|
Hi,
Altough Joe already replied, I want to loose my
thoughts and (some) experiences I made.
Stefan Majer wrote:
>
> Hi All
>
> Im on the way to set up a large https website with 4 realserver runnning
> Solaris 2.6 with apache + mod_ssl and two virtualserver using horms
> ultramonkey.
> I have to use persistant connections with round robin algorithm because we use
> ssl and cockies
Yep, thats correct.
> Im in design phase and need some suggestions. Probably someone could help
>
> 1. What type of mechanism use the large sites most LVS-NAT or LVS-DR
> experiences welcome, especially on the realserverside (Solaris)
I never experienced problem with having Solaris as
Realserver, whereas having them as Firewalls can be
a pain in the ass (offtopic). I'd suggest you first
try to figure out, how intense the traffic could be
and then choose the lvs-approach. I personally prefer
the DR method since this is a nice way to direct
traffic in the direction it should go and because
its really extremely fast. Little drawback, you have
to configure your Realservers in order to get them
working with.
> 2. When i run all these machines in produktion the could be the following
> situation:
> i need to upgrade for example the apache release on all machines.
> I mark one realserver inaktive. then all people doing there transactions
> on this machine have to reauthenticate
If you take this machine out, however, if you weight
this machine to 0 all existing connection will still
be served and new ones would certainly not be redi-
rected to this server. You can do this for a reasonable
amount of time, or until the amount of total connection
drops under a certain threshold. But I consider waiting
until nobody is connected anymore not the best possible
approach since there could be some guy trying to win a
24 hours surf-contest with a script accessing your page.
You would wait forever. I encoutered such behavior and
its odd, if you rely on a script which itself wants to
see zero in the /proc/net/ip_masq/vs table.
> So is it possible to mark one realserver "softbussy" meaning not accepting
> new connections but handling all established ones.
> this feature would enable me to seamless upgrade all realservers step
> by step with no downtime at all
What we did is, I tell the customer to put a special
webpage on a special place with the information of
- which realserver will be updated
- when do I want to start it
- when should it be brought back into production
I then do a periodically lynx -source http://<cust>/page.html
and parse it for the values submitted and to a
dynamical reconfiguration of the loadbalancer
according to the values. This all in one big
script and it's working. I have to convince my
company to upload it to the mailing list. It's
highly configurable (session limitation, LIP, etc.)
Just my two cents....
Roberto Nibali, ratz
|
