Server as the core of the information systems in today's business operations playing a pivotal role, data storage on server is becoming the lifeline to maintain the normal operation of the millions of businesses and organizations. Correct choice of independent control of the server or cluster systems and storage devices can improve system performance and operational capabilities. The user request rate and response time of business server data storage system are dependent on the selection of the storage devices. These devices can greatly affect system performance. To effectively protect data and give linear performance for iSCSI initiator, it is required to modify the iSCSI target driver to provide Gluster file system backend storage as distributed block device. This paper aims at discussing ways of modifying iSCSI Target (ISTGT) driver to support Gluster file system.
Introduction of mesos persistent storageZhou Weitao
1. How to run stateful service against current Mesos-0.22
2. Disk isolation and monitoring
3. Persistent Volumes
4. Dynamic Reservations
5. What we can contribute for Mesos persistent storage
Mesos - A Platform for Fine-Grained Resource Sharing in the Data CenterAnkur Chauhan
Papers we Love @ Seattle, 08/14/2015
Abstract
We present Mesos, a platform for sharing commodity clusters between multiple diverse cluster computing frameworks, such as Hadoop and MPI. Sharing improves cluster utilization and avoids per-framework data replication. Mesos shares resources in a fine-grained manner, allowing frameworks to achieve data locality by taking turns reading data stored on each machine. To support the sophisticated schedulers of today's frameworks, Mesos introduces a distributed two-level scheduling mechanism called resource offers. Mesos decides how many resources to offer each framework, while frameworks decide which resources to accept and which computations to run on them. Our results show that Mesos can achieve near-optimal data locality when sharing the cluster among diverse frameworks, can scale to 50,000 (emulated) nodes, and is resilient to failures.
Server as the core of the information systems in today's business operations playing a pivotal role, data storage on server is becoming the lifeline to maintain the normal operation of the millions of businesses and organizations. Correct choice of independent control of the server or cluster systems and storage devices can improve system performance and operational capabilities. The user request rate and response time of business server data storage system are dependent on the selection of the storage devices. These devices can greatly affect system performance. To effectively protect data and give linear performance for iSCSI initiator, it is required to modify the iSCSI target driver to provide Gluster file system backend storage as distributed block device. This paper aims at discussing ways of modifying iSCSI Target (ISTGT) driver to support Gluster file system.
Introduction of mesos persistent storageZhou Weitao
1. How to run stateful service against current Mesos-0.22
2. Disk isolation and monitoring
3. Persistent Volumes
4. Dynamic Reservations
5. What we can contribute for Mesos persistent storage
Mesos - A Platform for Fine-Grained Resource Sharing in the Data CenterAnkur Chauhan
Papers we Love @ Seattle, 08/14/2015
Abstract
We present Mesos, a platform for sharing commodity clusters between multiple diverse cluster computing frameworks, such as Hadoop and MPI. Sharing improves cluster utilization and avoids per-framework data replication. Mesos shares resources in a fine-grained manner, allowing frameworks to achieve data locality by taking turns reading data stored on each machine. To support the sophisticated schedulers of today's frameworks, Mesos introduces a distributed two-level scheduling mechanism called resource offers. Mesos decides how many resources to offer each framework, while frameworks decide which resources to accept and which computations to run on them. Our results show that Mesos can achieve near-optimal data locality when sharing the cluster among diverse frameworks, can scale to 50,000 (emulated) nodes, and is resilient to failures.
Understanding blue store, Ceph's new storage backend - Tim Serong, SUSEOpenStack
Audience Level
Intermediate
Synopsis
Ceph – the most popular storage solution for OpenStack – stores all data as a collection of objects. This object store was originally implemented on top of a POSIX filesystem, an approach that turned out to have a number of problems, notably with performance and complexity.
BlueStore, a new storage backend for Ceph, was created to solve these issues; the Ceph Jewel release included an early prototype. The code and on-disk format were declared stable (but experimental) for Ceph Kraken, and now in the upcoming Ceph Luminous release, BlueStore will be the recommended default storage backend.
With a 2-3x performance boost, you’ll want to look at migrating your Ceph clusters to BlueStore. This talk goes into detail about what BlueStore does, the problems it solves, and what you need to do to use it.
Speaker Bio:
Tim works for SUSE, hacking on Ceph and related technologies. He has spoken often about distributed storage and high availability at conferences such as linux.conf.au. In his spare time he wrangles pigs, chickens, sheep and ducks, and was declared by one colleague “teammate most likely to survive the zombie apocalypse”.
OSDC 2012 | Extremes Wolken Dateisystem!? by Dr. Udo SeidelNETWAYS
So-Called shared file systems have been known in the Unix / Linux-environment for a long time. The network-based and cluster data systems are thereby almost an old hat. The project XtreemFS– a part of the grid operating system XtreemOS – is a quite new but budded alternative in this field. The current version finally has some important features and is worth taking a closer look.
This presentation gives an insight into the data systems approaches, explains the architecture and describes the first steps of a XtreemFS-Cluster set-up.
CRUSH is the powerful, highly configurable algorithm Red Hat Ceph Storage uses to determine how data is stored across the many servers in a cluster. A healthy Red Hat Ceph Storage deployment depends on a properly configured CRUSH map. In this session, we will review the Red Hat Ceph Storage architecture and explain the purpose of CRUSH. Using example CRUSH maps, we will show you what works and what does not, and explain why.
Presented at Red Hat Summit 2016-06-29.
Ceph BlueStore - новый тип хранилища в Ceph / Максим Воронцов, (Redsys)Ontico
- Что такое SDS (общие места для (почти) всех решений — масштабирование, абстрагирование от аппаратных ресурсов, управление с помощью политик, кластерные ФС);
- Почему мы решили использовать SDS (нужно было объектное хранилище);
- Почему решили использовать именно Ceph, а не другие открытые (GlusterFS, Swift...) или проприетарные (IBM Elastic Storage, Huawei OceanStor) решения;
- Что еще умеет Ceph, кроме object storage (RBD, CephFS);
- Как работает Ceph (со стороны сервера);
- Что нового дает BlueStore по сравнению с классическим (поверх ФС);
- Сравнение производительности (метрики тестов);
- BlueStore — все еще tech preview;
- Заключение. Ссылки, литература.
Vibrant Technologies is headquarted in Mumbai,India.We are the best Oracle training provider in Navi Mumbai who provides Live Projects to students.We provide Corporate Training also.We are Best Oracle classes in Mumbai according to our students and corporators
BITS: Introduction to MySQL - Introduction and InstallationBITS
BITS: Introduction to relational databases and MySQL - Module 1: Introduction and Installation
See
http://www.bits.vib.be/index.php?option=com_content&view=article&id=17204047:green-basics-of-databases&catid=81:training-pages&Itemid=190
JCache (JSR107) - QCon London 2015 & JBCNConf Barcelona 2015David Brimley
JCache provides a standard caching interface for Java applications which caching vendors implement. At the time of this talk, 4 vendors support the standard with more coming, they are, Oracle Coherence, Hazelcast, Infinispan and EHCache.
Dilkash Shaikh Mahajan | Node. js is a platform built on Chrome's JavaScript runtime for easily building fast and scalable network applications. Node. js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices.
Understanding and tuning WiredTiger, the new high performance database engine...Ontico
MongoDB 3.0 introduced the concept of different storage engine. The new engine known as WiredTiger introduces document level MVCC locking, compression and a choice between Btree or LSM indexes. In this talk you will learn about the storage engine architecture and specifically WiredTiger, and how to tune and monitor it for best performance.
MongoDB 3.0 представил новый концепт движков хранения. Новый движок известен как WiredTiger и предоставляет новый уровень документов MVCC фикс, компрессию и выбор между Btree или индексами LSM. В этом докладе вы поймете, как тюнить и мониторить архитектуры движка базы данных, а точнее WiredTiger для получения максимальной производительности.
Understanding blue store, Ceph's new storage backend - Tim Serong, SUSEOpenStack
Audience Level
Intermediate
Synopsis
Ceph – the most popular storage solution for OpenStack – stores all data as a collection of objects. This object store was originally implemented on top of a POSIX filesystem, an approach that turned out to have a number of problems, notably with performance and complexity.
BlueStore, a new storage backend for Ceph, was created to solve these issues; the Ceph Jewel release included an early prototype. The code and on-disk format were declared stable (but experimental) for Ceph Kraken, and now in the upcoming Ceph Luminous release, BlueStore will be the recommended default storage backend.
With a 2-3x performance boost, you’ll want to look at migrating your Ceph clusters to BlueStore. This talk goes into detail about what BlueStore does, the problems it solves, and what you need to do to use it.
Speaker Bio:
Tim works for SUSE, hacking on Ceph and related technologies. He has spoken often about distributed storage and high availability at conferences such as linux.conf.au. In his spare time he wrangles pigs, chickens, sheep and ducks, and was declared by one colleague “teammate most likely to survive the zombie apocalypse”.
OSDC 2012 | Extremes Wolken Dateisystem!? by Dr. Udo SeidelNETWAYS
So-Called shared file systems have been known in the Unix / Linux-environment for a long time. The network-based and cluster data systems are thereby almost an old hat. The project XtreemFS– a part of the grid operating system XtreemOS – is a quite new but budded alternative in this field. The current version finally has some important features and is worth taking a closer look.
This presentation gives an insight into the data systems approaches, explains the architecture and describes the first steps of a XtreemFS-Cluster set-up.
CRUSH is the powerful, highly configurable algorithm Red Hat Ceph Storage uses to determine how data is stored across the many servers in a cluster. A healthy Red Hat Ceph Storage deployment depends on a properly configured CRUSH map. In this session, we will review the Red Hat Ceph Storage architecture and explain the purpose of CRUSH. Using example CRUSH maps, we will show you what works and what does not, and explain why.
Presented at Red Hat Summit 2016-06-29.
Ceph BlueStore - новый тип хранилища в Ceph / Максим Воронцов, (Redsys)Ontico
- Что такое SDS (общие места для (почти) всех решений — масштабирование, абстрагирование от аппаратных ресурсов, управление с помощью политик, кластерные ФС);
- Почему мы решили использовать SDS (нужно было объектное хранилище);
- Почему решили использовать именно Ceph, а не другие открытые (GlusterFS, Swift...) или проприетарные (IBM Elastic Storage, Huawei OceanStor) решения;
- Что еще умеет Ceph, кроме object storage (RBD, CephFS);
- Как работает Ceph (со стороны сервера);
- Что нового дает BlueStore по сравнению с классическим (поверх ФС);
- Сравнение производительности (метрики тестов);
- BlueStore — все еще tech preview;
- Заключение. Ссылки, литература.
Vibrant Technologies is headquarted in Mumbai,India.We are the best Oracle training provider in Navi Mumbai who provides Live Projects to students.We provide Corporate Training also.We are Best Oracle classes in Mumbai according to our students and corporators
BITS: Introduction to MySQL - Introduction and InstallationBITS
BITS: Introduction to relational databases and MySQL - Module 1: Introduction and Installation
See
http://www.bits.vib.be/index.php?option=com_content&view=article&id=17204047:green-basics-of-databases&catid=81:training-pages&Itemid=190
JCache (JSR107) - QCon London 2015 & JBCNConf Barcelona 2015David Brimley
JCache provides a standard caching interface for Java applications which caching vendors implement. At the time of this talk, 4 vendors support the standard with more coming, they are, Oracle Coherence, Hazelcast, Infinispan and EHCache.
Dilkash Shaikh Mahajan | Node. js is a platform built on Chrome's JavaScript runtime for easily building fast and scalable network applications. Node. js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices.
Understanding and tuning WiredTiger, the new high performance database engine...Ontico
MongoDB 3.0 introduced the concept of different storage engine. The new engine known as WiredTiger introduces document level MVCC locking, compression and a choice between Btree or LSM indexes. In this talk you will learn about the storage engine architecture and specifically WiredTiger, and how to tune and monitor it for best performance.
MongoDB 3.0 представил новый концепт движков хранения. Новый движок известен как WiredTiger и предоставляет новый уровень документов MVCC фикс, компрессию и выбор между Btree или индексами LSM. В этом докладе вы поймете, как тюнить и мониторить архитектуры движка базы данных, а точнее WiredTiger для получения максимальной производительности.
The 3.0 release of the Maginatics Cloud Storage Platform (MCSP) includes great improvements in Data Protection, Multi-tier Caching and APIs, as well as other significant new features that make Maginatics the ideal choice for enterprise businesses with demanding storage requirements.
Planning For High Performance Web ApplicationYue Tian
This slide is prepared for Beijing Open Party (a monthly unconference in Beijing China). And it's covered some important points when you are building a scalable web sites. And few page of this slide is in Chinese.
Présentation de la suite ELK dans un contexte SIEM et zoom sur Wazuh (OSSEC) , IDS open source
Venez découvrir comment être proactif face aux problèmes de cyber sécurité en analysant les données fournies par vos équipements et applications critiques.
This session shows an overview of the features and architecture of SQL Server on Linux and Containers. It covers install, config, performance, security, HADR, Docker containers, and tools. Find the demos on http://aka.ms/bobwardms
This is a presentation I delivered at CodeMash 2.0.1.0 dealing with lessons learned while building an application for handling the post-processing of scientific data using the Windows Azure platform.
Magento Imagine eCommerce Conference February 2011: Optimizing Magento For Pe...varien
This presentation was the basis for a panel discussion about how to optimize Magento for maximum performance. The panel was part of the Day 1 technical breakout sessions during Magento's Imagine eCommerce Conference, held February 7-9, 2011 in Los Angeles.
This reference architecture is based on real-world test scenarios, user workloads, and infrastructure system configurations. It combines the technologies of existing available resources with software to produce a highly efficient, robust, and scalable Server hosted for 1,000 users.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...Neo4j
Leonard Jayamohan, Partner & Generative AI Lead, Deloitte
This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Securing your Kubernetes cluster_ a step-by-step guide to success !
Scalable Web Solutions - Use Case: Regulatory Reform In Vietnam On eZ Publish CMS
1. Scalable web solutions:Use case: Regulatory reform in Vietnam on eZ Publish CMS Ivo Lukač www.netgen.hr feat. www.infomar.hr
2. Regulatory reform in Vietnam Finding procedures fast for public users Project by Vietnam goverment with foreign advisers, consultant & know-how Sense Consulting, Zagreb part of international team Netgen responsabilities: Information architecture Implementation Infomar responsabilities: Infrastructure architecture Installation, security, performance
3.
4.
5. Starting point in use case Main parameters 125 000 dossiers with additional data, 300 000 objects overall Tree structure based on task forces, lot of object relations Concurrent 80 editors in peaks 200GB of data & cache on disk, 4 million files 40GB data in database Usefull and fast search
6. Infrastructure Number of servers per task Data storage Services (apache, mysql, varnish, eZ) Clustering Redundance Loadbalancing Easy monitoring
7. Architecture overview (basic) Reverse proxy (Varnish) Web servers (eZ Publish, PHP5, apache2) DB server (mysql5) Search server (solr)
8. Infrastructure in use case 8 servers on disposition SAN iscsi + Oracle Cluster FS2 2 varnish, 3 web servers, 2 database servers, 1 search server Redundant varnish in failover mode Redundant web server monitored and balanced by varnish Mysql master – slave replication
9. System considerations (1) iSCSI SAN: Cheaper option, Middle range performance ~1000 IOPS max, realno 500 IOPS (RAID5 10krpm SAS) RAID1 – for MySQL RAID5 – for files Scalability possiblities: using more chasis, flashcopies, more controlers, more disks, transfrmation to RAID10
10. System considerations (2) Mimized writing (in application) To reduce cluster-wise flock() calls, use Memcached or similar Minimize HTTP calls to beckend servers Use Varnish HTTP reverse proxy Maximize CMS caching Consider authenticated users and sessions (ESI) Varnish Cache ratio should be 80% at least
11. Architecture overview (current) Reverse proxy 2 (Varnish) Reverse proxy 1 (Varnish) Web server 1 (eZ Publish, PHP5, apache2) Web server 2 (eZ Publish, PHP5, apache2) Web server 3 (eZ Publish, PHP5, apache2) DB server master (mysql5) DB server slave (mysql5) Search server (solr)
12. System implementation (1) HTTP reverse proxy-cachevi (Varnish): DNS RR + HA IP cluster: automatic IP migration Random load-balancing with is_alive anti-DoS iSCSI (Open-iSCSI) on SAN: IBM DS3300 as entry-level SAN iSCSI model iSCSI+ multipathing + OCFS2(Web) / Ext3 (SQL) 500-600IOPS
13. System implementation (2) Web servers: cluster-aware OCFS2 with no additional cluster services Independent! Easier maintenance, easier scalability SQL servers: Ext3 Problems with replication Not so easy to scale, but not the bottleneck For future: multimaster, SQL proxy, IPVS, etc.
15. Application implementation Information structure in eZ Publish Hierarchy, relations, attributes Interface in regard to different types of caching (view, block, static, ESI) Search (ezfind / lucene / solr)
16. Implementation in use case (1) Based on tree structure with objects of different classes (class -> set of attributes) Relations between dossier objects heavily used Caching: Template cache Cache blocks View cache Static cache ESI (in future)
17. Implementation in use case (2) Ajax based functions Search suggestions Tree browse (not used yet) Search – eZFind extension: Based on Solr/Lucene Results ranking based on relevance Filtering Faceting (not used yet) Extremely fast
19. Bad experiences (1) MySQL 5.0: usual SBR replication #FAIL Non consistent replication. Rollback? MySQL 5.1: OOPS onmaster server (andreboot): slave server cannot continue replication from impossible position... Need to monitor replication trough ZenOSS Debian Lenny kernels: OOPS can happen Unstable kernels moduls: GFS, GFS2
20. Bad experiences (2) Debian RHCS: Old packages2 No active Debian maintainer won’t fix bugs Hard to maintain (umount problems, etc.) uzrokuje razne popratne pojave: nemogućnost umounta GFS, čistog reboota stroja... GFS i GFS2: Slow, unstable, bad scalability GFS2: OOPS on all nodes after 5 hours of testing GFS: decreasing performance over time
21. Advices Use OCFS2 – neglible problems comparing to GFS Optimize caching on all levels Minimize writes to database and disk Use ESI to utilize Varnish for authenticated users Use Solr for reading and searching Make AJAX features