TFE listener architecture. Matt Klein, Staff Software Engineer Twitter Front End

Similar documents
Load balancing MySQL with HaProxy. Peter Boros Percona 4/23/13 Santa Clara, CA

Internet Information TE Services 5.0. Training Division, NIC New Delhi

TESTING & INTEGRATION GROUP SOLUTION GUIDE

Apache Tomcat. Load-balancing and Clustering. Mark Thomas, 20 November Pivotal Software, Inc. All rights reserved.

AppDirector Load balancing IBM Websphere and AppXcel

SiteCelerate white paper

Radware s AppDirector and AppXcel An Application Delivery solution for applications developed over BEA s Weblogic

Scaling Progress OpenEdge Appservers. Syed Irfan Pasha Principal QA Engineer Progress Software

Using MySQL for Big Data Advantage Integrate for Insight Sastry Vedantam

Tomcat Tuning. Mark Thomas April 2009

Citrix NetScaler 10 Essentials and Networking

ELIXIR LOAD BALANCER 2

Configuring Nex-Gen Web Load Balancer

Oracle Database Security and Audit

Apigee Gateway Specifications

ExamPDF. Higher Quality,Better service!

Monitoring Nginx Server

GigaSpaces XAP 10.0 Administration Training ADMINISTRATION, MONITORING AND TROUBLESHOOTING GIGASPACES XAP DISTRIBUTED SYSTEMS

HTTP/2: Operable and Performant. Mark

Coding Serbia. Systematic Load Testing of Web Applications.

HAProxy. Ryan O'Hara Principal Software Engineer, Red Hat September 17, HAProxy

CS312 Solutions #6. March 13, 2015

Citrix NetScaler 10.5 Essentials for ACE Migration CNS208; 5 Days, Instructor-led

GlobalSCAPE DMZ Gateway, v1. User Guide

F5 Configuring BIG-IP Local Traffic Manager (LTM) - V11. Description

REQUIREMENTS AND INSTALLATION OF THE NEFSIS DEDICATED SERVER

DEPLOYMENT GUIDE Version 1.1. Deploying the BIG-IP LTM v10 with Citrix Presentation Server 4.5

( ) ( ) TECHNOLOGY BRIEF. XTNDConnect Server: Scalability SCALABILITY REFERS TO HOW WELL THE SYSTEM ADAPTS TO INCREASED DEMANDS AND A GREATER

Configuring MassTransit Server to listen on ports less than 1024 using WaterRoof on Macintosh Workstations

ZEN LOAD BALANCER EE v3.02 DATASHEET The Load Balancing made easy

CNS-205 Citrix NetScaler 10 Essentials and Networking

Cloud-Based dwaf A Real World Deployment Case Study. OWASP 5. April The OWASP Foundation

Load Balancing. Outlook Web Access. Web Mail Using Equalizer

NEFSIS DEDICATED SERVER

Apache Traffic Server Extensible Host Resolution

BlackBerry Enterprise Server for Microsoft Exchange Version: 5.0 Service Pack: 2. Feature and Technical Overview

Barracuda Load Balancer Online Demo Guide

How To Manage A Netscaler On A Pc Or Mac Or Mac With A Net Scaler On An Ipad Or Ipad With A Goslade On A Ggoslode On A Laptop Or Ipa On A Network With

scalability OneBridge

CNS-208 Citrix NetScaler 10.5 Essentials for ACE Migration

FortiOS Handbook - Load Balancing VERSION 5.2.2

Apache Tomcat Clustering

GroupWise SMTP Infrastructure Design:

Cisco Application Networking for BEA WebLogic

Cisco Application Networking for IBM WebSphere

Cisco AnyConnect Secure Mobility Solution Guide

DEPLOYMENT GUIDE Version 1.1. Configuring BIG-IP WOM with Oracle Database Data Guard, GoldenGate, Streams, and Recovery Manager

ZEN LOAD BALANCER EE v3.04 DATASHEET The Load Balancing made easy

Adding Indirection Enhances Functionality

RELEASE NOTES. Table of Contents. Scope of the Document. [Latest Official] ADYTON Release corrections. ADYTON Release 2.12.

Understanding Slow Start

Deployment Guide AX Series with Active Directory Federation Services 2.0 and Office 365

How to Make the Client IP Address Available to the Back-end Server

Resource Utilization of Middleware Components in Embedded Systems

Barracuda Link Balancer Administrator s Guide

Testing & Assuring Mobile End User Experience Before Production. Neotys

Application Note. Onsight Connect Network Requirements v6.3

Demystify HLB and DNS Load Balancing - Lync 2013 Topology with High Availability (POOLs, DNS LB vs HLB)

This presentation discusses the new support for the session initiation protocol in WebSphere Application Server V6.1.

Discuss the new server architecture in Exchange Discuss the Client Access server role. Discuss the Mailbox server role

DEPLOYMENT GUIDE Version 1.2. Deploying F5 with Microsoft Exchange Server 2007

MULTI WAN TECHNICAL OVERVIEW

Installation of the On Site Server (OSS)

Chapter 2 TOPOLOGY SELECTION. SYS-ED/ Computer Education Techniques, Inc.

Configuration Guide BES12. Version 12.1

WAN Optimization, Web Cache, Explicit Proxy, and WCCP. FortiOS Handbook v3 for FortiOS 4.0 MR3

CHAPTER 1 - JAVA EE OVERVIEW FOR ADMINISTRATORS

Microsoft Lync Server Overview

Network Configuration Settings

IMPLEMENTATION OF INTELLIGENT FIREWALL TO CHECK INTERNET HACKERS THREAT

The old Internet. Software in the Network: Outline. Traditional Design. 1) Basic Caching. The Arrival of Software (in the network)

BlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: Security Note

FortiOS Handbook Load Balancing for FortiOS 5.0

Secure Web Appliance. Reverse Proxy

Introducing the Microsoft IIS deployment guide

Enterprise Security Interests Require SSL with telnet server from outside the LAN

Load Balancing Microsoft Sharepoint 2010 Load Balancing Microsoft Sharepoint Deployment Guide

Load Balancing 101: Firewall Sandwiches

XIA Configuration Server

DEPLOYMENT GUIDE Version 1.0. Deploying the BIG-IP LTM with the Zimbra Open Source and Collaboration Suite

accf_smtp: FreeBSD kernel protection measures against SMTP DDoS and DoS attacks

OVERLAYING VIRTUALIZED LAYER 2 NETWORKS OVER LAYER 3 NETWORKS

Oracle Communications WebRTC Session Controller: Basic Admin. Student Guide

Configuration Guide BES12. Version 12.2

ALABAMA CENTRALIZED (ACE) PROJECT SUMMARY

Smart Tips. Enabling WAN Load Balancing. Key Features. Network Diagram. Overview. Featured Products. WAN Failover. Enabling WAN Load Balancing Page 1

Configuration Guide. BlackBerry Enterprise Service 12. Version 12.0

MEASURING WORKLOAD PERFORMANCE IS THE INFRASTRUCTURE A PROBLEM?

Spirent Abacus. SIP over TLS Test 编 号 版 本 修 改 时 间 说 明

Direct NFS - Design considerations for next-gen NAS appliances optimized for database workloads Akshay Shah Gurmeet Goindi Oracle

CYAN Secure Web Microsoft ISA Server Deployment Guide

Cisco Integrated Services Routers Performance Overview

DEPLOYMENT GUIDE Version 1.1. DNS Traffic Management using the BIG-IP Local Traffic Manager

Deploying the BIG-IP LTM with. Citrix XenApp. Deployment Guide Version 1.2. What s inside: 2 Prerequisites and configuration notes

SyncThru TM Web Admin Service Administrator Manual

Load Balancing. FortiOS Handbook v3 for FortiOS 4.0 MR3

Getting More Performance and Efficiency in the Application Delivery Network

DEPLOYMENT GUIDE Version 1.0. Deploying the BIG-IP Edge Gateway for Layered Security and Acceleration Services

DEPLOYMENT GUIDE Version 1.2. Deploying the BIG-IP LTM for SIP Traffic Management

Configuring the BIG-IP system for FirePass controllers

Transcription:

TFE listener architecture Matt Klein, Staff Software Engineer Twitter Front End

Agenda TFE architecture overview TSA architecture overview TSA hot restart Future plans Q&A

TFE architecture overview Listener: L7 reverse proxy. Terminates SSL, speaks HTTP 1.0/HTTP 1.1/SPDY 3.1/HTTP 2.0. Multiplexes requests coming from many connections onto a few high BW router links via SPDY 3.1 Router: Accepts multiplexed requests from the listener. Interfaces with backend services via Finagle, server sets, etc. Authentication, rate limiting, geotagging. Complex path/request processing

TFE architecture overview POP Listener Client Internet DC Listener Router Backend services Multiple DCs omitted for simplicity Multiple POPs omitted for simplicity

TFE architecture overview Connection setup very expensive SSL handshake TCP window expansion (CWND) Bringing connection termination closer to the user yields faster RTTs, more reliable local links (less packet loss), and thus faster connection setup Put listeners in POPs and then backhaul requests over reliable high BW links Interesting design decisions related to routing/peering

TFE architecture overview First listeners installed in POPs for World Cup 14 in strategic locations Future POPs planned Target emerging markets with poor connectivity (e.g., India) Performance improvements via POPs impressive

TFE architecture overview

TFE architecture overview Performance improvements from POPs not just due to forward network locations With POPs came new listener, TSA-L Same core server that has been deployed as the streaming API reverse proxy since December 13 C++, highly parallel, capable of eternal connections. Since connection setup is so expensive this ends up driving a lot of perf improvements

Agenda TFE architecture overview TSA architecture overview TSA hot restart Future plans Q&A

TSA architecture overview Design goals Long lived connections Reliable performance at high load 100% streaming in both directions Back pressure capable in both directions Abstractions for protocols and applications that allow the same server to be used in multiple scenarios Smaller HW footprint (more efficient), especially for POPs

TSA architecture overview C++, 100% asynchronous and non-blocking Embarrassingly parallel implementation means almost entirely lock free. Static thread count (1 per HW thread) Hot restart capability means the server can restart with zero downtime. Existing connections continue to be processed Custom stats implementation designed to work with hot restart in shared memory

TSA architecture overview Streaming Server User Session Codec Request Pipeline One per listening port, multiplied by # HW threads (all cores listen on all ports) Handles downstream connection/request(s) lifecycle. Connection affinitized to 1 thread Encapsulates protocol (HTTP 1.0/HTTP 1.1/SPDY 3.1/HTTP 2.0) Encapsulates asynchronous multiplexed request streaming Encapsulates application level proxying (e.g., TFE vs. streaming APIs)

TSA architecture overview Multiple layers of abstraction User Session handles connection and request lifecycle (watchdogs, idle timeouts, etc.) Codec wraps the underlying HTTP like protocol. Abstracts away events like receiving headers, body data, connection/stream window updates, etc. Pipeline allows the server to handle multiple application level proxy scenarios based on the selected virtual host

TSA architecture overview TFE pipeline Requests are RR between all DC routers over persistent SPDY/3.1 connections. TCP windows are always large in practice Decider like failover possible between different router clusters SSL mutual auth for POP security

TSA architecture overview Connection lifetime Legacy TFE has a default idle timeout of 30s and a lifetime timeout of 45s TSA launched with 15 minute idle timeouts and no lifetime timeouts (connections are eternal ) Future increases to idle timeout are a possibility Enables new scenarios such as presence, active push, etc.

TSA architecture overview Performance SNB/IVB 24 core server: 4K SSL CPS, 20K proxied RPS, >500K active connections, 80% load CPU limited: SSL handshake for TFE, zlib for Hosebird Memory: SPDY connections expensive due to how header compression is performed (deflate) Most non-ssl/zlib CPU time spent processing HTTP headers. Room for optimization here

TSA architecture overview Stability We aim for zero crashes on production (non-canary) deployments. Track record very good Even at very high load (80%+ CPU utilization) performance characteristics stable Focus on sophisticated integration tests using fake clients, fake upstream servers, etc.

TSA architecture overview

TSA architecture overview

Agenda TFE architecture overview TSA architecture overview TSA hot restart Future plans Q&A

TSA hot restart With long lived connections, draining and restarting TSA is very time consuming We would like to be able to reload the server (code and configuration) without affecting existing connections If we program directly to the OS, some pretty cool stuff is possible and hot restart becomes a possibility Opens possibility of removing LBs in certain scenarios

TSA hot restart Epoch 0 Shared Memory Stats and other shared control data kept in shared memory Early fork Trampoline Forking restart trampoline early avoids complicated resource issues Run Server Exec epoch 1 Trampoline Unix domain sockets used for RPC and passing sockets Hot restart Close listen sockets Duplicate listen sockets Run server... parent process is controlled via new primary (admin, stats, etc.) N restarts possible. 2 processes allowed active at a time, the oldest process is terminated Drain

TSA hot restart Forking restart trampoline early yields clean process to exec in with minimal state Unix domain sockets used for RPC / socket passing Shared memory stores stats, cross process log buffer flush lock, dynamic stat allocation lock, upstream health data, etc. Primary process responsible for health checking, admin, etc. In practice we drain old process slowly, but not required

Agenda TFE architecture overview TSA architecture overview TSA hot restart Future plans Q&A

Other features / future plans More POPs Policy based networking (allow developers to ask for specific connection QoS to mimic poor networking scenarios) Push CDN proxy Auth, limiting, geo, service discovery in TSA Previous enables direct proxy (router bypass) in certain scenarios

Future plans Further out: Open source as a generic pluggable server Factor out common libraries (admin, stats, hot restart, etc.) into Twitter C++ shared code Use TSA as LB in certain deployments (direct connect to WAN)

Agenda TFE architecture overview TSA architecture overview TSA hot restart Future plans Q&A

Twitter Front End We work on a lot of really cool stuff SPDY/HTTP2 standards Mobile client network libraries (ios/android) L7 proxies for Twitter traffic L3/L4 software load balancing We are hiring systems programmers. Join us!

Q&A TSA is the result of the hard work of many teams and individuals too numerous to name here Thanks for coming!

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information