SlideShare une entreprise Scribd logo

Reverse proxy magic

Jim Jagielski
Jim Jagielski

The document discusses Apache httpd v2.4 and its use as a reverse proxy. Key points include: Apache httpd v2.4 has improvements that make it suitable for cloud environments and dynamic configurations; it supports load balancing, clustering, caching, and offloading SSL to improve performance and high availability when used as a reverse proxy; directives like ProxyPass and ProxyPassReverse are used to configure proxying and load balancing using modules like mod_proxy and mod_proxy_balancer.

Internet
1  sur  48
Télécharger pour lire hors ligne
APACHECON North America 9-12 September, 2019 Apache httpd v2.4: Reverse Proxy Magic
APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag About Me Apache Software Foundation Co-founder, Director Emeritus, Member and Developer Director Emeritus Outercurve, MARSEC-XL, OSSI, OSI (ex)… Developer Mega FOSS projects O’Reilly Open Source Award: 2013 European Commission: Luminary Award Homebrewer, Husband, Father, Friend Open Source Chef: ConsenSys
APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Apache httpd 2.4 Currently at version 2.4.41 (2.4.1 went GA Feb 21, 2012) Significant Improvements high-performance cloud suitability
APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Apache httpd 2.4 - design drivers Support for async I/O w/o dropping support for older systems Larger selection of usable MPMs: added event, motorz, etc... Leverage higher-performant versions of APR Increase performance Reduce memory utilization The Cloud and Reverse Proxy
APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Cloud and Dynamics The Cloud is a game changer for web servers The cloud is a dynamic place automated reconfiguration horizontal, not vertical scaling self-aware environments OK, maybe not THAT self-aware
APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Why Dynamic Proxy Matters Apache httpd still the most frequently used front-end Proxy capabilities must be cloud friendly Front-end must be dynamic friendly
APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Reverse Proxy Internet Firewall Firewall Cloud Reverse Proxy Server Transactional Servers Browser Operates at the server end of the transaction Completely transparent to the Web Browser – thinks the Reverse Proxy Server is the real server
APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Features of Reverse Proxy Server Security Uniform security policy can be administered The real transactional servers are behind the firewall Delegation, Specialization, Load Balancing Offload SSL Issues w/ Tomcat APR/OpenSSL connector Caching Performance, HA
APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Proxy Design Drivers Becoming a robust but generic proxy implementation Support various protocols HTTP, HTTPS, HTTP/2, CONNECT, FTP AJP, FastCGI, SCGI, WSGI, UWSGI, PROXY Load balancing Clustering, failover Performance
APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Apache httpd 2.4 proxy Reverse Proxy Improvements Supports FastCGI, SCGI, Websockets in balancer Additional load balancing mechanisms Runtime changing of clusters w/o restarts Support for dynamic configuration mod_proxy_express mod_fcgid and fcgistarter Brand New: Support for Unix Domain Sockets Brand New: HTTP/2
APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Configuring Reverse Proxy Set ProxyRequests Off Apply ProxyPass, ProxyPassReverse and possibly RewriteRule directives
APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Reverse Proxy Directives:
 ProxyPass Allows remote server to be mapped into the space of the local (Reverse Proxy) server There is also ProxyPassMatch which takes a regex Example: ProxyPass /secure/ http://secureserver.local/
 Presumably “secureserver” is inaccessible directly from the internet
 ProxyPassMatch ^/(.*.js)$ http://js-storage.example.com/bar/$1
APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Reverse Proxy Directives:
 ProxyPass Can also be used in a Location block (sometimes faster) Example: <Location /secure/> ProxyPass http://secureserver.local/
 </Location>
APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Reverse Proxy Directives:
 ProxyPass Honored in order of definition Can bypass proxying with ! ProxyPass /local/ !
 ProxyPass / http://secureserver.local/
APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Reverse Proxy Directives:
 ProxyPassReverse Used to specify that redirects issued by the remote server are to be translated to use the proxy before being returned to the client. Syntax is identical to ProxyPass; used in conjunction with it Example: ProxyPass /secure/ http://secureserver/ ProxyPassReverse /secure/ http://secureserver/
APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Simple Rev Proxy All requests for /images to a backend server
 
 Useful, but limited What if: images.example.com dies? traffic for /images increases ProxyPass /images http://images.example.com/ ProxyPass <path> <scheme>://<full url>
APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Load Balancing mod_proxy_balancer.so mod_proxy can do native load balancing weight by actual requests weight by traffic weight by busyness lbfactors
APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Create a balancer “cluster” Create a balancer which contains several host nodes Apache httpd will then direct to each node as specified <Proxy balancer://foo> BalancerMember http://www1.example.com:80/ loadfactor=1 BalancerMember http://www2.example.com:80/ loadfactor=2 BalancerMember http://www3.example.com:80/ loadfactor=1 status=+h ProxySet lbmethod=bytraffic </Proxy> Balancer Name Workers/Nodes
APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Some config params For BalancerMembers: loadfactor normalized load for worker [1] lbset worker cluster set number [0] retry retry timeout, in seconds, for non-ready workers [60]
APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Some config params For BalancerMembers (cont): connectiontimeout/timout Connection timeouts on backend [ProxyTimeout] flushpackets * Does proxy need to flush data with each chunk of data? on : Yes | off : No | auto : wait and see flushwait * ms to wait for data before flushing
APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Some config params For BalancerMembers (cont): ping Ping backend to check for availability; value is time to wait for response status (+/-) D : Disabled S : Stopped I : Ignore errors H : Hot standby R : Hot spare E : Error N: Drain C: Dynamic Health Check fail
APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Some config params For Balancers: lbmethod load balancing algo to use [byrequests] stickysession sticky session name (eg: JSESSIONID) maxattempts # failover tries before we bail growth Extra BalancerMember slots to allow for
APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Some config params For Balancers: nofailover pretty freakin obvious For both: ProxySet Alternate method to set various params ProxySet balancer://foo timeout=10 ... ProxyPass / balancer://foo timeout=10
APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Connection Pooling Backend connection pooling Available for named workers: eg: ProxyPass /foo ajp://bar.example.com Reusable connection to origin For threaded MPMs, can adjust size of pool (min, max, smax) For prefork: singleton Shared data held in shared memory
APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Some config params For BalancerMembers - connection pool: min Initial number of connections [0] max Hard maximum number of connections [1|TPC] smax: soft max - keep this number available [max]
APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Some config params For BalancerMembers - connection pool: disablereuser/enablereuse: bypass/enable the connection pool (firewalls) ttl time to live for connections above smax
APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Sessions Sticky session support aka “session affinity” Cookie based stickysession=PHPSESSID stickysession=JSESSIONID Natively easy with Tomcat May require more setup for “simple” HTTP proxying Use of mod_session helps
APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Sessions From Daniel Ruggeri LoadModule headers_module modules/mod_headers.so <Proxy balancer://cluster> BalancerMember http://1.2.3.4:8009 route=bar1 BalancerMember http://1.2.3.5:8009 route=bar2 ProxySet stickysession=KewlApp_STICKY </Proxy> Header add Set-Cookie "KewlApp_STICKY=sticky.% {BALANCER_WORKER_ROUTE}e;path=/;" env=BALANCER_ROUTE_CHANGED ProxyPass /foo/ balancer://cluster/foo/
APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Failover control Cluster set with failover Group backend servers as numbered sets balancer will try lower-valued sets first If no workers are available, will try next lbset Hot standby No workers available in current lbset? Use me Hot spare As soon as a worker goes offline, start using me
APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Putting it all together <Proxy balancer://foo> BalancerMember http://php1:8080/ loadfactor=1 BalancerMember http://php2:8080/ loadfactor=4 BalancerMember http://phpbkup:8080/ loadfactor=1 status=+h BalancerMember http://phpexp1:8080/ lbset=1 BalancerMember http://phpexp2:8080/ lbset=1 loadfactor=2 BalancerMember http://phpexpbkup:8080/ lbset=1 status=+h ProxySet lbmethod=bytraffic </Proxy> <Proxy balancer://javaapps> BalancerMember ajp://tc1:8089/ loadfactor=10 BalancerMember ajp://tc2:8089/ loadfactor=40 ProxySet lbmethod=byrequests </Proxy> ProxyPass /apps/ balancer://foo/ ProxyPassReverse /apps/ balancer://foo/ ProxyPass /serv/ balancer://javaapps/ ProxyPass /images/ http://images:8080/ ProxyPass /dyno/ h2c://pappy:80/ ProxyPass /foo/ unix:/home/www.socket|ajp://localhost/bar/ lbset 0 lbset 1 foo
APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Mass Reverse Proxy We front-end a LOT of reverse proxies What a httpd.conf disaster! Slow and bloated mod_rewrite doesn’t help nor does mod_macro <VirtualHost www1.example.com> ProxyPass / http://192.168.002.2:8080 ProxyPassReverse / http://192.168.002.2:8080 </VirtualHost> 
 <VirtualHost www2.example.com> ProxyPass / http://192.168.002.12:8088
 ProxyPassReverse / http:// 192.168.002.12:8088 </VirtualHost> <VirtualHost www3.example.com> ProxyPass / http://192.168.002.10 ProxyPassReverse / http://192.168.002.10 </VirtualHost> . . . <VirtualHost www6341.example.com> ProxyPass / http://192.168.211.26 ProxyPassReverse / http://192.168.211.26 </VirtualHost>
APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Mass Reverse Proxy Use the new mod_proxy_express module ProxyPass mapping obtained via db file Fast and efficient Still dynamic, with no config changes required micro-services? You betcha! ProxyExpress map file ##
 ##express-map.db:
 ##
 
 www1.example.com http://192.168.002.2:8080
 www2.example.com http://192.168.002.12:8088
 www3.example.com http://192.168.002.10 ... www6341.example.com http://192.168.211.26 httpd.conf file ProxyExpressEnable On ProxyExpressDBMFile express-map.db
APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag HeartBeat / HeartMonitor Experimental LB (load balance) method Uses multicast between gateway and reverse proxies Provides heartbeat (are you there?) capability Also provides basic load info This info stored in shm, and used for balancing Multicast can be an issue Use mod_header with %l, %i, %b (loadavg, idle, busy) but no LBmethod currently uses this :(
APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag balancer-manager Embedded proxy admin web interface Allows for real-time Monitoring of stats for each worker Adjustment of worker params lbset load factor route enabled / disabled ...
APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Embedded Admin Allows for real-time Addition of new workers/nodes Change of LB methods Can be persistent! More RESTful Can be CLI-driven
APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Easy setup <Location /balancer-manager> SetHandler balancer-manager Require 192.168.2.22 </Location>
APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Admin
APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag server-status aware
APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Performance From Bryan Call’s ApacheCon preso
 (http://www.slideshare.net/bryan_call/choosing-a-proxy-server-apachecon-2014) •  Squid&used&the&most& CPU&again& •  NGiNX&had&latency& issues& •  ATS&most&throughput& 0& 500& 1000& 1500& 2000& 2500& ATS& NGiNX& Squid& Varnish& hBpd& RPS$/$CPU$Usage$ 0& 5000& 10000& 15000& 20000& 25000& 30000& ATS& NGiNX& Squid& Varnish& hBpd& Requests$Per$Second$ 0& 5& 10& 15& 20& 25& 30& 35& 40& ATS& NGiNX& Squid& Varnish& hBpd& Latency$ Median& 95th&
APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag nginx vs Event (typical) Apache - Event MPM 0 500 1000 1500 2000 nginx 0 500 1,000 1,500 2,000 Open Write Read Close Increasing concurrency Increasing concurrency
APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Apache - Prefork MPM 0 500 1000 1500 2000 nginx vs Prefork (typical) nginx 0 500 1,000 1,500 2,000 Open Write Read Close Increasing concurrency Increasing concurrency
APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Total req/resp time Comparison - total transaction (close) 0 500 1000 1500 2000 Prefork Worker Event nginx Increasing concurrency
APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Resp to Req. Bursts - httperf 100 ---> 20000 0.00 1.75 3.50 5.25 7.00 min avg max dev min avg max dev min avg max dev min avg max dev min avg max dev min avg max dev prefork worker event nginx Increasing concurrency
APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Backend Status Dynamic Health Checks ! TCP/IP Ping OPTIONS HEAD GET ProxyHCExpr ok234 {%{REQUEST_STATUS} =~ /^[234]/} ProxyHCExpr gdown {%{REQUEST_STATUS} =~ /^[5]/} ProxyHCExpr in_maint {hc('body') !~ /Under maintenance/} <Proxy balancer://foo/> BalancerMember http://www.example.com/ hcmethod=GET hcexpr=in_maint hcuri=/status.php BalancerMember http://www2.example.com/ hcmethod=HEAD hcexpr=ok234 hcinterval=10 BalancerMember http://www3.example.com/ hcmethod=TCP hcinterval=250ms hcpasses=2 hcfails=3 BalancerMember http://www4.example.com/ </Proxy> ProxyPass "/" “balancer://foo/" ProxyPassReverse "/" “balancer://foo/"
APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag What else is new? Additional protocols UWSGI, PROXY (HAproxy) Improved caching Redis and Memcache now mod_status aware Apache Geode FPM Improved. And fully PHP compliant. Performance, of course!
APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag What’s on the horizon? Extend mod_proxy_express Adding additional protocols as needed/desired More dynamic configuration Adding balancers! Performance, of course! mod_proxy_survey protocolbuf nanomsg
APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag In conclusion... For cloud environs and other, the performance and dynamic control of Apache httpd 2.4 in reverse proxies is just what the Dr. ordered (and flexibility remains a big strength)
APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Thanks Twitter: @jimjag Emails:
 jim@jaguNET.com
 jim@apache.org
 jimjag@gmail.com http://www.slideshare.net/jimjag/ Apache Anniversary Beer Recipe (BeerSmith3 format): http://home.apache.org/~jim/download/ApacheAnniversaryRoggenbier.bsmx

Recommandé

Apache httpd Reverse Proxy and Tomcat
Apache httpd Reverse Proxy and TomcatApache httpd Reverse Proxy and Tomcat
Apache httpd Reverse Proxy and TomcatJim Jagielski
 
Not your daddy's web server
Not your daddy's web serverNot your daddy's web server
Not your daddy's web serverJim Jagielski
 
Apache httpd 2.4 overview
Apache httpd 2.4 overviewApache httpd 2.4 overview
Apache httpd 2.4 overviewJim Jagielski
 
ApacheConNA 2015: Apache httpd 2.4 Reverse Proxy
ApacheConNA 2015: Apache httpd 2.4 Reverse ProxyApacheConNA 2015: Apache httpd 2.4 Reverse Proxy
ApacheConNA 2015: Apache httpd 2.4 Reverse ProxyJim Jagielski
 
Apache httpd 2.4 Reverse Proxy: The Hidden Gem
Apache httpd 2.4 Reverse Proxy: The Hidden GemApache httpd 2.4 Reverse Proxy: The Hidden Gem
Apache httpd 2.4 Reverse Proxy: The Hidden GemJim Jagielski
 
Apache HTTPD 2.4 - GWO2016
Apache HTTPD 2.4 - GWO2016Apache HTTPD 2.4 - GWO2016
Apache HTTPD 2.4 - GWO2016Jim Jagielski
 
Apache HTTPD 2.4 Reverse Proxy: The Hidden Gem
Apache HTTPD 2.4 Reverse Proxy: The Hidden GemApache HTTPD 2.4 Reverse Proxy: The Hidden Gem
Apache HTTPD 2.4 Reverse Proxy: The Hidden GemJim Jagielski
 
ApacheCon 2014 - What's New in Apache httpd 2.4
ApacheCon 2014 - What's New in Apache httpd 2.4ApacheCon 2014 - What's New in Apache httpd 2.4
ApacheCon 2014 - What's New in Apache httpd 2.4Jim Jagielski
 

Recommandé

Apache httpd Reverse Proxy and Tomcat
Apache httpd Reverse Proxy and TomcatApache httpd Reverse Proxy and Tomcat
Apache httpd Reverse Proxy and TomcatJim Jagielski
 
Not your daddy's web server
Not your daddy's web serverNot your daddy's web server
Not your daddy's web serverJim Jagielski
 
Apache httpd 2.4 overview
Apache httpd 2.4 overviewApache httpd 2.4 overview
Apache httpd 2.4 overviewJim Jagielski
 
ApacheConNA 2015: Apache httpd 2.4 Reverse Proxy
ApacheConNA 2015: Apache httpd 2.4 Reverse ProxyApacheConNA 2015: Apache httpd 2.4 Reverse Proxy
ApacheConNA 2015: Apache httpd 2.4 Reverse ProxyJim Jagielski
 
Apache httpd 2.4 Reverse Proxy: The Hidden Gem
Apache httpd 2.4 Reverse Proxy: The Hidden GemApache httpd 2.4 Reverse Proxy: The Hidden Gem
Apache httpd 2.4 Reverse Proxy: The Hidden GemJim Jagielski
 
Apache HTTPD 2.4 - GWO2016
Apache HTTPD 2.4 - GWO2016Apache HTTPD 2.4 - GWO2016
Apache HTTPD 2.4 - GWO2016Jim Jagielski
 
Apache HTTPD 2.4 Reverse Proxy: The Hidden Gem
Apache HTTPD 2.4 Reverse Proxy: The Hidden GemApache HTTPD 2.4 Reverse Proxy: The Hidden Gem
Apache HTTPD 2.4 Reverse Proxy: The Hidden GemJim Jagielski
 
ApacheCon 2014 - What's New in Apache httpd 2.4
ApacheCon 2014 - What's New in Apache httpd 2.4ApacheCon 2014 - What's New in Apache httpd 2.4
ApacheCon 2014 - What's New in Apache httpd 2.4Jim Jagielski
 
JMS, WebSocket, and the Internet of Things - Controlling Physical Devices on ...
JMS, WebSocket, and the Internet of Things - Controlling Physical Devices on ...JMS, WebSocket, and the Internet of Things - Controlling Physical Devices on ...
JMS, WebSocket, and the Internet of Things - Controlling Physical Devices on ...Peter Moskovits
 
HTML5 WebSocket for the Real-Time Web and the Internet of Things
HTML5 WebSocket for the Real-Time Web and the Internet of ThingsHTML5 WebSocket for the Real-Time Web and the Internet of Things
HTML5 WebSocket for the Real-Time Web and the Internet of ThingsPeter Moskovits
 
What's New and Newer in Apache httpd-24
What's New and Newer in Apache httpd-24What's New and Newer in Apache httpd-24
What's New and Newer in Apache httpd-24Jim Jagielski
 
HTML5 WebSocket Introduction
HTML5 WebSocket IntroductionHTML5 WebSocket Introduction
HTML5 WebSocket IntroductionMarcelo Jabali
 
HTML5 Real Time and WebSocket Code Lab (SFHTML5, GTUGSF)
HTML5 Real Time and WebSocket Code Lab (SFHTML5, GTUGSF)HTML5 Real Time and WebSocket Code Lab (SFHTML5, GTUGSF)
HTML5 Real Time and WebSocket Code Lab (SFHTML5, GTUGSF)Peter Lubbers
 
Red Hat and Oracle: Delivering on the Promise of Interoperability in Java EE 7
Red Hat and Oracle: Delivering on the Promise of Interoperability in Java EE 7Red Hat and Oracle: Delivering on the Promise of Interoperability in Java EE 7
Red Hat and Oracle: Delivering on the Promise of Interoperability in Java EE 7Max Andersen
 
A web perf dashboard up & running in 90 minutes presentation
A web perf dashboard up & running in 90 minutes presentationA web perf dashboard up & running in 90 minutes presentation
A web perf dashboard up & running in 90 minutes presentationJustin Dorfman
 
How to investigate and recover from a security breach in WordPress
How to investigate and recover from a security breach in WordPressHow to investigate and recover from a security breach in WordPress
How to investigate and recover from a security breach in WordPressOtto Kekäläinen
 
Choosing a Javascript Framework
Choosing a Javascript FrameworkChoosing a Javascript Framework
Choosing a Javascript FrameworkAll Things Open
 
Scalable Django Architecture
Scalable Django ArchitectureScalable Django Architecture
Scalable Django ArchitectureRami Sayar
 
Advanced Caching Concepts @ Velocity NY 2015
Advanced Caching Concepts @ Velocity NY 2015Advanced Caching Concepts @ Velocity NY 2015
Advanced Caching Concepts @ Velocity NY 2015Rakesh Chaudhary
 
Pagespeed what, why, and how it works
Pagespeed what, why, and how it worksPagespeed what, why, and how it works
Pagespeed what, why, and how it worksIlya Grigorik
 
Web frameworks don't matter
Web frameworks don't matterWeb frameworks don't matter
Web frameworks don't matterTomas Doran
 
Velocity EU 2012 - Third party scripts and you
Velocity EU 2012 - Third party scripts and youVelocity EU 2012 - Third party scripts and you
Velocity EU 2012 - Third party scripts and youPatrick Meenan
 
Rebooting a Cloud
Rebooting a CloudRebooting a Cloud
Rebooting a CloudJesse Robbins
 
Scalable talk notes
Scalable talk notesScalable talk notes
Scalable talk notesPerrin Harkins
 
MongoDB training for java software engineers
MongoDB training for java software engineersMongoDB training for java software engineers
MongoDB training for java software engineersMoshe Kaplan
 
Making the web faster
Making the web fasterMaking the web faster
Making the web fasterPatrick Meenan
 
The Case for HTTP/2
The Case for HTTP/2The Case for HTTP/2
The Case for HTTP/2Andy Davies
 
Metrics, metrics everywhere (but where the heck do you start?)
Metrics, metrics everywhere (but where the heck do you start?)Metrics, metrics everywhere (but where the heck do you start?)
Metrics, metrics everywhere (but where the heck do you start?)Tammy Everts
 
Apache httpd-2.4 : Watch out cloud!
Apache httpd-2.4 : Watch out cloud!Apache httpd-2.4 : Watch out cloud!
Apache httpd-2.4 : Watch out cloud!Jim Jagielski
 
Apache httpd 2.4 Reverse Proxy
Apache httpd 2.4 Reverse ProxyApache httpd 2.4 Reverse Proxy
Apache httpd 2.4 Reverse ProxyJim Jagielski
 

Contenu connexe

Tendances

JMS, WebSocket, and the Internet of Things - Controlling Physical Devices on ...
JMS, WebSocket, and the Internet of Things - Controlling Physical Devices on ...JMS, WebSocket, and the Internet of Things - Controlling Physical Devices on ...
JMS, WebSocket, and the Internet of Things - Controlling Physical Devices on ...Peter Moskovits
 
HTML5 WebSocket for the Real-Time Web and the Internet of Things
HTML5 WebSocket for the Real-Time Web and the Internet of ThingsHTML5 WebSocket for the Real-Time Web and the Internet of Things
HTML5 WebSocket for the Real-Time Web and the Internet of ThingsPeter Moskovits
 
What's New and Newer in Apache httpd-24
What's New and Newer in Apache httpd-24What's New and Newer in Apache httpd-24
What's New and Newer in Apache httpd-24Jim Jagielski
 
HTML5 WebSocket Introduction
HTML5 WebSocket IntroductionHTML5 WebSocket Introduction
HTML5 WebSocket IntroductionMarcelo Jabali
 
HTML5 Real Time and WebSocket Code Lab (SFHTML5, GTUGSF)
HTML5 Real Time and WebSocket Code Lab (SFHTML5, GTUGSF)HTML5 Real Time and WebSocket Code Lab (SFHTML5, GTUGSF)
HTML5 Real Time and WebSocket Code Lab (SFHTML5, GTUGSF)Peter Lubbers
 
Red Hat and Oracle: Delivering on the Promise of Interoperability in Java EE 7
Red Hat and Oracle: Delivering on the Promise of Interoperability in Java EE 7Red Hat and Oracle: Delivering on the Promise of Interoperability in Java EE 7
Red Hat and Oracle: Delivering on the Promise of Interoperability in Java EE 7Max Andersen
 
A web perf dashboard up & running in 90 minutes presentation
A web perf dashboard up & running in 90 minutes presentationA web perf dashboard up & running in 90 minutes presentation
A web perf dashboard up & running in 90 minutes presentationJustin Dorfman
 
How to investigate and recover from a security breach in WordPress
How to investigate and recover from a security breach in WordPressHow to investigate and recover from a security breach in WordPress
How to investigate and recover from a security breach in WordPressOtto Kekäläinen
 
Choosing a Javascript Framework
Choosing a Javascript FrameworkChoosing a Javascript Framework
Choosing a Javascript FrameworkAll Things Open
 
Scalable Django Architecture
Scalable Django ArchitectureScalable Django Architecture
Scalable Django ArchitectureRami Sayar
 
Advanced Caching Concepts @ Velocity NY 2015
Advanced Caching Concepts @ Velocity NY 2015Advanced Caching Concepts @ Velocity NY 2015
Advanced Caching Concepts @ Velocity NY 2015Rakesh Chaudhary
 
Pagespeed what, why, and how it works
Pagespeed what, why, and how it worksPagespeed what, why, and how it works
Pagespeed what, why, and how it worksIlya Grigorik
 
Web frameworks don't matter
Web frameworks don't matterWeb frameworks don't matter
Web frameworks don't matterTomas Doran
 
Velocity EU 2012 - Third party scripts and you
Velocity EU 2012 - Third party scripts and youVelocity EU 2012 - Third party scripts and you
Velocity EU 2012 - Third party scripts and youPatrick Meenan
 
MongoDB training for java software engineers
MongoDB training for java software engineersMongoDB training for java software engineers
MongoDB training for java software engineersMoshe Kaplan
 
The Case for HTTP/2
The Case for HTTP/2The Case for HTTP/2
The Case for HTTP/2Andy Davies
 
Metrics, metrics everywhere (but where the heck do you start?)
Metrics, metrics everywhere (but where the heck do you start?)Metrics, metrics everywhere (but where the heck do you start?)
Metrics, metrics everywhere (but where the heck do you start?)Tammy Everts
 

Tendances (20)

JMS, WebSocket, and the Internet of Things - Controlling Physical Devices on ...
JMS, WebSocket, and the Internet of Things - Controlling Physical Devices on ...JMS, WebSocket, and the Internet of Things - Controlling Physical Devices on ...
JMS, WebSocket, and the Internet of Things - Controlling Physical Devices on ...
 
HTML5 WebSocket for the Real-Time Web and the Internet of Things
HTML5 WebSocket for the Real-Time Web and the Internet of ThingsHTML5 WebSocket for the Real-Time Web and the Internet of Things
HTML5 WebSocket for the Real-Time Web and the Internet of Things
 
What's New and Newer in Apache httpd-24
What's New and Newer in Apache httpd-24What's New and Newer in Apache httpd-24
What's New and Newer in Apache httpd-24
 
HTML5 WebSocket Introduction
HTML5 WebSocket IntroductionHTML5 WebSocket Introduction
HTML5 WebSocket Introduction
 
HTML5 Real Time and WebSocket Code Lab (SFHTML5, GTUGSF)
HTML5 Real Time and WebSocket Code Lab (SFHTML5, GTUGSF)HTML5 Real Time and WebSocket Code Lab (SFHTML5, GTUGSF)
HTML5 Real Time and WebSocket Code Lab (SFHTML5, GTUGSF)
 
Red Hat and Oracle: Delivering on the Promise of Interoperability in Java EE 7
Red Hat and Oracle: Delivering on the Promise of Interoperability in Java EE 7Red Hat and Oracle: Delivering on the Promise of Interoperability in Java EE 7
Red Hat and Oracle: Delivering on the Promise of Interoperability in Java EE 7
 
A web perf dashboard up & running in 90 minutes presentation
A web perf dashboard up & running in 90 minutes presentationA web perf dashboard up & running in 90 minutes presentation
A web perf dashboard up & running in 90 minutes presentation
 
How to investigate and recover from a security breach in WordPress
How to investigate and recover from a security breach in WordPressHow to investigate and recover from a security breach in WordPress
How to investigate and recover from a security breach in WordPress
 
Choosing a Javascript Framework
Choosing a Javascript FrameworkChoosing a Javascript Framework
Choosing a Javascript Framework
 
Scalable Django Architecture
Scalable Django ArchitectureScalable Django Architecture
Scalable Django Architecture
 
Advanced Caching Concepts @ Velocity NY 2015
Advanced Caching Concepts @ Velocity NY 2015Advanced Caching Concepts @ Velocity NY 2015
Advanced Caching Concepts @ Velocity NY 2015
 
Pagespeed what, why, and how it works
Pagespeed what, why, and how it worksPagespeed what, why, and how it works
Pagespeed what, why, and how it works
 
Web frameworks don't matter
Web frameworks don't matterWeb frameworks don't matter
Web frameworks don't matter
 
Velocity EU 2012 - Third party scripts and you
Velocity EU 2012 - Third party scripts and youVelocity EU 2012 - Third party scripts and you
Velocity EU 2012 - Third party scripts and you
 
Rebooting a Cloud
Rebooting a CloudRebooting a Cloud
Rebooting a Cloud
 
Scalable talk notes
Scalable talk notesScalable talk notes
Scalable talk notes
 
MongoDB training for java software engineers
MongoDB training for java software engineersMongoDB training for java software engineers
MongoDB training for java software engineers
 
Making the web faster
Making the web fasterMaking the web faster
Making the web faster
 
The Case for HTTP/2
The Case for HTTP/2The Case for HTTP/2
The Case for HTTP/2
 
Metrics, metrics everywhere (but where the heck do you start?)
Metrics, metrics everywhere (but where the heck do you start?)Metrics, metrics everywhere (but where the heck do you start?)
Metrics, metrics everywhere (but where the heck do you start?)
 

Similaire à Reverse proxy magic

Apache httpd-2.4 : Watch out cloud!
Apache httpd-2.4 : Watch out cloud!Apache httpd-2.4 : Watch out cloud!
Apache httpd-2.4 : Watch out cloud!Jim Jagielski
 
Apache httpd 2.4 Reverse Proxy
Apache httpd 2.4 Reverse ProxyApache httpd 2.4 Reverse Proxy
Apache httpd 2.4 Reverse ProxyJim Jagielski
 
ApacheCon 2017: What's new in httpd 2.4
ApacheCon 2017: What's new in httpd 2.4ApacheCon 2017: What's new in httpd 2.4
ApacheCon 2017: What's new in httpd 2.4Jim Jagielski
 
ApacheConNA 2015: What's new in Apache httpd 2.4
ApacheConNA 2015: What's new in Apache httpd 2.4ApacheConNA 2015: What's new in Apache httpd 2.4
ApacheConNA 2015: What's new in Apache httpd 2.4Jim Jagielski
 
Apache httpd 2.4: The Cloud Killer App
Apache httpd 2.4: The Cloud Killer AppApache httpd 2.4: The Cloud Killer App
Apache httpd 2.4: The Cloud Killer AppJim Jagielski
 
Using aphace-as-proxy-server
Using aphace-as-proxy-serverUsing aphace-as-proxy-server
Using aphace-as-proxy-serverHARRY CHAN PUTRA
 
The Recording HTTP Proxy: Not Yet Another Messiah - Bulgaria PHP 2019
The Recording HTTP Proxy: Not Yet Another Messiah - Bulgaria PHP 2019The Recording HTTP Proxy: Not Yet Another Messiah - Bulgaria PHP 2019
The Recording HTTP Proxy: Not Yet Another Messiah - Bulgaria PHP 2019Viktor Todorov
 
Web Front End Performance
Web Front End PerformanceWeb Front End Performance
Web Front End PerformanceChris Love
 
Profiling PHP with Xdebug / Webgrind
Profiling PHP with Xdebug / WebgrindProfiling PHP with Xdebug / Webgrind
Profiling PHP with Xdebug / WebgrindSam Keen
 
HTTP colon slash slash: the end of the road?
HTTP colon slash slash: the end of the road?HTTP colon slash slash: the end of the road?
HTTP colon slash slash: the end of the road?Alessandro Nadalin
 
Scale Apache with Nginx
Scale Apache with NginxScale Apache with Nginx
Scale Apache with NginxBud Siddhisena
 
Apache Web Services
Apache Web ServicesApache Web Services
Apache Web Serviceslkurriger
 
HTTP cache @ PUG Rome 03-29-2011
HTTP cache @ PUG Rome 03-29-2011HTTP cache @ PUG Rome 03-29-2011
HTTP cache @ PUG Rome 03-29-2011Alessandro Nadalin
 
Single Sign-On for APEX applications based on Kerberos (Important: latest ver...
Single Sign-On for APEX applications based on Kerberos (Important: latest ver...Single Sign-On for APEX applications based on Kerberos (Important: latest ver...
Single Sign-On for APEX applications based on Kerberos (Important: latest ver...Niels de Bruijn
 
Web Server/App Server Connectivity
Web Server/App Server ConnectivityWeb Server/App Server Connectivity
Web Server/App Server Connectivitywebhostingguy
 
Converting Your Dev Environment to a Docker Stack - php[world]
Converting Your Dev Environment to a Docker Stack - php[world]Converting Your Dev Environment to a Docker Stack - php[world]
Converting Your Dev Environment to a Docker Stack - php[world]Dana Luther
 
High Performance Web Sites
High Performance Web SitesHigh Performance Web Sites
High Performance Web SitesRavi Raj
 
Life on the Edge with ESI
Life on the Edge with ESILife on the Edge with ESI
Life on the Edge with ESIKit Chan
 
Ajax to the Moon
Ajax to the MoonAjax to the Moon
Ajax to the Moondavejohnson
 

Similaire à Reverse proxy magic (20)

Apache httpd-2.4 : Watch out cloud!
Apache httpd-2.4 : Watch out cloud!Apache httpd-2.4 : Watch out cloud!
Apache httpd-2.4 : Watch out cloud!
 
Apache httpd 2.4 Reverse Proxy
Apache httpd 2.4 Reverse ProxyApache httpd 2.4 Reverse Proxy
Apache httpd 2.4 Reverse Proxy
 
ApacheCon 2017: What's new in httpd 2.4
ApacheCon 2017: What's new in httpd 2.4ApacheCon 2017: What's new in httpd 2.4
ApacheCon 2017: What's new in httpd 2.4
 
ApacheConNA 2015: What's new in Apache httpd 2.4
ApacheConNA 2015: What's new in Apache httpd 2.4ApacheConNA 2015: What's new in Apache httpd 2.4
ApacheConNA 2015: What's new in Apache httpd 2.4
 
Apache httpd v2.4
Apache httpd v2.4Apache httpd v2.4
Apache httpd v2.4
 
Apache httpd 2.4: The Cloud Killer App
Apache httpd 2.4: The Cloud Killer AppApache httpd 2.4: The Cloud Killer App
Apache httpd 2.4: The Cloud Killer App
 
Using aphace-as-proxy-server
Using aphace-as-proxy-serverUsing aphace-as-proxy-server
Using aphace-as-proxy-server
 
The Recording HTTP Proxy: Not Yet Another Messiah - Bulgaria PHP 2019
The Recording HTTP Proxy: Not Yet Another Messiah - Bulgaria PHP 2019The Recording HTTP Proxy: Not Yet Another Messiah - Bulgaria PHP 2019
The Recording HTTP Proxy: Not Yet Another Messiah - Bulgaria PHP 2019
 
Web Front End Performance
Web Front End PerformanceWeb Front End Performance
Web Front End Performance
 
Profiling PHP with Xdebug / Webgrind
Profiling PHP with Xdebug / WebgrindProfiling PHP with Xdebug / Webgrind
Profiling PHP with Xdebug / Webgrind
 
HTTP colon slash slash: the end of the road?
HTTP colon slash slash: the end of the road?HTTP colon slash slash: the end of the road?
HTTP colon slash slash: the end of the road?
 
Scale Apache with Nginx
Scale Apache with NginxScale Apache with Nginx
Scale Apache with Nginx
 
Apache Web Services
Apache Web ServicesApache Web Services
Apache Web Services
 
HTTP cache @ PUG Rome 03-29-2011
HTTP cache @ PUG Rome 03-29-2011HTTP cache @ PUG Rome 03-29-2011
HTTP cache @ PUG Rome 03-29-2011
 
Single Sign-On for APEX applications based on Kerberos (Important: latest ver...
Single Sign-On for APEX applications based on Kerberos (Important: latest ver...Single Sign-On for APEX applications based on Kerberos (Important: latest ver...
Single Sign-On for APEX applications based on Kerberos (Important: latest ver...
 
Web Server/App Server Connectivity
Web Server/App Server ConnectivityWeb Server/App Server Connectivity
Web Server/App Server Connectivity
 
Converting Your Dev Environment to a Docker Stack - php[world]
Converting Your Dev Environment to a Docker Stack - php[world]Converting Your Dev Environment to a Docker Stack - php[world]
Converting Your Dev Environment to a Docker Stack - php[world]
 
High Performance Web Sites
High Performance Web SitesHigh Performance Web Sites
High Performance Web Sites
 
Life on the Edge with ESI
Life on the Edge with ESILife on the Edge with ESI
Life on the Edge with ESI
 
Ajax to the Moon
Ajax to the MoonAjax to the Moon
Ajax to the Moon
 

Plus de Jim Jagielski

OSPOS: AllThingsOpen 2023
OSPOS: AllThingsOpen 2023OSPOS: AllThingsOpen 2023
OSPOS: AllThingsOpen 2023Jim Jagielski
 
Open Source Licenses and IP Overview
Open Source Licenses and IP OverviewOpen Source Licenses and IP Overview
Open Source Licenses and IP OverviewJim Jagielski
 
The History of The Apache Software Foundation
The History of The Apache Software FoundationThe History of The Apache Software Foundation
The History of The Apache Software FoundationJim Jagielski
 
Starting an Open Source Program Office
Starting an Open Source Program OfficeStarting an Open Source Program Office
Starting an Open Source Program OfficeJim Jagielski
 
InnerSource 101 for FinTech and FinServ
InnerSource 101 for FinTech and FinServInnerSource 101 for FinTech and FinServ
InnerSource 101 for FinTech and FinServJim Jagielski
 
All Things Open 2017: Open Source Licensing
All Things Open 2017: Open Source LicensingAll Things Open 2017: Open Source Licensing
All Things Open 2017: Open Source LicensingJim Jagielski
 
All Things Open 2017: The Apache Software Foundation 101
All Things Open 2017: The Apache Software Foundation 101All Things Open 2017: The Apache Software Foundation 101
All Things Open 2017: The Apache Software Foundation 101Jim Jagielski
 
All Things Open 2017: Foundations of Inner Source
All Things Open 2017: Foundations of Inner SourceAll Things Open 2017: Foundations of Inner Source
All Things Open 2017: Foundations of Inner SourceJim Jagielski
 
ApacheCon 2017: InnerSource and The Apache Way
ApacheCon 2017: InnerSource and The Apache WayApacheCon 2017: InnerSource and The Apache Way
ApacheCon 2017: InnerSource and The Apache WayJim Jagielski
 
Open Source Licensing 101
Open Source Licensing 101Open Source Licensing 101
Open Source Licensing 101Jim Jagielski
 
InnerSource 101 and The Apache Way
InnerSource 101 and The Apache WayInnerSource 101 and The Apache Way
InnerSource 101 and The Apache WayJim Jagielski
 
Open source101 licenses
Open source101 licensesOpen source101 licenses
Open source101 licensesJim Jagielski
 
Keynote from the Open Source 101 Conference
Keynote from the Open Source 101 ConferenceKeynote from the Open Source 101 Conference
Keynote from the Open Source 101 ConferenceJim Jagielski
 
InnerSource: Enterprise Lessons from Open Source
InnerSource: Enterprise Lessons from Open SourceInnerSource: Enterprise Lessons from Open Source
InnerSource: Enterprise Lessons from Open SourceJim Jagielski
 
ApacheCon EU 2016 State of the Feather
ApacheCon EU 2016 State of the FeatherApacheCon EU 2016 State of the Feather
ApacheCon EU 2016 State of the FeatherJim Jagielski
 
Open Source Licensing and Governance
Open Source Licensing and GovernanceOpen Source Licensing and Governance
Open Source Licensing and GovernanceJim Jagielski
 
Inner Source: Enterprise Lessons from the Open Source Community.
Inner Source: Enterprise Lessons from the Open Source Community.Inner Source: Enterprise Lessons from the Open Source Community.
Inner Source: Enterprise Lessons from the Open Source Community.Jim Jagielski
 
The Apache Way: Why we do what we do
The Apache Way: Why we do what we doThe Apache Way: Why we do what we do
The Apache Way: Why we do what we doJim Jagielski
 
Why Community Matters
Why Community MattersWhy Community Matters
Why Community MattersJim Jagielski
 

Plus de Jim Jagielski (20)

OSPOS: AllThingsOpen 2023
OSPOS: AllThingsOpen 2023OSPOS: AllThingsOpen 2023
OSPOS: AllThingsOpen 2023
 
Open Source Licenses and IP Overview
Open Source Licenses and IP OverviewOpen Source Licenses and IP Overview
Open Source Licenses and IP Overview
 
The History of The Apache Software Foundation
The History of The Apache Software FoundationThe History of The Apache Software Foundation
The History of The Apache Software Foundation
 
The Apache Way
The Apache WayThe Apache Way
The Apache Way
 
Starting an Open Source Program Office
Starting an Open Source Program OfficeStarting an Open Source Program Office
Starting an Open Source Program Office
 
InnerSource 101 for FinTech and FinServ
InnerSource 101 for FinTech and FinServInnerSource 101 for FinTech and FinServ
InnerSource 101 for FinTech and FinServ
 
All Things Open 2017: Open Source Licensing
All Things Open 2017: Open Source LicensingAll Things Open 2017: Open Source Licensing
All Things Open 2017: Open Source Licensing
 
All Things Open 2017: The Apache Software Foundation 101
All Things Open 2017: The Apache Software Foundation 101All Things Open 2017: The Apache Software Foundation 101
All Things Open 2017: The Apache Software Foundation 101
 
All Things Open 2017: Foundations of Inner Source
All Things Open 2017: Foundations of Inner SourceAll Things Open 2017: Foundations of Inner Source
All Things Open 2017: Foundations of Inner Source
 
ApacheCon 2017: InnerSource and The Apache Way
ApacheCon 2017: InnerSource and The Apache WayApacheCon 2017: InnerSource and The Apache Way
ApacheCon 2017: InnerSource and The Apache Way
 
Open Source Licensing 101
Open Source Licensing 101Open Source Licensing 101
Open Source Licensing 101
 
InnerSource 101 and The Apache Way
InnerSource 101 and The Apache WayInnerSource 101 and The Apache Way
InnerSource 101 and The Apache Way
 
Open source101 licenses
Open source101 licensesOpen source101 licenses
Open source101 licenses
 
Keynote from the Open Source 101 Conference
Keynote from the Open Source 101 ConferenceKeynote from the Open Source 101 Conference
Keynote from the Open Source 101 Conference
 
InnerSource: Enterprise Lessons from Open Source
InnerSource: Enterprise Lessons from Open SourceInnerSource: Enterprise Lessons from Open Source
InnerSource: Enterprise Lessons from Open Source
 
ApacheCon EU 2016 State of the Feather
ApacheCon EU 2016 State of the FeatherApacheCon EU 2016 State of the Feather
ApacheCon EU 2016 State of the Feather
 
Open Source Licensing and Governance
Open Source Licensing and GovernanceOpen Source Licensing and Governance
Open Source Licensing and Governance
 
Inner Source: Enterprise Lessons from the Open Source Community.
Inner Source: Enterprise Lessons from the Open Source Community.Inner Source: Enterprise Lessons from the Open Source Community.
Inner Source: Enterprise Lessons from the Open Source Community.
 
The Apache Way: Why we do what we do
The Apache Way: Why we do what we doThe Apache Way: Why we do what we do
The Apache Way: Why we do what we do
 
Why Community Matters
Why Community MattersWhy Community Matters
Why Community Matters
 

Dernier

Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.soniya singh
 
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...Delhi Call girls
 
CALL ON ➥8923113531 🔝Call Girls Lucknow Lucknow best sexual service Online
CALL ON ➥8923113531 🔝Call Girls Lucknow Lucknow best sexual service OnlineCALL ON ➥8923113531 🔝Call Girls Lucknow Lucknow best sexual service Online
CALL ON ➥8923113531 🔝Call Girls Lucknow Lucknow best sexual service Onlineanilsa9823
 
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...Escorts Call Girls
 
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl ServiceRussian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl Servicegwenoracqe6
 
Networking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGNetworking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGAPNIC
 
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779Delhi Call girls
 
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call GirlVIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girladitipandeya
 
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRLLucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRLimonikaupta
 
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445ruhi
 
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024APNIC
 
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$kojalkojal131
 
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...Diya Sharma
 
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark WebGDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark WebJames Anderson
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024APNIC
 
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxAWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxellan12
 

Dernier (20)

Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
 
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
 
Russian Call Girls in %(+971524965298 )# Call Girls in Dubai
Russian Call Girls in %(+971524965298 )# Call Girls in DubaiRussian Call Girls in %(+971524965298 )# Call Girls in Dubai
Russian Call Girls in %(+971524965298 )# Call Girls in Dubai
 
CALL ON ➥8923113531 🔝Call Girls Lucknow Lucknow best sexual service Online
CALL ON ➥8923113531 🔝Call Girls Lucknow Lucknow best sexual service OnlineCALL ON ➥8923113531 🔝Call Girls Lucknow Lucknow best sexual service Online
CALL ON ➥8923113531 🔝Call Girls Lucknow Lucknow best sexual service Online
 
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
 
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl ServiceRussian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
 
Networking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGNetworking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOG
 
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
 
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call GirlVIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
 
Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
 
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRLLucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
 
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
 
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
 
Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝
 
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
 
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
 
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
 
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark WebGDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024
 
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxAWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
 

Reverse proxy magic

  • 1. APACHECON North America 9-12 September, 2019 Apache httpd v2.4: Reverse Proxy Magic
  • 2. APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag About Me Apache Software Foundation Co-founder, Director Emeritus, Member and Developer Director Emeritus Outercurve, MARSEC-XL, OSSI, OSI (ex)… Developer Mega FOSS projects O’Reilly Open Source Award: 2013 European Commission: Luminary Award Homebrewer, Husband, Father, Friend Open Source Chef: ConsenSys
  • 3. APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Apache httpd 2.4 Currently at version 2.4.41 (2.4.1 went GA Feb 21, 2012) Significant Improvements high-performance cloud suitability
  • 4. APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Apache httpd 2.4 - design drivers Support for async I/O w/o dropping support for older systems Larger selection of usable MPMs: added event, motorz, etc... Leverage higher-performant versions of APR Increase performance Reduce memory utilization The Cloud and Reverse Proxy
  • 5. APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Cloud and Dynamics The Cloud is a game changer for web servers The cloud is a dynamic place automated reconfiguration horizontal, not vertical scaling self-aware environments OK, maybe not THAT self-aware
  • 6. APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Why Dynamic Proxy Matters Apache httpd still the most frequently used front-end Proxy capabilities must be cloud friendly Front-end must be dynamic friendly
  • 7. APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Reverse Proxy Internet Firewall Firewall Cloud Reverse Proxy Server Transactional Servers Browser Operates at the server end of the transaction Completely transparent to the Web Browser – thinks the Reverse Proxy Server is the real server
  • 8. APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Features of Reverse Proxy Server Security Uniform security policy can be administered The real transactional servers are behind the firewall Delegation, Specialization, Load Balancing Offload SSL Issues w/ Tomcat APR/OpenSSL connector Caching Performance, HA
  • 9. APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Proxy Design Drivers Becoming a robust but generic proxy implementation Support various protocols HTTP, HTTPS, HTTP/2, CONNECT, FTP AJP, FastCGI, SCGI, WSGI, UWSGI, PROXY Load balancing Clustering, failover Performance
  • 10. APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Apache httpd 2.4 proxy Reverse Proxy Improvements Supports FastCGI, SCGI, Websockets in balancer Additional load balancing mechanisms Runtime changing of clusters w/o restarts Support for dynamic configuration mod_proxy_express mod_fcgid and fcgistarter Brand New: Support for Unix Domain Sockets Brand New: HTTP/2
  • 11. APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Configuring Reverse Proxy Set ProxyRequests Off Apply ProxyPass, ProxyPassReverse and possibly RewriteRule directives
  • 12. APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Reverse Proxy Directives:
 ProxyPass Allows remote server to be mapped into the space of the local (Reverse Proxy) server There is also ProxyPassMatch which takes a regex Example: ProxyPass /secure/ http://secureserver.local/
 Presumably “secureserver” is inaccessible directly from the internet
 ProxyPassMatch ^/(.*.js)$ http://js-storage.example.com/bar/$1
  • 13. APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Reverse Proxy Directives:
 ProxyPass Can also be used in a Location block (sometimes faster) Example: <Location /secure/> ProxyPass http://secureserver.local/
 </Location>
  • 14. APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Reverse Proxy Directives:
 ProxyPass Honored in order of definition Can bypass proxying with ! ProxyPass /local/ !
 ProxyPass / http://secureserver.local/
  • 15. APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Reverse Proxy Directives:
 ProxyPassReverse Used to specify that redirects issued by the remote server are to be translated to use the proxy before being returned to the client. Syntax is identical to ProxyPass; used in conjunction with it Example: ProxyPass /secure/ http://secureserver/ ProxyPassReverse /secure/ http://secureserver/
  • 16. APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Simple Rev Proxy All requests for /images to a backend server
 
 Useful, but limited What if: images.example.com dies? traffic for /images increases ProxyPass /images http://images.example.com/ ProxyPass <path> <scheme>://<full url>
  • 17. APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Load Balancing mod_proxy_balancer.so mod_proxy can do native load balancing weight by actual requests weight by traffic weight by busyness lbfactors
  • 18. APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Create a balancer “cluster” Create a balancer which contains several host nodes Apache httpd will then direct to each node as specified <Proxy balancer://foo> BalancerMember http://www1.example.com:80/ loadfactor=1 BalancerMember http://www2.example.com:80/ loadfactor=2 BalancerMember http://www3.example.com:80/ loadfactor=1 status=+h ProxySet lbmethod=bytraffic </Proxy> Balancer Name Workers/Nodes
  • 19. APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Some config params For BalancerMembers: loadfactor normalized load for worker [1] lbset worker cluster set number [0] retry retry timeout, in seconds, for non-ready workers [60]
  • 20. APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Some config params For BalancerMembers (cont): connectiontimeout/timout Connection timeouts on backend [ProxyTimeout] flushpackets * Does proxy need to flush data with each chunk of data? on : Yes | off : No | auto : wait and see flushwait * ms to wait for data before flushing
  • 21. APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Some config params For BalancerMembers (cont): ping Ping backend to check for availability; value is time to wait for response status (+/-) D : Disabled S : Stopped I : Ignore errors H : Hot standby R : Hot spare E : Error N: Drain C: Dynamic Health Check fail
  • 22. APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Some config params For Balancers: lbmethod load balancing algo to use [byrequests] stickysession sticky session name (eg: JSESSIONID) maxattempts # failover tries before we bail growth Extra BalancerMember slots to allow for
  • 23. APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Some config params For Balancers: nofailover pretty freakin obvious For both: ProxySet Alternate method to set various params ProxySet balancer://foo timeout=10 ... ProxyPass / balancer://foo timeout=10
  • 24. APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Connection Pooling Backend connection pooling Available for named workers: eg: ProxyPass /foo ajp://bar.example.com Reusable connection to origin For threaded MPMs, can adjust size of pool (min, max, smax) For prefork: singleton Shared data held in shared memory
  • 25. APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Some config params For BalancerMembers - connection pool: min Initial number of connections [0] max Hard maximum number of connections [1|TPC] smax: soft max - keep this number available [max]
  • 26. APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Some config params For BalancerMembers - connection pool: disablereuser/enablereuse: bypass/enable the connection pool (firewalls) ttl time to live for connections above smax
  • 27. APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Sessions Sticky session support aka “session affinity” Cookie based stickysession=PHPSESSID stickysession=JSESSIONID Natively easy with Tomcat May require more setup for “simple” HTTP proxying Use of mod_session helps
  • 28. APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Sessions From Daniel Ruggeri LoadModule headers_module modules/mod_headers.so <Proxy balancer://cluster> BalancerMember http://1.2.3.4:8009 route=bar1 BalancerMember http://1.2.3.5:8009 route=bar2 ProxySet stickysession=KewlApp_STICKY </Proxy> Header add Set-Cookie "KewlApp_STICKY=sticky.% {BALANCER_WORKER_ROUTE}e;path=/;" env=BALANCER_ROUTE_CHANGED ProxyPass /foo/ balancer://cluster/foo/
  • 29. APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Failover control Cluster set with failover Group backend servers as numbered sets balancer will try lower-valued sets first If no workers are available, will try next lbset Hot standby No workers available in current lbset? Use me Hot spare As soon as a worker goes offline, start using me
  • 30. APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Putting it all together <Proxy balancer://foo> BalancerMember http://php1:8080/ loadfactor=1 BalancerMember http://php2:8080/ loadfactor=4 BalancerMember http://phpbkup:8080/ loadfactor=1 status=+h BalancerMember http://phpexp1:8080/ lbset=1 BalancerMember http://phpexp2:8080/ lbset=1 loadfactor=2 BalancerMember http://phpexpbkup:8080/ lbset=1 status=+h ProxySet lbmethod=bytraffic </Proxy> <Proxy balancer://javaapps> BalancerMember ajp://tc1:8089/ loadfactor=10 BalancerMember ajp://tc2:8089/ loadfactor=40 ProxySet lbmethod=byrequests </Proxy> ProxyPass /apps/ balancer://foo/ ProxyPassReverse /apps/ balancer://foo/ ProxyPass /serv/ balancer://javaapps/ ProxyPass /images/ http://images:8080/ ProxyPass /dyno/ h2c://pappy:80/ ProxyPass /foo/ unix:/home/www.socket|ajp://localhost/bar/ lbset 0 lbset 1 foo
  • 31. APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Mass Reverse Proxy We front-end a LOT of reverse proxies What a httpd.conf disaster! Slow and bloated mod_rewrite doesn’t help nor does mod_macro <VirtualHost www1.example.com> ProxyPass / http://192.168.002.2:8080 ProxyPassReverse / http://192.168.002.2:8080 </VirtualHost> 
 <VirtualHost www2.example.com> ProxyPass / http://192.168.002.12:8088
 ProxyPassReverse / http:// 192.168.002.12:8088 </VirtualHost> <VirtualHost www3.example.com> ProxyPass / http://192.168.002.10 ProxyPassReverse / http://192.168.002.10 </VirtualHost> . . . <VirtualHost www6341.example.com> ProxyPass / http://192.168.211.26 ProxyPassReverse / http://192.168.211.26 </VirtualHost>
  • 32. APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Mass Reverse Proxy Use the new mod_proxy_express module ProxyPass mapping obtained via db file Fast and efficient Still dynamic, with no config changes required micro-services? You betcha! ProxyExpress map file ##
 ##express-map.db:
 ##
 
 www1.example.com http://192.168.002.2:8080
 www2.example.com http://192.168.002.12:8088
 www3.example.com http://192.168.002.10 ... www6341.example.com http://192.168.211.26 httpd.conf file ProxyExpressEnable On ProxyExpressDBMFile express-map.db
  • 33. APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag HeartBeat / HeartMonitor Experimental LB (load balance) method Uses multicast between gateway and reverse proxies Provides heartbeat (are you there?) capability Also provides basic load info This info stored in shm, and used for balancing Multicast can be an issue Use mod_header with %l, %i, %b (loadavg, idle, busy) but no LBmethod currently uses this :(
  • 34. APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag balancer-manager Embedded proxy admin web interface Allows for real-time Monitoring of stats for each worker Adjustment of worker params lbset load factor route enabled / disabled ...
  • 35. APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Embedded Admin Allows for real-time Addition of new workers/nodes Change of LB methods Can be persistent! More RESTful Can be CLI-driven
  • 36. APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Easy setup <Location /balancer-manager> SetHandler balancer-manager Require 192.168.2.22 </Location>
  • 37. APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Admin
  • 38. APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag server-status aware
  • 39. APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Performance From Bryan Call’s ApacheCon preso
 (http://www.slideshare.net/bryan_call/choosing-a-proxy-server-apachecon-2014) •  Squid&used&the&most& CPU&again& •  NGiNX&had&latency& issues& •  ATS&most&throughput& 0& 500& 1000& 1500& 2000& 2500& ATS& NGiNX& Squid& Varnish& hBpd& RPS$/$CPU$Usage$ 0& 5000& 10000& 15000& 20000& 25000& 30000& ATS& NGiNX& Squid& Varnish& hBpd& Requests$Per$Second$ 0& 5& 10& 15& 20& 25& 30& 35& 40& ATS& NGiNX& Squid& Varnish& hBpd& Latency$ Median& 95th&
  • 40. APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag nginx vs Event (typical) Apache - Event MPM 0 500 1000 1500 2000 nginx 0 500 1,000 1,500 2,000 Open Write Read Close Increasing concurrency Increasing concurrency
  • 41. APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Apache - Prefork MPM 0 500 1000 1500 2000 nginx vs Prefork (typical) nginx 0 500 1,000 1,500 2,000 Open Write Read Close Increasing concurrency Increasing concurrency
  • 42. APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Total req/resp time Comparison - total transaction (close) 0 500 1000 1500 2000 Prefork Worker Event nginx Increasing concurrency
  • 43. APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Resp to Req. Bursts - httperf 100 ---> 20000 0.00 1.75 3.50 5.25 7.00 min avg max dev min avg max dev min avg max dev min avg max dev min avg max dev min avg max dev prefork worker event nginx Increasing concurrency
  • 44. APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Backend Status Dynamic Health Checks ! TCP/IP Ping OPTIONS HEAD GET ProxyHCExpr ok234 {%{REQUEST_STATUS} =~ /^[234]/} ProxyHCExpr gdown {%{REQUEST_STATUS} =~ /^[5]/} ProxyHCExpr in_maint {hc('body') !~ /Under maintenance/} <Proxy balancer://foo/> BalancerMember http://www.example.com/ hcmethod=GET hcexpr=in_maint hcuri=/status.php BalancerMember http://www2.example.com/ hcmethod=HEAD hcexpr=ok234 hcinterval=10 BalancerMember http://www3.example.com/ hcmethod=TCP hcinterval=250ms hcpasses=2 hcfails=3 BalancerMember http://www4.example.com/ </Proxy> ProxyPass "/" “balancer://foo/" ProxyPassReverse "/" “balancer://foo/"
  • 45. APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag What else is new? Additional protocols UWSGI, PROXY (HAproxy) Improved caching Redis and Memcache now mod_status aware Apache Geode FPM Improved. And fully PHP compliant. Performance, of course!
  • 46. APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag What’s on the horizon? Extend mod_proxy_express Adding additional protocols as needed/desired More dynamic configuration Adding balancers! Performance, of course! mod_proxy_survey protocolbuf nanomsg
  • 47. APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag In conclusion... For cloud environs and other, the performance and dynamic control of Apache httpd 2.4 in reverse proxies is just what the Dr. ordered (and flexibility remains a big strength)
  • 48. APACHECON North America This work is licensed under a Creative Commons Attribution 3.0 Unported License. - Jim Jagielski - @jimjag Thanks Twitter: @jimjag Emails:
 jim@jaguNET.com
 jim@apache.org
 jimjag@gmail.com http://www.slideshare.net/jimjag/ Apache Anniversary Beer Recipe (BeerSmith3 format): http://home.apache.org/~jim/download/ApacheAnniversaryRoggenbier.bsmx