We are going to start a series of useful blog posts written by our great developers. Today’s we will cover the topic called „How to run the framework on a VPS bought from a hosting company?”.
The reason you came here is probably a lack of quick know-how for Sylius describing the process of choosing and preparing a VPS, right? This post is not exhaustive, but it will draw your attention to essential elements.
So, let’s get to the point!
Quick jump to the section:
Introduction
As an introduction – as you probably know, Sylius is an open-source software created for medium and large companies that have reached the level of eCommerce forcing tailor-made solutions. When it comes to the advantages of Sylius, it is worth mentioning first the Symfony framework. Sylius is built on this enterprise-class framework written in PHP. What’s more – Sylius is an extremely modern and professional solution supporting good practices and controlled software development. Despite its ups and downs, the PHP language, thanks to the implemented improvements in versions from 7.2 to 8.0, is again the No. 1 choice in many cases concerning web applications.
Since we are writing about running applications in a virtual machine, let’s start by recalling the requirements. Unix systems (Linux) are considered the most recommended working environment. This recommendation means we can take advantage of a wide range of companies that offer virtual machines at a fairly affordable price. When choosing a VPS, it is worth looking at the hardware requirements that should be considered. The web application is not only PHP code, but it should also be remembered that the entire set of applications includes a web server (Apache or Nginx), a database (usually MySQL or MariaDB), NO-SQL databases (for example, Redis), and queuing systems ( for example RabbitMQ). Depending on how many of the elements mentioned above are used by our application and what traffic we expect on the website, we must ensure appropriate hardware resources. The proposed configurations are presented in table* below.
Minimal | Recommended | For large stores | |
CPU | 4 vCPU | 6 vCPU | 8 vCPU |
RAM | 6GB | 8GB | 16GB |
Hard drive ( SSD) | 75 GB – 100 GB | 100 GB – 150 GB | 250 GB – 300 GB |
Before deeping into each of the presented configurations, we would like to draw your attention to important issues when choosing a virtual server provider.
Namely, when buying a server, we select it in terms of current or expected loads in the near future. We don’t know what will happen in the longer term (in six months, next year). It is important to make sure that our provider provides the option of migrating the VPS server to a higher (or lower) configuration without having to reconfigure the entire system and application (apart from adjusting the application configuration in terms of used RAM).
Apart from the possibility of migrating hardware resources, the location of the server room is also important. It is recommended that the server is located in the server room closest to the target audience. If your customers are citizens of the European Union, choose a European location (eg. Germany or France), if you direct your store to North American customers, you should look for the proper localization.
Let’s move on to the presented above server configurations. Perceptive people will notice immediately that even the minimum machine has quite high parameters. Of course, you can run applications on slower machines, it will work properly, but remember that time is the most important from the point of view of the application’s users. This time applies to moving between individual subpages (products) of your store or time the user is waiting for a page to the full load. The longer you make your client wait, the more irritated he will be. In fact, he will just leave your store and maybe never go back…
The trend of application containerization (Docker) and building clusters based on Kubernetes (K8S) is also known, however, maintaining applications on VPS servers is still popular for less advanced users without an administrative backend.
The first of the presented configurations (called Minimal in our table) is recommended for stores that use only the basic components required by the applications (Web server, MySQL database, PHP-FPM worker). The configuration will ensure the smooth functioning of the store, assuming the correct configuration of the MySQL database and PHP-FPM. Assuming an average request length of 600 milliseconds and a click frequency of 45 seconds, we can estimate that our server will serve 300 users at the same time.
The second of the presented configurations (called Recommended) is good for stores that, apart from using the basic set of components, use the queue mechanism (RabbitMQ) or the ElasticSearch engine. Adding another component to the set means that you have to increase the available RAM memory to ensure the smooth functioning of system processes. By making the assumptions from the first configuration, this server is able to serve up to 450 users simultaneously. It is easy to conclude that the more cores available in your machine, the more customers you can serve at a given moment. This is especially important in stores focused on seasonal sales or those expecting sudden peaks in traffic (Christmas, Black Friday, Blue Monday, etc.).
The last of the presented configurations is recommended for stores that use the full range of components (Redis / ElasticSearch / Rabbit MQ), focused on a large number of purchases at the same time and using Sylius to support multiple platforms (web / native applications / integrations with external systems) at the same time. The right RAM amount will allow you to optimize the work of individual elements and minimize the time to generate a response for the client. The expected maximum number of simultaneous users, assuming as before, ranges between 550 and 650 users.
Ok. Now – let’s say that you have already bought a VPS server and you got access to it (IP address, root password). What should you do next? Where to start?
We will be based on the Linux distribution developed by CentOS version 7. This distribution is considered stable and safe. Another recommended distribution is Ubuntu. When choosing a distribution, you should follow the declared „end of life” date. In the case of CentOS 7 it is December 31, 2024. „End of life” means the end date of the release of security patches and package updates to the latest versions.
To simplify, let’s assume that your machine has the operating system already installed. The action plan looks like this:
- YUM update and installation of an additional repository
- Security
- WWW server
- Database
- PHP
- Composer
- Other
Installation of additional packages
To be able to easily install additional packages on your system with the „yum” package manager, you need to use the EPEL repository (Extra Packages for Enterprise Linux), and some development tools.
Before doing that, update the package manager. To do that, execute five commands one after the other (as the root user or with sudo).
yum update
yum install epel-release
yum -y groupinstall 'Development Tools'
yum -y install yum-utils
yum -y install unzip
Security
The most important part of each server is security, which can be achieved by installing and configuring a firewall. We will use the „UFW” (Uncomplicated Firewall) package. This package allows managing access to the machine in a simplified way.
yum -y install ufw
After installation, enter the command:
ufw status
Calling this command should return the following information: „Status: inactive”, which means that the installation and launch of the package were successful, but it is inactive. Next, set the default rules for the firewall.
ufw default deny incoming
ufw default allow outgoing
By typing the above commands, by default all incoming connections will be denied, and outgoing connections allowed.
The next step will be adding rules for incoming connections to the firewall.
ufw allow ssh
ufw allow http
ufw allow https
The above commands will allow incoming traffic on TCP ports: 22, 80 and 443. It is enough as long as only these services you want to make available to the public.
Note: Server providers very often change the default SSH port for security reasons. In this case, you need to unblock this particular port in order not to lose communication with the server.
The command to unblock any TCP port looks like this:
ufw allow PORT_NUMBER/tcp
With the firewall set up in this way, you can turn it on and enable it at system startup.
ufw enable
systemctl enable ufw
WWW server
To install Apache2, execute the following commands:
yum -y install httpd mod_ssl mod_fcgid httpd-devel
systemctl enable httpd
Please note the „-y” option, this is a toggle that causes the command to not ask for confirmation.
Database
To install the MySQL database, you must first install the MySQL repository.
Go to the link https://dev.mysql.com/downloads/repo/yum/ and copy the link under the „download” button next to the version you are interested in (for CentOS 7 it will be Red Hat Enterprise Linux 7 / Oracle Linux 7 (Architecture Independent), RPM Package).
Then, in the terminal, download the file with the command wget:
wget https://dev.mysql.com/downloads/file/?id=484922
If wget is not available, install it with the command:
yum -y install wget
Then add the repository to your system:
rpm -ivh mysql57-community-release-el7-9.noarch.rpm
Having the repository, go to the installation:
yum install mysql-server
systemctl start mysqld
The first command installs the package, the second starts a process on the system. During installation, a temporary password will be generated, which will be useful in a moment to secure the database. The password can be found by calling the command:
grep 'temporary password' /var/log/mysqld.log
Knowing the temporary password, go to securing the database by entering the command below and following the instructions on the screen.
mysql_secure_installation
The command will guide you through the process of establishing a new password for the database root user.
PHP
CentOS version 7 has PHP 5.6 installed by default, to install version 7.3 you need to execute the following commands:
yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm
yum-config-manager --enable remi-php73
Then, to install the necessary PHP packages, execute the command:
yum -y install php php-zip php-fpm php-devel php-gd php-imap php-ldap php-mysql php-odbc php-pear php-xml php-xmlrpc php-pecl-apc php-mbstring php-mcrypt php-soap php-tidy curl curl-devel perl-libwww-perl ImageMagick libxml2 libxml2-devel php-cli php-fpm php-intl php-imagick php-pspell php-common
The command above installs all the required packages by the base instances of the Sylius-based application.
Composer
Due to the fact that you will be working with an application written in PHP, you will need the Composer dependency manager. The installation process is presented below:
php php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
HASH="$(wget -q -O - https://composer.github.io/installer.sig)"
php -r "if (hash_file('SHA384', 'composer-setup.php') === '$HASH') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
php composer-setup.php --install-dir=/usr/local/bin --filename=composer
The above commands consecutively:
– download the installation file
– get the checksum and save it to the environment variable
– verify the checksum of the downloaded file with the one stored in the environment variable
– they install the package
Other
In the case of other elements, such as Redis, ElasticSearch, RabbitMQ, we recommend you reading the installation instructions on the official websites each time.
Additional tips
Coming back to security, it is good practice to change the default SSH port to another (remember about the UFW settings so as not to lose access) and block the possibility of logging in to the server using the „root” user and configuring the „sudo” package.
In the next article we will present how to optimally configure PHP (including PHP-FPM), MySQL and other elements of the application (including configuration of hosts) to speed it up and ensure uninterrupted functioning.