Linux Showroom

I had to set up a server. The hoster offers openSUSE 11.0 at the moment but no openSUSE 11.1 yet. As I like to go with the latest and greatest I decided to upgrade the system to openSUSE 11.1 after using the hoster’s installation image for openSUSE 11.0. I searched on the web how a system upgrade should be done this time. (It seems to differ all the time.) I found a zypper command chain. Change the installation reposotories in /etc/zypp/repos.d to the new version and type:

# zypper refresh
# zypper dist-upgrade

I did excatly that. It did refresh a few packages but as I guessed immediately not enough. I tried over. It did not help. Here is the solution. Delete all subdirectories in /var/cache/zypper and execute the commands above again.

I heard about the successful usage of ejabberd from weblin’s CTO Heiner yesterday at lunch during BarCamp Hamburg 08.

I was thinking of deploying jabber services for podcast.de for a while now but couldn’t decide which server to take. I checked the ejabberd website. The software looks promising. So I give it a try.

# smart install ejabberd

Could not find any results. So I check OpenSuSE software search. Luckily it lists a source which I add to my smart sources.

# smart channel --edit


[Cyberorg]
type = rpm-md
name = Cyberorg
baseurl = http://download.opensuse.org/repositories/home:/cyberorg:/sugar/openSUSE_11.0/


On to install the ejabberd package:

# smart install ejabberd

I get a report that I am still missing a package for erlang as ejabberd is written in erlang. I use the OpenSuSE software search again which lists the following source:


[NicoK]
type = rpm-md
name = NicoK
baseurl = http://download.opensuse.org/repositories/home:/NicoK/openSUSE_11.0/


Now I can install ejabberd: ejabberd-2.0.0-2.11@x86_64
I also need one more package: erlang-R12B4-18.11@x86_64

The beauty of installing pre-compiled RPMs on OpenSuSE. You almost always get a rc-file along with the RPM (for server software that is).

# rce -> Tab -> rcejabberd

There it is. Great! Now I want to change the default configuration. I would expect a config file to sit in /etc/sysconfig but ejabberd brings its own directory under /etc/ejabberd where two config files reside: ejabberd.cfg and ejabberdctl.cfg.

I read before that ejabberd.cfg is the heart of ejabberd. So I edit this for local usage only ATM.

{hosts, [{ip, {127, 0, 0, 1}}]}.

I give it a try:

# rcejabberd start
Starting ejabberd done


Looks like it started. Too bad checking http://127.0.0.1:5280/admin does not work. I check for an error in the log dir /var/log/ejabberd/ just to find out no files have been created. ps aux shows me some erlang stuff is running: /usr/lib64/erlang/erts-5.6.4/bin/epmd -daemon but no jabber process(es) which I would suspect.

I am increasing the loglevel to debug (5):

{loglevel, 5}.

No change. I remove -detached in the run script and try again. This time I get debug messages on the shell:

# rcejabberd start
Starting ejabberd Erlang (BEAM) emulator version 5.6.4 [source] [64-bit] [smp:2] [async-threads:0] [hipe] [kernel-poll:false]
{”init terminating in do_boot”,{undef,[{ejabberd,start,[]},{init,start_it,1},{init,start_em,1}]}}
Crash dump was written to: erl_crash.dump init terminating in do_boot() failed


At this point I have to give up the experiment as I have no time to fiddle around with erlang problems.

A while back I wrote an article Switching from Apache HTTP Server to Lighttpd - Installing Lighttpd. Back then I migrated static stuff to lighttpd but left the dynamic stuff (PHP) with Apache.

I was never really satisfied with the speed of our system under load. I tried and tried. I optimized a lot of stuff in the backend and with the database. Most of the time I found a switch to make the system just a bit faster. Read Retrospective on three years of Seagull development if you are interested in the whole story.

In the last couple of weeks I ran out of ideas on where to improve next (without the need of rewriting too much code). I remembered using Squid years ago. I had a look at the newest version (3.0) and my interest in Squid stopped pretty soon after reading through the documentation. It was just not the software I needed.

I dived into spreading the load to multiple backends using HAproxy which by the way has a super active community. Check the mailinglist. The maintainer Willy is doing a great job. Learning about HAproxy I stumbled across the webserver nginx (pronounced engine x) numerous times. Learning about nginx I stumbled across the reverse proxy Varnish which is the proxy solution I hoped Squid would be. Furtherdown the line I ran into PHP-FPM - the PHP FastCGI Process Manager - which should not stay unmentioned.

So I read lots of blog posts, mails from mailinglists, documentation, articles, visited several forums and also learned many new things in a few wikis. So after getting the idea I had my stack together: Varnish -> HAproxy -> nginx -> PHP -> MySQL

Time to test it out! Varnish comes in a relatively uptodate package for my favorite distribution OpenSuSE (currently running 10.3 on 6 systems). HAproxy is available in a fresh version. nginx is theoretically available. It cannot install it though because of a package management conflict. So I downloaded the source for the newest stable version (0.6.3 as time of writing) and compiled it.

# wget http://sysoev.ru/nginx/nginx-0.6.32.tar.gz
# ./configure –prefix=/opt/software/nginx-0.6.32 –user=nginx –group=nginx –without-mail_pop3_module –without-mail_imap_module –without-mail_smtp_module
# make && make install

I did not need to install any extra packages. Frankly spoken I do have all the packages for compilation of C/C++ installed.

# cd /opt/software
# ln -s /opt/software/nginx-0.6.32 nginx

I always set a symlink to the currently used package. That way it is easy to replace the package when new versions come out. I can compile and install the new version and just switch the symlink.

Next thing I had to compile was a patched PHP version. So download the sources at php.net and the patches at the PHP-FPM site.

Unpack the PHP source:

# tar xjvf php-5.2.6.tar.bz2

Patch the source:

# gzip -cd php-5.2.6-fpm-0.5.8.diff.gz | patch -d php-5.2.6 -p1

Configure PHP (adjust your settings accordingly):

LDFLAGS=”-L/usr/lib64″ ./configure –with-curl –disable-debug –enable-libxml –enable-session –with-pcre-regex –enable-xml –with-bz2 –with-zlib –enable-exif –enable-inline-optimization –enable-soap –enable-sockets –with-xmlrpc –without-pear –with-libdir=lib64 –with-mysql –with-mysqli –enable-mbstring –with-mcrypt –with-mhash –with-mime-magic –with-jpeg-dir=/usr/lib64 –with-png-dir=/usr/lib64 –with-gd –enable-gd-native-ttf –with-ttf –with-freetype-dir –enable-ftp –enable-zend-multibyte –with-openssl –enable-force-cgi-redirect –with-pcre-regex –without-sqlite –without-mm –enable-fastcgi –enable-bcmath –enable-fpm –quiet –prefix=/opt/software/php5.2.6-fpm

Compile and install:

# make & make install

Adjust the PHP-FPM settings to fit your needs. You can find more info on this and related subjects in the PHP-FPM documentation.

# vim /opt/software/php/etc/php-fpm.conf

Start PHP-FPM:

# /opt/software/php/bin/php-cgi –fpm

Have a look in the log files:

# /opt/software/php/logs/php-fpm.log

Now you can connect through your webserver to fast-cgi processes. I use nginx as webserver (see above). Advantages and disadvantes of fast-cgi vs. mod-based approaches et al have been covered elsewhere. For me this makes perfectly sense and works extremly well.

After playing around with Varnish for a while I decided I do not need HAProxy ATM. Varnish can do all the decisions I need to make based on HTTP headers. I configured Varnish’s config file (here: vcl.conf) by reading lots of examples on the net and trial and error.

If I find more time and anyone is interested I post more details on the configuration of nginx and Varnish. But for now I want to publish this post as it has been sitting here for a while already.

PS: If people say content is king they are absolutely right. But never forget in the internet speed is Kaiser!