LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

memory use on long persistent connection (eg for e-commerce sites, squi

To: "lvs-users@xxxxxxxxxxxxxxxxxxxxxx" <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>, Roberto Nibali <ratz@xxxxxx>, Horms <horms@xxxxxxxxxxxx>, Julian Anastasov <ja@xxxxxx>, joe@xxxxxxxxxxxxx
Subject: memory use on long persistent connection (eg for e-commerce sites, squids)
From: Joseph Mack <mack.joseph@xxxxxxx>
Date: Wed, 18 Sep 2002 11:46:27 -0400
The conventional LVS wisdom is that it's not a good
idea to build an LVS e-commerce website in which https 
is persistent for long periods. 

The initial idea was that a long timeout allows 
the customer to have a cup of coffee or surf to 
other websites while thinking about their on-line
purchase. 

The problem with this approach is that the amount 
of memory use is expected to be large and the director 
will run out of memory. We've been telling people 
to rewrite their application so that state is maintained 
on the realservers allowing the customer to take an 
indefinite time to complete their purchase.

Currently 1G of memory costs about an hour of programmer's time
(+ benefits, + office rental/heating/airconditioning/equipment
+ support staff). Since memory is cheap compared to the cost 
of rewriting your application, I was wondering if brute 
force might just be acceptable.

I can't find any estimates of the numbers involved in the HOWTO
although similar situations have been discussed on the mailing 
list eg

http://marc.theaimsgroup.com/?l=linux-virtual-server&m=99200010425473&w=2

there the calculation was done to see how long a director would
hold up under a DoS. The answer was about 100secs for 128M memory
and 100Mbps link to the attacker doing a SYN flood.

I'm not running one of these web
sites and I don't know the real numbers here. Is amazon.com
or ebay connected by 100Mbps to the outside world?

What you can do with 1G of memory on the director?

each connection requires 128bytes. 1G/128 is 8M customers 
online at any one time. Assuming everyone buys something 
this is 1500 purchases/sec. You'd need the population of
a large town just to handle shipping stuff at this rate.

I doubt if any website at peak load has 
8M simultaneous customers.

However you only have 64k ports on each realserver to 
connect with customers allowing only have 64k 
customers/realserver. How much memory  do you need on 
the director to handle a fully connected realserver?

64k x 128 = 8M

Let's say there are 8 realservers. How much memory 
is needed on the director?

8 x 8M = 64M

this is not a lot of memory. So the problem isn't
memory but realserver ports AFAIK

What is the minimum throughput of customers assuming
they all take 4000 sec (66 mins) to make their 
purchase?

8 x 64k/4000 = 64 purchases/sec

You're still going to need a hire a few people to pack and
ship all this stuff. If people use only take 6mins
for their purchase, you'll be shipping 640 packages/sec.

Assuming you make $10/purchase at 64 purchases/sec, that's
$2.5G/yr.

So with 64M of memory, 8 realservers, 4000sec persistence 
timeout, and a margin of $10/purchase I can make a profit 
of $2.5G/yr. 

It seems memory is not the problem here, but realserver
ports (or being able to ship all the items you sell).

Let's look at another use of persistence - for squids
(despite the arrival of the -DH scheduler, some people
prefer persistence for squids).

Here you aren't limited by shipping and handling of purchases.
Instead you are just shipping packets to the various target
httpd servers on the internet. You are still limited to
64k clients/realserver. Assume you make persistence = 256secs
(anyone client who is idle for that time is not interested
in performance). This means that the throughput/realserver is
256hits/sec. This isn't great. I don't know what throughput 
to expect out of a squid, but I suspect it's a lot more.

This is not what we've been saying on the mailing list.
Have I missed something?

Joe 

--

Joseph Mack PhD, Senior Systems Engineer, Lockheed Martin
contractor to the National Environmental Supercomputer Center, 
mailto:mack.joseph@xxxxxxx ph# 919-541-0007, RTP, NC, USA


<Prev in Thread] Current Thread [Next in Thread>