Blog
- Details
- Written by R. Elizondo
- Category: LEMP Configuration files for CentOS 7
Before configuring the Web Server and the PHP Fast page Manager for deliver High Performance PHP Enterprise Application, the Linux kernel where the machine is running need some settings to be optimized.
Step 1. Open a SSH Terminal into your machine.
Step 2. Change Schedulers.
$ sudo grubby --update-kernel=ALL --args="elevator=noop"
Step 3. Update Kernel settings.
$ sudo nano /etc/sysctl.conf
Replace the content of this file with:
##### Performance kernel conf
## Dev: Ruben Elizondo
##
vm.swappiness = 1
fs.file-max = 5000000
net.core.netdev_max_backlog = 400000
net.core.optmem_max = 10000000
net.core.rmem_default = 10000000
net.core.rmem_max = 10000000
net.core.somaxconn = 100000
net.core.wmem_default = 10000000
net.core.wmem_max = 10000000
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.default.rp_filter = 1
net.ipv4.ip_local_port_range = 1024 65535
net.ipv4.tcp_congestion_control = bic
net.ipv4.tcp_ecn = 0
net.ipv4.tcp_max_syn_backlog = 12000
net.ipv4.tcp_max_tw_buckets = 2000000
net.ipv4.tcp_mem = 30000000 30000000 30000000
net.ipv4.tcp_rmem = 30000000 30000000 30000000
net.ipv4.tcp_sack = 1
net.ipv4.tcp_syncookies = 0
net.ipv4.tcp_timestamps = 1
net.ipv4.tcp_wmem = 30000000 30000000 30000000
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_tw_reuse = 1
kernel.shmmax=1073741824
kernel.msgmni=1024
kernel.sem=250 32000 32 1024
save the file.
Step 4. Make open files higher value.
$ sudo nano /etc/security/limits.conf
*** Add the following line right below #@student
* - nofile 16384
save the file.
Step 5. reboot your machine
$ sudo reboot now
- Details
- Written by R. Elizondo
- Category: LEMP Configuration files for CentOS 7
Nginx has proven to be a very good Web Server capable of serving thousands of requests per second.
Its very popular for developing PHP Enterprise Applications and have it well configured is key in having a high performance PHP Application capable of handling intense workloads and very high traffic websites.
For Nginx to work as very High performance Web Server you need to have configured your Linux kernel as well following this recipe: Linux Kernel Tuning for High Performance LEMP
Step 1. replace the content of the file /etc/nginx/nginx.conf
with this:
user nginx;
error_log /var/log/nginx/error.log crit;
pid /var/run/nginx.pid;
worker_processes 1;
worker_rlimit_nofile 16384;
events {
worker_connections 50000;
multi_accept on;
use epoll;
}
http {
ssl_password_file /etc/nginx/certs/pass_file;
default_type application/octet-stream;
include mime.types;
access_log off;
keepalive_timeout 30;
fastcgi_read_timeout 3600;
proxy_read_timeout 3600;
tcp_nodelay on;
sendfile on;
expires -1;
server_tokens off;
tcp_nopush on;
types_hash_max_size 2048;
fastcgi_cache_path /var/cache/nginx levels=1:2 keys_zone=microcache:100m max_size=500m inactive=60m;
fastcgi_cache_key "$scheme$request_method$host$request_uri";
gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_min_length 1100;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_proxied any;
gzip_types text/css text/x-component application/x-javascript application/javascript text/javascript text/x-js text/richtext image/svg+xml text/plain text/xsd text/xsl text/xml image/x-icon;
include /etc/nginx/conf.d/*;
open_file_cache max=5000 inactive=20s;
open_file_cache_valid 30s;
open_file_cache_min_uses 2;
open_file_cache_errors on;
}
worker_processes 1;
### Set this equal to the number of cores or vcores available in the machine
worker_rlimit_nofile 16384;
### This is set with the same number you set in /etc/security/limits.conf
ssl_password_file /etc/nginx/certs/pass_file;
### In this file you will store the password you used for creating SSL Certificates.
Step 2. Configure a virtual host with HTTPS following any of the recipes posted in this section.
It is highly recommended that you enable and use HTTPS in HTTP2 with TLS / SSL.
Step 3. Restart your Web Server.
$ sudo systemctl restart nginx
- Details
- Written by R. Elizondo
- Category: Virtualization
Prerequisites:
- Vagrant Virtual Machine with CentOS 7, Nginx, MariaDb, NodeJs and PHP 8
- Configure Nginx Web Server with SSL in a Vagrant Virtual Machine
- How to install Symfony Framework using composer in 2 easy steps
Step 1. Make sure PHP-FPM is up and running
$ sudo systemctl status php-fpm
you will see something like this:
Step 2. Tell PHP-FPM that Nginx is working as Web Server
$ sudo nano /etc/php-fpm.d/www.conf
Change user and group to Nginx then save the file.
Then reload PHP Fast Page Manager
$ sudo systemctl reload php-fpm
Step 3. Configure some settings in php.ini
$ sudo nano /etc/php.ini
look for:
max_execution_time
and change thevalue to 180
memory_limit
and change the value to 256M
post_max_size
change the value to 20M
upload_max_filesize
= 20M
For development purposes it could be a good idea to turn errors on:
display_errors
= On
You may want to change the default time zone and maybe some other settings. More info on PHP Official Site.
If you want to have a cool UI to look at the PHP files handled by Zend OP Cache:
copy ocp.php from my github repository to the folder where your virtual host conf file is pointing for the index.php
$ nano /var/www/cool_project/public/ocp.php
Click on the copy raw icon and paste the content of the file.
Save the file and restart services.
$ sudo systemctl restart php-fpm
$ sudo systemctl restart nginx
If you followed all these past recipes including the one for Installing Symfony Framework, and you get here without any errors, then open in your browser https://cool.project.vps and you will see:
Now point to https://cool.project.vps/ocp.php and you will see:
you can click on any of the button links on top to display more information.
You are ready to start developing in Symfony!
- Details
- Written by R. Elizondo
- Category: Virtualization
Before you can read and write data to the Database inside your virtual machine, you need to finish setting up MariaDB Server.
Prerequisites: Vagrant Virtual Machine with CentOS 7, Nginx, MariaDb, NodeJs and PHP 8
Step 1. After you init and provision your Vagrant Virtual machine, if the VM is suspended, just execute in the directory where the Vagranfile is:
$ vagrant up
Step 2. execute
$ vagrant ssh
Step 3. Make sure MariaDb is up and running
$ sudo systemctl status mariadb
Step 4. Execute
$ sudo mariadb-secure-installation
The server will ask you a few questions, you need to respond like this:
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
haven't set the root password yet, you should just press enter here.
Enter current password for root (enter for none):
OK, successfully used password, moving on...
Setting the root password or using the unix_socket ensures that nobody
can log into the MariaDB root user without the proper authorisation.
You already have your root account protected, so you can safely answer 'n'.
Switch to unix_socket authentication [Y/n] n
... skipping.
You already have your root account protected, so you can safely answer 'n'.
Change the root password? [Y/n] Y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
... Success!
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n] Y
... Success!
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n]
... Success!
By default, MariaDB comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n]
- Dropping test database...
... Success!
- Removing privileges on test database...
... Success!
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n]
... Success!
Cleaning up...
All done! If you've completed all of the above steps, your MariaDB
installation should now be secure.
Thanks for using MariaDB!
Step 5. Make sure you have access to the MariaDB
$ mysql -uroot -p
Enter the password
you should see the MariaDB console
This means you are good to go.
type
MariaDB [(none)]> quit
Page 40 of 42