The minute I put the changes and made the loadbalancer active, external users experienced serious downtime. I tried accessing our site from an external source and sure enough we were unbrowsable. So I had to take haproxy off again. Ram was now stable at 750Mb free.
At the time I had about 300 connections and only 10% were https. At this point, could it be a defective nic? Wrong kernel? I'm running Fedora 12. On 6 February 2010 10:30, Willy Tarreau <[email protected]> wrote: > On Sat, Feb 06, 2010 at 09:51:45AM +0100, Peter Griffin wrote: > > Hi Will, > > I didn't see my post in the archives and since this is a production site > I > > panicked. > > > > Thank you so much for your explanation, it's much clearer now. I will > make > > the changes and report back how it went. Do you think that I'd be better > > off upgrading to 4Gb Ram or should 1Gb be enough? > > It only depends on the number of concurrent connections. On a finely tuned > system, you can sustain slightly more than 20000 connections through > haproxy > with 1 GB RAM. But stunnel will consume more per connection because of the > SSL context which is heavier. I don't think it's reasonable to go much > higher > than 2-3000 concurrent connections on 1 GB RAM via stunnel+haproxy. Also, > if > you need that many SSL connections, you'll definitely want to set up a load > balanced SSL farm or you'll sooner or later run into trouble. > > Regards, > Willy > >
