SukuDokuWiki

Особой разницы в производительности замечено не было. Приложения под i386 занимают меньше памяти, если не требуется, обратное - ставим 32-битную версию. ОС - centos 6 / debian 6

[mysqld]
skip-external-locking
query_cache_size = 32M
table_cache = 4096
thread_cache_size = 32
max_heap_table_size     = 32M
tmp_table_size = 32M
innodb_buffer_pool_size = 32M
innodb_flush_log_at_trx_commit = 2
innodb_flush_method = O_DIRECT
transaction-isolation = READ-COMMITTED
default-storage-engine = innodb
bind-address = 127.0.0.1
key_buffer = 16M
max_allowed_packet = 16M
thread_stack = 128K
myisam-recover = BACKUP
expire_logs_days = 10
max_binlog_size = 100M
join_buffer_size = 1M
character-set-server = utf8
collation-server = utf8_unicode_ci
init-connect = "SET NAMES utf8 COLLATE utf8_unicode_ci"
skip-character-set-client-handshake

Меняем тип таблиц на InnoDB (можно через ALTER TABLE, а можно и вот так:)

mysqldump bitrix > bitrix.sql
sed -i -e 's/MyISAM/InnoDB/g' bitrix.sql
mysql bitrix < bitrix.sql

устанавливаем php-pecl-apc через yum / apt apc.ini

; Options for the APC module version >= 3.1.3
 
; This can be set to 0 to disable APC.
apc.enabled=1
; The number of shared memory segments to allocate for the compiler cache.
apc.shm_segments=1
; The size of each shared memory segment in MB.
apc.shm_size=64M
; A "hint" about the number of distinct source files that will be included or
; requested on your web server. Set to zero or omit if you're not sure;
apc.num_files_hint=20000
; Just like num_files_hint, a "hint" about the number of distinct user cache
; variables to store.  Set to zero or omit if you're not sure;
apc.user_entries_hint=20000
; The number of seconds a cache entry is allowed to idle in a slot in case this
; cache entry slot is needed by another entry.
apc.ttl=7200
; use the SAPI request start time for TTL
apc.use_request_time=1
; The number of seconds a user cache entry is allowed to idle in a slot in case
; this cache entry slot is needed by another entry.
apc.user_ttl=7200
; The number of seconds that a cache entry may remain on the garbage-collection list.
apc.gc_ttl=3600
; On by default, but can be set to off and used in conjunction with positive
apc.cache_by_default=1
; A comma-separated list of POSIX extended regular expressions.
; The mktemp-style file_mask to pass to the mmap module
apc.mmap_file_mask=/tmp/apc.XXXXXX
; This file_update_protection setting puts a delay on caching brand new files.
apc.file_update_protection=2
; Setting this enables APC for the CLI version of PHP (Mostly for testing and debugging).
apc.enable_cli=0
; Prevents large files from being cached
apc.max_file_size=8M
; Whether to stat the main script file and the fullpath includes.
apc.stat=1
; Vertification with ctime will avoid problems caused by programs such as svn or rsync by making
; sure inodes havn't changed since the last stat. APC will normally only check mtime.
apc.stat_ctime=0
; Whether to canonicalize paths in stat=0 mode or fall back to stat behaviour
apc.canonicalize=0
; With write_lock enabled, only one process at a time will try to compile an
; uncached script while the other processes will run uncached
apc.write_lock=1
; Logs any scripts that were automatically excluded from being cached due to early/late binding issues.
apc.report_autofilter=0
; RFC1867 File Upload Progress hook handler
apc.rfc1867=0
apc.rfc1867_prefix =upload_
apc.rfc1867_name=APC_UPLOAD_PROGRESS
apc.rfc1867_freq=0
apc.rfc1867_ttl=3600
; Optimize include_once and require_once calls and avoid the expensive system calls used.
apc.include_once_override=0
apc.lazy_classes=00
apc.lazy_functions=0
; not documented
apc.coredump_unmap=0
apc.file_md5=0
apc.preload_path
 
apc.filters="-/bitrix/cache/,-/bitrix/managed_cache/,-/bitrix/stack_cache/,-/bitrix/local_cache/,-/upload/"

В админке битрикса отключаем проактивную защиту и веб-антивирус

/etc/varnish/default.vcl

backend default {
    .host = "93.84.116.26";
    .port = "80";
}
 sub vcl_recv {
     if (req.http.x-forwarded-for) {
        set req.http.X-Forwarded-For =
            req.http.X-Forwarded-For ", " client.ip;
     } else {
        set req.http.X-Forwarded-For = client.ip;
     }
     if (req.request != "GET" &&
       req.request != "HEAD" &&
       req.request != "PUT" &&
       req.request != "POST" &&
       req.request != "TRACE" &&
       req.request != "OPTIONS" &&
       req.request != "DELETE") {
         /* Non-RFC2616 or CONNECT which is weird. */
         return (pipe);
     }
     if (req.request != "GET" && req.request != "HEAD") {
         /* We only deal with GET and HEAD by default */
         return (pass);
     }
     if (req.http.Authorization || req.http.Cookie) {
         /* Not cacheable by default */
         return (pass);
     }
     return (lookup);
 }
 sub vcl_pipe {
     # Note that only the first request to the backend will have
     # X-Forwarded-For set.  If you use X-Forwarded-For and want to
     # have it set for all requests, make sure to have:
      set req.http.connection = "close";
     # here.  It is not set by default as it might break some broken web
     # applications, like IIS with NTLM authentication.
     return (pipe);
 }

sub vcl_fetch {
if( req.url ~ "^/bitrix" || req.http.Cookie ~ "BITRIX_SM_LOGIN" ){
return (deliver);
}
set beresp.grace = 300s;
remove beresp.http.Set-Cookie;
remove beresp.http.X-Cache;
remove beresp.http.Server;
remove beresp.http.Age;
remove beresp.http.Pragma;
set beresp.http.Cache-Control = "public";
set beresp.grace = 5m;
set beresp.ttl = 5m;
if (req.http.Content-Type ~ "(image|audio|video|pdf|flash)") { set beresp.ttl = 1d; }
}

iptables -t nat -A PREROUTING -d 93.84.116.26/32 -i venet0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 93.84.116.26:6081