Livefyre Profile

Activity Stream

@BrianLayman ... I think I may have had "a pour" when writing this...

4 days, 7 hours ago on 3 things to do that can make you completely successfull

Reply

@BrianLayman Yep, it does show that Nginx is faster than Apache.  I was hoping that Apache's Event MPM would bring Apache close.  In the end it doesn't.  The "faster" that I referred to was that Nginx has been reported to be faster than Apache and is, therefore, always a better choice.  My quick test was the previous blog post that I referenced which showed that, when running PHP (that's key), the Apache prefork MPM is faster.  Just a smidge, but faster.  That benefit goes away, however, once static content is included at which point Nginx is faster.

4 days, 7 hours ago on Performance of Apache 2.4 with the event MPM compared to Nginx

Reply

@Gwyneth Llewelyn A "true" PHP application would actually make the results a little more murky because the test would likely involve more logic to be executed.  And, largely (though there might be some circumstances that might negate this), once you are in PHP, the web server doesn't matter much.  As such the true performance difference would be minimized.  The actual performance difference between the two, once a true PHP application is executed, is negligible and the performance benefit from Nginx largely comes from dishing out static content.

4 days, 7 hours ago on Performance of Apache 2.4 with the event MPM compared to Nginx

Reply

@Kinsman Thank you for your comments.  I don't hear much from those in your position; most of the people I know have done straight foster.  Because of the adoption updates I received I usually viewed it from the perspective of having failed kinship placements, seldom thinking about what a "successful" kinship placement looks like and so your story is important to me.  Thank you for what you do and I pray for your strength.

1 month ago on What being a foster parent is really like

Reply

@nitinanuj  Then you'll need about 30,000 cores to handle those requests, so it's not something I'd be too worried about.

6 months, 2 weeks ago on Why is FastCGI /w Nginx so much faster than Apache /w mod_php?

Reply

@JaimieSirovich @kschroeder @Jason Yang @petewarnock  I don't know exactly what goes on behind the scenes, but the thread safety adds a significant amount of overhead.  Enough so that even Microsoft said to not use it on IIS and use FastCGI instead.

7 months, 3 weeks ago on Why is FastCGI /w Nginx so much faster than Apache /w mod_php?

Reply

@JaimieSirovich @Jason Yang @petewarnock  That is the conclusion that my testing supports.  That said, threads would not be better than processes because then you would need to use ZTS and your performance would tank.

7 months, 3 weeks ago on Why is FastCGI /w Nginx so much faster than Apache /w mod_php?

Reply

@garet1 @kschroeder @Gopalakrishna Palem  That is not true.  Neither mod_php nor php-fpm cache opcodes by default.  It is internal to the Zend Engine itself and has no bearing on which web server you are using.

9 months ago on Why is FastCGI /w Nginx so much faster than Apache /w mod_php?

Reply

@Gopalakrishna Palem  It's a completely different test.  I was testing *PHP* throughput.

9 months ago on Why is FastCGI /w Nginx so much faster than Apache /w mod_php?

Reply

@onmountain  Yep, you can deploy to non-Zend PHP installations.

9 months, 1 week ago on Zend Server is proprietary. NNNOOOOO!!!!

Reply

@DimaSoltys If it's on the local host I will always connect via Unix socket if it's available.

10 months, 1 week ago on Why is FastCGI /w Nginx so much faster than Apache /w mod_php?

Reply

@akaMrJohn @Gwyneth Llewelyn The data seems to support that assertion.  One additional qualification would be that Apache is protected via load balancer or CDN reverse proxy from serving frontend requests.  The concurrency restrictions of the prefork MPM are still pertinent.

10 months, 4 weeks ago on Why is FastCGI /w Nginx so much faster than Apache /w mod_php?

Reply

@ocelikdemir I don't have them since it required a code change and I needed to revert back.  What I did was add code to the end of Mage_Core_Model_App::dispatchEvent() that took the results from memory_get_usage() and did file_put_contents(<filename>, $data, FILE_APPEND), ran it through awk to build a CSV file and then opened the CSV file in Excel and created the graphs.

11 months, 3 weeks ago on How much memory does Magento use?

Reply

@DIREKTSPEED I should also mention that the point of this was not to see which is faster, but to address _common_claims_about_nginx_against_apache_.  People say "Nginx is faster" and I say "ehhhhh, not so fast."  That is it.

1 year ago on Why is FastCGI /w Nginx so much faster than Apache /w mod_php?

Reply

@DIREKTSPEED You don't need to get your panties in a bunch.  This was testing the typical Apache scenario against the typical Nginx scenario for PHP.  The event MPM for Apache is irrelevant to this discussion.  It will not be any faster with PHP because PHP then will need to use PHP-FPM for Apache in exactly the same manner as you would with Nginx.  This post was about PHP, not static content.

1 year ago on Why is FastCGI /w Nginx so much faster than Apache /w mod_php?

Reply

@gokulmig I did a similar test on Gluster a while back http://www.eschrade.com/page/testing-glusterfs-for-magento/

1 year, 2 months ago on More – The file system is slow

Reply

Actually, employers have difficulty finding PHP developers.  If you know PHP well you will probably get a job.

And I defined what "effective" meant.  It can get the required job done quicker and with less resources than other options.  (yes, I expect that this will be argued  with as much anecdotal evidence as can be mustered)

But note the actual point of the article instead of bickering over the pointless banality that happens on so many tech blogs.  Google was surprised that their implementation of PHP on the App Engine was as popular as it was.  My point is that it should not be surprising given what PHP has and is doing.  Given that Google has the best data concerning the web, their surprise must be based on something OTHER than data.  THAT is my point.

1 year, 4 months ago on Google finally acknowledges that PHP exists

Reply

@indy2kro @blacksonic I'm not sure why this is funny.  You specifically state that it may be true for open source projects, i.e., publicly available platforms.  I was not talking about private applications.  Note the paragraph before.  I was talking about Wordpress.  Note the paragraph after.  I was talking about Magento, Wordpress, Joomla, etc.  I made no claim that Magento was the biggest PHP project.

1 year, 4 months ago on Google finally acknowledges that PHP exists

Reply

@shayfalador I redid the test while watching vmstat and IOWait time was zero.  System time was at 3%.  I re-ran the test with 3 concurrent processes and IOWait time touched on 2 once and system time was at 8.  Most of the time spent was in the logger userland code (65%). 

Disks have a bad reputation as being slow, and they are... when they are functioning as memory, such as swapping.  However, when disks are being used as they should be (persistent storage) I have seen very few instances where disk speed, itself, was the actual problem.

1 year, 4 months ago on How much does logging affect performance?

Reply

@shayfalador There are a couple of things wrong with your assertions.  First of all, hard disks being "slow" really depends on what you are comparing it to.  I did a test the other day on my local drive in a VM and got about 43MB per second for writes, or 45,088,768 bytes.  The logged element in my example was 140 bytes long.  I would need about 300,000 writes per second for the drive interface to be saturated, simulating about 3000 requests per second.  And that is on a desktop machine with an old 7200RPM hard drive.  That hardly is problematic from a "scale" perspective.

A more realistic scenario that would require 100 log writes per request is that this would be a request of a moderate to complex application which would take several hundred milliseconds to run.  A web server running that kind of application will not be serving 1000 requests per second, unless it is a VERY high powered machine at which point my hard drive numbers would be significantly higher because you don't have a single 7200RPM drive on a machine like that.

What it basically comes down to is that your assertion of 1000ths of a second per request be a lot is wrong when it is put into the context of an application that would require 100 log events per second.  

And when you are working with an application of this kind of complexity you will be flying blind in your production environment when you are trying to figure out why something is not behaving properly. 1/1000th of a second price for a request that takes several hundred milliseconds is peanuts when compared to the insight you can get.

1 year, 4 months ago on How much does logging affect performance?

Reply

I would venture to say that Nginx with FastCgi would be faster

1 year, 4 months ago on Why is FastCGI /w Nginx so much faster than Apache /w mod_php?

Reply

@edushyant My test was just with the opcode cache and not the data cache and so no configuration in Magento was necessary.  That said, Optimizer+ from Zend Server had an APC compatibility layer built into it.  I believe it is still there but I don't know offhand.

1 year, 4 months ago on Magento Performance on PHP 5.3, 5.4 and 5.5RC3

Reply

@EricHerrmann2 Requests per second

1 year, 5 months ago on Magento Performance on PHP 5.3, 5.4 and 5.5RC3

Reply

@Obdurodon Oh, and I should also mention that the reason why I did this test was because I ran into a customer who was using GlusterFS instead of NFS and I wanted some data to see how it compared.  So I wasn't just pulling it randomly out of a stack of possible solutions.

1 year, 7 months ago on Testing GlusterFS for Magento

Reply

@Obdurodon Thanks for the info.  FS-Cache is one of the things I want to take a look at.  For the type of workloads that I see I wouldn't need consistency so much as I need cache invalidation.  Many Magento users use NFS as the base to store user files such as product images.  If someone saves one of those images it is not the end of the world if a few milliseconds of delay occurs while the cache is invalidated on multiple machines.  There are multiple solutions that can be implemented to handle that, but for most Magento customers they represent an infrastructure complexity that many merchants shouldn't take on.  So, for the scenario that I tend to work in, working out of the box so that I can have files cached across multiple machines is one that I would prefer.

That said, I really do like what has been done with GlusterFS.  While it doesn't solve the problem I'm trying to solve it's got some really neat things in it.

1 year, 7 months ago on Testing GlusterFS for Magento

Reply

@vinai Yep.  Did a lot of copying and pasting from there.

1 year, 7 months ago on EAV Properties for Magento

Reply

@henrylearn2rock I'm pretty sure, yes.  Most, if not all, modern operating systems have disk block caching.  The test is easy.  Do a code loop writing to the file system and another one reading.  if they are vastly different then the OS is caching.

1 year, 8 months ago on For the last time, the file system is not slow!!

Reply

@dragooni It is a feature of the kernel and not the file system.  Therefore it would be available to all file systems (I'm pretty sure this is true).  It can be "bypassed" by passing the O_DIRECT option to open() in C which allows the application to directly control physical reads and writes.

1 year, 8 months ago on For the last time, the file system is not slow!!

Reply

@mkevac Yes, but if you are running PHP-FPM with NginX you still have the same problem.  Even though NginX can handle 10k connections does not mean that you want 10k PHP processes running in the background to handle the requests.  So while your assertion is true it's an apples/oranges comparison.  For static content, absolutely NginX is the best server.  However, for running PHP loads, Apache handles the request just a little more efficiently.

1 year, 8 months ago on Why is FastCGI /w Nginx so much faster than Apache /w mod_php?

Reply

@tubalmartin @Eugene OZ Every time someone uses shell_exec() for async operations a kitten gets a tummy ache.

1 year, 8 months ago on Why is FastCGI /w Nginx so much faster than Apache /w mod_php?

Reply

I've not tried that. Do you have any benchmarks?

1 year, 9 months ago on Why you should not use .htaccess (AllowOverride All) in production

Reply

If you have no access to httpd.conf then your options are pretty limited. That said, I don't know what your requirements are for running a shared host, but I have the cheapest Linode VM which gives me full access for $20 a month and I love it.

1 year, 9 months ago on Why you should not use .htaccess (AllowOverride All) in production

Reply

If throughput is a concern. As we saw in the benchmark, disabling AllowOverride caused a 40% improvement in performance for static files. There is also the inherent security issue of allowing items in your document root change the configuration of your web server on the fly.

1 year, 9 months ago on Why you should not use .htaccess (AllowOverride All) in production

Reply

Technically AllowOverride IS the alternative. The preference would be to keep config settings in httpd.conf.

1 year, 9 months ago on Why you should not use .htaccess (AllowOverride All) in production

Reply

My thought would be to copy the superglobals to a backup variable and then overwrite them after the opcodes, objects and variables have been copied.

1 year, 9 months ago on Would this be a dumb idea for PHP core?

Reply

Additionally, 70% of all successful attacks come from inside an organization. Having a configurable value a) requires you to manage the key, and b) is something that an internal attacker may have knowledge of. Using a large pseudo-random number requires no configuration management and is not known by an internal individual. Defense in Depth, baby!

1 year, 9 months ago on Generating secure cross site request forgery tokens (csrf)

Reply

Could you explain why hashing values that are relatively easy to figure out is better than a pseudo random number generator?

1 year, 9 months ago on Generating secure cross site request forgery tokens (csrf)

Reply

There are parts of token generation that, on a basic level, do fall into the realm of cryptography since cryptography is about "writing secrets". Beyond that the link to crypto is simply that the cryptographic tooling does a better job of providing more, better, pseudo-random values. When we're talking about predictability it will depend on which function we're talking about. If you have a timestamp, uniqid() is actually pretty easy to guess. It was designed to be unique, not unpredictable. And mt_rand() isn't so much predictable as it has a significantly smaller pool of values to choose from. In other words, mt_rand() is good, but openssl_random_pseudo_bytes() is better.

1 year, 9 months ago on Generating secure cross site request forgery tokens (csrf)

Reply

Cryptos (κρυπτός) and graphein (γράφειν) just means "secret writing". When we're generating a token what we want to do is give a secret to the person on the web page that will be extremely difficult to predict. The examples that I've found tend to rely on uniqid() which is based off of the time and, thus, predictable. So when you're thinking about cryptography you are probably thinking about the actual act of encryption, which is not what we're talking about. We are using the tool from one of the first steps in the chain for creating an "unpredictable" value. The 32 bytes (256 bits) of data give us 1.1579208923731619542357098500869e+77 values, which is a pretty big set of values for you to use and so I doubt that you would deplete entropy. However, mt_rand() returns an integer, not a series of bytes. That means that you have only 4 billion or so numbers to choose from. Compared to that other huge number, I would choose the latter.

1 year, 9 months ago on Generating secure cross site request forgery tokens (csrf)

Reply

It uses that as an example for generating a token, but that page also specifically states that it is based off of microtime. Because of that the value would be predictable.

1 year, 9 months ago on Generating secure cross site request forgery tokens (csrf)

Reply

...I should say a *significant* loss in security.

1 year, 9 months ago on Generating secure cross site request forgery tokens (csrf)

Reply

Thanks. That's a good point. In other words, using md5() or sha512 is not as important as getting the actual random bits. The hashing, itself, is really only there to make sure that the bits that come out do not break the format. One could almost say that when using openssl_random_pseudo_bytes() you could use md5(), hash_hmac() or base64_encode() without a loss of security, something that would not be possible to say about uniqid().

1 year, 9 months ago on Generating secure cross site request forgery tokens (csrf)

Reply

Sounds like the files were not actually pushed to the container. I would suggest that you contact support on the Get Satisfaction page for PHPCloud. I don't work for Zend anymore and so they may have changed things since I last worked on it.

1 year, 10 months ago on Connecting to the Zend Developer Cloud using NetBeans for PHP

Reply

It went pretty well. I have a second one coming up as soon as I can get it scheduled. We'll see how the next one goes.

1 year, 10 months ago on You gotta know when to fold ‘em

Reply

... in other words, yes, memory utilization is more efficient with NginX. But one of the claims I heard was that NginX was faster, which turned out not to be true. With memory being cheap these days, memory usage should not be a primary factor for determining the server to use. The arguments _for_ NginX can be made quite easily without having to go to secondary arguments.

1 year, 10 months ago on Why is FastCGI /w Nginx so much faster than Apache /w mod_php?

Reply

I was using Apache 2.2. But let's not go too far here. What I claimed was that PHP was faster on Apache. I have heard several times that this is the case. I wanted to figure out why and found that assertion was actually wrong. I wasn't talking about memory and I wasn't talking about static files. NginX is faster on a raw performance test. By at least an order of magnitude, due to its event based architecture. Personally, I would still recommend using NginX with FastCGI for PHP even though it is slower than Apache. For a mixed media site, the additional performance of static files more than makes up for the slow-down with FastCGI. And if it's an API-based site (only PHP-based content) NginX will handle transient loads better (as well as denial of service attacks).

1 year, 10 months ago on Why is FastCGI /w Nginx so much faster than Apache /w mod_php?

Reply

I did not. I might see what that does differently. But since both servers react to an accept() *system* call to process the request (and do not manage the handshake themselves) it is unlikely that it will make much of a difference.

1 year, 10 months ago on Why is FastCGI /w Nginx so much faster than Apache /w mod_php?

Reply

 @lparthad Means that there was an error in the format of your amf_config.ini file.

2 years, 1 month ago on Flex and Zend Framework – Part 1

Reply

 @ecolinet I take back what I said about Codiqa.  it doesn't seem to support remote data sources.

2 years, 4 months ago on Phonegap and Bootstrap not lovers?

Reply