Hello, Why not scaleout HAproxy by adding multiple ones and use a TCP load balancer in front of multiple HAproxy instances or use BGP ECMP routing directly to split load between multiple HAproxy? Best regards > On 16 Sept 2022, at 13:54, Boris Behrens <bb@xxxxxxxxx> wrote: > > Hi, > does someone got experience with having the RGW daemons directly handling > the public traffic, without any LB or so in front? > > We are thinking to ditch the HAproxy. It handles SSL termination, load > balancing (only RR) and stuff like this, but because of the nature of the > setup we only get 6-8 GBit traffic through it. > > Then we thought to put the HAProxy directly on RGW hosts (which are also > mon, mgr and OSD hosts) and hope to get more bandwidth through it (remove > one network hop, more power than some virtualized VM). > > And now we are discussing just to remove the haproxy, and have the RGW > processes handle it directly. > I am a bit scared this might be a bad idea (can it handle SSL updates well, > without killing active connections? Does nonlocal bind work and we move IP > adresses between the three hosts via keepalived? How good is it handling > bad HTTP request, sent by an attacker?) > > Does someone got experience with it and can share some insights? > > Cheers > Boris > > -- > Die Selbsthilfegruppe "UTF-8-Probleme" trifft sich diesmal abweichend im > groüen Saal. > _______________________________________________ > ceph-users mailing list -- ceph-users@xxxxxxx > To unsubscribe send an email to ceph-users-leave@xxxxxxx _______________________________________________ ceph-users mailing list -- ceph-users@xxxxxxx To unsubscribe send an email to ceph-users-leave@xxxxxxx
 |