Особой разницы в производительности замечено не было. Приложения под i386 занимают меньше памяти, если не требуется, обратное - ставим 32-битную версию. ОС - centos 6 / debian 6
[mysqld] skip-external-locking query_cache_size = 32M table_cache = 4096 thread_cache_size = 32 max_heap_table_size = 32M tmp_table_size = 32M innodb_buffer_pool_size = 32M innodb_flush_log_at_trx_commit = 2 innodb_flush_method = O_DIRECT transaction-isolation = READ-COMMITTED default-storage-engine = innodb bind-address = 127.0.0.1 key_buffer = 16M max_allowed_packet = 16M thread_stack = 128K myisam-recover = BACKUP expire_logs_days = 10 max_binlog_size = 100M join_buffer_size = 1M character-set-server = utf8 collation-server = utf8_unicode_ci init-connect = "SET NAMES utf8 COLLATE utf8_unicode_ci" skip-character-set-client-handshake
Меняем тип таблиц на InnoDB (можно через ALTER TABLE, а можно и вот так:)
mysqldump bitrix > bitrix.sql sed -i -e 's/MyISAM/InnoDB/g' bitrix.sql mysql bitrix < bitrix.sql
устанавливаем php-pecl-apc через yum / apt apc.ini
; Options for the APC module version >= 3.1.3 ; This can be set to 0 to disable APC. apc.enabled=1 ; The number of shared memory segments to allocate for the compiler cache. apc.shm_segments=1 ; The size of each shared memory segment in MB. apc.shm_size=64M ; A "hint" about the number of distinct source files that will be included or ; requested on your web server. Set to zero or omit if you're not sure; apc.num_files_hint=20000 ; Just like num_files_hint, a "hint" about the number of distinct user cache ; variables to store. Set to zero or omit if you're not sure; apc.user_entries_hint=20000 ; The number of seconds a cache entry is allowed to idle in a slot in case this ; cache entry slot is needed by another entry. apc.ttl=7200 ; use the SAPI request start time for TTL apc.use_request_time=1 ; The number of seconds a user cache entry is allowed to idle in a slot in case ; this cache entry slot is needed by another entry. apc.user_ttl=7200 ; The number of seconds that a cache entry may remain on the garbage-collection list. apc.gc_ttl=3600 ; On by default, but can be set to off and used in conjunction with positive apc.cache_by_default=1 ; A comma-separated list of POSIX extended regular expressions. ; The mktemp-style file_mask to pass to the mmap module apc.mmap_file_mask=/tmp/apc.XXXXXX ; This file_update_protection setting puts a delay on caching brand new files. apc.file_update_protection=2 ; Setting this enables APC for the CLI version of PHP (Mostly for testing and debugging). apc.enable_cli=0 ; Prevents large files from being cached apc.max_file_size=8M ; Whether to stat the main script file and the fullpath includes. apc.stat=1 ; Vertification with ctime will avoid problems caused by programs such as svn or rsync by making ; sure inodes havn't changed since the last stat. APC will normally only check mtime. apc.stat_ctime=0 ; Whether to canonicalize paths in stat=0 mode or fall back to stat behaviour apc.canonicalize=0 ; With write_lock enabled, only one process at a time will try to compile an ; uncached script while the other processes will run uncached apc.write_lock=1 ; Logs any scripts that were automatically excluded from being cached due to early/late binding issues. apc.report_autofilter=0 ; RFC1867 File Upload Progress hook handler apc.rfc1867=0 apc.rfc1867_prefix =upload_ apc.rfc1867_name=APC_UPLOAD_PROGRESS apc.rfc1867_freq=0 apc.rfc1867_ttl=3600 ; Optimize include_once and require_once calls and avoid the expensive system calls used. apc.include_once_override=0 apc.lazy_classes=00 apc.lazy_functions=0 ; not documented apc.coredump_unmap=0 apc.file_md5=0 apc.preload_path apc.filters="-/bitrix/cache/,-/bitrix/managed_cache/,-/bitrix/stack_cache/,-/bitrix/local_cache/,-/upload/"
В админке битрикса отключаем проактивную защиту и веб-антивирус
/etc/varnish/default.vcl
backend default { .host = "93.84.116.26"; .port = "80"; } sub vcl_recv { if (req.http.x-forwarded-for) { set req.http.X-Forwarded-For = req.http.X-Forwarded-For ", " client.ip; } else { set req.http.X-Forwarded-For = client.ip; } if (req.request != "GET" && req.request != "HEAD" && req.request != "PUT" && req.request != "POST" && req.request != "TRACE" && req.request != "OPTIONS" && req.request != "DELETE") { /* Non-RFC2616 or CONNECT which is weird. */ return (pipe); } if (req.request != "GET" && req.request != "HEAD") { /* We only deal with GET and HEAD by default */ return (pass); } if (req.http.Authorization || req.http.Cookie) { /* Not cacheable by default */ return (pass); } return (lookup); } sub vcl_pipe { # Note that only the first request to the backend will have # X-Forwarded-For set. If you use X-Forwarded-For and want to # have it set for all requests, make sure to have: set req.http.connection = "close"; # here. It is not set by default as it might break some broken web # applications, like IIS with NTLM authentication. return (pipe); } sub vcl_fetch { if( req.url ~ "^/bitrix" || req.http.Cookie ~ "BITRIX_SM_LOGIN" ){ return (deliver); } set beresp.grace = 300s; remove beresp.http.Set-Cookie; remove beresp.http.X-Cache; remove beresp.http.Server; remove beresp.http.Age; remove beresp.http.Pragma; set beresp.http.Cache-Control = "public"; set beresp.grace = 5m; set beresp.ttl = 5m; if (req.http.Content-Type ~ "(image|audio|video|pdf|flash)") { set beresp.ttl = 1d; } }
iptables -t nat -A PREROUTING -d 93.84.116.26/32 -i venet0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 93.84.116.26:6081