SlideShare uma empresa Scribd logo

Building high traffic http front-ends. theo schlossnagle. зал 1

R
rit2011

This document discusses high-performance HTTP front-ends. It covers why HTTP is commonly used, performance expectations and achievements including supporting 500k concurrent users and 100k requests/second on a single server. Availability is achieved through routing protocols and redundancy rather than stateful failover. Future improvements may come from protocols like SPDY that allow multiplexing requests to reduce latency.

Tecnologia
1 de 17
Baixar para ler offline
High-performance Robust HTTP Front-ends / tips, tricks and expectations Saturday, April 23, 2011
Who am I? @postwait on twitter Author of “Scalable Internet Architectures” Pearson, ISBN: 067232699X Contributor to “Web Operations” O’Reilly, ISBN: Founder of OmniTI, Message Systems, Fontdeck, & Circonus I like to tackle problems that are “always on” and “always growing.” I am an Engineer A practitioner of academic computing. IEEE member and Senior ACM member. On the Editorial Board of ACM’s Queue magazine. 2 Saturday, April 23, 2011
Agenda • Why only HTTP? • HTTP-like protocols • Performance • Availability Saturday, April 23, 2011
HTTP • Why only HTTP... it’s what we do. • User-based, immediate, short-lived transactions occupy my life. • So, not just HTTP. • HTTPS • SPDY (... we’ll get to this) Saturday, April 23, 2011
Performance • ATS (Apache Traffic Server) • supports SSL • battle-hardened codebase • very multi-code capable • Varnish • VCL adds unparalleled flexibility • no SSL! • nginx • I don’t see much of this out on the edge Saturday, April 23, 2011
Performance Expectations • from a single server, you should be able to: • support 500k concurrent users • this is only 40k sockets/core • push in excess of 100k requests/second • this is only 9k requests/core*second • push close to 10 gigabits • this is why 10G was invented Saturday, April 23, 2011
Performance Achievements • Good load balancers achieve this performance • with dual socket Westmere processors, we’re able to achieve in software on general purpose hardware what was only possible in hardware ASICs. • ATS and Varnish can do this today. Saturday, April 23, 2011
The Basic Rules: Content • You must serve content from cache • Your cache should fit in memory • If it does not, it should spill to SSD, not spinning media. Saturday, April 23, 2011
The Basic Rules: CPU • You must cache SSL sessions • SSL key negotiation is expensive. • SSL encryption is not* • Common cases must not cause state on the firewall. • It’s hard enough to serve 150k requests/second. • You will spend too much time in kernel in iptables, ipf, or pf. • allow port 80 and port 443. • enable SYN flood prevention * crypto obviously costs CPU; symmetric crypto is relatively cheap Saturday, April 23, 2011
The Basic Rules: Network • You must not run a stateful firewall in front • too expensive • too little value • You must be directly behind capable router(s) • expect anywhere from 1MM to 20MM packets per second • we need to run BGP for availability Saturday, April 23, 2011
Availability • We learned in the performance section: • 1 machine / 10Gbps uplink performs well enough • We need redundancy: • Linux HA? • VRRP/HSRP? • CARP? • No... Saturday, April 23, 2011
Availability: Constraints • Client TCP sessions are relatively short lived. • The web is a largely idempotent place. • Clients are capable of retrying on failure. • This means: • forget stateful failover. • focus on availability for new connections. Saturday, April 23, 2011
Availability: Setup • You are behind a capable router (it was a rule) • Use routing protocols (BGP) to maintain availability. BGP 10.1.0.0/24 10.1.1.0/24 10.1.0.0/23 10.1.0.0/23 Saturday, April 23, 2011
Working Stacks • Linux (OS/TCP stack) • Illumos (OS/TCP stack) • Varnish (HTTP) • ATS (HTTP/HTTPS) • Quagga (BGP) • Quagga (BGP) Saturday, April 23, 2011
Future! • This stuff is fast. • In the end, we’re not looking for faster servers, we’re looking for improved user experience. • Enter SPDY • Google’s multi-channel HTTP super-protocol • Allows multiplexing of concurrent HTTP(like) request/response on a single TCP session. • Defeats slow startup • Allows for content prioritization on server Saturday, April 23, 2011
Future: my thoughts • SPDY is relatively simple to implement on the server • SPDY is very very hard to leverage on the server • If ATS implemented SPDY in and out • and provided a robust configuration language to leverage it ... the future would be today. Saturday, April 23, 2011
Thank you. • Thank you Олег Бунин • Thanks to the Varnish and ATS developers. • Спасибо. Saturday, April 23, 2011

Recomendados

Designing for Massive Scalability at BackType #bigdatacamp
Designing for Massive Scalability at BackType #bigdatacampDesigning for Massive Scalability at BackType #bigdatacamp
Designing for Massive Scalability at BackType #bigdatacamp
Michael Montano
 
WHIP WebRTC Broadcasting @ FOSDEM 2022
WHIP WebRTC Broadcasting @ FOSDEM 2022WHIP WebRTC Broadcasting @ FOSDEM 2022
WHIP WebRTC Broadcasting @ FOSDEM 2022
Lorenzo Miniero
 
FOSDEM2018 Janus Lua plugin presentation
FOSDEM2018 Janus Lua plugin presentationFOSDEM2018 Janus Lua plugin presentation
FOSDEM2018 Janus Lua plugin presentation
Lorenzo Miniero
 
Janus + Audio @ Open Source World
Janus + Audio @ Open Source WorldJanus + Audio @ Open Source World
Janus + Audio @ Open Source World
Lorenzo Miniero
 
How to video.
How to video.How to video.
How to video.
Cotap Engineering
 
Multistream in Janus @ CommCon 2019
Multistream in Janus @ CommCon 2019Multistream in Janus @ CommCon 2019
Multistream in Janus @ CommCon 2019
Lorenzo Miniero
 
Stackato v2
Stackato v2Stackato v2
Stackato v2
Jonas Brømsø
 
An SFU/MCU integration for heterogeneous environments
An SFU/MCU integration for heterogeneous environmentsAn SFU/MCU integration for heterogeneous environments
An SFU/MCU integration for heterogeneous environments
Giacomo Vacca
 

Recomendados

Designing for Massive Scalability at BackType #bigdatacamp
Designing for Massive Scalability at BackType #bigdatacampDesigning for Massive Scalability at BackType #bigdatacamp
Designing for Massive Scalability at BackType #bigdatacamp
Michael Montano
 
WHIP WebRTC Broadcasting @ FOSDEM 2022
WHIP WebRTC Broadcasting @ FOSDEM 2022WHIP WebRTC Broadcasting @ FOSDEM 2022
WHIP WebRTC Broadcasting @ FOSDEM 2022
Lorenzo Miniero
 
FOSDEM2018 Janus Lua plugin presentation
FOSDEM2018 Janus Lua plugin presentationFOSDEM2018 Janus Lua plugin presentation
FOSDEM2018 Janus Lua plugin presentation
Lorenzo Miniero
 
Janus + Audio @ Open Source World
Janus + Audio @ Open Source WorldJanus + Audio @ Open Source World
Janus + Audio @ Open Source World
Lorenzo Miniero
 
How to video.
How to video.How to video.
How to video.
Cotap Engineering
 
Multistream in Janus @ CommCon 2019
Multistream in Janus @ CommCon 2019Multistream in Janus @ CommCon 2019
Multistream in Janus @ CommCon 2019
Lorenzo Miniero
 
Stackato v2
Stackato v2Stackato v2
Stackato v2
Jonas Brømsø
 
An SFU/MCU integration for heterogeneous environments
An SFU/MCU integration for heterogeneous environmentsAn SFU/MCU integration for heterogeneous environments
An SFU/MCU integration for heterogeneous environments
Giacomo Vacca
 
Persistent storage tailored for containers #dockersummit
Persistent storage tailored for containers #dockersummitPersistent storage tailored for containers #dockersummit
Persistent storage tailored for containers #dockersummit
Infinit
 
What’s the Deal with Containers, Anyway?
What’s the Deal with Containers, Anyway?What’s the Deal with Containers, Anyway?
What’s the Deal with Containers, Anyway?
Stephen Foskett
 
OSGi In Anger - Tara Simpson
OSGi In Anger - Tara SimpsonOSGi In Anger - Tara Simpson
OSGi In Anger - Tara Simpson
mfrancis
 
Highly concurrent yet natural programming
Highly concurrent yet natural programmingHighly concurrent yet natural programming
Highly concurrent yet natural programming
Infinit
 
Building the carrier grade nfv infrastructure
Building the carrier grade nfv infrastructureBuilding the carrier grade nfv infrastructure
Building the carrier grade nfv infrastructure
OPNFV
 
Docker volume plugins and Infinit – Mini-conf Docker Paris #1
Docker volume plugins and Infinit – Mini-conf Docker Paris #1Docker volume plugins and Infinit – Mini-conf Docker Paris #1
Docker volume plugins and Infinit – Mini-conf Docker Paris #1
Infinit
 
One
OneOne
One
Martin Alfke
 
A tour of Java and the JVM
A tour of Java and the JVMA tour of Java and the JVM
A tour of Java and the JVM
Alex Birch
 
Dist::Zilla - A very brief introduction
Dist::Zilla - A very brief introductionDist::Zilla - A very brief introduction
Dist::Zilla - A very brief introduction
Dean Hamstead
 
Balázs Bucsay - XFLTReaT: Building a Tunnel
Balázs Bucsay - XFLTReaT: Building a TunnelBalázs Bucsay - XFLTReaT: Building a Tunnel
Balázs Bucsay - XFLTReaT: Building a Tunnel
hacktivity
 
Networking in the cloud: An SDN primer
Networking in the cloud: An SDN primerNetworking in the cloud: An SDN primer
Networking in the cloud: An SDN primer
Midokura
 
Improving POD Usage in Labs, CI and Testing
Improving POD Usage in Labs, CI and TestingImproving POD Usage in Labs, CI and Testing
Improving POD Usage in Labs, CI and Testing
OPNFV
 
Realtime traffic analyser
Realtime traffic analyserRealtime traffic analyser
Realtime traffic analyser
Alex Moskvin
 
Breaking down a monolith
Breaking down a monolithBreaking down a monolith
Breaking down a monolith
GeekNightHyderabad
 
2012 workshop wed_ethernet_servicesoveri_poib
2012 workshop wed_ethernet_servicesoveri_poib2012 workshop wed_ethernet_servicesoveri_poib
2012 workshop wed_ethernet_servicesoveri_poib
strelecru
 
RabbitMQ and AMQP Model
RabbitMQ and AMQP ModelRabbitMQ and AMQP Model
RabbitMQ and AMQP Model
Rajitha Gunawardhane
 
Iwmn architecture
Iwmn architectureIwmn architecture
Iwmn architecture
Lenz Gschwendtner
 
Adding Real-time Features to PHP Applications
Adding Real-time Features to PHP ApplicationsAdding Real-time Features to PHP Applications
Adding Real-time Features to PHP Applications
Ronny López
 
All About IPv6
All About IPv6All About IPv6
All About IPv6
Issac Goldstand
 
Report on OFELIA
Report on OFELIAReport on OFELIA
Report on OFELIA
FIBRE Testbed
 
The CMO 2.0
The CMO 2.0The CMO 2.0
The CMO 2.0
B2B Marketing
 
Social Media Benchmarking Report - preview of findings
Social Media Benchmarking Report - preview of findingsSocial Media Benchmarking Report - preview of findings
Social Media Benchmarking Report - preview of findings
B2B Marketing
 

Mais conteúdo relacionado

Mais procurados

OSGi In Anger - Tara Simpson
OSGi In Anger - Tara SimpsonOSGi In Anger - Tara Simpson
OSGi In Anger - Tara Simpson
mfrancis
 
Balázs Bucsay - XFLTReaT: Building a Tunnel
Balázs Bucsay - XFLTReaT: Building a TunnelBalázs Bucsay - XFLTReaT: Building a Tunnel
Balázs Bucsay - XFLTReaT: Building a Tunnel
hacktivity
 
Networking in the cloud: An SDN primer
Networking in the cloud: An SDN primerNetworking in the cloud: An SDN primer
Networking in the cloud: An SDN primer
Midokura
 
Improving POD Usage in Labs, CI and Testing
Improving POD Usage in Labs, CI and TestingImproving POD Usage in Labs, CI and Testing
Improving POD Usage in Labs, CI and Testing
OPNFV
 
2012 workshop wed_ethernet_servicesoveri_poib
2012 workshop wed_ethernet_servicesoveri_poib2012 workshop wed_ethernet_servicesoveri_poib
2012 workshop wed_ethernet_servicesoveri_poib
strelecru
 

Mais procurados (20)

Persistent storage tailored for containers #dockersummit
Persistent storage tailored for containers #dockersummitPersistent storage tailored for containers #dockersummit
Persistent storage tailored for containers #dockersummit
 
What’s the Deal with Containers, Anyway?
What’s the Deal with Containers, Anyway?What’s the Deal with Containers, Anyway?
What’s the Deal with Containers, Anyway?
 
OSGi In Anger - Tara Simpson
OSGi In Anger - Tara SimpsonOSGi In Anger - Tara Simpson
OSGi In Anger - Tara Simpson
 
Highly concurrent yet natural programming
Highly concurrent yet natural programmingHighly concurrent yet natural programming
Highly concurrent yet natural programming
 
Building the carrier grade nfv infrastructure
Building the carrier grade nfv infrastructureBuilding the carrier grade nfv infrastructure
Building the carrier grade nfv infrastructure
 
Docker volume plugins and Infinit – Mini-conf Docker Paris #1
Docker volume plugins and Infinit – Mini-conf Docker Paris #1Docker volume plugins and Infinit – Mini-conf Docker Paris #1
Docker volume plugins and Infinit – Mini-conf Docker Paris #1
 
One
OneOne
One
 
A tour of Java and the JVM
A tour of Java and the JVMA tour of Java and the JVM
A tour of Java and the JVM
 
Dist::Zilla - A very brief introduction
Dist::Zilla - A very brief introductionDist::Zilla - A very brief introduction
Dist::Zilla - A very brief introduction
 
Balázs Bucsay - XFLTReaT: Building a Tunnel
Balázs Bucsay - XFLTReaT: Building a TunnelBalázs Bucsay - XFLTReaT: Building a Tunnel
Balázs Bucsay - XFLTReaT: Building a Tunnel
 
Networking in the cloud: An SDN primer
Networking in the cloud: An SDN primerNetworking in the cloud: An SDN primer
Networking in the cloud: An SDN primer
 
Improving POD Usage in Labs, CI and Testing
Improving POD Usage in Labs, CI and TestingImproving POD Usage in Labs, CI and Testing
Improving POD Usage in Labs, CI and Testing
 
Realtime traffic analyser
Realtime traffic analyserRealtime traffic analyser
Realtime traffic analyser
 
Breaking down a monolith
Breaking down a monolithBreaking down a monolith
Breaking down a monolith
 
2012 workshop wed_ethernet_servicesoveri_poib
2012 workshop wed_ethernet_servicesoveri_poib2012 workshop wed_ethernet_servicesoveri_poib
2012 workshop wed_ethernet_servicesoveri_poib
 
RabbitMQ and AMQP Model
RabbitMQ and AMQP ModelRabbitMQ and AMQP Model
RabbitMQ and AMQP Model
 
Iwmn architecture
Iwmn architectureIwmn architecture
Iwmn architecture
 
Adding Real-time Features to PHP Applications
Adding Real-time Features to PHP ApplicationsAdding Real-time Features to PHP Applications
Adding Real-time Features to PHP Applications
 
All About IPv6
All About IPv6All About IPv6
All About IPv6
 
Report on OFELIA
Report on OFELIAReport on OFELIA
Report on OFELIA
 

Destaque

How to get value from your multi-channel lead gen programme - Cyance
How to get value from your multi-channel lead gen programme - Cyance How to get value from your multi-channel lead gen programme - Cyance
How to get value from your multi-channel lead gen programme - Cyance
B2B Marketing
 
인간의 경험 공유를 위한 태스크 및 컨텍스트 추출 및 표현
인간의 경험 공유를 위한 태스크 및 컨텍스트 추출 및 표현인간의 경험 공유를 위한 태스크 및 컨텍스트 추출 및 표현
인간의 경험 공유를 위한 태스크 및 컨텍스트 추출 및 표현
Haklae Kim
 
Cappuccino 3 Slide Illustration
Cappuccino 3 Slide IllustrationCappuccino 3 Slide Illustration
Cappuccino 3 Slide Illustration
Ashish Goel
 
модульное тестирование для Perl. алексей шруб. зал 4
модульное тестирование для Perl. алексей шруб. зал 4модульное тестирование для Perl. алексей шруб. зал 4
модульное тестирование для Perl. алексей шруб. зал 4
rit2011
 

Destaque (9)

The CMO 2.0
The CMO 2.0The CMO 2.0
The CMO 2.0
 
Social Media Benchmarking Report - preview of findings
Social Media Benchmarking Report - preview of findingsSocial Media Benchmarking Report - preview of findings
Social Media Benchmarking Report - preview of findings
 
How digital can build your brand
How digital can build your brand How digital can build your brand
How digital can build your brand
 
How to get value from your multi-channel lead gen programme - Cyance
How to get value from your multi-channel lead gen programme - Cyance How to get value from your multi-channel lead gen programme - Cyance
How to get value from your multi-channel lead gen programme - Cyance
 
인간의 경험 공유를 위한 태스크 및 컨텍스트 추출 및 표현
인간의 경험 공유를 위한 태스크 및 컨텍스트 추출 및 표현인간의 경험 공유를 위한 태스크 및 컨텍스트 추출 및 표현
인간의 경험 공유를 위한 태스크 및 컨텍스트 추출 및 표현
 
What makes excellent B2B Marketing? The Evidence Uncovered
What makes excellent B2B Marketing? The Evidence UncoveredWhat makes excellent B2B Marketing? The Evidence Uncovered
What makes excellent B2B Marketing? The Evidence Uncovered
 
Cappuccino 3 Slide Illustration
Cappuccino 3 Slide IllustrationCappuccino 3 Slide Illustration
Cappuccino 3 Slide Illustration
 
CASE STUDY: Inbound: building trust into your marketing strategy
CASE STUDY: Inbound: building trust into your marketing strategyCASE STUDY: Inbound: building trust into your marketing strategy
CASE STUDY: Inbound: building trust into your marketing strategy
 
модульное тестирование для Perl. алексей шруб. зал 4
модульное тестирование для Perl. алексей шруб. зал 4модульное тестирование для Perl. алексей шруб. зал 4
модульное тестирование для Perl. алексей шруб. зал 4
 

Semelhante a Building high traffic http front-ends. theo schlossnagle. зал 1

NFV Infrastructure Manager with High Performance Software Switch Lagopus
NFV Infrastructure Manager with High Performance Software Switch Lagopus NFV Infrastructure Manager with High Performance Software Switch Lagopus
NFV Infrastructure Manager with High Performance Software Switch Lagopus
Hirofumi Ichihara
 
How DreamHost builds a public cloud with OpenStack.pdf
How DreamHost builds a public cloud with OpenStack.pdfHow DreamHost builds a public cloud with OpenStack.pdf
How DreamHost builds a public cloud with OpenStack.pdf
OpenStack Foundation
 
Trick or XFLTReaT a.k.a. Tunnel All The Things
Trick or XFLTReaT a.k.a. Tunnel All The ThingsTrick or XFLTReaT a.k.a. Tunnel All The Things
Trick or XFLTReaT a.k.a. Tunnel All The Things
Balazs Bucsay
 
Xen and-the-art-of-rails-deployment2640
Xen and-the-art-of-rails-deployment2640Xen and-the-art-of-rails-deployment2640
Xen and-the-art-of-rails-deployment2640
Newlink
 
Xen and-the-art-of-rails-deployment2640
Xen and-the-art-of-rails-deployment2640Xen and-the-art-of-rails-deployment2640
Xen and-the-art-of-rails-deployment2640
Newlink
 
Xen and-the-art-of-rails-deployment2640
Xen and-the-art-of-rails-deployment2640Xen and-the-art-of-rails-deployment2640
Xen and-the-art-of-rails-deployment2640
LLC NewLink
 
Xen and-the-art-of-rails-deployment2640
Xen and-the-art-of-rails-deployment2640Xen and-the-art-of-rails-deployment2640
Xen and-the-art-of-rails-deployment2640
Newlink
 
Xen and-the-art-of-rails-deployment2640
Xen and-the-art-of-rails-deployment2640Xen and-the-art-of-rails-deployment2640
Xen and-the-art-of-rails-deployment2640
Newlink
 
XFLTReaT: a new dimension in tunnelling (BruCON 0x09 2017)
XFLTReaT: a new dimension in tunnelling (BruCON 0x09 2017)XFLTReaT: a new dimension in tunnelling (BruCON 0x09 2017)
XFLTReaT: a new dimension in tunnelling (BruCON 0x09 2017)
Balazs Bucsay
 
Real time system_performance_mon
Real time system_performance_monReal time system_performance_mon
Real time system_performance_mon
Tomas Doran
 
XFLTReaT: A New Dimension in Tunneling (Shakacon 2017)
XFLTReaT: A New Dimension in Tunneling (Shakacon 2017)XFLTReaT: A New Dimension in Tunneling (Shakacon 2017)
XFLTReaT: A New Dimension in Tunneling (Shakacon 2017)
Balazs Bucsay
 

Semelhante a Building high traffic http front-ends. theo schlossnagle. зал 1 (20)

NFV Infrastructure Manager with High Performance Software Switch Lagopus
NFV Infrastructure Manager with High Performance Software Switch Lagopus NFV Infrastructure Manager with High Performance Software Switch Lagopus
NFV Infrastructure Manager with High Performance Software Switch Lagopus
 
Stardog talk-dc-march-17
Stardog talk-dc-march-17Stardog talk-dc-march-17
Stardog talk-dc-march-17
 
Realtime web2012
Realtime web2012Realtime web2012
Realtime web2012
 
How DreamHost builds a Public Cloud with OpenStack
How DreamHost builds a Public Cloud with OpenStackHow DreamHost builds a Public Cloud with OpenStack
How DreamHost builds a Public Cloud with OpenStack
 
How DreamHost builds a public cloud with OpenStack.pdf
How DreamHost builds a public cloud with OpenStack.pdfHow DreamHost builds a public cloud with OpenStack.pdf
How DreamHost builds a public cloud with OpenStack.pdf
 
Actors and Threads
Actors and ThreadsActors and Threads
Actors and Threads
 
Trick or XFLTReaT a.k.a. Tunnel All The Things
Trick or XFLTReaT a.k.a. Tunnel All The ThingsTrick or XFLTReaT a.k.a. Tunnel All The Things
Trick or XFLTReaT a.k.a. Tunnel All The Things
 
Xen and-the-art-of-rails-deployment2640
Xen and-the-art-of-rails-deployment2640Xen and-the-art-of-rails-deployment2640
Xen and-the-art-of-rails-deployment2640
 
Xen and-the-art-of-rails-deployment2640
Xen and-the-art-of-rails-deployment2640Xen and-the-art-of-rails-deployment2640
Xen and-the-art-of-rails-deployment2640
 
Xen and-the-art-of-rails-deployment2640
Xen and-the-art-of-rails-deployment2640Xen and-the-art-of-rails-deployment2640
Xen and-the-art-of-rails-deployment2640
 
Xen and-the-art-of-rails-deployment2640
Xen and-the-art-of-rails-deployment2640Xen and-the-art-of-rails-deployment2640
Xen and-the-art-of-rails-deployment2640
 
Xen and-the-art-of-rails-deployment2640
Xen and-the-art-of-rails-deployment2640Xen and-the-art-of-rails-deployment2640
Xen and-the-art-of-rails-deployment2640
 
Ruby Concurrency Realities
Ruby Concurrency RealitiesRuby Concurrency Realities
Ruby Concurrency Realities
 
Ext osad initial-eval-march2015
Ext osad initial-eval-march2015Ext osad initial-eval-march2015
Ext osad initial-eval-march2015
 
XFLTReaT: a new dimension in tunnelling (BruCON 0x09 2017)
XFLTReaT: a new dimension in tunnelling (BruCON 0x09 2017)XFLTReaT: a new dimension in tunnelling (BruCON 0x09 2017)
XFLTReaT: a new dimension in tunnelling (BruCON 0x09 2017)
 
pps Matters
pps Matterspps Matters
pps Matters
 
Jay Kreps on Project Voldemort Scaling Simple Storage At LinkedIn
Jay Kreps on Project Voldemort Scaling Simple Storage At LinkedInJay Kreps on Project Voldemort Scaling Simple Storage At LinkedIn
Jay Kreps on Project Voldemort Scaling Simple Storage At LinkedIn
 
Real time system_performance_mon
Real time system_performance_monReal time system_performance_mon
Real time system_performance_mon
 
High performance network programming on the jvm oscon 2012
High performance network programming on the jvm oscon 2012 High performance network programming on the jvm oscon 2012
High performance network programming on the jvm oscon 2012
 
XFLTReaT: A New Dimension in Tunneling (Shakacon 2017)
XFLTReaT: A New Dimension in Tunneling (Shakacon 2017)XFLTReaT: A New Dimension in Tunneling (Shakacon 2017)
XFLTReaT: A New Dimension in Tunneling (Shakacon 2017)
 

Mais de rit2011

классификация Ddos. александр лямин, артем гавриченков. зал 2
классификация Ddos. александр лямин, артем гавриченков. зал 2классификация Ddos. александр лямин, артем гавриченков. зал 2
классификация Ddos. александр лямин, артем гавриченков. зал 2
rit2011
 
Chef. кто на кухне хозяин. концепция devops. а,титов. зал 2
Chef. кто на кухне хозяин. концепция devops. а,титов. зал 2Chef. кто на кухне хозяин. концепция devops. а,титов. зал 2
Chef. кто на кухне хозяин. концепция devops. а,титов. зал 2
rit2011
 
как объяснить заказчику, что он не прав. денис тучин. зал 3
как объяснить заказчику, что он не прав. денис тучин. зал 3как объяснить заказчику, что он не прав. денис тучин. зал 3
как объяснить заказчику, что он не прав. денис тучин. зал 3
rit2011
 
классификация Ddos. александр лямин, артем гавриченков. зал 2
классификация Ddos. александр лямин, артем гавриченков. зал 2классификация Ddos. александр лямин, артем гавриченков. зал 2
классификация Ddos. александр лямин, артем гавриченков. зал 2
rit2011
 
Kpi разработчика vs kpi разработки. евгения фирсова. зал 1
Kpi разработчика vs kpi разработки. евгения фирсова. зал 1Kpi разработчика vs kpi разработки. евгения фирсова. зал 1
Kpi разработчика vs kpi разработки. евгения фирсова. зал 1
rit2011
 
ускорение Front end разработки с помощью haml, sass и compass. андрей ситник....
ускорение Front end разработки с помощью haml, sass и compass. андрей ситник....ускорение Front end разработки с помощью haml, sass и compass. андрей ситник....
ускорение Front end разработки с помощью haml, sass и compass. андрей ситник....
rit2011
 
ускорение Front end разработки с помощью haml, sass и compass. андрей ситник....
ускорение Front end разработки с помощью haml, sass и compass. андрей ситник....ускорение Front end разработки с помощью haml, sass и compass. андрей ситник....
ускорение Front end разработки с помощью haml, sass и compass. андрей ситник....
rit2011
 
что и почему вы должны программировать на Erlang.максим лапшин. зал 4
что и почему вы должны программировать на Erlang.максим лапшин. зал 4что и почему вы должны программировать на Erlang.максим лапшин. зал 4
что и почему вы должны программировать на Erlang.максим лапшин. зал 4
rit2011
 
I pv6 малоизвестные подробности. андрей пантюхин. зал 2
I pv6 малоизвестные подробности. андрей пантюхин. зал 2I pv6 малоизвестные подробности. андрей пантюхин. зал 2
I pv6 малоизвестные подробности. андрей пантюхин. зал 2
rit2011
 
безопасность веб приложений сегодня. дмитрий евтеев. зал 4
безопасность веб приложений сегодня. дмитрий евтеев. зал 4безопасность веб приложений сегодня. дмитрий евтеев. зал 4
безопасность веб приложений сегодня. дмитрий евтеев. зал 4
rit2011
 
как стать хорошим веб технологом. нарек мкртчян. зал 4
как стать хорошим веб технологом. нарек мкртчян. зал 4как стать хорошим веб технологом. нарек мкртчян. зал 4
как стать хорошим веб технологом. нарек мкртчян. зал 4
rit2011
 
сотни серверов, десятки компонент. автоматизация раскладки и конфигурирования...
сотни серверов, десятки компонент. автоматизация раскладки и конфигурирования...сотни серверов, десятки компонент. автоматизация раскладки и конфигурирования...
сотни серверов, десятки компонент. автоматизация раскладки и конфигурирования...
rit2011
 
выращиваем интерфейс своими руками. ольга павлова. зал 3
выращиваем интерфейс своими руками. ольга павлова. зал 3выращиваем интерфейс своими руками. ольга павлова. зал 3
выращиваем интерфейс своими руками. ольга павлова. зал 3
rit2011
 
распределенное файловое хранилище (Nginx, zfs, perl). перепелица мамонтов. зал 2
распределенное файловое хранилище (Nginx, zfs, perl). перепелица мамонтов. зал 2распределенное файловое хранилище (Nginx, zfs, perl). перепелица мамонтов. зал 2
распределенное файловое хранилище (Nginx, zfs, perl). перепелица мамонтов. зал 2
rit2011
 
от Flash к html5. александр бацуев. зал 4
от Flash к html5. александр бацуев. зал 4от Flash к html5. александр бацуев. зал 4
от Flash к html5. александр бацуев. зал 4
rit2011
 
Ie9 и ie10. алекс могилевский. зал 2
Ie9 и ie10. алекс могилевский. зал 2Ie9 и ie10. алекс могилевский. зал 2
Ie9 и ie10. алекс могилевский. зал 2
rit2011
 
сотни серверов, десятки компонент. автоматизация раскладки и конфигурирования...
сотни серверов, десятки компонент. автоматизация раскладки и конфигурирования...сотни серверов, десятки компонент. автоматизация раскладки и конфигурирования...
сотни серверов, десятки компонент. автоматизация раскладки и конфигурирования...
rit2011
 
полмиллиона юзеров в онлайне без падений оптимизация высоконагруженной Server...
полмиллиона юзеров в онлайне без падений оптимизация высоконагруженной Server...полмиллиона юзеров в онлайне без падений оптимизация высоконагруженной Server...
полмиллиона юзеров в онлайне без падений оптимизация высоконагруженной Server...
rit2011
 
рисуем тз. эффективный способ коммуникации в веб проектах. артем вольфтруб. з...
рисуем тз. эффективный способ коммуникации в веб проектах. артем вольфтруб. з...рисуем тз. эффективный способ коммуникации в веб проектах. артем вольфтруб. з...
рисуем тз. эффективный способ коммуникации в веб проектах. артем вольфтруб. з...
rit2011
 
типология личности и прогноз отношений по а. афанасьеву. сергей котырев. зал 2
типология личности и прогноз отношений по а. афанасьеву. сергей котырев. зал 2типология личности и прогноз отношений по а. афанасьеву. сергей котырев. зал 2
типология личности и прогноз отношений по а. афанасьеву. сергей котырев. зал 2
rit2011
 

Mais de rit2011 (20)

классификация Ddos. александр лямин, артем гавриченков. зал 2
классификация Ddos. александр лямин, артем гавриченков. зал 2классификация Ddos. александр лямин, артем гавриченков. зал 2
классификация Ddos. александр лямин, артем гавриченков. зал 2
 
Chef. кто на кухне хозяин. концепция devops. а,титов. зал 2
Chef. кто на кухне хозяин. концепция devops. а,титов. зал 2Chef. кто на кухне хозяин. концепция devops. а,титов. зал 2
Chef. кто на кухне хозяин. концепция devops. а,титов. зал 2
 
как объяснить заказчику, что он не прав. денис тучин. зал 3
как объяснить заказчику, что он не прав. денис тучин. зал 3как объяснить заказчику, что он не прав. денис тучин. зал 3
как объяснить заказчику, что он не прав. денис тучин. зал 3
 
классификация Ddos. александр лямин, артем гавриченков. зал 2
классификация Ddos. александр лямин, артем гавриченков. зал 2классификация Ddos. александр лямин, артем гавриченков. зал 2
классификация Ddos. александр лямин, артем гавриченков. зал 2
 
Kpi разработчика vs kpi разработки. евгения фирсова. зал 1
Kpi разработчика vs kpi разработки. евгения фирсова. зал 1Kpi разработчика vs kpi разработки. евгения фирсова. зал 1
Kpi разработчика vs kpi разработки. евгения фирсова. зал 1
 
ускорение Front end разработки с помощью haml, sass и compass. андрей ситник....
ускорение Front end разработки с помощью haml, sass и compass. андрей ситник....ускорение Front end разработки с помощью haml, sass и compass. андрей ситник....
ускорение Front end разработки с помощью haml, sass и compass. андрей ситник....
 
ускорение Front end разработки с помощью haml, sass и compass. андрей ситник....
ускорение Front end разработки с помощью haml, sass и compass. андрей ситник....ускорение Front end разработки с помощью haml, sass и compass. андрей ситник....
ускорение Front end разработки с помощью haml, sass и compass. андрей ситник....
 
что и почему вы должны программировать на Erlang.максим лапшин. зал 4
что и почему вы должны программировать на Erlang.максим лапшин. зал 4что и почему вы должны программировать на Erlang.максим лапшин. зал 4
что и почему вы должны программировать на Erlang.максим лапшин. зал 4
 
I pv6 малоизвестные подробности. андрей пантюхин. зал 2
I pv6 малоизвестные подробности. андрей пантюхин. зал 2I pv6 малоизвестные подробности. андрей пантюхин. зал 2
I pv6 малоизвестные подробности. андрей пантюхин. зал 2
 
безопасность веб приложений сегодня. дмитрий евтеев. зал 4
безопасность веб приложений сегодня. дмитрий евтеев. зал 4безопасность веб приложений сегодня. дмитрий евтеев. зал 4
безопасность веб приложений сегодня. дмитрий евтеев. зал 4
 
как стать хорошим веб технологом. нарек мкртчян. зал 4
как стать хорошим веб технологом. нарек мкртчян. зал 4как стать хорошим веб технологом. нарек мкртчян. зал 4
как стать хорошим веб технологом. нарек мкртчян. зал 4
 
сотни серверов, десятки компонент. автоматизация раскладки и конфигурирования...
сотни серверов, десятки компонент. автоматизация раскладки и конфигурирования...сотни серверов, десятки компонент. автоматизация раскладки и конфигурирования...
сотни серверов, десятки компонент. автоматизация раскладки и конфигурирования...
 
выращиваем интерфейс своими руками. ольга павлова. зал 3
выращиваем интерфейс своими руками. ольга павлова. зал 3выращиваем интерфейс своими руками. ольга павлова. зал 3
выращиваем интерфейс своими руками. ольга павлова. зал 3
 
распределенное файловое хранилище (Nginx, zfs, perl). перепелица мамонтов. зал 2
распределенное файловое хранилище (Nginx, zfs, perl). перепелица мамонтов. зал 2распределенное файловое хранилище (Nginx, zfs, perl). перепелица мамонтов. зал 2
распределенное файловое хранилище (Nginx, zfs, perl). перепелица мамонтов. зал 2
 
от Flash к html5. александр бацуев. зал 4
от Flash к html5. александр бацуев. зал 4от Flash к html5. александр бацуев. зал 4
от Flash к html5. александр бацуев. зал 4
 
Ie9 и ie10. алекс могилевский. зал 2
Ie9 и ie10. алекс могилевский. зал 2Ie9 и ie10. алекс могилевский. зал 2
Ie9 и ie10. алекс могилевский. зал 2
 
сотни серверов, десятки компонент. автоматизация раскладки и конфигурирования...
сотни серверов, десятки компонент. автоматизация раскладки и конфигурирования...сотни серверов, десятки компонент. автоматизация раскладки и конфигурирования...
сотни серверов, десятки компонент. автоматизация раскладки и конфигурирования...
 
полмиллиона юзеров в онлайне без падений оптимизация высоконагруженной Server...
полмиллиона юзеров в онлайне без падений оптимизация высоконагруженной Server...полмиллиона юзеров в онлайне без падений оптимизация высоконагруженной Server...
полмиллиона юзеров в онлайне без падений оптимизация высоконагруженной Server...
 
рисуем тз. эффективный способ коммуникации в веб проектах. артем вольфтруб. з...
рисуем тз. эффективный способ коммуникации в веб проектах. артем вольфтруб. з...рисуем тз. эффективный способ коммуникации в веб проектах. артем вольфтруб. з...
рисуем тз. эффективный способ коммуникации в веб проектах. артем вольфтруб. з...
 
типология личности и прогноз отношений по а. афанасьеву. сергей котырев. зал 2
типология личности и прогноз отношений по а. афанасьеву. сергей котырев. зал 2типология личности и прогноз отношений по а. афанасьеву. сергей котырев. зал 2
типология личности и прогноз отношений по а. афанасьеву. сергей котырев. зал 2
 

Último

Search and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical FuturesSearch and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical Futures
Bhaskar Mitra
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Jeffrey Haguewood
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
RTTS
 
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptxUnpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
David Michel
 
In-Depth Performance Testing Guide for IT Professionals
In-Depth Performance Testing Guide for IT ProfessionalsIn-Depth Performance Testing Guide for IT Professionals
In-Depth Performance Testing Guide for IT Professionals
Expeed Software
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
DianaGray10
 
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo DiehlFuture Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Peter Udo Diehl
 

Último (20)

Search and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical FuturesSearch and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical Futures
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
 
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptxIOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
 
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
 
IoT Analytics Company Presentation May 2024
IoT Analytics Company Presentation May 2024IoT Analytics Company Presentation May 2024
IoT Analytics Company Presentation May 2024
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
 
Free and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
Free and Effective: Making Flows Publicly Accessible, Yumi IbrahimzadeFree and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
Free and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
 
Introduction to Open Source RAG and RAG Evaluation
Introduction to Open Source RAG and RAG EvaluationIntroduction to Open Source RAG and RAG Evaluation
Introduction to Open Source RAG and RAG Evaluation
 
UiPath Test Automation using UiPath Test Suite series, part 2
UiPath Test Automation using UiPath Test Suite series, part 2UiPath Test Automation using UiPath Test Suite series, part 2
UiPath Test Automation using UiPath Test Suite series, part 2
 
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptxUnpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
 
ODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User GroupODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User Group
 
In-Depth Performance Testing Guide for IT Professionals
In-Depth Performance Testing Guide for IT ProfessionalsIn-Depth Performance Testing Guide for IT Professionals
In-Depth Performance Testing Guide for IT Professionals
 
Powerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara LaskowskaPowerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara Laskowska
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
 
Demystifying gRPC in .Net by John Staveley
Demystifying gRPC in .Net by John StaveleyDemystifying gRPC in .Net by John Staveley
Demystifying gRPC in .Net by John Staveley
 
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo DiehlFuture Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
 

Building high traffic http front-ends. theo schlossnagle. зал 1

  • 1. High-performance Robust HTTP Front-ends / tips, tricks and expectations Saturday, April 23, 2011
  • 2. Who am I? @postwait on twitter Author of “Scalable Internet Architectures” Pearson, ISBN: 067232699X Contributor to “Web Operations” O’Reilly, ISBN: Founder of OmniTI, Message Systems, Fontdeck, & Circonus I like to tackle problems that are “always on” and “always growing.” I am an Engineer A practitioner of academic computing. IEEE member and Senior ACM member. On the Editorial Board of ACM’s Queue magazine. 2 Saturday, April 23, 2011
  • 3. Agenda • Why only HTTP? • HTTP-like protocols • Performance • Availability Saturday, April 23, 2011
  • 4. HTTP • Why only HTTP... it’s what we do. • User-based, immediate, short-lived transactions occupy my life. • So, not just HTTP. • HTTPS • SPDY (... we’ll get to this) Saturday, April 23, 2011
  • 5. Performance • ATS (Apache Traffic Server) • supports SSL • battle-hardened codebase • very multi-code capable • Varnish • VCL adds unparalleled flexibility • no SSL! • nginx • I don’t see much of this out on the edge Saturday, April 23, 2011
  • 6. Performance Expectations • from a single server, you should be able to: • support 500k concurrent users • this is only 40k sockets/core • push in excess of 100k requests/second • this is only 9k requests/core*second • push close to 10 gigabits • this is why 10G was invented Saturday, April 23, 2011
  • 7. Performance Achievements • Good load balancers achieve this performance • with dual socket Westmere processors, we’re able to achieve in software on general purpose hardware what was only possible in hardware ASICs. • ATS and Varnish can do this today. Saturday, April 23, 2011
  • 8. The Basic Rules: Content • You must serve content from cache • Your cache should fit in memory • If it does not, it should spill to SSD, not spinning media. Saturday, April 23, 2011
  • 9. The Basic Rules: CPU • You must cache SSL sessions • SSL key negotiation is expensive. • SSL encryption is not* • Common cases must not cause state on the firewall. • It’s hard enough to serve 150k requests/second. • You will spend too much time in kernel in iptables, ipf, or pf. • allow port 80 and port 443. • enable SYN flood prevention * crypto obviously costs CPU; symmetric crypto is relatively cheap Saturday, April 23, 2011
  • 10. The Basic Rules: Network • You must not run a stateful firewall in front • too expensive • too little value • You must be directly behind capable router(s) • expect anywhere from 1MM to 20MM packets per second • we need to run BGP for availability Saturday, April 23, 2011
  • 11. Availability • We learned in the performance section: • 1 machine / 10Gbps uplink performs well enough • We need redundancy: • Linux HA? • VRRP/HSRP? • CARP? • No... Saturday, April 23, 2011
  • 12. Availability: Constraints • Client TCP sessions are relatively short lived. • The web is a largely idempotent place. • Clients are capable of retrying on failure. • This means: • forget stateful failover. • focus on availability for new connections. Saturday, April 23, 2011
  • 13. Availability: Setup • You are behind a capable router (it was a rule) • Use routing protocols (BGP) to maintain availability. BGP 10.1.0.0/24 10.1.1.0/24 10.1.0.0/23 10.1.0.0/23 Saturday, April 23, 2011
  • 14. Working Stacks • Linux (OS/TCP stack) • Illumos (OS/TCP stack) • Varnish (HTTP) • ATS (HTTP/HTTPS) • Quagga (BGP) • Quagga (BGP) Saturday, April 23, 2011
  • 15. Future! • This stuff is fast. • In the end, we’re not looking for faster servers, we’re looking for improved user experience. • Enter SPDY • Google’s multi-channel HTTP super-protocol • Allows multiplexing of concurrent HTTP(like) request/response on a single TCP session. • Defeats slow startup • Allows for content prioritization on server Saturday, April 23, 2011
  • 16. Future: my thoughts • SPDY is relatively simple to implement on the server • SPDY is very very hard to leverage on the server • If ATS implemented SPDY in and out • and provided a robust configuration language to leverage it ... the future would be today. Saturday, April 23, 2011
  • 17. Thank you. • Thank you Олег Бунин • Thanks to the Varnish and ATS developers. • Спасибо. Saturday, April 23, 2011