LFS

Optimizing a web server

Dave Farquhar Linux , , , , ,

Promises of better Apache performance have me lusting after lingerd, a very obscure utility that increases performance for dynamic content. It’s been used on a handful of little sites you might have heard of: Slashdot, Newsforge, and LiveJournal.
Unfortunately there’s no Debian package, which means compiling it myself, which means compiling Apache myself, which also means compiling PHP and MySQL, which means a big ol’ pain, but potentially better performance since I could go crazy on the GCC optimization flags. Hello, -O3 -march=i686!

And if I’m going to compile all that myself, I figure I might as well compile it all myself and get the high performance across the board and get GCC 3.2x into the picture for even better performance. The easy way to do that is with lfs-install, which builds a system based on Linux From Scratch. For workstations I’d rather use something along the lines of Gentoo, but for servers, LFS is small, mature, and reasonably conservative.

Supposedly metalog offers improved performance over the more traditional syslogd or sysklogd. The good news is that those who are more sane than me and sticking with Debian for everything can take advantage of a Debian package (at least in unstable), and just apt-get away.

If I have any sanity left, I’ll think about minit to replace SystemVInit and save me about 400K of memory in a process that’s always running, and fgetty to save me a little more. I’ve tried fgetty in the past without success; it turns out fgetty requires DJB’s checkpassword in order to work.

Keep in mind I haven’t tried any of this yet. But the plan sounds so good in my current sleep-deprived state I couldn’t help but share it.

Hello again…

Dave Farquhar General ,

I’m rested but not caught up. I semi-successfully built a Linux From Scratch box; it’s easily the fastest computer I’ve ever seen but not everything works quite right. I made the mistake of using Mandrake 8.0 as my source platform. In some regards Mandrake 8 makes sense; it has recent kernel and glibc versions. Unfortunately it also uses the infamous GCC 2.96; an unofficial release of GNU’s C compiler that’s so wretched that Linus Torvalds actually has asked people to not do any kernel development using any OS that uses it. One of the first things LFS does is build its own copy of GCC 2.95.3, but unfortunately, there’s code in my system that GCC 2.96 got its grubby mitts on and stuff doesn’t work. Notably, I can’t build another LFS system using it as the source. Crimony.
Meanwhile, I found out this afternoon that Bible study is at my place on Friday. My apartment’s always a mess and today’s no exception; it’s not as bad now as it has been at times but it is much less than presentable. So that’s my big project for the week. Hopefully I’ll get a mail server going too.

But I’ll try to check in every day.

If you didn’t compile it yourself, it’s not really yours.

Dave Farquhar Linux , , , ,

I’m on my Linux From Scratch kick again. Unfortunately, compiling a complete workstation from scratch takes a really long time (the systems that benefit the most from it, namely low-end P2s, need close to a day to compile everything if you want X, KDE and GNOME and some common apps) and requires you to type a lot of awkward commands that are easy to mess up. The upside: Messages like, “I did my first LFS on a Pentium II 18 months ago and it was by far the best workstation I’ve ever had,” are common on LFS discussion boards.
So what to do…? If you want to learn a lot about how Linux works, you type all the commands manually and let the system build itself, and if you’re away while the system’s waiting for the next set of commands, well, the system just sits there waiting for you. In a couple of days or a week you’ll literally know Linux inside and out, and you’ll have the best workstation or server you ever had.

If, on the other hand, you’re more interested in having the best workstation or server farm you ever had and less interested in knowing Linux inside and out (you can always go back and do it later if you’re really interested–CPUs and disks aren’t getting any slower, after all), you use a script.

What script? Well, RALFS, for one. Just install Mandrake 8 or another 2.4-based distribution, preferably just the minimum plus all the compilers plus a text editor you’re comfortable with, then download the sources from www.linuxfromscratch.org, then download RALFS, edit its configuration files, get into text mode to save system resources, and let RALFS rip.

RALFS looks ideal for servers, since the ideal server needs just a kernel, the standard utilities that make Unix Unix, plus just a handful of server apps such as Apache, Samba, Squid, or BIND. So RALFS should build in a couple of hours for servers. And since a server should ideally waste as few CPU cycles and disk accesses as possible, RALFS lets you stretch a box to its limits.

I think I need a new mail server…

Back in the swing of things

Dave Farquhar Linux , , , ,

Here are some odds and ends, since I’ve gone nearly a week without talking computers.
Intro to Linux. I found this last week. It’s a 50-page PDF file that serves as a nice Linux primer, from the experts at IBM. It’s a must-read for a Windows guru who wants to learn some Linux.

Linux from Scratch. Dustin mentioned Linux From Scratch last week. The idea is you download the source to an already-installed Linux box, then compile everything yourself. Why? Stability, security, and speed.

Security. You’ve got fresh, updated code, compiled yourself, with no extras. If you didn’t compile it, it’s not there. Less software means fewer holes for l337 h4x0r5 (“leet hackers,” or, more properly, script kiddies, or, even more properly, wankers who really need to get a life because they have nothing better to do than try to mess around with my 486s–Steve DeLassus asked me “what the #$%@ is an el-three-three-seven-aitch-four…” last week) to exploit.

Stability. Well, you get that anyway when you liberate your system from Microsoft’s grubby imperialistic mitts, but it makes sense that if you run software built by your system, for your system, it ought to run better. Besides, if you’ve got a borderline CPU or memory module or disk controller and try to compile all that code with aggressive compiler settings, you’ll expose the problems right away instead of later.

Speed. You’re running software built for your system, by your system. Not Mandrake’s PCs. Not Red Hat’s PCs. Yours. You want software optimized for your 486SX? You want software optimized for a P4? You won’t get either anywhere else. And recent GCC compilers with aggressive settings can sometimes (not always) outperform hand-built assembly. It’s hard to know what settings Mandrake or Red Hat or those Debian weirdos used.

I really want to replace my junky Linksys router with a PC running LFS and firewalling software. The Linksys router seems to be fine for Web surfing, but if you want to get beyond serfdom and serve up some content from your home LAN, my Linksys router’s even more finicky and problematic than Linksys’ NICs, which is saying something. It’ll just decide one day it doesn’t want to forward port 80 anymore.

Firewalling. And speaking of that, Dan Seto detailed ways to make a Linux box not even respond to a ping last week. It’s awfully hard for a l337 w4nk3r to find you if he can’t even ping you.

A story. My sister told me this one. She’s a behavioral/autism consultant, and one of her kids likes to belch for attention. He’ll let out an urp, and if you don’t respond, he’ll get closer and closer to you, letting out bigger and bigger belts until you acknowledge it. Di hasn’t managed to break that behavioral habit yet. She was telling her boss, a New Zealander, about this kid (he’s 3).

“Hmm,” he said. “Must be Australian.”

An update. I heard some howls of protest about a cryptic post I made last week. Yes, that was a girl I was talking to in the church parking lot until well past 11 the other night. Yes, we met at church. I’ve known her maybe six months. Yes, she’s nice. Yes, she’s cute. No, I haven’t asked her where she went to high school. Remember, I’m not a native St. Louisan… (And if you clicked on that link, be sure to also check out the driving tips.)

No, I’m not really interested in saying much more about her. Not now.