cf355f59f0ab2491932398434234 Expires: Mon, 16 May 2016 09:43:23 GMT [Body]
  • 20.
    HTTP1 vs HTTP2HTTP1 HTTP2 Domainsharding Assetcontatenation Keep-alive Domain sharding Asset contatenation TCP connexion
  • 21.
    Let’s go forHTTP2? • Clients and servers libraries are quiet new… • HTTP2 is implemented only with TLS in most of browsers • http://caniuse.com/#feat=http2 • https://github.com/http2/http2-spec/wiki/Implementations • Next step? • QUIC! • Built on top of UDP • https://www.chromium.org/quic
  • 22.
    Resources for DevOPS •MAN… • Helpful websites • https://www.howtoforge.com • http://highscalability.com • French mailing list • http://www.frsag.com • Meetup
  • 23.
  • 24.
    Workshop Webhosting for aSymphony application 24
  • 25.
    Goals • Install awebserver • Linux • MariaDB • PHP • Nginx • Running a Symphony application • Backup and restore the website
  • 26.
    Technical details • Server •Virtual machine (Virtualbox + Vagrant) • IP: 192.168.42.42 • Linux / Nginx / PHP / MariaDB • Website • Domain: blog.mycorp.local • SSL • Symphony application
  • 27.
    Layers PHP interpreter /var/run/php-fpm.socket Database TCP 3306 Virtualizationsystem Managed by Vagrant Web server TCP 80 and TCP 443 Web application /var/www/blog.mycorp.local Linux Debian Nginx Symphony Linux PHP MariaDB Virtualbox 01 03 05 02 04 06
  • 28.
    Linux Debian • Oneof the most popular Linux distribution • Focused on collaborative software development (Social contract / DFSG) • Used by Ubuntu • Release names come from Toy Story movies • Current stable version : 8.4 (Linux kernel 3.16.0)
  • 29.
    Linux Debian –Installation • Initialize Vagrant environment(create Vagrantfile) • Edit vagrant configuration file • Add private network interface • Start virtual machine • Connect to the server vagrant init debian/jessie64 vim Vagrantfile config.vm.network"private_network",ip: "192.168.42.42" vagrant up vagrant ssh
  • 30.
    Sudo? • Switch tosuper user • Edit vagrant filesudo -i $ is a user # is a super user The prompt
  • 31.
    Installation • Install atext editor • Install GIT • Install troubleshooting tools • Install system administration tools apt-get install vim apt-get install git apt-get install curl tcpdump apt-get install htop
  • 32.
    MariaDB • MySQL fork •https://mariadb.com/kb/en/mariadb/mariadb-vs-mysql-features/ • Current stable version : 10.1
  • 33.
    MariaDB – Installation •Install MariaDB • Connect to the database • Create database • Create user apt-get install mariadb-server mysql -p CREATE DATABASE mycorp_blog; GRANT ALL PRIVILEGES ON mycorp_blog.*TO mycorp_blog@localhost IDENTIFIED by 'hackme';
  • 34.
    PHP • Current stableversion : 5.6.21 / 7.0.6 • ⚠️ 5.6.20 in Debian
  • 35.
    PHP – Installation •Install PHP • Install PHP additional modules • Edit PHP configuration files • Set timezone to UTC • Restart PHP FPM apt-get install php5-fpm apt-get install php5-mysql php5-intl vim /etc/php5/cli/php.ini/etc/php5/fpm/php.ini date.timezone = UTC service php5-fpm restart
  • 36.
    PHP composer –Installation • Install PHP composer • Check PHP composer version curl -sS https://getcomposer.org/installer | sudo php -- --install-dir=/usr/local/bin--filename=composer composer -V
  • 37.
    Nginx • Current stableversion : 1.9.15 • ⚠️ 1.6.2 in Debian
  • 38.
    Nginx – Installation •Install Nginx • Check default page apt-get install nginx curl -v http://192.168.42.42
  • 39.
    SSL certificate –Installation • Go to private SSL certificates directory • Define filename • Generate SSL private key and CSR • Generate self-sign SSL certificate cd /etc/ssl/private/ FQDN=blog.mycorp.local openssl req -nodes -newkey rsa:2048-sha256 -keyout $FQDN.key -out $FQDN.csr openssl x509 -req -days 365 -in $FQDN.csr -signkey $FQDN.key -out $FQDN.crt
  • 40.
    SSL certificate –Installation • Restrict access to the SSL key file • Allow root to modify the key and www-data to read it chmod 0640 blog.mycorp.local.key chown root:www-data blog.mycorp.local.key
  • 41.
    Download website sourcecode • Go to websites directory • Clone Git repository • Copy default configuration file • Edit database parameters cd /var/www/ git clone https://github.com/vmercierfr/training-ops-1.gitblog.mycorp.local cd blog.mycorp.local/app/config/ cp parameters.yml.distparameters.yml vim parameters.yml
  • 42.
    Nginx – Configuration •Go to nginx configuration directory • Create blog.mycorp.local cd /etc/nginx/sites-available/ vim blog.mycorp.local
  • 43.
    Nginx – Configuration server { listen 80; server_nameblog.mycorp.local; return 301 https://blog.mycorp.local/$1; } server { listen 443 ssl; server_name blog.mycorp.local; ssl on; ssl_certificate /etc/ssl/private/blog.mycorp.local.crt; ssl_certificate_key /etc/ssl/private/blog.mycorp.local.key; root /var/www/blog.mycorp.local; access_log /var/log/nginx/blog.mycorp.local.log; error_log /var/log/nginx/blog.mycorp.local.error.log info; } Force HTTPS SSL
  • 44.
    Nginx – Configuration •Go to Nginx configuration directory • Link configuration file • Check Nginx configuration • Reload Nginx cd /etc/nginx/sites-enabled/ ln -s ../sites-available/blog.mycorp.local nginx -t service nginx reload
  • 45.
    DNS configuration • Edityour local hosts file • Add following line • Connect to the website sudo vim /etc/hosts 192.168.42.42 blog.mycorp.local curl -v https://blog.mycorp.local %SystemRoot%System32driversetchosts Windows host file
  • 46.
    Nginx + PHP– Configuration • Edit website configuration file • Add the following lines • Check and reload Nginx configuration vim /etc/nginx/sites-available/blog.mycorp.local root /var/www/blog.mycorp.local/web; location / { try_files $uri /app.php$is_args$args; } location ~ ^/app.php(/|$) { fastcgi_pass unix:/var/run/php5-fpm.sock; fastcgi_split_path_info ^(.+.php)(/.*)$; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name; fastcgi_param DOCUMENT_ROOT$realpath_root; internal; } nginx -t && service nginx reload
  • 47.
    PHP errors • Checkthe errors log file tail -f /var/log/nginx/blog.mycorp.local.error.log 2016/05/18 23:02:12 [error] 8885#0: *119 FastCGI sent in stderr: "PHP message: PHP Warning: require(/var/www/blog.mycorp.local/app/../vendor/autoload.php): failed to open stream: No such file or directory in /var/www/blog.mycorp.local/app/autoload.php on line 11 PHP message: PHP Fatal error: require(): Failed opening required '/var/www/blog.mycorp.local/app/../vendor/autoload.php' (include_path='.:/usr/share/php:/usr/share/pear') in /var/www/blog.mycorp.local/app/autoload.php on line 11" while reading response header from upstream, client: 192.168.42.1, server: blog.mycorp.local, request: "GET /en/blog/ HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm.sock:", host: "blog.mycorp.local", referrer: "https://blog.mycorp.local/" 2016/05/18 23:03:07 [error] 8885#0: *119 FastCGI sent in stderr: "PHP message: PHP Warning: require(/var/www/blog.mycorp.local/app/../vendor/autoload.php): failed to open stream: No such file or directory in /var/www/blog.mycorp.local/app/autoload.php on line 11 PHP message: PHP Fatal error: require(): Failed opening required '/var/www/blog.mycorp.local/app/../vendor/autoload.php' (include_path='.:/usr/share/php:/usr/share/pear') in /var/www/blog.mycorp.local/app/autoload.php on line 11" while reading response header from upstream, client: 192.168.42.1, server: blog.mycorp.local, request: "GET /en/blog/ HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm.sock:", host: "blog.mycorp.local"
  • 48.
    Initiate application • Goto website directory • Install application’s requirements with composer • Set rights on app directory • Initialize the database • Load fixtures cd /var/www/blog.mycorp.local/ composer install chown -R www-data app php app/console doctrine:schema:create php app/console doctrine:fixtures:load
  • 49.
    Configure backup • Installbackup ninja • Launch ninjabackup wizard • Create a backup job • Run a backup job apt-get install backupninja ninjahelper
  • 50.
    Restore database backup(Quick and very dirtymethod) • Connect to MySQL • Delete database • Create database • Select database • Import backup mysql -p DROP DATABASE mycorp_blog; CREATE DATABASE mycorp_blog; use mycorp_blog; source /var/backups/mysql/sqldump/mycorp_blog.sql; Don’t delete database in production, rename it! (Need to move each tables) Best pratice
  • 51.