Puppy Linux PHP web-serving with Mysql


Puppy linux is engineered from the very core to do more with less. Every decision in it's design has been taken with a view to functionality and performance - with the absolute minimum of overhead. The very same philosophy that was in mind when developing webERP. However, puppy linux it is truly amazing what has been packed into 130 Meg! This includes the entire operating system and all the applications you need for everyday/office computing!

Puppy Linux is a very fast small footprint operating system developed by Barry Kauler. It contains 99% of desktop OS functionality that most users require, but no server side software. The entire OS will run from a CD and being around 130Meg in total can operate entirely inside RAM in this mode. The OS can also be installed on a USB stick or external hard drive. As a virus free desktop OS it is hard to beat for speed on any given hardware and will run on hardware that most would throw away. As a hard disk install it can boot in less than 30 seconds. Like all the best sports cars it is small and light but very powerful! It has attracted quite a community of devotees as a result.

Going back to Puppy 3.01 I assembled a squash file - puppy allows packages to be installed by simply telling it to append squash files to it's filesystem - with the traditional LAMP components of:

* Apache
* Mysql
* PHP

This has enabled php web-serving under puppy linux where the server is run as nobody and therefore avoiding security issues that might result from a hijacked server process.

However, with Puppy version 4.1 our learned and wise leader Barry Kauler discovered the Hiawatha Web-Server - this web-server is "small and FAST" in keeping with puppy mantra. But not only that, the author Hugo Leisink of Hiawatha has written it with security at the front of mind. Barry's intentions were driven by the desire I believe to include the blogging software he uses PPLOG which is a small perl script - also of the lean and mean flavour. Consequently Hiawatha comes configured by default to run perl as a CGI program to interpret .pl scripts. Investigation into Hiawatha shows it to be quite a performer in terms of throughput of pages served (purportedly twice as fast as Apache with static content) and appears to have much of the flexibility in its configuration as that available with Apache. Configuration options for virtual hosts, user and ip address based security and to run with ssl are easier to configure than Apache. It also has URL rewriting toolkit required to run many CMS applications (although tricky to configure for me). The problem with Apache is that is now quite large and it forks additional processes each requiring a large chunk of memory for additional connections. Performance in terms of memory utilisation is a snag particularly when many machines that run puppy may well be challenged in this department. Hiawatha with it's binary just 113k (version 6.16 - blown right out to 130k as at v 7.3!) running a multi-threaded rather than pre-fork model appears to be the perfect antidote.

Pre-Fork or Multi-threaded web servers

Apache has the advantage that PHP can be run as a module - theoretically the fastest way to run PHP. However, the architecture of apache is based on a "pre-fork" model where new connections to an Apache web-server initiate new forks and each fork consumes RAM - so the machine can max out if a heavy load of web-serving comes it's way. Hiawatha uses a thread based model a similar architecture as that used by the fastest web-server (I understand this to be Roxen). This structure also has the advantage of being much leaner in terms of memory and ultimately faster to serve pages.

PHP as a Module or FastCGI

Running PHP as a module of Apache means that the PHP binary is already loaded when a request is fielded to run a PHP script and traditionally has been the favoured way of running PHP. However, development of Fast CGI also allows PHP daemons to be running ready to field requests thus reducing the overhead compared to running PHP as a CGI program - where it has to be loaded on each request - and holds a severe performance penalty. Hiawatha happily has the ability to run PHP as a FastCGI daemon. I have not done any bench-marking on performance of FastCGI Hiwatha PHP to Apache PHP moule - it would be interesting to see the results - it is my pick that Hiawatha/FastCGI PHP might well be faster. In fact PHP (5.3.3) now comes with the configurable FPM - Fast CGI Process Manager to run several instances of PHP as a daemon to field PHP requests.

Predictably then, Barry is, once again, on to something with Hiawatha!


A new .PET

In puppy linux every opportunity is taken to name features and software in dog/animal related metaphors. New software for puppy is released mostly as .pet archives (these superseded .pups) which are actually tar.gz files which have a pinstall.sh script in them that is executed after installation. .pet packages are installed through the pet package manager that checks dependencies etc - more of Barry's handy-work.

I made a .pet including Hiawatha with mysql, PHP that is pre-configured and runs all the components after each boot with php running as Fast CGI daemons. It is available at:

http://www.logicworks.co.nz/puppy/LHMP-7.3-5.1.47-5.3.3.pet

This version released 16th August 2010 and is tested with Puppy Lucid 5.1 - and includes:

Hiawatha web-server version 7.3

MariaDB (mysql) version 5.1.47

PHP version 5.3.3

phpMyAdmin version 3.3.5

The .pet file is 16 Meg

This pet contains the necessary /etc/hiawatha/hiawatha.conf settings to serve .php web-pages with PHP running as a fastCGI daemons. The Hiawatha program to launch a series of PHP daemons is no longer used, since PHP now comes with its own Fast CGI process manager which has been pre-configured to serve PHP requests in this .pet The .pet also has a scripts in /etc/init.d/

* rc.httpd that starts hiawatha and the php-fpm on each boot
* rc.mysqld that starts mysql on each boot

Both mysql and hiawatha are started on each boot - if you do not want this to happen you should move one or both of these scripts out of the directory /etc/init.d

Both servers are started by the post installation script of the .pet so there is no need to reboot.

mysql is configured by a file in /etc/my.cnf and has been compiled to run as the user nobody - thus offering some protection from a rogue mysql problem damaging the system. Hiawatha also runs as nobody.

You can start mysql from rxvt:

#/etc/init.d/rc.mysqld start

and stop it with:

#/etc/init.d/rc.mysqld stop

Similarly you can start and stop hiawatha in the same way with the rc.httpd script.

Both php and mysql were compiled using devx_510.sfs. Compliation options to exclude documentation (which is online) the mysql cluster code, the enormous mysql test-suite, the enormous PHP PEAR were used to minimise the size of the .pet but retain as much functionality as possible but including innodb ACID compliant database storage engine. PHP includes ftp, gettext, gd, xsl, xml, mysql and mysqli, sql-lite functionality. Mysql retains myisam, isam and innodb table types by default, together with all the usual mysql utilities including mysqldump, mysql client, mysqladmin etc.

The .pet also includes the phpMyAdmin php application for administering mysql databases - this is accessed simply from a browser pointing to:

http://localhost/phpMyAdmin/index.php

mysql Configuration

The post installation script of the .pet runs the mysql_db_install script to set up the default database structure and mysql user database.

Normally with mysql installations out of the box, the default mysql user is root with no password. There are also 2 anonymous users that can access mysql without any permissions. However, the post install script now deletes both these anonymous users with the latest .pet and sets the root password for mysql as woofwoof

Important Note: Best practice is to alter the password for the mysql root user to prevent unauthorised access to your databases see the mysql docs

http://dev.mysql.com/doc/refman/5.1/en/default-privileges.html

from an rxvt window:

# mysql -u root -p woofwoof

mysql> SET PASSWORD FOR 'root'@'localhost' = PASSWORD('newpwd');
mysql> SET PASSWORD FOR 'root'@'host_name' = PASSWORD('newpwd');

where newpwd is the new password you choose.

PHP configuration

Is handled by the file /etc/php.ini

Sending Email through PHP

The mail command of php allows sending of scripted email and is a useful function of php. However, it requires an sendmail compatible binary to be available or a local smtp server. The windows configuration just requires an smtp server but this option is not available in *nix.

After some research I discovered a neat work around using a small program called mini-sendmail - this is also bundled in the .pet
mini-sendmail allows you to specify a remote smtp server to use to forward your email from the php mail command. The configuration is straight forward and described inside the php.ini (see extract of php.ini below) that you should open with geany to modify for the smtp server you can access.

/etc/php.ini

<snip>

; mini_sendmail included with this distribution to prevent reliance on full send
mail
; mini_sendmail takes parameters:
; -f the from email address
; -s the smtp server to direct the email through - this allows a third party smt
p server to be used
; if the -s parameter is ommmitted then the localhost is assumed to be the smtp
server
; -t required for sendmail compatibility??
sendmail_path = /usr/local/bin/mini_sendmail -fyouremail@youremaildomain.com -
ssmtp.yourISP.com -t

</snip>

Where youremail@youremaildomain.com is the email address you wish to be reported as the sender of email coming from your web-server. and smtp.yourISP.com is an smtp server that your web-server can access.


ISO CD Version

A puppy forum member "puppymartin" has produced a puppy-webserver edition as a 74Meg ISO which contains the above pet but has removed many of the unnecessary applications in the stock puppy for an absolutely slimmed down anorexic OS but added web-development tools like bluefish and an ftp server also. A nice GUI is available to start and stop the server processes as required.

see puppymartins puppywebserver edition forum post

puppymartin also has produced an apache version - which is some 20 Meg larger than the Hiawatha version.

The links to download it have now gone sadly. Not sure where it lives now - or if it still lives.

This OS would make a great base for a webERP installation that would run well on even the oldest junkiest hardware. However, I would not recommend running a live install without mirrored hard drives as the minimal redundancy required in a web-server. Neither would I trust software mirroring of hard drives - a proper hardware controller for RAID level 1 or greater is required.

Change Log and Possible Issues

Previous version was August 2009 for puppy 4.2
The one before that was released 29th March 2009 - updating mysql php and phpMyAdmin to the latest versions and also bundling hiawatha which is not included with puppy 4.2.

The version before that was released 31 Dec 2008... I added the libmcrypt.so library that created a problem in 4.1.1 and 4.1.2 - the fast cgi php daemons would not start because of this missing library and hiawatha would report service not available for php scripts.

Another issue that I experienced with gray's marvelous puppy-NOP pupplet was that the sticky bit was set on the /tmp directory - this prevented php running as the user nobody from creating session files in the /tmp directory. I had to run

#chmod -R 777 /tmp

before things would work as advertised

Notes on Compiling the Applications


PHP

Need to get the mcrypt library into /usr/lib then used the following to configure PHP

# ./configure --prefix=/usr/local --without-pear --enable-fpm --enable-ftp --with-bz2 --with-gd --with-gettext --with-mysql --with-mysqli --enable-wddx --enable-mbstring --with-mcrypt=/usr/lib64 --with-config-file-path=/etc --disable-debug --with-xsl --with-curl --with-zlib-dir=yes --with-xpm-dir --with-png-dir --with-freetype-dir --with-jpeg-dir

mysql

configured to run as the user nobody

# FLAGS="-O3" CXX=gcc CXXFLAGS="-O3 -felide-constructors -fno-exceptions -fno-rtti" ./configure --enable-assembler --with-mysqld-ldflags=-all-static --without-docs --without-man --with-mysqld-user=nobody --with-unix-socket-path=/tmp --without-debug --with-plugins=innobase --with-zlib-dir=bundled

Hiawatha - from Barry Kauler's blog

Here is how I compiled and installed it:

#export webrootdir=/root/Web-Server

# ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var --build=i486-t2-linux-gnu --enable-xslt

# make

# new2dir make install

Related Online Info
Puppy Linux Discussion Forum
Puppy Linux on Wikipedia
Getting to know Puppy Linux
Valid XHTML :: Valid CSS: :: Powered by WikkaWiki