Monday, August 29, 2016

Introducing the First of Bitnami's Multi-VM Applications

Bitnami's applications in the cloud are trusted by developers, small businesses, and enterprises around the world to run critical business functions. The key reason for this is our ability to deliver the most up-to-date and patched versions, consistently and quickly. These applications are also available in multiple different formats, such as virtual machine images, containers, and local installers, so you can run them anywhere. 

As our customers environments grow in size and complexity, an important concern is being able to extend applications in different ways, with the ease of use that's expected of a Bitnami app. Bitnami is now splitting out our application catalog into multi-vm architectures. Different types of architectures give customers the flexibility to extend workloads in the cloud, and tailor the application for the use case. Types of Multi-VM architectures include: 


Multi-Tier Application



Benefits: 
  • Horizontal and Vertical scaling of both parts of the application
  • Your data and your application are separated into two different VMs. This enables:
      • Simplified backups and updates (version upgrades, patches, etc)
      • Improved security and access control by separating data from code
      • Ability to  performance tune each tier independently

An example of this application is Bitnami Multi-Tier Wordpress, in Azure. 

Clustered Application


Benefits:
  • Higher availability, with a three node configuration that permits a leader election inside of the cluster. In this environment, each of the nodes are treated as part of the same set and can be promoted based on consensus inside of the configuration.
  • The ability to add capacity by increasing the number of nodes in the cluster.
  • Increased resiliency in the face of individual node failures and the ability to divide a cluster across multiple availability zones.
An example of this application is Bitnami Production MongoDB, in Azure.

Primary / Secondary Application

Benefits:
  • Elastic capacity, with the ability to add workers as needed for increased application throughput based on application needs. With this type of architecture, scaling your application can be responsive to additional demand. Both programmatically and manually an application back-end can be scaled to meet need.
  • The worker based model works well with ephemeral storage common on cloud platforms as state is not needed after the job is finished.

An example of this application is Bitnami Production Jenkins, in Azure.

If your application requirements can benefit from the above, Bitnami Multi-VM can help you reach your goal. We want customers to be able to launch these applications quickly and easily. Bitnami now has 6 multi-vm templates (WordPress, MySQL, PostgreSQL, MoodleMongoDB, and Jenkins) available in the Azure Marketplace, and one (MongoDB) in the Google marketplace.


It’s also simple and easy to launch MongoDB on the Google Cloud Platform as well. Navigate to the Google Cloud Launcher using your Google Cloud Platform account, and simply follow the steps to set up your desired environment in one click. 






Of course, if your application does not need higher throughput or a distributed architecture, you can always use Bitnami’s one-click Single VM images, suitable for smaller environments. Bitnami is looking into developing more applications in more application topologies, and investing in expanding beyond our current offerings at this time. We welcome suggestions for improvements and look forward to improving production delivery with these templates; please email enterprise@bitnami.com with your feedback.

Have a few more questions?  Hopefully these FAQ’s can clear things up:

1. Will you make a multi-vm template for every Bitnami app?

Not every application in the Bitnami Catalog will be delivered as Multi-VM. The applications scheduled for release have a set of criteria such as benefiting from cluster configuration, or requiring horizontal scale as the application size increases.

2.  How do you decide which apps to select?  If I want a multi-vm version of a particular app, how can I request that?

Please reach out to us directly if you have any requests or would like to see your applications available as multi-vm. You can reach out to us at enterprise@bitnami.com.

3. You mentioned APIs -- do I have to be a software developer to utilize your multi-vm templates?

Not at all! Our Multi-VM templates will work with a single click-to-deploy through the cloud marketplace providers, and use the same experience that any bitnami application provides.

4. What's the benefit of using the Bitnami version vs building my own template?

Building your own template using a specific cloud provider can be done using any cloud specific template. However, keeping the application up-to-date, using a production configuration specific to the application, and consistent experience across clouds are where Bitnami’s applications can make your life easier.

5. Do multi-vm templates improve disaster recovery?  Or provide failover?

Bitnami’s templates are not designed to incorporate disaster recovery or failover at this time. You can still use the same backup and Disaster Recovery tooling for your applications that you currently use, however, since these applications will launch the same compute resource as our single-vms.

6. How much do you charge for this?

Bitnami’s templates are free of charge, and there is no cost for the software.

Thursday, August 18, 2016

Intel PGO Optimizations Lead to 20% Faster WordPress on AWS

Profile-guided Optimization (PGO) is a technique that improves the performance of applications. It requires profiling data, which is later passed to the compiler and can be obtained after a test run of the application. The profiling data contains information about code areas that are most frequently used, and by knowing these areas, the compiler is able to be more selective and specific in optimizing the application.

Bitnami has been working with Intel on adding Profile-guided Optimizations to selected Bitnami stacks and we started with a Bitnami WordPress stack. In summary, we saw the following:
  • Applying Profile-guided Optimizations to the Bitnami WordPress stack resulted in a 20% improvement in the page-load speed.
  • Additionally, applying some tweaks to the MariaDB configuration, we were able to decrease the page-load time a total of 34%, including the PGO change.
The machine used to get the results of these tests consisted of an AWS m3.medium instance with HVM and SSD, using a Ubuntu 14.04 image.

In order to test the improvements in page-load time, we are making use of the "php-cgi" executable which is included in the Bitnami WordPress stack. A sample command for testing a WordPress stack located at "/opt/bitnami" would be the following:

sudo /opt/bitnami/php/bin/php-cgi -c /opt/bitnami/php/etc/php.ini -T10,1000 /opt/bitnami/apps/wordpress/htdocs/index.php >/dev/null


The test will launch a total of 1000 requests, 10 at-a-time, and measure the time it takes until the last request finishes. With this result, we will be able to measure how quick our WordPress installation reacts.

Executing the command above in an original Bitnami WordPress stack, the results will look something like this:

$ sudo /opt/wordpress-4.5.3-2/php/bin/php-cgi -c /opt/wordpress-4.5.3-2/php/etc/php.ini -T10,1000 /opt/wordpress-4.5.3-2/apps/wordpress/htdocs/index.php >/dev/null

Elapsed time: 30.819571 sec


An important difference for the stack built with PGO-optimizations is that it bundles MariaDB (not MySQL), and that we added a few tweaks to the database configuration. These changes consist of a few added lines to the "mysqld" section in the database's "my.cnf" configuration file:

[mysqld]
query_cache_limit=1M
query_cache_size=16M
query_cache_type=1
thread_stack=192K
thread_cache_size=16
skip-external-locking=1
key_buffer_size=384M
sort_buffer_size=2M
read_buffer_size=2M
read_rnd_buffer_size=8M
myisam_sort_buffer_size=64M


These changes can be applied to the original WordPress installation too, resulting in an improvement in page-load speed up to 17,5% (comparing to the result of the first test):

$ sudo /opt/wordpress-4.5.3-2/php/bin/php-cgi -c /opt/wordpress-4.5.3-2/php/etc/php.ini -T10,1000 /opt/wordpress-4.5.3-2/apps/wordpress/htdocs/index.php >/dev/null

Elapsed time: 25.431113 sec


Now, combining the PGO-optimizations with the database tweaks mentioned above, it is possible to get up to 34% improvement in page-load time compared to the original Bitnami stack, and up to 20% if we compare it with the tweaked-database installation:

$ sudo /opt/wordpress-4.5.3-2/php/bin/php-cgi -c /opt/wordpress-4.5.3-2/php/etc/php.ini -T10,1000 /opt/wordpress-4.5.3-2/apps/wordpress/htdocs/index.php >/dev/null

Elapsed time: 20.310336 sec


As you can see, we get a 20.1% improvement in the page-load speed that are PGO-only related.
If we compare it with the original and non-modified WordPress stack (which does not include any database tweaks), the page-load time is reduced up to 34.1%:




Are you interested in trying the PGO-optimized Bitnami WordPress stack? You can download it below:




Friday, August 12, 2016

Security Notification: Off-Path TCP Linux Kernel Vulnerability (CVE-2016-5696)

[UPDATE: 2016-08-22]

BCH images have been updated properly. You can now launch new servers that mitigate the vulnerability.

[UPDATE: 2016-08-18]

All the affected cloud images and virtual machines have been successfully patched.

If you are using a Bitnami Cloud Hosting instance, you can easily patch it following the guide below while we upgrade the base images. 

[UPDATE: 2016-08-17]

The Bitnami Team is happy to announce that the images of Google, Azure, 1&1 and GoDaddy have been updated properly. Additionally, we continue working on releasing the images for our all of our cloud platform partners, virtual machines and the native installers.

----

A new security vulnerability in the linux kernel has been discovered. You can find out more information about it in the following research report: "Off-Path TCP Exploits: Global Rate Limit Considered Dangerous".

Since the Linux kernel code affected was implemented in 2012 (in Linux Kernel 3.6), all Bitnami-packaged images might be affected by this issue if the kernel hasn't been updated. At the time of writing this post, a new patched kernel has NOT been released for Debian and Ubuntu distributions that are the base OS for most of the Bitnami Virtual Machines. We will keep you updated in this blog post.

We believe it is of the utmost importance to quickly address any security issues in applications distributed by Bitnami and our team is working to update all of the affected Virtual Machines and Cloud Images available through Bitnami for all Cloud Providers. 

In the meantime, you can mitigate this problem by applying the following patch in your system:
sysctl net.ipv4.tcp_challenge_ack_limit=1073741823; grep -q tcp_challenge_ack_limit /etc/sysctl.conf || echo "net.ipv4.tcp_challenge_ack_limit=1073741823" >> /etc/sysctl.conf
Please, note that this is just a temporary solution that makes it a lot harder for attackers to succeed in exploiting this vulnerability. You can find more information about this temporary fix in a writeup on the Akamai blog.

Once the new kernel is available, you can update it by running the following commands (you must run the command specific to your distribution):


  • Ubuntu 
sudo apt-get update && sudo apt-get dist-upgrade 
You will have the fixed version of the kernel after rebooting your server.

  • Debian 
sudo apt-get update && sudo apt-get dist-upgrade 
You will have the fixed version of the kernel after rebooting your server.

  • Oracle Linux 
sudo yum update
sudo yum upgrade
You will have the fixed version of the kernel after rebooting your server.


  • Amazon Linux & RedHat Linux
sudo yum clean all
sudo yum update kernel
You will have the fixed version of the kernel after rebooting your server. 


If you have any questions about this process, please post to our community support forum and we will be happy to help!