Best Practice for upgrading PHP On Production Systems

php

We Have two load balanced web servers running php 5.3. I've been asked by our dev team to upgrade php to 5.4 because they need certain functionality it will bring. The main issue is that 5.3 is the latest thats been built into the distros repository, so to upgrade using the package manager, Ill need to add another 3rd party repo. I dont have a problem with this per se, but Im concerned about using a package from a "non official" source.

The other option is to compile php from source, but I guess this will prevent me from using the package manager to upgrade at any stage in the future?

So I guess Im just looking for some guidance on which way to go. Compile from source or install from any old repo that purports to supply php 5.4? Or perhaps theres a third option I havent considered?


Solution 1:

Actually, your real problem is doing this in production environment. I mean, you must reduce downtime as best as possible and plan recovery (rollback) procedures in case something goes wrong.

Usually, I don't really care about "officiality" of a repository, but rather "reputation". I'm not used to think that "unofficial" public open source repos inject malware into packages (security concern), and I do think that if they are popular and widely used they are well maintained (reliability concern).

If you are really concerned about using the unofficial repo, you have a harder option: compile from source, then overwrite PHP when the official repo gets updated. This introduces a risk.

Here is my strategy.

First, make a replicable snapshot of the application. Collect files, DB entries and whatever is needed to kick-start the application on a brand new server (in case you want to load balance with 3, but you don't really want to). This will be your rollback procedure.

Second, make a server snapshot with the current PHP installation. A full system image is suitable. Keep it as a golden image. You'll backup your application along with the server, but it's OK.

Third, do the source compilation, possibly try it in staging first.

Fourth, when your official repo gets updated, make a new application snapshot, restore the old golden server image, upgrade PHP and then upgrade the application to the snapshot you just did.

If anything goes wrong you always have:

  1. A backup application to restore. I don't think you handle thousands of transactions per second, so loss of data may be minimal or even null
  2. A full server image in case something goes really, really bad

Related

RKHunter reported processes that are using deleted files or are listening on the network
Error when install SSL certificate on MediaTemple GS server
Can't create/write to file 'C:\Program Files\MySQL\MySQL Server 5.0\Data#sql_29c_0.MYI' (Errcode: 17)
Installing Ansible 2.9 on Ubuntu 21.04
How to deal with AD when deploy Hyper-V cluster?
Tag question with 'used to be'
"If you were to ..." or "If you ..." or "If you will ..."
How common is the idiom "No great shakes" [closed]
A single word for the most important person in one's life
What's the meaning of the expressions "break my chops" and "take it on the arches"?
What is the difference between "counterintuitive" and "contradiction"?
What is the Grammatical reason of using linking verb + past participle in a sentence?