Return-Path: X-Original-To: apmail-httpd-dev-archive@www.apache.org Delivered-To: apmail-httpd-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 5DC45101B1 for ; Sun, 11 Aug 2013 12:30:41 +0000 (UTC) Received: (qmail 93973 invoked by uid 500); 11 Aug 2013 12:30:40 -0000 Delivered-To: apmail-httpd-dev-archive@httpd.apache.org Received: (qmail 93930 invoked by uid 500); 11 Aug 2013 12:30:40 -0000 Mailing-List: contact dev-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: dev@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list dev@httpd.apache.org Received: (qmail 93922 invoked by uid 99); 11 Aug 2013 12:30:39 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 11 Aug 2013 12:30:39 +0000 X-ASF-Spam-Status: No, hits=1.5 required=5.0 tests=HTML_MESSAGE,RCVD_IN_DNSWL_LOW,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of trawick@gmail.com designates 209.85.215.47 as permitted sender) Received: from [209.85.215.47] (HELO mail-la0-f47.google.com) (209.85.215.47) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 11 Aug 2013 12:30:33 +0000 Received: by mail-la0-f47.google.com with SMTP id eo20so4064653lab.34 for ; Sun, 11 Aug 2013 05:30:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=OwuDx3udyKTXaWURprT+yNfemX1izEqVgejaB1WAb08=; b=RdBlUaK4KkGPJ+SQjdE6oGqFIj4Fs4QGv69j/T+krA8RhpcSgmo2tRlPK1ZJUkIVCP +NgmDpypKV99DzY0dTQWd2loCAjITEO307A0tgfVW5q1yvzHrF4PKPC5Z+o40adNQIjH nQsub9acYdri0fDroKbqJDda6O1f8j1U4C9kdCt1sXM3rPQTUh1O7cvB7hBUBHSGLwOA 98ju4OvOF+T5A5NCRLvtNk7Hr5gqKaoa6eOlLoGcLWwXmQu1byVaOY1yYGt2O9VzTguX m5psKQFMLxkecG02j2lBso3TbAl1Jet35N7U9GThL0fhuW3M4nKi/jjdIlP5JdqrqVrX L/AA== MIME-Version: 1.0 X-Received: by 10.112.18.198 with SMTP id y6mr7767789lbd.14.1376224212986; Sun, 11 Aug 2013 05:30:12 -0700 (PDT) Received: by 10.114.184.99 with HTTP; Sun, 11 Aug 2013 05:30:12 -0700 (PDT) In-Reply-To: References: <52055648.5050509@primary.net> <20130810153245.GA32285@devsys.jaguNET.com> Date: Sun, 11 Aug 2013 08:30:12 -0400 Message-ID: Subject: Re: Fixing UDS in trunk/2.4 proposal From: Jeff Trawick To: Apache HTTP Server Development List Content-Type: multipart/alternative; boundary=14dae947323158b4c104e3ab2b87 X-Virus-Checked: Checked by ClamAV on apache.org --14dae947323158b4c104e3ab2b87 Content-Type: text/plain; charset=ISO-8859-1 On Sat, Aug 10, 2013 at 12:30 PM, Jeff Trawick wrote: > On Sat, Aug 10, 2013 at 11:32 AM, Jim Jagielski wrote: > >> +1... By the way, I'm working on a minor patch that works around >> that "stupid" encoding of '/' requirement... >> > > Did you give any thought to bypassing the normal proxy parsing altogether? > > For mod_authnz_fcgi I started by using a copy of ap_proxy_canon_netloc() > to parse the backend address, but I think I'll just use a few regexes > (literal IPv6 address+port, any other address+port, and eventually socket= > when AF_UNIX is implemented). I don't have access to proxy APIs and > there's just too much baggage with what ap_proxy_canon_netloc() has to do > for proxy to bring it along only for fcgi addresses. > Another thought... Socket paths should be passed through ap_runtime_dir_relative(), right? > > > >> On Fri, Aug 09, 2013 at 03:51:20PM -0500, Daniel Ruggeri wrote: >> > So I'm tasked with making httpd hold its own weight better against nginx >> > as a reverse proxy to a local service. Unfortunately, nginx supports UDS >> > and we don't quite yet. I've come across a bug that seems easy enough to >> > fix, but I am wondering if there's a better way. Thoughts are welcome. >> > >> > With the currently proposed UDS support in mod_proxy, first requests >> > always seem fine but subsequent requests for the worker fail (attempted >> > DNS lookup when none should be done). I wouldn't have +1'ed had I >> > realized this at the time, but I have a proposed fix... >> > >> > --- httpd-2.4.6-UDS/modules/proxy/proxy_util.c 2013-08-09 >> > 15:12:23.000000000 -0500 >> > +++ httpd-2.4.6/modules/proxy/proxy_util.c 2013-08-09 >> > 15:15:33.000000000 -0500 >> > @@ -2127,7 +2127,7 @@ >> > */ >> > >> > if (!conn->hostname || !worker->s->is_address_reusable || >> > - worker->s->disablereuse || strncmp(conn->hostname, "socket=", >> > 7) == 0) { >> > + worker->s->disablereuse) { >> > if (proxyname) { >> > conn->hostname = apr_pstrdup(conn->pool, proxyname); >> > conn->port = proxyport; >> > >> > I haven't spent a ton of time on this so I'm wondering... This seems >> > simple enough, but isn't there a place we could do this once to avoid >> > having to execute the same logic (substring and path decode) on all >> > subsequent requests? I'd also much rather not have to do a string >> > comparison on all subsequent hits... >> > >> > If I don't hear anything otherwise, I'll just commit this and add it to >> > the backport proposal next week or so >> > >> > >> > P.S. >> > My simple tests with 100 concurrent users for a total of 1,000,000 >> > requests yielded the following numbers (with the above patch applied). >> > The backend supports about 20k requests/sec. This seems to be a mighty >> > compelling case for UDS... >> > >> > nginx UDS: 16001.28 >> > nginx UDS: 18138.94 >> > nginx UDS: 15499.64 >> > >> > Apache UDS: 16348.70 >> > Apache UDS: 14580.92 >> > Apache UDS: 15211.97 >> > >> > Apache TCP: 11859.46 >> > (only got one in) >> > >> > -- >> > Daniel Ruggeri >> >> -- >> >> =========================================================================== >> Jim Jagielski [|] jim@jaguNET.com [|] http://www.jaguNET.com/ >> "Great is the guilt of an unnecessary war" ~ John Adams >> > > > > -- > Born in Roswell... married an alien... > http://emptyhammock.com/ > -- Born in Roswell... married an alien... http://emptyhammock.com/ --14dae947323158b4c104e3ab2b87 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable
On Sat, Aug 10, 2013 at 12:30 PM, Jeff Trawick <trawick= @gmail.com> wrote:
On Sat, Aug 10, 2013 at= 11:32 AM, Jim Jagielski <jim@jagunet.com> wrote:
+1... By the way, I'm working on a minor patch that wo= rks around
that "stupid" encoding of '/' requirement...

Did you give any thought to bypassing the nor= mal proxy parsing altogether?

For mod_authnz_fcgi = I started by using a copy of ap_proxy_canon_netloc() to parse the backend a= ddress, but I think I'll just use a few regexes (literal IPv6 address+p= ort, any other address+port, and eventually socket=3D when AF_UNIX is imple= mented). =A0I don't have access to proxy APIs and there's just too = much baggage with what ap_proxy_canon_netloc() has to do for proxy to bring= it along only for fcgi addresses.

Another thought... =A0So= cket paths should be passed through =A0ap_runtime_dir_relative(), right?



On Fri, Aug 09, 2013 at 03:51:20PM -0500, Daniel Ruggeri wrote:
> So I'm tasked with making httpd hold its own weight better against= nginx
> as a reverse proxy to a local service. Unfortunately, nginx supports U= DS
> and we don't quite yet. I've come across a bug that seems easy= enough to
> fix, but I am wondering if there's a better way. Thoughts are welc= ome.
>
> With the currently proposed UDS support in mod_proxy, first requests > always seem fine but subsequent requests for the worker fail (attempte= d
> DNS lookup when none should be done). I wouldn't have +1'ed ha= d I
> realized this at the time, but I have a proposed fix...
>
> --- httpd-2.4.6-UDS/modules/proxy/proxy_util.c =A02013-08-09
> 15:12:23.000000000 -0500
> +++ httpd-2.4.6/modules/proxy/proxy_util.c =A0 =A0 =A02013-08-09
> 15:15:33.000000000 -0500
> @@ -2127,7 +2127,7 @@
> =A0 =A0 =A0 */
>
> =A0 =A0 =A0if (!conn->hostname || !worker->s->is_address_reus= able ||
> - =A0 =A0 =A0 =A0worker->s->disablereuse || strncmp(conn->hos= tname, "socket=3D",
> 7) =3D=3D 0) {
> + =A0 =A0 =A0 =A0worker->s->disablereuse) {
> =A0 =A0 =A0 =A0 =A0if (proxyname) {
> =A0 =A0 =A0 =A0 =A0 =A0 =A0conn->hostname =3D apr_pstrdup(conn->= pool, proxyname);
> =A0 =A0 =A0 =A0 =A0 =A0 =A0conn->port =3D proxyport;
>
> I haven't spent a ton of time on this so I'm wondering... This= seems
> simple enough, but isn't there a place we could do this once to av= oid
> having to execute the same logic (substring and path decode) on all > subsequent requests? I'd also much rather not have to do a string<= br> > comparison on all subsequent hits...
>
> If I don't hear anything otherwise, I'll just commit this and = add it to
> the backport proposal next week or so
>
>
> P.S.
> My simple tests with 100 concurrent users for a total of 1,000,000
> requests yielded the following numbers (with the above patch applied).=
> The backend supports about 20k requests/sec. This seems to be a mighty=
> compelling case for UDS...
>
> nginx UDS: 16001.28
> nginx UDS: 18138.94
> nginx UDS: 15499.64
>
> Apache UDS: 16348.70
> Apache UDS: 14580.92
> Apache UDS: 15211.97
>
> Apache TCP: 11859.46
> (only got one in)
>
> --
> Daniel Ruggeri

--
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=A0 =A0Jim Jagielski =A0 [|] =A0 jim@jaguNET.com =A0 [|] =A0 http://www.jaguNET.com/
=A0 =A0 =A0 =A0 "Great is the guilt of an unnecessary war" =A0~ J= ohn Adams



--
Born in Roswell...= married an alien...
http://emptyhammock.com/



--
Born in Rosw= ell... married an alien...
http://emptyhammock.com/
--14dae947323158b4c104e3ab2b87--