Making Apache2 play nice with daemontools
Oct. 18th, 2004 11:33 pm![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
gizaAs if I haven't been geeky enough today, I figured I'd post this too.
To start with, the machine I was working with had daemontools installed on it, and I wanted to have Apache make use of it. This would have the benefit of having yet another service be managed in the same way.
First trick was to start Apache from daemontools. That was easy enough. I created a directory called /serivce/apache and had the run script in it contain the following:
The -D NO_DEATCH switch told the httpd program to stay in the foreground, so that when a signal is sent to the script to kill it, the signal really gets sent to httpd.
The other thing I wanted to do was have Apache's logging facility make use of the multilog program to handle logging. Otherwise, if I have n virtual servers running, 2n filehandles will be used, and that doesn't scale so well. So, I put the following lines into httpd.conf commented out the existing directives:
These lines will log all errors to the /var/log/httpd-error/ and /var/log/httpd-access/ directories. multilog will also handle log rotation. In this case, after 1,000,000 bytes have been written, it will rotate the file and keep 20 older logfiles at most. The httpd-error/ and httpd-access/ directories will be created if they do not exist. Of course, if your webserver gets a lot more traffic than mine, you should probably make those numbers bigger.
Those of you who have been really observant may not that Apache won't be writing timestamps to the logfiles. That's because multilog handles that, in the Temps Atomique International format. Since the format looks a bit strange, it can be converted back to something humans can read with the tai64nlocal program, which comes with daemontools. For example, to view current webserver activity, you could use a command like this:
tail -f /var/log/httpd-access/current |tai64nlocal
To monitor the activity on a single virtual server, you could use something like this:
tail -f /var/log/httpd-access/current |tai64nlocal |grep hostname.domain
Have fun. :-)
P.S. I'd like to give credit to this article, which gave me the idea of using multilog with Apache!
[Edit: I added in the call to setuidgid, since we have no need to be logging things as root. :-) ]
To start with, the machine I was working with had daemontools installed on it, and I wanted to have Apache make use of it. This would have the benefit of having yet another service be managed in the same way.
First trick was to start Apache from daemontools. That was easy enough. I created a directory called /serivce/apache and had the run script in it contain the following:
#!/bin/sh exec 2>&1 exec /usr/local/apache2/bin/httpd -D NO_DETACH
The -D NO_DEATCH switch told the httpd program to stay in the foreground, so that when a signal is sent to the script to kill it, the signal really gets sent to httpd.
The other thing I wanted to do was have Apache's logging facility make use of the multilog program to handle logging. Otherwise, if I have n virtual servers running, 2n filehandles will be used, and that doesn't scale so well. So, I put the following lines into httpd.conf commented out the existing directives:
ErrorLog "| /usr/local/bin/setuidgid web /usr/local/bin/multilog t s1000000 n10 /var/log/httpd-error"
LogFormat "%v %p %h %u \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
CustomLog "| /usr/local/bin/setuidgid web /usr/local/bin/multilog t s1000000 n10 /var/log/httpd-access" combinedThese lines will log all errors to the /var/log/httpd-error/ and /var/log/httpd-access/ directories. multilog will also handle log rotation. In this case, after 1,000,000 bytes have been written, it will rotate the file and keep 20 older logfiles at most. The httpd-error/ and httpd-access/ directories will be created if they do not exist. Of course, if your webserver gets a lot more traffic than mine, you should probably make those numbers bigger.
Those of you who have been really observant may not that Apache won't be writing timestamps to the logfiles. That's because multilog handles that, in the Temps Atomique International format. Since the format looks a bit strange, it can be converted back to something humans can read with the tai64nlocal program, which comes with daemontools. For example, to view current webserver activity, you could use a command like this:
tail -f /var/log/httpd-access/current |tai64nlocal
To monitor the activity on a single virtual server, you could use something like this:
tail -f /var/log/httpd-access/current |tai64nlocal |grep hostname.domain
Have fun. :-)
P.S. I'd like to give credit to this article, which gave me the idea of using multilog with Apache!
[Edit: I added in the call to setuidgid, since we have no need to be logging things as root. :-) ]
![[identity profile]](https://www.dreamwidth.org/img/silk/identity/openid.png){kind=small}
(no subject)
Date: 2004-10-19 04:35 am (UTC)You've infected your system and mind with the Bernstein meme. Run while you still can!
Yeah, I used to promote qmail, back before he got strange with logging and other things. Qmail started doing "better" logging which involved putting many files with inscrutible numeric names into a directory. Bernstein's right, the world is wrong, uh huh. Now, I install postfix.
With 100% less work than you've done, with the default software installation, my servers rotate their logs, and I can read the timestamps with my eyes. And when I'm collaborating on a server with somebody, I don't get 'wtf' messages about how to read the logs.
(no subject)
Date: 2004-10-19 02:25 pm (UTC)But anyway... here's why I chose daemontools for my needs:
- It's easy to test things. When I was testing our Qmail, all I had to do was run /service/qmail/run, and I could see status events printed to stdout.
- Speaking of the run script, I can start every service that I have in daemontools that way. I don't have to keep remembering that I have to call apachectl with the "startssl" parameter. The appropriate run script takes care of that for me.
- Low memory usage. I'm on a virtual machine with 64 Megs of RAM.
- Log rotation. I don't know why, but I could never get logrotate to work right. Even now, I have a 100 Megabyte /var/log/mail file sitting on my server that isn't being rotated for some reason. I'm tired of dealing with it. multilog handling its own log rotation is a godsend for me.
- Getting off the subject of Apache, I like some of the other programs like tcpserver that I can tell to listen on connections and pipe their input into whatever program I want. It's nice if I ever have to "roll my own daemon".