SysAdmins love Apache. It allows one to run websites on the Internet with minimal configuration and administration.
However, this fexibility and simplicity is what typically leads Apache to become a memory hog. Utilizing these easy to understand tips, you can significantly boost Apache's performance.
The venerable Servlet Container still has some performance tricks up its sleeve - this talk will demonstrate Apache Tomcat's stability under high load, describe some do's (and some don'ts!), explain how to performance test a Servlet-based application, troubleshoot and tune the container and your application and compare the performance characteristics of the different Tomcat connectors. The presenters will share their combined experience supporting real Tomcat applications for over 20 years and show how a few small changes can make a big, big difference.
In this talk, Damien describes the infrastructure Nuxeo has built around Docker containers, which is mainly based on CoreOS and Docker, and how it provides a way to generically run applications not only on a single host, but across a whole cluster of hosts. The resulting architecture can be used to implement a PaaS approach for any application.
SysAdmins love Apache. It allows one to run websites on the Internet with minimal configuration and administration.
However, this fexibility and simplicity is what typically leads Apache to become a memory hog. Utilizing these easy to understand tips, you can significantly boost Apache's performance.
The venerable Servlet Container still has some performance tricks up its sleeve - this talk will demonstrate Apache Tomcat's stability under high load, describe some do's (and some don'ts!), explain how to performance test a Servlet-based application, troubleshoot and tune the container and your application and compare the performance characteristics of the different Tomcat connectors. The presenters will share their combined experience supporting real Tomcat applications for over 20 years and show how a few small changes can make a big, big difference.
In this talk, Damien describes the infrastructure Nuxeo has built around Docker containers, which is mainly based on CoreOS and Docker, and how it provides a way to generically run applications not only on a single host, but across a whole cluster of hosts. The resulting architecture can be used to implement a PaaS approach for any application.
How To Set Up SQL Load Balancing with HAProxy - SlidesSeveralnines
We continuously see great interest in MySQL load balancing and HAProxy, so we thought it was about time we organised a live webinar on the topic! Here is the replay of that webinar!
As most of you will know, database clusters and load balancing go hand in hand.
Once your data is distributed and replicated across multiple database nodes, a load balancing mechanism helps distribute database requests, and gives applications a single database endpoint to connect to.
Instance failures or maintenance operations like node additions/removals, reconfigurations or version upgrades can be masked behind a load balancer. This provides an efficient way of isolating changes in the database layer from the rest of the infrastructure.
In this webinar, we cover the concepts around the popular open-source HAProxy load balancer, and show you how to use it with your SQL-based database clusters. We also discuss HA strategies for HAProxy with Keepalived and Virtual IP.
Agenda:
* What is HAProxy?
* SQL Load balancing for MySQL
* Failure detection using MySQL health checks
* High Availability with Keepalived and Virtual IP
* Use cases: MySQL Cluster, Galera Cluster and MySQL Replication
* Alternative methods: Database drivers with inbuilt cluster support, MySQL proxy, MaxScale, ProxySQL
This presentation explains how to deploy and use the Integrated Caching feature on Netscaler. I gave this presentation to Citrix staff, customers and partners in worldwide in 2011. The presentation covers best practices and gotchas :) Integrated Caching is an excellent feature that can greatly improve the performance of your website.
moxi is a memcached proxy with several features which can help keep the memcached contract whole in complicated environments. It also brings several optimizations to memcached deployments, without requiring any changes to the application software using memcached. For more, visit: http://labs.northscale.com/moxi/
Speaker: Jean-Daniel Cryans (Cloudera)
HBase Replication has come a long way since its inception in HBase 0.89 almost four years ago. Today, master-master and cyclic replication setups are supported; many bug fixes and new features like log compression, per-family peers configuration, and throttling have been added; and a major refactoring has been done. This presentation will recap the work done during the past four years, present a few use cases that are currently in production, and take a look at the roadmap.
Web Performance Part 3 "Server-side tips"Binary Studio
The presentation is devoted to server side tips on improving Web Performance. All 4 presentations will help you reduce latency, enrich optimization of javascript code, discover tricky parts when working with API browser, see best practices of networking and learn lots of other important and interesting things. Enjoy! =)
How To Set Up SQL Load Balancing with HAProxy - SlidesSeveralnines
We continuously see great interest in MySQL load balancing and HAProxy, so we thought it was about time we organised a live webinar on the topic! Here is the replay of that webinar!
As most of you will know, database clusters and load balancing go hand in hand.
Once your data is distributed and replicated across multiple database nodes, a load balancing mechanism helps distribute database requests, and gives applications a single database endpoint to connect to.
Instance failures or maintenance operations like node additions/removals, reconfigurations or version upgrades can be masked behind a load balancer. This provides an efficient way of isolating changes in the database layer from the rest of the infrastructure.
In this webinar, we cover the concepts around the popular open-source HAProxy load balancer, and show you how to use it with your SQL-based database clusters. We also discuss HA strategies for HAProxy with Keepalived and Virtual IP.
Agenda:
* What is HAProxy?
* SQL Load balancing for MySQL
* Failure detection using MySQL health checks
* High Availability with Keepalived and Virtual IP
* Use cases: MySQL Cluster, Galera Cluster and MySQL Replication
* Alternative methods: Database drivers with inbuilt cluster support, MySQL proxy, MaxScale, ProxySQL
This presentation explains how to deploy and use the Integrated Caching feature on Netscaler. I gave this presentation to Citrix staff, customers and partners in worldwide in 2011. The presentation covers best practices and gotchas :) Integrated Caching is an excellent feature that can greatly improve the performance of your website.
moxi is a memcached proxy with several features which can help keep the memcached contract whole in complicated environments. It also brings several optimizations to memcached deployments, without requiring any changes to the application software using memcached. For more, visit: http://labs.northscale.com/moxi/
Speaker: Jean-Daniel Cryans (Cloudera)
HBase Replication has come a long way since its inception in HBase 0.89 almost four years ago. Today, master-master and cyclic replication setups are supported; many bug fixes and new features like log compression, per-family peers configuration, and throttling have been added; and a major refactoring has been done. This presentation will recap the work done during the past four years, present a few use cases that are currently in production, and take a look at the roadmap.
Web Performance Part 3 "Server-side tips"Binary Studio
The presentation is devoted to server side tips on improving Web Performance. All 4 presentations will help you reduce latency, enrich optimization of javascript code, discover tricky parts when working with API browser, see best practices of networking and learn lots of other important and interesting things. Enjoy! =)
Best And Worst Practices Deploying IBM ConnectionsLetsConnect
Depending on deployment size, operating system and security considerations you have different options to configure IBM Connections. This session will show examples from multiple customer deployments of IBM Connections. I will describe things I found and how you can optimize your systems. Main topics include; simple (documented) tasks that should be applied, missing documentation, automated user synchronization, TDI solutions and user synchronization, performance tuning, security optimizing and planning Single Sign On
In order to obtain the best performance possible out of your AEP server, the core architecture provides methods to reuse job processes multiple times. This talk will cover how the mechanism functions, what performance improvements you might expect as well as what potential problems you might encounter, how to use pooling in protocols and applications, and how the administrator or package developers can configure and debug specialized job pools for their particular applications
OSDC 2016 - Tuning Linux for your Database by Colin CharlesNETWAYS
Many operations folk know that performance varies depending on using one of the many Linux filesystems like EXT4 or XFS. They also know of the schedulers available, they see the OOM killer coming and more. However, appropriate configuration is necessary when you're running your databases at scale.
Learn best practices for Linux performance tuning for MariaDB/MySQL (where MyISAM uses the operating system cache, and InnoDB maintains its own aggressive buffer pool), as well as PostgreSQL and MongoDB (more dependent on the operating system). Topics that will be covered include: filesystems, swap and memory management, I/O scheduler settings, using and understanding the tools available (like iostat/vmstat/etc), practical kernel configuration, profiling your database, and using RAID and LVM.
There is a focus on bare metal as well as configuring your cloud instances in.
Learn from practical examples from the trenches.
Similar to Apache Performance Tuning: Scaling Up (20)
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
2. http://httpd.apache.org/docs/1.3/misc/perf-tuning.html
says:
“Apache is a general webserver, which is designed to be correct
first, and fast second. Even so, its performance is quite
satisfactory. Most sites have less than 10Mbits of outgoing
bandwidth, which Apache can fill using only a low end Pentium-
based webserver.”
2
7. No Silver Bullet
• Every site is different
– Dynamic Content
– Static Content
• Different Traffic Patterns
• SSL or Plaintext
• No Cookie Cutter Approach
7
8. Performance Tuning
• Ready
• Aim
• Fire
• Aim some more
• Understand
• Aim even more
• Fire
8
9. In practice
• Setup for analysis
• Monitor and analyse
• Tune configuration
• Lather, rinse, repeat
9
15. Web Server Logs
• ErrorLog
– LogLevel:
debug, info, notice, warn, error, crit
• Access Log: TransferLog or
CustomLog
– Common Log Format
16
16. Combined Log Format
222.127.111.234 - - [09/Apr/2008:07:46:54 +0000] "GET /sander/SanderMugshot2.jpg
HTTP/1.1" 200 22992 "http://people.apache.org/gallery.html" "Mozilla/5.0 (Windows; U;
Windows NT 5.1; en-US; rv:1.8.1.13) Gecko/20080311 Firefox/2.0.0.13"
Client IP 222.127.111.234
RFC 1413 ident -
username -
timestamp [09/Apr/2008:07:46:54 +0000]
Request "GET /sander/SanderMugshot2.jpg HTTP/1.1"
Status Code 200
Content Bytes 22992
Referer "http://people.apache.org/gallery.html"
User-Agent "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
rv:1.8.1.13) Gecko/20080311 Firefox/2.0.0.13"
"%h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i""
17
17. Log Analysis
• Analyse Apache log files
• Periodically run vmstat, iostat
– Set up a script
• Watch for Trends
– Tells you when to buy new kit
• Watch for Peaks
– And how your system behaves
18
22. .htaccess Files
• Per-directory configuration files
• Accessed for every request
• Best performance: AllowOverride
none
GET /dir1/dir2/restricted.html HTTP/1.0
23
23. MaxClients
• Configuration file directive
• Maximum number of workers
• Apache 1.3, 2 Prefork: processes
• Apache 2 Worker: threads *
processes
• Limit according to resources
(memory, CPU)
24
24. Server-side Includes
• We Love Them!
– Easy to implement
– Easy to manage
• We Hate Them!
– They break sendfile()
– They may break cacheability
• X-bit hack
25
25. The X-Bit Hack
• Directive: XBitHack on|off|full
– Default: off
• On:
– Every text/html document that has User
Execute bit set is parsed
• Full:
– If Group Execute bit is set, send Last-
Modified of file on disk
26
26. Sizing MaxClients
• Take total RAM
• Subtract OS allowance
– look at free value without Apache, etc.
• Subtract external program allowance
– JVM, cgi programs, MySQL?
• Divide by httpd process size
– Read process size from top
27
28. Selecting Your MPM
• Processes and Threads
• Differences between platforms
• Thread-safety issues
29
29. Processes and Threads
• Process:
– Own copy of data structures
– Shares: program code, shared memory
– Context switches expensive
• Thread:
– Runs within process
– Shares process environment
– No context switch
30
30. Platforms and Threading
• Context switches expensive on Solaris, AIX
• Context switches cheaper on Linux
• Solaris uses M:N threading
• Linux uses 1 process per thread
31
31. Thread-safety
• Third-party modules and libraries
– mod_perl: experimental threading in Perl
5.6; more mature in Perl 5.8
– PHP: uses many third-party libraries
• FreeBSD: threading not reliable until
5.x
– Apache 2.2 Worker MPM runs on
FreeBSD
32
32. Tune your App Tier
• Tomcat
– Edit server.xml, tune
minProcessors, maxProcessors
– Use APR -> Persistent connections
– Tune JVM (Heap, Garbage Collection)
• MySQL
– Ships with various scenarios in support-files:
• my-{small,medium,large,huge}.conf
– PHP & prefork: every child makes a connection
– Tune max_connections variable in my.cnf
33
33. System Tuning Tips
• RAM and swap space
• ulimit: files and processes
• Turn off unused services and
modules
34
34. RAM and Swap
• Swap is disk-based Extension of RAM
• Excessive swapping kills performance
• Tune MaxClients
• Never have more memory than swap
– Upgrade RAM -> add more swap space
35
35. ulimit
• Per-process resource limits
• Built-in command of sh, bash
• Important limits:
– processes (-u)
– open files (-n)
• Set in invoking shell
• Code in Apache 2 startup script
– ulimit -S -n `ulimit -H -n`
• Linux: /etc/security/limits.conf
36
36. SSL Performance
• SSL Processing: a Perfect Storm
– Crypto is hard
– Multi-stage handshake
– Copying and rebuffering
• Effects in many spots
– CPU load
– Network latency
– I/O Contention
37
37. SSL Performance Tips
• Add more servers
• Re-use SSL Sessions
– “Sticky” load balancing
• Have Load Balancer process SSL
– Plaintext to web servers
• Use accelerator card
38
38. Caching Content
• Dynamic Content is Expensive
• Static Content Relatively Cheap
• Several Approaches:
– Dynamic caching
– Pre-rendering popular pages
(index.rss…)
39
39. mod_cache Configuration
<IfModule mod_cache.c>
<IfModule mod_disk_cache.c>
CacheRoot /raid1/cacheroot
CacheEnable disk /
# A page modified 100 min. ago will expire in 10 min.
CacheLastModifiedFactor .1
# Always check again after 6 hours
CacheMaxExpire 21600
</IfModule>
</IfModule>
40
40. Make Popular Pages Static
• RSS Feeds
• Popular catalog queries
• … (Check your access log)
41
41. Static Page Substitution
<Directory "/home/sctemme/inst/blog/httpd/htdocs">
Options +Indexes
Order allow,deny
Allow from all
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ /cgi-bin/blosxom.cgi/$1 [L,QSA]
</Directory>
42
42. Tips
• Observe Before You Act
• Act on Monitoring Results
• Don’t Overload Your System
43