very well conceived and written book!
lbrtchx_at_hotmail.com
Date: 09/11/05
- Next message: Edward Diener No Spam: "Re: Sharing common /home directory partition"
- Previous message: philo: "Re: Size of boot partition"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Sun, 11 Sep 2005 07:08:21 -0400
info on the book: http://www.amazon.com/exec/obidos/ASIN/1593270364/
When you find something you really like you want to have/know more of it,
not really being important if it is food, an idea or a piece of art. And
part of liking something is getting greedy+opinionated+political about it.
One little thing that bothered me about this book was the constant changed
of fonts from like 12 points to 8 and then 6 with a gray background.
Usability anyone? But this is not something the author should be blamed
for.
I am more of a software person, but IMHO here are my comments about the
book. More aimed at the next version of Karl's book or in case some wants
to pick up these ideas where he left them off.
Karls book was slashdotted also (go slashdot and search (underneath to he
left) on 1593270364),
http://linux.slashdot.org/article.pl?sid=04/10/30/1856223&tid=163&tid=8&tid=106&tid=218
but I found more flame baits and slashdot'ing that attempts to talk about
this excellent book intelligently:
// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - -
._ considering the 2.4 version of the kernel? fine! But why even talking
about ipchains if the whole LVS idea is based on Netfilters and who uses
ipchains nowadays anyway?
._ more on power management of the primary and back severs, does heartbeat
do some kind of interfacing to APMD on both?
._ have these ideas been ported for *BSD? I mean, I really find silly these
?Give me Linux or give me dead? battle cries from us, OSS techies, when we
should actually love the fact that we have more options as robust (if not
as popular) as Linux.
._ more on the reasons why the different pieces of hardware in a cluster
would fail and how to work around these issues (just the basics of it with
points to more info (we sw people some times code without consideration to
the fact that RAM is very expensive nowadays and using in-memory Data
Structures would make HDDs give us their blessings)).
._ there are NICs with two (and 3?) connectors out there, why not using
them in an LVS env.? And if there are reasons, why not mentioning them?
NICs are cheap and available, PCI slots on a mobo aren't.
._ page 140; ... ?the system time between the two servers should be within
minutes of each other? ... why? It is vital on a cluster having all boxes
accuraelky synchronized!!! This should have stressed/elaborated on.
._ more on the measurability of the whole concept of availability, the
requirements/issues relating to a 99.99% uptime are very different to the
ones of a 99.999% uptime, and the issues relating to it (both hw and sw).
Also, on the fact that absolute ha/uptime (100%) is just an ideal state. We
should not go totally crazy about. Eventually we will have to make
decisions that might affect 1 in 10,000 users and we will have to live with
it (instead of taxing all 10,001 users with a less performant app). Because
even if we put the effort to achieve 100% uptime, say, a cosmic ray could
run through our box and change the parity of a byte running ...
._ I could not quite get why the backup server does not functionally take
the role of the primary one entirely
._ page 158; more on the exceptions of filesystems regarding heartbeat
configurations
._ more on the implications that using different kinds of applications
have.
I wouldn't complicate firewall rules with the ftp protocol when the http
can do the job as well even with the option of more/better coding through a
web interface and you can safely (checking MD5SUMs, etc) stream data from
point A to B. But I would like to see a more detailed handling of the HTTPS
protocol. Separating an SSL cluster from the HTTP one (not doing port
affinity between ports 80 and 443) I think is better, because you don't
have to spend money on SSL accelerator cards for all boxes in the cluster,
the access paths to back end data stores could be better
optimized/controlled, for security reasons it is better to not have the
same applications listening on insecure and secure ports, more accurate
logs, ...
._ at least -some- figures on the performance differences between LVS-DR
and LVS-NAT configurations. Didn't he recommend doing LVS-NAT as a step
towards the more performant LVS-DR installation?
._ I think using software for ha performance and maintenance-wise is good
to, especially since RAM is so dirt cheap and processors so powerful (hyper
threading, pipelining, ...) I use several Tomcat instances 'directed' by an
Apache one and it works well, letting you, within the same box, reconfigure
apps without taking the app offline.
._ page 366; ?Another technique to avoid a single point of failure for SQL
data ...? I would just changed the word ?Another? for ?THE?. Karl, buddy,
have you started to see ?clusters? everywhere? ;-) Let's do DBMS what they
have been designed for? Taxing clustered systems with extra, unnecessary,
care for DBMS does not make any sense, I think. Or?
// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - -
An here comes what I think it is the lie behind the whole idea of doing
packet filtering just based on the kernel's packet headers handling.
As it is rightly pointed out in the book whole organizations face the
Internet through a single IP address (NAT) (I have even heard about whole
countries like Saudi Arabia, ...), how would you go with these cases.
Users' session handling (inside of the HTTP application headers, not just
simply the packets) in order to actually tell apart new user connections is
VITAL to actually and truly do clustering.
.
Albretch
- Next message: Edward Diener No Spam: "Re: Sharing common /home directory partition"
- Previous message: philo: "Re: Size of boot partition"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
|
