Presentation is loading. Please wait.

Presentation is loading. Please wait.

PHP at Yahoo! Michael J. Radwin

Published byKathleen Green Modified over 6 years ago

Similar presentations

Presentation on theme: "PHP at Yahoo! Michael J. Radwin"— Presentation transcript:

1 PHP at Yahoo! http://public.yahoo.com/~radwin/ Michael J. Radwin
Abstract: In 2002, Yahoo selected PHP for Web site development and began to phase out its own proprietary server-side scripting language. Three years later, Michael Radwin reflects on how the switch to PHP offered both technical challenges and productivity increases. The first part of the presentation offers a look inside Yahoo's decision-making process to adopt an open-source scripting language. Radwin addresses why Yahoo selected PHP over other languages, focusing on the performance and stability required to serve billions of page views a day. In the second part, Radwin discusses Yahoo's PHP development methodology, which has enabled its engineers to rapidly implement features while still creating software that is maintainable over long periods of time. Biography: Michael J. Radwin is an engineering manager for Yahoo's Infrastructure Software group. His team develops and supports Web platform technologies such as Apache, PHP, and MySQL, and more recently SOAP/REST toolkits. Radwin has been hacking on Apache since 1998 in high-performance environments and his team has been instrumental in helping Yahoo migrate from proprietary to open source software. Michael J. Radwin October 20, 2005

2 Outline Yahoo!, as seen by an engineer Choosing PHP in 2002
PHP architecture at Yahoo!

3 The Internet’s most trafficked site

4 25 countries, 13 languages

5 Yahoo! by the Numbers 411M unique visitors per month
191M active registered users 11.4M fee-paying customers 3.4B average daily pageviews October 2005 Numbers from Q Yahoo! Earnings October 18, 2005

6

7 Engineering Values Security & Privacy High Availability Performance
We must protect our customers’ information High Availability If the site is offline, we’re missing the opportunity to serve our customers Performance We serve billions of pageviews a day Flexibility & Innovation Customize site for each market Rapid development of new features

8 From Proprietary to Open Source
Web Server Apache “Filo Server” DB Flat Files Web Lang yScript

9 How and Why We Selected PHP
Choosing a Language How and Why We Selected PHP

10 Choosing PHP: brief history
October 2001: 3 proprietary languages Costly to continue to maintain each Limited features (no subroutines!) Committee began researching Compare features, performance Build vs. Buy vs. Open Source PHP selected May 2002

11 Ideal Language Criteria
High performance Robust, sand-boxed Language features Loops, conditionals Complex data-types C/C++ extensions Runs on FreeBSD Interpreted or dynamically compiled i18n support Clean separation of presentation/content/app semantics Low training costs Doesn’t require CS degree to use

12 Top 10 Language Choices yScript mod_include XSLT

13 Performance: Requests
mod_perl yScript Compared PHP 4.1.2, mod_perl, yScript (Yahoo proprietary) Pentium III 800Mhz, 512M RAM, FreeBSD 4.3 (average for early 2002) Sample app: 33K input script, 41K output Included and evaluated 3 other files Header, navbar, footer Arithmetic, regex, echo variables Pseudo-personalization (“Hello, mradwin”) A few calls to C++ extension Fetch user profile from profile server Insert advertisements from adserver

14 Performance: Memory mod_perl yScript

15 Why we picked PHP Designed for web scripting High performance
Large, Open Source community Documentation, easy to hire developers “Code-in-HTML” paradigm <html> <?php echo "Hello World"; ?> </html> Integration, libraries, extensibility Tools: IDE, debugger, profiler

16 PHP at Yahoo! Today

17 Yahoo!’s Development Methodology
Server Architecture File Layout Dependency Management Security Performance Globalization

18 Server Architecture Web Server web server web server Load Balancer
Scripts User Profile Server Web Services Apache Yahoo property (sports, finance, personals, etc…) Load balancer - which server can most handle requests coming in based on algorithm (round robin, least connections, etc..) Running on server are bunch of PHP scripts. Can make remote calls to relational databases, or to other web services. Ad Server

19 Data access, Networking, Crypto
File Layout HTML Templates /usr/local/share/htdocs/*.php 95% HTML 5% PHP Template Helpers /usr/local/share/htdocs/*.inc 50% HTML 50% PHP Business Logic /usr/local/share/pear/*.inc 0% HTML 100% PHP Web pages go regular Apache htdocs dir /usr/local/share/htdocs/dk/login.php Business logic goes in PEAR directory /usr/local/share/pear/HTML/Form.php /usr/local/share/pear/Yahoo/Sports/Teams.php C/C++ Core Code Data access, Networking, Crypto 0% HTML 0% PHP

20 Dependency Management
Base PHP package depends only on XML parser ./configure --disable-all Self-Contained Extensions mysql, dba, curl, ldap, pcre, gd, iconv To enable Install /usr/local/lib/php/ /mysql.so Add “extension = mysql.so” to php.ini Avoids unnecessary dependencies Smaller Apache memory footprint

21 Security: INI Settings
open_basedir Insurance against /etc/passwd exploits allow_url_fopen = Off Use libcurl extension instead Avoid open proxy exploits display_errors = Off However, log_errors = On safe_mode = Off Intended for shared hosting environment

22 Security: Input Filtering
Cross Site Scripting (XSS) most common attack Also “SQL Injection” Normal approach strip_tags() mysqli_escape_string() Examine every line code Tedious and error-prone Use input_filter hook Sanitize all user-submitted data GET/POST/Cookie

23 Performance: Opcode Caches
Easiest performance boost Cache parsed .php scripts in shared memory Optimizations No code modifications! Several products available Zend Performance Suite APC Turck MMCache

24 Performance: PHP Extensions in C++
PHP ships with 80 extensions written in C/C++ Yahoo! develops its own proprietary extensions Fast execution speed Access to client libraries Longer development cycle Edit, compile, link, debug Manual memory-management Profile with APD to see where your hot spots are. If you see a function being called 8,000 times on one page, that might be a good candidate to port to C Focus on scripts (or include files) that get hit a lot Don’t bother optimizing a script that only gets called once in a while Examples of candidates for extensions Distributed locking i18n Advertisements UDB (user database) Cookies DBM-like flat files Security Input Filtering

25 Globalization: PHP Unicode
+ + ICU = 6 Native Unicode support in 2006 Collaborative effort Andrei Zmievski (Yahoo!) Andi Gutmans (Zend) Many members of PHP Community

26

Download ppt "PHP at Yahoo! Michael J. Radwin"

Similar presentations

1 PHP at Yahoo! Michael J. Radwin October 20, 2005.

1 PHP at Yahoo! Michael J. Radwin October 20, 2005.
Other Web Application Development Technologies. PHP.

Other Web Application Development Technologies. PHP.
Closing the Gap: Analyzing the Limitations of Web Application Vulnerability Scanners David Shelly Randy Marchany Joseph Tront Virginia Polytechnic Institute.

Closing the Gap: Analyzing the Limitations of Web Application Vulnerability Scanners David Shelly Randy Marchany Joseph Tront Virginia Polytechnic Institute.
1.  Understanding about How to Working with Server Side Scripting using PHP Framework (CodeIgniter) 2.

1.  Understanding about How to Working with Server Side Scripting using PHP Framework (CodeIgniter) 2.
Software Freedom Day 2007 14th September 2007 Asia Pacific Institute of Information Technology Colombo, Sri Lanka. Nazly Ahmed Scripting The Web.

Software Freedom Day th September 2007 Asia Pacific Institute of Information Technology Colombo, Sri Lanka. Nazly Ahmed Scripting The Web.
DEV392: Extending SharePoint Products And Technologies Through Web Parts And ASP.NET Clint Covington, Program Manager Data And Developer Services - Office.

DEV392: Extending SharePoint Products And Technologies Through Web Parts And ASP.NET Clint Covington, Program Manager Data And Developer Services - Office.
BY: ALBERTO CABEZAS 4/19/2010. INTRODUCTION: PHP is considered today as one of the most famous scripting languages. PHP is widely used as a general purpose.

BY: ALBERTO CABEZAS 4/19/2010. INTRODUCTION: PHP is considered today as one of the most famous scripting languages. PHP is widely used as a general purpose.
Server-Side vs. Client-Side Scripting Languages

Server-Side vs. Client-Side Scripting Languages
PHP CSCE 330 February 6, 2003 Group Members: Antwan B. Phan George Hwang Luat Vu Programming Language Presentation.

PHP CSCE 330 February 6, 2003 Group Members: Antwan B. Phan George Hwang Luat Vu Programming Language Presentation.
28/1/2001 Seminar in Databases in the Internet Environment Introduction to J ava S erver P ages technology by Naomi Chen.

28/1/2001 Seminar in Databases in the Internet Environment Introduction to J ava S erver P ages technology by Naomi Chen.
By Brian Patterson & Amanda Perez. PHP was originally created to maintain his personal homepage, hence the name PHP. Development began in 1994 and was.

By Brian Patterson & Amanda Perez. PHP was originally created to maintain his personal homepage, hence the name PHP. Development began in 1994 and was.
CS 290C: Formal Models for Web Software Lecture 1: Introduction Instructor: Tevfik Bultan.

CS 290C: Formal Models for Web Software Lecture 1: Introduction Instructor: Tevfik Bultan.
1 CS6320 – Why Servlets? L. Grewe 2 What is a Servlet? Servlets are Java programs that can be run dynamically from a Web Server Servlets are Java programs.

1 CS6320 – Why Servlets? L. Grewe 2 What is a Servlet? Servlets are Java programs that can be run dynamically from a Web Server Servlets are Java programs.
Website Generator for SoftLab By Yohann SABBAH & Mikael V.H Cohen -Under the supervision of Viktor Kulikov- Final Presentation 7/20/2015.

Website Generator for SoftLab By Yohann SABBAH & Mikael V.H Cohen -Under the supervision of Viktor Kulikov- Final Presentation 7/20/2015.
© 2008 Zend Technologies; made available under the EPL v1.0 19 March 2008 PDT – The PHP Development Toolkit Assaf Almaz, PDT co-Project Leader Zend Technologies.

© 2008 Zend Technologies; made available under the EPL v March 2008 PDT – The PHP Development Toolkit Assaf Almaz, PDT co-Project Leader Zend Technologies.
© 2004 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin Programming the Web Using ASP.Net Chapter 1: ASP.Net Dave Mercer.

© 2004 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin Programming the Web Using ASP.Net Chapter 1: ASP.Net Dave Mercer.
CSCI 6962: Server-side Design and Programming Course Introduction and Overview.

CSCI 6962: Server-side Design and Programming Course Introduction and Overview.

Joel Bapaga on Web Design Strategies Technologies Commercial Value.

Joel Bapaga on Web Design Strategies Technologies Commercial Value.
Basics of Web Databases With the advent of Web database technology, Web pages are no longer static, but dynamic with connection to a back-end database.

Basics of Web Databases With the advent of Web database technology, Web pages are no longer static, but dynamic with connection to a back-end database.

Similar presentations

Ads by Google