Moving to the cloud part 3: Enabling Route 53

This is part 3 of my series of articles about our first application move to the Amazon Cloud. As we are not the owner of the productive domain of the application, all communication about DNS changes has always been quite tedious, time consuming and prone to errors in the past – especially when your contact person lives in another time zone. In preparation to the final application move to EC2, which involves some DNS changes to switch to the Amazon load balancer, we wanted to gain some flexibility. Enter Route 53.

Route 53 allows you to manage all the DNS records of a given domain – even if you are not the owner of the domain. For instance, you can route a domain or any subdomain at any time to any server of your choice. This is quite cool because whenever we’ll be ready with the setup of our EC2 server cluster we ourselves will be able to flip the switch. No need to contact someone, no need to wait impatiently for the changes to happen. If something goes wrong – let’s do a rollback to the previous setup.

Continue reading “Moving to the cloud part 3: Enabling Route 53”

Moving to the cloud part 2: Enabling database session storage

By default, PHP persists every user session to a single file stored in the system’s default temporary directory. You can go there, open an arbitrary session file – most likely prefixed by sess_ – and you will find a serialized array which represents the contents of the global $_SESSION array which is available to your scripts. Ok, this works great, so what’s the problem with this setup?

Actually, there is nothing wrong with using the file based session storage. But with growing demands some downsides of this approach may attract your attention:

  • The system’s temporary directory is a shared directory: session files of different applications  and temporary files of foreign processes may also use this location. In case of a security issue your user sessions may be compromised. This may be solved by configuring a unique session save path per application and put an open_basedir restriction on top to prevent unauthorized access. This applies all the more if your application is installed on a shared server. In contrast, a database can make use of its access management, you will just need to setup an excluvise account for your session table.
  • There are no simple means to increase file access performance. In constrast, a database usually knows a lot of concepts to improve performance like indexing and clustering.
  • As soon as you want to run your application on multiple servers for reliability and performance reasons you will prefer to store session data in a central location that is common to all webservers. Thus, every webserver shares the same pool of session data and it doesn’t matter which webserver of your cluster serves two subsequent requests of the same client.

Implementing a different session save handler in raw PHP is quite well described in the PHP documentation, so we will focus on how to do the Symfony2 configuration for this requirement. Continue reading “Moving to the cloud part 2: Enabling database session storage”

Moving to the cloud part 1: Intentions

Currently, we are moving our first Symfony2 application to the Amazon cloud (AWS). This series of articles describes how we modified and moved this application.

The existing application setup is a common one:

  • Single production server
  • Usual LAMP stack with Ubuntu and local MySQL database
  • File based sessions
  • User uploads stored in the local filesystem
  • Local Postfix mailserver
  • Cron jobs, e.g. for sending email reports
  • Deployment happens from a local machine using a self written deployment script
  • A little bit of monitoring using Nagios
  • Database backups using a self written script
  • File backups using duplicity
  • DNS management via client’s domain registrar
  • Git Version Control using Bitbucket

In the past, every programmer at our office has been more or less a one-man show, being the master of all the above mentioned processes. Continue reading “Moving to the cloud part 1: Intentions”