Server Performance, Scaling, Reliability and Configuration Norman White
Scaling UP Run on faster computer Upgrade disk, memory etc. Out Replicate server across multiple machines Distribute “strategic” locations on the internet Host on services like AKAMAI
Scaling Up Can keep adding processors, memory etc. Advantages Single environment, easy to administer Disadvantages Processor limitations Network Bandwidth problems Reliability
Scaling out Add more computers Distribute workload across multiple systems Have application server(s), video server(s), DB servers etc. But watch out for reliability problems, decreases quickly with more servers Supported by UNIX, LINUX and W2K Cluster machines together so they can automatically take over in case of failure Distribute load across multiple machines. Still may have single failure points Power Network access
But there is a little Problem! How do your users get to your machine? Is it over the internet? How much bandwidth can you get to your site? What if you are Victoria Secret and have a huge event once or twice a year?
Need to go to edge hosting services Step 1 – Move your web site to your ISP’s location. ISP has backbone access to internet Step 2 – If that is not enough, go to a provider like AKAMAI They distribute your content all over the world at the “edge” points to the internet
Demo… Traceroute to several providers Visit Akamai Play akamai flash tutorial
Security Issues As we scale up, still only have one machine to guard.. As we scale out, more potential for problems. For internal servers, how do we control access to content?.htaccess Ldap etc. Edge hosting may “contain” problem to certain nodes…
.htaccess example Assume a directory structure of restricted content that you want to restrict to “authenticated” users. Have users fill out form with their address, and desired userid. password to them with a link to a cgi script that allows them to change password.
.htaccess example AuthUserFile /export/grad/a/aab211/public_html/websys/.htpasswd AuthGroupFile /dev/null AuthName Somewhere.com's Secret Section AuthType Basic require valid-user
.htaccess example Assume a directory structure of restricted content that you want to restrict to “authenticated” users. Have users fill out form with their address, and desired userid. password to them with a link to a cgi script that allows them to change password.
.htaccess example AuthUserFile /export/grad/a/aab211/public_html/websys/.htpasswd AuthGroupFile /dev/null AuthName Somewhere.com's Secret Section AuthType Basic require valid-user
Example.htaccess file describes authentication details and location of htpasswd file.htaccess file placed in the directory it controls, by default controls all lower level directories also. Htpasswd file can be anywhere Htpasswd program used to updated htpasswd file Htpasswd file encrypted
Maintaining htpasswd file htpasswd –c passwordfile username Creates a new htpasswd file and adds a username to it, prompting for the password Htpasswd passwordfile username adds a user Htpasswd –b passwordfile username password Creates or updates username password
CGI Script to add user Script one htadduser.sh User fills out form with desired username and address Shell script adduser.sh grep.htpasswd file for username If username exists, issue error Else, generate random password Issue htpasswd –b username passwd address with username and password and link to files. Add username and address to userid file
Changepass.sh Allows user to change password This script should be restricted directory Logic: Display form with userid, desired password Take form input (using POST … Why) Issue htpasswd –b passwordfile username newpassword
Conclusion Need to understand management objectives before we can make a decision. Many tradeoffs. Often may do all of the above…
Configuring a WEB Server.
So what does a web administrator need to know? UNIX - Apache WINDOWS - IIS
Apache Apache uses industry standard configuration file Httpd.conf Can set many things like: File Locations Scripting capabilities (PHP, JSP etc.) Performance How many threads etc. Virtual Hosts (more than 1 server on same machine) Same IP ADDRESS, port, different name Same IP, name, different port
Windows IIS Configuration done through management control panel Easy to add new features, change configuration etc.
Conclusion Both Apache and IIS offer easy to use configuration tools. IIS very user friendly, Apache finer control.
Other Considerations Disk Management How do we manage disk space in a rapidly changing environment? Problems – Disk sizes limited (9 gig, 18, 36, 72 etc) Extreme read performance requirements Space growing rapidly 24 x 7 – Can’t reconfigure??? HELP!!!
Solutions Volume Managers Veritas Volume Manager Separates Physical disk from logical disks Allow administrator to reconfigure on the fly Supports mirroring, striping, raid 5 etc. NAS Network attached storage – just plug device into network, available to many systems (support volume mgt on device) SAN Storage Area Networks Similar to NAS, but allow multiple high speed fiber connections to systems
Some Capabilities and Tradeoffs RAID 0 Mirror disks – fast read, fast write, redundant RAID 1 – Striped, spread data across multiple disks Very fast read, slower write, vulnerable to failure
More RAID formats RAID 5 Striping with parity Need 3+ drives (max 8) N-1 drives used for data, last drive for parity Actually parity is distributed across all disks If 1 disk dies, data can be reconstructed dynamically by using the remaining disks. System runs in degraded mode until disk is replaced, then automatically rebuilds itself (while still on-line) Reads are very fast (N-1 disks streaming data) Writes are very slow (have to write to N disks, for each write)
Even more redundancy Can Mirror RAID 5 arrays, even mirror on a different controller, separate power etc. “SNAPSHOT” backups Volume manager can take a snapshot backup of a “volume” to another volume. Reduces backup time, snapshot is done on live volume, but data is from exactly the same time.
Conclusion and Takeaway Infrastructure and hardware designs critical to today’s 24x7 environment. Can be VERY expensive to attain desire (necessary) level of uptime. Need to have lot’s of redundancy and ability to upgrade constantly without taking systems off the air.