Hi Robin, On Tue, Jul 11, 2017 at 2:53 PM, Robin H. Johnson <robbat2@xxxxxxxxxx> wrote: > (Trim lots of good related content). > > The upcoming HAProxy 1.8 has landed further patches for improving hot > restarts/reloads of HAProxy, which previously lead to a brief gap period > when new connections were not serviced. Lots of other approaches had > been seen, including delaying TCP SYN momentarily [1]. It also notably > fixes how you needed a separate wrapper for using haproxy w/ systemd. > > In the DreamHost RGW usage, I've been building additional functionality > into HAProxy via Lua, but I'm not convinced it's the best place for some > of it: > - rate-limiting by access key (with explicitly whitelisted & blacklisted > keys), over multiple frontends [2] > - Planned: different rates for different operations/customer classes. > - Planned: issue redirects for buckets being moved (because getting > federated metadata between existing clusters is painful) [3]. > This differs from the CERN backend-selection-by-bucket, because the > bucket is going to be moving regions! This is really cool. > > RGW doesn't seem like the right place for some of this functionality > either, because storing rate data in multiple places means lots of > cross-talk. I'm pretty skeptical about this, though. RGW isn't becoming a load balancer, but also needs to make scheduling decisions. Probably should know what the load balancer knows when it is present? > > [1] https://engineeringblog.yelp.com/2015/04/true-zero-downtime-haproxy-reloads.html > [2] http://blog.armbruster-it.de/2015/08/neo4j-and-haproxy-some-best-practices-and-tricks/ > [3] http://docs.aws.amazon.com/AmazonS3/latest/dev/Redirects.html > >> > I don't know if the bucket mapping concept is generally applicable. >> > Maybe this haproxy-agent should focus on configuring a single backend >> > populated with the radosgw's, and leave more complex configurations up >> > to their admins? >> Yeah. (The dynamic remapping is interesting, though! That could >> potentially be controlled by rgw as well to automatically isolate busy >> buckets or objects.) > Yes, this would fit well to populate a single HAProxy backend w/ the > available RGWs, and then that can be wrapped with whatever frontend > configuration (esp. SSL) that the admin wants. > > > -- > Robin Hugh Johnson > Gentoo Linux: Dev, Infra Lead, Foundation Trustee & Treasurer > E-Mail : robbat2@xxxxxxxxxx > GnuPG FP : 11ACBA4F 4778E3F6 E4EDF38E B27B944E 34884E85 > GnuPG FP : 7D0B3CEB E9B85B1F 825BCECF EE05E6F6 A48F6136 > Matt -- To unsubscribe from this list: send the line "unsubscribe ceph-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
