Scalable Web Applications Reference Architectures and Best Practices Brian Adler, PS Architect 1 Scalable Web Application 2 1
Scalable Web Application What? An application built on an architecture that can adapt to changing conditions 3 Scalable Web Application What? An application layered on an architecture that can adapt to changing conditions Why? Traffic and load patterns are unpredictable Viral or flash-mob events can result in very dynamic conditions Availability and Reliability Application must be distributed to increase likelihood of end-user accessibility Overprovision Under-utilized resources == wasted $$$ Underprovision Missed opportunities users unable to access your site/product Don t be a victim of your own success 4 2
This bed is too big. This bed is too small 5 Cloud Resource Model Dynamically provision the resources you need to meet the current demand Demand goes up, resources are added d Demand goes down, resources are removed In true utility computing fashion, only pay for what you use, when you use it 6 3
But this bed is just right 7 Scalable Web Application When? No time like the present 8 4
Scalable Web Application When? No time like the present How? Stay tuned 9 Reference Architecture 10 5
Load Balancing Tier 11 Load Balancing ELB or not ELB. That is the question. No SSL termination on the ELB (*) Can load balance at the TCP level, el but that eliminates sticky sessions for secure connections (*) (*) No longer the case as of mid-october 2010 Can scale to handle large amounts of traffic, but slow to ramp-up Only need one (RightScale has a technical white paper on load balancing solutions that can be provided if desired) 12 6
Load Balancing ELB or not ELB. That is the question. No SSL termination on the ELB (*) Can load balance at the TCP level, el but that eliminates sticky sessions for secure connections (*) (*) No longer the case as of mid-october 2010 Can scale to handle large amounts of traffic, but slow to ramp-up Only need one (RightScale has a technical white paper on load balancing solutions that can be provided if desired) HAProxy + Apache 13 Can handle SSL termination on the load balancer Allows for sticky sessions with secure connections Each instance can handle a specific amount of traffic with no ramp-up time Each instance can only handle a specific amount of traffic Addition of load balancers is possible, but requires DNS modifications Load Balancing Load Balancer + Application server Possible, and good for test and dev Not a best practice for a production environment Traffic spikes can cause instance to perform both load balancing and application functions poorly 14 7
Load Balancing Load Balancer + Application server Possible, and good for test and dev Not a best practice for a production environment Traffic spikes can cause instance to perform both load balancing and application functions poorly Recommendation: Minimum of two load balancers Each load balancer should be in a different availability zone (AZ) to increase reliability and availability RightScale testing has shown that m1.large is a good choice for load balancers Due to 100K-120K packet-per-second limit, larger instances do not provide much gain in throughput Roughly 5K responses/second can be handled by m1.large With the 5K threshold in mind, select the number of load balancers required to handle your peak traffic 15 Application Server Tier Puts the scalable in a scalable application True autoscaling a must in any dynamic/unpredictable environment 16 8
Application Server Tier Autoscaling Fully automated server launch based on autoscaling triggers No manual al intervention ention (can be challenging in certain environments, i.e. Windows) Download and install application code from common repository to ensure identical configuration of all servers in the tier 17 Application Server Tier Autoscaling Fully automated server launch based on autoscaling triggers No manual al intervention ention (can be challenging in certain environments, i.e. Windows) Download and install application code from common repository to ensure identical configuration of all servers in the tier Triggers Common CPU idle Free memory System load Custom Web server connections Application-specific metrics 18 9
Application Server Tier When to scale? Conservatively. Both up and down 19 Application Server Tier When to scale? Conservatively. Both up and down Up Allow adequate lead time for new servers to become operational Before system is negatively impacted Look for trends in activity and react early Worst that can happen: Charged for an extra instance hour 20 10
Application Server Tier When to scale? Conservatively. Both up and down Up Allow adequate lead time for new servers to become operational Before system is negatively impacted Look for trends in activity and react early Worst that can happen: Charged for an extra instance hour Down When system has been underutilized for a consistent, consecutive period of time Scale down fewer servers than in a scale-up event Again, only downside is an extra hour of instance charge Better safe than sorry 21 Application Server Tier Array considerations 22 11
Application Server Tier Array considerations Weight the array across all availability zones (not regions) Increases reliability of application NOTE: Traffic within an AZ on private IPs is free. Traffic between AZs incurs a per-gigabyte charge Traffic between regions is charged at public Internet rates 23 Application Server Tier Array considerations Weight the array across all availability zones (not regions) Increases reliability of application NOTE: Traffic within an AZ on private IPs is free. Traffic between AZs incurs a per-gigabyte charge Traffic between regions is charged at public Internet rates Set minimums and maximums appropriately Minimum can assist in cost savings in times of low usage Maximum can limit overall cost exposure 24 12
Application Server Tier Array considerations Weight the array across all availability zones (not regions) Increases reliability of application NOTE: Traffic within an AZ on private IPs is free. Traffic between AZs incurs a per-gigabyte charge Traffic between regions is charged at public Internet rates Set minimums and maximums appropriately Minimum can assist in cost savings in times of low usage Maximum can limit overall cost exposure Instance size m1.large is typically y a good choice for array-based servers in a production environment m1.smalls (and even micro instances) can be used in test and development environments Every application is different, so run load tests and benchmarks to find the optimal solution for your environment 25 Application Server Tier Array considerations Weight the array across all availability zones (not regions) Increases reliability of application NOTE: Traffic within an AZ on private IPs is free. Traffic between AZs incurs a per-gigabyte charge Traffic between regions is charged at public Internet rates Set minimums and maximums appropriately Minimum can assist in cost savings in times of low usage Maximum can limit overall cost exposure Instance size m1.large is typically y a good choice for array-based servers in a production environment m1.smalls (and even micro instances) can be used in test and development environments Every application is different, so run load tests and benchmarks to find the optimal solution for your environment Code Deployment Updated code can be pushed to all servers in an array via a single click of a button 26 13
Caching Tier Caching can dramatically decrease the load on the database Particularly in read-intensive applications Costs of caching Application complexity/modification Additional instance hours to support the cache 27 Caching Tier Best practice is to have a separate, dedicated caching tier Caching can be implemented on each application server Prevents the use of a distributed cache Local cache should only be used by the co-resident application server Application complexities Database performance degradation 28 14
Caching Tier Best practice is to have a separate, dedicated caching tier Caching can be implemented on each application server Prevents the use of a distributed cache Local cache should only be used by the co-resident application server Application complexities Database performance degradation Instance Size and Count Determine memory caching footprint Select instance size and count that spreads the load over several servers Prevents loss of entire cache if a single instance fails Distribute caching servers across AZs for reliability Overprovision if possible Provide capacity for system to grow to fully utilize cache (budget permitting) 29 Caching Tier Best practice is to have a separate, dedicated caching tier Caching can be implemented on each application server Prevents the use of a distributed cache Local cache should only be used by the co-resident application server Application complexities Database performance degradation Instance Size and Count Determine memory caching footprint Select instance size and count that spreads the load over several servers Prevents loss of entire cache if a single instance fails 30 Distribute caching servers across AZs for reliability Overprovision if possible Provide capacity for system to grow to fully utilize cache (budget permitting) Manually scaling caching servers is possible but non-trivial Involves application and database performance degradation Time To Lives (TTLs) Always set to expire 15
Caching Tier Write-intensive applications Don t see as large a performance gain as read-intensive apps Memcached can be modified to perform lazy writes of data objects to the database Data can be lost in case of caching server crash Not a recommended best practice, but can be (and has been) done Tradeoff of performance versus end-user experience 31 Caching Tier Write-intensive applications Don t see as large a performance gain as read-intensive apps Memcached can be modified to perform lazy writes of data objects to the database Data can be lost in case of caching server crash Not a recommended best practice, but can be (and has been) done Tradeoff of performance versus end-user experience Third-party providers Vendor solutions exist that allow dynamic memcached scaling 32 16
Database Tier Numerous database architecture options exist No one size fits all solution, so testing and benchmarking are critical to determine proper configuration 33 Database Tier Masters and Slave(s) Multiple Slaves if budget permits Distribute te Master and Slave(s) across AZs Always use same instance size for Master and Slaves 34 17
Database Tier Masters and Slave(s) Multiple Slaves if budget permits Distribute te Master and Slave(s) across AZs Always use same instance size for Master and Slaves Data Storage EBS volumes for data store Never use ephemeral storage for persistent data Back up Master and Slaves frequently Upload snapshots to S3 or some other persistent, redundant storage 35 Database Tier Masters and Slave(s) Multiple Slaves if budget permits Distribute te Master and Slave(s) across AZs Always use same instance size for Master and Slaves Data Storage EBS volumes for data store Never use ephemeral storage for persistent data Back up Master and Slaves frequently Upload snapshots to S3 or some other persistent, redundant storage Instance Size Varies greatly based on the nature of the application and site traffic Load testing and benchmarking can assist in identifying a reasonable initial size 36 18
Database Scaling 37 Database Scaling Vertical Grow or shrink a database server from one instance size to another 38 19
Database Scaling Vertical Grow or shrink a database server from one instance size to another Horizontal Add additional servers to spread the database load 39 Database Vertical/Horizontal Scaling Large Type A Large Type B Same quantity of larger servers Vertical Scaling Small Type A Small Type B RightScale Makes Vertical or Horizontal Scaling Easier Horizontal Scaling Small Type A Small Type B Small Type A Small Type B More servers of same types 40 20
Horizontal Database Scaling Addition of read Slaves Effective for read-intensive applications Only writes need to access the master Replication lag to slaves must be considered 41 Horizontal Database Scaling Addition of read Slaves Effective for read-intensive applications Only writes need to access the master Replication lag to slaves must be considered Effective mechanism is to use MySQL Proxy 42 21
Horizontal Database Scaling Sharding Concept is to partition the database into distinct, non-overlapping pieces Horizontal ontal slicing of the database tables into groups of rows Forethought required in setting up shards since cross-shard joins are resource intensive 43 Horizontal Database Scaling Before Sharding 44 22
Horizontal Database Scaling After Sharding 45 Horizontal Database Scaling Master-Master Two (or more) Master DBs Any Master can modify any database object Replication lag can result in database inconsistencies Poorly-designed applications can cause data object collisions and leave databases in indeterminate state Not a recommended best practice, nor supported by RightScale 46 23
Horizontal Database Scaling NoSQL solutions Many options exist SimpleDB, Cassandra, Membase, CouchDB, MongoDB, Riak, etc. Basically a Key/Value store No complex operations between data objects (no relational operations) Multiple nodes can be used to implement a distributed data store Coordinated backup and recovery can be challenging Some RightScale customers are beginning to use some NoSQL solutions in specific use cases. 47 So What s Best? 48 24
So What s Best? As is typical in many technology discussions 49 So What s Best? As is typical in many technology discussions It depends 50 25
So What s Best? As is typical in many technology discussions It depends Many scalable environments share some common underlying architecture concepts 51 So What s Best? As is typical in many technology discussions It depends Many scalable environments share some common underlying architecture concepts Every application is different. As such, there is no one size fits all 52 26
So What s Best? As is typical in many technology discussions It depends Many scalable environments share some common underlying architecture concepts Every application is different. As such, there is no one size fits all Components of a reference architecture such as this can be used as a starting point, with tweaks and modifications made per the unique characteristics of the application itself, or the load and traffic patterns it experiences 53 Scalable Web Applications Q&A RightScale.com/Conference (Presentations available next week) Conference@RightScale.com 54 RightScale.com/whitepapers 27
55 28