SlideShare a Scribd company logo

HTTP at your local BigCo

Download as PPTX, PDF
P
pgriess

This document summarizes different techniques for scaling HTTP infrastructure, including DNS load balancing, IP load balancing, and HTTP load balancing. It discusses how DNS maps hostnames to IP addresses and the resolution process. It then explains how TCP and HTTP work on top of IP, and some of their limitations for large-scale services. The document evaluates the benefits and drawbacks of different load balancing approaches and discusses optimizations like SPDY and TCP termination proxies to improve performance over long distances.

AutomotiveTechnology
1 of 24
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
HTTP at your local BigCo:How the internet sausage gets made Peter Griess@pgriess
Goals and non-goalsBasics of TCP/IP, DNS and HTTP and how they work together; pitfalls and optimizationsA 1,000 foot view of scaling out HTTP infrastructureAll manner of load balancing / traffic shapingLiving on the edgeNot: how to make a fast application (database access, rendering performance, etc)
Background: DNSMap hostnames to IP(s)www.facebook.com 69.171.229.12, 69.171.228.40Resolution processRecursion (and what does the DNS server see?)CachingLatencies: on-host, cached in LAN, cached at ISP, miss
Background: TCPStateful protocolNegotiated by a synchronous 3-way handshake:2xRTT before first byte is sent!e.g. USA => South America ~250ms RTTSeamless failover is hard (but not impossible)Load balancing must be aware of flows
Background: HTTPLayered on top of TCP/TLSHas some useful bitsCompressionConnection re-usePipeliningCachingKind of sucksHeaders on all requests/responsesCompression on bodies onlyPipelining has to be disabled most of the timePipelining suffers from head-of-line blocking
mycutekittens.tv68.193.17.4Big bad internetHTTP
Problem?
ProblemAvailabilityServer goes down (kernel panic?)Network goes down (cable cut?)Datacenter goes down (EC2?)OverloadShed load (good, can be transparent)Get infinitely slow (not good)
mycutekittens.tv: multi-serverBig bad internet???
We have optionsDNS load balancingIP load balancingHTTP load balancing
DNS load balancingmycutekittens.tv resolves to IPs: A, B, C, DAdd new IPs to scale outRemove IPs when hosts go downBenefitsDon’t need extra hardware to do load balancingCan span datacentersDNS servers are cheap / fastDrawbacksHotspots due to cachingHotspots due to ordering in result listHotspots due to resolver sizeTTL / flexibility trade-off
mycutekittens.tv: DNSBig bad internetDNS ServerDNS68.193.17.468.193.17.568.193.17.6
IP load balancing (1)mycutekittens.tv resolves to 1 public IP owned by an IP load balancerAdd new backend hosts w/ private IPs to scale outLoad balancer health-checks hosts actively or passively to avoid dead hostsScheduling policies vs. failoverDSR
IP load balancing (2)BenefitsOnly 1 public IP (high DNS TTL)Backend network capacity/membership transparent to the internetCheap-ishFailover is possible, not insanely difficultDrawbacksCan’t do what you can with HTTP
mycutekittens.tv: IP10.0.0.1Big bad internet10.0.0.2GW68.193.17.410.0.0.3LB
HTTP load balancing (1)mycutekittens.tv resolves to 1 public IP owned by an HTTP load balancerLargely same as IP load balancingTerminates TCP connections (sees all bytes)Can make routing decisions based on HTTPCan autonomously serve requests (caching, access control, etc)Examples:Send requests for /foo/* to pool A401 requests without cookie Q
HTTP load balancing (2)BenefitsLargely the same as IPMore flexible rulesCan terminate TLS (security+, cost+)DrawbacksNo DSRFailover difficultNot as performant as IP
mycutekittens.tv: HTTP10.0.0.1Big bad internet10.0.0.268.193.17.4LBHTTP(S)10.0.0.3
mycutekittens.tv: MOAREventually a single LB is going to be a problemNot enough capacityAvailabilityTurtles all the day way downLB of LBs!DNS load balancing between datacenters…
HTTPS: myths and realityToo computationally expensiveOnly a few percent (imperialviolet.org); is your webserver actually CPU bound? doubt itSSL acceleration cards, GPUs, etcToo much latencyHandshaking is 5-7xRTTSession resumeFalse startSnap startCaching breaks
My latency is huge in JapanRTT to USA is (or any single DC) can be hugeRe-use connections (connection: keep-alive)Send work in parallel (pipelining)Use compression (content-encoding)Lots of tricks for static resources (bundling, CDNs, caching, etc)Pre-fetch data
Let’s get crazy: SPDYDon’t limit yourself to HTTP; use a different protocolSPDY developed by Google, supported by Chrome, google.com (and soon facebook.com)Connection re-use w/o head-of-line blockingHeaders always compressedAlways SSL (but breaks caching)
Let’s get crazy: TCP terminationSynchronous RTTs: the silent killerOpening new TCP connections is very costlyRun proxies close to users and proxy traffic back to core using optimized protocolLow RTT to proxyDo SPDY-like tricks between edge + corePotentially faster network to core than public internetAdvertise these proxies via DNSGeo-targettingAS-adjacencyAkamai CDN does this, sort of
Let’s get crazy: DNS anycastRemember how DNS resolutions were slow?DNS servers could be far away from a userAdvertise multiple network routes for the same DNS IP, let the IP stack pick the closest one

More Related Content

PDF
HTTP/2 Update - FOSDEM 2016
Daniel Stenberg
 
PDF
What HTTP/2.0 Will Do For You
Mark Nottingham
 
PDF
HTTP2 & HPACK #pyfes 2013-11-30
Jxck Jxck
 
PDF
HTTP by Hand: Exploring HTTP/1.0, 1.1 and 2.0
Cory Forsyth
 
PDF
HTTP2:新的机遇与挑战
Jerry Qu
 
PDF
Http2
Daniel Stenberg
 
PDF
Tempesta FW - Framework и Firewall для WAF и DDoS mitigation, Александр Крижа...
Ontico
 
PDF
Ftp server linux
Pawan Kumar
 
HTTP/2 Update - FOSDEM 2016
Daniel Stenberg
 
What HTTP/2.0 Will Do For You
Mark Nottingham
 
HTTP2 & HPACK #pyfes 2013-11-30
Jxck Jxck
 
HTTP by Hand: Exploring HTTP/1.0, 1.1 and 2.0
Cory Forsyth
 
HTTP2:新的机遇与挑战
Jerry Qu
 
Http2
Daniel Stenberg
 
Tempesta FW - Framework и Firewall для WAF и DDoS mitigation, Александр Крижа...
Ontico
 
Ftp server linux
Pawan Kumar
 

What's hot (20)

PPTX
Introducing HTTP/2
Ido Flatow
 
PPTX
HTTP/2 Introduction
Walter Liu
 
PDF
So that was HTTP/2, what's next?
Daniel Stenberg
 
ODT
Load Balancing with HAproxy
Brendan Jennings
 
PPTX
Web server
Sai Visal
 
PDF
HTTP/2: What no one is telling you
Fastly
 
PDF
Http2 right now
Daniel Stenberg
 
PPTX
HTTP/2 for Developers
Svetlin Nakov
 
PPTX
Introduction to HTTP/2
Ido Flatow
 
PDF
HTTP2 is Here!
Andy Davies
 
PDF
HTTP/2 standard for video streaming
Hung Thai Le
 
PDF
HTTP 2.0 – What do I need to know?
Sigma Software
 
PPTX
Http/2
Adrian Cardenas
 
ODP
ChinaNetCloud Training - HAProxy Intro
ChinaNetCloud
 
PPT
Netkitmig
renyufei
 
PPT
Web Server Load Balancer
MobME Technical
 
PPTX
Choosing A Proxy Server - Apachecon 2014
bryan_call
 
PDF
6 technical-dns-workshop-day3
DNS Entrepreneurship Center
 
ODP
HAProxy scale out using open source
Ingo Walz
 
PDF
SPDY and HTTP/2
Fabian Frank
 
Introducing HTTP/2
Ido Flatow
 
HTTP/2 Introduction
Walter Liu
 
So that was HTTP/2, what's next?
Daniel Stenberg
 
Load Balancing with HAproxy
Brendan Jennings
 
Web server
Sai Visal
 
HTTP/2: What no one is telling you
Fastly
 
Http2 right now
Daniel Stenberg
 
HTTP/2 for Developers
Svetlin Nakov
 
Introduction to HTTP/2
Ido Flatow
 
HTTP2 is Here!
Andy Davies
 
HTTP/2 standard for video streaming
Hung Thai Le
 
HTTP 2.0 – What do I need to know?
Sigma Software
 
Http/2
Adrian Cardenas
 
ChinaNetCloud Training - HAProxy Intro
ChinaNetCloud
 
Netkitmig
renyufei
 
Web Server Load Balancer
MobME Technical
 
Choosing A Proxy Server - Apachecon 2014
bryan_call
 
6 technical-dns-workshop-day3
DNS Entrepreneurship Center
 
HAProxy scale out using open source
Ingo Walz
 
SPDY and HTTP/2
Fabian Frank
 
Ad

Viewers also liked (7)

PDF
A póker titkai mike caro
csiti
 
PPT
Itay
ozsamoui
 
PPTX
Introwebinargettingdiversebuttsthedwcgroup7 11-dc-edits-2
western justice center
 
PPTX
Slidesharetest
western justice center
 
PPT
The New Black Test
Jasoneldridge
 
PPTX
donotusethisversion-dc-edits
western justice center
 
PPT
Augmented Reality
yasenslavov
 
A póker titkai mike caro
csiti
 
Itay
ozsamoui
 
Introwebinargettingdiversebuttsthedwcgroup7 11-dc-edits-2
western justice center
 
Slidesharetest
western justice center
 
The New Black Test
Jasoneldridge
 
donotusethisversion-dc-edits
western justice center
 
Augmented Reality
yasenslavov
 
Ad

Similar to HTTP at your local BigCo (20)

PPTX
Next generation web protocols
Daniel Austin
 
PDF
HTTP/2 turns 3 years old // Web Performance Meetup wao.io 20180612
Avenga Germany GmbH
 
PDF
Computer network (10)
NYversity
 
PPT
Data center disaster recovery.ppt
omalreda
 
PPTX
Http2
Islam Gamal
 
PPTX
HTML5, HTTP2, and You 1.1
Daniel Austin
 
ODP
Scaling Streaming - Concepts, Research, Goals
kamaelian
 
PDF
From Fast To SPDY
Mike Belshe
 
PDF
Improving performance by changing the rules from fast to SPDY
Cotendo
 
PDF
Linux HTTPS/TCP/IP Stack for the Fast and Secure Web
All Things Open
 
PPT
Serverless (Distributed computing)
Sri Prasanna
 
PDF
Cleaning Up the Dirt of the Nineties - How New Protocols are Modernizing the Web
Steffen Gebert
 
PPT
My other computer_is_a_datacentre
Steve Loughran
 
PDF
HBaseCon 2015: HBase at Scale in an Online and High-Demand Environment
HBaseCon
 
PDF
Http2 in practice
Patrick Meenan
 
PPTX
Stephan Ewen - Experiences running Flink at Very Large Scale
Ververica
 
PPT
Network and distributed systems
Sri Prasanna
 
ODP
MNPHP Scalable Architecture 101 - Feb 3 2011
Mike Willbanks
 
PPT
Knowledge share about scalable application architecture
AHM Pervej Kabir
 
PPTX
Http/2
GeekNightHyderabad
 
Next generation web protocols
Daniel Austin
 
HTTP/2 turns 3 years old // Web Performance Meetup wao.io 20180612
Avenga Germany GmbH
 
Computer network (10)
NYversity
 
Data center disaster recovery.ppt
omalreda
 
Http2
Islam Gamal
 
HTML5, HTTP2, and You 1.1
Daniel Austin
 
Scaling Streaming - Concepts, Research, Goals
kamaelian
 
From Fast To SPDY
Mike Belshe
 
Improving performance by changing the rules from fast to SPDY
Cotendo
 
Linux HTTPS/TCP/IP Stack for the Fast and Secure Web
All Things Open
 
Serverless (Distributed computing)
Sri Prasanna
 
Cleaning Up the Dirt of the Nineties - How New Protocols are Modernizing the Web
Steffen Gebert
 
My other computer_is_a_datacentre
Steve Loughran
 
HBaseCon 2015: HBase at Scale in an Online and High-Demand Environment
HBaseCon
 
Http2 in practice
Patrick Meenan
 
Stephan Ewen - Experiences running Flink at Very Large Scale
Ververica
 
Network and distributed systems
Sri Prasanna
 
MNPHP Scalable Architecture 101 - Feb 3 2011
Mike Willbanks
 
Knowledge share about scalable application architecture
AHM Pervej Kabir
 
Http/2
GeekNightHyderabad
 

Recently uploaded (20)

PPTX
Lecture 3b C Library xnxjxjxjxkx_ ESP32.pptx
indalrenu
 
PDF
Caterpillar CAT 312B L EXCAVATOR (2KW00001-UP) Operation and Maintenance Manu...
ovics74
 
PPTX
capstoneoooooooooooooooooooooooooooooooooo
InzamamUlHaque62
 
PPT
Your score increases as you pick a category, fill out a long description and ...
APWCourses
 
PPT
ACCOMPLISHMENT REPOERTS AND FILE OF GRADE 12 2021.ppt
cristinegraceacuyan1
 
PDF
Volvo EC290C NL EC290CNL Excavator Service Repair Manual Instant Download.pdf
Service Repair Manual
 
PPTX
Type of Sentence & SaaaaaaaaaadddVA.pptx
BaihaqiZakariaMuslim
 
PDF
Volvo EC20C Excavator Service maintenance schedules.pdf
Service Repair Manual
 
PPT
Mettal aloys and it's application and theri composition
hydanfot2023
 
PDF
Renesas R-Car_Cockpit_overview210214-Gen4.pdf
wenhu10
 
PPTX
UNIT-2(B) Organisavtional Appraisal.pptx
chahalharry627
 
PDF
higher edu open stores 12.5.24 (1).pdf forreal
Ahii2
 
DOCX
lp of food hygiene.docxvvvvvvvvvvvvvvvvvvvvvvv
SomaPal11
 
PDF
Volvo EC290C NL EC290CNL engine Manual.pdf
Service Repair Manual
 
PPTX
TOEFL ITP Grammar_ Clausessssssssssssssssss.pptx
BaihaqiZakariaMuslim
 
PDF
Todays Technician Automotive Heating & Air Conditioning Classroom Manual and ...
solutionsmanual3
 
PDF
MANDIBLE (1).pdffawffffffffffffffffffffffffffffffffffffffffff
allainplantamnl
 
PPTX
Fire Fighting Unit IV industrial safety.pptx
samy709581
 
PDF
computer system to create, modify, analyse or optimize an engineering design.
norazamaliman1
 
PDF
Volvo EC20C Excavator Step-by-step Maintenance Instructions pdf
Service Repair Manual
 
Lecture 3b C Library xnxjxjxjxkx_ ESP32.pptx
indalrenu
 
Caterpillar CAT 312B L EXCAVATOR (2KW00001-UP) Operation and Maintenance Manu...
ovics74
 
capstoneoooooooooooooooooooooooooooooooooo
InzamamUlHaque62
 
Your score increases as you pick a category, fill out a long description and ...
APWCourses
 
ACCOMPLISHMENT REPOERTS AND FILE OF GRADE 12 2021.ppt
cristinegraceacuyan1
 
Volvo EC290C NL EC290CNL Excavator Service Repair Manual Instant Download.pdf
Service Repair Manual
 
Type of Sentence & SaaaaaaaaaadddVA.pptx
BaihaqiZakariaMuslim
 
Volvo EC20C Excavator Service maintenance schedules.pdf
Service Repair Manual
 
Mettal aloys and it's application and theri composition
hydanfot2023
 
Renesas R-Car_Cockpit_overview210214-Gen4.pdf
wenhu10
 
UNIT-2(B) Organisavtional Appraisal.pptx
chahalharry627
 
higher edu open stores 12.5.24 (1).pdf forreal
Ahii2
 
lp of food hygiene.docxvvvvvvvvvvvvvvvvvvvvvvv
SomaPal11
 
Volvo EC290C NL EC290CNL engine Manual.pdf
Service Repair Manual
 
TOEFL ITP Grammar_ Clausessssssssssssssssss.pptx
BaihaqiZakariaMuslim
 
Todays Technician Automotive Heating & Air Conditioning Classroom Manual and ...
solutionsmanual3
 
MANDIBLE (1).pdffawffffffffffffffffffffffffffffffffffffffffff
allainplantamnl
 
Fire Fighting Unit IV industrial safety.pptx
samy709581
 
computer system to create, modify, analyse or optimize an engineering design.
norazamaliman1
 
Volvo EC20C Excavator Step-by-step Maintenance Instructions pdf
Service Repair Manual
 

HTTP at your local BigCo

  • 1. HTTP at your local BigCo:How the internet sausage gets made Peter Griess@pgriess
  • 2. Goals and non-goalsBasics of TCP/IP, DNS and HTTP and how they work together; pitfalls and optimizationsA 1,000 foot view of scaling out HTTP infrastructureAll manner of load balancing / traffic shapingLiving on the edgeNot: how to make a fast application (database access, rendering performance, etc)
  • 3. Background: DNSMap hostnames to IP(s)www.facebook.com 69.171.229.12, 69.171.228.40Resolution processRecursion (and what does the DNS server see?)CachingLatencies: on-host, cached in LAN, cached at ISP, miss
  • 4. Background: TCPStateful protocolNegotiated by a synchronous 3-way handshake:2xRTT before first byte is sent!e.g. USA => South America ~250ms RTTSeamless failover is hard (but not impossible)Load balancing must be aware of flows
  • 5. Background: HTTPLayered on top of TCP/TLSHas some useful bitsCompressionConnection re-usePipeliningCachingKind of sucksHeaders on all requests/responsesCompression on bodies onlyPipelining has to be disabled most of the timePipelining suffers from head-of-line blocking
  • 8. ProblemAvailabilityServer goes down (kernel panic?)Network goes down (cable cut?)Datacenter goes down (EC2?)OverloadShed load (good, can be transparent)Get infinitely slow (not good)
  • 10. We have optionsDNS load balancingIP load balancingHTTP load balancing
  • 11. DNS load balancingmycutekittens.tv resolves to IPs: A, B, C, DAdd new IPs to scale outRemove IPs when hosts go downBenefitsDon’t need extra hardware to do load balancingCan span datacentersDNS servers are cheap / fastDrawbacksHotspots due to cachingHotspots due to ordering in result listHotspots due to resolver sizeTTL / flexibility trade-off
  • 12. mycutekittens.tv: DNSBig bad internetDNS ServerDNS68.193.17.468.193.17.568.193.17.6
  • 13. IP load balancing (1)mycutekittens.tv resolves to 1 public IP owned by an IP load balancerAdd new backend hosts w/ private IPs to scale outLoad balancer health-checks hosts actively or passively to avoid dead hostsScheduling policies vs. failoverDSR
  • 14. IP load balancing (2)BenefitsOnly 1 public IP (high DNS TTL)Backend network capacity/membership transparent to the internetCheap-ishFailover is possible, not insanely difficultDrawbacksCan’t do what you can with HTTP
  • 15. mycutekittens.tv: IP10.0.0.1Big bad internet10.0.0.2GW68.193.17.410.0.0.3LB
  • 16. HTTP load balancing (1)mycutekittens.tv resolves to 1 public IP owned by an HTTP load balancerLargely same as IP load balancingTerminates TCP connections (sees all bytes)Can make routing decisions based on HTTPCan autonomously serve requests (caching, access control, etc)Examples:Send requests for /foo/* to pool A401 requests without cookie Q
  • 17. HTTP load balancing (2)BenefitsLargely the same as IPMore flexible rulesCan terminate TLS (security+, cost+)DrawbacksNo DSRFailover difficultNot as performant as IP
  • 18. mycutekittens.tv: HTTP10.0.0.1Big bad internet10.0.0.268.193.17.4LBHTTP(S)10.0.0.3
  • 19. mycutekittens.tv: MOAREventually a single LB is going to be a problemNot enough capacityAvailabilityTurtles all the day way downLB of LBs!DNS load balancing between datacenters…
  • 20. HTTPS: myths and realityToo computationally expensiveOnly a few percent (imperialviolet.org); is your webserver actually CPU bound? doubt itSSL acceleration cards, GPUs, etcToo much latencyHandshaking is 5-7xRTTSession resumeFalse startSnap startCaching breaks
  • 21. My latency is huge in JapanRTT to USA is (or any single DC) can be hugeRe-use connections (connection: keep-alive)Send work in parallel (pipelining)Use compression (content-encoding)Lots of tricks for static resources (bundling, CDNs, caching, etc)Pre-fetch data
  • 22. Let’s get crazy: SPDYDon’t limit yourself to HTTP; use a different protocolSPDY developed by Google, supported by Chrome, google.com (and soon facebook.com)Connection re-use w/o head-of-line blockingHeaders always compressedAlways SSL (but breaks caching)
  • 23. Let’s get crazy: TCP terminationSynchronous RTTs: the silent killerOpening new TCP connections is very costlyRun proxies close to users and proxy traffic back to core using optimized protocolLow RTT to proxyDo SPDY-like tricks between edge + corePotentially faster network to core than public internetAdvertise these proxies via DNSGeo-targettingAS-adjacencyAkamai CDN does this, sort of
  • 24. Let’s get crazy: DNS anycastRemember how DNS resolutions were slow?DNS servers could be far away from a userAdvertise multiple network routes for the same DNS IP, let the IP stack pick the closest one