equest_time * 1.1 decrease
weight a bit
4. every x minutes if weigth will be less than 50 add 1 if more
subtract 50 (so values won't be "drifting" to max or 0 over time)
target request time would be some predefined value or (better)
calculated average from all nodes + 50% so u won&#x
s, for the
> rest of the life time of the client, and can that traffic be load
> balanced?
>
>
>
> Eagerly waiting for your reply with comments and solutions if
> applicable.
AFAIK collectd knows nothing about whats goin on inside non-HTTP TCP
connections (it d
your setup is.
U can't do that, u either have to use something like
http://forge.mysql.com/wiki/MySQL_Proxy_RW_Splitting
or (better) rewrite ur app to split write and read requests
Regards
Mariusz
--
Mariusz Gronczewski (XANi)
GnuPG: 0xEA8ACE64
http://devrandom.pl
signature.asc
Description: PGP signature
nd I would have
> to replace all of the libmysql* so files on my web servers.
if ur app don't have huge number of SQL query types u might want to
just rewrite parts of it, like they said in mysqlproxy docs, its only
experimental feature.
Regards
Mariusz
--
Mariusz Gronczewski (X
front haproxy with apache or
> nginx?
SSL/Compression ?
Regards
Mariusz
--
Mariusz Gronczewski (XANi)
GnuPG: 0xEA8ACE64
http://devrandom.pl
signature.asc
Description: PGP signature
gain and
get dispatched to other backen
PS. Jak wyłączyć w gg filtrowanie URLi od nieznajomych ? :D:D
--
Mariusz Gronczewski (XANi)
GnuPG: 0xEA8ACE64
http://devrandom.pl
signature.asc
Description: PGP signature
On Wed, 4 Nov 2009 06:58:32 -0500, "John Lauro"
wrote:
> I see two potential issues (which may or may not be important for
> you).
>
>
>
> 1. Non http 1.1 clients may have trouble (ie: they don't send
> the host on the URL request, or if they are not really http but using
> port 80).
Yea
TTP mode
Regards
Mariusz
--
Mariusz Gronczewski (XANi)
GnuPG: 0xEA8ACE64
http://devrandom.pl
signature.asc
Description: PGP signature
On Mon, 9 Nov 2009 07:00:00 +0100, Willy Tarreau wrote:
> On Thu, Nov 05, 2009 at 12:24:35PM +0100, XANi wrote:
> > Hi,
> >
> > is there any way to use conditions with reqrep and similiar ?
>
> Not yet. It's one of the things on the todo list. Not very ha
if app and its db
is ok and 500 ERR if something is wrong
Regards
Mariusz
--
Mariusz Gronczewski (XANi)
GnuPG: 0xEA8ACE64
http://devrandom.pl
signature.asc
Description: PGP signature
tats and then setting weigths.
So answer is no, nothing out of the box, but yes, it should be
possible :)
Regards
Mariusz
--
Mariusz Gronczewski (XANi)
GnuPG: 0xEA8ACE64
http://devrandom.pl
signature.asc
Description: PGP signature
apps will say "hey, let's implemetent some parts so it will
look like we use new version but completely ignore other parts"
--
Mariusz Gronczewski (XANi)
GnuPG: 0xEA8ACE64
http://devrandom.pl
signature.asc
Description: PGP signature
apache +
mod_worker + php thru fast-cgi I think (not sure tho) in that config it
will buffer req. in apache, freeing php processes to server other req.
Regards
Mariusz
--
Mariusz Gronczewski (XANi)
GnuPG: 0xEA8ACE64
http://devrandom.pl
signature.asc
Description: PGP signature
On Sun, 22 Nov 2009 21:30:51 +0800, Ryan Chan
wrote:
> Hello,
>
> On Sat, Nov 21, 2009 at 4:39 PM, XANi wrote:
> > Well haproxy won't buffer response so that will help a bit on
> > not-so-slow-but-not-fast-either req. But then u could try use
> > apache + mod_wo
,
what u serve thru apache, php(mod_php/mod_fgid), python, ruby ?
Regards
--
Mariusz Gronczewski (XANi)
GnuPG: 0xEA8ACE64
http://devrandom.pl
signature.asc
Description: To jest część wiadomości podpisana cyfrowo
Dnia 2009-12-04, pią o godzinie 14:30 -0500, Naveen Ayyagari pisze:
> We are running mod_php on the apache servers. And we have our
> connection limit set to what we consider fairly low in haproxy.. The
> problem i am describing is more an issue with the number of processes
> executing on the ba
tching is bad thing for
performance), but if in your case its just because php "waits for
something" and not because server is overloaded it wont change much. You
might want to consider checking if other http servers liek lighttpd also
have that "bug"
--
Mariusz Gronczewski (X
cards. From my experience haproxy perfomance
is "as fast as kernel can put it on the wire" ;]
--
Mariusz Gronczewski (XANi)
GnuPG: 0xEA8ACE64
http://devrandom.pl
signature.asc
Description: To jest część wiadomości podpisana cyfrowo
]
as for rewrites, what u really want is you app supporting that kind of
address, like Willy said, those are only ugly workarounds
--
Mariusz Gronczewski (XANi)
GnuPG: 0xEA8ACE64
http://devrandom.pl
signature.asc
Description: To jest część wiadomości podpisana cyfrowo
Dnia 2009-12-17, czw o godzinie 07:52 +0100, Willy Tarreau pisze:
> On Wed, Dec 16, 2009 at 01:56:06PM +0100, XANi wrote:
>
> > > > Is there a way to do this using rewrite rules?
> > >
> > > This specific one above cannot because you have to take one part
>
o upgrade the binary without service disruption.
There is also little iptables hack, if u wanna be 100% sure no client
will get rejected when you're restarting, block sending TCP RST packets
to client, so when TCP SYN hits loadbalancer when its restarting and
frontend port is closed,
LVS(http://www.linuxvirtualserver.org/) is basically NAT in one if its
modes. HAProxy is not "Network Address Translator" tho it can be used to
replace it in some cases.
--
Mariusz Gronczewski (XANi)
GnuPG: 0xEA8ACE64
http://devrandom.pl
signature.asc
Description: To jest część wiadomości podpisana cyfrowo
acking. But then, unless u really need
conntrack for something else, disabling it entirely would be a bit
better (with empty iptables there is no need for kernel to go thru any
rule so a bit less cpu load)
--
Mariusz Gronczewski (XANi)
GnuPG: 0xEA8ACE64
http://devrandom.pl
signature.asc
Description: To jest część wiadomości podpisana cyfrowo
t; are a bunch of providers like that in the US, but I don't know of any
> reputable ones in Europe. Do you know of any?
>
OVH is quite okay. From VPS i'd recommend linode.com (they have data
centers in europe and US), much faster than Amazon, and also have some
kind of API
--
Mariusz Gronczewski (XANi)
GnuPG: 0xEA8ACE64
http://devrandom.pl
signature.asc
Description: To jest część wiadomości podpisana cyfrowo
ly permit one RDP session on a machine
> at a given time (possibly two if you force console access, but I don't
> believe so).
Yup, one console per WinXP, two on W Server, for more u need terminal
server
--
Mariusz Gronczewski (XANi)
GnuPG: 0xEA8ACE64
http://devrandom.pl
signature.a
language we use
on this mailing list), tho probably you problem is in too low timeouts
--
Mariusz Gronczewski (XANi)
GnuPG: 0xEA8ACE64
http://devrandom.pl
signature.asc
Description: To jest część wiadomości podpisana cyfrowo
onse is small
enougth to sit in connection buffer).
Maybe https://launchpad.net/mysql-proxy ?
--
Mariusz Gronczewski (XANi)
GnuPG: 0xEA8ACE64
http://devrandom.pl
signature.asc
Description: To jest część wiadomości podpisana cyfrowo
all u have 2000 conn limit on frontent
U need to specify "option forwardfor except 127.0.0.1" only once, in
frontent.
and why u use "option http_proxy" ? From docs:
"It sometimes happens that people need a pure HTTP proxy which
understands
basic proxy requests without caching n
client/server timeouts only trigger when
there is no activity (no data send) so setting client and server timeout
to like 5 min could solve problem
so as long as app do some queries connection won't be dropped
2) u can do "/etc/init.d/haproxy stop ; /etc/init.d/haproxy start"
--
pd module was killing lighttpd's
> performance comparing all requests against a 4,000 referrer list.
>
> these are uploads(posts) so rate is quite low. less than 100/sec.
U might try to use iptables + ipset instead. Tho according to manual
there is 65535 IP limit per set. Also no need to restart haproxy for
adding new IP's
--
Mariusz Gronczewski (XANi)
GnuPG: 0xEA8ACE64
http://devrandom.pl
signature.asc
Description: To jest część wiadomości podpisana cyfrowo
p :)
Regards
Mariusz
--
Mariusz Gronczewski (XANi)
GnuPG: 0xEA8ACE64
http://devrandom.pl
signature.asc
Description: To jest część wiadomości podpisana cyfrowo
comparision), 2nd one is "log X-Forwarded-For
instead of remote IP"
u have to ofc set
option forwardfor
in haproxy
Using google really dont hurt, try it sometimes ;p
--
Mariusz Gronczewski (XANi)
GnuPG: 0xEA8ACE64
http://devrandom.pl
signature.asc
Description: To jest część wiadomości podpisana cyfrowo
t IP, basically u have to add to
config
option forwardfor except 127.0.0.1
where "127.0.0.1" is ur SSL proxy address
Then proxy will be passing original client IP thru "X-Forwarded-For"
header
"except 127.0.0.1" is because lighttpd adds "X-Forwarded-For&quo
two backend HTTPS (SSL) URL servers?
>
> Would this scenario work fine with haproxy?
>
> Thank you
>
> Anne
>
>
>
>
> __
> From: XANi [mailto:xani...@gmail.com]
> Sent: Saturday, March
er...
Maybe try to use some light web server like Nginx or Lighttpd as SSL
proxy instead ?
--
Mariusz Gronczewski (XANi)
GnuPG: 0xEA8ACE64
http://devrandom.pl
signature.asc
Description: To jest część wiadomości podpisana cyfrowo
t command tells haproxy to:
1) signal already running haproxy instance to stop listening for new
connections but wait for already established ones to finish
2) start listening
3) if something is wrong (bad config etc) signal old instance to resume
listening
so its more like stop old instance and start n
t; and ulimit values a bit,
> without any noticeable performance boost while the system was loaded.
>
> The system load "idles" at around 0.11 most of the time.
>
> Thanks in advance.
>
> Best,
>
> Michael
>
IM not familiar with stunnel, can stunnel ut
; --
> Dr Laurie Young
> Scrum Master
> New Bamboo
>
> Follow me on twitter: @wildfalcon
> Follow us on twitter: @newbamboo
>
> Creating fresh, flexible and fast-growing web applications is our
> passion.
>
>
> 3rd Floor, Gensurco House,
> 46A Rosebery A
grep haproxy logs for those 503 errors (make
sure ure using http log mode), then go to section 8 in
http://haproxy.1wt.eu/download/1.3/doc/configuration.txt and try to
determine what was exact reason for error and/or post few examples here,
your haproxy config (with "sensitive" information removed ofc ;) )
Having some kind of monitoring, or at least stats page active is also
very helpful.
--
Mariusz Gronczewski (XANi)
GnuPG: 0xEA8ACE64
http://devrandom.pl
signature.asc
Description: To jest część wiadomości podpisana cyfrowo
ult = 215040
> net.ipv4.tcp_fin_timeout = 30
> net.ipv4.tcp_keepalive_time = 300
> net.ipv4.tcp_max_orphans = 262144
> net.ipv4.tcp_max_syn_backlog = 8192
> net.core.wmem_default = 215040
> net.ipv4.tcp_dsack = 0
> net.ipv4.ip_local_port_range = 1024 65535
> net.ipv4.tcp_tw_r
ge also.
> > Does anyone have any thoughts or a
> > better recommended solution?
> >
> > John T. Skarbek
> > B.S.Computer Science Networking
> > Radford University
>
>
>
>
192.168.0.100
> server srv 127.0.0.1:8080 maxconn 256
>
>
> Thanks,
>
> Regards.
>
--
Mariusz Gronczewski (XANi)
GnuPG: 0xEA8ACE64
http://devrandom.pl
signature.asc
Description: This is a digitally signed message part
42 matches
Mail list logo
