xgrr.de – the whole not the half

things, thoughts and stuff out of life, daily business and computer science

Microsoft Surface

Ramp-up with KVM in a nutshell – Storage

Continuing the series on how to get a cheap infrastructure running. See Ramp-up with KVM in a nutshell – Architecture for the first article in this series.

Required hardware

For this setup we need some disks. To get proper performance use high spinning disks like WD Velociraptor. SSD is expensive but of course even better. Be sure to use disk certified for 24/7 operations otherwise the manufacturer might not fix them in case they break down at some point. Also use two identical disks as we want to create a RAID.


For decent security with decent performance I normally use a software RAID. If you have a RAID controller laying around that’ll do fine. If you only have a 20 € version – use mdraid. The cheap controller can break and chances are your RAID will be lost forever. Create three RAID drives each as RAID1 (if you have more than two disks available – RAID10 for the data drive will greatly enhance performance):

  • boot – 100 MB
  • root – 20 GB
  • data – remaining space


For this setup I use the following setup of three partitions:

  •  /boot – 100 MB – ext3/4
  • / – 20 GB – ext3/4
  • no mountpoint – remaining space - LVM

Alex Clare – Too Close Dubstep Remix

Ramp-up with KVM in a nutshell – Architecture

Virtualization is a commodity by now. Everyone has it and uses it either knowingly or not. All major players on the market have some kind of product around it. If you want to put your servers to good use and save some money in the process by using free software KVM is one of the options you have.

In order to make your IT boss and your users smile you need to have a good understanding of how to design your infrastructure. In this first article of a series I will present a possible architecture for a small but powerfull KVM infrastructure. I’m well aware that – if you have more money laying around – you can extend this design with external storage and high availability features.

Getting to it. What I want to achieve with this design is a cheap though reliable and powerful installation. See the following schema on how it will look like in production.


Technical Details

The solution is scoped to a single server. As I mentioned earlier this can easily extended to a cluster scenario. The following technical parameters describe the solution in a nutshell:

  • Local storage with at least two disks and mdraid
  • LVM as VM storage backend
  • Bridged networking

Apache2 + mod_fcgid + PHP = Awesome

For years now I was using PHP as a Apache module and not thinking twice about it. Easy to install not much to maintain and working reasonably well. Server too slow? Buy a new server. Recently one of our servers got really slow again with varying timeouts while serving pages. Memory shortage. No new server available I needed to make the most of it and started investigating how to decrease the memory footprint of Apache.

FastCGI was the answer. With PHP as a module installed every Apache process can take up to the maximum amount of memory you defined in php.ini plus what the Apache process needs by himself even though this process is only serving static content. With the switch to FastCGI it was possible to use the threaded version of Apache (mpm_worker). Static contents are now served really fast without need for invoking PHP at all. PHP scripts are served by calling the FastCGI IPC.

As memory is still low Apache and PHP are both configured to “die” after quite a low number of requests served. This can sometimes lead to a small delay while the processes are restarted but ensures that the memory footprint is kept low.

How did I do it? I won’t go into details on how to install Apache, mod_fcgid and PHP because there are loads of howto’s out there. Please find the configuration I’m using below. I’m using Debian and Apache, mod_fcgid and PHP are installed out of the repository. If you have a custom compiled version or different distribution your paths can differ.

Depending on your available hardware it is feasible to tweak the settings for the mpm_worker module so more concurrent clients can be served and/or the amount of requests which is handled before re-creating the thread is higher. It is also very recommended to use eAccelerator in conjunction with this setup. See my post on the topic for more information.

/etc/apache2/apache2.conf (excerpt):

<IfModule mpm_worker_module>
	StartServers           4
	ServerLimit            4
	MaxClients           128
	MinSpareThreads        8
	MaxSpareThreads       16
	ThreadsPerChild       32
	MaxRequestsPerChild  500


<IfModule mod_fcgid.c>
	AddHandler fcgid-script .fcgi .php
	FCGIWrapper /var/www/php-fcgi-starter .php

	IdleTimeout		3600
	BusyTimeout		 300
	ProcessLifeTime		7200
	IPCConnectTimeout	  10
	IPCCommTimeout		 360
	MaxProcessCount		  15
	MaxRequestsPerProcess	  -1
	PHP_Fix_Pathinfo_Enable    1


export PHPRC
exec /usr/lib/cgi-bin/php

eAccelerator to enhance PHP performance

In my series of optimizing one of our servers I added eAccelerator to the setup to improve the performance. One of the bottlenecks of the server is unfortunately memory. Nevertheless even with small memory settings and caching to disk eAccelerator is able to enhance the performance and user experience of our websites and eCommerce platforms by 2-2.5.

Comparing Roadsend PHP to PHP/FastCGI

For some projects it might come in handy to have a pre-compiled binary shipped to the customer or run as a separate instance. I took a peek at Roadsend PHP which implemented their own engine and is able to compile PHP source into C binaries which can either run on the command line or with special compilation arguments as a FastCGI program.

But before using it productively and changing a lot of source to make it compatible with the way how Roadsend works I wanted to make sure that the promised performance bonus would be really there. I created a very crude script which does nothing more than to iterate an integer to a certain maximum and measures the time to do this.

NOTE: I know that a proper performance test looks differently and I’m aware that Roadsend PHP can put his design into the works when we deal with a lot of includes. I’ll make another test with including random files to compare if this is impacting the results.

echo “Simple iteration test to compare performance between interpreted PHP and Roadsend PHP<hr />”;

$max = 1000;
if($_GET["max"] != “” && is_numeric($_GET["max"])) {
$max = $_GET["max"];

$start = microtime();

for($i = 0; $i < $max; $i++) {
echo $i.”<br />”;

$stop = microtime();
$elapsed = $stop – $start;
echo “<hr />Script took $elapsed seconds to execute”;

To the environment. I didn’t set up a clean room environment. I used my server at home with 2G of memory Athlon64 X2 and a RAID5. Nothing special but I think it resembles real-world situations perfectly (unless you setup a new box for every PHP site you build).

Apache (worker – threaded) is used for serving the requests. FastCGIs are served via mod_fcgid. PHP is also run via mod_fcgid which improved the performance of PHP dramatically so far.

Let’s get to it:

max = 1000
Roadsend PHP: 0.005817
Interpreded PHP: 0.001201

max = 10000
Roadsend PHP: 0.06846
Interpreded PHP: 0.012625

These results are not dramatically but significant. It seems that compiling PHP adds overhead to the execution.

Funambol sync problems solved

When I was playing around with Funambol last week I was brutally stopped by an Exception thrown somewhere in the code of the Funambol DS Server.

at com.funambol.server.session.SyncSessionHandler.processInitSyncMapMessage(SyncSessionHandler.java:905)
at com.funambol.server.session.SyncSessionHandler.processMessage(SyncSessionHandler.java:521)
at com.funambol.server.engine.SyncAdapter.processInputMessage(SyncAdapter.java:533)
at com.funambol.server.engine.SyncAdapter.processXMLMessage(SyncAdapter.java:254)
at com.funambol.transport.http.server.LocalSyncHolder.processXMLMessage(LocalSyncHolder.java:97)
at com.funambol.transport.http.server.Sync4jServlet.doPost(Sync4jServlet.java:399)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:637)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at com.funambol.transport.http.server.LogContextFilter.doFilter(LogContextFilter.java:132)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at com.funambol.transport.http.server.SyncResponseTimeFilter.doFilter(SyncResponseTimeFilter.java:159)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:190)
at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:291)
at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:769)
at org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:698)
at org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:891)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:690)
at java.lang.Thread.run(Unknown Source)

I decided to make the effort and have a look at the code. That was actually what was taking me so long to fix the problem at hand. Today I got a fix on the actual problem. The offending code is in the handling of the session. When I configured my Funambol I supplied the URI of the service I want to create which is at this point in time not the real URI. What happens during the authentication handshake is that the session is bound to this specific URI. This means that if the client requests a specific URI the server overwrites this URI with the one set in Funambol.xml and the session is only valid for this URI.

During sync it is checked if the client is authenticated which is not the case or at least not for the URI specified in the Funambol.xml. In this case a clause in the code is reached which provokes the NullPointerException stated above.

If you have this problem, make sure that the URI in your Funambol.xml file is either empty (then the URI provided by the client is taken) or that your clients use the URI which is specified.

Thunderbird 3 Release Candidate 2


As an early adopter I am using Thunderbird 3 for quite a while now. The Betas have been really stable and other than a few minor glitches I had no problems.

I just saw that RC 2 is out there after RC 1 was released in the last week. Be careful with the release. My copy was crashing every time I tried to send an email. I couldn’t figure out the exact problem yet but not being able to send messages is quite inconvenient in my opinion.

Firefox is HOT

I came across this nice picture. Just another reason to love Firefox!