rubysecurity.org

Cloud Architect / DevOps Engineer / SRE / Developer | /root

Home About Books Blog Portfolio Archive

Tag Cloud


Currently Reading

Certified Kubernetes Administrator (CKA) Study Guide
Certified Kubernetes Administrator (CKA) Study Guide
38 / 155 Pages


Latest Book Reviews

Latest Posts


November 28, 2013

Varnish WordPress Performance Testing

by Alpha01

Thanks to my new job, I’ve been working a lot with Varnish. Man, Varnish is one kick ass HTTP web accelerator! A few months back I ran a few performance Apache performance tests on my WordPress site with different layers of caching enabled:

So now I wanted to see how the results may differ using Varnish.

Configuration

At a bare minimal, Varnish needs to be configured to remove cookies set by WordPress in order to make the content cacheable.

sub vcl_recv {
  # Drop any cookies sent to Wordpress.
  if (!(req.url ~ "wp-(login|admin)") && req.http.host ~ "rubyninja.org") {
    unset req.http.cookie;
  }
}

sub vcl_fetch {
  # Drop any cookies Wordpress tries to send back to the client.
  if (!(req.url ~ "wp-(login|admin)") && req.http.host ~ "rubyninja.org") {
    unset beresp.http.set-cookie;
  }
}

With this configuration enabled, I ran the same identical ab tests that used to benchmark my server previously.

[root@rubyninja ~]# ab -n 1000 -c 5 http://www.rubyninja.org/index.php
This is ApacheBench, Version 2.0.40-dev <$Revision: 1.146 $> apache-2.0
Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/
Copyright 2006 The Apache Software Foundation, http://www.apache.org/

Benchmarking www.rubyninja.org (be patient)
Completed 100 requests
Completed 200 requests
Completed 300 requests
Completed 400 requests
Completed 500 requests
Completed 600 requests
Completed 700 requests
Completed 800 requests
Completed 900 requests
Finished 1000 requests


Server Software:        Apache/2.2.15
Server Hostname:        www.rubyninja.org
Server Port:            80

Document Path:          /index.php
Document Length:        0 bytes

Concurrency Level:      5
Time taken for tests:   39.528015 seconds
Complete requests:      1000
Failed requests:        0
Write errors:           0
Non-2xx responses:      1001
Total transferred:      374139 bytes
HTML transferred:       0 bytes
Requests per second:    25.30 [#/sec] (mean)
Time per request:       197.640 [ms] (mean)
Time per request:       39.528 [ms] (mean, across all concurrent requests)
Transfer rate:          9.23 [Kbytes/sec] received

Connection Times (ms)
              min  mean[+/-sd] median   max
Connect:       87  100 134.1     93    3092
Processing:    88   95  10.7     91     220
Waiting:       87   94  10.6     90     218
Total:        177  196 134.4    186    3183

Percentage of the requests served within a certain time (ms)
  50%    186
  66%    192
  75%    196
  80%    199
  90%    207
  95%    217
  98%    234
  99%    251
 100%   3183 (longest request)

The requests per second handled by the webserver weren’t much different from the caching layer that I already had enabled previously, which is the WordPress W3 Total Cache plugin configured with Page, Database, Object, and Browser cache enabled using APC, and mod_pagespeed.

However the huge difference is that all requests never reached the Apache backend. Varnish cached all content and served all the requests directly. Varnish is just fucking awesome.

Tags: [ varnish apache wordpress testing ]
November 17, 2013

Leaving Gmail and Google Apps

by Alpha01

Ever since finding out about Google’s involvement in PRISM a few months back, I’ve been wanting to completely ditch their Gmail and Google Docs services for good. Having used those services for such a long time, and more importantly them being free (as in beer), deciding which new platform I would use as the replacement was my first challenge. Firstly, all email services will be managed by me solely. So my first task was to find a reliable, and perhaps more importantly, a really cheap unmanaged dedicated hosting provider. I opted to go with OVH. Having first heard of OVH on a Linux Journal advertisement, I became completely sold on their $29.99 a month dedicated hosting offering. Even better, OVH is not an American company and they themselves having to deal with lots of scrutiny for hosting WikiLeaks. The really cheap $29.99 dedicated hosting plan does have a catch, the hardware is not enterprise quality server hardware, but rather desktop hardware. The disk is not RAIDed, and the memory is non ECC. Personally, since I don’t believe my server will have much heavy load, I really don’t see this as a problem. Additionally, using my home Nagios monitoring server and with the help of NRPE, I’m going to monitoring just about everything on the dedicated machine.

My current hypothetical architecture

Install configure KVM on the system, and run three virtual machine instances. The host machine will have the following:

  • Varnish, to proxy all HTTP traffic
  • Nginx, to proxy all HTTPS traffic
  • Proxy POP/IMAP mail traffic using iptables (if this does not work as I expect, I might look into using haproxy instead)

1). VM 1: http

  • Apache PHP/Ruby, all of my web apps will be using on this VM. (including this site itself)

2). VM 2: database

  • MySQL
  • PostgreSQL

3). VM 3: email

  • Postfix for sending mail
  • Dovecot for receiving mail
Tags: [ google ]
November 10, 2013

Enabling SMART on a hard drive

by Alpha01

Error

[root@backup ~]# smartctl -H /dev/sdb
smartctl 5.43 2012-06-30 r3573 [x86_64-linux-2.6.32-358.23.2.el6.x86_64] (local build)
Copyright (C) 2002-12 by Bruce Allen, http://smartmontools.sourceforge.net

SMART Disabled. Use option -s with argument 'on' to enable it.

Fix

[root@backup ~]# smartctl -s on /dev/sdb
smartctl 5.43 2012-06-30 r3573 [x86_64-linux-2.6.32-358.23.2.el6.x86_64] (local build)
Copyright (C) 2002-12 by Bruce Allen, http://smartmontools.sourceforge.net

=== START OF ENABLE/DISABLE COMMANDS SECTION ===
SMART Enabled.
Tags: [ monitoring ]
October 28, 2013

Nuking GPT partition table

by Alpha01

Error

WARNING: GPT (GUID Partition Table) detected on '/dev/sdb'! The util fdisk doesn't support GPT. Use GNU Parted.

Fix

parted /dev/sdb
mklabel msdos
quit
Tags: [ gparted ]
October 27, 2013

Black background in all desktops after Ubuntu 13.10 upgrade

by Alpha01

So I just upgraded my Dell XPS 13 laptop from Ubuntu 13.04 to 13.10, and immediately the first thing I noticed that all of my desktops had a black background. and manually changing the background wallpaper took no effect. Turns out this is a common problem. In my case it turned out to be related to Gnome, which I found it to be rather interesting giving that a Gnome specific setting will cause this problem in Unity.

Fix

gsettings set org.gnome.settings-daemon.plugins.background active true

Resources

Tags: [ ubuntu ]