Re: FreeBSD for webserver?
On Wednesday 23 July 2008 21:03:36 Ted Mittelstaedt wrote: -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Gonzalo Nemmi Sent: Wednesday, July 23, 2008 1:02 AM To: freebsd-questions@freebsd.org Subject: Re: FreeBSD for webserver? On Wednesday 23 July 2008 03:47:04 Ted Mittelstaedt wrote: This seems to be a common misperception about ports. Ports aren't something magical. They do exactly what you would do from the commandline (i.e. ./configure, make, make install), except they come with several bonuses. 1) The port maintainer has already worked out all the quirks to make it compile and install properly on FreeBSD. 2) The port maintainer has already supplied patches that allow the software to build correctly on FreeBSD. 3) All the dependencies are already taken care of. 4) Upgrading is quite simple and straightforward. 5) The software is now architechture-independent (in most cases), meaning you can move from Intel to AMD (for example) without having to worry that the software will no longer build and you'll have to start from scratch again. For example, I decided today that I wanted to try out some software named arguseye. So I downloaded and untarred the program. I looked at the dependencies. It requires a number of perl modules, some of which are not in ports. So, I just created three new perl ports to satisfy those dependencies and submitted them this afternoon. Once those are accepted into the tree, I'll create the arguseye port and submit it as well. Then, when someone else wants to install arguseye, all they will have to do is type make install clean in the port directory and everything that they need will be installed for them. Unless you're a glutton for punishment, why would you do all that yourself? Because maybe you don't care for the porter's choice of defaults. Many programs come with hard-coded defaults that are modified in a config file. For example cistron-radius. Another example is the dspam port. The porter for that insisted on using a default of apache vhost. However the default apache port does not activate this. I don't give a rat's ass that vhost is supposedly more secure. Another one that always pisses me off is the porter's choice in building uw-imap to turn off plaintext passwords. And the default for pine is also to turn off plaintext support. Another problem is that not all porters are good about maintaining their ports. For example icradius. Someone spent a lot of time creating the port for that. Then just let it die. Another is the open source ingres database. Julian ported that one then lost interest, it died sometime around FBSD 4.X Another problem with ports is that all of them like pulling the original source from the author's site. I've had a few where the author released the code under GPL then a few years later lost interest, stopped paying whatever ISP he had the main site for the program at, and the porter also lost interest in the project and never bothered obtaining the last available tarfile from the authors site and uploading it to freebsd, then both disappeared. Another one I can recall is the gated code, similar issue. The fundamental achillies heel of the ports system is it makes the assumption that every package in the ports system is popular and will be supported for the indefinite future by the original package developer. The ports system counts on this insofar that it assumes that if the original porter loses interest and stops tracking the master site, that someone else will step in and assume responsibility for maintaining the port. The reality is that in every release of FreeBSD, some ports go wanting for sponsors, and nobody steps forward and so when the port stops building, the FreeBSD maintainers simply cut it out of the ports tree, plus anything dependent on it. This assumption is fine for people running vanilla apache or whatever systems, which is most people. But, if your doing anything that isn't plain-jane middle of the road, you better assume that if your using a series of ports, to make detailed notes, and save the ports, and save the patches, and save the distfiles. You may need to see how they did it in an older FreeBSD system when a new version of FreeBSD comes out that is missing one or more of the ports you depend on. Ultimately, ports isn't any different than most other things. When it's properly executed it's great. But proper execution of the entire thing depends on every porter who has an active port in the system doing the right thing, and there's so many of them that statistically, some of them are going to be flakes
Re: FreeBSD for webserver?
- Original Message From: VeeJay [EMAIL PROTECTED] To: FreeBSD-Questions freebsd-questions@freebsd.org; VeeJay [EMAIL PROTECTED] Sent: Tuesday, July 22, 2008 11:05:26 PM Subject: FreeBSD for webserver? Hi there I am going to make 2 Webserver at my work going to handle 50 mil hits per month... They are using Linux already. But being a FreeBSD fan, I have proposed FreeBSD to my Boss convincing him that FreeBSD is more Fast and Secure solution for his needs... And now I want to show the results... *Hardware:* Dell PowerEdge 2950 III having 2 x CPU 3,0 GHz Intel Xeon L5450 Quad-Core 2x6MB cache WITH 16 GB RAM. *Tools:* 1. FreeBSD 7 Production Release 2. Apache 2.2.9 3. MySQL 5.1.26 I would go with MySQL 5.0.x since 5.1.x has speed issues. Thanks! BR / vj Regards, -Abdullah Ibn Hamad Al-Marri Arab Portal http://www.WeArab.Net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: FreeBSD for webserver?
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Paul Schmehl Sent: Tuesday, July 22, 2008 2:22 PM To: VeeJay; FreeBSD-Questions Subject: Re: FreeBSD for webserver? --On Tuesday, July 22, 2008 22:05:26 +0200 VeeJay [EMAIL PROTECTED] wrote: Hi there I am going to make 2 Webserver at my work going to handle 50 mil hits per month... They are using Linux already. But being a FreeBSD fan, I have proposed FreeBSD to my Boss convincing him that FreeBSD is more Fast and Secure solution for his needs... And now I want to show the results... *Hardware:* Dell PowerEdge 2950 III having 2 x CPU 3,0 GHz Intel Xeon L5450 Quad-Core 2x6MB cache WITH 16 GB RAM. *Tools:* 1. FreeBSD 7 Production Release 2. Apache 2.2.9 3. MySQL 5.1.26 4. PHP 5.2.6 My question is, *To get the speed, performance and security*: Should I use Ports or Packages to install all these tools One by One? *OR* Should I use TAR files and compile them manually. For example giving command line arguments and commands like This seems to be a common misperception about ports. Ports aren't something magical. They do exactly what you would do from the commandline (i.e. ./configure, make, make install), except they come with several bonuses. 1) The port maintainer has already worked out all the quirks to make it compile and install properly on FreeBSD. 2) The port maintainer has already supplied patches that allow the software to build correctly on FreeBSD. 3) All the dependencies are already taken care of. 4) Upgrading is quite simple and straightforward. 5) The software is now architechture-independent (in most cases), meaning you can move from Intel to AMD (for example) without having to worry that the software will no longer build and you'll have to start from scratch again. For example, I decided today that I wanted to try out some software named arguseye. So I downloaded and untarred the program. I looked at the dependencies. It requires a number of perl modules, some of which are not in ports. So, I just created three new perl ports to satisfy those dependencies and submitted them this afternoon. Once those are accepted into the tree, I'll create the arguseye port and submit it as well. Then, when someone else wants to install arguseye, all they will have to do is type make install clean in the port directory and everything that they need will be installed for them. Unless you're a glutton for punishment, why would you do all that yourself? Because maybe you don't care for the porter's choice of defaults. Many programs come with hard-coded defaults that are modified in a config file. For example cistron-radius. Another example is the dspam port. The porter for that insisted on using a default of apache vhost. However the default apache port does not activate this. I don't give a rat's ass that vhost is supposedly more secure. Another one that always pisses me off is the porter's choice in building uw-imap to turn off plaintext passwords. And the default for pine is also to turn off plaintext support. Another problem is that not all porters are good about maintaining their ports. For example icradius. Someone spent a lot of time creating the port for that. Then just let it die. Another is the open source ingres database. Julian ported that one then lost interest, it died sometime around FBSD 4.X Another problem with ports is that all of them like pulling the original source from the author's site. I've had a few where the author released the code under GPL then a few years later lost interest, stopped paying whatever ISP he had the main site for the program at, and the porter also lost interest in the project and never bothered obtaining the last available tarfile from the authors site and uploading it to freebsd, then both disappeared. Another one I can recall is the gated code, similar issue. The fundamental achillies heel of the ports system is it makes the assumption that every package in the ports system is popular and will be supported for the indefinite future by the original package developer. The ports system counts on this insofar that it assumes that if the original porter loses interest and stops tracking the master site, that someone else will step in and assume responsibility for maintaining the port. The reality is that in every release of FreeBSD, some ports go wanting for sponsors, and nobody steps forward and so when the port stops building, the FreeBSD maintainers simply cut it out of the ports tree, plus anything dependent on it. This assumption is fine for people running vanilla apache or whatever systems, which is most people. But, if your doing anything that isn't plain-jane middle of the road, you better assume that if your using a series of ports, to make detailed notes, and save the ports, and save the patches, and save the distfiles. You may need to see how
Re: FreeBSD for webserver?
On Wednesday 23 July 2008 03:47:04 Ted Mittelstaedt wrote: This seems to be a common misperception about ports. Ports aren't something magical. They do exactly what you would do from the commandline (i.e. ./configure, make, make install), except they come with several bonuses. 1) The port maintainer has already worked out all the quirks to make it compile and install properly on FreeBSD. 2) The port maintainer has already supplied patches that allow the software to build correctly on FreeBSD. 3) All the dependencies are already taken care of. 4) Upgrading is quite simple and straightforward. 5) The software is now architechture-independent (in most cases), meaning you can move from Intel to AMD (for example) without having to worry that the software will no longer build and you'll have to start from scratch again. For example, I decided today that I wanted to try out some software named arguseye. So I downloaded and untarred the program. I looked at the dependencies. It requires a number of perl modules, some of which are not in ports. So, I just created three new perl ports to satisfy those dependencies and submitted them this afternoon. Once those are accepted into the tree, I'll create the arguseye port and submit it as well. Then, when someone else wants to install arguseye, all they will have to do is type make install clean in the port directory and everything that they need will be installed for them. Unless you're a glutton for punishment, why would you do all that yourself? Because maybe you don't care for the porter's choice of defaults. Many programs come with hard-coded defaults that are modified in a config file. For example cistron-radius. Another example is the dspam port. The porter for that insisted on using a default of apache vhost. However the default apache port does not activate this. I don't give a rat's ass that vhost is supposedly more secure. Another one that always pisses me off is the porter's choice in building uw-imap to turn off plaintext passwords. And the default for pine is also to turn off plaintext support. Another problem is that not all porters are good about maintaining their ports. For example icradius. Someone spent a lot of time creating the port for that. Then just let it die. Another is the open source ingres database. Julian ported that one then lost interest, it died sometime around FBSD 4.X Another problem with ports is that all of them like pulling the original source from the author's site. I've had a few where the author released the code under GPL then a few years later lost interest, stopped paying whatever ISP he had the main site for the program at, and the porter also lost interest in the project and never bothered obtaining the last available tarfile from the authors site and uploading it to freebsd, then both disappeared. Another one I can recall is the gated code, similar issue. The fundamental achillies heel of the ports system is it makes the assumption that every package in the ports system is popular and will be supported for the indefinite future by the original package developer. The ports system counts on this insofar that it assumes that if the original porter loses interest and stops tracking the master site, that someone else will step in and assume responsibility for maintaining the port. The reality is that in every release of FreeBSD, some ports go wanting for sponsors, and nobody steps forward and so when the port stops building, the FreeBSD maintainers simply cut it out of the ports tree, plus anything dependent on it. This assumption is fine for people running vanilla apache or whatever systems, which is most people. But, if your doing anything that isn't plain-jane middle of the road, you better assume that if your using a series of ports, to make detailed notes, and save the ports, and save the patches, and save the distfiles. You may need to see how they did it in an older FreeBSD system when a new version of FreeBSD comes out that is missing one or more of the ports you depend on. Ultimately, ports isn't any different than most other things. When it's properly executed it's great. But proper execution of the entire thing depends on every porter who has an active port in the system doing the right thing, and there's so many of them that statistically, some of them are going to be flakes. Ultimately, if your going to be a server admin, you need to know how to build your applications without ports. It's no different than, for example, I know how to pour and form concrete, I know how to plumb pipes. But if I needed concrete poured, or pipes plumbed, I would call a contractor and a plumber, and because I know how to do these things I would be able to keep an eye on what the people I hired were doing and know if they were doing what they were supposed to be doing, or
Re: FreeBSD for webserver?
Really good contribution I would of course go with ports but have a question in mind What should be installation sequience? 1. Apache 2.2.9 2. MySQL 5.1.26 3. PHP 5.2.6 And are there any options you guys would like to suggest to avoide for performance or security reasons? Regards VJ On Tue, Jul 22, 2008 at 10:05 PM, VeeJay [EMAIL PROTECTED] wrote: Hi there I am going to make 2 Webserver at my work going to handle 50 mil hits per month... They are using Linux already. But being a FreeBSD fan, I have proposed FreeBSD to my Boss convincing him that FreeBSD is more Fast and Secure solution for his needs... And now I want to show the results... *Hardware:* Dell PowerEdge 2950 III having 2 x CPU 3,0 GHz Intel Xeon L5450 Quad-Core 2x6MB cache WITH 16 GB RAM. *Tools:* 1. FreeBSD 7 Production Release 2. Apache 2.2.9 3. MySQL 5.1.26 4. PHP 5.2.6 My question is, *To get the speed, performance and security*: Should I use Ports or Packages to install all these tools One by One? *OR* Should I use TAR files and compile them manually. For example giving command line arguments and commands like ./configure --prefix=/www --enable-module=so make make install cd ../php-xxx ./configure --with-mysql --with-apxs=/www/bin/apxs make make install etc I have googled but still haven't reached to solution...personally I would prefer comiling them with command line arguments but then I seek some help from you guys i.e. How should I write this ./configure..stuff in FreeBSD and what would be the best options combination, I must choose to get the speed, performane and security in Apache, MySQL and PHP? Any suggestion is very welcomed! -- Thanks! BR / vj -- Thanks! BR / vj ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FreeBSD for webserver?
At least ports-mgmt/portaudit, which check if installed ports have published security vulnerabilities. I don't use PHP, but I used to create a separate user for each webapp with a special login class, so I would run PHP in FCGI mode (with something like xcache) instead of mod_php. For the rest ... it's usually a question of configuration. On Wed, 2008-07-23 at 11:06 +0200, VeeJay wrote: Really good contribution I would of course go with ports but have a question in mind What should be installation sequience? 1. Apache 2.2.9 2. MySQL 5.1.26 3. PHP 5.2.6 And are there any options you guys would like to suggest to avoide for performance or security reasons? Regards VJ On Tue, Jul 22, 2008 at 10:05 PM, VeeJay [EMAIL PROTECTED] wrote: Hi there I am going to make 2 Webserver at my work going to handle 50 mil hits per month... They are using Linux already. But being a FreeBSD fan, I have proposed FreeBSD to my Boss convincing him that FreeBSD is more Fast and Secure solution for his needs... And now I want to show the results... *Hardware:* Dell PowerEdge 2950 III having 2 x CPU 3,0 GHz Intel Xeon L5450 Quad-Core 2x6MB cache WITH 16 GB RAM. *Tools:* 1. FreeBSD 7 Production Release 2. Apache 2.2.9 3. MySQL 5.1.26 4. PHP 5.2.6 My question is, *To get the speed, performance and security*: Should I use Ports or Packages to install all these tools One by One? *OR* Should I use TAR files and compile them manually. For example giving command line arguments and commands like ./configure --prefix=/www --enable-module=so make make install cd ../php-xxx ./configure --with-mysql --with-apxs=/www/bin/apxs make make install etc I have googled but still haven't reached to solution...personally I would prefer comiling them with command line arguments but then I seek some help from you guys i.e. How should I write this ./configure..stuff in FreeBSD and what would be the best options combination, I must choose to get the speed, performane and security in Apache, MySQL and PHP? Any suggestion is very welcomed! -- Thanks! BR / vj -- Julien Cigar Belgian Biodiversity Platform http://www.biodiversity.be Université Libre de Bruxelles (ULB) Campus de la Plaine CP 257 Bâtiment NO, Bureau 4 N4 115C (Niveau 4) Boulevard du Triomphe, entrée ULB 2 B-1050 Bruxelles Mail: [EMAIL PROTECTED] @biobel: http://biobel.biodiversity.be/person/show/471 Tel : 02 650 57 52 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Auto-saving distfiles on freebsd (was: FreeBSD for webserver?)
On Tue, Jul 22, 2008 at 11:47:04PM -0700, Ted Mittelstaedt wrote: Another problem with ports is that all of them like pulling the original source from the author's site. I've had a few where the author released the code under GPL then a few years later lost interest, stopped paying whatever ISP he had the main site for the program at, and the porter also lost interest in the project and never bothered obtaining the last available tarfile from the authors site and uploading it to freebsd, then both disappeared. Another one I can recall is the gated code, similar issue. Why not add this to pointyhat scripts? Just upload a copy of every *new* distfile ever encountered from the author's page to freebsd (unless there are legal constraints not to do so, of course)? The ports would still go to the primary sites (to conserve bandwidth), but should the original distfile disappear, it would be still available on freebsd. -cpghost. -- Cordula's Web. http://www.cordula.ws/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FreeBSD for webserver?
On Tue, Jul 22, 2008 at 09:01:44PM -0400, Sahil Tandon wrote: Paul Schmehl [EMAIL PROTECTED] wrote: [...] Some people enjoy doing that. Most people just want the software to work, be easy to maintain and upgrade and then stay out of their way. Ahem, and that 'just works' crowd is generally not found using FreeBSD or in an admin capacity. :-) Huh???That is what you get with FreeBSD. It works and requires a lot less handholding as a server. As a web server, FreeBSD requires almost no admin tinkering.You set it up, configure Apache and then it just works. jerry -- Sahil Tandon [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Auto-saving distfiles on freebsd (was: FreeBSD for webserver?)
cpghost [EMAIL PROTECTED] wrote: The ports would still go to the primary sites (to conserve bandwidth), but should the original distfile disappear, it would be still available on freebsd. I think his problem comes from the fact that some ports don't do this, not that it isn't a good idea. The port maintainers just never did it. -- James Tanis Technical Coordinator Monsignor Donovan Catholic High School e: [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FreeBSD for webserver?
Jerry McAllister wrote: On Tue, Jul 22, 2008 at 09:01:44PM -0400, Sahil Tandon wrote: Paul Schmehl [EMAIL PROTECTED] wrote: [...] Some people enjoy doing that. Most people just want the software to work, be easy to maintain and upgrade and then stay out of their way. Ahem, and that 'just works' crowd is generally not found using FreeBSD or in an admin capacity. :-) Huh???That is what you get with FreeBSD. It works and requires a lot less handholding as a server. As a web server, FreeBSD requires almost no admin tinkering.You set it up, configure Apache and then it just works. jerry Confirmed, I am getting my first taste of Centos this month. We needed to use Centos to meet a client requirement. I could have the server up in a few hours with FBSD. At the moment I am waiting for the Linux admin to finish building custom RPMs for everything I install because we need software either not in the YUM repository, or not configured the same as the RPM maintainer configured. When I say I'll just build from source the blood runs out of his face and he says That is not a good idea, everything needs to be an RPM, it would be bad, we can't do that. What a pain. DAve -- Don't tell me I'm driving the cart! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FreeBSD for webserver?
--On Wednesday, July 23, 2008 11:06:30 +0200 VeeJay [EMAIL PROTECTED] wrote: Really good contribution I would of course go with ports but have a question in mind What should be installation sequience? 1. Apache 2.2.9 2. MySQL 5.1.26 3. PHP 5.2.6 Install Apache before you install php. Mysql doesn't matter. The default installs of all three should be fine unless you're doing something unusual. You'll also need to install php-extensions. Run make config first and decide which ones you need to have installed (after installing php5 of course.) And are there any options you guys would like to suggest to avoide for performance or security reasons? Setup mysql to listen on localhost only *or* to not listen on tcp at all and use unix sockets instead. Mysql, by default, comes with four accounts with blank passwords; [EMAIL PROTECTED], [EMAIL PROTECTED], @FQHN and @localhost (yes, that's blank @.) Remove all those accounts except [EMAIL PROTECTED] and then set a very good password for root. Create *new* and separate accounts for *every* database you create and grant only the rights needed to perform the task. Most applications only need select, insert, update and delete. Test it with those and add other rights if necessary. Install portaudit and aggressively update when security issues are found in any of the apps on your server. Do not enable any services that are not needed to do the job, and restrict access to ssh to only those networks and accounts that really need access. -- Paul Schmehl As if it wasn't already obvious, my opinions are my own and not those of my employer. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: FreeBSD for webserver?
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Gonzalo Nemmi Sent: Wednesday, July 23, 2008 1:02 AM To: freebsd-questions@freebsd.org Subject: Re: FreeBSD for webserver? On Wednesday 23 July 2008 03:47:04 Ted Mittelstaedt wrote: This seems to be a common misperception about ports. Ports aren't something magical. They do exactly what you would do from the commandline (i.e. ./configure, make, make install), except they come with several bonuses. 1) The port maintainer has already worked out all the quirks to make it compile and install properly on FreeBSD. 2) The port maintainer has already supplied patches that allow the software to build correctly on FreeBSD. 3) All the dependencies are already taken care of. 4) Upgrading is quite simple and straightforward. 5) The software is now architechture-independent (in most cases), meaning you can move from Intel to AMD (for example) without having to worry that the software will no longer build and you'll have to start from scratch again. For example, I decided today that I wanted to try out some software named arguseye. So I downloaded and untarred the program. I looked at the dependencies. It requires a number of perl modules, some of which are not in ports. So, I just created three new perl ports to satisfy those dependencies and submitted them this afternoon. Once those are accepted into the tree, I'll create the arguseye port and submit it as well. Then, when someone else wants to install arguseye, all they will have to do is type make install clean in the port directory and everything that they need will be installed for them. Unless you're a glutton for punishment, why would you do all that yourself? Because maybe you don't care for the porter's choice of defaults. Many programs come with hard-coded defaults that are modified in a config file. For example cistron-radius. Another example is the dspam port. The porter for that insisted on using a default of apache vhost. However the default apache port does not activate this. I don't give a rat's ass that vhost is supposedly more secure. Another one that always pisses me off is the porter's choice in building uw-imap to turn off plaintext passwords. And the default for pine is also to turn off plaintext support. Another problem is that not all porters are good about maintaining their ports. For example icradius. Someone spent a lot of time creating the port for that. Then just let it die. Another is the open source ingres database. Julian ported that one then lost interest, it died sometime around FBSD 4.X Another problem with ports is that all of them like pulling the original source from the author's site. I've had a few where the author released the code under GPL then a few years later lost interest, stopped paying whatever ISP he had the main site for the program at, and the porter also lost interest in the project and never bothered obtaining the last available tarfile from the authors site and uploading it to freebsd, then both disappeared. Another one I can recall is the gated code, similar issue. The fundamental achillies heel of the ports system is it makes the assumption that every package in the ports system is popular and will be supported for the indefinite future by the original package developer. The ports system counts on this insofar that it assumes that if the original porter loses interest and stops tracking the master site, that someone else will step in and assume responsibility for maintaining the port. The reality is that in every release of FreeBSD, some ports go wanting for sponsors, and nobody steps forward and so when the port stops building, the FreeBSD maintainers simply cut it out of the ports tree, plus anything dependent on it. This assumption is fine for people running vanilla apache or whatever systems, which is most people. But, if your doing anything that isn't plain-jane middle of the road, you better assume that if your using a series of ports, to make detailed notes, and save the ports, and save the patches, and save the distfiles. You may need to see how they did it in an older FreeBSD system when a new version of FreeBSD comes out that is missing one or more of the ports you depend on. Ultimately, ports isn't any different than most other things. When it's properly executed it's great. But proper execution of the entire thing depends on every porter who has an active port in the system doing the right thing, and there's so many of them that statistically, some of them are going to be flakes. Ultimately, if your going to be a server admin, you need to know how to build your applications without ports. It's no different than, for example, I know how to pour
FreeBSD for webserver?
Hi there I am going to make 2 Webserver at my work going to handle 50 mil hits per month... They are using Linux already. But being a FreeBSD fan, I have proposed FreeBSD to my Boss convincing him that FreeBSD is more Fast and Secure solution for his needs... And now I want to show the results... *Hardware:* Dell PowerEdge 2950 III having 2 x CPU 3,0 GHz Intel Xeon L5450 Quad-Core 2x6MB cache WITH 16 GB RAM. *Tools:* 1. FreeBSD 7 Production Release 2. Apache 2.2.9 3. MySQL 5.1.26 4. PHP 5.2.6 My question is, *To get the speed, performance and security*: Should I use Ports or Packages to install all these tools One by One? *OR* Should I use TAR files and compile them manually. For example giving command line arguments and commands like ./configure --prefix=/www --enable-module=so make make install cd ../php-xxx ./configure --with-mysql --with-apxs=/www/bin/apxs make make install etc I have googled but still haven't reached to solution...personally I would prefer comiling them with command line arguments but then I seek some help from you guys i.e. How should I write this ./configure..stuff in FreeBSD and what would be the best options combination, I must choose to get the speed, performane and security in Apache, MySQL and PHP? Any suggestion is very welcomed! -- Thanks! BR / vj ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FreeBSD for webserver?
VeeJay wrote: Hi there I am going to make 2 Webserver at my work going to handle 50 mil hits per month... They are using Linux already. But being a FreeBSD fan, I have proposed FreeBSD to my Boss convincing him that FreeBSD is more Fast and Secure solution for his needs... And now I want to show the results... *Hardware:* Dell PowerEdge 2950 III having 2 x CPU 3,0 GHz Intel Xeon L5450 Quad-Core 2x6MB cache WITH 16 GB RAM. *Tools:* 1. FreeBSD 7 Production Release 2. Apache 2.2.9 3. MySQL 5.1.26 4. PHP 5.2.6 My question is, *To get the speed, performance and security*: Should I use Ports or Packages to install all these tools One by One? *OR* Should I use TAR files and compile them manually. For example giving command line arguments and commands like ./configure --prefix=/www --enable-module=so make make install cd ../php-xxx ./configure --with-mysql --with-apxs=/www/bin/apxs make make install etc I have googled but still haven't reached to solution...personally I would prefer comiling them with command line arguments but then I seek some help from you guys i.e. How should I write this ./configure..stuff in FreeBSD and what would be the best options combination, I must choose to get the speed, performane and security in Apache, MySQL and PHP? Any suggestion is very welcomed! Best to just use the ports. They take care of all of the dependencies for you and have extra patches to make them work optimally for FreeBSD. Why ./configure by hand when the port's makefile will do it for you? -- Chris St Denis Programmer SmarttNet (www.smartt.com) Ph: 604-473-9700 Ext. 200 --- Smart Internet Solutions For Businesses ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FreeBSD for webserver?
Chris St Denis wrote: VeeJay wrote: Hi there I am going to make 2 Webserver at my work going to handle 50 mil hits per month... They are using Linux already. But being a FreeBSD fan, I have proposed FreeBSD to my Boss convincing him that FreeBSD is more Fast and Secure solution for his needs... And now I want to show the results... *Hardware:* Dell PowerEdge 2950 III having 2 x CPU 3,0 GHz Intel Xeon L5450 Quad-Core 2x6MB cache WITH 16 GB RAM. *Tools:* 1. FreeBSD 7 Production Release 2. Apache 2.2.9 3. MySQL 5.1.26 4. PHP 5.2.6 My question is, *To get the speed, performance and security*: Should I use Ports or Packages to install all these tools One by One? *OR* Should I use TAR files and compile them manually. For example giving command line arguments and commands like ./configure --prefix=/www --enable-module=so make make install cd ../php-xxx ./configure --with-mysql --with-apxs=/www/bin/apxs make make install etc I have googled but still haven't reached to solution...personally I would prefer comiling them with command line arguments but then I seek some help from you guys i.e. How should I write this ./configure..stuff in FreeBSD and what would be the best options combination, I must choose to get the speed, performane and security in Apache, MySQL and PHP? Any suggestion is very welcomed! Best to just use the ports. They take care of all of the dependencies for you and have extra patches to make them work optimally for FreeBSD. Why ./configure by hand when the port's makefile will do it for you? +1 Also, using ports makes it much easier to update systems with portupdate later on. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FreeBSD for webserver?
--On Tuesday, July 22, 2008 22:05:26 +0200 VeeJay [EMAIL PROTECTED] wrote: Hi there I am going to make 2 Webserver at my work going to handle 50 mil hits per month... They are using Linux already. But being a FreeBSD fan, I have proposed FreeBSD to my Boss convincing him that FreeBSD is more Fast and Secure solution for his needs... And now I want to show the results... *Hardware:* Dell PowerEdge 2950 III having 2 x CPU 3,0 GHz Intel Xeon L5450 Quad-Core 2x6MB cache WITH 16 GB RAM. *Tools:* 1. FreeBSD 7 Production Release 2. Apache 2.2.9 3. MySQL 5.1.26 4. PHP 5.2.6 My question is, *To get the speed, performance and security*: Should I use Ports or Packages to install all these tools One by One? *OR* Should I use TAR files and compile them manually. For example giving command line arguments and commands like This seems to be a common misperception about ports. Ports aren't something magical. They do exactly what you would do from the commandline (i.e. ./configure, make, make install), except they come with several bonuses. 1) The port maintainer has already worked out all the quirks to make it compile and install properly on FreeBSD. 2) The port maintainer has already supplied patches that allow the software to build correctly on FreeBSD. 3) All the dependencies are already taken care of. 4) Upgrading is quite simple and straightforward. 5) The software is now architechture-independent (in most cases), meaning you can move from Intel to AMD (for example) without having to worry that the software will no longer build and you'll have to start from scratch again. For example, I decided today that I wanted to try out some software named arguseye. So I downloaded and untarred the program. I looked at the dependencies. It requires a number of perl modules, some of which are not in ports. So, I just created three new perl ports to satisfy those dependencies and submitted them this afternoon. Once those are accepted into the tree, I'll create the arguseye port and submit it as well. Then, when someone else wants to install arguseye, all they will have to do is type make install clean in the port directory and everything that they need will be installed for them. Unless you're a glutton for punishment, why would you do all that yourself? And spend hours googling for solutions, writing your own patches when required, etc., etc.? And figuring out how to get the modules installed in the right place, remembering where you put them when you decide to uninstall or upgrade them, updating @INC so they can be found when you run your scripts, etc., etc., etc.? Some people enjoy doing that. Most people just want the software to work, be easy to maintain and upgrade and then stay out of their way. -- Paul Schmehl As if it wasn't already obvious, my opinions are my own and not those of my employer. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FreeBSD for webserver?
Paul Schmehl [EMAIL PROTECTED] wrote: [...] Some people enjoy doing that. Most people just want the software to work, be easy to maintain and upgrade and then stay out of their way. Ahem, and that 'just works' crowd is generally not found using FreeBSD or in an admin capacity. :-) -- Sahil Tandon [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FreeBSD for webserver?
Sahil Tandon wrote: Paul Schmehl [EMAIL PROTECTED] wrote: [...] Some people enjoy doing that. Most people just want the software to work, be easy to maintain and upgrade and then stay out of their way. Ahem, and that 'just works' crowd is generally not found using FreeBSD or in an admin capacity. :-) YMMV. Some of us run enough machines that we don't relish customizing any more than we absolutely have to, but not so many that we find it worthwhile to build our own packages for internal distribution. Oh, and one of the reasons that I use FreeBSD is that it just works. ;-) --Jon Radel smime.p7s Description: S/MIME Cryptographic Signature
Re: FreeBSD for webserver?
On Tue, 22 Jul 2008 21:01:44 -0400
Sahil Tandon [EMAIL PROTECTED] wrote:
Paul Schmehl [EMAIL PROTECTED] wrote:
[...]
Some people enjoy doing that. Most people just want the software to work,
be easy to maintain and upgrade and then stay out of their way.
Ahem, and that 'just works' crowd is generally not found using FreeBSD or in
an admin capacity. :-)
of course, but it doesn't mean that an experienced admin wouldn't prefer an
easy (ports is easy), configurable (it is too), and reliable (it is) option to
rolling everything on his/her own
_
{Beto|Norberto|Numard} Meijome
Software QA is like cleaning my cat's litter box: Sift out the big chunks. Stir
in the rest. Hope it doesn't stink.
I speak for myself, not my employer. Contents may be hot. Slippery when wet.
Reading disclaimers makes you go blind. Writing them is worse. You have been
Warned.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FreeBSD for webserver?
--On July 22, 2008 9:01:44 PM -0400 Sahil Tandon [EMAIL PROTECTED] wrote: Paul Schmehl [EMAIL PROTECTED] wrote: [...] Some people enjoy doing that. Most people just want the software to work, be easy to maintain and upgrade and then stay out of their way. Ahem, and that 'just works' crowd is generally not found using FreeBSD or in an admin capacity. :-) Perhaps you've misunderstood my point? Compiling from source rather than ports gains you nothing, in most cases, and can cost you a great deal of extra time if you run into problems. Time is something most admins I know have precious little of already. There are certainly special cases where compiling from source is preferable, especially if you have a highly customized installation, but those are the exceptions rather than the rule. My point was, when you install from ports, you *are* compiling from source. You just don't have to deal with any of the quirks that arise when you're working from the tarball. The port maintainers have already dealt with those issues for you. If you prefer compiling from the tarball then by all means have at it. As an admin myself, I build world and kernel by hand, but I build all my apps from ports. (I've used freebsd-update for kernel and world updates, but I normally compile both.) Paul Schmehl If it isn't already obvious, my opinions are my own and not those of my employer.
Re: FreeBSD for webserver?
Paul Schmehl [EMAIL PROTECTED] wrote: [...] Compiling from source rather than ports gains you nothing, in most cases, and can cost you a great deal of extra time if you run into problems. Time is something most admins I know have precious little of already. Relax. Google joke and jest. But let's be clear. You *are* compiling from source when you *build* from ports. You just have some guidance via the ports infrastructure. :) YMMV. TMTOWDI. There are exceptions. Et cetera. No need to justify your methods to the list; just do what works for you. [...] -- Sahil Tandon [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FreeBSD for webserver?
Paul Schmehl [EMAIL PROTECTED] writes: This seems to be a common misperception about ports. Ports aren't something magical. They do exactly what you would do from the commandline (i.e. ./configure, make, make install), except they come with several bonuses. 1) The port maintainer has already worked out all the quirks to make it compile and install properly on FreeBSD. 2) The port maintainer has already supplied patches that allow the software to build correctly on FreeBSD. 3) All the dependencies are already taken care of. 4) Upgrading is quite simple and straightforward. 5) The software is now architechture-independent (in most cases), meaning you can move from Intel to AMD (for example) without having to worry that the software will no longer build and you'll have to start from scratch again. Could I add 6. Removing software from the system quickly and cleanly is also a doddle!? Building/installing by hand often leaves you hunting down files ... atb Glyn ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
