Archive for the ‘Net: Techy: Linux’ category

New Relic, cPanel, Apache and FastCGI PHP

May 29th, 2013

We tend to operate RedHat Enterprise/CentOS based cPanel web hosting accounts for ourselves and our customers and for security, they are configured running PHP under suPHP via CGI/FastCGI. However, for server monitoring, we wanted to be able to use NewRelic for monitoring the sites on an individual level but without the customers having to add newrelic.appname to each of their applications – and we didn’t want each site to have to have its own php.ini, and under suPHP PHP ignores any php_value settings in the Apache configuration. So what to do?

Install New Relic
Well, first of all install New Relic according to your server architecture, then run “newrelic-install” and select all. Now we move on to the cPanel specific setup.

Getting PHP to notice the NewRelic PHP Module
In WHM (:2087), select “PHP Configuration Editor” and then “Advanced mode”. Search for Core “extension” and change the list from something like:

Restart Apache (via either WHM or /scripts/restartsrv_apache on the command line) and check everything is still working.

Configuring the newrelic.appname settings – Apache
From from command line/shell, cd into /var/cpanel/templates/apache2_2 (or whichever version of Apache you are running) and copy vhost.default to vhost.local (cp vhost.default vhost.local) if there isn’t already a vhost.local file. Now open that file up in your favourite text editor (for simplicities sake, I’m using nano : nano -w /var/cpanel/templates/apache2_2/vhost.local).

Near the top of the file it will say something like:

<VirtualHost[% FOREACH ipblock IN vhost.ips %] [% ipblock.ip %]:[% ipblock.port %][% END %]>
ServerName [% wildcard_safe(vhost.servername) %]
[% IF vhost.serveralias_array.size -%]
[% FOREACH alias IN vhost.serveralias_array -%]
ServerAlias [% alias %]
[% END -%]

Add a suitable “SetEnv newrelic_appname” line. For example, I want all of the sites to be recorded against the main virtual host’s server name, so I would use:

<VirtualHost[% FOREACH ipblock IN vhost.ips %] [% ipblock.ip %]:[% ipblock.port %][% END %]>
ServerName [% wildcard_safe(vhost.servername) %]
SetEnv newrelic_appname [% wildcard_safe(vhost.servername) %]
[% IF vhost.serveralias_array.size -%]
[% FOREACH alias IN vhost.serveralias_array -%]
ServerAlias [% alias %]
[% END -%]

You could also use the user’s username SetEnv newrelic_appname [% % vhost.user %] if you wanted to.

Use the Distiller to check everything looks good:
/usr/local/cpanel/bin/apache_conf_distiller --update
and if it does, rebuild the Apache configuration:
and again restart Apache and test.

Now, there is an environment variable called “newrelic_appname” available for usage. But we’re not using it yet: so we move onto:

Configuring the newrelic.appname settings – PHP
Using a <?php phpinfo(); ?> script find where your php.ini file – ours was in /usr/local/lib/php.ini . Open it open in your text editor again (nano -w /usr/local/lib/php.ini) and search for the newrelic.appname setting which should appear (Press Ctrl+W and then type appname in nano). You should see something like:

; Setting: newrelic.appname
; Type : string
; Scope : per-directory
; Default: “PHP Application”
; Info : Sets the name of the application that metrics will be reported into.
; This can in fact be a list of up to 3 application names, each of
; which must be separated by a semi-colon. The first name in any such
; list is considered the ‘primary’ application name and must be unique
; for each account / license key.
;newrelic.appname = “PHP Application”

; Beginning with version 3.0 of the agent, the daemon can be automatically
; started by the agent. There is no need to start the daemon before starting

Remove the colon and the start of the line and change it to read from ${newrelic_appname} for example:

; for each account / license key.
newrelic.appname = “${newrelic_appname}”

; Beginning with version 3.0 of the agent, the daemon can be automatically

This will read in the newrelic_appname environment variable upon run and dynamically replace it in the PHP settings. Restart Apache again (just to be safe) and check a few sites are working. Within a couple of minutes, you should see the records appear in NewRelic.

All done! Have fun!

Bye Bye Mangahigh – hello Bairwell!

November 28th, 2011

After just over 3 years working at Blue Duck Education Ltd as the Lead Developer/Systems Architect with Toby Rowland and other very talented people (too numerous to name here) building the Mangahigh Maths Games educational resource which we built from a brand new site to being one of the fastest growing educational games sites – I’m now leaving for pastures new.

So where am I going?

Well, my fiancĂ©e and I will be starting, on the 3rd of January, a new company called Bairwell Web Development to combine our two talents. Bairwell will be offering WordPress, Perch and LAMP (Linux, Apache, MySQL, PHP 5 : also some Varnish, PostgreSQL, Memcache, Perl and Systems administration) development consultancy services – so if you want a well designed (Katy), scalable and responsive (me) website: then please get in touch with us via our web development site (Katy is still working on it at this time of writing), Twitter or Facebook.

Fingers crossed!

Varnish: Unable to start: SHMFILE owned by running…

September 15th, 2011

If, when trying to start the Varnish reverse proxy server, you receive an error message such as:
[ ]#/usr/sbin/varnishd -d -f /etc/varnish/default.vcl
GeoIP plugin loaded successfully.
storage_file: filename: ./varnish.8QhQpI size 4208 MB.
SHMFILE owned by running varnishd master (pid=2451)
(Use unique -n arguments if you want multiple instances.)

but “ps auxwww | grep 2451” doesn’t show Varnish (in my case, it was dkim-milter on that pid) and “ps auxwww | grep varnish” shows nothing, then you need to manually reset Varnish’s SHMFILE settings.

This is easier done than said! Just go into /var/lib/varnish/[hostname] and delete all the files in there (such as varnish.8QhQPI and _.vsl). Restarting varnish should then be successful.

Funny: Funny Linux Commands

March 10th, 2010

Shamelessly stolen from Frank Mash (or, as UK news organisations will probably argue, “this orphaned content found was at …”):

% cat “food in cans”
cat: can’t open food in cans

% nice man woman
No manual entry for woman.

% “How would you rate Quayle’s incompetence?
Unmatched “.

% Unmatched “.
Unmatched “.

% [Where is Jimmy Hoffa?
Missing ].

% ^How did the sex change operation go?^
Modifier failed.

% If I had a ( for every $ the Congress spent, what would I have?
Too many (‘s.

% make love
Make: Don’t know how to make love. Stop.

% sleep with me
bad character

% got a light?
No match.

% man: why did you get a divorce?
man:: Too many arguments.

% !:say, what is saccharine?
Bad substitute.

% %blow
%blow: No such job.

% \(-
(-: Command not found.

$ PATH=pretending! /usr/ucb/which sense
no sense in pretending!

$ drink matter
matter: cannot create

$ ddate
Today is Prickle-Prickle, the 69th day of Chaos in the YOLD 3176

and of course:

unzip ; strip ; touch ; grep ; finger ; mount ; fsck ; more ; yes ; umount ; sleep

Some of these work, some of these don’t – it all depends on your OS version. ddate does work on Centos.

Linux: Handy Varnish commands

November 29th, 2009

If you are running the Varnish reverse proxy cache system on your website (yep, this is a techy post!), you might find the following command line tools useful. Varnish is a very powerful and useful cache tool which sits in front of your website and helps reduce the load on Apache/PHP – but there’s very little information about how to use it available. Hopefully this is the first of many posts about perfecting a varnish configuration. But first, let’s get an idea of some of the information that can be reported from varnish:

See what Varnish is currently processing.

varnishtop -i RxHeader -I \^Referer
Show the referer (sic) header for requests.

varnishtop -b -i TxURL
Shows requests made to the backend (-b) where the line matches (-i) the transmit URL (TxURL). Basically, shows you what is being passed to the backend and isn’t being cached. It will list all requests going to a backend, grouped by URL and sorted by a decaying average of frequency. Basically the number on the left should be single-digit and preferably all 1s or less (a higher number means the backend request is taking place frequently). [Technically, you don’t even need the “-b” as the TxURL is only set when making requests to the backend anyway]

Shows a histogram chart of the last 1,000 requests (by default) to the Varnish proxy showing “|” as a “hit” on the cache and “#” as a miss. The more “|” to the left of the chart, the better. The scale on the bottom is in seconds with 1e0 being “1” second and 1e-6 being 0.000001seconds (1e-1 being 0.1seconds). The vertical scale is shown in the top left hand corner.

Shows various information about varnish – I’m sure I’ll figure out what they mean in time…

Use varnishreload
From , this is a very handy script you can use to reload varnish’s configuration without having to restart the proxy server:
# Reload a varnish config
# Author: Kristian Lyngstol
# Hostname and management port
# (defined in /etc/default/varnish or on startup)
NOW=`date +%s`
echo 1>&2 "Failed to reload $FILE."
exit 1
varnishadm -T $HOSTPORT vcl.load reload$NOW $FILE || error
varnishadm -T $HOSTPORT vcl.use reload$NOW || error
echo Current configs:
varnishadm -T $HOSTPORT vcl.list

Show what caused recent 503 errors
varnishlog -d -c -o TxStatus 503

Clear stale cache by host name
purge ~

See what status codes are being commonly hit by your users (ideally lots of 200 and few 5xxx)
varnishtop -i TxStatus
See also:, and

%d bloggers like this: