From owner-freebsd-hackers@FreeBSD.ORG Mon Dec 15 16:38:12 2003 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 552FE16A4CE for ; Mon, 15 Dec 2003 16:38:12 -0800 (PST) Received: from ludo.migus.org (pcp242616pcs.howard01.md.comcast.net [68.55.80.136]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8893B43D3F for ; Mon, 15 Dec 2003 16:38:07 -0800 (PST) (envelope-from adam@migus.org) Received: from localhost (localhost [127.0.0.1]) by localhost (Postfix) with ESMTP id D42E8A1026; Mon, 15 Dec 2003 19:38:06 -0500 (EST) Received: from ludo.migus.org ([127.0.0.1]) by localhost (ludo.migus.org [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 38876-03; Mon, 15 Dec 2003 19:38:01 -0500 (EST) Received: from ganyopa.migus.org (ganyopa.migus.org [192.168.4.2]) by ludo.migus.org (Postfix) with ESMTP id 51D8DA1017; Mon, 15 Dec 2003 19:38:01 -0500 (EST) From: "Adam C. Migus" Organization: Migus Dot Org To: Clement Laforet , Bogdan TARU Date: Mon, 15 Dec 2003 19:37:56 -0500 User-Agent: KMail/1.5.4 References: <20031215114652.GA74902@icomag.de> <20031215140213.2bd338ea.sheepkiller@cultdeadsheep.org> In-Reply-To: <20031215140213.2bd338ea.sheepkiller@cultdeadsheep.org> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200312151937.56479.adam@migus.org> X-Virus-Scanned: by amavisd-new at migus.org cc: freebsd-hackers@freebsd.org Subject: Re: general load balancing issues X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 16 Dec 2003 00:38:12 -0000 On Monday 15 December 2003 08:02 am, Clement Laforet wrote: > On Mon, 15 Dec 2003 12:46:52 +0100 > Bogdan TARU wrote: > > Hi ! > > > Right now I am considering a setup with one common NFS repository > > for the configuration files, Apache binaries, Web content and temp > > directory for PHP, NFS resource which will be mounted on all the > > 'front' webservers. I am wondering, though, if I will be able (by > > having one common temp directory for PHP) to load-balance the > > domains involving sessions: will the sessions be lost when > > connsecutive hits go to different webservers, or not? > > If I were you, I would consider a 3-tier architecture > > > /----------+ > / | > / +-------+ > +----------+ | web | +----------+ > ----| Load | |servers|--------|NFS server| > > | balancer | | pool | +----------+ > > +----------+ | | > \ +-------+ > \ | > \----------+ > > Concerning PHP session, a HTTP reverse-proxy can easily do the trick. > If you don't want to spend a lot of time on configuring apache as > reverse proxy, you can use some flexible and easy-to-use dedicated > software. > Here's my favorite: > 1. pound (${PORTSDIR}/www/pound} > pound can handle URI based sessions to redirect request to the > correct backend server. It support SSL too. > > 2. haproxy (${PORTSDIR}/net/haproxy) > haproxy is less intuitive than pound, but more flexible. > It DOES NOT support SSL. > > Both support backend failures. > Since thay acts like proxy, you don't have to reconfigure your > network (but I recommend it) > > To grab real IP address on your apache server you must use (and > configure carefully) mod_extract_forwarded{2} or mod_rpaf{2}. > > If you don't want to use a reverse proxy, Matthew Seaman's solution > looks the best. > > > clem I'd be willing to bet the database back-end solution is going to perform a lot better than a shared directory. With respect to the reverse-proxy approach, it doesn't sound like it has clear advantage over the database back-end approach. It's certainly a cool way to do it especially if you weren't doing database stuff. Since your going for performance, already using a database and doing a new configuration, my vote is for the database back-end solution as well. Adam