On 2/9/2015 1:08 PM, Baptiste wrote: > could you define what you mean by "heavy" ? > What type of web application do you host? > How many req / conn per second do you expect? > > When doing SSL, the CPU is not enough, the memory also matters.
I would plan on 16 or 32GB of RAM for the machine, more if you think it would be necessary. I really don't know what my request rate will be. Most of our traffic doesn't go through haproxy yet, it is being handled as TCP redirection by the Linux virtual server. One of our busier sites (not currently SSL) is being handled by haproxy. With an uptime of 24 days, haproxy says that the front-end max request rate is 238. The max request rates on the three back end servers are 245, 137, and 197. Now I'm going to toss around some numbers randomly in an attempt to guess, and I expect these estimates to be quite a lot higher than reality: For planning purposes, let's imagine that we'll eventually see a normal traffic rate ten times as high as we see currently on that one site, all of which will be encrypted to the Internet, with at about a third of it also encrypted on the back end. Paranoid customers are SO MUCH FUN. For capacity planning purposes, let's say that peak traffic could be two or three times that. What kind of hardware and haproxy config would do that? Thanks, Shawn
