Saturday, October 22, 2005


LAMP stands for Linux/Apache/MySQL/PHP, which are four things that together can create an enterprise strength e-commerce server. Here's a cookbook approach to setting up a Web and database server using LAMP.
  1. Get the latest tarballs of all the components you will need. At the time of writing this list comprises:
    • Apache 1.3.34. Apache rules. It's on over 60% of the webservers out there. I use 1.3 rather than 2.0 because I'm more familiar with it.
    • OpenSSL. This is the core cryptographic and transport layer library that the mod_ssl extension uses. At the time of writing, the latest version was 0.9.8a
    • mod_ssl. This is the extension that Apache uses to provide secure (SSL/TLS) connections with the HTTPS protocol. At the time of writing, the latest version was 2.8.25-1.3.34. Make sure the second version string matches your Apache release version (here, 1.3.34).
    • mm. This is a shared memory library, written by the same genius who created OpenSSL and mod_ssl, the very cool Ralf Engelschall. It allows Apache/mod_ssl to maintain a RAM-based bank of SSL session IDs which makes connection handling a lot faster than when using the disk-based version. As of the time of writing, the latest version was 1.4.0.
    • PHP. This is the scripting engine that puts programmatic capability in your back-end. I love PHP.
    • MySQL. This is the SQL database server engine that complements PHP to drive your website. If you are using a relatively recent Linux distro, then get the glibc2.3 dynamic Max version. As of the time of writing, the latest version was 4.1.15. 4.1.x versions are recommended since they have support for subqueries. v5.0 releases were in beta as of this time so I have not tried them (I spend too much time debugging my own software to help debug MySQL).
    • Sundry other libraries needed to support PHP extensions. I use Cracklib, Mcrypt and Mhash, among others. Usually all you need to do is grab the tarball, unpack it and do a configure/make/make install/ldconfig.
  2. Unpack all the tarballs
  3. Build OpenSSL
    • cd to the OpenSSL directory e.g. openssl-0.9.8a. Configure the makefile: ./config no-threads -fPIC. The no-threads prevents a threaded version of the library being built; since Apache 1.3 does not use threads this is slightly more efficient. The -fPIC option tells the compiler to build position-independent code, which you will need in order to build mod_ssl as a dynamically-loadable module.
    • Run make/make test. If all is well, proceed to the next step.
  4. Build mm
    • cd to the mm directory e.g. mm-1.4.0. Configure the makefile: ./configure --disable-shared. The --disable-shared makes the compiler generate a static binary. This is important otherwise unless you explicitly set the location of the mm library in your LD_LIBRARY_PATH, Apache will not be able to find it.
    • Run make. If all is well, proceed to the next step.
  5. Configure mod_ssl
    • cd to the mod_ssl directory e.g. mod_ssl-2.8.25-1.3.34. Configure the makefile: ./configure --with-apache=../apache_1.3.x --with-ssl=../openssl-0.9.x --with-mm=../mm-1.4.x, replacing the x's above with the correct version numbers.
  6. Build Apache
    • cd ../apache_1.3.x. Configure the makefile: ./configure --enable-shared=max --enable-module=ssl --enable-module=... --enable-module=.... This makes all modules shared objects (DSO's) and enables the mod_ssl module. You should include any other modules you wish to support here as well with --enable-module=, for example mod_rewrite, mod_unique_id or mod_expires (which would look like --enable-module=rewrite, --enable-module=unique_id and --enable-module=expires respectively—you get the picture).
    • Run make.
    • Run make certificate. This will create a dummy self-signed SSL certificate. If you are using this server in a production environment, you will want to replace this certificate with a real one. Note the 'common name' field in the certificate generation process should be the hostname of your computer. Set the expiration date to some large value like 10000.
    • Run make install. This will copy all the necessary files to the installation directory, usually /usr/local/apache.
    • Start the server: /usr/local/apache/bin/apachectl startssl. If all goes well, you should be able to connect to your server from a browser with http://localhost/. Then check the HTTPS connection: https://localhost.
    • Shut down Apache: /usr/local/apache/bin/apachectl stop.
  7. Build PHP
    • cd to the PHP directory e.g. php-4.4.0. Configure the makefile: ./configure --with-mysql --with-apxs=/usr/local/apache/bin/apxs --enable-sockets --enable-... --with-.... This will build PHP as an Apache DSO. The --enable-sockets call is important for several functions that can treat URLs like files. Any additional PHP extensions you want should be configured with --enable-... or with-... e.g. --enable-calendar or --with-mcrypt. Consult the PHP documentation to find out which you need to use.
    • Run make/make install. This will build PHP and copy the files to their correct locations. In particular, the PHP DSO will be in /usr/local/apache/libexec/
    • Tell Apache to load the PHP dynamic module. Find the Apache configuration file in /usr/local/apache/conf/httpd.conf. Look for a block of lines of the form LoadModule module_name module_path. There should be a block <IfDefine SSL>/</IfDefine> with the contents LoadModule ssl_module libexec/ Immediately after the </IfDefine> add the line LoadModule php4_module libexec/ if it is not already there. Now look for a block of lines of the form AddModule module.c. Again there will be an entry for mod_ssl within an <IfDefine> block. Immediately after this block, add the line AddModule mod_php4.c if it is not already there.
    • Enable PHP in Apache. Look for the line <IfModule mod_mime.c>. In this section, add the lines AddType application/x-httpd-php .php .phtml and AddType application/x-httpd-php-source .phps.
    • Restart Apache: /usr/local/apache/bin/apachectl startssl.
    • Create a test PHP program. The easiest is to cd /usr/local/apache/htdocs and create a file called test.php:
      Then open your broswer and enter the URL http://localhost/test.php. You should see a screenful of information about the PHP installation.
  8. Install MySQL
    • Execute the following commands:
      groupadd mysql
      useradd -g mysql mysql
    • Move the MySQL tarball to /usr/local and unpack it e.g. tar -zxvf mysql-max-4.1.15-pc-linux-gnu-i686-glibc23.tar.gz.
    • Create a symbolic link to the mysql directory e.g. ln -s mysql-max-4.1.15-pc-linux-gnu-i686-glibc23 mysql.
    • cd mysql
    • Execute the following commands:
      chown -R root
      chown -R mysql data
      chgrp -R mysql
    • Become the mysql user: su mysql.
    • Setup the default databases: scripts/mysql_install_db.
    • Start the server: bin/mysqld_safe &.
And that's it! Later on I'll show how to configure the MySQL table space for InnoDB tables, which are full ACID-compliant tables with transactional capability.