Hi. I want to cluster some machines to act a webserver, but I'm not sure
what to do about a particular problem. [This is long and not
exactly generic, but please bear with me].
For legacy reasons, our primary URL (www.)freespeech.org is setup (via
Rewrite rules) so that the root and a few distinguished locations are
mapped into our (freespeech.org's) directory, anything besides those gets
mapped into a very large set of directories (we're a free ISP besides
hosting our own political site, free users have URLs like
www.freespeech.org/<user_name>/). Within the last few months our T1
became saturated so I started using mod_throttle to lower the bandwidth
cost, but only on the free members (in other words, anything that passes
the rewrite filter gets throttled back). However, we're also suffering
from some performance problems due in part to the overhead of mod_throttle
and in part due to my insistence on using CGI (with suexec) for security
reasons (we also host some other sites, and hope to increase that in the
future, so any scripts with database passwords and the like have to be
non-world readable).
Of course, once we move to clustering, mod_throttle is worthless.
I already have a couple of Pentium machines (200 MHz pent, 64MB ram,
<5GB disk) for use as LVS routers. Also, all the machines involved have 2
NICS, but we have 3 networks involved --- like this:
-----------------------(external network)
| |
------ ------
|LVS1| |LVS2|
------ ------
| |
----------------------------------- LVS network
| | ...
------ ------
|Web1| |Web2|
------ ------
| |
---------------
|
(internal network)
where the internal network has database, nfs, etc services, but no routing
to the outside world. [this is not the entire network, but enough to
present the problem].
The external network is on a T1, but internally they're 100Mbps (we
might increase bandwidth externally, but a T3 is the highest possible in
the forseeable future).
I have an idea for approaching this, but am not sure if it's right
(haven't used LVS or clustering generally before), or possible.
First, use LVS1 as the incoming router (with LVS2 set up for failover).
Set up LVS2 as outgoing router (with LVS1 set up for failover). Set up
a bandwidth limited interface for traffic coming in over internal network
for LVS2, as well as a non-bandwidth-limited interface for the same
network.
On the real servers, set up 2 web server processes. If the incoming
request falls into the free user category, redirect to the second
process's port, otherwise process normally. The first process sends to
the unlimited interface, the 2nd to the limited interface.
I'm not even sure how much of this is possible, or if it is possible,
how to do it exactly. It seems unlikely I could actually set up 2
completely separate interfaces and get the real servers to route to them
correctly and transparently. Another alternative would be tunneling with
ports, but I'm not exactly sure how to merge the 2 streams in the outgoing
router.
Keep in mind, we're a non-profit organization, so we can't buy a
machine to handle a full-blown squid server (which was my other thought),
and 64 MB + <5GB disk space seems pretty small for a caching solution
(never used squid, though).
Any help would be appreciated.
Thanks, Lynn
|