Consolidating to One Server
In anticipation of fully deploying WifiDog to our other eight branch locations, I have been working on prepping our main server; a dual AMD Opteron with 2GB of RAM. Currently, the main server is serving duty as our content filtering and caching system.
In addition to this role, it will also host our authentication server; allowing us to retire the Pentium 3 Desktop PC and reduce the number of servers needed. Everything will be running on a new Linux distribution, Xubuntu 7.0.4, and will have the latest fresh versions of all the needed software.
The Wiki has been updated to reflect these upgrades and our current plans.
In addition to this role, it will also host our authentication server; allowing us to retire the Pentium 3 Desktop PC and reduce the number of servers needed. Everything will be running on a new Linux distribution, Xubuntu 7.0.4, and will have the latest fresh versions of all the needed software.
The Wiki has been updated to reflect these upgrades and our current plans.
posted by Technology Coordinator at 10:54 PM
3 Comments:
What's the current ratio of cache hit?
So what's the peak requests/sec that you would expect to see on this server?
Presently the cached content would be getting served by the local servers, but your consolidation process will mean, even the requests for cached content would get served from the "central proxy server"
In your current set-up, if one of your proxy servers went down, it would effect only that local office.
How do you plan to keep high availability of services, in the changed scenario?
Are you planning to effect this sceanrio change only because you have a tough time maintaining & sychronising the policies across your proxy servers?
In any case rather than scrapping your PIII boxes, how about clustering (active-active) them? (That could be a bad idea if they are going to cost you too much on the physically occupied space.)
We only have one proxy server, and if it went down, it would affect the district. But we (currently) only have 35 public access computers total (avg 3 per branch) and (eventually) 8 wireless hotspots (each supporting maybe 50 clients or so).
The plan to maintain high availability is through monitoring the server, keeping it protected through use of a firewall, UPS and surge protection, and applying regular security patches and bug fixes. If the server went down during business hours, short of a major hardware failure, it can be back up within hours at worst and within a few minutes at best. The server's hard disk will be imaged to speed up the recovery process in case of a disk failure.
However, the software that runs on the server is very stable, as is the hardware (Tyan GX28 server, Seagate hard disk, Kingston RAM, TrippLite UPS). If it could not be repaired quickly, another computer can be pressed into service as a filtering/caching server.
I'm making this change because compared to the Pentium 3, the dual-Opteron is underused--dansguardian and squid take a fraction of the 2GB of RAM to run--and the Pentium 3 really was never meant to be a server, it's a desktop PC. The Authetnication side is basically a web server running PHP scripts and an SQL database (Posgresql).
This is mainly to phase-out older technology, simplify server administration and make more room in the cabinet for more equipment.
Before I forget, the peak requests/sec is extremely low, less than perhaps 3 requests/sec. Most of those requests will be for web caching and filtering (DansGuardian), with the remainder for WifiDog Authentication (Apache, PHP5, SSL, and Posgresql).
For the foreseeable future, we are not going to have thousands of users hitting the server every day. Two years from now, we may have a peak of a few hundred (and I'm working off the top of my head) users (public and wireless) on the server. By that time, however, the server will likely have more RAM and upgraded processors to handle the load or even a second server in place.
I should also add that the Pentium 3 is now seven years old (manufactured circa 2000) and was only meant to be used as testing platform for WifiDog. Now that the software is proven, it has served (no pun) its purpose.
Post a Comment
<< Home