Http front-ends

Theo Schlossnagle
Theo SchlossnagleFounder and CEO at Circonus
High-performance Robust HTTP Front-ends / tips, tricks and expectations Saturday, April 23, 2011
Who am I? @postwait on twitter Author of “Scalable Internet Architectures” Pearson, ISBN: 067232699X Contributor to “Web Operations” O’Reilly, ISBN: Founder of OmniTI, Message Systems, Fontdeck, & Circonus I like to tackle problems that are “always on” and “always growing.” I am an Engineer A practitioner of academic computing. IEEE member and Senior ACM member. On the Editorial Board of ACM’s Queue magazine. 2 Saturday, April 23, 2011
Agenda • Why only HTTP? • HTTP-like protocols • Performance • Availability Saturday, April 23, 2011
HTTP • Why only HTTP... it’s what we do. • User-based, immediate, short-lived transactions occupy my life. • So, not just HTTP. • HTTPS • SPDY (... we’ll get to this) Saturday, April 23, 2011
Performance • ATS (Apache Traffic Server) • supports SSL • battle-hardened codebase • very multi-code capable • Varnish • VCL adds unparalleled flexibility • no SSL! • nginx • I don’t see much of this out on the edge Saturday, April 23, 2011
Performance Expectations • from a single server, you should be able to: • support 500k concurrent users • this is only 40k sockets/core • push in excess of 100k requests/second • this is only 9k requests/core*second • push close to 10 gigabits • this is why 10G was invented Saturday, April 23, 2011
Performance Achievements • Good load balancers achieve this performance • with dual socket Westmere processors, we’re able to achieve in software on general purpose hardware what was only possible in hardware ASICs. • ATS and Varnish can do this today. Saturday, April 23, 2011
The Basic Rules: Content • You must serve content from cache • Your cache should fit in memory • If it does not, it should spill to SSD, not spinning media. Saturday, April 23, 2011
The Basic Rules: CPU • You must cache SSL sessions • SSL key negotiation is expensive. • SSL encryption is not* • Common cases must not cause state on the firewall. • It’s hard enough to serve 150k requests/second. • You will spend too much time in kernel in iptables, ipf, or pf. • allow port 80 and port 443. • enable SYN flood prevention * crypto obviously costs CPU; symmetric crypto is relatively cheap Saturday, April 23, 2011
The Basic Rules: Network • You must not run a stateful firewall in front • too expensive • too little value • You must be directly behind capable router(s) • expect anywhere from 1MM to 20MM packets per second • we need to run BGP for availability Saturday, April 23, 2011
Availability • We learned in the performance section: • 1 machine / 10Gbps uplink performs well enough • We need redundancy: • Linux HA? • VRRP/HSRP? • CARP? • No... Saturday, April 23, 2011
Availability: Constraints • Client TCP sessions are relatively short lived. • The web is a largely idempotent place. • Clients are capable of retrying on failure. • This means: • forget stateful failover. • focus on availability for new connections. Saturday, April 23, 2011
Availability: Setup • You are behind a capable router (it was a rule) • Use routing protocols (BGP) to maintain availability. BGP 10.1.0.0/24 10.1.1.0/24 10.1.0.0/23 10.1.0.0/23 Saturday, April 23, 2011
Working Stacks • Linux (OS/TCP stack) • Illumos (OS/TCP stack) • Varnish (HTTP) • ATS (HTTP/HTTPS) • Quagga (BGP) • Quagga (BGP) Saturday, April 23, 2011
Future! • This stuff is fast. • In the end, we’re not looking for faster servers, we’re looking for improved user experience. • Enter SPDY • Google’s multi-channel HTTP super-protocol • Allows multiplexing of concurrent HTTP(like) request/response on a single TCP session. • Defeats slow startup • Allows for content prioritization on server Saturday, April 23, 2011
Future: my thoughts • SPDY is relatively simple to implement on the server • SPDY is very very hard to leverage on the server • If ATS implemented SPDY in and out • and provided a robust configuration language to leverage it ... the future would be today. Saturday, April 23, 2011
Thank you. • Thank you Олег Бунин • Thanks to the Varnish and ATS developers. • Спасибо. Saturday, April 23, 2011
1 of 17

Http front-ends

Download to read offline
Technology

The HTTP caching talk I gave at RIT++ http://ritconf.ru/

Theo Schlossnagle
Theo SchlossnagleFounder and CEO at Circonus

Recommended

Designing for Massive Scalability at BackType #bigdatacamp by
Designing for Massive Scalability at BackType #bigdatacampDesigning for Massive Scalability at BackType #bigdatacamp
Designing for Massive Scalability at BackType #bigdatacampMichael Montano
1.3K views25 slides
Thousands of Threads and Blocking I/O by
Thousands of Threads and Blocking I/OThousands of Threads and Blocking I/O
Thousands of Threads and Blocking I/OGeorge Cao
17.1K views65 slides
Stability Patterns for Microservices by
Stability Patterns for MicroservicesStability Patterns for Microservices
Stability Patterns for Microservicespflueras
1.9K views18 slides
Scalability, Availability & Stability Patterns by
Scalability, Availability & Stability PatternsScalability, Availability & Stability Patterns
Scalability, Availability & Stability PatternsJonas Bonér
515.9K views196 slides
High Scalability Toronto: Meetup #2 by
High Scalability Toronto: Meetup #2High Scalability Toronto: Meetup #2
High Scalability Toronto: Meetup #2ScribbleLive
1.3K views44 slides
Container Attached Storage with OpenEBS - CNCF Paris Meetup by
Container Attached Storage with OpenEBS - CNCF Paris MeetupContainer Attached Storage with OpenEBS - CNCF Paris Meetup
Container Attached Storage with OpenEBS - CNCF Paris MeetupMayaData Inc
472 views39 slides

More Related Content

What's hot

Infinispan, Data Grids, NoSQL, Cloud Storage and JSR 347 by
Infinispan, Data Grids, NoSQL, Cloud Storage and JSR 347Infinispan, Data Grids, NoSQL, Cloud Storage and JSR 347
Infinispan, Data Grids, NoSQL, Cloud Storage and JSR 347Manik Surtani
1.8K views31 slides
SM16 - Can i move my stuff to openstack by
SM16 - Can i move my stuff to openstackSM16 - Can i move my stuff to openstack
SM16 - Can i move my stuff to openstackpittmantony
598 views34 slides
Vm13 vnx mixed workloads by
Vm13 vnx mixed workloadsVm13 vnx mixed workloads
Vm13 vnx mixed workloadspittmantony
4.6K views33 slides
From cache to in-memory data grid. Introduction to Hazelcast. by
From cache to in-memory data grid. Introduction to Hazelcast.From cache to in-memory data grid. Introduction to Hazelcast.
From cache to in-memory data grid. Introduction to Hazelcast.Taras Matyashovsky
42.6K views83 slides
Storing and processing data with the wso2 platform by
Storing and processing data with the wso2 platformStoring and processing data with the wso2 platform
Storing and processing data with the wso2 platformWSO2
3.3K views48 slides
Select Stars: A DBA's Guide to Azure Cosmos DB (Chicago Suburban SQL Server U... by
Select Stars: A DBA's Guide to Azure Cosmos DB (Chicago Suburban SQL Server U...Select Stars: A DBA's Guide to Azure Cosmos DB (Chicago Suburban SQL Server U...
Select Stars: A DBA's Guide to Azure Cosmos DB (Chicago Suburban SQL Server U...Bob Pusateri
57 views95 slides

What's hot(20)

Infinispan, Data Grids, NoSQL, Cloud Storage and JSR 347 by Manik Surtani
Infinispan, Data Grids, NoSQL, Cloud Storage and JSR 347Infinispan, Data Grids, NoSQL, Cloud Storage and JSR 347
Infinispan, Data Grids, NoSQL, Cloud Storage and JSR 347
Manik Surtani1.8K views
SM16 - Can i move my stuff to openstack by pittmantony
SM16 - Can i move my stuff to openstackSM16 - Can i move my stuff to openstack
SM16 - Can i move my stuff to openstack
pittmantony598 views
Vm13 vnx mixed workloads by pittmantony
Vm13 vnx mixed workloadsVm13 vnx mixed workloads
Vm13 vnx mixed workloads
pittmantony4.6K views
From cache to in-memory data grid. Introduction to Hazelcast. by Taras Matyashovsky
From cache to in-memory data grid. Introduction to Hazelcast.From cache to in-memory data grid. Introduction to Hazelcast.
From cache to in-memory data grid. Introduction to Hazelcast.
Taras Matyashovsky42.6K views
Storing and processing data with the wso2 platform by WSO2
Storing and processing data with the wso2 platformStoring and processing data with the wso2 platform
Storing and processing data with the wso2 platform
WSO23.3K views
Select Stars: A DBA's Guide to Azure Cosmos DB (Chicago Suburban SQL Server U... by Bob Pusateri
Select Stars: A DBA's Guide to Azure Cosmos DB (Chicago Suburban SQL Server U...Select Stars: A DBA's Guide to Azure Cosmos DB (Chicago Suburban SQL Server U...
Select Stars: A DBA's Guide to Azure Cosmos DB (Chicago Suburban SQL Server U...
Bob Pusateri57 views
Diagnosing MySQL performance problems by Justin Swanhart
Diagnosing MySQL performance problemsDiagnosing MySQL performance problems
Diagnosing MySQL performance problems
Justin Swanhart3.4K views
Distributed & Highly Available server applications in Java and Scala by Max Alexejev
Distributed & Highly Available server applications in Java and ScalaDistributed & Highly Available server applications in Java and Scala
Distributed & Highly Available server applications in Java and Scala
Max Alexejev5.6K views
Distributed applications using Hazelcast by Taras Matyashovsky
Distributed applications using HazelcastDistributed applications using Hazelcast
Distributed applications using Hazelcast
Taras Matyashovsky7.2K views
ORM and distributed caching by aragozin
ORM and distributed cachingORM and distributed caching
ORM and distributed caching
aragozin2.2K views
What’s the Deal with Containers, Anyway? by Stephen Foskett
What’s the Deal with Containers, Anyway?What’s the Deal with Containers, Anyway?
What’s the Deal with Containers, Anyway?
Stephen Foskett422 views
The Rise of NoSQL and Polyglot Persistence by Abdelmonaim Remani
The Rise of NoSQL and Polyglot PersistenceThe Rise of NoSQL and Polyglot Persistence
The Rise of NoSQL and Polyglot Persistence
Abdelmonaim Remani19.6K views
Varrow datacenter storage today and tomorrow by pittmantony
Varrow datacenter storage today and tomorrowVarrow datacenter storage today and tomorrow
Varrow datacenter storage today and tomorrow
pittmantony4.1K views
09 yong.luo-ceph in-ctrip by Yong Luo
09 yong.luo-ceph in-ctrip09 yong.luo-ceph in-ctrip
09 yong.luo-ceph in-ctrip
Yong Luo455 views
Alfresco Large Scale Enterprise Deployments by Alfresco Software
Alfresco Large Scale Enterprise DeploymentsAlfresco Large Scale Enterprise Deployments
Alfresco Large Scale Enterprise Deployments
Alfresco Software3.1K views
Ceph Day Melabourne - Community Update by Ceph Community
Ceph Day Melabourne - Community UpdateCeph Day Melabourne - Community Update
Ceph Day Melabourne - Community Update
Ceph Community 186 views
Experiences with Microservices at Tuenti by Andrés Viedma Peláez
Experiences with Microservices at TuentiExperiences with Microservices at Tuenti
Experiences with Microservices at Tuenti
Andrés Viedma Peláez692 views
Cassandra Core Concepts - Cassandra Day Toronto by Jon Haddad
Cassandra Core Concepts - Cassandra Day TorontoCassandra Core Concepts - Cassandra Day Toronto
Cassandra Core Concepts - Cassandra Day Toronto
Jon Haddad2.4K views
Varrow madness 2013 virtualizing sql presentation by pittmantony
Varrow madness 2013 virtualizing sql presentationVarrow madness 2013 virtualizing sql presentation
Varrow madness 2013 virtualizing sql presentation
pittmantony4.6K views
Ceph Community Talk on High-Performance Solid Sate Ceph by Ceph Community
Ceph Community Talk on High-Performance Solid Sate Ceph Ceph Community Talk on High-Performance Solid Sate Ceph
Ceph Community Talk on High-Performance Solid Sate Ceph
Ceph Community 394 views

Similar to Http front-ends

NFV Infrastructure Manager with High Performance Software Switch Lagopus by
NFV Infrastructure Manager with High Performance Software Switch Lagopus NFV Infrastructure Manager with High Performance Software Switch Lagopus
NFV Infrastructure Manager with High Performance Software Switch Lagopus Hirofumi Ichihara
395 views35 slides
Stardog talk-dc-march-17 by
Stardog talk-dc-march-17Stardog talk-dc-march-17
Stardog talk-dc-march-17Clark & Parsia LLC
3.4K views25 slides
Realtime web2012 by
Realtime web2012Realtime web2012
Realtime web2012Timothy Fitz
2K views35 slides
How DreamHost builds a public cloud with OpenStack.pdf by
How DreamHost builds a public cloud with OpenStack.pdfHow DreamHost builds a public cloud with OpenStack.pdf
How DreamHost builds a public cloud with OpenStack.pdfOpenStack Foundation
554 views29 slides
How DreamHost builds a Public Cloud with OpenStack by
How DreamHost builds a Public Cloud with OpenStackHow DreamHost builds a Public Cloud with OpenStack
How DreamHost builds a Public Cloud with OpenStackCarl Perry
1.3K views29 slides
Actors and Threads by
Actors and ThreadsActors and Threads
Actors and Threadsmperham
16K views46 slides

Similar to Http front-ends(20)

NFV Infrastructure Manager with High Performance Software Switch Lagopus by Hirofumi Ichihara
NFV Infrastructure Manager with High Performance Software Switch Lagopus NFV Infrastructure Manager with High Performance Software Switch Lagopus
NFV Infrastructure Manager with High Performance Software Switch Lagopus
Hirofumi Ichihara395 views
Stardog talk-dc-march-17 by Clark & Parsia LLC
Stardog talk-dc-march-17Stardog talk-dc-march-17
Stardog talk-dc-march-17
Clark & Parsia LLC3.4K views
Realtime web2012 by Timothy Fitz
Realtime web2012Realtime web2012
Realtime web2012
Timothy Fitz2K views
How DreamHost builds a public cloud with OpenStack.pdf by OpenStack Foundation
How DreamHost builds a public cloud with OpenStack.pdfHow DreamHost builds a public cloud with OpenStack.pdf
How DreamHost builds a public cloud with OpenStack.pdf
OpenStack Foundation554 views
How DreamHost builds a Public Cloud with OpenStack by Carl Perry
How DreamHost builds a Public Cloud with OpenStackHow DreamHost builds a Public Cloud with OpenStack
How DreamHost builds a Public Cloud with OpenStack
Carl Perry1.3K views
Actors and Threads by mperham
Actors and ThreadsActors and Threads
Actors and Threads
mperham16K views
Trick or XFLTReaT a.k.a. Tunnel All The Things by Balazs Bucsay
Trick or XFLTReaT a.k.a. Tunnel All The ThingsTrick or XFLTReaT a.k.a. Tunnel All The Things
Trick or XFLTReaT a.k.a. Tunnel All The Things
Balazs Bucsay27 views
Xen and-the-art-of-rails-deployment2640 by Newlink
Xen and-the-art-of-rails-deployment2640Xen and-the-art-of-rails-deployment2640
Xen and-the-art-of-rails-deployment2640
Newlink265 views
Xen and-the-art-of-rails-deployment2640 by Newlink
Xen and-the-art-of-rails-deployment2640Xen and-the-art-of-rails-deployment2640
Xen and-the-art-of-rails-deployment2640
Newlink259 views
Xen and-the-art-of-rails-deployment2640 by Newlink
Xen and-the-art-of-rails-deployment2640Xen and-the-art-of-rails-deployment2640
Xen and-the-art-of-rails-deployment2640
Newlink315 views
Xen and-the-art-of-rails-deployment2640 by Newlink
Xen and-the-art-of-rails-deployment2640Xen and-the-art-of-rails-deployment2640
Xen and-the-art-of-rails-deployment2640
Newlink298 views
Xen and-the-art-of-rails-deployment2640 by LLC NewLink
Xen and-the-art-of-rails-deployment2640Xen and-the-art-of-rails-deployment2640
Xen and-the-art-of-rails-deployment2640
LLC NewLink444 views
Ruby Concurrency Realities by Mike Subelsky
Ruby Concurrency RealitiesRuby Concurrency Realities
Ruby Concurrency Realities
Mike Subelsky1.5K views
Ext osad initial-eval-march2015 by Daneyon Hansen
Ext osad initial-eval-march2015Ext osad initial-eval-march2015
Ext osad initial-eval-march2015
Daneyon Hansen361 views
XFLTReaT: a new dimension in tunnelling (BruCON 0x09 2017) by Balazs Bucsay
XFLTReaT: a new dimension in tunnelling (BruCON 0x09 2017)XFLTReaT: a new dimension in tunnelling (BruCON 0x09 2017)
XFLTReaT: a new dimension in tunnelling (BruCON 0x09 2017)
Balazs Bucsay196 views
pps Matters by Bangladesh Network Operators Group
pps Matterspps Matters
pps Matters
Bangladesh Network Operators Group540 views
Jay Kreps on Project Voldemort Scaling Simple Storage At LinkedIn by LinkedIn
Jay Kreps on Project Voldemort Scaling Simple Storage At LinkedInJay Kreps on Project Voldemort Scaling Simple Storage At LinkedIn
Jay Kreps on Project Voldemort Scaling Simple Storage At LinkedIn
LinkedIn3.7K views
Balázs Bucsay - XFLTReaT: Building a Tunnel by hacktivity
Balázs Bucsay - XFLTReaT: Building a TunnelBalázs Bucsay - XFLTReaT: Building a Tunnel
Balázs Bucsay - XFLTReaT: Building a Tunnel
hacktivity189 views
Real time system_performance_mon by Tomas Doran
Real time system_performance_monReal time system_performance_mon
Real time system_performance_mon
Tomas Doran3.4K views
High performance network programming on the jvm oscon 2012 by Erik Onnen
High performance network programming on the jvm oscon 2012 High performance network programming on the jvm oscon 2012
High performance network programming on the jvm oscon 2012
Erik Onnen121.6K views

More from Theo Schlossnagle

Adding Simplicity to Complexity by
Adding Simplicity to ComplexityAdding Simplicity to Complexity
Adding Simplicity to ComplexityTheo Schlossnagle
509 views23 slides
Put Some SRE in Your Shipped Software by
Put Some SRE in Your Shipped SoftwarePut Some SRE in Your Shipped Software
Put Some SRE in Your Shipped SoftwareTheo Schlossnagle
2.1K views17 slides
Monitoring 101 by
Monitoring 101Monitoring 101
Monitoring 101Theo Schlossnagle
1.1K views37 slides
Distributed Systems - Like It Or Not by
Distributed Systems - Like It Or NotDistributed Systems - Like It Or Not
Distributed Systems - Like It Or NotTheo Schlossnagle
913 views20 slides
Applying SRE techniques to micro service design by
Applying SRE techniques to micro service designApplying SRE techniques to micro service design
Applying SRE techniques to micro service designTheo Schlossnagle
1.5K views18 slides
Craftsmanship by
CraftsmanshipCraftsmanship
CraftsmanshipTheo Schlossnagle
918 views36 slides

More from Theo Schlossnagle(20)

Adding Simplicity to Complexity by Theo Schlossnagle
Adding Simplicity to ComplexityAdding Simplicity to Complexity
Adding Simplicity to Complexity
Theo Schlossnagle509 views
Put Some SRE in Your Shipped Software by Theo Schlossnagle
Put Some SRE in Your Shipped SoftwarePut Some SRE in Your Shipped Software
Put Some SRE in Your Shipped Software
Theo Schlossnagle2.1K views
Monitoring 101 by Theo Schlossnagle
Monitoring 101Monitoring 101
Monitoring 101
Theo Schlossnagle1.1K views
Distributed Systems - Like It Or Not by Theo Schlossnagle
Distributed Systems - Like It Or NotDistributed Systems - Like It Or Not
Distributed Systems - Like It Or Not
Theo Schlossnagle913 views
Applying SRE techniques to micro service design by Theo Schlossnagle
Applying SRE techniques to micro service designApplying SRE techniques to micro service design
Applying SRE techniques to micro service design
Theo Schlossnagle1.5K views
Craftsmanship by Theo Schlossnagle
CraftsmanshipCraftsmanship
Craftsmanship
Theo Schlossnagle918 views
SRECon Coherent Performance by Theo Schlossnagle
SRECon Coherent PerformanceSRECon Coherent Performance
SRECon Coherent Performance
Theo Schlossnagle432 views
Commandments of scale by Theo Schlossnagle
Commandments of scaleCommandments of scale
Commandments of scale
Theo Schlossnagle293 views
Adaptive availability by Theo Schlossnagle
Adaptive availabilityAdaptive availability
Adaptive availability
Theo Schlossnagle522 views
Project reality by Theo Schlossnagle
Project realityProject reality
Project reality
Theo Schlossnagle912 views
Monitoring the #DevOps way by Theo Schlossnagle
Monitoring the #DevOps wayMonitoring the #DevOps way
Monitoring the #DevOps way
Theo Schlossnagle9.5K views
Operational Software Design by Theo Schlossnagle
Operational Software DesignOperational Software Design
Operational Software Design
Theo Schlossnagle5.9K views
A Coherent Discussion About Performance by Theo Schlossnagle
A Coherent Discussion About PerformanceA Coherent Discussion About Performance
A Coherent Discussion About Performance
Theo Schlossnagle4.8K views
The math behind big systems analysis. by Theo Schlossnagle
The math behind big systems analysis.The math behind big systems analysis.
The math behind big systems analysis.
Theo Schlossnagle2.8K views
Understanding Slowness by Theo Schlossnagle
Understanding SlownessUnderstanding Slowness
Understanding Slowness
Theo Schlossnagle1.4K views
OmniOS Motivation and Design ~ LISA 2012 by Theo Schlossnagle
OmniOS Motivation and Design ~ LISA 2012OmniOS Motivation and Design ~ LISA 2012
OmniOS Motivation and Design ~ LISA 2012
Theo Schlossnagle3.5K views
Monitoring and observability by Theo Schlossnagle
Monitoring and observabilityMonitoring and observability
Monitoring and observability
Theo Schlossnagle7.9K views
Omnios and unix by Theo Schlossnagle
Omnios and unixOmnios and unix
Omnios and unix
Theo Schlossnagle2.9K views
Monitoring and observability by Theo Schlossnagle
Monitoring and observabilityMonitoring and observability
Monitoring and observability
Theo Schlossnagle4K views
Xtreme Deployment by Theo Schlossnagle
Xtreme DeploymentXtreme Deployment
Xtreme Deployment
Theo Schlossnagle1.7K views

Recently uploaded

MVP and prioritization.pdf by
MVP and prioritization.pdfMVP and prioritization.pdf
MVP and prioritization.pdfrahuldharwal141
31 views8 slides
iSAQB Software Architecture Gathering 2023: How Process Orchestration Increas... by
iSAQB Software Architecture Gathering 2023: How Process Orchestration Increas...iSAQB Software Architecture Gathering 2023: How Process Orchestration Increas...
iSAQB Software Architecture Gathering 2023: How Process Orchestration Increas...Bernd Ruecker
40 views69 slides
TouchLog: Finger Micro Gesture Recognition Using Photo-Reflective Sensors by
TouchLog: Finger Micro Gesture Recognition Using Photo-Reflective SensorsTouchLog: Finger Micro Gesture Recognition Using Photo-Reflective Sensors
TouchLog: Finger Micro Gesture Recognition Using Photo-Reflective Sensorssugiuralab
21 views15 slides
Evolving the Network Automation Journey from Python to Platforms by
Evolving the Network Automation Journey from Python to PlatformsEvolving the Network Automation Journey from Python to Platforms
Evolving the Network Automation Journey from Python to PlatformsNetwork Automation Forum
13 views21 slides
SUPPLIER SOURCING.pptx by
SUPPLIER SOURCING.pptxSUPPLIER SOURCING.pptx
SUPPLIER SOURCING.pptxangelicacueva6
16 views1 slide
Microsoft Power Platform.pptx by
Microsoft Power Platform.pptxMicrosoft Power Platform.pptx
Microsoft Power Platform.pptxUni Systems S.M.S.A.
53 views38 slides

Recently uploaded(20)

MVP and prioritization.pdf by rahuldharwal141
MVP and prioritization.pdfMVP and prioritization.pdf
MVP and prioritization.pdf
rahuldharwal14131 views
iSAQB Software Architecture Gathering 2023: How Process Orchestration Increas... by Bernd Ruecker
iSAQB Software Architecture Gathering 2023: How Process Orchestration Increas...iSAQB Software Architecture Gathering 2023: How Process Orchestration Increas...
iSAQB Software Architecture Gathering 2023: How Process Orchestration Increas...
Bernd Ruecker40 views
TouchLog: Finger Micro Gesture Recognition Using Photo-Reflective Sensors by sugiuralab
TouchLog: Finger Micro Gesture Recognition Using Photo-Reflective SensorsTouchLog: Finger Micro Gesture Recognition Using Photo-Reflective Sensors
TouchLog: Finger Micro Gesture Recognition Using Photo-Reflective Sensors
sugiuralab21 views
Evolving the Network Automation Journey from Python to Platforms by Network Automation Forum
Evolving the Network Automation Journey from Python to PlatformsEvolving the Network Automation Journey from Python to Platforms
Evolving the Network Automation Journey from Python to Platforms
Network Automation Forum13 views
SUPPLIER SOURCING.pptx by angelicacueva6
SUPPLIER SOURCING.pptxSUPPLIER SOURCING.pptx
SUPPLIER SOURCING.pptx
angelicacueva616 views
Microsoft Power Platform.pptx by Uni Systems S.M.S.A.
Microsoft Power Platform.pptxMicrosoft Power Platform.pptx
Microsoft Power Platform.pptx
Uni Systems S.M.S.A.53 views
Scaling Knowledge Graph Architectures with AI by Enterprise Knowledge
Scaling Knowledge Graph Architectures with AIScaling Knowledge Graph Architectures with AI
Scaling Knowledge Graph Architectures with AI
Enterprise Knowledge38 views
GDG Cloud Southlake 28 Brad Taylor and Shawn Augenstein Old Problems in the N... by James Anderson
GDG Cloud Southlake 28 Brad Taylor and Shawn Augenstein Old Problems in the N...GDG Cloud Southlake 28 Brad Taylor and Shawn Augenstein Old Problems in the N...
GDG Cloud Southlake 28 Brad Taylor and Shawn Augenstein Old Problems in the N...
James Anderson92 views
SAP Automation Using Bar Code and FIORI.pdf by Virendra Rai, PMP
SAP Automation Using Bar Code and FIORI.pdfSAP Automation Using Bar Code and FIORI.pdf
SAP Automation Using Bar Code and FIORI.pdf
Virendra Rai, PMP23 views
Kyo - Functional Scala 2023.pdf by Flavio W. Brasil
Kyo - Functional Scala 2023.pdfKyo - Functional Scala 2023.pdf
Kyo - Functional Scala 2023.pdf
Flavio W. Brasil400 views
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f... by TrustArc
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...
TrustArc11 views
ESPC 2023 - Protect and Govern your Sensitive Data with Microsoft Purview in ... by Jasper Oosterveld
ESPC 2023 - Protect and Govern your Sensitive Data with Microsoft Purview in ...ESPC 2023 - Protect and Govern your Sensitive Data with Microsoft Purview in ...
ESPC 2023 - Protect and Govern your Sensitive Data with Microsoft Purview in ...
Jasper Oosterveld19 views
【USB韌體設計課程】精選講義節錄-USB的列舉過程_艾鍗學院 by IttrainingIttraining
【USB韌體設計課程】精選講義節錄-USB的列舉過程_艾鍗學院【USB韌體設計課程】精選講義節錄-USB的列舉過程_艾鍗學院
【USB韌體設計課程】精選講義節錄-USB的列舉過程_艾鍗學院
IttrainingIttraining58 views
Design Driven Network Assurance by Network Automation Forum
Design Driven Network AssuranceDesign Driven Network Assurance
Design Driven Network Assurance
Network Automation Forum15 views
Future of Indian ConsumerTech by Kapil Khandelwal (KK)
Future of Indian ConsumerTechFuture of Indian ConsumerTech
Future of Indian ConsumerTech
Kapil Khandelwal (KK)22 views
Special_edition_innovator_2023.pdf by WillDavies22
Special_edition_innovator_2023.pdfSpecial_edition_innovator_2023.pdf
Special_edition_innovator_2023.pdf
WillDavies2218 views
Mini-Track: Challenges to Network Automation Adoption by Network Automation Forum
Mini-Track: Challenges to Network Automation AdoptionMini-Track: Challenges to Network Automation Adoption
Mini-Track: Challenges to Network Automation Adoption
Network Automation Forum13 views
Business Analyst Series 2023 - Week 3 Session 5 by DianaGray10
Business Analyst Series 2023 - Week 3 Session 5Business Analyst Series 2023 - Week 3 Session 5
Business Analyst Series 2023 - Week 3 Session 5
DianaGray10300 views
HTTP headers that make your website go faster - devs.gent November 2023 by Thijs Feryn
HTTP headers that make your website go faster - devs.gent November 2023HTTP headers that make your website go faster - devs.gent November 2023
HTTP headers that make your website go faster - devs.gent November 2023
Thijs Feryn22 views
Igniting Next Level Productivity with AI-Infused Data Integration Workflows by Safe Software
Igniting Next Level Productivity with AI-Infused Data Integration Workflows Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Safe Software280 views

Http front-ends

  • 1. High-performance Robust HTTP Front-ends / tips, tricks and expectations Saturday, April 23, 2011
  • 2. Who am I? @postwait on twitter Author of “Scalable Internet Architectures” Pearson, ISBN: 067232699X Contributor to “Web Operations” O’Reilly, ISBN: Founder of OmniTI, Message Systems, Fontdeck, & Circonus I like to tackle problems that are “always on” and “always growing.” I am an Engineer A practitioner of academic computing. IEEE member and Senior ACM member. On the Editorial Board of ACM’s Queue magazine. 2 Saturday, April 23, 2011
  • 3. Agenda • Why only HTTP? • HTTP-like protocols • Performance • Availability Saturday, April 23, 2011
  • 4. HTTP • Why only HTTP... it’s what we do. • User-based, immediate, short-lived transactions occupy my life. • So, not just HTTP. • HTTPS • SPDY (... we’ll get to this) Saturday, April 23, 2011
  • 5. Performance • ATS (Apache Traffic Server) • supports SSL • battle-hardened codebase • very multi-code capable • Varnish • VCL adds unparalleled flexibility • no SSL! • nginx • I don’t see much of this out on the edge Saturday, April 23, 2011
  • 6. Performance Expectations • from a single server, you should be able to: • support 500k concurrent users • this is only 40k sockets/core • push in excess of 100k requests/second • this is only 9k requests/core*second • push close to 10 gigabits • this is why 10G was invented Saturday, April 23, 2011
  • 7. Performance Achievements • Good load balancers achieve this performance • with dual socket Westmere processors, we’re able to achieve in software on general purpose hardware what was only possible in hardware ASICs. • ATS and Varnish can do this today. Saturday, April 23, 2011
  • 8. The Basic Rules: Content • You must serve content from cache • Your cache should fit in memory • If it does not, it should spill to SSD, not spinning media. Saturday, April 23, 2011
  • 9. The Basic Rules: CPU • You must cache SSL sessions • SSL key negotiation is expensive. • SSL encryption is not* • Common cases must not cause state on the firewall. • It’s hard enough to serve 150k requests/second. • You will spend too much time in kernel in iptables, ipf, or pf. • allow port 80 and port 443. • enable SYN flood prevention * crypto obviously costs CPU; symmetric crypto is relatively cheap Saturday, April 23, 2011
  • 10. The Basic Rules: Network • You must not run a stateful firewall in front • too expensive • too little value • You must be directly behind capable router(s) • expect anywhere from 1MM to 20MM packets per second • we need to run BGP for availability Saturday, April 23, 2011
  • 11. Availability • We learned in the performance section: • 1 machine / 10Gbps uplink performs well enough • We need redundancy: • Linux HA? • VRRP/HSRP? • CARP? • No... Saturday, April 23, 2011
  • 12. Availability: Constraints • Client TCP sessions are relatively short lived. • The web is a largely idempotent place. • Clients are capable of retrying on failure. • This means: • forget stateful failover. • focus on availability for new connections. Saturday, April 23, 2011
  • 13. Availability: Setup • You are behind a capable router (it was a rule) • Use routing protocols (BGP) to maintain availability. BGP 10.1.0.0/24 10.1.1.0/24 10.1.0.0/23 10.1.0.0/23 Saturday, April 23, 2011
  • 14. Working Stacks • Linux (OS/TCP stack) • Illumos (OS/TCP stack) • Varnish (HTTP) • ATS (HTTP/HTTPS) • Quagga (BGP) • Quagga (BGP) Saturday, April 23, 2011
  • 15. Future! • This stuff is fast. • In the end, we’re not looking for faster servers, we’re looking for improved user experience. • Enter SPDY • Google’s multi-channel HTTP super-protocol • Allows multiplexing of concurrent HTTP(like) request/response on a single TCP session. • Defeats slow startup • Allows for content prioritization on server Saturday, April 23, 2011
  • 16. Future: my thoughts • SPDY is relatively simple to implement on the server • SPDY is very very hard to leverage on the server • If ATS implemented SPDY in and out • and provided a robust configuration language to leverage it ... the future would be today. Saturday, April 23, 2011
  • 17. Thank you. • Thank you Олег Бунин • Thanks to the Varnish and ATS developers. • Спасибо. Saturday, April 23, 2011