-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Robin H. Johnson wrote: > The primary Bugzilla webserver is now back in operation. > > Additionally, for the moment, I've re-enabled the load-balancing, but > note that it comes with a warning... > Load balanced bugzilla webservers: > http://bugs-web-lb.gentoo.org/ > (HTTPS supported as well, but the SSL certificate won't match). > > Visiting either specific side of the webserver nodes: > http://bugs-web1.gentoo.org/ > http://bugs-web2.gentoo.org/ > (The web node you're on is listed on the frontpage only). > > Caveat: > - Why can't we just always use the load-balancer? > Unfortunately bugzilla writes a number of files to the local disk and > then gives you a URL to them. If the file was written to disk on web1, > but your request was delivered to web2, then you would get a 404 error.
Robbat, would persistency on loadbalancer level solve this problem ? In that case a tcp-connect that has been build stays with that real-server instance in the loadbalancer, provided that data from the same ip is coming in below a specified timeout. We've used this in the past when we still used disk-based sessions in our webapp. It works well, but can create hotspots in your webfarm if a large percentage of your userbase is behind a single NATed gateway. It would also limit your attacker to a single host. Ramon -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin) iEYEARECAAYFAknQnNoACgkQwiVM6CtDHQ1zwgCfZfEXwjZ9a0y7mHjq7A5MAxTo HPIAn17SCBu0M71j6UBH8uW+7bVpMUnD =gzHX -----END PGP SIGNATURE-----