Saturday, November 18, 2017

Jet Profiler for MySQL

Jet Profiler for MySQL

is a real-time query performance and diagnostics tool for the MySQL database server. It's core features:

- Query, table and user performance
- Graphical visualisation
- Low overhead
- User friendly

https://www.jetprofiler.com/

Friday, November 17, 2017

Install MySQL 5.7, Apache 2.4, PHP 7.1 on Ubuntu 16.04

Install MySQL 5.7, Apache 2.4, PHP 7.1 on Ubuntu 16.04

Install VMware tools:

VM > Guest > Install/Upgrade VMware Tools

# su -
# df -h
# cd /media/jun/VMware\ Tools/
# ls -la
# tar zxvf VMwareTools-9.4.0-1280544.tar.gz -C /tmp/
# cd /tmp
# ls
# cd vmware-tools-distrib/
# ls
# ./vmware-install.pl -d
# reboot

Note: For more info https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1022525

Move Ubuntu launcher to the bottom:

# gsettings set com.canonical.Unity.Launcher launcher-position Bottom

Update the package repository:

# apt-get update

Upgrades packages with auto-handling of dependencies:

# apt-get dist-upgrade

or

# apt full-upgrade

Install SSH server:

# apt-get install openssh-server
# systemctl status sshd.service
# systemctl restart sshd.service

Compile and install the latest Git 2.14.2 from source code:

# apt-get install dh-autoreconf libcurl4-gnutls-dev libexpat1-dev gettext libz-dev libssl-dev
# apt-get install curl
# cd /usr/local/src/
# curl -L https://github.com/git/git/archive/v2.14.2.tar.gz -o git.tar.gz
# tar zxvf git.tar.gz
# cd git-2.14.2/
# make configure
# ./configure --prefix=/usr
# make all
# make install

# git --version

git version 2.14.2

Install Git from ppa:

# add-apt-repository ppa:git-core/ppa
# apt-get update

# apt-cache policy git
# apt-cache madison git

# apt-get install git=1:2.11.0-2~ppa0~ubuntu16.04.1

# git --version

Compile and install the latest Vim 8:

# apt-get install libncurses5-dev python-dev ruby-dev libperl-dev ruby-dev liblua5.3-dev exuberant-ctags cscope

// Fix liblua paths
# ln -s /usr/include/lua5.3 /usr/include/lua
# ln -s /usr/lib/x86_64-linux-gnu/liblua5.3.so /usr/local/lib/liblua.so

# cd /usr/local/src
# git clone https://github.com/vim/vim.git

# cd vim
# ./configure --prefix=/usr --with-features=huge --enable-multibyte --enable-pythoninterp --enable-rubyinterp --enable-perlinterp --enable-luainterp --enable-cscope
# make
# make install

# hash -r
# vim --version | head

Install MTA mail server:

# apt-get install postfix

Note: select "Internet site".

Note: If you need to reconfigure the postfix setting, run either one of the following:

# dpkg-reconfigure -plow postfix

or

# apt-get purge postfix

For other mail related packages:

# apt-get install mailutils

Install mail client:

# apt-get install bsd-mailx
# echo "test message" | mailx -s 'test subject' myemail@mydomain.com

For hexdump command:

# apt-get install bsdmainutils

# hexdump -c test.log

Install MySQL5.7:

# apt-cache policy mysql-server
# apt-cache search mysql-server
# apt-cache show mysql-server | less
# apt show mysql-server

# apt-get install mysql-server

# vim /etc/mysql/mysql.conf.d/mysqld.cnf
bind-address = 0.0.0.0

# vim ~/.my.cnf
[client]
host = localhost
port = 3306
user = root
password = MyPassword

# chmod 400 ~/.my.cnf

# mysql -e "SHOW variables WHERE variable_name REGEXP 'open_files_limit|table_open_cache|max_connections';"
+----------------------------+-------+
| Variable_name              | Value |
+----------------------------+-------+
| max_connections            | 151   |
| open_files_limit           | 1024  |
| table_open_cache           | 431   |
| table_open_cache_instances | 16    |
+----------------------------+-------+

Note: You will see the following error message in the error.log file if you did not change the open files limit:
[Warning] Changed limits: max_open_files: 1024 (requested 5000)
[Warning] Changed limits: table_open_cache: 431 (requested 2000)

# mkdir /etc/systemd/system/mysql.service.d
# vim /etc/systemd/system/mysql.service.d/override.conf

[Service]
#LimitNOFILE=infinity
LimitNOFILE=5000

#LimitMEMLOCK=infinity

# systemctl daemon-reload
# systemctl restart mysql

# mysql -e "SHOW variables WHERE variable_name REGEXP 'open_files_limit|table_open_cache|max_connections';"
+----------------------------+-------+
| Variable_name              | Value |
+----------------------------+-------+
| max_connections            | 151   |
| open_files_limit           | 5000  |
| table_open_cache           | 2000  |
| table_open_cache_instances | 16    |
+----------------------------+-------+

To check MySQL process's limit:

# cat /proc/$(pgrep mysqld$)/limits
Limit                     Soft Limit           Hard Limit           Units
Max cpu time              unlimited            unlimited            seconds
Max file size             unlimited            unlimited            bytes
Max data size             unlimited            unlimited            bytes
Max stack size            8388608              unlimited            bytes
Max core file size        0                    unlimited            bytes
Max resident set          unlimited            unlimited            bytes
Max processes             15614                15614                processes
Max open files            5000                 5000                 files
Max locked memory         65536                65536                bytes
Max address space         unlimited            unlimited            bytes
Max file locks            unlimited            unlimited            locks
Max pending signals       15614                15614                signals
Max msgqueue size         819200               819200               bytes
Max nice priority         0                    0
Max realtime priority     0                    0
Max realtime timeout      unlimited            unlimited            us

Note: https://dev.mysql.com/doc/refman/5.7/en/using-systemd.html

Note: https://stackoverflow.com/questions/30901041/can-not-increase-max-open-files-for-mysql-max-connections-in-ubuntu-15

Note: https://serverfault.com/questions/821695/mysqld-service-for-systemd-failed-to-parse-resource-value-ignoring-40000-l

To move a MySQL data directory to another directory:

# mysql -e "SELECT @@datadir;"
+-----------------+
| @@datadir       |
+-----------------+
| /var/lib/mysql/ |
+-----------------+

# systemctl stop mysql
# systemctl status mysql

# vim /etc/mysql/mysql.conf.d/mysqld.cnf
datadir         = /home/mysql

# vim /etc/apparmor.d/tunables/alias
alias /var/lib/mysql/ -> /home/mysql/,

Note: We need to tell AppArmor to let MySQL write to the new directory by creating an alias between the default directory and the new location.

Note: If you skipped the AppArmor configuration step, you would see the following error message:

Job for mysql.service failed because the control process 
exited with error code. See "systemctl status mysql.service" 
and "journalctl -xe" for details.

# systemctl restart apparmor
# systemctl restart mysql

To move the existing to MySQL directory to /home:

# rsync -av /var/lib/mysql /home

Or, you can run the following commands to initialize the MySQL data directory:

# mkdir /home/mysql \
&& chown mysql:mysql /home/mysql \
&& chmod 700 /home/mysql \
&& mysqld --initialize-insecure

Note: This option is used to initialize a MySQL installation by creating the data directory and populating the tables in the mysql system database.

Note: If you use --initialize, the random initial password is stored at: tail -n 1 /var/log/mysql/error.log.

Note: You can also start mysqld with --skip-grant-tables to access the database and change the password.

# systemctl start mysql && systemctl status mysql

Login MySQL with the above commands if you initialized MySQL data directory with --initialize-insecure option.
# mysql -u root --skip-password
mysql> ALTER USER 'root'@'localhost' IDENTIFIED BY 'new_password';

Check the current MySQL data directory:

# mysql -e "SELECT @@datadir;"
+--------------+
| @@datadir    |
+--------------+
| /home/mysql/ |
+--------------+

To change the root password if you did not know the current root password:

# vim /root/tmp/mysql-init.txt
GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' IDENTIFIED BY 'YourPassWordHere' WITH GRANT OPTION;
GRANT SUPER ON *.* TO 'root'@'localhost';
FLUSH PRIVILEGES;

# mysqld --init-file=/root/tmp/mysql-init.txt

Use RAM-DISK for tmpdir:

# mysql -e "SHOW GLOBAL STATUS LIKE 'Created_tmp%tables';"
# mysql -e "SHOW GLOBAL VARIABLES LIKE '%table_size';"

# mkdir -p /mnt/ramdisk
# mount -t tmpfs -o size=512M tmpfs /mnt/ramdisk
# chown mysql:mysql /mnt/ramdisk

# id mysql

uid=123(mysql) gid=130(mysql) groups=130(mysql)

# vim /etc/fstab

tmpfs           /mnt/ramdisk     tmpfs   rw,uid=123,gid=130,mode=1770,size=512M    0       0

Note: You need to change the uid and gid of MySQL.

# mysql -e "SHOW GLOBAL VARIABLES LIKE 'tmpdir';"

# vim /etc/apparmor.d/local/usr.sbin.mysqld

/mnt/ramdisk rw,
owner /mnt/ramdisk/** rwkl,

Note: The first line gives read and write access to the directory, the second line gives read, write, lock(k) and link(l) access to all the files and the directories inside the directory owned by the mysql user.

# vim /etc/mysql/mysql.conf.d/mysqld.cnf

[mysqld]
tmpdir      = /mnt/ramdisk

# systemctl restart apparmor.service
# systemctl restart mysql.service

Install PHP7.0:

# command -v add-apt-repository >/dev/null 2>&1 \
|| { echo >&2 "add-apt-repository is not installed. I will install it for you"; apt-get install python-software-properties; }

# add-apt-repository -y ppa:ondrej/php
# apt-get update

# apt-cache policy php7.1

# apt-get install php7.1-fpm
# apt-get install php7.1-xml php7.1-curl php7.1-zip php7.1-gd php7.1-bcmath php7.1-intl php7.1-mbstring php7.1-mcrypt php7.1-mysql
# apt-get install php7.1-json php7.1-opcache
# apt-get install php-xdebug

# php -v
PHP 7.1.10-1+ubuntu16.04.1+deb.sury.org+1 (cli) (built: Sep 29 2017 17:04:25) ( NTS )
Copyright (c) 1997-2017 The PHP Group
Zend Engine v3.1.0, Copyright (c) 1998-2017 Zend Technologies
    with Zend OPcache v7.1.10-1+ubuntu16.04.1+deb.sury.org+1, Copyright (c) 1999-2017, by Zend Technologies
    with Xdebug v2.5.5, Copyright (c) 2002-2017, by Derick Rethans

# vim /etc/php/7.1/fpm/pool.d/www.conf

;listen = /run/php/php7.1-fpm.sock
listen = 127.0.0.1:9000

Note: You can choose to use either a Unix socket (for local access only) or TCP socket (for the other server on the network to access).

# systemctl restart php7.1-fpm.service && systemctl status php7.1-fpm.service

# ss -an | grep :9000
tcp    LISTEN     0      128    127.0.0.1:9000                  *:*

# vim /etc/php/7.1/fpm/php.ini

date.timezone = America/Vancouver
display_errors = On
display_startup_errors = On
error_reporting = E_ALL
error_log = /var/log/php_errors.log

List all the installed PHP packages:

# dpkg -l | grep php| awk '{print $2}' |tr "\n" " "

Show the available package version:

# apt-cache search php
# apt-cache policy php

Install the specific package version:

# apt-get install php7=7.0+35ubuntu6

Note: You can look up old versions of packages at their site http://www.debian.org/distrib/packages

Install older version of PHP (PHP5.6):

# add-apt-repository ppa:ondrej/php

# apt-get update

# apt-get install php5.6-fpm

# apt-get install php5.6-gd php5.6-intl php5.6-json php5.6-mbstring php5.6-mcrypt php5.6-mysql php5.6-opcache php5.6-xml

# a2disconf php7.0-fpm.conf
# a2enconf php5.6-fpm.conf

# systemctl restart apache2.service

Install Apache2.4:

# command -v add-apt-repository >/dev/null 2>&1 \
|| { echo >&2 "add-apt-repository is not installed. I will install it for you"; apt-get install python-software-properties; }

# add-apt-repository -y ppa:ondrej/apache2
# apt-get update

# apt-cache policy apache2

# apt-get install apache2

Enable the following modules to talk to PHP:

# cat /etc/apache2/conf-available/php7.1-fpm.conf

# a2enmod proxy proxy_fcgi rewrite setenvif ssl
# a2enconf php7.1-fpm.conf

If your apache is talking to PHP through a TCP socket (127.0.0.1:9000) instead of a Unix socket (/run/php/php7.1-fpm.sock), you will need to modify the following line:

# vim /etc/apache2/conf-available/php7.1-fpm.conf
    <FilesMatch ".+\.ph(ar|p|tml)$">
        #SetHandler "proxy:unix:/run/php/php7.1-fpm.sock|fcgi://localhost"
        SetHandler "proxy:fcgi://127.0.0.1:9000"
    </FilesMatch>

# apache2ctl configtest
# systemctl restart apache2 && systemctl status apache2

Install and enable the following Apache modules if you are connecting to PHP through a TCP socket (127.0.0.1:9000):

# apt-get install libapache2-mod-fastcgi
# a2enmod fastcgi rewrite setenvif


Edit apache2.conf:

# vim /etc/apache2/apache2.conf

AllowOverride All

Set up a virtual host:

# cd /etc/apache2/sites-available
# cp 000-default.conf mag2.local.conf
# vim mag2.local

Check the configuration:

# apache2ctl -V
# apache2ctl -t
# apache2ctl -M
# apache2ctl configtest

Enable the site:

# a2ensite mag2.local

Start MySQL, PHP, and Apache:

# systemctl restart mysql.service
# systemctl restart php7.0-fpm.service
# systemctl restart apache2.service

# ps auxww | grep -i mysql
# ps auxww | grep -i php-fpm
# ps auxww | grep -i apache2

Install PHPStorm:

# cd ~jun/Downloads/
# tar xf PhpStorm-*.tar.gz -C /opt/
# cd /opt/PhpStorm-163.10504.2/
# ./bin/phpstorm.sh

Generate a self-signed SSL certificate:

# openssl req -x509 -nodes -days 365 -newkey rsa:2048 -subj "/C=CA/ST=British Columbia/L=Vancouver/O=My Company Name/CN=erp.local" -keyout /etc/ssl/private/test.local.key -out /etc/ssl/certs/test.local.crt

Reference:

https://www.digitalocean.com/community/tutorials/how-to-move-a-mysql-data-directory-to-a-new-location-on-ubuntu-16-04

http://www.fromdual.com/mysql-tmpdir-on-ram-disk

http://www.victordodon.com/changing-mysql-tmpdir-in-ubuntu/

Saturday, November 11, 2017

Theme the node edit form of the custom content type in Drupal 8

Theme the node edit form of the custom content type in Drupal 8

/**
* Implements hook_theme_suggestions_alter().
*/
function MyModuleName_theme_suggestions_alter(array &$suggestions, array $variables, $hook) {
  if ($hook == 'node_edit_form') {
    if ($node = \Drupal::routeMatch()->getParameter('node')) {
      $content_type = $node->bundle();
    } else {
      $current_path = \Drupal::service('path.current')->getPath();
      $path_args = explode('/', $current_path);
      $content_type = $path_args[3];
    }
    $suggestions[] = 'node_edit_form__' . $content_type; // Note: You can also specify a custom theme ID here. See hook_theme() below.
  }
}

The following code (hook_theme) is optional:

/**
 * Implements  hook_theme($existing, $type, $theme, $path)
 */
function mydemo_theme() {
  return [
    'my_custom_theme_id' => [
      'render element' => 'form',
      #'path' => '/var/www/html/drupal8/web/modules/custom/mydemo/templates',
      'template' => 'asdf222',
    ],
  ];
}

Next, create twig templates in your theme's template directory in the form of node-edit-form--NODE-TYPE-SEPARATED-WITH-DASHES.html.twig:


<b>Test</b>

{{ form.form_id }}
{{ form.form_token }}

{{ form }}

Reference:

https://www.drupal.org/forum/support/post-installation/2015-10-31/drupal-8-node-edit-template

https://api.drupal.org/api/drupal/core%21lib%21Drupal%21Core%21Render%21theme.api.php/function/hook_theme_suggestions_HOOK_alter/8.2.x

https://drupal.stackexchange.com/questions/200602/override-theme-template-from-module-without-implementing-a-theme

Sunday, October 15, 2017

Saturday, October 14, 2017

MySQL resolve Host name to IP Address or Vice Versa

MySQL resolve Host name to IP Address or Vice Versa

# resolveip 192.168.5.11

# resolveip mysql-slave

Reference:

https://dev.mysql.com/doc/refman/5.7/en/resolveip.html

Monday, October 9, 2017

Go at Google: Language Design in the Service of Software Engineering

Go at Google: Language Design in the Service of Software Engineering

https://talks.golang.org/2012/splash.article

Good C string library

Good C string library

http://site.icu-project.org/

Reference:

https://stackoverflow.com/questions/4688041/good-c-string-library

Content-Length not sent when gzip compression enabled in Apache?

Content-Length not sent when gzip compression enabled in Apache?

Philippe: "Apache uses chunked encoding only if the compressed file size is larger than the DeflateBufferSize. Increasing this buffer size will therefore prevent the server using chunked encoding also for larger files, causing the Content-Length to be sent even for zipped data."

Reference:

https://serverfault.com/questions/183843/content-length-not-sent-when-gzip-compression-enabled-in-apache/183856#183856

https://stackoverflow.com/questions/2287950/how-do-you-set-the-correct-content-length-header-when-the-webserver-automaticall

Sunday, October 8, 2017

Jet Profiler for MySQL

Jet Profiler for MySQL

is a real-time query performance and diagnostics tool for the MySQL database server. It's core features:

Query, table and user performance
Graphical visualisation
Low overhead
User friendly

Reference:

https://www.jetprofiler.com/

InnoDB memory usage buffer pool status

InnoDB memory usage buffer pool status

Making sense of INNODB buffer pool stats

After having read this page in the mysql documentation, I tried to make sense of our current InnoDB usage. Currently, we allocate 6GB of RAM for the buffer pool. Our database size is about the same. Here's the output from show engine innodb status\G (we're running v5.5)

----------------------
BUFFER POOL AND MEMORY
----------------------
Total memory allocated 6593445888; in additional pool allocated 0
Dictionary memory allocated 1758417
Buffer pool size   393215
Free buffers       853
Database pages     360515
Old database pages 133060
Modified db pages  300
Pending reads 0
Pending writes: LRU 0, flush list 0, single page 0
Pages made young 7365790, not young 23099457
0.00 youngs/s, 0.00 non-youngs/s
Pages read 1094342, created 185628, written 543182148
0.00 reads/s, 0.00 creates/s, 37.32 writes/s
Buffer pool hit rate 1000 / 1000, young-making rate 0 / 1000 not 0 / 1000
Pages read ahead 0.00/s, evicted without access 0.00/s, Random read ahead 0.00/s
LRU len: 360515, unzip_LRU len: 0
I/O sum[2571]:cur[0], unzip sum[0]:cur[0]

I wanted to know how well we're utilizing the buffer cache. After initially glancing at the output, it appeared that we are indeed using it, based off of the Pages made young and not young have numbers in them and Buffer pool hit rate is 1000 / 10000 (which I saw elsewhere on the web that this means it's being used pretty heavily. True?)

What's throwing me through a loop is why the young-making rate and not are both at 0/1000 and the young/s and non-young/s accesses are both at 0. Those would all indicate that it's not being used at all, right?

Can anyone help make sense of this?

This is in pages not bytes:

The Buffer pool size   393215

To see the Buffer Pool size in GB run this:

Note: As of MySQL 5.7.6 the "information_schema" is merged into performance_schema. So just change "information_schema" to "performance_schema" in the query to make it work.

SELECT FORMAT(BufferPoolPages*PageSize/POWER(1024,3),2) BufferPoolDataGB FROM
(SELECT variable_value BufferPoolPages FROM information_schema.global_status
WHERE variable_name = 'Innodb_buffer_pool_pages_total') A,
(SELECT variable_value PageSize FROM information_schema.global_status
WHERE variable_name = 'Innodb_page_size') B;

This is the number of pages with data inside the Buffer Pool:

Database pages     360515

To see the amount of data in the Buffer Pool size in GB run this:

SELECT FORMAT(BufferPoolPages*PageSize/POWER(1024,3),2) BufferPoolDataGB FROM
(SELECT variable_value BufferPoolPages FROM information_schema.global_status
WHERE variable_name = 'Innodb_buffer_pool_pages_data') A,
(SELECT variable_value PageSize FROM information_schema.global_status
WHERE variable_name = 'Innodb_page_size') B;

To see the percentage of the Buffer Pool in use, run this:

SELECT CONCAT(FORMAT(DataPages*100.0/TotalPages,2),' %') BufferPoolDataPercentage FROM
(SELECT variable_value DataPages FROM information_schema.global_status
WHERE variable_name = 'Innodb_buffer_pool_pages_data') A,
(SELECT variable_value TotalPages FROM information_schema.global_status
WHERE variable_name = 'Innodb_buffer_pool_pages_total') B;

This is the number of pages in the Buffer Pool that have to be written back to the database. They are also referred to as dirty pages:

Modified db pages  300

To see the Space Taken Up by Dirty Pages, run this:

SELECT FORMAT(DirtyPages*PageSize/POWER(1024,3),2) BufferPoolDirtyGB FROM
(SELECT variable_value DirtyPages FROM information_schema.global_status
WHERE variable_name = 'Innodb_buffer_pool_pages_dirty') A,
(SELECT variable_value PageSize FROM information_schema.global_status
WHERE variable_name = 'Innodb_page_size') B;

To see the Percentage of Dirty Pages, run this:

SELECT CONCAT(FORMAT(DirtyPages*100.0/TotalPages,2),' %') BufferPoolDirtyPercentage FROM
(SELECT variable_value DirtyPages FROM information_schema.global_status
WHERE variable_name = 'Innodb_buffer_pool_pages_dirty') A,
(SELECT variable_value TotalPages FROM information_schema.global_status
WHERE variable_name = 'Innodb_buffer_pool_pages_total') B;

As for the other things in the display, run this:

SHOW GLOBAL STATUS LIKE 'Innodb_buffer_pool%';

You'll see all the status variables for the Buffer Pool. ou can apply the same queries against whatever you need to examine.

The buffer pool is divided into two part, a young list and a not-young list. The making rate shows how many pages in the buffer pools are being shuffled between the two lists.

Pages made young are not-young pages being made (i.e. being read out of the cache. Pages made not-young are pages moved from the young list because either they are too old, or because the young list is full.

The rate at pages are moved between the two depends upon how much of the buffer pool is currently being used vs the size of the young pool. Set at zero means your active set (the pages you are using) is smaller than the young pool.

Reference:

http://dba.stackexchange.com/questions/56494/making-sense-of-innodb-buffer-pool-stats

http://dev.mysql.com/doc/refman/5.7/en/innodb-buffer-pool.html

How much memory do I need for InnoDB buffer pool?

How much memory do I need for InnoDB buffer pool?

The following query gives you the recommended InnoDB buffer pool size based on all InnoDB Data and Indexes with an additional 60%:

SELECT CEILING(Total_InnoDB_Bytes*1.6/POWER(1024,3)) AS RIBPS_GB FROM
(SELECT SUM(data_length+index_length) Total_InnoDB_Bytes
FROM information_schema.tables WHERE engine='InnoDB') A;

+-------+
| RIBPS |
+-------+
|     8 |
+-------+

With this output, you would set the following in /etc/my.cnf:

[mysqld]
innodb_buffer_pool_size=8G

After few days, run this query to see the actualy GB of memory in use in the InnoDB buffer pool:

SELECT (PagesData*PageSize)/POWER(1024,3) DataGB FROM
(SELECT variable_value PagesData
FROM performance_schema.global_status
WHERE variable_name='Innodb_buffer_pool_pages_data') A,
(SELECT variable_value PageSize
FROM performance_schema.global_status
WHERE variable_name='Innodb_page_size') B;

You need buffer pool a bit (say 10%) larger than your data (total size of Innodb TableSpaces):

If you want to accommodate an addition 10%, plus account for 25% increase in data and indexes over time, the following query will produce exactly what you need to set innodb_buffer_pool_size in /etc/mysql/mysql.conf.d/mysqld.cnf:

SET @growth = 1.25;

SELECT
 CONCAT(
  CEILING(RIBPS / POWER(1024, pw)),
  SUBSTR(' KMGT', pw + 1, 1)
 ) Recommended_InnoDB_Buffer_Pool_Size
FROM
 (
  SELECT
   RIBPS,
   FLOOR(LOG(RIBPS) / LOG(1024)) pw
  FROM
   (
    SELECT
     SUM(data_length + index_length) * 1.1 * @growth AS RIBPS
    FROM
     information_schema. TABLES AAA
    WHERE
     ENGINE = 'InnoDB'
    GROUP BY
     ENGINE
   ) AA
 ) A;

Reference:

http://blog.ijun.org/2016/02/innodb-memory-usage-buffer-pool-status.html

https://dba.stackexchange.com/questions/27328/how-large-should-be-mysql-innodb-buffer-pool-size

https://dba.stackexchange.com/questions/125164/information-schema-global-variables-alternative-in-5-7-more-info-about-show-com

http://www.mysqlperformanceblog.com/2007/11/03/choosing-innodb_buffer_pool_size/

Disable TLS 1.0 and 1.1 in Apache 2.4

Disable TLS 1.0 and 1.1 in Apache 2.4:

# vim /etc/apache2/mods-available/ssl.conf

SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1

Verify if TLS 1.0 and 1.1 are supported:

# openssl s_client -connect mydomain.com:443 -tls1

# openssl s_client -connect mydomain.com:443 -tls1_1

Note: If you get the certificate chain and the handshake you know the system in question supports TLS 1.1.

Reference:

https://serverfault.com/questions/638691/how-can-i-verify-if-tls-1-2-is-supported-on-a-remote-web-server-from-the-rhel-ce

When checking Apache's gzip deflate compression, I realized Apache was sending "Transfer-Encoding: chunked" and not sending the "Content-Length" header

When checking Apache's gzip deflate compression, I realized Apache was sending "Transfer-Encoding: chunked" and not sending the "Content-Length" header

Andy: "Chunked output occurs when Apache doesn't know the total output size before sending, as is the case with compressed transfer (Apache compresses data into chunks when they reach a certain size, then despatches them to the browser/requester while the script is still executing). You could be seeing this because you have mod_deflate or mod_gzip active.

You can disable mod_deflate per file like so (more here)

    SetEnvIfNoCase Request_URI get_file\.php$ no-gzip dont-vary

It's best left on in general as it greatly increases the speed of data transfer.
"

Reference:

https://serverfault.com/questions/59047/apache-sending-transfer-encoding-chunked

Friday, October 6, 2017

Manually obtaining TLS/SSL certificates from Let's Encrypt

Official build of EFF's Certbot tool for obtaining TLS/SSL certificates from Let's Encrypt.

https://hub.docker.com/r/certbot/certbot/

# certbot certonly --manual --preferred-challenges http --email me@example.com -d mydomain.com

Saturday, September 30, 2017

Profiling and optimizing Go web applications

Profiling and optimizing Go web applications

Install Graphviz for generating a PDF file:

# apt-get install graphviz

Use hey as the benchmark tool:

# go get -u github.com/rakyll/hey
# hey -n 100000 -c 10 http://localhost:8080

Sample code:

package main

import (
 "fmt"
 "log"
 "net/http"
 _ "net/http/pprof" // here be dragons
)

func main() {
 http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
  fmt.Fprintf(w, "Hello World!")
 })
 log.Fatal(http.ListenAndServe(":8080", nil))
}

If your web application is using a custom mux (HTTP request multiplexer), you will need to register a few pprof HTTP endpoints manually:

package main

import (
    "net/http"
    "net/http/pprof"
)

func hiHandler(w http.ResponseWriter, r *http.Request) {
    w.Write([]byte("hi"))
}

func main() {
    r := http.NewServeMux()
    r.HandleFunc("/", hiHandler)

    // Register pprof handlers
    r.HandleFunc("/debug/pprof/", pprof.Index)
    r.HandleFunc("/debug/pprof/cmdline", pprof.Cmdline)
    r.HandleFunc("/debug/pprof/profile", pprof.Profile)
    r.HandleFunc("/debug/pprof/symbol", pprof.Symbol)
    r.HandleFunc("/debug/pprof/trace", pprof.Trace)

    http.ListenAndServe(":8080", r)
}

CPU profile:

http://localhost:8080/debug/pprof/profile

Memory profile:

http://localhost:8080/debug/pprof/heap

Goroutine blocking profile:

http://localhost:8080/debug/pprof/block

To look at the holders of contended mutexes, after calling runtime.SetMutexProfileFraction in your program:

http://localhost:8080/debug/pprof/mutex

All goroutines with stack traces:

http://localhost:8080/debug/pprof/goroutine?debug=1

Take a trace:

http://localhost:8080/debug/pprof/trace

To view all available profiles, open:

http://localhost:8080/debug/pprof/

To look at a 30-second CPU profile:

# go tool pprof http://localhost:8080/debug/pprof/profile?seconds=30
(pprof) top
(pprof) web
(pprof) exit

Note: Run go tool pprof -h 2>&1 | less for more information.

# go tool pprof -text http://localhost:8080/debug/pprof/profile?seconds=10 | tee cpu.txt

Note: output to a text file.

# go tool pprof -pdf http://localhost:8080/debug/pprof/profile?seconds=10 > cpu.pdf

Note: output to a PDF file.

# go tool pprof -tree http://localhost:8080/debug/pprof/profile?seconds=10 > cpu.txt

Note: Outputs a text rendering of call graph.

# go tool pprof -web http://localhost:8080/debug/pprof/profile?seconds=10

Note: Visualize graph through web browser.

To collect a 5-second execution trace:

# curl -o trace.out http://192.168.1.1:8080/debug/pprof/trace?seconds=10

# go tool trace -http="127.0.0.1:6060" trace.out

Note: You can run these two commands above on a client machine (e.g., Windows)

Reference:

https://golang.org/pkg/net/http/pprof/

https://blog.golang.org/2011/06/profiling-go-programs.html

http://artem.krylysov.com/blog/2017/03/13/profiling-and-optimizing-go-web-applications/

http://mmcloughlin.com/posts/your-pprof-is-showing

https://github.com/zmap

http://blog.ralch.com/tutorial/golang-performance-and-memory-analysis/

Saturday, September 23, 2017

CentOS and Red Hat 7: Install Linux, Apache MPM, MariaDB, PHP (LAMP) Stack

CentOS and Red Hat 7: Install Linux, Apache MPM, MariaDB, PHP (LAMP) Stack

Quick Start

Install IUS repository, utilities, Git, Go:

# curl 'https://setup.ius.io/' -o setup-ius.sh \
&& bash setup-ius.sh \
&& rm -f setup-ius.sh \
&& yum -y update \
&& yum -y install ntp wget epel-release tmux tree git2u \
&& curl 'https://storage.googleapis.com/golang/go1.9.linux-amd64.tar.gz' -o go.tar.gz \
&& tar -zxvf go.tar.gz -C /usr/local \
&& rm -f go.tar.gz \
&& systemctl enable ntpd.service && systemctl restart ntpd.service

Install the environmental configuration:

# cd \
&& git clone https://github.com/junhsieh/config_centos_v2.git \
&& bash config_centos_v2/script/setHomeConfig.sh \
&& source ~/.bashrc \
&& tmux

Note: git remote set-url origin git@github.com:junhsieh/config_centos_v2.git

Install Vim:

# yum -y install gcc make ncurses ncurses-devel \
ruby ruby-devel lua lua-devel luajit \
luajit-devel ctags python python-devel \
python3 python3-devel tcl-devel \
perl perl-devel perl-ExtUtils-ParseXS \
perl-ExtUtils-XSpp perl-ExtUtils-CBuilder \
perl-ExtUtils-Embed \
ctags cscope

# cd /usr/local/src \
&& git clone https://github.com/vim/vim.git \
&& cd vim \
&& ./configure --prefix=/usr --with-features=huge --enable-multibyte --enable-rubyinterp --enable-pythoninterp --enable-perlinterp --enable-luainterp --enable-cscope \
&& make \
&& make install \
&& hash -r \
&& vim --version | grep VIM

Install Docker:

# yum -y install yum-utils \
&& yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo \
&& yum makecache fast \
&& yum -y install docker-ce \
&& systemctl enable docker \
&& systemctl start docker \
&& usermod -aG docker jun \
&& docker version

Note: Log out and log back in so that your Docker group membership is re-evaluated.

# ps auxww | grep -i docker

Install docker-compose:

# curl -L https://github.com/docker/compose/releases/download/1.15.0/docker-compose-`uname -s`-`uname -m` > /usr/local/bin/docker-compose \
&& chmod 755 /usr/local/bin/docker-compose

Enable firewall ports on Docker Manager node:

# firewall-cmd --permanent --zone=public \
--add-port=2377/tcp \
--add-port=7946/tcp \
--add-port=7946/udp \
--add-port=4789/udp \
&& firewall-cmd --reload \
&& systemctl restart docker.service \
&& firewall-cmd --zone=public --list-all

Note: Add TCP port 2376 if you need to use Docker Machine to work. Docker Machine is used to orchestrate Docker hosts.

Enable firewall ports on Docker Worker nodes:

# firewall-cmd --permanent --zone=public \
--add-port=7946/tcp \
--add-port=7946/udp \
--add-port=4789/udp \
&& firewall-cmd --reload \
&& systemctl restart docker.service \
&& firewall-cmd --zone=public --list-all

Note: Add TCP port 2376 if you need to use Docker Machine to work. Docker Machine is used to orchestrate Docker hosts.

Install Apache 2.4:

# yum -y install httpd24u httpd24u-mod_ssl

Install PHP 7.1:

# yum -y install php71u-common php71u-cli php71u-fpm php71u-fpm-httpd php71u-opcache php71u-xml php71u-json php71u-pdo php71u-mysqlnd php71u-intl php71u-mbstring php71u-mcrypt php71u-gd php71u-process

Install sysdig:

# curl -s https://s3.amazonaws.com/download.draios.com/stable/install-sysdig | sudo bash

// the ncurses user interface for sysdig
# csysdig

// the definitive system and process troubleshooting tool
# sysdig

Check CentOS version:

# cat /etc/redhat-release

CentOS Linux release 7.1.1503 (Core)

Set up Network:

# ip addr

2: eno16777736: <broadcast> mtu 1500 qdisc pfifo_fast state UP qlen 1000

# vi /etc/sysconfig/network-scripts/ifcfg-eno16777736

BOOTPROTO=none

IPADDR=192.168.6.9
PREFIX=24
GATEWAY=192.168.6.1
DNS1=8.8.8.8
DNS2=8.8.4.4

PEERDNS=yes
ONBOOT=yes
USERCTL=no

Note: USERCTL=no // Non-root users are not allowed to control this device.

# systemctl restart network

# ip addr

# /bin/ipcalc --netmask 192.168.6.9/24

NETMASK=255.255.255.0

# cat /etc/resolv.conf

Change hostname:

# hostnamectl status

# hostnamectl set-hostname cent-dev.local

# hostnamectl status

# cat /etc/hostname

If you are using Amazon's AWS EC2 instance, append the following string at the bottom of the file to ensure that the hostname is preserved between restarts/reboots:

# vim /etc/cloud/cloud.cfg

preserve_hostname: true

More info: https://aws.amazon.com/premiumsupport/knowledge-center/linux-static-hostname-rhel7-centos7/

Set up timezone:

# timedatectl
# timedatectl list-timezones
# timedatectl set-timezone America/Vancouver
# timedatectl

Set up date and time:

# date +%Y%m%d -s "20081128"
# date +%T -s "10:13:13"

To sync date and time automatically:

# yum -y update

# yum -y install ntp

# ntpdate 0.us.pool.ntp.org

Note: ntpdate is deprecated as of September 2012

You can change which ntp server to use:

# vi /etc/ntp.conf

Set ntpd to start up on boot time:

# systemctl enable ntpd.service
# systemctl restart ntpd.service

# ps auxww|grep -i ntpd
# ntpstat
# timedatectl

Set the Hardware Clock to the current System Time:

# hwclock --systohc

Note: hwclock is a utility for accessing the hardware clock. Hardware clock is independent of the operation system you use and works even when the machine is shut down. This program is used to find out the time from the hardware clock and set the system time at boot time.

Update the ~/.bashrc configuration:

# vi ~/.bashrc

### alias
alias rm='rm -i'
alias cp='cp -i'
alias mv='mv -i'

alias gs='git status'
alias gc='git commit -a -m "up"'
alias gp='git push'
alias gpp='git pull'

alias ls='ls --color=auto'
alias ll='ls -la'
alias h='history'

### ls with color (try "ls --color=auto").
#export CLICOLOR=1 # Use colors (if possible)
#export LSCOLORS="ExGxFxdxCxDxDxBxBxExEx"

### set up a clean UTF-8 environment
### run: locale command
export LC_ALL=en_US.UTF-8
export LANG=en_US.UTF-8
export LANGUAGE=en_US.UTF-8

### display history command with date and time
export HISTTIMEFORMAT="%m/%d/%y %T "

### Prompt
PS1='\[\e[0;32m\]\u@\h \w \$\[\e[0m\] '

#######
# Note: on Ubuntu, xterm-256color may be in different place, try this:
# find /lib/terminfo /usr/share/terminfo -name "*256*"
# Note: tmux respects screen-256color
#######
if [ -e /usr/share/terminfo/x/xterm-256color ]; then
  export TERM='xterm-256color'
else
  export TERM='xterm-color'
fi

### Make bash check its window size after a process completes
shopt -s checkwinsize

# Source global definitions
if [ -f /etc/bashrc ]; then
  . /etc/bashrc
fi

# source ~/.bashrc

Update the ~/.inputrc configuration:

# vi ~/.inputrc

### enable filename tab auto-completion
set show-all-if-ambiguous on
set show-all-if-unmodified on

### if you don't want case-sensitivity
#set completion-ignore-case on

### bash history completion to complete what's already on the line
### arrow up
"\e[A": history-search-backward
### arrow down
"\e[B": history-search-forward

Make sure there is a swap space on your system:

# cat /proc/meminfo | grep -i swap

SwapCached:           36 kB
SwapTotal:       2097148 kB
SwapFree:        2095160 kB

Note: if your system does not have the swap space, please refer to http://blog.ijun.org/2015/04/add-swap-to-amazon-ec2-instance-ebs.html for more information.

Install EPEL and additional repositories on CentOS and Red Hat:

# yum -y install wget
# yum -y install epel-release

http://blog.ijun.org/2014/11/install-epel-and-additional.html
https://fedoraproject.org/wiki/EPEL

Subscribing to the IUS Community Project Repository:

# curl 'https://setup.ius.io/' -o setup-ius.sh
# bash setup-ius.sh

# ls -l /etc/yum.repos.d/ius*

-rw-r--r--. 1 root root 1150 Apr 16  2015 /etc/yum.repos.d/ius-archive.repo
-rw-r--r--. 1 root root 1131 Apr 16  2015 /etc/yum.repos.d/ius-dev.repo
-rw-r--r--. 1 root root 1073 Apr 16  2015 /etc/yum.repos.d/ius.repo
-rw-r--r--. 1 root root 1150 Apr 16  2015 /etc/yum.repos.d/ius-testing.repo

To find which package provides the ifconfig command:

# yum provides ifconfig

To get the ifconfig command into our system:

# yum -y install net-tools

# ifconfig | awk '/inet /{print $2}'

To get the ss command into our system:

# yum -y install iproute

To install DNS tools:

# yum install bind-utils

Install tmux:
# yum -y install tmux

# vi ~/.tmux.conf

# tmux
or
# tmux a -d

Install vim-enhanced:

It is actually very easy to compile Vim by yourself. Please refer to the following article if you are interested in:

http://blog.ijun.org/2016/07/compile-latest-vim-74-on-centos7.html

# vim --version
-syntax
-python

# yum -y install vim-enhanced

# vim --version
+syntax
+python

# yum list installed | grep -i vim
# yum info vim-enhanced

Install tree:

# yum -y install tree

Install fortune game:

# yum -y install fortune-mod.x86_64

Install Glances:

# yum -y install glances

Install Git:

# yum install git

Or from IUS repo (preferred):

# yum install git2u

Install NetCat:

# yum -y install nmap-ncat
# nc localhost 8080

Install firewalld:

# yum -y install firewalld

(optional)
# yum install firewall-config

Note: If you don't mind using a GUI you could use firewall-config instead. If you need something for the console you will have to use firewall-cmd instead.

# systemctl enable firewalld

# systemctl restart firewalld

Install MariaDB:

# yum install mariadb-server

Setting UTF8 defaults for MySQL:

We recommend against MySQL's utf8 character set, since it does not support 4-byte unicode characters, and strings containing them will be truncated. This is fixed by the newer utf8mb4 character set.

# vim /etc/my.cnf

[mysqld]
# Version 5.5.3 introduced "utf8mb4", which is recommended
collation-server = utf8mb4_general_ci # Replaces utf8_general_ci
character-set-server = utf8mb4 # Replaces utf8

default-storage-engine = InnoDB

max_allowed_packet = 16M

# This option makes InnoDB to store each created table into its own .ibd file.
innodb_file_per_table

# Don't resolve hostnames. All hostnames are IP's or 'localhost'.
skip-name-resolve

#The number of simultaneous clients allowed.
max_connections = 200

# uncomment to disable the InnoDB storage engine
#skip-innodb

innodb_buffer_pool_size = 4G
innodb_additional_mem_pool_size = 16M
innodb_log_file_size = 256M
innodb_log_buffer_size = 8M

# systemctl enable mariadb.service

# systemctl restart mariadb.service

# systemctl is-active mariadb.service

# /usr/bin/mysql_secure_installation

# mysql -u root -p

mysql> GRANT ALL PRIVILEGES ON *.* TO 'test'@'192.168.0.%' IDENTIFIED BY '123456';
mysql> FLUSH PRIVILEGES;

mysql> CREATE DATABASE mydb DEFAULT CHARACTER SET utf8 DEFAULT COLLATE utf8_general_ci;

Set up .my.cnf configuration file:

# touch ~/.my.cnf
# chmod 600 ~/.my.cnf
# vim ~/.my.cnf

[client]
host = localhost
port = 3306
user = root
password = MyPassword

Add New Rule to firewalld to allow access to MySQL:

# firewall-cmd --permanent --zone=trusted --add-source=192.168.0.1/32
# firewall-cmd --permanent --zone=trusted --add-port=3306/tcp
# firewall-cmd --reload
# firewall-cmd --zone=trusted --list-all

or

# systemctl restart firewalld.service

Check out the zone file to inspect the XML configuration:

# cat /etc/firewalld/zones/public.xml
# cat /etc/firewalld/zones/trusted.xml

Install Apache:

# yum install httpd mod_ssl

Or from IUS repo (preferred):

# yum install httpd24u httpd24u-mod_ssl

# systemctl status httpd

● httpd.service - The Apache HTTP Server
   Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor preset: disabled)

Note: it will tell you if the service starts on boot.

# systemctl enable httpd.service

# systemctl restart httpd.service

# systemctl reload httpd.service

# systemctl -l status httpd.service

# journalctl -xn

# systemctl is-active httpd.service

# apachectl configtest

# httpd -V

# apachectl graceful

httpd service default configuration files:

  • Default config file: /etc/httpd/conf/httpd.conf
  • Configuration files which load modules : /etc/httpd/conf.modules.d/ directory (e.g. PHP)
  • Select MPMs (Processing Model) as loadable modules [worker, prefork (default)] and event: /etc/httpd/conf.modules.d/00-mpm.conf
  • Default ports: 80 and 443 (SSL)
  • Default log files: /var/log/httpd/{access_log,error_log}

Set up a symbolic link:

# cd / ; ln -s var/www/html www

Install PHP:

# yum install php php-mysqlnd php-fpm php-gd php-mbstring php-pdo php-xml php-soap
# yum install php-pear php-devel pcre-devel gcc gcc-c++ make

# systemctl restart httpd.service

Note: you need php-devel pcre-devel gcc make for PHP APC. Try to add httpd-devel if failed.

You need the php-mcrypt to run Magento:

# yum install php-mcrypt

http://blog.ijun.org/2014/11/how-to-install-php-mcrypt-on-centos-7.html

Open port 80 firewall access:

# firewall-cmd --zone=public --add-port=http/tcp
# firewall-cmd --zone=public --add-port=https/tcp

# firewall-cmd --permanent --zone=public --add-port=http/tcp
# firewall-cmd --permanent --zone=public --add-port=https/tcp

# firewall-cmd --reload
or
# systemctl restart firewalld.service

# firewall-cmd --zone=public --list-all

Allow a IP address with a specific port:

# firewall-cmd --zone=public --add-rich-rule='rule family="ipv4" source address="1.2.3.4" port protocol="tcp" port="3306" accept'

To remove the rule:

# firewall-cmd --zone=public --remove-rich-rule='rule family="ipv4" source address="1.2.3.4" port protocol="tcp" port="3306" accept'

Block a IP address:

# firewall-cmd --zone=public --add-rich-rule='rule family="ipv4" source address="1.2.3.4" reject'

To remove the rule:

# firewall-cmd --zone=public --remove-rich-rule='rule family="ipv4" source address="1.2.3.4" reject'

If you get 403 forbidden error, then you probably have problem with SELinux, to deal with Security-Enhanced Linux (SELinux):

# namei -l /var/www/html/magento19

# ls -dZ /var/www/html
drwxr-xr-x. root root system_u:object_r:httpd_sys_content_t:s0 /var/www/html

# chcon -R --reference=/var/www/html /var/www/html/magento19
Or
# chcon -R --type=httpd_sys_content_t /var/www/html/magento19
Or for read and write permission:
# chcon -R -t httpd_sys_rw_content_t /var/www/html/magento19/app/etc

# ps auxwwZ | grep httpd
# ls -dZ /var/www/html/magento19/app/etc
# tail /var/log/audit/audit.log
# tail /var/log/messages

To turn off Security-Enhanced Linux (SELinux):

# setenforce 0

To turn on Security-Enhanced Linux (SELinux):

# setenforce 1

To get the status of a system running SELinux:

# sestatus

Set up Apache MPM and PHP-FPM:

With Apache 2.4, the official module to use is mod_proxy_fcgi instead of the ancient mod_fastcgi. That module, as well as mod_fcgid, were third party modules.

Note: mod_proxy_fcgi now supports network sockets since Apache 2.4.9 ( Unix socket support for mod_proxy_fcgi )

List built-in or shared modules:

# httpd -M | grep -iE 'proxy_module|proxy_fcgi_module|rewrite_module|mpm_event_module|deflate_module|vhost_alias_module|ssl_module'

 deflate_module (shared)
 rewrite_module (shared)
 vhost_alias_module (shared)
 mpm_event_module (shared)
 proxy_module (shared)
 proxy_fcgi_module (shared)
 ssl_module (shared)

List loaded modules:

# httpd -t -D DUMP_MODULES | grep -iE 'proxy_module|proxy_fcgi_module|rewrite_module|mpm_event_module|deflate_module|vhost_alias_module|ssl_module'

 deflate_module (shared)
 rewrite_module (shared)
 vhost_alias_module (shared)
 mpm_event_module (shared)
 proxy_module (shared)
 proxy_fcgi_module (shared)
 ssl_module (shared)

Edit mpm.conf:

# vim /etc/httpd/conf.modules.d/00-mpm.conf

Comment out the following line:

LoadModule mpm_prefork_module modules/mod_mpm_prefork.so

Uncomment the following line:

LoadModule mpm_event_module modules/mod_mpm_event.so

Make sure the following two lines exist:

# grep -E 'mod_proxy.so|mod_proxy_fcgi' /etc/httpd/conf.modules.d/00-proxy.conf

LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so

Add the "if checking" surround the following three lines:

# vim /etc/httpd/conf.d/php.conf

<IfModule mod_php5.c>
  <FilesMatch \.php$>
    SetHandler application/x-httpd-php
  </FilesMatch>
</IfModule>

Add the "if checking" surround the following two lines:

# vim /etc/httpd/conf.d/php.conf

<IfModule mod_php5.c>
  php_value session.save_handler "files"
  php_value session.save_path    "/var/lib/php/session"
</IfModule>

Change the following line:

# vim /etc/httpd/conf/httpd.conf

<Directory "/var/www/html">
  AllowOverride All

  # New directive needed in Apache 2.4.3: 
  Require all granted
</Directory>

Create and Edit the vhosts file:

Apache supports talking to php-fpm through SetHandler directive since Apache 2.4.9. We no longer need to use the ProxyPassMatch directive.

As the ProxyPassMatch directive is evaluated as the very beginning of each request:
- AddType (for MultiView) or DirectoryIndex directives are not usable
- right management per directory is not available
- each Alias directive needs another proxy rule

The SetHandler directive, evaluated later, is much more flexible / usable.

To redirect the PHP scripts to the FPM server:

<FilesMatch \.php$>
         SetHandler "proxy:fcgi://127.0.0.1:9000"
</FilesMatch>

Note: You will also need to enable the following modules:

LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so

Warning: if you remove or disable mod_php, you also need to remove all the php_value and php-flag directives:

<IfModule  mod_php5.c>
        php_value session.save_handler "files"
        php_value session.save_path    "/var/lib/php/session"
        php_value soap.wsdl_cache_dir  "/var/lib/php/wsdlcache"
</IfModule>

Note: For more detail, visit https://blog.remirepo.net/post/2014/03/28/PHP-FPM-and-HTTPD-2.4-improvement

# vim /etc/httpd/conf.d/httpd-vhosts.conf

#
# Use name-based virtual hosting.
#
NameVirtualHost *:80

#
# VirtualHost example:
# Almost any Apache directive may go into a VirtualHost container.
# The first VirtualHost section is used for all requests that do not
# match a ServerName or ServerAlias in any <VirtualHost> block.
#
<VirtualHost *:80>
    ServerAdmin webmaster@dummy-host.example.com
    DocumentRoot "/var/www/html/host_not_found"
    ErrorLog "/var/log/httpd/host_not_found-error_log"
    CustomLog "/var/log/httpd/host_not_found-access_log" common
</VirtualHost>

<VirtualHost *:80>
    ServerAdmin webmaster@dummy-host.example.com
    DocumentRoot "/var/www/html/magento1.9.1"
    ServerName us.centos.local

    ### Disable PHP script execution for this directory. We don't want to reverse-proxy this subdirectory.
    <Location "/var">
      ProxyPass !
    </Location>

    ### Disable PHP script execution for this directory. We don't want to reverse-proxy this subdirectory.
    <Location "/media">
      ProxyPass !
    </Location>

    ProxyPassMatch ^/(.*\.php(/.*)?)$ fcgi://127.0.0.1:9000/var/www/html/magento1.9.1/$1

    SetEnv MAGE_RUN_CODE "us_centos_local"
    SetEnv MAGE_RUN_TYPE "website"

    ### a request for / will need to be mapped to a resource on the fcgi backend. Failure to address this may cause a blank response, commonly known as a WSOD (White Screen of Death), especially if only a request URI containing the php extension is proxied, such as this example. The processing chain will first map a request for / to /index.php, then proxy to the PHP-FPM backend correctly.
    DirectoryIndex /index.php index.php index.html index.htm

    ErrorLog "/var/log/httpd/us.centos.local-error_log"
    CustomLog "/var/log/httpd/us.centos.local-access_log" common
</VirtualHost>

Setting up an SSL secured Web server:

<VirtualHost *:443>
    SSLEngine on
    SSLCertificateFile /etc/pki/tls/certs/mydomain.com.crt
    SSLCertificateKeyFile /etc/pki/tls/private/mydomain.com.key
    SSLCertificateChainFile /etc/pki/tls/certs/gd_bundle-mydomain.com.crt

    ServerAdmin webmaster@dummy-host.example.com
    DocumentRoot "/var/www/html/magento1.9.1"
    ServerName us.centos.local

    ### we don't want to reverse-proxy this subdirectory.
    <Location "/var">
      ProxyPass !
    </Location>

    ### we don't want to reverse-proxy this subdirectory.
    <Location "/media">
      ProxyPass !
    </Location>

    ProxyPassMatch ^/(.*\.php(/.*)?)$ fcgi://127.0.0.1:9000/var/www/html/magento1.9.1/$1

    SetEnv MAGE_RUN_CODE "us_centos_local"
    SetEnv MAGE_RUN_TYPE "website"

    ErrorLog "/var/log/httpd/us.centos.local443-error_log"
    CustomLog "/var/log/httpd/us.centos.local443-access_log" common
</VirtualHost>

Make sure the security context of the certification files are cert_t:

# cd /etc/pki/tls/certs/mydomain.com
# chcon -t cert_t *

If you do not see the correct security context, you will see the following message when restarting Apache:

Mar 16 23:58:00 ip-172-31-21-55 httpd[22680]: AH00526: Syntax error on line 19 of /etc/httpd/conf.d/httpd-vhosts.conf:
Mar 16 23:58:00 ip-172-31-21-55 httpd[22680]: SSLCertificateFile: file '/etc/pki/tls/certs/mydomain.com/b1210d10x4d812c5.crt' does not exist or is empty
Mar 16 23:58:00 ip-172-31-21-55 systemd[1]: httpd.service: main process exited, code=exited, status=1/FAILURE
Mar 16 23:58:00 ip-172-31-21-55 systemd[1]: Failed to start The Apache HTTP Server.
Mar 16 23:58:00 ip-172-31-21-55 systemd[1]: Unit httpd.service entered failed state.
Mar 16 23:58:00 ip-172-31-21-55 systemd[1]: httpd.service failed.

Restart Apache:

# systemctl reload httpd.service

# httpd -t -D DUMP_VHOSTS

To enable gzip compression:

# egrep 'deflate|header' /etc/httpd/conf.modules.d/00-base.conf

LoadModule deflate_module modules/mod_deflate.so
LoadModule headers_module modules/mod_headers.so

# httpd -t -D DUMP_MODULES | grep deflate

deflate_module (shared)

# vim /etc/httpd/conf.d/mod_deflate.conf

<IfModule mod_deflate.c>
  AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/js application/javascript application/x-javascript application/x-httpd-php
</IfModule>

# systemctl restart httpd.service

Install Xdebug for debugging PHP:

# pecl install Xdebug

# vim /etc/php.d/xdebug.ini

; Enable xdebug extension module
zend_extension=xdebug.so
;zend_extension=/usr/lib64/php/modules/xdebug.so

xdebug.default_enable=1
xdebug.remote_enable=1
xdebug.remote_handler=dbgp
xdebug.remote_host=localhost
xdebug.remote_port=9009
xdebug.remote_log=/tmp/xdebug.log
xdebug.remote_connect_back=0
xdebug.remote_autostart=0
xdebug.remote_mode=req

xdebug.max_nesting_level=1000

or

zend_extension="/usr/lib64/php/modules/xdebug.so"

; When this setting is set to on, the tracing of function calls will be enabled just before the script is run. This makes it possible to trace code in the auto_prepend_file.
xdebug.auto_trace = 1
xdebug.trace_output_dir = "/tmp"
xdebug.collect_params = 4

; Enables Xdebug's profiler which creates files in the profile output directory. Those files can be read by KCacheGrind to visualize your data.
xdebug.profiler_enable = 1
xdebug.profiler_output_dir = "/tmp"

; Controls the protection mechanism for infinite recursion protection. The value of this setting is the maximum level of nested functions that are allowed before the script will be aborted.
xdebug.max_nesting_level = 100

; shows a human readable / computer readable trace file.
xdebug.trace_format = 0

; This setting tells Xdebug to gather information about which variables are used in a certain scope. This analysis can be quite slow as Xdebug has to reverse engineer PHP's opcode arrays. This setting will not record which values the different variables have, for that use xdebug.collect_params. This setting needs to be enabled only if you wish to use xdebug_get_declared_vars().
xdebug.collect_vars = 0

; When set to '1' the trace files will be appended to, instead of being overwritten in subsequent requests.
; Note: this option can be useful if you could not find your function calls anywhere.
xdebug.trace_options = 1

To search all other php modules:

# yum search php

Edit php.ini:

# vim /etc/php.ini

cgi.fix_pathinfo = 0

The default value is 1, which is an extremely insecure setting because it tells PHP to attempt to execute the closest file it can find if a PHP file does not match exactly. This basically would allow users to craft PHP requests in a way that would allow them to execute scripts that they shouldn't be allowed to execute.

Note: if I set it to "cgi.fix_pathinfo = 0", I would get "Access denied (403)" (see security.limit_extensions) or no input file specified error when setting up Magento. You can either:

1. commented out the cgi.fix_pathinfo = 0 line.
2. set cgi.fix_pathinfo = 1
3. try to set "security.limit_extensions = " in the /etc/php-fpm.d/www.conf file.

http://stackoverflow.com/questions/23390531/access-denied-403-for-php-files-with-nginx-php-fpm
http://serverfault.com/questions/627903/is-the-php-option-cgi-fix-pathinfo-really-dangerous-with-nginx-php-fpm

display_errors = On
log_errors = On
error_log = /var/log/php_errors.log

Note: make sure you do:

# touch /var/log/php_errors.log
# chmod 660 /var/log/php_errors.log
# chown root:apache /var/log/php_errors.log

# chcon -t httpd_log_t /var/log/php_errors.log
Or
# chcon -u system_u -t httpd_log_t /var/log/php_errors.log

Install XCache:

XCache is a fast, stable ​PHP opcode cacher that has been proven and is now running on production servers under high load. It is tested (on linux) and supported on all of the latest ​PHP release branches such as PHP_5_1 PHP_5_2 PHP_5_3 PHP_5_4 PHP_5_5. It is more stable than APC.

Warning: APC would cause segfault segmentation fault. Use XCache instead.

# yum install php-xcache xcache-admin

# systemctl restart httpd
# systemctl restart php-fpm
# php -v

PHP 5.4.16 (cli) (built: Oct 31 2014 12:59:36)
Copyright (c) 1997-2013 The PHP Group
Zend Engine v2.4.0, Copyright (c) 1998-2013 Zend Technologies
    with XCache v3.1.1, Copyright (c) 2005-2014, by mOo
    with XCache Optimizer v3.1.1, Copyright (c) 2005-2014, by mOo
    with XCache Cacher v3.1.1, Copyright (c) 2005-2014, by mOo
    with XCache Coverager v3.1.1, Copyright (c) 2005-2014, by mOo

# echo -n "Your Password" | md5sum

5afd8756ebeda48acf7eb645503dae60

# vim /etc/php.d/xcache.ini

[xcache]

xcache.admin.user = "admin name"
xcache.admin.pass = "5afd8756ebeda48acf7eb645503dae60"

xcache.size = 60M

; This number divides total cache size into threads in order to increase the efficiency. If you have 128M xcache.size and you set the count as 4, that means each thread will manage 32M size of cache.
xcache.count = 1

xcache.cacher = On
xcache.stat = On
xcache.optimizer = On

# cp -r /usr/share/xcache/ /var/www/html/

# systemctl restart php-fpm

http://localhost/xcache/

Install APC:

Warning: APC would cause segfault segmentation fault. Use XCache instead.

# pecl install apc

# vim /etc/php.d/apc.ini

; Enable APC for PHP
extension=apc.so
apc.enabled=1

; The number of seconds a cache entry is allowed to idle in a slot before APC dumps the cache
apc.ttl=72000
apc.user_ttl=72000
apc.gc_ttl=3600

; Size of memory for apc ( 1024 M)
apc.shm_size=1024M

; Enable apc stats.
apc.stat=1

; Enable APC for command line php operations.
apc.enable_cli=1

; Allow 2 seconds after a file is created before it is cached. This will prevent premature PHP pages to get cached.
apc.file_update_protection=2

; Maximum size of single file that apc can store.
apc.max_file_size=1M

; Maximum number of files APC can store ( rotation).
apc.num_files_hint=200000

; Maximum number of users data entries that APC can store.
apc.user_entries_hint=20000

Copy the apc.php file:

# cp /usr/share/pear/apc.php /var/www/html

Set up php-fpm:

Apach 2.4.8 mod_proxy: Added support for unix domain sockets as the backend server endpoint.

# vim /etc/php-fpm.d/www.conf

If you are using Apach 2.4.8 or above, please change the following line from:

listen = 127.0.0.1:9000

To:

listen = /var/run/php-fpm/php-fpm.sock

Now, there are different ways to actually forward requests for .php files to this module, ranging from everything (using ProxyPass) to very specific or rewritten files or patterns (using mod_rewrite with the [P] flag).

The method I chose (using ProxyPassMatch) lies somewhere in between these in complexity and flexibility, since it allows you to set one rule for all PHP content of a specific vhost, but will only proxy .php files (or URLs that contain the text .php somewhere in the request).

TCP socket (IP and port) approach

Edit the configuration for a vhost of your choice, and add the following line to it:

# vim /etc/httpd/conf.d/httpd-vhosts.conf

ProxyPassMatch ^/(.*\.php(/.*)?)$ fcgi://127.0.0.1:9000/path/to/your/documentroot/$1

### a request for / will need to be mapped to a resource on the fcgi backend. Failure to address this may cause a blank response, commonly known as a WSOD (White Screen of Death), especially if only a request URI containing the php extension is proxied, such as this example. The processing chain will first map a request for / to /index.php, then proxy to the PHP-FPM backend correctly.
    DirectoryIndex /index.php index.php index.html index.htm

Note: please do change /path/to/your/documentroot to for example /var/www/html/drupal8

Look confusing ? Let's run through it:

ProxyPassMatch

only proxy content that matches the specified regex pattern; in this case:

^/(.*\.php(/.*)?)$

from the documentroot onwards, match everything ending in .php (with the dot escaped), optionally followed by a slash and any continued path you like (some applications use this so-called PathInfo to pass arguments to the php script.)

The ^ (caret) and $ (dollar) signs are used to anchor both the absolute start and end of the URL, to make sure no characters from the request escape our pattern match.

The nested parentheses enable us to refer to the entire request-URI (minus the leading slash) as $1, while still keeping the trailing pathinfo optional.

fcgi://127.0.0.1:9000

forward via mod_proxy_fcgi, using the fastCGI protocol, to the port our php-fpm daemon is listening on.

This determines which fastcgi pool will serve requests proxied by this rule.

/path/to/your/documentroot/

IMPORTANT! This must exactly match the real filesystem location of your php files, because that is where the php-fpm daemon will look for them.

php-fpm just interprets the php files passed to it; it is not a web server, nor does it understand your web servers' namespace, virtualhost layout, or aliases.

IMPORTANT! Read the above again

$1

expands to the entire request-URI from the original request, minus the leading slash (because we already added that above.)

DirectoryIndex /index.php index.php index.html index.htm

Note: a request for / will need to be mapped to a resource on the fcgi backend. Failure to address this may cause a blank response, commonly known as a WSOD (White Screen of Death), especially if only a request URI containing the php extension is proxied, such as this example. The processing chain will first map a request for / to /index.php, then proxy to the PHP-FPM backend correctly.

unix domain socket (UDS) approach

Edit the configuration for a vhost of your choice, and add the following line to it:

# vim /etc/httpd/conf.d/httpd-vhosts.conf

ProxyPassMatch ^/(.*\.php(/.*)?)$ unix:/path/to/socket.sock|fcgi://127.0.0.1:9000/path/to/your/documentroot/

unix:/path/to/socket.sock

the path to your fpm socket

Note that with this approach, the captured request URI ($1) is not passed after the path

Enable php-fpm to start on boot:

# systemctl enable php-fpm.service

Start our PHP processor:

# systemctl restart php-fpm.service
# systemctl restart httpd.service

Test PHP:

# php -r "echo 'hi';";

Check the PHP-FPM setting:

<?php
echo phpinfo();
?>

You should see the message: Server API: FPM/FastCGI

# httpd -V

Server MPM:     event

To create a locked user account:

# useradd dev -m -c 'git user'

Unlock the account by issuing the passwd command to assign a password and set password aging guidelines:

# passwd dev

Add a new group called web:

# groupadd web

Add the dev user to the web group:

# usermod -a -G web dev

Show The Groups a User Is In:

# groups dev
# id -Gn dev

Find out the primary group of a user:

# getent group dev

To allow Apache to connect network and sendmail send email:

# setsebool -P httpd_can_network_connect 1
# setsebool -P httpd_can_sendmail 1

Note: -P in the above command means Persistent (across reboots)

# getsebool -a | grep -i httpd_can

httpd_can_network_connect --> on
httpd_can_sendmail --> on

# sestatus -b | grep httpd_can

httpd_can_network_connect                   on
httpd_can_sendmail                          on

Install Memcached:

# yum install memcached
# yum install php-pecl-memcached

# systemctl enable memcached.service
# systemctl restart memcached.service

# memcached-tool localhost:11211 display
# memcached-tool localhost:11211 stats
# memcached-tool localhost:11211 dump

Install redis server:

# yum install redis
# yum install php-pecl-redis

Two important redis server configuration files:

# less /etc/redis.conf
# less /etc/redis-sentinel.conf

Start the Redis server:

# systemctl start redis.service

Check the running status of Redis server:

# systemctl status redis.service

To test the installation of Redis:

# redis-cli ping

PONG

To enable Redis server at system's booting time:

# systemctl enable redis.service

To get the listening port 6379 of Redis server:

# ss -nlp | grep redis

To install Redis PHP extension:

# pecl install redis

Add the following line to /etc/php.d/redis.ini:

# echo 'extension=redis.so' >> /etc/php.d/redis.ini

Check to see if Redis PHP extension is installed:

# pecl list | grep redis

redis   2.2.7   stable

Restart Apache and PHP-FPM:

# systemctl restart httpd.service
# systemctl restart php-fpm.service

To see if Redis extension is being loaded by PHP:

# php -m | grep redis

To allow Apache to connect to the Redis server:

# setsebool -P httpd_can_network_connect 1

Note: If you have turned on Security-Enhanced Linux (SELinux), httpd scripts by default are not allowed to connect out to the network.

To list all Redis Databases:

# redis-cli info keyspace

To clear remove delete all data from a particular Redis database:

# redis-cli

127.0.0.1:6379> info keyspace
127.0.0.1:6379> select 0
127.0.0.1:6379> keys *
127.0.0.1:6379> flushdb
127.0.0.1:6379> keys *

To clear remove delete all data from all Redis database:

# redis-cli flushall

Dumping all key/value pairs in a Redis db:

# redis-cli -n 0 keys \*

# redis-cli -n 0 keys \* | xargs -n 1 redis-cli dump

Note: the 0 is the database number.

To store PHP sessions in Redis:

Storing PHP session files in RAM can be much more efficient than storing on disk and can also save some IO. To configure this, you should modify the main php.ini file and change session.save_handler to redis.

# vim /etc/php.ini

session.save_handler = redis

session.save_path = "tcp://127.0.0.1:6379"

# systemctl restart php-fpm

# php -r 'echo phpinfo();' | grep redis

Registered save handlers => files user redis
session.save_handler => redis => redis

# vim test.php

<?php
session_start();

$_SESSION['favcolor'] = 'green';

echo '<pre>' . print_r($_SESSION, TRUE) . '</pre>';
?>

# php test.php

# redis-cli info keyspace
# Keyspace
db0:keys=68,expires=39,avg_ttl=2977110
db2:keys=427,expires=427,avg_ttl=1856886

# redis-cli -n 0 keys \*| grep -i session

PHPREDIS_SESSION:vhauaf8qpdj146kirsbivrh4i7

Note: the 0 is the database number.

Redis setup hints

  • We suggest deploying Redis using the Linux operating system. Redis is also tested heavily on osx, and tested from time to time on FreeBSD and OpenBSD systems. However Linux is where we do all the major stress testing, and where most production deployments are working.
  • Make sure to set the Linux kernel overcommit memory setting to 1. Add vm.overcommit_memory = 1 to /etc/sysctl.conf and then reboot or run the command sysctl vm.overcommit_memory=1 for this to take effect immediately.
  • Make sure to disable Linux kernel feature transparent huge pages, it will affect greatly both memory usage and latency in a negative way. This is accomplished with the following command: echo never > sys/kernel/mm/transparent_hugepage/enabled.
  • Make sure to setup some swap in your system (we suggest as much as swap as memory). If Linux does not have swap and your Redis instance accidentally consumes too much memory, either Redis will crash for out of memory or the Linux kernel OOM killer will kill the Redis process.
  • Set an explicit maxmemory option limit in your instance in order to make sure that the instance will report errors instead of failing when the system memory limit is near to be reached.
  • If you are using Redis in a very write-heavy application, while saving an RDB file on disk or rewriting the AOF log Redis may use up to 2 times the memory normally used. The additional memory used is proportional to the number of memory pages modified by writes during the saving process, so it is often proportional to the number of keys (or aggregate types items) touched during this time. Make sure to size your memory accordingly.
  • Use daemonize no when run under daemontools.
  • Even if you have persistence disabled, Redis will need to perform RDB saves if you use replication, unless you use the new diskless replication feature, which is currently experimental.
  • If you are using replication, make sure that either your master has persistence enabled, or that it does not automatically restarts on crashes: slaves will try to be an exact copy of the master, so if a master restarts with an empty data set, slaves will be wiped as well.

Running Redis on EC2

  • Use HVM based instances, not PV based instances.
  • Don't use old instances families, for example: use m3.medium with HVM instead of m1.medium with PV.
  • The use of Redis persistence with EC2 EBS volumes needs to be handled with care since sometimes EBS volumes have high latency characteristics.
  • You may want to try the new diskless replication (currently experimetnal) if you have issues when slaves are synchronizing with the master.

Reference:

http://blog.ijun.org/2014_04_01_archive.html

http://blog.ijun.org/2014/11/configuring-magento-to-use-redis.html

http://blog.ijun.org/2014/12/install-apache-24-php-56-and-mysql-56.html

http://redis.io/topics/admin

http://www.cyberciti.biz/faq/howto-install-linux-apache-mariadb-php-lamp-stack-on-centos7-rhel7/

http://serverfault.com/questions/629937/centos-7-apache2-httpd-mod-fastcgi-installation-impossible

http://blog.famillecollet.com/post/2014/08/01/Apache-httpd-server-2.4.10-and-PHP-FPM-5.6-in-Fedora-21

https://wiki.apache.org/httpd/PHP-FPM

http://sharadchhetri.com/2014/10/04/install-redis-server-centos-7-rhel-7/

https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Deployment_Guide/s1-networkscripts-interfaces.html

http://technovergence-en.blogspot.ca/2012/03/mysql-from-utf8-to-utf8mb4.html

Saturday, September 16, 2017

Slice chunking in Go

Slice chunking in Go

package main

import "fmt"

var (
 logs   = []string{"a", "b", "c", "d", "e", "f", "g", "h", "i", "j"}
 numCPU = 3
)

func main() {

 var divided [][]string

 chunkSize := (len(logs) + numCPU - 1) / numCPU

 for i := 0; i < len(logs); i += chunkSize {
  end := i + chunkSize

  if end > len(logs) {
   end = len(logs)
  }

  divided = append(divided, logs[i:end])
 }

 fmt.Printf("%#v\n", divided)
}

Reference:

https://stackoverflow.com/questions/35179656/slice-chunking-in-go

Saturday, September 9, 2017

Why is a Goroutine’s stack infinite high cpu spikes:

Why is a Goroutine’s stack infinite high cpu spikes:

Empty loop:

for{
}

uses 100% of a CPU Core.

The proper way to wait for some operation depending to the use case you may use:

- sync.WaitGroup like this
- select {}
- channels
- time.Sleep
- time.After

One of the key features of Goroutines is their cost; they are cheap to create in terms of initial memory footprint (as opposed to the 1 to 8 megabytes with a traditional POSIX thread) and their stack grows and shrinks as necessary. This allows a Goroutine to start with a single 4096 byte stack which grows and shrinks as needed without the risk of ever running out.
There is however one detail I have withheld until now, which links the accidental use of a recursive function to a serious case of memory exhaustion for your operating system, and that is, when new stack pages are needed, they are allocated from the heap.
As your infinite function continues to call itself, new stack pages are allocated from the heap, permitting the function to continue to call itself over and over again. Fairly quickly the size of the heap will exceed the amount of free physical memory in your machine, at which point swapping will soon make your machine unusable.
The size of the heap available to Go programs depends on a lot of things, including the architecture of your CPU and your operating system, but it generally represents an amount of memory that exceeds the physical memory of your machine, so your machine is likely to swap heavily before your program ever exhausts its heap.

Reference:

https://stackoverflow.com/questions/39493692/difference-between-the-main-goroutine-and-spawned-goroutines-of-a-go-program

http://dave.cheney.net/2013/06/02/why-is-a-goroutines-stack-infinite

Trouble reading packets from a socket in Go

Trouble reading packets from a socket in Go

buf needs to have a definite size. 0-length slice won't work.

Declare it as:

var buf = make([]byte, 1024)

func handleClient(conn net.Conn) {
        defer conn.Close()

        var buf [512]byte

        for {
                n, err := conn.Read(buf[0:])

                if err != nil {
                        fmt.Printf("%v\n", err.Error())
                        return
                }

                fmt.Printf("Got: %d, %s\n", n, buf)

                str := strings.Repeat("A", 16000000)
                _, err2 := conn.Write([]byte(str))

                if err2 != nil {
                        fmt.Printf("%v\n", err.Error())
                        return
                }
        }
}

Reference:

https://stackoverflow.com/questions/2270670/trouble-reading-from-a-socket-in-go

Why can not I copy a slice with copy in golang?

Why can not I copy a slice with copy in golang?

The builtin copy(dst, src) copies min(len(dst), len(src)) elements.

Copy returns the number of elements copied, which will be the minimum of len(src) and len(dst).

So if your dst is empty (len(dst) == 0), nothing will be copied.

Try:

tmp := make([]int, len(arr))

Reference:

https://stackoverflow.com/questions/30182538/why-can-not-i-copy-a-slice-with-copy-in-golang

https://golang.org/ref/spec#Appending_and_copying_slices

docker exec is not working in cron

docker exec is not working in cron

The docker exec command says it needs "pseudo terminal and runs in interactive mode" (-it flags) while cron doesn't attach to any TTYs.

Try using the -d flag instead of -it:

# /bin/sh -c "/usr/bin/docker exec -u root -d exp_mongo_1 /bin/sh /backup.sh"

Reference:

https://stackoverflow.com/questions/37089033/docker-exec-is-not-working-in-cron

Statically compiled Go programs, always, even with cgo, using musl

Statically compiled Go programs, always, even with cgo, using musl

Reference:

https://dominik.honnef.co/posts/2015/06/go-musl/

Friday, September 8, 2017

Generic way to duplicate Go slices?

Generic way to duplicate Go slices?

One simple statement to make a shallow copy of a slice:

b := append([]T(nil), a...)

Note: The append to a nil slice translates into a make and copy.

Which is equivalent to:

b := make([]T, len(a))
copy(b, a)

Reference:

https://stackoverflow.com/questions/26433156/generic-way-to-duplicate-go-slices

cannot assign to struct field in map error

cannot assign to struct field in map error

data["p1"] isn't quite a regular addressable value: hashmaps can grow at runtime, and then their values get moved around in memory, and the old locations become outdated. If values in maps were treated as regular addressable values, those internals of the map implementation would get exposed.

So, instead, data["p1"] is a slightly different thing called a "map index expression" in the spec; if you search the spec for the phrase "index expression" you'll see you can do certain things with them, like read them, assign to them, and use them in increment/decrement expressions (for numeric types). But you can't do everything. They could have chosen to implement more special cases than they did, but I'm guessing they didn't just to keep things simple.

Issue code:

package main

import (
        "fmt"
)

type Person struct {
        Name string
}

func main() {
        data := map[string]Person{
                "p1": Person{},
        }

        data["p1"].Name = "Jun"

        fmt.Printf("%v\n", data)
}

Solution:

The solution is to make the map value a regular old pointer.

package main

import (
        "encoding/json"
        "fmt"
)

type Person struct {
        Name string
}

func main() {
        data := map[string]*Person{
                "p1": &Person{},
        }

        (*data["p1"]).Name = "Jun" // Or simply data["p1"].Name = "Jun"

        dataJSON, _ := json.MarshalIndent(data, "", "  ")
        fmt.Printf("%s\n", dataJSON)
}

Reference:

https://stackoverflow.com/questions/32751537/why-do-i-get-a-cannot-assign-error-when-setting-value-to-a-struct-as-a-value-i

Print line number for debugging in Go

Print line number for debugging in Go

Method 1:

// to change the flags on the default logger
log.SetFlags(log.LstdFlags | log.Lshortfile)

Method 2:

package main

import (
        "log"
        "runtime"
)

func MyFunc() {
        FancyHandleError()
}

func FancyHandleError() {
        // notice that we're using 1, so it will actually log the where
        // the error happened, 0 = this function, we don't want that.
        pc, fn, line, _ := runtime.Caller(1)
        log.Printf("[error] in %s[%s:%d]", runtime.FuncForPC(pc).Name(), fn, line)
}

func main() {
        MyFunc()
}

Method 3:

package main

import (
        //"log"
        //"runtime"
        "runtime/debug"
)

func MyFunc() {
        FancyHandleError()
}

func FancyHandleError() {
        debug.PrintStack()
}

func main() {
        MyFunc()
}

Reference:

https://golang.org/pkg/log/#pkg-constants

https://golang.org/pkg/runtime/debug/#PrintStack

http://stackoverflow.com/questions/24809287/how-do-you-get-a-golang-program-to-print-the-line-number-of-the-error-it-just-ca

Friday, July 28, 2017

Running php-fpm in Docker based on CentOS 7

Running php-fpm in Docker based on CentOS 7

Dockerfile:

FROM centos:centos7

RUN curl 'https://setup.ius.io/' -o setup-ius.sh \
 && bash setup-ius.sh \
 && rm -f setup-ius.sh \
 && yum -y update \
 && yum -y install \
  php71u-common \
  php71u-cli \
  php71u-fpm \
  php71u-opcache \
  php71u-xml \
  php71u-json \
  php71u-pdo \
  php71u-mysqlnd \
  php71u-intl \
  php71u-mbstring \
  php71u-mcrypt \
  php71u-gd \
  php71u-soap \
  php71u-process \
  php71u-pecl-redis \
  php71u-pecl-xdebug \
  php71u-fpm-httpd

EXPOSE 9000

CMD ["php-fpm", "-F"]

Build the docker image:

# docker build -t junhsieh/php7.1-fpm:0.0.0 .

Some important settings to be changed:

# vim /etc/php-fpm.d/www.conf

; Change ownership:

user = php-fpm
group = php-fpm

; Note: Ubuntu uses www-data user. Add php-fpm user to www-data group if the other container used it.
; # groupadd -g 33 www-data
; # useradd www-data -m -c 'web user' -u 33 -g 33
; # usermod -a -G www-data php-fpm
; # id php-fpm
; Now, restart this container to ensure php-fpm user is in www-data group.

; Bind port 9000 to the all interfaces:

listen = 9000

; Comment out the following line:

;listen.allowed_clients = 127.0.0.1

; Note: "listen.allowed_clients = any" will not work.
; Note: "listen.allowed_clients = other-container-name" will not work. IP address only.

; Uncomment the following line to debug the issue:

catch_workers_output = yes

; Note: Comment it out on production.


xdebug setting:

### xdebug setting
###
; Enable xdebug extension module
zend_extension=xdebug.so
;zend_extension=/usr/lib64/php/modules/xdebug.so

xdebug.default_enable=1
xdebug.remote_enable=1
xdebug.remote_handler=dbgp
xdebug.remote_host=localhost
xdebug.remote_port=9009
; Note: php-fpm uses port 9000 as well.
xdebug.remote_log=/tmp/xdebug.log
xdebug.remote_connect_back=0
xdebug.remote_autostart=0
xdebug.remote_mode=req

xdebug.max_nesting_level=1000

Reference:

https://developers.redhat.com/blog/2014/12/29/running-php-fpm-in-docker/