On Fri, Dec 28, 2012 at 09:01:07PM -0500, S Ahmed wrote:
> If I have a single server, what advantages would I get from running haproxy?
It depends a lot on your workload. Some people do this for various reasons :
- regulate the traffic on the server and buffer requests and responses
from/to clients ; this is a very common usage as it allows your single
server to support traffic spikes without dying. And more importantly it
generally makes the server run much faster.
- offer a first layer of protection against attacks, by filtering requests,
limiting per-IP request rate/concurrency, and enforcing timeouts.
- convert http to https and compress responses (only with devel version).
- get better logs and visibility about your application's behaviour so
that you can improve it.
- ease server maintenance (eg: you can block incoming traffic when you
want during a server update or whatever you need to do).
> I am doing this currently:
>
> nginx -> jetty using port 8081
> nginx -> tomcat using port 8082
Then with nginx, you already have more or less the features above.
> One benefit is that if I need to expand to another server, using haproxy
> from the beginning will making scaling out much easier (but with a little
> added complexity).
Yes indeed. But you're the only one who knows whether your traffic is
expected to grow or not.
> Also, I think that if I use haproxy, I can re-use socket connections to
> tomcat and jetty right? (how?)
It does not yet reuse them, however it is able to quickly release them
and reaffect them. Some web sites run with a few tens of connections to
the servers and thousands of connections to the clients. This is possible
as long as the servers respond quickly.
> **If I am getting 1000 requests per second, at the server config level, I
> will have to:
>
> 1. increase file limit count
Do not confuse concurrent requests and request rate. They're tied by the
server's average response time :
concurrency = rate * time
You can very well run at 1000 requests per second with only 1 connection
at a time to the server, if your server responds in 1 millisecond or less.
If your average response time is around 10 ms, then you'll have 10
connections between haproxy and the server on average.
> What about sockets, I think I will be running out of sockets pretty fast
> right?
Not at all, unless your server's average response time is more than 64
seconds, resulting in more than 64k connections and 64 source ports, but
I'm assuming this is not the case :-)
At 1000 requests/s, you should almost not notice the process, because
it will run at around 1-2% of a CPU core, and even if your server is
slow (eg: 1 sec), you'll only have 1000 concurrent connections, which
will translate into 16-32 MB of RAM depending on the build options. So
that's really nothing with todays hardware.
Hoping this helps,
Willy
