[prev in list] [next in list] [prev in thread] [next in thread] 

List:       haproxy
Subject:    sticky-table for basic QoS on name-based virtualhosts?
From:       Benjamin Pineau <ben () zouh ! org>
Date:       2010-08-29 15:47:38
Message-ID: 4C7A811A.5030500 () zouh ! org
[Download RAW message or body]

When one uses haproxy in front of name based virtual hosts - different
websites sharing the same IP:port -, it's hard to prevent one website
from sucking all available backend's and frontend's connexions slots.

I tried several times but failed due to frontend maxconn also being a
limited resource, shared among all virtualhosts (we could prevent backend
exhaustion the ugly way, by copy-pasting an almost identical backend
definition for each website, but then connexions would probably pile
up enqueued in the frontend up to saturation).

Now, the shinny new sticky-table features looks like we could approach
resource isolation. But I fail to grok that feature's sophistication,
and don't find any way to implement a counter to store and check the
number of active connexions per http hostname (or is it designed to
store only clients sources IP addresses via track-sc* ?).

The only way I can think of - but didn't tried yet - would be to define
a different backend for each site (albeit with the same servers, each
with maxconn < his real capacity), and filtering on frontend:

frontend common_frontend
    bind 1.2.3.4:80
    # fe maxconn: slighty less than real servers total capacity (1000x4),
    # but more than one backend's capacity (fullconn 2500 + 100 in queue);
    # a website shouldn't use more than 70% frontend's and server's slots:
    maxconn 3800
    # don't queue more than 100 request for a given website
    acl saturated1 queue(backend_site1) gt 100  # so 2600 conn+queue max ?
    acl saturated2 queue(backend_site2) gt 100
    acl site1 hdr(host) -i site1.com
    acl site2 hdr(host) -i site2.com
    block if saturated1 site1
    block if saturated2 site2
    use_backend backend_site1 if site1
    use_backend backend_site2 if site2

backend backend_site1
    # slighty less than total servers slots (700x4) to keep health check happy?
    fullconn 2500
    # allow 700 conn per server. 1000 conn being one server real full capacity
    server www1 www1 check maxconn 700  # can do 1000
    server www2 www2 check maxconn 700
    server www3 www3 check maxconn 700
    server www4 www4 check maxconn 700

backend backend_site2
    # [...] - the same as backend_site1


Though that's unsightly ;)

ps: I guess the doc should say "queue(backend) <integer>" instead of that? :
  queue(frontend) <integer>
    Returns the total number of queued connections of the designated backend,

[prev in list] [next in list] [prev in thread] [next in thread]