This document provides an overview of advanced load balancing capabilities in Apache HTTP Server 2.2 using the mod_proxy module. Key points include:
- Mod_proxy allows Apache to function as a reverse proxy or load balancer for backend servers.
- New in 2.2 are improvements like large file support, graceful stop, mod_dbd integration, and better debugging.
- Load balancing is implemented through balancer providers that can be customized. Default providers balance by requests, traffic, or server busyness.
- Features like connection pooling, sticky sessions, failover clusters, and an embedded admin interface provide robust load balancing functionality.
This presentation, DEFEATING THE NETWORK SECURITY INFRASTRUCTURE v1.0.pdf, was made after some brainstorming
with some friends. The techniques used are not new and the tools readily available for download. The purpose of the discussion however
is to debate how internal enterprise resources might be (in)adversely exposed to the internet by in an insider using a combination of common techniques such as SSH and SSL.
This presentation, DEFEATING THE NETWORK SECURITY INFRASTRUCTURE v1.0.pdf, was made after some brainstorming
with some friends. The techniques used are not new and the tools readily available for download. The purpose of the discussion however
is to debate how internal enterprise resources might be (in)adversely exposed to the internet by in an insider using a combination of common techniques such as SSH and SSL.
KubeCon EU 2016: Creating an Advanced Load Balancing Solution for Kubernetes ...KubeAcademy
Load balancing is an important part of any resilient web application. Kubernetes supports a few options for external load balancing, but they are limited in features. After a brief discussion of those options and the features they lack, we’ll show how to build an advanced load balancing solution for Kubernetes on top of NGINX, utilizing Kubernetes features including Ingress, Annotations, and ConfigMap. We’ll conclude with a demo of how to use NGINX and NGINX Plus to expose services to the Internet.
Sched Link: http://sched.co/6Bc9
How To Set Up SQL Load Balancing with HAProxy - SlidesSeveralnines
We continuously see great interest in MySQL load balancing and HAProxy, so we thought it was about time we organised a live webinar on the topic! Here is the replay of that webinar!
As most of you will know, database clusters and load balancing go hand in hand.
Once your data is distributed and replicated across multiple database nodes, a load balancing mechanism helps distribute database requests, and gives applications a single database endpoint to connect to.
Instance failures or maintenance operations like node additions/removals, reconfigurations or version upgrades can be masked behind a load balancer. This provides an efficient way of isolating changes in the database layer from the rest of the infrastructure.
In this webinar, we cover the concepts around the popular open-source HAProxy load balancer, and show you how to use it with your SQL-based database clusters. We also discuss HA strategies for HAProxy with Keepalived and Virtual IP.
Agenda:
* What is HAProxy?
* SQL Load balancing for MySQL
* Failure detection using MySQL health checks
* High Availability with Keepalived and Virtual IP
* Use cases: MySQL Cluster, Galera Cluster and MySQL Replication
* Alternative methods: Database drivers with inbuilt cluster support, MySQL proxy, MaxScale, ProxySQL
Learn how to load balance your applications following best practices with NGINX and NGINX Plus.
Join this webinar to learn:
- How to configure basic HTTP load balancing features
- The essential elements of load balancing: session persistence, health checks, and SSL termination
- How to load balance MySQL, DNS, and other common TCP/UDP applications
- How to have NGINX Plus automatically discover new service instances in an auto-scaling or microservices environment
Load Balancing MySQL with HAProxy - SlidesSeveralnines
Agenda:
* What is HAProxy?
* SQL Load balancing for MySQL
* Failure detection using MySQL health checks
* High Availability with Keepalived and Virtual IP
* Use cases: MySQL Cluster, Galera Cluster and MySQL Replication
* Alternative methods: Database drivers with inbuilt cluster support, MySQL proxy, MaxScale, ProxySQL
Openstack Networking Internals - first partlilliput12
Openstack Networking Internals - first part
Description of the Virtual Network Infrastructure inside an OpenStack cluster
The pictures of the VNI were taken with the "Show my network state" tool
https://sites.google.com/site/showmynetworkstate/
기존에 저희 회사에서 사용하던 모니터링은 Zabbix 였습니다.
컨테이너 모니터링 부분으로 옮겨가면서 변화가 필요하였고, 이에 대해서 프로메테우스를 활용한 모니터링 방법을 자연스럽게 고민하게 되었습니다.
이에 이영주님께서 테크세션을 진행하였고, 이에 발표자료를 올립니다.
5개의 부분으로 구성되어 있으며, 세팅 방법에 대한 내용까지 포함합니다.
01. Prometheus?
02. Usage
03. Alertmanager
04. Cluster
05. Performance
Scaling out on the cloud is easy. Especially, if you have a software provisioning system that helps you to deploy your environment wherever you want. This session will give you an overview of the fantastic new features of HAProxy V 1.5, and how you can integrate it into your environment to build a high available environment, using open source software. Starting with a single-webserver + mysql setup provisioned via chef, we will deploy an HA Proxy Cluster in front and scale out your nginx and mysql database backend.
KubeCon EU 2016: Creating an Advanced Load Balancing Solution for Kubernetes ...KubeAcademy
Load balancing is an important part of any resilient web application. Kubernetes supports a few options for external load balancing, but they are limited in features. After a brief discussion of those options and the features they lack, we’ll show how to build an advanced load balancing solution for Kubernetes on top of NGINX, utilizing Kubernetes features including Ingress, Annotations, and ConfigMap. We’ll conclude with a demo of how to use NGINX and NGINX Plus to expose services to the Internet.
Sched Link: http://sched.co/6Bc9
How To Set Up SQL Load Balancing with HAProxy - SlidesSeveralnines
We continuously see great interest in MySQL load balancing and HAProxy, so we thought it was about time we organised a live webinar on the topic! Here is the replay of that webinar!
As most of you will know, database clusters and load balancing go hand in hand.
Once your data is distributed and replicated across multiple database nodes, a load balancing mechanism helps distribute database requests, and gives applications a single database endpoint to connect to.
Instance failures or maintenance operations like node additions/removals, reconfigurations or version upgrades can be masked behind a load balancer. This provides an efficient way of isolating changes in the database layer from the rest of the infrastructure.
In this webinar, we cover the concepts around the popular open-source HAProxy load balancer, and show you how to use it with your SQL-based database clusters. We also discuss HA strategies for HAProxy with Keepalived and Virtual IP.
Agenda:
* What is HAProxy?
* SQL Load balancing for MySQL
* Failure detection using MySQL health checks
* High Availability with Keepalived and Virtual IP
* Use cases: MySQL Cluster, Galera Cluster and MySQL Replication
* Alternative methods: Database drivers with inbuilt cluster support, MySQL proxy, MaxScale, ProxySQL
Learn how to load balance your applications following best practices with NGINX and NGINX Plus.
Join this webinar to learn:
- How to configure basic HTTP load balancing features
- The essential elements of load balancing: session persistence, health checks, and SSL termination
- How to load balance MySQL, DNS, and other common TCP/UDP applications
- How to have NGINX Plus automatically discover new service instances in an auto-scaling or microservices environment
Load Balancing MySQL with HAProxy - SlidesSeveralnines
Agenda:
* What is HAProxy?
* SQL Load balancing for MySQL
* Failure detection using MySQL health checks
* High Availability with Keepalived and Virtual IP
* Use cases: MySQL Cluster, Galera Cluster and MySQL Replication
* Alternative methods: Database drivers with inbuilt cluster support, MySQL proxy, MaxScale, ProxySQL
Openstack Networking Internals - first partlilliput12
Openstack Networking Internals - first part
Description of the Virtual Network Infrastructure inside an OpenStack cluster
The pictures of the VNI were taken with the "Show my network state" tool
https://sites.google.com/site/showmynetworkstate/
기존에 저희 회사에서 사용하던 모니터링은 Zabbix 였습니다.
컨테이너 모니터링 부분으로 옮겨가면서 변화가 필요하였고, 이에 대해서 프로메테우스를 활용한 모니터링 방법을 자연스럽게 고민하게 되었습니다.
이에 이영주님께서 테크세션을 진행하였고, 이에 발표자료를 올립니다.
5개의 부분으로 구성되어 있으며, 세팅 방법에 대한 내용까지 포함합니다.
01. Prometheus?
02. Usage
03. Alertmanager
04. Cluster
05. Performance
Scaling out on the cloud is easy. Especially, if you have a software provisioning system that helps you to deploy your environment wherever you want. This session will give you an overview of the fantastic new features of HAProxy V 1.5, and how you can integrate it into your environment to build a high available environment, using open source software. Starting with a single-webserver + mysql setup provisioned via chef, we will deploy an HA Proxy Cluster in front and scale out your nginx and mysql database backend.
Presented at the Open Repositories Conference, this presentation describes the Lessons Learned in the Open Source Movement that can be used outside of the traditional IT environment.
My Keynote from POSSCON 2013: Open Source and Free Software aren't as complex as you may think. This presentation distills down some key aspects of FOSS to a basic set of three "types"
My keynote at the CloudStack Collaboration Conference 2012 event. Overview of The Apache Way, the Lesson's Learned at the Apache Software Foundation on building code and community.
The Recording HTTP Proxy: Not Yet Another Messiah - Bulgaria PHP 2019Viktor Todorov
In our work we tend to believe in Messiah. A messiah can be the new magic tool which will solve all our problems, or a shiny framework, so much better than everything we have used before, or even a person in our team. We all know the messiah in software testing. It’s the Unit Testing. But is the unit test the one and the only way to test a software? The answer is no. This lecture will show you a new approach to software testing using a Recording HTTP Proxy and how it can help you achieve better quality of your software. Without proclaiming it as “The Great New Messiah”.
While it’s easy to get started developing applications using Ruby on Rails, the hard part is (as with most technologies) how to put it into production? There are a lot of options like Mongrel, nginx, Apache and JRuby, all of them difficult to evaulate without deeper knowledge of Rails and your application’s scaling needs. We will look at the available options to get a clearer picture how each setup is in different situations, and how you can utilize Capistrano for an easy deployment process in those situations. Simple as well as more complex setups will be discussed. We’ll try to include your problems as well as your experiences to discuss specific issues with deployment and scalability.
Caching and tuning fun for high scalability @ FOSDEM 2012Wim Godden
Caching has been a 'hot' topic for a few years. But caching takes more than merely taking data and putting it in a cache : the right caching techniques can improve performance and reduce load significantly. But we'll also look at some major pitfalls, showing that caching the wrong way can bring down your site. If you're looking for a clear explanation about various caching techniques and tools like Memcached, Nginx and Varnish, as well as ways to deploy them in an efficient way, this talk is for you.
DevoxxUK: Optimizating Application Performance on KubernetesDinakar Guniguntala
Now that you have your apps running on K8s, wondering how to get the response time that you need ? Tuning a polyglot set of microservices to get the performance that you need can be challenging in Kubernetes. The key to overcoming this is observability. Luckily there are a number of tools such as Prometheus that can provide all the metrics you need, but here is the catch, there is so much of data and metrics that is difficult make sense of it all. This is where Hyperparameter tuning can come to the rescue to help build the right models.
This talk covers best practices that will help attendees
1. To understand and avoid common performance related problems.
2. Discuss observability tools and how they can help identify perf issues.
3. Look closer into Kruize Autotune which is a Open Source Autonomous Performance Tuning Tool for Kubernetes and where it can help.
Converting Your Dev Environment to a Docker Stack - CascadiaDana Luther
Heard a lot about docker but not sure where to start? In this presentation we will go over the simplest ways to convert your development environment over to a docker stack, including support for full acceptance testing with Selenium. We’ll then go over how to modify the stack to mimic your production/pre-production environment(s) as closely as possible, and demystify working with the containers in the stack.
Converting Your Dev Environment to a Docker Stack - php[world]Dana Luther
Heard a lot about docker but not sure where to start? Frustrated maintaining development VMs? In this presentation we will go over the simplest ways to convert your development environment over to a docker stack, including support for full acceptance testing with Selenium. We’ll then go over how to modify the stack to mimic your production/pre-production environment(s) as closely as possible, and demystify working with the containers in the stack.
The need to scale is in high demand in an age where everything is moving to the cloud. Though the standard Apache configuration could handle a website with moderate traffic, the minute it gets slash dotted or twitted multiple times could spell an embarrassing crash landing! If you are the administrator of such a website then good luck finding another job! On the other hand you value high availability in the midst of popularity then read on. On this one day workshop, we will show you how to scale your website and webapps to scale to handle thousands of simultaneous sessions the right way. The topics covered will include:
- Setting up Apache and NGiNXM
- Setting up a sample LAMP web app
- Benchmarking Apache performance
- Fine tuning Apache to improve performance
- Fine tuning NGiNX to improve performance
- Discussion about code level improvements when developing custom webapps using PHP
We use Gearman for managing queue system. This covers why we should use a queue in many situations on web-based interface as well as server-side application.
Apache and PHP: Why httpd.conf is your new BFF!Jeff Jones
Apache's configuration files can be used to configure how Apache operates, but they can also be used to configure PHP and how Apache httpd interacts with PHP. In this talk, Jeff explains the different ways Apache can be configured, explains many of the useful config options available for Apache modules, including our own mod_php, and showcases example of how they can be used with, and instead of, your PHP code.
InnerSource 101 for FinTech and FinServJim Jagielski
An overview of the topic, benefits, techniques and challenges of implementing an InnerSource policy in the FinTech/FinServ arena. From my talk at the Open Source Strategy Summit 2017 in NYC.
ApacheCon 2017: What's new in httpd 2.4Jim Jagielski
What new is Apache httpd 2.4, both in upgrading from httpd 2.2 and well as new features in this latest version. Performance, HTTP/2, reverse proxy and cache!
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
GridMate - End to end testing is a critical piece to ensure quality and avoid...ThomasParaiso2
End to end testing is a critical piece to ensure quality and avoid regressions. In this session, we share our journey building an E2E testing pipeline for GridMate components (LWC and Aura) using Cypress, JSForce, FakerJS…
Communications Mining Series - Zero to Hero - Session 1DianaGray10
This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered:
• Communication Mining Overview
• Why is it important?
• How can it help today’s business and the benefits
• Phases in Communication Mining
• Demo on Platform overview
• Q/A
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...Neo4j
Leonard Jayamohan, Partner & Generative AI Lead, Deloitte
This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
3. About me
• Longtime active contributor (July/Aug
1995)
• Been giving mod_proxy much TLC
• ASF Co-founder
• Other ASF titles as well
• Chief Architect at Springsource
• Husband, father, all around nice guy
3
4. mod_proxy? Wazzat?
• An Apache module
• Implements core proxy capability
• Both forward and reverse proxy
• In general, most people use it for
reverse proxy (gateway) functionality
4
6. Reverse Proxy
• Intent is to “protect” internal Servers
Firewall
Reverse Proxy
Internal Servers
6
7. How did we get here?
• A stroll down mod_proxy lane
– First available in Apache 1.1
• “Experimental Caching Proxy Server”
– In Apache 1.2, pretty stable, but just
HTTP/1.0
– In Apache 1.3, much improved with
added support for HTTP/1.1
– In Apache 2.0, break out cache and
proxy
7
8. What’s new/improved in 2.2
• Large file support
• Graceful stop
• mod_dbd
• mod_filter
• Better Debugging and info
• Caching
• Event MPM
• Authn/Authz
• Proxy
8
10. Proxy Improvements
• Becoming a robust but generic proxy
implementation
• Support various protocols
– HTTP, HTTPS, CONNECT, FTP
– AJP, FastCGI (coming “soonish”)
• Load balancing
• Clustering, failover
10
11. AJP? Really?
• Yep, Apache can now talk AJP with
Tomcat directly
• mod_proxy_ajp is the magic mojo
• Other proxy improvements make this
even more exciting
• mod_jk alternative
11
12. But I like mod_jk
• That’s fine, but...
– Now the config is much easier and more
consistent
• ProxyPass /servlets ajp://tc.example.com:8089
– Easier when Apache needs to proxy both
HTTP and AJP
– Leverage improvements in proxy module
12
13. mod_proxy Directives
• ProxyPass
• ProxyPassReverse
• <Proxy ... >
• ProxySet
• But NOT ProxyRequests
13
14. Huh??
• Yep, you do not set ProxyRequests to On
– This is just for forward proxies
– You don’t need this for Reverse Proxy
functionality
– Setting it to On will make you very, very sad
14
15. Simple Rev Proxy
• All requests for /images to a backend
server
– ProxyPass /images http://images.example.com/
• Useful, but limited
• What if:
– images.example.com dies?
– traffic for /images increases
15
16. Baby got back
• We need more backend servers
• And balance the load between them
• Before 2.2, mod_rewrite was your only
option
• Some people would prefer spending an
evening with an Life Insurance salesman
rather than deal with mod_rewrite
16
17. Load Balancer
• mod_proxy_balancer.so
• mod_proxy can do native load balancing
– weight by actual requests
– weight by traffic
– weight by busyness
– lbfactors
• LB algo’s are impl as providers
– easy to add
– no core code changes required
17
18. Providers? Wazzat?
• New feature of Apache 2.x
• Originally used mostly in mod_dav
• Then in caching
• Now in other places too
– authn / authz
– mod_proxy
18
19. Providers... so what
• Think of providers as providing
services
• modules implement providers and
register them
• Other modules can then use those
providers to implement that “service”
19
20. Why cool for mod_proxy?
• We mentioned that right now, we
balance by traffic, requests and
busyness
• But what if you want some other
method (eg: ByPhaseOfTheMoon)
• You can add that capability with no
core code changes to Apache.
• Very flexible
20
21. Load Balancer
• Backend connection pooling
– Available for named workers:
• eg: ProxyPass /foo http://bar.example.com
– Reusable connection to origin
– For threaded MPMs, can adjust size of
pool (min, max, smax)
– For prefork: singleton
• Shared data held in scoreboard
21
22. Pooling example
<Proxy balancer://foo>
BalancerMember http://www1.example.com:80/ loadfactor=1
BalancerMember http://www3.example.com:80/ loadfactor=1
BalancerMember http://www2.example.com:80/ loadfactor=4 status=+h
ProxySet lbmethod=bytraffic
</Proxy>
proxy: grabbed scoreboard slot 0 in child 371 for worker http://www1.example.com/
proxy: initialized single connection worker 0 in child 371 for (www1.example.com)
proxy: grabbed scoreboard slot 0 in child 369 for worker http://www1.example.com/
proxy: worker http://www1.example.com/ already initialized
proxy: grabbed scoreboard slot 0 in child 372 for worker http://www1.example.com/
proxy: worker http://www1.example.com/ already initialized
proxy: grabbed scoreboard slot 2 in child 371 for worker http://www3.example.com/
proxy: initialized single connection worker 2 in child 371 for (www3.example.com)
proxy: initialized single connection worker 0 in child 369 for (www1.example.com)
proxy: grabbed scoreboard slot 2 in child 369 for worker http://www3.example.com/
...
proxy: grabbed scoreboard slot 6 in child 369 for worker proxy:reverse
proxy: initialized single connection worker 6 in child 369 for (*)
proxy: grabbed scoreboard slot 6 in child 372 for worker proxy:reverse
proxy: worker proxy:reverse already initialized
proxy: grabbed scoreboard slot 1 in child 369 for worker http://www1.example.com/
proxy: initialized single connection worker 6 in child 372 for (*)
22
23. Workers and worker
• Don’t get too confused
• Both the worker MPM and the proxy
balancer use the term “worker”
23
24. Load Balancer
• Sticky session support
– aka “session affinity”
– Cookie based
• stickysession=PHPSESSID
• stickysession=JSESSIONID
– Natively easy with Tomcat
– May require more setup for “simple”
HTTP proxying
– Do you really want/need it?
24
25. Load Balancer
• Cluster set with failover
– Lump backend servers as numbered
sets
– balancer will try lower-valued sets first
– If no workers are available, will try next
set
• Hot standby
25
30. Some tuning params
• For workers:
– loadfactor
• normalized load for worker [1]
– lbset
• worker cluster number [0]
– retry
• retry timeout, in seconds, for non-ready
workers [60]
30
31. Some tuning params
• For workers - connection pool:
– min
• Initial number of connections [0]
– max
• Hard maximum number of connections [1|
TPC]
– smax:
• soft max - keep this number available [max]
31
32. Some tuning params
• For workers - connection pool:
– disablereuser:
• bypass the connection pool
– ttl
• time to live for connections above smax
32
33. Some tuning params
• For workers (cont):
– connectiontimeout/timout
• Connection timeouts on backend
[ProxyTimeout]
– flushpackets *
• Does proxy need to flush data with each
chunk of data?
– on : Yes | off : No | auto : wait and see
– flushwait *
• ms to wait for data before flushing
33
34. Some tuning params
• For workers (cont):
– ping *
• Ping backend to check for availability; value
is time to wait for response
– status (+/-)
• D : disabled
• S : Stopped
• I : Ignore errors
• H : Hot standby
• E : Error
34
35. Some tuning params
• For balancers:
– lbmethod
• load balancing algo to use [byrequests]
– stickysession
• sticky session name (eg: PHPSESSIONID)
– maxattempts
• failover tries before we bail
35
36. Some tuning params
• For balancers:
– nofailover
• pretty freakin obvious
• For both:
– ProxySet
• Alternate method to set various params
ProxySet balancer://foo timeout=10
...
ProxyPass / balancer://foo timeout=10
36
37. Oh yeah
• ProxyPassMatch
– ProxyPass can now take regex’s instead
of just “paths”
• ProxyPassMatch ^(/.*.gif)$ http://backend.example.com$1
– JkMount migration
• Shhhh
– ProxyPass ~ ^(/.*.gif)$ http://backend.example.com$1
• mod_rewrite is balancer aware
37
38. Neat
• ProxyPassReverse is NOW balancer
aware! (as of 2.2.9)
• The below will work:
<Proxy balancer://foo>
BalancerMember http://php1:8080/ loadfactor=1
BalancerMember http://php2:8080/ loadfactor=4
</Proxy>
ProxyPass /apps/ balancer://foo/
ProxyPassReverse /apps balancer://foo/
38
39. Workaround for <=2.2.8
• Instead, do this
<Proxy balancer://foo>
BalancerMember http://php1:8080/ loadfactor=1
BalancerMember http://php2:8080/ loadfactor=4
</Proxy>
ProxyPass /apps/ balancer://foo/
ProxyPassReverse /apps http://php1:8080/
ProxyPassReverse /apps http://php2:8080/
39
40. Useful Envars
• BALANCER_SESSION_STICKY
– This is assigned the stickysession value used in the
current request. It is the cookie or parameter name used
for sticky sessions
• BALANCER_SESSION_ROUTE
– This is assigned the route parsed from the current
request.
• BALANCER_NAME
– This is assigned the name of the balancer used for the
current request. The value is something like
balancer://foo.
40
41. Useful Envars
• BALANCER_WORKER_NAME
– This is assigned the name of the worker used for the current
request. The value is something like
http://hostA:1234.
• BALANCER_WORKER_ROUTE
– This is assigned the route of the worker that will be used for
the current request.
• BALANCER_ROUTE_CHANGED
– This is set to 1 if the session route does not match the
worker route (BALANCER_SESSION_ROUTE !=
BALANCER_WORKER_ROUTE) or the session does not
yet have an established route. This can be used to
determine when/if the client needs to be sent an updated
route when sticky sessions are used.
41