Oscon 2011 - ATS

4,727 views

Published on

Published in: Technology
1 Comment
4 Likes
Statistics
Notes
No Downloads
Views
Total views
4,727
On SlideShare
0
From Embeds
0
Number of Embeds
482
Actions
Shares
0
Downloads
95
Comments
1
Likes
4
Embeds 0
No embeds

No notes for slide
  • The point here is that performance of modern proxy servers is already ridiculous. Other things are more important, such as latency, or features.
  • The point here is that performance of modern proxy servers is already ridiculous. Other things are more important, such as latency, or features.
  • Could use DNS, or UCARP, or other router logic at the SLB layer – heck, even ATS on top of ATS is useful
  • Binary packages preferredFetch source from trafficserver.apache.orgStandard gnu configure build process (./configure && make && sudo make install)Default configuration is as a reverse proxy, with no remap rules. This renders it completely useless, and that’s intentional.
  • Traffic Server comes with a fairly large number of configuration files. Most of the configurations have reasonable “defaults”. Most applications wouldn’t use even a fraction of the available configuration options and features.
  • Getting started, only two or maybe three configuration files are necessary to tweak. records.config is a key-value configuration format, holding most global application configuration settings storage.config is used to specify disk storage configurations remap.config is used to specify mapping rules for rewriting requests, typically in a reverse proxy setup
  • Note that order matters in remap.config, and it’s currently (and unfortunately) not particularly logical.Caveat: different mapping types have different priorities“map” happens before “redirect” for example, which is rather unfortunate (and we’ll take patches to fix this)
  • Many, many configuration options for custom log formats, we’ll discuss a few
  • Many, many configuration options for custom log formats, we’ll discuss a few
  • Many, many configuration options for custom log formats, we’ll discuss a few
  • Oscon 2011 - ATS

    1. 1. Deploying Apache Traffic Server<br />Leif Hedstrom<br />@zwoop<br />+lhedstrom<br />
    2. 2. Who am I?<br /><ul><li>Principal Architect at Akamai Technologies
    3. 3. Spending much of my time on Apache Traffic Server, and how it can best integrate with our Ghost infrastructure and services
    4. 4. Several projects at Akamai are made possible with Traffic Server</li></ul>lhedstro@akamai.com<br />
    5. 5. Who am I?<br /><ul><li>One of the principals behind open sourcing Traffic Server
    6. 6. Committer for Apache Traffic Server
    7. 7. VP of Apache Traffic Server PMC
    8. 8. ASF member</li></ul>zwoop@apache.org<br />
    9. 9. Agenda<br /> Types of proxies<br />Building and installation<br /><ul><li>Configuration files – or – OMFG, why so many configurations?!?
    10. 10. Detailed configurations
    11. 11. Static Content (forward proxying)
    12. 12. Forward and transparent proxy
    13. 13. Advanced features
    14. 14. Cache, clustering, monitoring etc.</li></li></ul><li>Brief history and introduction<br />
    15. 15. Mandatory useless benchmark …<br />
    16. 16. Mandatory less useless benchmark …<br />
    17. 17. Intermediaries – Forward Proxy<br />
    18. 18. Intermediaries – Reverse Proxy<br />
    19. 19. Intermediaries – Intercepting (transparent) Proxy<br />
    20. 20. Small deployment<br />
    21. 21. Large deployments<br />
    22. 22. Installation or Building<br />
    23. 23. Running it<br /><ul><li>Recommended way</li></ul> $ sudotrafficserver start<br /> $ sudotrafficserver stop<br /><ul><li>“Manual” way</li></ul> $ sudotraffic_cop<br /><ul><li>For testing purposes</li></ul> $ sudotraffic_server [-T http.*]<br /><ul><li>For debugging</li></ul> $ sudogdbtraffic_server<br /> (gdb) handle SIGPIPE nopassnostopnoprint<br /> (gdb) run<br />(or attach to running traffic_server process)<br />
    24. 24. Running it<br /><ul><li>Recommended way</li></ul>$ sudotrafficserver start<br /> $ sudotrafficserver stop<br /><ul><li>“Manual” way</li></ul> $ sudotraffic_cop<br /><ul><li>For testing purposes</li></ul> $ sudotraffic_server [-T http.*]<br /><ul><li>For debugging</li></ul> $ sudogdbtraffic_server<br /> (gdb) handle SIGPIPE nopassnostopnoprint<br /> (gdb) run<br />(or attach to running traffic_server process)<br />
    25. 25. Running it<br /><ul><li>Recommended way</li></ul> $ sudotrafficserver start<br /> $ sudotrafficserver stop<br /><ul><li>“Manual” way</li></ul> $ sudotraffic_cop<br /><ul><li>For testing purposes</li></ul> $ sudotraffic_server [-T http.*]<br /><ul><li>For debugging</li></ul> $ sudogdbtraffic_server<br /> (gdb) handle SIGPIPE nopassnostopnoprint<br /> (gdb) run<br />(or attach to running traffic_server process)<br />
    26. 26. Running it<br /><ul><li>Recommended way</li></ul> $ sudotrafficserver start<br /> $ sudotrafficserver stop<br /><ul><li>“Manual” way</li></ul> $ sudotraffic_cop<br /><ul><li>For testing purposes</li></ul> $ sudotraffic_server [-T http.*]<br /><ul><li>For debugging</li></ul> $ sudogdbtraffic_server<br /> (gdb) handle SIGPIPE nopassnostopnoprint<br /> (gdb) run<br />(or attach to running traffic_server process)<br />
    27. 27. Running it<br /><ul><li>Recommended way</li></ul> $ sudotrafficserver start<br /> $ sudotrafficserver stop<br /><ul><li>“Manual” way</li></ul> $ sudotraffic_cop<br /><ul><li>For testing purposes</li></ul> $ sudotraffic_server [-T http.*]<br /><ul><li>For debugging</li></ul>$ sudogdbtraffic_server<br /> (gdb) handle SIGPIPE nopassnostopnoprint<br /> (gdb) run<br />(or attach to running traffic_server process)<br />
    28. 28. plugin.config<br />records.config<br />partition.config<br />hosting.config<br />cache.config<br />update.config<br />ip_allow.config<br />storage.config<br />logs_xml.config<br />parent.config<br />remap.config<br />icp.config<br />
    29. 29. records.config<br />storage.config<br />remap.config<br />
    30. 30. remap.config<br /><ul><li>This is the primary tool to “rewrite” URLs
    31. 31. Typically used with reverse proxying, but can be used in forward proxy as well.
    32. 32. E.g. remap all traffic for http://twitter.com to https://twitter.com
    33. 33. Change can almost always be reloaded without server restart, except when a plugin changes.</li></ul> $ sudotraffic_line –x<br /><ul><li>Order matters! First match wins.</li></li></ul><li>remap.config examples<br />map http://www.example.com/css http://css.example.com<br />map http://www.example.com http://real.example.com<br />reverse_map http://real.example.com http://www.example.com<br />redirect http://example.com http://www.example.com<br />regex_map http://(.*).example.com http://other.example.com/$1<br />map / http://kitchensink.example.com<br />
    34. 34. remap.config examples<br />map http://www.example.com/css http://css.example.com<br />map http://www.example.com http://real.example.com<br />reverse_map http://real.example.com http://www.example.com<br />redirect http://example.com http://www.example.com<br />regex_map http://(.*).example.com http://other.example.com/$1<br />map / http://kitchensink.example.com<br />
    35. 35. remap.config examples<br />map http://www.example.com/css http://css.example.com<br />map http://www.example.com http://real.example.com<br />reverse_map http://real.example.com http://www.example.com<br />redirect http://example.com http://www.example.com<br />regex_map http://(.*).example.com http://other.example.com/$1<br />map / http://kitchensink.example.com<br />
    36. 36. remap.config examples<br />map http://www.example.com/css http://css.example.com<br />map http://www.example.com http://real.example.com<br />reverse_map http://real.example.com http://www.example.com<br />redirect http://example.com http://www.example.com<br />regex_map http://(.*).example.com http://other.example.com/$1<br />map / http://kitchensink.example.com<br />
    37. 37. remap.config examples<br />map http://www.example.com/css http://css.example.com<br />map http://www.example.com http://real.example.com<br />reverse_map http://real.example.com http://www.example.com<br />redirect http://example.com http://www.example.com<br />regex_map http://(.*).example.com http://other.example.com/$1<br />map / http://kitchensink.example.com<br />
    38. 38. storage.config<br /><ul><li>Configures disk storage.
    39. 39. At least one disk (or “file”) required for any caching to happen
    40. 40. Recommended usage is to use the raw devices</li></ul>/dev/sde1<br />/dev/sdf<br /><ul><li>Can also create a cache file on file system, but not as efficient</li></ul>/some/path/ts-cache 1GB<br /><ul><li>RAM cache is configured separately, using records.config
    41. 41. Tiered caches coming (e.g. SSD disks on top of rotational disks)</li></li></ul><li>records.config<br /><ul><li>Key-value configurations
    42. 42. Common configurations are in default config file
    43. 43. There are many more configurations available
    44. 44. The defaults are generally “good”
    45. 45. Default configurations are for a reverse proxy, aka “accelerator”. This requires at a minimum configuration changes to remap.config
    46. 46. Many configurations (but not all) can be reloaded without restart</li></ul> $ sudotraffic_line -x<br />
    47. 47. records.config for reverse proxy<br />CONFIG proxy.config.http.server_port INT 80<br />CONFIG proxy.config.cache.ram_cache.size INT 1G<br />CONFIG proxy.config.cache.ram_cache_cutoff INT 1M<br />CONFIG proxy.config.reverse_proxy.enabled INT 1<br />CONFIG proxy.config.url_remap.remap_required INT 1<br />CONFIG proxy.config.url_remap.pristine_host_hdr INT 0<br />CONFIG proxy.config.http.negative_caching_enabled INT 1<br />CONFIG proxy.config.http.negative_caching_lifetime INT 120<br />CONFIG proxy.config.http.cache.ignore_client_cc_max_age INT 1<br />CONFIG proxy.config.http.normalize_ae_gzip INT 1<br />
    48. 48. records.config for reverse proxy<br />CONFIG proxy.config.http.server_port INT 80<br />CONFIG proxy.config.cache.ram_cache.size INT 1G<br />CONFIG proxy.config.cache.ram_cache_cutoff INT 1M<br />CONFIG proxy.config.reverse_proxy.enabled INT 1<br />CONFIG proxy.config.url_remap.remap_required INT 1<br />CONFIG proxy.config.url_remap.pristine_host_hdr INT 0<br />CONFIG proxy.config.http.negative_caching_enabled INT 1<br />CONFIG proxy.config.http.negative_caching_lifetime INT 120<br />CONFIG proxy.config.http.cache.ignore_client_cc_max_age INT 1<br />CONFIG proxy.config.http.normalize_ae_gzip INT 1<br />
    49. 49. records.config for reverse proxy<br />CONFIG proxy.config.http.server_port INT 80<br />CONFIG proxy.config.cache.ram_cache.size INT 1G<br />CONFIG proxy.config.cache.ram_cache_cutoff INT 1M<br />CONFIG proxy.config.reverse_proxy.enabled INT 1<br />CONFIG proxy.config.url_remap.remap_required INT 1<br />CONFIG proxy.config.url_remap.pristine_host_hdr INT 0<br />CONFIG proxy.config.http.negative_caching_enabled INT 1<br />CONFIG proxy.config.http.negative_caching_lifetime INT 120<br />CONFIG proxy.config.http.cache.ignore_client_cc_max_age INT 1<br />CONFIG proxy.config.http.normalize_ae_gzip INT 1<br />
    50. 50. records.config for forward proxy<br />CONFIG proxy.config.cache.ram_cache.size INT 16G<br />CONFIG proxy.config.url_remap.remap_required INT 0<br />CONFIG proxy.config.reverse_proxy.enabled INT 0<br />CONFIG proxy.config.http.transaction_active_timeout_in INT 1800<br />CONFIG proxy.config.http.normalize_ae_gzip INT 1<br />CONFIG proxy.config.dns.dedicated_thread INT 1<br />(transparent proxy would be very similar)<br />
    51. 51. records.config for forward proxy<br />CONFIG proxy.config.cache.ram_cache.size INT 16G<br />CONFIG proxy.config.url_remap.remap_required INT 0<br />CONFIG proxy.config.reverse_proxy.enabled INT 0<br />CONFIG proxy.config.http.transaction_active_timeout_in INT 1800<br />CONFIG proxy.config.http.normalize_ae_gzip INT 1<br />CONFIG proxy.config.dns.dedicated_thread INT 1<br />(transparent proxy would be very similar)<br />
    52. 52. Testing and debugging configurations<br /><ul><li>Headers
    53. 53. proxy.config.http.insert_request_via_str
    54. 54. proxy.config.http.insert_response_via_str
    55. 55. proxy.config.http.verbose_via_str
    56. 56. Tracers (very, very slow)
    57. 57. proxy.config.diags.debug.enabled
    58. 58. proxy.config.diags.debug.tags (e.g. http.*|dns)
    59. 59. Other
    60. 60. proxy.config.dump_mem_info_frequency
    61. 61. proxy.config.http.slow.log.threshold</li></li></ul><li>Testing and debugging configurations<br /><ul><li>Headers
    62. 62. proxy.config.http.insert_request_via_str
    63. 63. proxy.config.http.insert_response_via_str
    64. 64. proxy.config.http.verbose_via_str
    65. 65. Tracers (very, very slow)
    66. 66. proxy.config.diags.debug.enabled
    67. 67. proxy.config.diags.debug.tags (e.g. http.*|dns)
    68. 68. Other
    69. 69. proxy.config.dump_mem_info_frequency
    70. 70. proxy.config.http.slow.log.threshold</li></li></ul><li>Testing and debugging configurations<br /><ul><li>Headers
    71. 71. proxy.config.http.insert_request_via_str
    72. 72. proxy.config.http.insert_response_via_str
    73. 73. proxy.config.http.verbose_via_str
    74. 74. Tracers (very, very slow)
    75. 75. proxy.config.diags.debug.enabled
    76. 76. proxy.config.diags.debug.tags (e.g. http.*|dns)
    77. 77. Other
    78. 78. proxy.config.dump_mem_info_frequency
    79. 79. proxy.config.http.slow.log.threshold</li></li></ul><li>Testing and debugging configurations<br /><ul><li>Headers
    80. 80. proxy.config.http.insert_request_via_str
    81. 81. proxy.config.http.insert_response_via_str
    82. 82. proxy.config.http.verbose_via_str
    83. 83. Tracers (very, very slow)
    84. 84. proxy.config.diags.debug.enabled
    85. 85. proxy.config.diags.debug.tags (e.g. http.*|dns)
    86. 86. Other
    87. 87. proxy.config.dump_mem_info_frequency
    88. 88. proxy.config.http.slow.log.threshold</li></li></ul><li>Power user tip<br /><ul><li>Debugging a request the “easy” way
    89. 89. First, make sure ATS is down (trafficserver stop)
    90. 90. Now start it from command line, using</li></ul> $ sudotraffic_server –T http.*<br /><ul><li>Send a request through the server
    91. 91. Watch the output
    92. 92. The argument to –T is a regular expression, telling the server which debug tracers you are interested in
    93. 93. This needs much better documentation
    94. 94. Volunteer!</li></li></ul><li>[Jul 27 09:28:47.132] Server {140541802645248} DEBUG: (http) NEXTDUP: 0x0, RAW: 1, RAWLEN: 13, F: 1]<br />[Jul 27 09:28:47.132] Server {140541802645248} DEBUG: (http) <br />+++++++++ Incoming Request +++++++++<br />-- State Machine Id: 0<br />GET http://l.yimg.com/a/lib/ycs/bench/500.bmp HTTP/1.1<br />User-Agent: curl/7.21.0 (x86_64-redhat-linux-gnu) libcurl/7.21.0 NSS/3.12.10.0 zlib/1.2.5 libidn/1.18 libssh2/1.2.4<br />Host: l.yimg.com<br />Accept: */*<br />[Jul 27 09:28:47.132] Server {140541802645248} DEBUG: (http_trans) [DecideCacheLookup] Will do cache lookup.<br />[Jul 27 09:28:47.132] Server {140541802645248} DEBUG: (http_seq) [DecideCacheLookup] Will do cache lookup<br />[Jul 27 09:28:47.132] Server {140541802645248} DEBUG: (http_trans) Next action CACHE_LOOKUP; NULL<br />[Jul 27 09:28:47.132] Server {140541802645248} DEBUG: (http) [0] State Transition: HTTP_API_POST_REMAP -> CACHE_LOOKUP<br />[Jul 27 09:28:47.132] Server {140541802645248} DEBUG: (http_seq) [HttpSM::do_cache_lookup_and_read] [0] Issuing cache lookup for URL http://l.yimg.com/a/lib/ycs/bench/500.bmp<br />[Jul 27 09:28:47.145] Server {140541802645248} DEBUG: (http_match) [SelectFromAlternates] # alternates = 1<br />[Jul 27 09:28:47.145] Server {140541802645248} DEBUG: (http_seq) [SelectFromAlternates] 1 alternates for this cached doc<br />[alts] There are 1 alternates for this request header.<br />[Jul 27 09:28:47.145] Server {140541802645248} DEBUG: (http_alternate) Exact match for ACCEPT CHARSET<br />[Jul 27 09:28:47.145] Server {140541802645248} DEBUG: (http_alternate) Exact match for ACCEPT ENCODING<br />[Jul 27 09:28:47.145] Server {140541802645248} DEBUG: (http_alternate) Exact match for ACCEPT LANGUAGE<br />[Jul 27 09:28:47.145] Server {140541802645248} DEBUG: (http_match) CalcQualityOfMatch: Accept match = 1<br />[Jul 27 09:28:47.145] Server {140541802645248} DEBUG: (http_seq) CalcQualityOfMatch: Accept match = 1<br />[Jul 27 09:28:47.145] Server {140541802645248} DEBUG: (http_alternate) Content-Type and Accept 1.000000<br />[Jul 27 09:28:47.145] Server {140541802645248} DEBUG: (http_match) CalcQualityOfMatch: AcceptCharset match = 1.0<br />
    95. 95. Advanced logging in many systems<br />http://www.flickr.com/photos/osucommons/3329879294/<br />
    96. 96. http://www.newlaunches.com/archives/insectesque_machine_prototype_helps_logging.php<br />Advanced logging in Apache Traffic Server<br />
    97. 97. Advanced logging example<br /><LogFormat><br /> <Name = "some_squid"/><br /> <Format = "%<cqts> %<ttms> %<chi> %<psql> %<cqhm> %<cquc>"/><br /></LogFormat><br /> <LogObject><br /> <Format = "some_squid"/><br /> <Filename = "ssquid"/><br /> <Mode = "ascii_pipe"/><br /> </LogObject><br />
    98. 98. Advanced logging example<br /><LogFormat><br /> <Name = "some_squid"/><br /> <Format = "%<cqts> %<ttms> %<chi> %<psql> %<cqhm> %<cquc>"/><br /></LogFormat><br /> <LogObject><br /> <Format = "some_squid"/><br /> <Filename = "ssquid"/><br /> <Mode = "ascii_pipe"/><br /> </LogObject><br />
    99. 99. Advanced logging example<br /><LogFormat><br /> <Name = "some_squid"/><br /> <Format = "%<cqts> %<ttms> %<chi> %<psql> %<cqhm> %<cquc>"/><br /></LogFormat><br /><LogObject><br /> <Format = "some_squid"/><br /> <Filename = "ssquid"/><br /> <Mode = "ascii_pipe"/><br /> </LogObject><br />
    100. 100. Clustering<br />
    101. 101. Advanced caching<br /><ul><li>Used to override / force cache behavior
    102. 102. Highly flexible, with many configuration options
    103. 103. And still evolving and worked on
    104. 104. In general, you are better off using Cache-Control on the origin</li></li></ul><li>cache.config example<br />dest_domain=example.comscheme=http revalidate=2h<br />dest_host=server suffix=.html method=PUT action=never-cache<br />url_regex=/static/ ttl-in-cache=86400<br />
    105. 105. cache.config example<br />dest_domain=example.comscheme=http revalidate=2h<br />dest_host=server suffix=.html method=PUT action=never-cache<br />url_regex=/static/ ttl-in-cache=86400<br />
    106. 106. cache.config example<br />dest_domain=example.comscheme=http revalidate=2h<br />dest_host=server suffix=.xml method=PUT action=never-cache<br />url_regex=/static/ ttl-in-cache=86400<br />
    107. 107. cache.config example<br />dest_domain=example.comscheme=http revalidate=2h<br />dest_host=server suffix=.html method=PUT action=never-cache<br />url_regex=/static/ ttl-in-cache=86400<br />
    108. 108. Monitoring tools<br /><ul><li>traffic_line [-h]
    109. 109. traffic_shell
    110. 110. Management APIs (C, but easily used from e.g. Python using ctype)
    111. 111. Perl APIs to read stats
    112. 112. Useful for monitoring, statistics etc.
    113. 113. Stats via HTTP (plugin producing JSON, or “text” via built-in URL)
    114. 114. Health checks supported (and used by traffic_cop)
    115. 115. curl -0 –x localhost:80 http://127.0.0.1:8084/synthetic.txt</li></li></ul><li>Akamai is hiring - on both coasts!http://www.akamai.com/careers<br />
    116. 116. Plugin examples<br /><ul><li>Header filtering
    117. 117. JSON stats via HTTP
    118. 118. Geo-location request ACLs (filter out requests by e.g. country)
    119. 119. Rewrite rules using mySQL or memcached “data”
    120. 120. Hopefully soon:
    121. 121. ATS plugins written in LUA</li></li></ul><li>Other useful records.config settings<br /><ul><li>Control threads (performance)
    122. 122. proxy.config.exec_thread.autoconfig
    123. 123. proxy.config.exec_thread.limit
    124. 124. proxy.config.accept_threads
    125. 125. Buffers
    126. 126. proxy.config.net.sock_send_buffer_size_in
    127. 127. proxy.config.net.sock_recv_buffer_size_in
    128. 128. proxy.config.net.sock_send_buffer_size_out
    129. 129. proxy.config.net.sock_recv_buffer_size_out</li></li></ul><li>Other useful records.config settings<br /><ul><li>Bind specific IP / interface
    130. 130. proxy.local.incoming_ip_to_bind
    131. 131. Ports to bind
    132. 132. proxy.config.http.server_port
    133. 133. proxy.config.http.server_port_attr
    134. 134. proxy.config.http.server_other_ports
    135. 135. proxy.config.http.connect_ports</li>

    ×