4

We Have two load balanced web servers running php 5.3. I've been asked by our dev team to upgrade php to 5.4 because they need certain functionality it will bring. The main issue is that 5.3 is the latest thats been built into the distros repository, so to upgrade using the package manager, Ill need to add another 3rd party repo. I dont have a problem with this per se, but Im concerned about using a package from a "non official" source.

The other option is to compile php from source, but I guess this will prevent me from using the package manager to upgrade at any stage in the future?

So I guess Im just looking for some guidance on which way to go. Compile from source or install from any old repo that purports to supply php 5.4? Or perhaps theres a third option I havent considered?

John Gardeniers
  • 27,262
  • 12
  • 53
  • 108
Demic
  • 41
  • 2

2 Answers2

1

Actually, your real problem is doing this in production environment. I mean, you must reduce downtime as best as possible and plan recovery (rollback) procedures in case something goes wrong.

Usually, I don't really care about "officiality" of a repository, but rather "reputation". I'm not used to think that "unofficial" public open source repos inject malware into packages (security concern), and I do think that if they are popular and widely used they are well maintained (reliability concern).

If you are really concerned about using the unofficial repo, you have a harder option: compile from source, then overwrite PHP when the official repo gets updated. This introduces a risk.

Here is my strategy.

First, make a replicable snapshot of the application. Collect files, DB entries and whatever is needed to kick-start the application on a brand new server (in case you want to load balance with 3, but you don't really want to). This will be your rollback procedure.

Second, make a server snapshot with the current PHP installation. A full system image is suitable. Keep it as a golden image. You'll backup your application along with the server, but it's OK.

Third, do the source compilation, possibly try it in staging first.

Fourth, when your official repo gets updated, make a new application snapshot, restore the old golden server image, upgrade PHP and then upgrade the application to the snapshot you just did.

If anything goes wrong you always have:

  1. A backup application to restore. I don't think you handle thousands of transactions per second, so loss of data may be minimal or even null
  2. A full server image in case something goes really, really bad
usr-local-ΕΨΗΕΛΩΝ
  • 2,339
  • 7
  • 33
  • 50
  • Proper backup maintaenance should be a matter of routine - not just when you want to upgrade the standard software. But the change discussed should not affect the contents of the database and existing PHP files. – symcbean Oct 10 '12 at 22:40
0

I personally prefer to compile from source if you want the latest version of anything. However, it sounds like you've done no testing yet and given the problems that could arise I strongly recommend that you do test off-line.

For this I suggest you create a virtual machine to be as exact a copy of the live system as you can make it. Do your upgrade on that. You can even test each method and see what works best for you.

Above all else, if there is anything else on the server using PHP make sure it still works properly after the upgrade. PHP upgrades are notorious for breaking applications, even with sub-point versions, let alone a full point.

John Gardeniers
  • 27,262
  • 12
  • 53
  • 108