Scribd
Upload
61 views

Advanced Reverse Proxy Load Balancing in Apache: Jim Jagielski

The document discusses improvements to load balancing and reverse proxy capabilities in Apache HTTP Server 2.2. Key highlights include: - Mod_proxy can now perform native load balancing using multiple algorithms and configuration options. - Support for additional protocols like AJP allows Apache to proxy applications servers like Tomcat. - An embedded admin interface allows monitoring and adjusting balancer and worker parameters in real-time.

Uploaded by

jdogpc
Copyright
© Attribution Non-Commercial (BY-NC)
Available Formats
Download as PDF, TXT or read online on Scribd
61 views

Advanced Reverse Proxy Load Balancing in Apache: Jim Jagielski

The document discusses improvements to load balancing and reverse proxy capabilities in Apache HTTP Server 2.2. Key highlights include: - Mod_proxy can now perform native load balancing using multiple algorithms and configuration options. - Support for additional protocols like AJP allows Apache to proxy applications servers like Tomcat. - An embedded admin interface allows monitoring and adjusting balancer and worker parameters in real-time.

Uploaded by

jdogpc
Copyright
© Attribution Non-Commercial (BY-NC)
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 39

Advanced Reverse Proxy Load Balancing in Apache HTTP Server 2.

2
Jim Jagielski http://www.jimjag.com/ [email protected]

Whew
Thats a mouthful

About me
Longtime active contributor (July/Aug 1995) Been giving mod_proxy much TLC ASF Co-founder Other ASF titles as well CTO of Covalent Technologies Husband, father, all around nice guy

mod_proxy? Wazzat?
An Apache module Implements core proxy capability Both forward and reverse proxy In general, most people use it for reverse proxy (gateway) functionality

Forward Proxy
Intent is to protect internal clients

Forward Proxy

Reverse Proxy
Intent is to protect internal Servers
Firewall

Reverse Proxy

Internal Servers

How did we get here?


A stroll down mod_proxy lane
First available in Apache 1.1
Experimental Caching Proxy Server

In Apache 1.2, pretty stable, but just HTTP/1.0 In Apache 1.3, much improved with added support for HTTP/1.1 In Apache 2.0, break out cache and proxy
7

Whats new/improved in 2.2


Large file support Graceful stop mod_dbd mod_filter Better Debugging and info Caching Event MPM Authn/Authz

Proxy
8

Goal for mod_proxy in 2.2

Goal for mod_proxy in 2.2


Suck less ass

Proxy Improvements
Becoming a robust but generic proxy implementation Support various protocols
HTTP, HTTPS, CONNECT, FTP AJP, FastCGI (coming soonish)

Load balancing Clustering, failover

10

AJP? Really?
Yep, Apache can now talk AJP with Tomcat directly mod_proxy_ajp is the magic mojo Other proxy improvements make this even more exciting mod_jk alternative

11

But I like mod_jk


Thats fine, but...
Now the config is much easier and more consistent
ProxyPass /servlets ajp://tc.example.com:8089

Easier when Apache needs to proxy both HTTP and AJP Leverage improvements in proxy module

12

Load Balancer
mod_proxy_balancer.so mod_proxy can do native load balancing
weight by actual requests weight by traffic lbfactors

LB algos are impl as providers


easy to add no core code changes required
13

Providers? Wazzat?
New feature of Apache 2.x Originally used mostly in mod_dav Then in caching Now in other places too
authn / authz mod_proxy

14

Providers... so what
Think of providers as providing services modules implement providers and register them Other modules can then use those providers to implement that service Cool pizza delivery analogy

15

Why cool for mod_proxy?


We mentioned that right now, we balance by traffic and requests But what if you want some other method You can add that capability with no core code changes to Apache. Very flexible

16

Load Balancer
Backend connection pooling
Available for named workers:
eg: ProxyPass
/foo http://bar.example.com

Reusable connection to origin For threaded MPMs, can adjust size of pool (min, max, smax) For prefork: singleton

Shared data held in scoreboard

17

Pooling example

18

<Proxy balancer://foo> BalancerMember http://www1.example.com:80/ BalancerMember http://www3.example.com:80/ BalancerMember http://www2.example.com:80/ ProxySet lbmethod=bytraffic </Proxy>

Pooling example
loadfactor=1 loadfactor=1 loadfactor=4 status=+h

18

<Proxy balancer://foo> BalancerMember http://www1.example.com:80/ BalancerMember http://www3.example.com:80/ BalancerMember http://www2.example.com:80/ ProxySet lbmethod=bytraffic </Proxy> proxy: proxy: proxy: proxy: proxy: proxy: proxy: proxy: proxy: proxy: ... proxy: proxy: proxy: proxy: proxy: proxy:

Pooling example
loadfactor=1 loadfactor=1 loadfactor=4 status=+h

grabbed scoreboard slot 0 in child 371 for worker http://www1.example.com/ initialized single connection worker 0 in child 371 for (www1.example.com) grabbed scoreboard slot 0 in child 369 for worker http://www1.example.com/ worker http://www1.example.com/ already initialized grabbed scoreboard slot 0 in child 372 for worker http://www1.example.com/ worker http://www1.example.com/ already initialized grabbed scoreboard slot 2 in child 371 for worker http://www3.example.com/ initialized single connection worker 2 in child 371 for (www3.example.com) initialized single connection worker 0 in child 369 for (www1.example.com) grabbed scoreboard slot 2 in child 369 for worker http://www3.example.com/ grabbed scoreboard slot 6 in child 369 for worker proxy:reverse initialized single connection worker 6 in child 369 for (*) grabbed scoreboard slot 6 in child 372 for worker proxy:reverse worker proxy:reverse already initialized grabbed scoreboard slot 1 in child 369 for worker http://www1.example.com/ initialized single connection worker 6 in child 372 for (*)

18

Workers and worker


Dont get too confused Both the worker MPM and the proxy balancer use the term worker

19

Load Balancer
Sticky session support
aka session affinity Cookie based
stickysession=PHPSESSID stickysession=JSESSIONID

Natively easy with Tomcat May require more setup for simple HTTP proxying Do you really want/need it?
20

Load Balancer
Cluster set with failover
Lump backend servers as numbered sets balancer will try lower-valued sets first If no workers are available, will try next set

Hot standby

21

Example
<Proxy balancer://foo> BalancerMember http://php1:8080/ loadfactor=1 BalancerMember http://php2:8080/ loadfactor=4 BalancerMember http://phpbkup:8080/ loadfactor=4 status=+h BalancerMember http://offsite1:8080/ lbset=1 BalancerMember http://offsite2:8080/ lbset=1 ProxySet lbmethod=bytraffic </Proxy> ProxyPass /apps/ balancer://foo/

22

Embedded Admin
Allows for real-time
Monitoring of stats for each worker Adjustment of balancer and worker params
lbset lbmethod route enabled / disabled ...

23

Easy setup
<Location /balancer-manager> SetHandler balancer-manager Order Deny,Allow Deny from all Allow from 192.168.2.22 </Location>

24

Admin

25

Some tuning params


For workers:
loadfactor
normalized load for worker [1]

lbset
worker cluster number [0]

retry
retry timeout, in seconds, for non-ready workers [60]

26

Some tuning params


For workers - connection pool:
min
Initial number of connections [0]

max
Hard maximum number of connections [1| TPC]

smax:
soft max - keep this number available [max]

ttl
time to live for connections above smax
27

Some tuning params


For workers (cont):
timout
Connection timeout on backend [Timeout]

flushpackets *
Does proxy need to flush data with each chunk of data?
on : Yes off : No auto : wait and see

flushwait *
ms to wait for data before flushing
28

Some tuning params


For workers (cont):
ping *
Ping backend to check for availability; value is time to wait for response

status (+/-)
D : disabled S : Stopped I : Ignore errors H : Hot standby E : Error
29

Some tuning params


For balancers:
lbmethod
load balancing algo to use [byrequests]

For both:
ProxySet
Alternate method to set various params
ProxySet balancer://foo timeout=10 ... ProxyPass / balancer://foo timeout=10

30

Oh yeah
ProxyPassMatch
ProxyPass can now take regexs instead of just paths
ProxyPassMatch ^(/.*\.gif)$ http://backend.example.com$1

JkMount migration

Shhhh
ProxyPass ~ ^(/.*\.gif)$ http://backend.example.com$1

mod_rewrite is balancer aware

31

Gotcha
ProxyPassReverse is NOT balancer aware! The below will not work:
<Proxy balancer://foo> BalancerMember http://php1:8080/ BalancerMember http://php2:8080/ </Proxy> ProxyPass /apps/ balancer://foo/ ProxyPassReverse /apps balancer://foo/ loadfactor=1 loadfactor=4

32

Workaround
Instead, do this
<Proxy balancer://foo> BalancerMember http://php1:8080/ BalancerMember http://php2:8080/ </Proxy> ProxyPass /apps/ balancer://foo/ ProxyPassReverse /apps http://php1:8080/ ProxyPassReverse /apps http://php2:8080/ loadfactor=1 loadfactor=4

33

Putting it all together


<Proxy balancer://foo> BalancerMember http://php1:8080/ BalancerMember http://php2:8080/ BalancerMember http://phpbkup:8080/ ProxySet lbmethod=bytraffic </Proxy> <Proxy balancer://javaapps> BalancerMember ajp://tc1:8089/ BalancerMember ajp://tc2:8089/ ProxySet lbmethod=byrequests </Proxy> ProxyPass /apps/ balancer://foo/ ProxyPass /serv/ balancer://javaapps/ ProxyPass /images/ http://images:8080/ loadfactor=1 loadfactor=4 loadfactor=4 status=+h

loadfactor=1 loadfactor=4

34

Whats on the horizon?


Some additional potential backports
FastCGI proxy module HTTP ping (OPTIONS *)

More LB methods Enhancing ProxyPassReverse Better RFC compliance Something completely different...

35

Thanks!
Q&A Resources:
http://httpd.apache.org/ [email protected] A certain Open Source support provider

36

You might also like