Menu
I have inherited a system where it has some performance issues due to network latency. We are using CentOS 5.x, and haproxy 1.5x
The reason is that there is a lot of time spent on each API requests due to time spent on "initial connection"
Ignore the rest of the timing as this is just an example taken from web, the rest of the timing is fine from my end except for "initial connection" where all API calls are timed around 150 - 250ms for "initial connection".
After removing the settings "option httpclose" from haproxy, the performance has improved significantly as all the waiting time from "initial connection" are gone.
After going through some articles, I have found this one http://killtheradio.net/technology/haproxys-keep-alive-functionality-and-how-it-can-speed-up-your-site/
Where it suggest to remove:
option httpclose
and replace with
timeout client 5000
option http-server-close
So my questions are:
898
option http-server-close. Will close the connection from HAProxy to the backend, but will keep the connection alive between the client and the haproxy-server. HAProxy will close the connection if/when the timeout is hit, so you might want to tweak the timeout http-keep-alive and timeout client options.
By default, HAProxy uses port number 80. Incoming traffic communicates first with HAProxy, which serves as a reverse proxy and forwards requests to an available endpoint, as defined by the load balancing algorithm you've chosen.
A listen section can be used to define a complete proxy with the functions of a frontend and backend combined. The listen section is well suited whenever you need to route traffic to a specific set of servers or for non-HTTP-related configurations such as TCP gateways.
When HAProxy Enterprise is used as a reverse proxy in front of your backend servers, a frontend section defines the IP addresses and ports that clients can connect to. You may add as many frontend sections as needed to expose various websites or applications to the internet.
You should actually be using
option http-keep-alive
You need to ensure that the frontend limits are high enough (be careful of the memory requirements) that they can accommodate the increase in number of active sessions, which will be higher due to the fact that connections will no longer be closed after each request.
Next thing is making sure that your backend supports keep alive towards HAproxy, otherwise the above is useless and you can switch back to http-server-close mode.
Depending on the rate of your requests and the number of parallel clients, you need to adjust timeout http-keep-alive to make sure you have enough connection slots on the frontend while still retaining good connection reuse percentage. Good value to start with is a few seconds.
The httpclose option should only be used if you want to close the connection towards both the server and the client, which is almost never the case unless the clients are broken. If you have a server that cannot cope well with a lot of idle requests, you might want to use http-server-close option, but all modern web servers to it well.
This will also help with the SSL part as it is representing a significant chunk of the connection phase (given that it won't need an SSL handshake on every request), but you might want to look into SSL session cache performance and if you have more than one HAproxy server active, RFC5077 support (requires v1.6+).
https://cbonte.github.io/haproxy-dconv/configuration-1.5.html#tune.ssl.cachesize https://cbonte.github.io/haproxy-dconv/configuration-1.5.html#3.2-tune.ssl.lifetime
78
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
