RE: VM benchmarks
Hi, I'd be interested to see the same test with all devices in the same location. There shouldn't be any reason for this much difference! We run HAProxy on ESX so I might take a spare server to the DC and V2P the servers over to that for testing. Will let you know on this one... -Original Message- From: Daniel Storjordet [mailto:dan...@desti.no] Sent: 26 October 2010 22:00 To: Ariel; haproxy@formilux.org Subject: Re: VM benchmarks We just moved HAProxy from ESXi servers into two dedicated Atom servers. In the first setup the HAProxy innstallations balanced two webservers in the same ESXi enviorment. The web access times for this config was inbetween 120-150ms (Connect, Request, Download). In the new config the dedicated HAProxy boxes are located in a seperate datacenter 500km away from the same ESXi web servers. With this config we get lower web access times. Inbetween 110-130ms (Connect, Request, Download). I expect that also moving the web servers to the new datacenter will result in an even better results. -- mvh. Daniel Storjordet D E S T ! N O :: Strandgata 117 :: 4307 Sandnes Mob 45 51 73 71 :: Tel 51 62 50 14 dan...@desti.no :: http://www.desti.no www.destinet.no - Webpublisering på nett www.func.no - Flysøk på nett On 26.10.2010 16:38, Ariel wrote: > Does anyone know of studies done comparing haproxy on dedicated hardware vs > virtual machine? Or perhaps some virtual machine specific considerations? > -a
RE: Strange latency
Don't think there's hasn't been any traffic on this thread, so I thought I'd just chip in and say we run HAProxy on ESX4.1 with Stunnel in front on the same server and Apache servers behind and don't experience anything like the latency you mention below. -Original Message- From: Ariel [mailto:ar...@bidcactus.com] Sent: 25 October 2010 18:45 To: haproxy Subject: Strange latency I am using Rackspace cloud servers and trying to convince my boss that we should be using haproxy instead of apache at our frontend doing load balancing. For the most part I have set up what I consider a fairly successful staging environment (I have working ACL's and cookie based routing). The problem however is that when I use haproxy as my load balancer my round-trip time for a request goes up by about 50ms. With apache as the proxy every request has RTT of ~50ms, but now they are at over 100ms. I am using the same backend servers to test both apache and haproxy, all configuration rules the same as I could make them (client side keep-alive enabled). Also for a comparison I also set up a quick nginx server to do its (very dumb) load balancing solution, and its results are at the same speed or better of apache. Also, even when apache is terminating SSL and forwarding it on, the RTT does not go up. All three software is running (one at a time) on the same virtual server, so I don't think it is that I got a bad VPS slice or something like that. Also, when I use stunnel in front of haproxy to terminate https requests, it adds another ~50ms to the total RTT. And if I have to make the request go through another stunnel to the backend (a requirement for PCI compliance), it adds another ~50ms again. So now using the site with SSL is over 300ms per request just from the start. That may not be *terrible* but the site is very interactive and calls one AJAX request per second to keep lots of things updated. For general users around the internet the site is going to appear unresponsive and slow... I was wondering if anyone using haproxy in a virtualized environment as ever experienced something like this? Or maybe some configuration options to try to debug this? -a
RE: Haproxy support for HTTPS (SSL) backend servers
Have you tried Varnish? http://www.varnish-cache.org/ It's intended as a caching proxy but can do what you're after perfectly well. Also if there's anything it can't do, you can in-line drop in to C in the config files and make it do it! -Original Message- From: Pasi Kärkkäinen [mailto:pa...@iki.fi] Sent: 19 October 2010 12:33 To: Reinis Rozitis Cc: haproxy@formilux.org Subject: Re: Haproxy support for HTTPS (SSL) backend servers On Mon, Oct 18, 2010 at 07:00:37PM +0300, Reinis Rozitis wrote: >> I meant the features that need to parse the HTTP request and do >> things based on it.. >> >> So tcp/raw mode won't work.. >> >> Thanks for the reply though! >> >> -- Pasi > > I think you are better in this case using 'nginx' for example - > http://wiki.nginx.org/HttpProxyModule (can do ACL / rewrites / header > change and balancing on its own). > Yeah, I've tried nginx aswell. It supports SSL on both the frontend and backend, which is good, but the problem with nginx is that it doesn't support http/1.1 on the backend side.. I have some application that also requires http/1.1 and refuses to serve http/1.0 requests.. this is not easy :) -- Pasi