CentOS5 | SysArchitects

Installing APC on RHEL5

Here's how to install APC on RHEL5.
# yum install php-pear php-devel httpd-devel # pecl install apc # echo "extension=apc.so" > /etc/php.d/apc.ini # service httpd restart

Check for the apc section in your phpinfo() page. If it's not there:

# tail /var/log/httpd/error_log [Tue Aug 12 15:43:59 2008] [notice] Digest: done PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib/php/modules/apc.so' - /usr/lib/php/modules/apc.so: cannot open shared object file: Permission denied in Unknown on line 0

SELinux is preventing the extension from loading, I'll bet. Let's check:

# tail /var/log/messages Aug 12 15:42:40 mybox yum: Installed: httpd-devel - 2.2.3-11.el5_1.3.i386 Aug 12 15:44:01 mybox setroubleshoot: SELinux is preventing the httpd from using potentially mislabeled files (./apc.so). For complete SELinux messages. run sealert -l 9e4bbfa8-327b-4bb2-94df-f154045a1ef1

Let's view the security contexts for our PHP extensions:

# ls -Z /usr/lib/php/modules -rwxr-xr-x root root root:object_r:tmp_t apc.so -rwxr-xr-x root root system_u:object_r:textrel_shlib_t dbase.so -rwxr-xr-x root root system_u:object_r:textrel_shlib_t gd.so ...

Yup. Notice how the security context is missing (it's tmp_t for apc.so). Let's fix that.

# restorecon /usr/lib/php/modules/apc.so ]# ls -Z /usr/lib/php/modules -rwxr-xr-x root root system_u:object_r:textrel_shlib_t apc.so -rwxr-xr-x root root system_u:object_r:textrel_shlib_t dbase.so




[ 
Submitted by John on Tue, 2008-08-12 15:13. | CentOS5
PHP
RHEL5
 | John's blog
1 comment
Read more
 ]






TCP Tuning for Busy Apache Webserver on CentOS5


Recently I was in a situation where a very busy webserver was not responding. Strangely, top showed plenty of CPU available. The server was essentially just sitting there. What do do?
Upon further investigation, it turned out that the network queue was saturated. So many incoming connections were being attempted that they were falling off the end. Some TCP tuning was in order. Fortunately the server was not memory-starved so allocating more memory to the network stack was not a problem. Here's what ended up in /etc/sysctl.conf and turned the server back into a faithful workhorse.
# Kernel tuning settings for CentOS5,

# busy webserver with lots of free memory.

# Big queue for the network device

net.core.netdev_max_backlog=30000
# Lots of local ports for connections

net.ipv4.tcp_max_tw_buckets=2000000
# Bump up send/receive buffer sizes

net.core.rmem_default=262141

net.core.wmem_default=262141

net.core.rmem_max=262141

net.core.wmem_max=262141
# Disable TCP selective acknowledgements

net.ipv4.tcp_sack=0

net.ipv4.tcp_dsack=0
# Decrease the amount of time we spend

# trying to maintain connections

net.ipv4.tcp_retries2=5

net.ipv4.tcp_fin_timeout=60

net.ipv4.tcp_keepalive_time=120

net.ipv4.tcp_keepalive_intvl=30

net.ipv4.tcp_keepalive_probes=3
# Increase the number of incoming connections

# that can queue up before dropping

net.core.somaxconn=256
# Increase option memory buffers

net.core.optmem_max=20480


There are plenty of other sysctl options to tune, but the above made the most difference.
And netstat -s is your friend.


[ 
Submitted by John on Mon, 2008-02-04 10:04. | CentOS5
 | John's blog
1 comment
 ]

About John

Blog

Installing APC on RHEL5

TCP Tuning for Busy Apache Webserver on CentOS5