My Name Is

Hosting hundred of vhosts on the same server using Apache is not scalable: file descriptor limits are soon hit and the size of Apache's configuration files balloons. When hosting many vhosts (i.e. over 100) it's preferable to use mass dynamic virtual hosting. This is possible if the vhosts are of similar configuration and do not require any specific configuration.

The size of configuration files may not be a problem, but for Apache hitting a file descriptor limit is terminal and will prevent the service starting. It's possible to check how close to your OS's file descriptor limit a user is (Apache should be running as the user apache). First check the user's max file descriptor limit:

[root ~]# ulimit -u
1024

Under Linux it's possible to increase this limit beyond 1024 (RHEL5's default) by editing the include headers:

[root ~]# grep "#define __FD_SETSIZE" /usr/include/*.h /usr/include/*/*.h
/usr/include/linux/posix_types.h:#define __FD_SETSIZE   1024

but this will require recompiling Apache - not generally an option (especially for systems that attempt to operate using only package managers). Piping logs isntead of writing direct to files can sometmies reduce the number of descriptors required but they will eventually run out. In this instance, mass dynamic virtual hosting is the only option.

What

  • Allows new vhosts to be added without a config reload

Why

  • Configuration file size is reduced, so Apache starts faster and uses less memory
  • Adding virtual hosts involves creating the appropriate directories in the filesystem and entries in the DNS - no reconfiguration or restart required
  • Can be run in parallel with standard vhosting (if necessary, for example sites that require dedicated configuration files)

Risks

  • No individual access or error logs, or include files for detailed configuration
  • No server aliases (these would usually be set in include files)
  • Forced to rely on .htaccess files for individual directory configurations - this is frowned upon for performance and security
  • More filesystems stats are required to identify if a directory at the specified search path actually exists
  • SSL termination is not possible on the server unless all the dynamically hosted domains are subdomains covered by a wildcard subdomain SSL certificate

How

It's possible to run dynamic and "standard" vhosts at the same time. To add dynamic hosting to a new or existing configuration:

  1. Create a new directory to store these vhosts, for example /var/www/vhosts/_dynamic
  2. Open /etc/httpd/conf/httpd.conf for edit
  3. Load the mod_vhost_alias module by adding/uncommenting the line
    LoadModule vhost_alias_module modules/mod_vhost_alias.so
  4. Ensure this line is uncommented
    NameVirtualHost *:80
  5. After the line Include conf.d/*.conf add this code:
    <IfModule mod_vhost_alias.c>
      <VirtualHost *:80>
        ServerAlias *
        UseCanonicalName Off    
        LogFormat "%V %h %l %u %t \"%r\" %s %b" vcommon    
        CustomLog /var/log/httpd/access_log vcommon    
        VirtualDocumentRoot /var/www/vhosts/_dynamic/%0/httpdocs    
        VirtualScriptAlias  /var/www/vhosts/_dynamic/%0/httpdocs  
      </VirtualHost>
    </IfModule>
  6. If you are running behind an SSL termination box or load balancer, add another identical VirtualHost block with the port number of the decrypted SSL traffic (i.e. <VirtualHost *:81>)
  7. Create the directory /var/www/vhosts/_dynamic/testhost/httpdocs and add a simple index.html page
  8. Add a DNS record pointing to your server's IP (either in your local hosts file or using a public nameserver)
  9. Navigate to your new site
  10. Check the log file at /var/log/httpd/access_log to verify your server served the page

To create further vhosts repeat step 7 - the vhost directory is checked for entries on every request so there's no need to restart Apache. Any further configuration (separate logs/config files etc) will require that the vhost is moved from

[code]/var/www/vhosts/_dynamic[/code]

to

[code]/var/www/vhosts[/code]

and reconfigured as a standard vhost.