Tech – Page 8 – John Leach

High performance WordPress

Of all the WordPress installations I manage, two of them bring in a rather large number of hits.

To speed up WordPress I usually just enable the MySQL query cache and install the eaccelerator PHP opcode cacher. On one particular box, an Intel 1.3Ghgz PIII this increased performance from around 3 requests per second to around 10.

Recently I came across the WP-Cache plugin for WordPress. This takes the finished output from any given wordpress request and caches it to disk, serving directly from the static cache for the next hour (configurable). Any new posts or comments in the mean time immediately mark the cached version stale, so you don’t need to wait around for an hour.

On the same hardware and blog, this increases performance from 10 requests per second to over 250. A 2500% increase in speed.
(more…)

5/6/2006 Add Comment

Lighttpd and Ruby on Rails: Secure and Fast Downloading

When controlling access to files on a webserver developers often use the web application itself as a file server. The request comes in, the script checks for some session authentication variable or something, then streams the file from disk (hopefully from outside the webroot) to the browser.

The problem with this from a performance standpoint is that a thread/process of the web application has to be running for the entire duration of the download. With a busy webserver serving many concurrent downloads, this is an immense overhead. The web server itself should be orders of magnitude faster at serving files directly than via a web application, but you can’t just stick the files in a different directory and hope nobody finds the secret urls. The new web server on the block, Lighttpd, has some clever solutions for this problem.
(more…)

16/3/2006 3 Comments

TCP, NAT and 2MSL mismatch

We have a client that connects over the NHS internal network to a server hosted at our site. We have lots of clients like this, but these are slightly different because they NAT all their machines to one IP before it gets to us.

Recently they complained about connection problems and after lots of investigation we managed to get a packet capture of the problem (IPs changed of course):


 1  0.00 192.168.0.1 -> 10.0.0.254 TCP 2268 > 80 [SYN]
 2  0.00 10.0.0.254 -> 192.168.0.1 TCP 80 > 2268 [SYN, ACK]
 3  0.01 192.168.0.1 -> 10.0.0.254 TCP 2268 > 80 [ACK]
 4  0.08 192.168.0.1 -> 10.0.0.254 HTTP POST
 5  0.24 10.0.0.254 -> 192.168.0.1 TCP 80 > 2268 [ACK]
 6  0.23 192.168.0.1 -> 10.0.0.254 HTTP Continuation
 7  0.24 10.0.0.254 -> 192.168.0.1 HTTP HTTP/1.1 200 OK 1365
 8  0.24 10.0.0.254 -> 192.168.0.1 HTTP Continuation
 9  0.24 10.0.0.254 -> 192.168.0.1 TCP 80 > 2268 [FIN, ACK]
10  0.29 192.168.0.1 -> 10.0.0.254 TCP 2268 > 80 [ACK]
11  0.31 192.168.0.1 -> 10.0.0.254 TCP 2268 > 80 [FIN, ACK]
12  0.31 10.0.0.254 -> 192.168.0.1 TCP 80 > 2268 [ACK]
13  0.34 192.168.0.1 -> 10.0.0.254 TCP 2268 > 80 [ACK]
14 68.26 192.168.0.1 -> 10.0.0.254 TCP 2268 > 80 [SYN]
15 71.18 192.168.0.1 -> 10.0.0.254 TCP 2268 > 80 [SYN]
16 77.13 192.168.0.1 -> 10.0.0.254 TCP 2268 > 80 [SYN]
17 98.25 192.168.0.1 -> 10.0.0.254 TCP 2268 > 80 [RST, CWR]

(more…)

8/3/2006 Add Comment

I changed his life through webdev

A couple of months ago I was having an IM conversation with an old web developer work friend and asked him if he’d played with Ruby on Rails yet. He told me not and I enquired as to whether he’d been living in a mud hut within a rain forest for the last year. He told me not. I pointed him in the right direction and he said he’d take a look sometime.

Today, after no further conversion, I got this message from him:

(16:14:48) Sid: Hey John!! Just wanted to say thanks for introducing me to Ruby on Rails.. I’ve picked up on it and its changed my life. Now I’m working a contract for the government and dating a hot american chick from new york. btw – like the photo. its class.
(16:16:16) Sid logged out.

He used to be a Coldfusion developer. After finding Ruby on Rails he must look back on Coldfusion and laugh up hard matter from his lower intestine.

Anybody else want to comment on how I’ve changed their life? If you only met me once and had to spend the rest of your life avoiding me it still counts.

19/2/2006 4 Comments

eAccelerator php speederupper

My earlier post about Turck-mmcache is now deprecated. Turck-mmcache has not been actively developed in quite a while. eAccelerator is a fork of Turck-mmcache and has been actively developed by a new team.

eAccelerator fixes all the PHP crashing errors I had, and adds support for newer version PHP too (including PHP 5.1 in their latest dev snapshot, which I’ve had working perfectly btw)

(more…)

15/1/2006 Add Comment

Principles, Software and Freedom

Benjamin Mako Hill has written a great post over on his blog titled “Principles, Software and Freedom”. It’s something I’ve been trying to put into words for a while and he does it very well.

“Sure, everyone uses Firefox. Sure, everyone uses Apache and GNU/Linux for their web servers. Sure, everyone uses Drupal, Mambo, Plone, or another free CMS. But one can’t help but notice that Firefox, Apache, and free CMSs are higher quality, more featureful, and easier to use than the proprietary alternatives.”

“People arguing for free software from a principled position need to remember that principled positions are sometimes inconvenient. Free software is no exception. It’s frequently different, sometimes incompatible and a bit more work. In some situations (dare I say it?), it’s not as good as the proprietary alternatives.”

Free software isn’t always easy and isn’t always the best solution. Personally I believe freedom is important enough to weigh in heavily in the face of this.

15/1/2006 Add Comment

Turck MMCache speediness on Debian Sarge

UPDATE: The info in this post is deprecated. See the new post about eAccelerator instead.

I installed Turck MMCache PHP accelerator and I got a big improvement.

ApacheBench reported 4.52 pages per second before and 12.47 pages after installation (a WordPress 1.5.2 page on a 1.2Ghz PIII). That a 275% increase in performance, with currently no observed problems. I tested this with both Apache2 and lighttpd, and got a similar boost with both.

There is only a package for Debian unstable at the moment, so I downloaded the package source and backported it to Debian sarge. I put the package in my apt repository (along with a backported openswan package I’m using). Add to your sources.list:

deb http://johnleach.co.uk/downloads/debian sarge backports

and apt-get update ; apt-get install turck-mmcache

See PHP fly (comparatively)

UPDATE: I’m running into a few problems now actually. WordPress runs fine, but an application of my own is having some serious problems. MMTurck is kicking out the following log message:

[13072] MMCACHE: PHP crashed on opline 1 of main() at /path/to/webapp/cligs-app.php:24

I’ve disabled the extension for now until I investigate further.

UPDATE: S

12/1/2006 1 Comment

Epiphany and Firefox Dapper packages for Breezy

I’ve built Ubuntu Dapper Epiphany 1.9 and Firefox 1.4.99 packages for Ubuntu Breezy. I’ve also enabled the Epiphany Adblock extension which seems to work fine. You can’t specify your own advert signatures with a GUI yet (afaikt) but the built-in database seems to cover most bases.

I’ve only built for i386 as that’s all I need it for right now. Tbh, it’s really not that difficult to build you own, but here they are anyway:
UPDATE: I’ve setup an apt repository for all this nonsense.

deb http://johnleach.co.uk/downloads/ubuntu breezy backports

I don’t really have plans to keep this up to date, but I might expand it to a few other packages I want to play with, so feel free to use.

13/12/2005 3 Comments

Half a LUGRadio meet

I met Stuart Langridge and Jono Bacon from LUG Radio last night as they came to Leeds where Jono talked at my local LUG. Wookey also gave a talk about the latest stuff going on in the Emdebian world.

And of course I also met up with some of the WYLUG regulars (Robert Speed, Jim Jackson, James Holden, et al) and some perhaps not so regular (which would include me btw).

We enjoyed the talks, went to a local Italian place for dinner then to a local pub. Was a great night.

13/12/2005 1 Comment

Hula calendar and mail server proprietaryness

I played with Hula a few weeks ago. I really didn’t spend very long with it, but managed to get it working on Ubuntu Breezy and connected to it with Evolution IMAP client. A big fat tip if you’re planning on having a go with it: don’t use the official Ubuntu packages. The ones I used were old and really sucked; I got nowhere with them. There are packages for Debian on the Hula site that worked well for me.
(more…)

11/12/2005 Add Comment

netfilter ip_conntrack_ftp and tls

Here I am attempting to connect to a server using lftp wondering why the firewall is blocking the incoming data connections, even though ip_conntrack_ftp has been working for years.

lftp supports tls, and so does the server I’m connecting to. This means the control connection is encrypted, so the netfilter ftp connection tracker can’t peek inside the packets to find out which ports to open up to allow the data connections. DUH. Ftp sucks.

Anyway, the only way I found to disable tls support in lftp is to add the following line to ~/.lftp/rc:

set ftp:ssl-allow false

7/12/2005 2 Comments

Blendr: merge images together from Flickr

The image below was created by blending 500 photos of sunsets together. I’ve made a bunch more images like that too.

To create these I wrote some tools to pull images from Flickr and blend them together to make a new and usually interesting image. The tools are written in Python and licensed under the GPL.

I was inspired by the “amalgamations” artwork of Jason Salavon.

28/11/2005 1 Comment