Here's some tips which I applied recently on one busy ded server and the result was a significant reduce in disk I/O load and so faster speed, lesser load avg.
- mount /tmp in ramdisk : Here's the /etc/fstab file line related to tmp :
none /tmp tmpfs nr_inodes=200k,mode=01777,nosuid,nodev 0 0
Check if php uses /tmp as session.save_path , mysql also uses /tmp as tmpdir (mysqladmin variables | grep tmpdir). I've notices on websites with high join queries, mysql has a lot of I/O in /tmp so it's recommended to mount this to ram instead of hdd.
- Mysql datadir : /var/lib/mysql , recommended to mount in a SSD disk which will give you much greater performance.
- nginx + php-fpm : There're lots of resources on web suggesting that nginx+php-fpm have much more performance rather than php via apache2 handler.
- ... I'll update this post if I found/remember new tricks ...
- More ?
Monday, December 24, 2012
Sunday, December 23, 2012
Security improvement : nginx symlink and php-fpm chroot features
I've found the new directive in nginx old documentation :
Default value is off ! Setting it to if_not_owner is a good security improve and I recommend it.
Also don't miss php-fpm chroot feature ! You can make a chroot jail for working fpm pool by extracting an OS-template to chrooted folder ! (Select the template which matches your main OS). I had to run the following additional commands to make the dns resolving and php working correctly in chrooted jail :
disable_symlinks if_not_owner; # off | on | if_not_owner
Default value is off ! Setting it to if_not_owner is a good security improve and I recommend it.
Also don't miss php-fpm chroot feature ! You can make a chroot jail for working fpm pool by extracting an OS-template to chrooted folder ! (Select the template which matches your main OS). I had to run the following additional commands to make the dns resolving and php working correctly in chrooted jail :
cd jail-path
mknod -m 666 dev/null c 1 3
mknod -m 666 dev/zero c 1 5
mknod -m 666 dev/zero c 1 5
mknod -m 666 dev/random c 1 8
mknod -m 666 dev/urandom c 19
mknod -m 666 dev/urandom c 19
cp /lib/*dns* lib
cp /lib64/*dns* lib64
echo "nameserver 8.8.8.8" > etc/resolv.conf
chown -R user:user .
Friday, December 14, 2012
Install wine with MS Visual C++ and Visual Basic runtimes
I just wanted to use some win downloaders on linux ( Orbit downloader, HiDownload, Net Transport, ... ) but they didn't run correctly on wine.
Install latest version of wine using epel repo on RHEL . Then you'll need to install MS Visual C++ and Visual Basic runtimes to make them working :
wget http://winetricks.org/winetricks
chmod +x winetricks
(apt-get install cabextract OR yum install cabextract)
sh winetricks corefonts vcrun6 vb6run
And that's it !
Install latest version of wine using epel repo on RHEL . Then you'll need to install MS Visual C++ and Visual Basic runtimes to make them working :
wget http://winetricks.org/winetricks
chmod +x winetricks
(apt-get install cabextract OR yum install cabextract)
sh winetricks corefonts vcrun6 vb6run
And that's it !
Subscribe to:
Posts (Atom)
How to set up Kodi with YouTube addon on Raspberry OS Debian 12
In this post, we review how to run Kodi with Kodi Youtube Addon on Raspberry Pi 5. There are two versions of Kodi available on Raspberry P...
-
This post shows how to configure a mail proxy server to connect clients in an intranet to an external mail server. I will use SSL offloading... -
I use this tutorial to setup RemoSIM.com product for customers. To do: - Add instructions for enabling fail2ban for asterisk - Fix the fre...
-
An updated version of this post is available here . I use this tutorial to setup RemoSIM.com product for customers. RasPBX – Asterisk for ...