Introducing The New Slashdot Setup

At the request of countless users, we're happy to finally present a summary of the new setup over at Exodus. It's the result of over 6 months of work from a lot of people, so shadouts to Adam, Kurt, and Scoop, Team P:Pudge, PatG & Pater for the code, and Martin BSD-Pat and Liz for getting the hardware and co-loc taken care of. Now hit the link below and see what these guys did:

the original version of this document was written by Andover.Net Alpha Geek Kurt Grey. The funny jokes are his. The stupid jokes are mine.

The Backstory
We realized soon that our setup at Digital Nation was very flawed. We were having great difficulty administering the machines and making changes. But the real problem was that all the SQL traffic was flowing over the same switch. The decision was made to move to Exodus to solve these problems, as well as to go to a provider that would allow us to scatter multiple data centers around the world when we were ready to do so.

Meanwhile Slashcode kicked and screamed its way to v1.0 at the iron fists of Pudge (Chris Nandor) and CaptTofu (Patrick Galbraith). The list of bugfixes stretches many miles, and the world rejoiced, although Slashdot itself continued to run the old code until we made the move.

The Co-Loc
Slashdot's new co-location site is now at Andover.Net's own (pinky finger to the mouth) $1 million dedicated datacenter at the Exodus network facility in Waltham, Mass, which has the added advantage of being less than 30 minute drive for most of our network admins -- so they don't have to fly cross-country to install machines. We have some racks sitting at Exodus. All boxes are networked together through a Cisco 6509 w/ 2 MSFCs and a Cisco 3500 so we can rearrange our internal network topology just by reconfiguring the switch. Internet connectivity to/from the outside world all flows through an Arrowpoint CS-800 (which replaced the CS-100 that blew up last week) switch which acts as both a firewall load balancer for the front end Web servers. It also so happens that the Arrowpoint shares the same office building with Andover.Net in Acton so whenever we need Arrowpoint tech support we just walk upstairs and talk to the engineers. Like, say, last week when the 100 blew up ;)

The Hardware

• 5 load balanced Web servers dedicated to pages
• 3 load balanced Web servers dedicated to images
• 1 SQL server
• 1 NFS Server

All the boxes are VA Linux Systems FullOns running Debian (except for the SQL box). Each box (except for the SQL box) has LVD SCSI w/ 10,000 RPM drives. And they all have 2 Intel EtherExpress 100 LAN adapters.

The Software
Slashdot itself is finally running the latest release of Slashcode (it was pretty amusing being out of date with our own code: for nearly a year the code release lagged behind Slashdot, but my how the tables have turned).

Slashcode itself is based on Apache, mod_perl and MySQL. The MySQL and Apache configs are still being tweaked -- part of the trick is to keep the MaxClients setting in httpd.conf on each web server low enough to not overwhelm the connection limits of database, which in turn depends on the process limits of the kernel, which can all be tweaked until a state of perfect zen balance has been achieved ... this is one of the trickier parts. Run 'ab' (the apache bench tool) with a few different settings, then tweak SQL a bit. Repeat. Tweak httpd a bit. Repeat. Drink coffee. Repeat until dead. And every time you add or change hardware, you start over!

The Adfu ad system has been replaced with a small Apache module written in C for better performance, and that too will be open sourced When It's Ready (tm). This was done to make things consistant across all of Andover.Net (I personally prefer Adfu, but since I'm not the one who has to read the reports and maintain the list of ads, I don't really care what Slashdot runs).

Fault tolerance was a big issue. We've started by load balancing anything that could easily be balanced, but balancing MySQL is harder. We're funding development efforts with the MySQL team to add database replication and rollback capabilities to MySQL (these improvements will of course be rolled into the normal MySQL release as well).

We're also developing some in-house software (code named "Oddessey") that will keep each Slashdot box sychronized with a hot-spare box, so in case a box suddenly dies it will automatically be replaced with a hot-spare box -- kind of a RAID-for-servers solution (imagine... a Beuwolf cluster of these? *rimshot*) Yes, when it'll also be released as open source when its functional.

Security Measures
The Matrix sits behind a firewalling BSD box and an Arrowpoint Load balancer. Each filters certain kinds of attacks and frees up the httpd boxes to concentrate on just serving httpd and allows the dedicated hardware to do what it does best. All administrative access is made through a VPN (which is just another box).

Hardware Details

Type I (web server)
VA Full On 2x2 Debian Linux frozen
PIII/600 Mhz 512K cache
1 GB RAM
9.1GB LVD SCSI w/ hot swap backplane
Intel EtherExpress Pro (built-in on moboard)
Intel EtherExpress 100 adapter

Type II (kernel NFS w/ kernel locking)
VA Full On 2x2
Debian Linux frozen
Dual PIII/600 Mhz
2 GB RAM
(2) 9.1GB LVD SCSI w/ hot swap backplane
Intel EtherExpress Pro (built-in on moboard)
Intel EtherExpress 100 adapter

Type III (SQL)
VA Research 3500
Red Hat Linux 6.2 (final release + tweaks)
Quad Xeon 550 Mhz, 1MB cache
2 GB RAM
6 LVD disks, 10000 RPM (1 system disk, 5 disks for RAID5)
Mylex Extreme RAID controller 16 MB cache
Intel EtherExpress Pro (built-in on moboard)
Intel EtherExpress 100 adapter

Re:MySQL

[Smoking]

I'm astonished that nobody made a remark about the RAID setup so far:
Usually RAID 5 and a database is a pretty bad match, because RAID 5 read/write performance is lower than RAID 0, 1, 0+1 read/write performance...
Is it an exception to the rule or hasn't anybody in the slashdot crew taken a database course?

Re:NFS: What are you using it for?

[Jon+Peterson]

FWIW, I think a central NFS server is just pointless. Why on earth have multiple HTTP frontends and then make a huge bottleneck by forcing them to share a single filestore over NFS, a protocol which is less than impressive.

Batch pushes onto local storage on the HTTP machines wins hands down as far as I'm concerned.

And, as others have said, if you must use central storgage for files, you may well be better off with SMB than NFS.

Re:But why's it so expensive?

[jshare]

• Their physical security is crazy (biometric scanners for the guards).
• They are in a non-descript building that doesn't look like it hosts millions of dollars in websites.
• They have UPS, generators, etc.
• As someone mentioned earlier, they have all kinds of connections to all kinds of places (not just a single T3 to one place).
• They save you the trouble of building all that shit yourself.

Duh.

Jordan

MySQL in General.

[viper21]

Ok, so now that we have established the fact that MySQL isn't beefy enough. Why was the choice made to go with MySQL instead of Oracle or PostgreSQL... etc? Just because the code was written for MySQL, or for some other reason that eludes us all?

-S

Scott Ruttencutter

Re:dual nics?

[AntiPasto]

I thought it would be used for load balancing of the web servers?

Re:Interesting Setup

[Scott+Wunsch]

If the site is setup to handle... let say.... 100,000 hits a day, what server configuration is needed for this? With MySQL on it own server, of course. :)

Hmm... I'm sure I remember Slashdot reaching 100,000 hits in one day before Rob finally replaced the P133 serving it back then :-). Of course, there were a lot more static pages involved back then; if you're serving out dynamic stuff, you need a lot more horsepower.

Re:Interesting Setup

Erik,

The site recieves somewhere between 1 and 2 million page views a day. The mySQL server has to be 'beefy' to take that kind of load under mySQL while we wait for replication to be stable and complete.

If you ask "why not __X__" for the database.. our brave programmers are working on a general abstraction layer to allow different databases to be used with slash that is NotReadyYet(tm). When that is complete, people will be able to port slash to the database of choice. For now, the only db supported is mySQL.b

Martin B.

CDROM Booting

[Nobelium]

I see that Slashdot is using "static" installs of Linux. It's a good idea and all, but a more cost effective method is one I was hired to handle for a company.

The idea is if the system ever crashes, it will automaticly boot off a CDROM, format the hard drive, and install a new copy of the operating system with your modifications to it. This is not a good solution for a database computer, but any of the web servers that contain nothing dynamic themselves, its a great solution. If someone hacks the internal server, just reboot.

We also did the same thing with the multiple datacenters. The computers talked to each other over a VPN network, backed themselves up to one computer that was ONLY accessible over the VPN network, etc. Then from the location of the "secure" severs (only on VPN) we would write and test new versions of our distribution (modified Slackware). Then just burn it to a CDROM and mail it out to the systems around the country. Put it in each system, and again reboot. Drop me an e-mail for more information.

Nicholas W. Blasgen

Re:CDROM Booting

[Some+Strange+Guy]

If someone hacks the internal server, just reboot.

So if someone hacks the internal web server, you reboot, and end up with a machine that's still configured with a security hole? Sounds like a pretty bad idea to me...

Incremental backups nightly. If you're hacked, you find the hole, restore from backup if necessary, and patch the hole!

Re: MySQL Server.

[jlanng]

You don't need replication support for data partitioning, which is actually a better choice in most cases. Don't know how Slashdot works, so couldn't comment either way. (To the uninitiated, an example of data partitioning would be storing all the odd-numbered records on ServerA, and the even-numbered records on ServerB. This is clearly a pain for table joins, however) The big question is (and I'm not trying to be a troll here)... why not use a proper database in the first place?

Long live slashdot

[DirtyHarry]

Sounds great. Long live the slashdot empire! And may the force be with you! :-)

Re:Pictures!!

[Bluecoat93]

They noted in the first article that Exodus does not allow cameras inside their facilities. Boo.

PIX gone forever?

[mikeraz]

is the BSD firewall a permanent fixture? The what happened page said that the BSD box was brought in because Pat could get it running quick.

Do you consider the PIX fundamentally flawed or just not correct for your environment?

Re:PIX gone forever?

[gavinhall]

Posted by BSD-Pat:

The PIX was bought before I got here, thinking that it could do what we needed it to. However I'm not sure the network architect knew that it wouldn't fit into the network.

His design (I should mention Martin here) was damn near flawless. Some changes made while building by yours truly...but most of the idea was Martin.

We were so hot on getting things running we didn't know that the PIX would not just drop in and bridge, that it needed a clearly subnetted DMZ.

In the emergency (OH I should mention, Liz, who's a really good net eng., came aboard the Monday preceding this, the PIXen are her domain) we needed somethin g up fast, and since I'm generally the tactician around here...I told her what we needed. She attempted to get the PIX to do it, and then realized that it just won't ;)

I made the decision to throw the BSD box in there.

(for those who had questions, its a type I box with FreeBSD instead of Linux)

The PIXen will be used, probably here at the office... but I think we found something thats working really well.

-Pat

Re:Quick question...

[gavinhall]

Posted by BSD-Pat:

It was mroe or less tweaking that, and the number of threads available to MySQL....

nothing real complicated... =)

Re:Why Debian/RH?

[autechre]

"Switching requires a recompile of Apache"

No.

If you have compiled Apache to do dynamically loaded modules, it doesn't. That's how the Debian packages work; you have several versions of the mod_php package, each for a different database, and you install the one you want. It's easy, and it works (which is pretty much true of everything Debian; that's why I use it)

As another poster pointed out, they most likey do compile Apache themselves (which I did not find that difficult when I tried it to check out mod_ssl [wanted to use rsaref to stay legal], but then I wasn't using Mandrake). Even if you compile it yourself, with dynamic modules you can always compile more modules later without recompiling Apache.

Also, I don't understand your comment of "RH runs Postgres, not MySQL". Both of these should run on all Linux distros.

Accessability

[LorenzoV]

How is SlashDot gonna deal with loss of accessability when Exodus finally lands in the RBL because it will not deal with its cronic spam probelm?

Re:Suggestions for the future...

[AliasTheRoot]

> 1. Cluster the SQL box for high availability and fail-over. MySQL is non trivial to cluster, hence the $$$ Andover is providing to the project. > 2. Switch from NFS to SMB - even the apache site recommends this for speed. Depends on what they are using NFS for... But I think they are generating html pages from the db at fixed intervals and copying to the www servers locally at regular intervals. > 3. Look into having local instances of SQL running on the web-servers - read-only copies that are replicated from the main DB... then the central DB would only be used for write (aka comments and postings...) Thats reliant on being able to use replication which mysql doesn't support - and it's a big nono to put db's on the same machine as the web servers.

But why's it so expensive?

[daviddennis]

I mean, if I had $ 1 million a year, I could run multiple redundant T3s to my own office and use them for my own personal/company use, too.

Why would people use Exodos instead?

D

----

Re:But why's it so expensive?

You've got to understand the clientele that Exodus deals with on a consistent basis. The company has so many fortune 500 companies websites that have mission/business critical apps and DBs that it is in thier best interest to have the best of everything in that facility. When Toys R' Us goes down for 2 days in the Christmas season and subsequently loses tens of millions of dollars in revenue you quickly realize what a drop in the bucket a million or two is. The money factor is actually not as bad as it seems however, though Exodus does tend to inflate their prices. They usually roll it into a 1 or 2 year MRC (monthly recurring charge) which makes the whole operation much more affordable than buying your equipment and housing in your own facility over many different locations.

Re:But why's it so expensive?

[smkndrkn]

You CAN see and touch the equipment yourself...just get in your car and drive to the colo facility....present your eyeball/hand/face for access and you can do anything you want with your cage ;)

Re:But why's it so expensive?

[AliasTheRoot]

We're going with a Datacentre for a number of reasons

* They have 2 Generators and fuel to last indefinately.
* They have cold standby network equipment
* They have 24h security, video cameras & biometric access.
* We can (socially) network with our peers at the datacentre
* Good Fire & Environmental Protection
* Setting up a datacentre is a lot of hassle for 5 boxes...
* Don't need to worry about real estate.
* Datacentre has better connectivity than redundant T3's to your office.
* Network capacity is cheaper at a datacentre
* Better SLA terms at a datacentre

Re:But why's it so expensive?

[daviddennis]

I suppose I'm old-fashioned - I like to see and touch the equipment myself.

What's are SLA Terms?

D

----

Re:But why's it so expensive?

[Mad+Browser]

Service Level Agreement

Guarantees of service from your contract with the ISP.

--hunter

Re:But why's it so expensive?

[mindstorm]

Funny thing, a Costco is just a stone's through away from Exodus in Waltham. So that's why those geeks were buying huge diesel tanks! ;-)


If design is not Bauhaus, it is Baroque.

Re:But why's it so expensive?

[jesser]

my god that's a big barrel, it'll last forever

exodus was when moses led people out of egypt and has nothing to do with channukah. stop getting your old-testament stories confused.

--

Re:But why's it so expensive?

[SpamapS]

Exodus is awesome. I toured their facilities in Orange County, California a few weeks ago. They have multiple OC-48's coming in, from different providers. They are on two different power grids. They have two massive diesel generators that can provide power for 12 hours(each), and a service agreement with a diesel company that will have them on site with a refill and spare parts within 4 hours. The buildings are extremely secure, and the actual co-location space is monitored 24hrs by cameras, and network engineers.

They also have their own backbone, reserved for Exodus traffic only. So if someone in Dallas accesses your servers co-located in San Jose and Chicago, the traffic dives in to Exodus's network in Dallas(they have private connections to many ISP's, making this even faster sometimes), and then goes lightning fast over their backbone, avoiding nasty MAP's along the way.

You aren't going to be able to do all that for yourself, for a million a year.

BTW, Read the web page folks. All of this information is in there.

Re:Suggestions for the future...

[DebtAngel]

Switch from NFS to SMB - even the apache site recommends this for speed.

I don't know the first thing about NFS but I am familiar with SMB, and all I can say to that line is GOOD GOD! If NFS is less efficient than SMB I would just HATE to see a packet analysis (I make it a point at home to use FTP for large transfers because SMB takes about three times as long).

Re:What is all the hardware needed for?

[Anomalous+Canard]

I am sorry, but i do not know anything about web serving

Yes, but did you actually try to read /. before the new server? Unless you're sitting on a T1, it was actually painful.

Anomalous: inconsistent with or deviating from what is usual, normal, or expected

Re:Think Blueberry, man!

[LinuxGeek]

Green? Green!?! Everyone who knows anything about electronics knows that the blueberry iMacs are faster. Has something to do with the blue wavelength of light relaxing the electrons more than green light. Remember the Wizard of Oz? All that green light made people woozie. Same for electrons. That is why MS made the default background of W2K a light blue; to wring the last possible bit of speed out of the boxes.

Re:The Return of the Server

[Kurt+Gray]

while () {
s/KURT/MARTIN/;
s/Andover/Adam/;
}

ROBLIMO: Not after we demonstrate the power of this station. In a way,
you have determined the choice of the web site that'll be slashdotted
first. Since you are reluctant to provide us with a URL, I have chosen
to test this station's slashdotting power...
on your home page on iVillage!

AC: No! iVillage is peaceful. We don't flame Linux on iVillage.
We only discuss travel and mystery novels. You can't possibly...

ROBLIMO: You would prefer another target? A commercial target? Then name the URL!

Roblimo waves menacingly toward AC.

ROBLIMO: I grow tired of asking this. So it'll be the last time. What is the URL?

AC: (softly) pcweek.com.

AC lowers her head.

AC: The FUD piece was posted on pcweek.com.

ROBLIMO: There. You see Lord Taco, she can be reasonable. (addressing
Hemos) Continue with the operation. You may post when ready.

You want overkill

[jcianche]

I helped create an eCommerce environment for a large chemicals company. We used the following setup.

* 4 - SUN Netra Web Servers
* 2 - SUN 3500 Application Servers
* 1 - SUN 4500 Database Server

The servers were running iPlanet and Oracle. This multimillion dollar setup was initially being used by 7 users making one transaction/week. Now the system has ramped up to a couple 100 users. :)

Now that's overkill!

P.S. Good work guys on setting up the new system.

Re:You want overkill

[EmpNorton]

But just think how fast it is for those few hundred users...

Re:Why spend all that $ to fix MySQL?

[coreman]

>Didn't y'all read the article on here a few weeks ago, "Why not MySQL?"

Maybe because that decision was based on another one, made a couple of years before the article?

Re:Interesting Setup

[Thrakkerzog]

Well, if a site linked in a story gets slashdotted, you could assume that slashdot is always under that sort of stress.

Of course, slashdot hits are probably not as bad as other sites. (Because slashdot gets an unusually large amount of text-based browser hits.)

-- Thrakkerzog

The Return of the Server

[Guppy]

INT EXODUS - MAIN SERVER ROOM

[MOFF KURT, a tall, confident technocrat, strides through the assembled geeks to the base of the shuttle ramp. The geeks snap to attention; many are uneasy about the new arrival. But Moff Kurt stands arrogantly tall.]

[The exit hatch of the shuttle opens with a WHOOSH, revealing only darkness. Then, heavy FOOTSTEPS AND MECHANICAL BREATHING. From this black void appears DARTH TACO, LORD OF THE SITH. Taco looks over the assemblage as he walks down the ramp.]

MOFF KURT:
"Lord Taco, this is an unexpected pleasure.
We're honored by your presence."

DARTH TACO:
"You may dispense with the pleasantries, Commander. I'm here to put you back on schedule."

[The commander turns ashen and begins to shake.]

MOFF KURT:
"I assure you, Lord Taco, my men are working as fast as they can."

DARTH TACO:
"Perhaps I can find new ways to motivate them."

MOFF KURT:
"I assure you, this station will be operational
as planned."

DARTH TACO:
"Andover does not share your optimistic appraisal of the situation."

MOFF KURT:
"But he asks the impossible. I need more geeks."

DARTH TACO:
"Then perhaps you can tell them when they arrive."

MOFF KURT: [aghast]
Andover's coming here?

DARTH TACO:
"That is correct, Commander. And they are most displeased with your apparent lack of progress."

MOFF KURT:
"We shall double our efforts."

DARTH TACO:
"I hope so, Commander, for your sake. Andover is not as forgiving as I am."

"This server is now the ultimate power in the universe. I suggest we use it!"

Re:The Return of the Server

[Fishstick]

and then later as ANDOVER's shuttle arrives:

ANDOVER:
"Rise, my friend."

DARTH TACO:
"The server cluster will be completed on schedule."

ANDOVER:
"You have done well, Lord Taco! And now... I
sense that you wish to resume your search for
young hot-grits guy.

DARTH TACO: "Yes, my Master."

ANDOVER:
"Patience Lord Taco, in time he will come to you."

DARTH TACO:
"He will come to me?

ANDOVER:
"He will come to you, and you will bring him
before me... I have foreseen it."

DARTH TACO:
"Yes, my Master."

ANDOVER:
"Everything is proceeding according to my design!"

*cackle*

Re:Why spend all that $ to fix MySQL?

[LucaL]

I imagine that there's a bit of good old fashioned vapour in the 10x assertion.

Also, for a site with such traffic as /. the much finer granularity of Postgres locks could make a difference.

Re:MySQL Server.

[MikeBabcock]

MySQL is, AFAIK open source, just not Free Software. Feel free too look up both definitions. The limitation to MySQL is available
Don't forget that GPL'd versions of MySQL (older releases) are always made available as well.

Re:VA owns them, so isn't hardware at cost?

[gavinhall]

Posted by BSD-Pat:

nope, don't own us yet =)

in a few weeks though.....

-Pat

Re:Bonehead question...

[Mad+Browser]

This is because Apache with mod_perl installed has a larger memory footprint than straight up Apache and using having dedicated image boxes makes it much more efficient.

--hunter

Testing

[LaNMaN2000]

Have you tested the setup under a variety of loads? Approximately what was its capacity? After the recent group of DDOS attacks, have you installed any safeguards to revent similar attacks in the future.

Hopefully this setup will be able to handle Slashdot's growth and end the insufferable page loading delays that have become all too common. Kudos to the IT staff for successfully migrating to the new system.

Re:Testing

[geoffeg]

>Have you tested the setup under a variety of loads?

Uhm, they installed a BSD box as a firewall to filter out unwanted and off packets. Read the article from yesterday.

Re:Bonehead question...

[Anomalous+Canard]

The images (except for choosing which ad to serve up) are static data. The rest of the pages are extremely dynamic data. Each page you read is lovingly built just for you. The optimizations you want on the two very different types of web serving are very different. Ergo, two types of servers with different tunings. The number of servers of each type is then determined by the relative loads. I was suprised at the ratio of 3 image to 5 page servers. I would have thought that fewer image servers would be required.

Anomalous: inconsistent with or deviating from what is usual, normal, or expected

I thought this was interesting..

[Rombuu]

We're funding development efforts with the MySQL team to add database replication and rollback capabilities to MySQL

Wouldn't it be easier and cheaper to just use a real database? Oracle makes a nice one that runs under Linux.

Re:Important Question...

[MattJ]

Yeah, but don't places like that usually have fire escape doors, and the folks in the inner sanctum just pop through them when they go on their smoke break? ;-)

Seems faster.

[tcd004]

Imagine a beo... oh nevermind.

I wonder how many peoplehours go into running slashdot each week?

tcd004

Here's my Microsoft Parody, where's yours?

Re:Seems faster.

[CmdrPinkTaco]

Imagine a beo... oh nevermind.

Imagine a wolfpack cluster of....oh I think I need to shuddup too.
--------------------------------------------

Re:MySQL Server.

[Eponymous,+Showered]

I'm surprised that a 3-tier solution wasn't chosen. Maybe it was looked at and found to be too complex. Sometimes throwing hardware at a solution does work.

3-tier slashcode - now that would be interesting. Watch out CORBA - here comes /.

Guess you'd need a bit of OO Perl for that :-)

Re:what's funny is that...

[MerkuryZ]

I believe you refer to the signal to noise ratio.

Next on the list...

[tringstad]

Update the "about" page on Slashdot, which still says, "Bandwidth provided by Digital Nation."

-Tommy

------
"I do not think much of a man who is not wiser today than he was yesterday."

Re:What is all the hardware needed for?

[K-Man]

You need to remember that almost everything slashdot serves is user content, which is constantly being added-to by thousands of rambling geeks. All this has to be ingested, stored, and then threaded/sorted and filtered (by threshold) on the way out - that takes a lot of disk, memory, and cycles. Caching helps, but each additional post on a thread will invalidate the cache and necessitate regeneration.

Add to that the ad serving, graphics, and so on. I don't know how much tracking they do, but ads usually only pay for each unique user - loading the same ad on the same user's screen ten times only counts for one impression. So most sites have to set a cookie just to avoid double-billing, and check it on each pageload to rotate the ads correctly. That adds cpu and memory too.

Re:Why spend all that $ to fix MySQL?

[Syberghost]

In MySQL you can decide per table if you want the table to be fast or take the speed penalty of making it transaction safe.

In MySQL, you do not have the choice turning on transactions and atomicity.

You have the choice of turning on features that they mistakenly label transactions and atomicity, but let's call a spade a spade here.

You use MySQL if you care about speed a lot, and don't care much about data integrity. That's a perfectly valid position, but let's not pretend it's some other position.

If you do care about data integrity, you use something other than MySQL, and find another way to achieve the speed.

--

Multithreaded TCP stack

[Badger]

How would a multithreaded TCP/IP stack impact this setup? What sort of performance boost would that give Slashdot?

Re:Important Question...

[alkali]

[W]hat if someone posts government secrets to Slashdot and the Secret Service ... decides to pull a Steve Jackson on Andover HQ?

Unless you're going to colocate offshore, which I would guess carries its own risks, I'm not sure that any American colocation facility can protect a site against a search warrant (which I understand was issued in the Steve Jackson case, whether rightly or wrongly).

I would be interested in knowing, however, what contract terms Exodus and other colos offer with respect to warrantless requests for searches. (That is, what has Exodus agreed to do when Agent Foo shows up without a warrant and asks to have a look at the machines hosting website Bar? Is Exodus in breach of contract if it says, "Right this way, Agent?" Or has it agreed to take some other action?)

Re:SQL Server

[smkndrkn]

I sure hope your not and that is what is coming! Then I'll finally be able to use it in production and make a good argument for its use at work.

hot spare

[corbosman]

The story mentioned a hot spare system that is always synced with one of the production systems.

What is the benefit of doing this over just adding
this hot spare to the production cluster behind
the load balancer? That way you dont need any
intelligence. And if a box dies, you dont notice
it anyways because you always have 1 or 2 extra
boxes in the cluster anyways.

Is there a benefit?

Cor

Re:Open source?

[CMiYC]

A common myth about open source is that if you release a program with a description and a few source files...someone else will fill in the gaps. They would probably rather get their framework for their own needs put together before releasing it onto the world's eyes. Just because something says "open source" doesn't mean it has to be "open" from the beginning... I know I'd rather work on something and get the basics of what i want put into it, before having loads of people (and lots of non-programmers) look at it and bombard me with email saying "why not this, why not that..." when they are all things I had planned.

---

Re:I have a couple of questions and a comment.

[Dante]

I could care less about the conection to the outside;
It's internal bandwith that I care about. Also overhead on these cards is lower.

GAH!

[GrenDel+Fuego]

Why couldn't this have been posted last night?! I was at Exodus Waltham and I could have looked around for the cage. Hmph.

Re:Pictures!!

[Jonny+Royale]

It'll never happen. Exodus doesn't allow photographic equipment in the facility. There's a nice little letter in the kevlar-lined entrance saying so.

Will it take note of my threshold setting now?

[pallex]

cos i`ve set it to 0, but i keep getting all this -1 crap. SORT IT!!

(yes, i`ve saved, logged in , logged out, logged in again...sometimes its 0, sometimes its -1. )

mod_perl processes

[Lazy+Jones]

I haven't looked at slash recently, but it didn't look like it was written in a way that should waste a lot of memory when running with mod_perl.

I've got a huge old CGI script running under mod_perl (worked after a few kludges and lots of "my" statements) that causes the httpd processes to look like this:

5808 nobody 2 0 25848K 7964K accept 0:45 0.00% 0.00% apache
5807 nobody 2 0 30476K 15428K accept 0:44 0.00% 0.00% apache
5809 nobody 2 0 31736K 17108K accept 0:44 0.00% 0.00% apache

Ugly, eh? I had to put 512M in the webserver after getting more than 40.000 views/day for some time (the static content is served by a thttpd already).

Re:MySQL Server.

[CMiYC]

"need to buy a license if I want to do something with MySQL for a client. "

i haven't read the license for a while, but I remember reading that was only true if the product you developed for the client relied soley on MySQL. If your application used standard SQL and was not entirely MySQL dependant, then it would still fall under the "free" catagory. (Unless, of course, you tried to run it under NT)

---

Re:MySQL

[otis+wildflower]

Usually RAID 5 and a database is a pretty bad match, because RAID 5 read/write performance is lower than RAID 0, 1, 0+1 read/write performance...

IIRC the big hit is in write performance, but one would hope large RAID caches should help this somewhat. Still, a 0+1 rig would probably provide the best overall performance and redundancy (and cost the most :p)..


Your Working Boy,

MySQL

[Betcour]

We're funding development efforts with the MySQL team to add database replication and rollback capabilities to MySQL (these improvements will of course be rolled into the normal MySQL release as well).

Transactions in MySQL ??? That would be really wonderfull, I really miss this feature (I could also use some kind of data coherency checks too).

Re:MySQL

[darkora]

It depends on how they are using the database...but a lot of the times RAID 5 is not recommended for performance for insert/update/delete heavy applications; however, I would prefer to use it over just striping if money is tight and availability/fault tolerance is a factor. A lot of the current RAID hardware has cache built into them to buffer the writes and help with the performance degradation on RAID 5, but most database systems for the web will saturate that quickly and no longer receive the benefits (and I'm not sure the RAID hardware they chose has the cache to handle the workload the /. users put on the system). :)

Re:For the record -- "Exodus"??

[smkndrkn]

Yeah its a big colo facility with lots of speed but in my experience its also a pain in the ass. As of right now they are fighting with PSI.net ( a fairly large provider ) about access to their peeing point....Exodus wants PSI to pay and PSI wants exodus to pay because they are not an ISP. My old company ( which I just quit ) had a lot of customers who were using Exodus and we were on PSI...frustrating as hell....

Re:Interesting Setup

[AgentX]

Did you notice what that counts?

From their Methodology Page:

At the current time, the estimated population being reported includes U.S. households that are viewing the Internet using PCs with Windows 95/98/NT as their operating system.

So I think if they included real operating systems we would see much different figures. :)

Re:MySQL Server.

[daviddennis]

One reason might be that mySQL is much faster than Oracle when it comes to building up and dropping connections.

This is really important for the web, because a typical web program will start by opening a connection and end by closing it. So you effectively have one connection for every hit that occurs.

Unless you do some fancy sharing of connections, this is going to be a big problem when you use Oracle. This forces Philip Greenspun to use TCL/AOLServer for his work, since it allows connections to stay up between CGI invocations.

In the mean time, I can open and close as many mySQL connections as I need to.

In addition, as I said in another post, he would probably have to rewrite the Slash engine to use another database; it's most likely very dependent on the mySQL API (as my programs are as well). We get a big payoff from this - far greater speed - so we pay the penalty of being stuck on one database unless we want to make a herculean effort to convert all the software we've already written.

D


----

Re:For the record -- "Exodus"??

[atopian]

Cool.... If they're working on Mars that would give Geeks in space a new meaning ;)

Re:For the record -- "Exodus"??

[BigStink]

The Exodus facility sounds cool, but does the Playboy.com web server really need all that security? :-)

But seriously, your description of Exodus reminds me of The Bunker in the UK (I think this was featured on Slashdot a few months back), which is housed in a decommisioned nuclear bunker. Sadly, The Bunker has no kevlar walls (as far as I know), though it does have "blast proof" doors, a "high security" electric fence and HERF protection. The fact that there's a demand for this type of facility shows how important web servers are to some corporations.

Better idea (Re:/. garage sale, or maybe ebay...)

[mcrandello]

Have a contest! throw some equipment out to the masses. If you like the idea I'll happily accept the quad as an honerarium or something ;-)

BTW if someone could please explain in what way the parent's parent is flaimbait, I'm listening...

So does this mean...

[Jonny+Royale]

IIRC, Rob and Jeff started this from Michigan. Now, your servers are in Waltham. Does this mean a move in the future?

Re:MySQL Server.

[irix]

Well, if you have a look at the license you pretty much can't use MySQL for anything commercial unless it is for your own purposes. I need to buy a license if I want to do something with MySQL for a client.

Also, while the source code may be available, the licesnse that MySQL is under does not come anywhere close to meeting the open source definition - with the exception of older versions as you mention.

Your Sig

[Ranger+Rick]

I want to know what the guy who invented beer is working on now.

Pining for the fjords.

:wq!

Re:Yes, Why MySQL Server? Why not PostgeSQL?

[Hedonistic+BOFH]

Not only are roll-back's on the MySQL developers TODO list... they have been implemented!

That's right, the latest versions of MySQL support a new DB file format (based upon the well recognized Berkeley DB format), and has FULL COMMIT/ROLLBACK capabilities. So no more bitching about that. They've also incorporated support for HEAP tables (emminantly useful for *very* fast cache tables), added better stored function loading, and they almost have sub-selects at the (very fast) speed they want.

I like postgres, it's very powerful for more traditional DB work... but MySQL is still the DB to go to when you feel that need for speed. So check out the feature list of the 3.23.x series. You won't be dissapointed.

arrowpoint redundency

[Cookie+Monster]

Just wait till you try to add another arrowpoint
fro redundency. Run one nic out to each arrowpoint (plus one or more to your interenal net).
Now get reading for the configuration headache of getting those two to work together doing failover and redundency. Fornatly once you do get it right those things will do failover and rules balencing to other units in othe datacenters. Best thing to do is get one of the arrowpoint engineers down and chain them to the rack until they get it right.
We have also had troubles with loaner arrowpoints.
A single Arrowpoint replaces about 6 cisco boxes..
No wonder Cisco bought them :)

Re:I have a couple of questions and a comment.

[mlefevre]

I wonder why there is a red hat box in the mix?

not necessarily the answer, but Kurt posted this previously:

The servers all came with Red Hat and we installed Debian on them, expect the 3500, and I think that was because VA installed extra drivers and stuff we wanted to leave it as is.

michael

Re:MySQL Server.

[delmoi]

dude these guys are pay a million dolars a year for there physical space, I'm sure they could afford Oracle

Kernel version and MTBF

[aslak79]

Anyone know what kernel the beasts run? How often do the machines go down (due to a software fault)? I'm a linux user myself so this isn't some excuse to bash, just a genuine curiosity about the stability, especially of 2.2 linux kernels on highend hardware.

All this for which OSes...

[LinuxGeek]

All that security and I bet many of the boxes are running NT... :) But, humor aside, I wonder how many of the protected boxes are more secure physically than operationally. They are subject to much more danger via the internet than a terrorist wanting to damage the machine. Look at the DDOS attacks against /. last week. Shucks, the terrorist would take more systems offline by trying to find the network cable entry points and destroying those instead of trying to gain access to the physical boxes.

Re:MySQL Server.

[Shoeboy]

It is obvious that money isn't a concern - so why not fork over the money for some Oracle licenses and a competent Oracle admin?
Well, I can't speak for the /. crew, but one good reason would be that oracle is a piece of shit. There are much faster rdbms's than oracle. Sybase and Microsoft (really) make products that completely spank Oracle on equivalent hardware. Oracle's sweet spot is large (Sun E1000 or HP V class) boxes used for data warehousing. Even there, oracle is an inferior solution to DB2 and Informix. Oracle is a lot like windows, it's a shitty product that just happens to be the market leader. The big difference between oracle and MS is that MS is run by Bill Gates and oracle is run by a guy who wishes he was Bill Gates.
--Shoeboy
(former microserf)

Cool... I think

[JeremyH]

Cool, not only is Slashdot moving to better servers, but they will be in the same town as my office rather than 600+ miles away. Now if they would just start proofing the stories for grammar and authenticity before posting all would be well in the world.

Speaking of which, did anyone else notice that that ridiculous idOS story from the other day seems to be completely gone now? Hmmm, do I sense some revisionist history editing on Slashdot? ...

Re:Beware the Intel EtherExpress Pro w/linux

[xjerky]

Nope, it's definitely compiled in the kernel itself. I try to avoid using modules whenever possible. Mind you, this doesn't happen all the time, but since we have 12 servers, with over a million page views a day each, it happens often enough to be a hassle (like once every week or so).

Re:dual nics?

[Kurt+Gray]

That's right. It's primarilty so we can rearrange the network topology into front-end and back-end networks.

Re:OSS Zealots love MySQL even though its not Open

[thelaw]

license, schmicense, who cares what kind of license it has? it they thought the license was objectionable, they wouldn't use it.

jon

Beware the Intel EtherExpress Pro w/linux

[xjerky]

We have several Fullons ourselves, and under heavy load these cards cease to function. I have to log in via an internal network interface and ifconfig the outside IP down then back up.

Re:Beware the Intel EtherExpress Pro w/linux

[Ih8sG8s]

run tcpdump with the -p switch, which will not place the card in promiscuous mode. This is why you were experiencing problems.

Re:Beware the Intel EtherExpress Pro w/linux

Compile support directly into the kernel and not a module, and the problem will disappear. Same goes for the 3C905's.

Re:Beware the Intel EtherExpress Pro w/linux

[Brazilian+Geek]

I work my internal network heavily for about three hours a day - mostly backups and /home duplication and I've never had a problem with the EtherExpress cards. BTW, I've had the same cards on the same machines for almost a year and a half and - so far - not a single network problem. Heavily == constant 95% network usage.

It may be just my machines - my boss promissed to sue the company that sold us the machines if we had any downtime... (just kidding...)

Re:Beware the Intel EtherExpress Pro w/linux

[PigleT]

OK, getting off-topic here, but I had some fun and games with an EtherExpress Pro in recent days...

For some bizarre reason, problems (TX: Transmit Timed Out) disappeared when I tried to tcpdump what was happening. As a total kludge, if you ifconfig eth0 arp promisc up, it doesn't happen anything like so often (if at all).

This was a Saturday afternoon workaround - thinking why is a week-day activity ;8)
~Tim
--
.|` Clouds cross the black moonlight,

Re:what's funny is that...

[T.Hobbes]

thank you... these 'expressions' are so useful in expressing oneself...

Damn

[zpengo]

Natalie Portman wasn't in that episode. There go all my good jokes!

I was browsing over my schools optical connect

[delmoi]

and it was still painfull...

Re:MySQL Server.

[nojomofo]

Er, in my experience it's not very difficult at all to implement connection pooling on an Oracle database. Fact is, no matter what database you use, you shouldn't create and destroy a database connection every time a user wants to run a query (or for each user session, for that matter).

Very interesting

[xee]

Exodus sounds cool, but I'm a big fan of Level(3)!!! They just kikz azz.


-------

Re:Why did you choose MySQL?

[Thrakkerzog]

Are you sure? I was under the impression that PostgreSQL has been around for quite a while.
-- Thrakkerzog

AS - Anonymous Slashdotters

[Kryptonomic]

Now that is a problem.

I'm supposed to be writing my PhD thesis at home after work, but for the last few weeks I've wasted most of the available time (=getting home->falling asleep at the terminal) time reading Slashdot and day-dreaming about building my own Beowulf-cluster.

(HOMER VOICE):

Mmmm.... a dozen, black, rack-mounted 2U:s with dual 750 MHz 21264s inside...

Re:AS - Anonymous Slashdotters

[t0m+f00l]

I had no idea underwater basket weaving was so complex! Don't worry, you don't have to finish your PhD. You can come work for me at the PT barnum freak show, weaving baskets while dipped in a pool full of piranhas. I can imagine all the honorary degrees that will come of this.

Slashdot Commerical? :)

[Otto]

Webservers: $22525

NFS servers: $21120

Database server: $25739

Being THE place for Natalie Portman and Hot Grits on the Web: priceless

There's some things money can't buy. For everything else, there's Slashdot.

---

Legacy Support

[zpengo]

I wish that the old slashdot server was still up...it would be interesting to visit every now and then, like going to a museum. :o)

Re:Thank god!

[AndyL]

Yea, we all know he releases his code after every key-stroke.

Re:NFS Question

[daviddennis]

The comment pages are actually static files that are loaded directly by the comment perl script to minimize the number of database lookups done. So the comment pages themselves are stored on the NFS server, and the personalized stuff on the right side of the page is slotted in by a relatively simple script.

D

----

Re:what broke the code?

[AndyL]

Also, it's "reparenting" comments even if you tell it not to.

MySQL Junkies dislike the word "licence"

[Lac]

Funny how no MySQL fan here even mentions licencing terms. Does nobody care that the current releases of MySQL are nowhere near being free? I remember a time when free licences mattered. Maybe RMS is right when he warns us we are caring more and more about expediency, less and less about freedom.

I have nothing against the MySQL folks (they seem like nice people), and I will be genuinely happy if they relicence some day. But in the meantime, MySQL has the same fundamental problem as RealPlayer or Microsoft Office. No offense intended.

Re:MySQL Junkies dislike the word "licence"

[Exanter]

The reason a lot of us "mysql fans" never mention the licensing terms is that we (or at least I) really don't care. It's open enough in my book (I get to see source), and previous versions have been GNU-ified for the zealots.

I care about a certain level of freedom (I wanna see source) as a bare minimum. after that, bigger concerns, such as "does it work"? and "how well does it work"? take precedence over the fact that the license isn't as open as some GNU zealot wants it to be.

Because it breaks the browser, thank you.

[devphil]

I would have loved to have read the FAQ, if the browser had stayed running that long. It gets about half the images loaded and then goes byebye. (Thanks, glibc.)

If I were as lazy as you suggest, I wouldn't have visted their page at all.

Interbase

[webcrafter]

They could use Interbase just as well, it has most of the features that MySQL lacks. Of course it's still in beta, but it's Open Source

Re:Pictures!!

[DanPeng]

What's the rationale for that???

Re:Why spend all that $ to fix MySQL?

Be careful of MySQL documentation, and web site ... over the past couple of years, the PostgreSQL developers have tried to work with the MySQL folks to improve their various pages, especially their 'comparison' page ... we recently sent them a list of changes (the number of them eludes me, but it was alot) on just one section of the comparison page that listed a bunch of their types as 'SQL-Compliant' that have nothing to do with the standard, and a bunch of 'SQL Non-Compliant' that are required by the Standard ... As for 'a magnitude speed difference' ... check out PostgreSQL now. I would imagine that their 'tests' were based on several releases behind ... v7.0, that was just released, is several times faster then our last release, which was noticeably faster then v6.4 ... The point I'm making is that if you are going to judge something, judge it on your experiences, not on a competing vendors experiences... you might just be pleasantly surprised ... - scrappy@hub.org

just checked..

[Thrakkerzog]

PostgreSQL has been around since 1995.


-- Thrakkerzog

Re:MySQL Server.

[irix]

I don't think so. Any database driver worth it's salt implements connection pooling. I haven't done mod_perl -> Oracle myself, but this is standard procedure for the MS ODBC -> Oracle and EJB/Servlet/JSP -> Oracle stuff I normally work on. The bottleneck is never the connection setup/teardown time.

Oracle may indeed me somewhat slower - these guys have the money to throw at more hardware! And they need the features that Oracle provides.

As for code modifications - make a fork that supports Oracle. There appears to be people working on Slash full time now. It isn't like back in the day when Rob had to make the changes himself.

My best guess is that this is a result of 'do what you know best'. Oracle isn't well known in the open-source world, and there may be nobody at Andover who has real experience running it. I think their money would be better spent on setting everything up to run Oracle and hiring an Oracle admin, but that is just my humble $0.02.

It all looks great, but I think somethings missing

[Rizza]

The horsepower behind your getup is smokin'. what'd'ya say to takin one of those bad boys from the matrix and ripin up a Q3 server with it...??

Re:Suggestions for the future...

[synx]

CODA!!

I think the replication of coda would be good and cool. Think: all the webservers are coda servers in the 'www' cluster, another 'image' cluster for the web-image servers. Now, you have another box which is also part of the cluster, so you make mods to that "Extra" box and when you're done, you just get coda to sync the other servers by doing 'ls -lR' and presto changeo you've replicated your website changes without hacky scp scripts or anything else.

Re:Interesting Setup

[daviddennis]

Last time I looked, they were serving from 400,000-600,000 accesses per day.

The economics of life are a lot different when you're a major corporation. I was able to get my mid-sized 100-employee company to buy a $ 10,400 VA Linux FullOn 2x2 server even though it was overkill; the money simply wasn't worth thinking about in comparison to the costs associated with having a slow server.

D

----

Re:MySQL is *NOT* Open Source

[AnarchySoftware]

Older versions of MySQL are open under the GPL: http://web.mysql .com/Downloads/MySQL-GPL/MySQL_GPL-3.20.32a.tar.gz . The latest version has a source RPM available at http://web.mysql. com/Downloads/MySQL-3.23/MySQL-3.23.16-1.src.rpm. One way or another they are open enough to be qualitatively better than MS SQL Server, even though they may not be a free as we'd like.

Re:Oddessey?

[Kurt+Gray]

Yes, it's a spelling error -- my fault. We'll fix it in Service Pack 1, due out next year.

Your points...

[Ron+Harwood]

1. There are some commercial (under $500 though) products that will do this quite nicely, and easily.
2. Don't know...
3. Well, it all depends on what you are trying to achieve... it does speed things up... but it depends on load... if you're worried about security... well, don't punch those ports through the firewall...

Re:For the record -- "Exodus"??

It's a big colocation facility.

Phew! I read the above as "It's a big colonization facility". I thought the colonization had already begun...

Re:shadouts?

[SEWilco]

Maybe they're shadouts because they're shoutouts of shadows...

[Too bad we can't link to poor spelling and let these comments expire when it's fixed...]

Re:The Return of the Server -- MODERATE THAT UP!

[Lode]

LOL!

Re:Why Debian/RH?

[Black0ut]

VA has made tweaks to RH that makes it better for running MySQL. How do I know this? A friend of mine works at a university and they just set up a machine that has basically two things running on it, MySQL and SSH. Its set to log the system events and with the load they have the VA RH MySQL setup was the best for the money.

Re:no, silly, they mean shadouts

[Spud+Zeppelin]

a bunch of old, wrinkly, smelly violent fremen hosuekeepers are on their way now to help out the network admins.

So now we know the truth behind last week's attack: once Slashdot moved into the new Exodus facility, they found out that the Harkonnen had left behind a few hunter-seekers to cause havoc.... I wonder how long before the Baron gets to learn the hard way that one of Kurt's teeth has been replaced with a cyanide gas capsule?


My opinion only, IANAL.

Re:Important Question...

[Aero]

Well, a typical Exodus facility isn't nuke-proof, but it's pretty damn close. I've toured one (in Herndon, VA) because our company is about to co-loc at it. Here's a brief rundown of the physical security:

• The building is a converted warehouse; every interior and exterior wall is filled with reinforced concrete
• Extra curbs and islands in parking lot directly in front of the door
• Two-foot-high concrete pillars in sidewalk leading to the door
• Concrete overhang over door, only 8 feet of clearance
• No windows
• One door for entry (no loading dock)
• Receptionists/security chimps sit in a bulletproof enclosure
• Mantrap-style "airlock" with 3"-thick steel doors leads to all computer facilities; office areas have single steel doors sealing them off from lobby

You run into all this before you even see anything resembling a computer, apart from the terminals in the receptionist's enclosure. In the actual computer pens, you have the cages, and for the really paranoid, you can get a steel box with a biometric lock instead of a conventional cage.

To sum up...it would take a truly concerted effort to physically breach one of these facilities.

Aero

Slashdot Security Hole

[Krakus+Irus]

Here is your navigator : Mozilla/5.0 (Windows; N; Win98; en-US; m14) Netscape6/6.0b1
Just a security hole of Slashdot. You can find this kind of hole in all sites which has a forum. I think that in site like e-trade you can make some people asks for stocks.
You can contact me there : Krakus.Irus à voila.com
If you want to retry.
If you want to know more.

Debian on VA

[CgiJobs]

I'd buy a computer from VA Linux if they'd pre-install Debian. When I called to ask about it they said that they had no plans to do so. Any chance you could post the details of converting a VA box to Debian?

Re:Debian on VA

[macbert]

Isn't debian the distribution that VA and O'Reilly put in a box and sold a little while ago. It was packaged with OReilly's debian book. A $34.95 value in a $19.99 box. I assumed that they (VA) would be offering it as an option. Does anyone know if they have any plans on selling a shrinkwrapped version after potato goes current?

Debian from VA
=================
macbert@hcity.net
http://www.hcity.net/mac

Slashdot Security Hole554285544

[Krakus+Irus]

554285544Here is your navigator : Mozilla/5.0 (Windows; N; Win98; en-US; m14) Netscape6/6.0b1
Just a security hole of Slashdot. You can find this kind of hole in all sites which has a forum. I think that in site like e-trade you can make some people asks for stocks.
You can contact me there : Krakus.Irus à voila.com
If you want to retry.
If you want to know more.

Re:Why spend all that $ to fix MySQL?

[Kenbo]

The reason MySQL is so fast is that they made design decisions optimized for a read mostly database (Table level only locking, ISAM table structures, no transaction support, etc.). They also left out other 'key' RDBMS features (views, sub-selects, select into, foreign keys, stored procedures...).

If you can live without these features (and alot of website-web apps can) MySQL is a blazingly fast solution that scales reasonably well. However if you need any of the ACID stuff or if you have a high percentage of writes or deletes MySQL will absolutely suck. It is a special purpose tool and excels in doing the job it was designed for.

Oracle, MS SQL, Postgres, etc. are general purpose RDMS's and they are reasonably good at all aspects of database management but will rarely keep up with any narrowly focused app.
I use MS SQL, MySQL and to a lesser degree Oracle all the time in my web development job. Each is appropriate for different clients depending on the clients individual needs (and the fatness of their wallet).

no, silly, they mean shadouts

[georgeha]

a bunch of old, wrinkly, smelly violent fremen hosuekeepers are on their way now to help out the network admins.

George

SLASHBUG code is here

[new500]

The code is here in PDF format for the page and JAVAscript which is causing all this trouble. Sorry but PDF the only way i could get to make this readable in original format without being interpreted as HTML and continuing the problem

Happy reading!

Why develop your own in house software for hot swa

[wikki]

checkout www.steeleye.com. they make some great software for linux that does just that. all the code originaly came from NCR's lifekeeper, which is rock solid.

Re:MySQL Server.

[Gunzour]

The big difference between oracle and MS is that MS is run by Bill Gates and oracle is run by a guy who wishes he was Bill Gates.

Why would Larry Ellison wish he was Bill Gates? Larry has more money.

SQL Server

[jstepka]

I'm wondering if you are thinking of moving to a db with ACID support? Also, how are you replicating data should you take a hit on your one SQL server?

Re:SQL Server

[Eponymous,+Showered]

I assumed when they talked about working with and funding the MySQL team to add "rollback capabilities," they were looking at full ACID support. Maybe I'm on ACID, though.

Re:For the record -- "Exodus"??

[VaultX]

They have been at exodus for quite awhile....a few months minimum.

Re:Pictures!!

[Fitascious]

Its a security thing, companies pay big money to remain anonymous... I guess the way Exodus sees it is that information about server layout, type location is confidential.
Exodus is really uptight about letting people into the building. I just worked for a company doing a buildout at exodus. I was out with a freind when I got an emergency page. Some server was down or something. I was close to the colo so I swung by.
When I got to Exodus with my friend, she really needed to go to the bathroom. So I asked a security guard if she could use the facilities, which are located outside the main colo space (which requires a palm scan to enter). The security guard informed me that to use the bathroom would require the following:

They must hold on to her ID.
She must Sign in.
She must be issued a badge (a long procedure).
And a Security guard would have to be present at all times, waiting outside the stall.

That should give you an idea of how concerned Exodus is with security.

Alex B.

Re:For the record -- "Exodus"??

[Waiting]

Actually, Exodus does not host ebay.com 100% anymore. ebay's machines might be still at Exodus' site, but ebay gets its bandwidth from Above.net, and will eventually move its machines over to their site.

For our company, we investigated both Exodus and Above.net, and found Above.net's connectivity was much better (more peering arrangements).

Do a traceroute to www.ebay.com for confirmation...

waiting

Re:Nothing to do with data modeling

[Ranger+Rick]

> I haven't looked at Postgres SQL specifically,
> but the mySQL API was designed to look just
> like the mSQL API. Most likely, they would have
> to change a lot of stuff around to make it
> compatible with any other database besides
> mSQL, and of course mSQL has been an inferior
> product to mySQL for quite some time now.

But, they're using Perl with the DBI interface, which is a completely uniform interface to various databases. For the most part, all they would have to do is change the DBI->connect() statement to a different DBD module and it'd be switched. Considering for the most part MySQL's SQL language is a subset of other RDBMs, they probably wouldn't have to change their SELECTs and such either.

I expect it's because MySQL is quite a bit faster, and it's usage seems to be more common than PostgreSQL. (...therefore, possibly more stable?)

:wq!

Re:Mysql can be MORE reliable than Oracle/Postgres

[Stu+Charlton]

uh.

you believe that.

ACID transactions are the fundamental way of ensuring reliability in a distributed system. there is no "revolution" against transactions. in fact, they're making a comeback (see com+)

what's funny is that...

[T.Hobbes]

... the amount of relevant information has remained the same ever since /.'s been on a dusty ol' 386 with a 14.4kb/s pipe...

(that is not to say the trollers and such are not fun, which they are.. they're just not useful outside the context of /. ...)

Re:what's funny is that...

[slpalmer]

ever since /.'s been on a dusty ol' 386 with a 14.4kb/s pipe I seems to recall a post from CmdTaco way back when talking about the original /. server being a DEC Multia (Alpha).
---
Here is the result of your Slashdot Purity Test.
You answered "yes" to 86 of 200 questions, making you 57.0%

Re:what's funny is that...

[Rendus]

Actually, Slashdot started on a Multia :) Not far off from The 386 In The Corner(TM) though. It was actually the mail server for his employer at the time (The Image Group I believe, can't remember for sure), and he ran /. off it (this was back when 100 comments on a story was unheard of) until it couldn't handle the load anymore. Personally though I think Slashdot had more interesting topics back then as well. -Shrug-

Why Debian/RH?

[waynem77]

Forgive me if this has been asked elsewhere, but why did y'all choose those distributions for those servers? I'm genuinely curious; I'm unfamiliar with the large-scale differences between distributions. (My computer runs Mandrake... that decision was based on the single factor that my friend happened to have a Mandrake CD on him.)

Re:Why Debian/RH?

[Mad+Browser]

I wanted to know what was up with Red Hat on the SQL server... Here is the word from the man himself:

CmdrTaco: "The admins were having a problem with debian and the quad xeon. It was
just quicker to install red hat. I think they're silly :)"

--hunter

Re:Why Debian/RH?

[Omegaman]

Mandrake is largely geared to provide an end user environment. Debian doesn't necessarily have the
easiest end-user install but Admin types don't care about such things. Debian is great for adminning. An admin at install time is only going to install exactly what is needed for the job at hand. Furthermore, managing, and upgrading Debian is wonderful with tools like apt-get and some of the other nice touches throughout the system. In other words, Debian is great for control-freaks with a shortage of available time.

I suspect the RedHat MySQL box was preconfigured with lots of tweaks for MySQL performance already
done that they would have had to do by hand
otherwise. Again, a purely practical kind of decision.

Mandrake's a wonderful distro for a workstation and end user, but it's filled with stuff they would just have to remove and it doesn't have the server management tools that make Debian so nice for someone whose familiar with the system.

Re:Why Debian/RH?

[embobo]

Are you unaware of the problems with DSOs in Apache? They are slower, in beta, and cause nothing but headaches when restarting the server. The mod_perl mailing list is full of problem reports caused by DSOs.

Re:Why Debian/RH?

[rtscts]

so would I..

why RH for the SQL server when the rest are Debian? RH runs Postgres, not MySQL...

switching requires a recompile of Apache - a royal PITA IME to get all the modules to compile. On my box, I ended up copying the Apache RPM's from my Mandrake CD instead (can't run mandrake, it won't install and running the non-GUI installer requires more effort than just booting off the CD)

Re:Why Debian/RH?

[Menthos]

But why would you want two of your systems to be Debian and one to be Red Hat?

That was explained in a comment from Kurt in the Slashdot/DDoS article.
Basically, the MySQL box has a slightly different config than the other boxes and came pre-loaded with Red Hat from VA. Included were also some special tweaks for that hardware config, and so they decided that they wouldn't wipe that box and use Debian but instead use it as it was.

Re:Why Debian/RH?

[rtscts]

I mean by default, the versions of RH I have use Postgres, Apache is compiled with Postgres support for PHP (I don't know how the Perl stuff works, maybe it doesn't need to be compiled with any particular DB support?). Why make things more difficult when other distros use mysql by default?

though if they're going to recompile anyway, it doesn't matter..

Re:Why Debian/RH?

[matticus]

slashdot runs debian, to my knowledge, mainly because it's rob's favorite. he is a debian die-hard. the sql server running redhat is new-i'm not sure why they picked it other than i've heard redhat is good for sql.

Re:Why Debian/RH?

[Devil+Ducky]

I was more wondering why you would want to switch systems.

Here at work I'm setting up a Linux server for each of our locations to use for sendmail and apache. Each of our machines is using Red Hat 6.2 (final) because Red Hat was easier for me to explain to my non-linux enabled co-workers.

But why would you want two of your systems to be Debian and one to be Red Hat? Wouldn't that just make it harder to figure out when something goes wrong with one of them. Personally I like to be able to look at a machine that works and compare in case I miss something.

Is Red Hat better prepared for mySQL than Debian?


Devil Ducky

Re:Why Debian/RH?

[mansemat]

1) RH Runs MySQL.
2) The RPMs for Apache just don't cut it with a high volume site. You need to optimize Apache for whatever it is you really need. You include the modules you need and exclude the one's you don't. Plus I'm sure they have a few custom modules they need to include.

Re:For the record -- "Exodus"??

[erinelf]

Actually, Frontier Globalcenter hosts Yahoo. Just for the record.

Re:Nothing to do with data modeling

[Ranger+Rick]

Whups, 2 "for the most part"'s. (Score -1: Redundant)

:)

:wq!

what broke the code?

[Fat+Lenny]

There are a number of things that don't work, like my comment preferences defaulting to Threaded instead of Nested, and when you click a CID link, the Moderation Totals can't be seen because it's in white text...

Maybe this is a screwup, maybe it's because I prefer browsing with Windows IE -- so sue me.

--

Re:what broke the code?

[albamuth]

Gee, I don't seem to have ANY problems at all surfing with my relatively feature-low NetPositive...

until I go anywhere with Javascript, Applets, Flash, etc.

*sigh*

Re:Interesting Setup

[m3000]

I doubt it. The alternative-OS movement is still incredibly small in comparison to the dominate Windows platform. Even Slashdot can't manage to get half it's people running an Alt-OS, most of them use Windows. So I doubt including non-windows machines would have much of an impact at all.

Re:Important Question...

[eswan]

I want a co-location provider with a 24x7, hot swappable, fully redundant team of ACLU lawyers!

Re:Bonehead question...

[Kurt+Gray]

The web page servers run Apache+mod_perl+Slash+adsystem == one big memory pig. When serving images you don't need all that stuff in httpd so it's a waste of resources. Most high traffic web sites run separate web servers with a stripped-down httpd so serving images does not drag down your overall performance. The added advantage is your web taffic logs are not polluted with image requests.

Yes, Why MySQL Server? Why not PostgeSQL?

[mr]

>the licesnse that MySQL is under does not come anywhere close to meeting the open source definition

Exactly. So why not move to a product that has it, like Oracle/Informix/...., or, if you are going to spend the $, why not invest the $-time in PostgreSQL, a database that IS opensource?

Is there any reason beyond: MySQL is what we have been using, so now we will continue to use it?

MySQL has said:
On Roll-Back
"MySQL has made a conscious decision to support another paradigm for data integrity, "
Ok, fine, that is a design choice. If they wanted it(rollback), they would have designed it in.

PostgreSQL has rollback, and just needs database replication, and they would LOVE to see that feature.

So, why work with MySQL, other than "it is what we have always done" or "We didn't think of another option"? Are you hoping to have them change the licence?

Re:3 Image servers? *RUNNING APACHE*??!

[Cpyder]

Why don't you run BOA or something like that. I tought images were pretty static, so why use Apache for that???
_
/ /pyder.....
\_\ sig under construction

For the record -- "Exodus"??

[devphil]

Who/what exactly is Exodus?

All I can see from their homepage is that they're vaguely ISP-looking. But I have a personal policy of Not Bothering With Flashy Graphics-Laden Web Pages, so I didn't push any further through the morass.

From the context of the previous play-by-play article, I take it Exodus provides physical storage space and connectivity for your machines, and not much else...?

Re:For the record -- "Exodus"??

[taz757]

It's a big colocation facility.

Phew! I read the above as "It's a big colonization facility". I thought the colonization had already begun...

Damn ... I thought that post said something about a being a big chocolate facility! Wonder if they know anybody that works at Mars? :)

Re:For the record -- "Exodus"??

[Ranger+Rick]

10 cent junk food beats playboy?!? You need to get out more... err... well, less, actually.

Uhh... yeah.
:)

:wq!

Re:For the record -- "Exodus"??

[Elian]

It's a big colocation facility. Lots of redundant network connections to several of the major backbones, power, 24-hour security, that sort of thing. It's the place you'd build for your own datacenter if you only had huge gobs of cash and time.

Re:For the record -- "Exodus"??

[Zico]

I'd tell you, but I have a personal policy against helping lazy luddites who think they're taking some kind of principled stand because they don't visit sites that use <img> tags. At least read the damn FAQ linked to on their home page.

Cheers,
ZicoKnows@hotmail.com

Re:For the record -- "Exodus"??

[Reality+Master+101]

Wow! You're right! Didn't they used to be on Exodus? When did they switch?

--

Re:For the record -- "Exodus"??

[TrickyRick]

They host sites like Ebay and (at the one I was at) all the Playboy.com stuff.

I thought you signed a NDA? I assume that is Non Disclosure Agreement. And people think I can't keep secrets.

Re:For the record -- "Exodus"??

[RoufTop]

Exodus is a datacenter company in the real estate business. Essentially, they build buildings, put in huge air conditioners, fat digital pipes, and security guards, then sell cages within for individual sites' boxes. They'll monitor servers but generally are pretty hands off, so its a good deal for companies that have their own admins but don't want to build their own datacenters. In short, your estimation is on the money.

Re:For the record -- "Exodus"??

[phungus]

Exodus is a very high-class co-location provider. They have lots of datacenters across the world which are all 1000's of square feet each and house sites like Hotmail, Lycos, etc. In each of their datacenters they bring in many pipes to all the major internet backbone providers as well as AOL, etc.

They have, literally, 1000's of racks and TONS of machines. At the Sterling, Virginia facility which we moved into (which, BTW, is one of their newest and flagship facilities) I saw SGI Origin machines, countless Sun enterprise-level machines, mainframes, small machines, etc, etc, etc. They run OC-12, 48, or more between each of their centers. They offer "Datacenters within the Datacenter" which are little rooms constructed on the raised floor which offer a secure environment that companies can pay (lots!) for. They have fibre coming in to multiple points in most buildings, many generators, huge UPS's, fingerprint readers to get into the network rooms, etc, etc, etc.

It's pretty phat. Their service is top notch as well. I had to fly up there from Dallas and it was an immense pleasure (even though I had to work. :)

They're pretty awesome (and no, I don't work for them).

Jeff

Re:For the record -- "Exodus"??

[slaker]

Exodus is a colocation facility.
Basically, they have connectivity coming out their ears (one or more OC48s to the other Exodus facilities, OC3s to "most" of backbone carriers, at each site) the in a number of buildings that offer things like highly secured access (full time security staff, kevlar lined walls, 2" thick electronic-keyed steel doors), mutliple power circuits and UPS, extremely regulated environmental conditions. You have to sign an NDA to even walk in their building.

Basically, the Exodus facilities are going to be better than anything a single company could afford to do on their own.

They host sites like Ebay and (at the one I was at) all the Playboy.com stuff.

To me the best part was that everything in their
vending machines only cost a dime. =)

Re:For the record -- "Exodus"??

[Reality+Master+101]

Others have said it well, but I'll add this: Exodus hosts Yahoo. 'Nuff said.

--

OFFTOPIC

[Mad+Browser]

Yes, my response is offtopic..

What chemical company?

--hunter

Re:Nothing to do with data modeling

[daviddennis]

Good points; I use the C API, so it would be a big pain for me to switch.

In the end, it's probably the speed, and since they're used to it and its various quirks.

D

----

Re:I got two words for ya...

[SEWilco]

Ignore Natalie, she moves as fast as a rock...just don't stand in from of her rocket launcher.
Only one goon in a room will shoot at you, but as soon as that one fails another will service you...Except that there's a second one also waving images at you.
You know the SQL Server is lurking in the middle, but you can't reach there yourself.

Link here from About

[Pseudonymus+Bosch]

Yes, there should be a link to this story in the About page.
__

Figured...

[Matthew+Weigel]

But I was just curious. Sometimes people do pull jokes like that :)

Why no cacheing appliance?

[Kris+Magnusson]

[eom]

mod_perl allows easy connection sharing

[MythosTraecer]

Unless you do some fancy sharing of connections, this is going to be a big problem when you use Oracle. This forces Philip Greenspun to use TCL/AOLServer for his work, since it allows connections to stay up between CGI invocations.

Actually, Apache's mod_perl module allows you to transparently cache database connections through its Apache::DBI module. I haven't actually looked at the Slash code, so I can't say that it actually does this, but that's one of the many big performance wins that come from using mod_perl rather than CGI.

/. garage sale, or maybe ebay, asseenin.com?

[georgeha]

Can I borrow the Quad Xeon? Maybe just one of the DUAL PII systems? Surely you have enough systems from old slashdot servers to put them together ;)

So when is the /. garage sale?

Or are you gonna ditch the old stuff on ebay, or asseenin.com?

How much for the ugly couch in the WiReD article?

George

Re:Open source?

[Hadlock]

Hmm, last time I checked, people like to bitch about software (especially complex software) that is released too early and needs to be patched by various bug fixes. Quake 2 is a great example of this, as are several other Q2 engine games. While we're talking about the slash code, I still think what happens in the gaming world is going to bleed over to the net' community.

which one is that?

[gnarphlager]

Bill and Ted's Excellent Adventure, or Bogus Journey?

Re:which one is that?

[georgeha]

Bill and Ted's Excellent Adventure, or Bogus Journey?

The third one, Ted gets yanked out of the Matrix and meets a most excellent black dude.

George

Re:MySQL Server.

[soellman]

That's a good question, but I fear the answer would be performance. I think the Slashguys should be focusing their efforts in a different direction though.

Here's where I speculate cause I've not checked out the code itself.

The SQL server (whatever variety they want to run) needn't be so beefy if there was some sort of caching integrated into the code. Are we hitting the SQL server every time a page is generated? Why not generate the index (for each of the kind of views like different thresholds) once a minute? Same with Slashboxes, they can be cached like nobody's business.

Plus, if you base the page assembly around caching, you can have the assembly later spread around the internet, and only have a database in one location (I'm being simplistic here).

Caching gives you sooo much performance if you use it sensibly.

cheers,
-o

Re:Bonehead question...

[maugt]

Uh, why not just use Akamai for images? Then you could use all the machines for web servers, and judging by the normal speed of slashdot, this would be an advantage!

MySQL Server.

[viper21]

Why was the choice made to use one beefy-as-hell SQL server instead of multiple lesser powered systems?

Scott Ruttencutter

Re: MySQL Server.

[InitZero]

Why was the choice made to use one beefy-as-hell SQL server instead of multiple lesser powered systems?

Didn't you hear? MySQL doesn't do replication. Without such tools, creating multiple servers and keeping them in sync would be a massive pain in the buttocks.

InitZero

Re:MySQL Server.

[The+Dev]

That is because it is difficult/tedious to write code that handles multiple db writes, especially to multiple servers. Expecially with MySQL where you would have to explicitly verify all writes to make sure everything is in sync. This will hopefully be fixed when replication is added to MySQL.

Re:MySQL Server.

[darkora]

They wouldn't even need a permanent Oracle DBA--they could get a consultant (as long as it was a good consultant) to set things up and get it running, train staff on basic procedures and then they could subscribe to a remote DBA service (like what TUSC provides) that has an entire staff of professionals to monitor and maintain your database(s). The only problem I've found with a site switching databases is that if you don't know enough about a database system, you can't get it to perform optimally. They might get Oracle to do some of the extra stuff they need, but the Oracle DBMS is so flexible, that you could easily back yourself up into a performance nightmare (seen it done lots of times). Good Sybase dbas can make their system fly, so can good Oracle dbas, and I'm sure someone who has been working with MySQL for a while can get it to hussle out some content.
As for some of the comments about MySQL connecting faster than Oracle--a lot of the Oracle slowdowns that I have seen can be contributed to the fact that Oracle for some time has activated Oracle Trace on its databases by default (they fixed this unnecessary feature in some versions but not all). If you don't disable this, it can have a tremendous impact on your system, and it is a more common than people think (I have fixed the problem on ~20-30 databases just in the past year alone). Just a little extra material for peoples "maps" out there...

Re:MySQL Server.

[nweaver]

I think the article made this clear: MySQL is not set up to act as a distributed system, and would take considerable work to do so (work which, out of enlightened self interest, andover is funding).

So currently, the solution of "buy a big beefy machine" is the only one which works.

Re:MySQL Server.

[smurfi]

I would _much_rather_ spend my money on a semi-open-source database which happens to do most of what I need anyway, than on a huge beast with a kitchen-sink feature list that rivals M$ Word, 100% closed source, whose license even prohibits publishing benchmark results unless you get them approved by Oracle! (Lots of database comparison pages state this as the reason why they don't incude Oracle.)

NB: Keeping a connection pool is a kludge. Why would I want to use a database that's so bloated even the connection setup takes half a second? A good database should let me connect, do a simple quere, and disconnect well over 100 times per second. What is Oracle _doing_ during that time?

Re:MySQL Server.

[irix]

This isn't flamebait - I'm honestly wondering why you wouldn't go away from MySQL here. It is obvious that money isn't a concern - so why not fork over the money for some Oracle licenses and a competent Oracle admin?

It's not like it is for some sort of open-source reason - MySQL isn't released under an open-source license. I'm curious why slashdot/Andover are spending money funding a closed source project rather than funding an open-source one or forking over the $ for a more capable database like Oracle.

Re:MySQL Server.

[locutus074]

Why was the choice made to use one beefy-as-hell SQL server instead of multiple lesser powered systems?

Because the server processes don't need to talk to each other, but the database processes do.

You usually go with multiple web servers because the box doesn't necessarily need to be all that fast. It doesn't make sense to spend 5 figures on a beefy multi-processor box that you use as a front-end for querying a beefy multi-processor database box when a few cheap $400 eMachines (yes, I know they're shit, from personal experience) will give you equivalent performance. So you put a load-balancer in front of your multiple web servers, and they all serve, and query the SQL box.

OTOH, you really have to have a database all in the same box. You have multiple database processes, all with different information, writing and updating to disk. Not to mention the info that's cached in memory to speed up performance (so you don't have to keep hitting the disk). In this case, you want the largest box you can afford, with multiple processors, a gig or two of RAM, SCSI disks, etc, to make it as fast as possible, since it really needs to be one box.

HTH.

--

Re:MySQL Server.

[kirwin]

MySQL cannot handle such features as datbase replication, and parallel server tasking. This will probably change when the linux kernel supports raw devices (2.4 from what I have heard).

I suffer from the same issue with an Oracle database.

NFS Question

[Johnboy]

Can anybody tell me what purpose the NFS box serves? Multiple load-balanced webservers connecting to a single SQL server -- that's commonplace, but I can't figure out what is on the NFS box or which other boxes need that data. Am I missing something? How about a Slashdot topology diagram?

Re:NFS Question

[X]

I'm confused here. Aside from the typical NAS benefits that one can get out there, I don't see why the configuration you're discussing would have advantages over using SCSI-RAID systems. SCSI has more bandwidth, and while you can do a lot of protocol processing on fancy NIC cards, you can't compare to not having to have to handle an IP stack (the SCSI protocol is MUCH lower overhead).

Additionally, you get to deal with all the locking fun that NFS brings to the table and the fact that Linux's NFS code is still a bit slower and less stable than it should be.

Sure, NAS frees up a lot of CPU compared to IDE, but a fancy SCSI RAID controller should give you crazy performance, and allow for more efficient file I/O techniques.

Re:NFS Question

[halbritt]

My company does things in a similar fashion, which begs the question: Why aren't they using a Network Appliance Filer?

Re:NFS Question

[X]

While this sounds nice, one can accomplish the same with with a SCSI raid. It's possible to have multiple SCSI host adaptors on a SCSI bus. I've seen this done with several clustering solutions. Then you just have to decide which machine will actually update the filesystem. ;-)

Of course, I do seem to recall that ext2fs had some problems with this approach, I just can't remember what they are. The thing is SCSI will give you much better performance than anything running over IP.

Re:NFS Question

[kirwin]

Gigabit Ethernet to fibre channel RAID...damn fast.

Re:NFS Question

[X]

Fibre channel is cool, but I still don't see how the gigabit ethernet speeds things up. You aren't going to be able to get much more than 100MB/sec in even the most ideal conditions.

Re:NFS Question

[kirwin]

This is completely internal. Its not for speed so much as for data protection, and distribution.

The database server connects to a Cisco 5509 switch via Gb ethernet. The NAS server also connects to the same switch via Gb ethernet. The Gb backbone is strictly for Database to NAS connectivity.

Re:NFS Question

[lomion]

The performance increase depends really. What you really want is the drive holding all the web content on it's own controller and hard drive with logging on a second controller. This helps overcome any io issues, plus you want loads of ram to keep static content in memory so you hit the drive as little as possible.

What would kill you is writes on logging for a heavy traffic site.

NFS in a web environment is a little iffy imho. There are a few other ways to do this which create less overhead. NFS on anything other than a spar/solaris box is way to resource intensive imho.

Having the db server seperate is a smart move, though i wonder how close to capacity it is.

RAID has its own performance overhead as well, i guess it comes downto whatever works best in the situation.

Here is anotehr alternative..using CVS and cvsup you can have the server update themselves at intervals updating only changes. It's not that intensive and is very quick, i've done that before. You could also use rsync, basically there are many ways to skin a cat.

Re:NFS Question

[Bluecoat93]

It's very commonplace to have multiple load-balanced web servers talking to a single NFS-mounted disk storage backend. It prevents problems with replicating content to all your web servers. At my company, we use a farm of 32 or so Sun web servers all sharing a NetApp filer for storage. All of your files and scripts are pulled from the same source. Plus, you don't have to invest in huge amounts of disk for each of your web servers. You just put your money into the NFS server. Also makes backups much easier. Cheers, Brian

Re:NFS Question

[kirwin]

I would assume that the database itself rests on the database server, and the data files are NFS mounted from some sort of NAS server.

I do this. It works very well. The database connects to the NAS server (a Network Appliance F760) via NFS over 1000baseSX ethernet. CPU usage is offloaded to the NIC processor for accessing all of the data files. It frees up *a lot* of CPU usage. NAS servers have great hot-swap backplanes, tough as nails drives, and remarkable stability. Most vendors throw in nifty little features such as drive mirroring, integrated backup, etc.

Re:NFS Question

[romerom]

i BELIEVE it would be so that the SQL server only had to publish the data ONCE instead of posting to each individual web server... the web servers get the information from the SQL servers off of the NFS server and everything works out great.

Re:Why did you choose MySQL?

[Drakar]

Also, I bet they'd have a wonderful time rewriting all of slash to use Postgres instead of MySQL.

Interesting Setup

[Elik]

I looked over the setup for those servers and frankly, they seems to be quite an overkill, for this site itself. Maybe I am wrong, but if this site handles over that many people, since I have no clue on how many been hitting the site, then the setup is not bad. But Quad Xeon Processors for MySQL? What wrong with Dual Pentium II/III or single Athlon MySQL server?

I can understand the need for failover for the MySQL which is a major requirement, but the computer itself is quite a major overkill. I do adminstration for over 16 different servers over 3 different clients and we uses Mandrake Distros on those and only problem I usually finds is the MySQL can be really stressful when there is many people using it on the same server with the apache server. I am in process of moving the MySQL over to new delicated server so it can handle that among several servers, and maybe that might call for beefy processor to handle the load.

If the site is setup to handle... let say.... 100,000 hits a day, what server configuration is needed for this? With MySQL on it own server, of course. :)

Re:Interesting Setup

[grarg]

On that note, a basic question: how many hits does Slashdot get daily? And is there a file somewhere containing the total number of hits since the site's inception?

What a cool thought...

Re:Interesting Setup

[kirwin]

Slashdot is the 2779th most visited website on the internet, according to pcdataonline
Check it out. Only 2736 places to go before they tie with porncity.com.

Of course yahoo is #1. Google is better though ;(

Re:Interesting Setup

[nuprin24]

It's not overkill if you want it to scale up. As with all things internet, growth tends to follow an exponential curve. Rather than get by with what you have and have to keep adding to it, you buy whatever you can afford and hope you don't have to upgrade every week to meet demand.

Personally, I would have gone for Sun and Oracle on a E3500-E6500 for a DB server, pricey, but well worth the reduced headaches. but I suppose this *IS* Slashdot... you gotta eat your own dog food.

MySQL will have all the features they lack soon

[deepakhj]

Not really. Rollbacks, Transactions, replication, subselects, etc have all been on the todo list. MySQL developers just needed to think out how they were going to impliment them well without sacrificing speed. There is a good article on this (interview with the main guy), but I don't have the URL on me. Check www.zend.com it's in my thread about 1 1/2 weeks ago. All the features that don't make MySQL a full RDBMS will be implimented in this year.

dual nics?

[miss_america]

ok i see they have dual nics? is that for fault-tolerance or load-balancing, or what?

Re:dual nics?

[halbritt]

If a person is wise, or if auto-negotiation works on their NIC then the links will be full-duplex. When a fast ethernet link is full duplex there are no collisions, CSMA/CD is completely turned off. Having multiple NICS is still a valid architecture for performance reasons though.

Re:dual nics?

[miss_america]

so one feeds the load-balancer/firewall, while the other feeds the nfs/mysql side.

Re:dual nics?

[bluGill]

Most likely one nic connects to the internet (through the firewall), and the other to the database backend.

Assuming the above is true, there are several advantages. First, data traffic to the sql server isn't generating colision with data from the internet, this allows both less ethernet collisions for more bandwidth, and more security. The Sql machine can run the every buggy service imanginable. It won't matter because nothing can get to it. The web servers only listen on ssh and httpd ports, and don't forward anytying. The sql network can be a private (192.168.x.x) network which isn't routable. You can still break it I suppose, but much more difficult.

Re:dual nics?

[The+Dev]

Most likely for out-of-band management network.
Possibly Exodous's, probably used for management(duh) and backups. The system should also have another set of nic's for the owners out-of-band management network, connected via private line (or dialup) to their office/noc/whatever.

Re:dual nics?

[kwalker]

Considering the rest of The Matrix's setup, the dual NICs are probably for bandwidth. One NIC (100mb/sec) for the connection to the Internet and the other NIC (100mb/sec) to share between themselves so no matter how full the Internet side gets, the servers can still swap data between themselves.

Re:dual nics?

[CybeRHiDe]

I would think that one of the nics would be for internet traffic, and the other for NFS (storage) traffic.

Re:Lies

[M$+Mole]

You laugh, but I hear that there's actually someone working on putting up a slashdot clone using just that setup.

Why only single 9.1 GB SCSI?

[WillAffleck]

Seriously, I've got a dual 9.1 GB SCSI hotswap from VA Linux (dual CPU boards up to 600MHz PIII, currently 450MHz PII (without the ID ...)) and another from Penguin Computing (my play machine, same basic config, but I got a CD/RW in this instead of a Zip drive).

What's with the single drive? You can't stripe or anything ... and for static serves, that's critical. heck, it's more important than dual CPUs or RAM!

Why Debian

[CentrX]

While I haven't a clue why they're using Red Hat. Debian is an easy reason. Debian is the most stable distro right out of the gate. It's also the most "open-source" they won't accept a package unless it's Open Source.

Chris Hagar

Re:Why Debian

[Bo|nKeD]

Slacky is not stable? ;P. Debian is totally open source, and its great, but the is many distributions quite stable too (Mandrake,Conectiva,the same Slackware...).Greetings.

Pictures!!

[a.out]

Everybody Chant ..

"We Want Pictures.. We want Pictures.. We want Pictures"

Seriously though: it would be nice to actually see this setup. Don't forget to have CowboyNeal give us an oh so sexy pose near the almost as sexy VA SQL server... :)

Thank you Slashdot!

[colindiz]

This series is very useful for people just starting to work in linux admin environments, even if it's just a personal server.

Lots of varying methods are discussed of how to properly protect or run a server, and now we get a real life scenario of what happens when the shit hits the fan.

Don't just publish the Hellfire series, package up this one too.

Re:Thank you Slashdot!

[colindiz]

Er, I meant to say Hellmouth. Blorf.

Exodus anecdotes

[slaker]

I wouldn't have known about the playboy thing, except that the cage I was working in was right next to it... and there was an admin there who couldn't get his 300GB image database to back up properly. I kept joking with him that I was going to plug my laptop in to his switch (which was close enough to the wall of his cage) and see how much "premium content" I could snag. =)

As far as costs and security... a service like Playboy.com would probably be paying about the amount they were paying for the cage at Exodus just for proper bandwidth. Exodus offers all that bandwidth, but with a lot of added warranties against any type of failure. I think that's probably worth the price being paid.
Sure, Playboy.com probably doesn't need kevlar lined walls, but I can imagine a certain amount of chaos would ensue if someone decided to go after, say, Etrade's physical setup.

Some other fun things to do at Exodus:
Make friends with the guy running the shipping area. While I was there, I needed an extra fiber channel cable - I was shorted one in shipping, and fiber channel cables aren't something you can just go buy at the local computer shop. I asked the shipping manager if maybe I missed a box or something, and told him what I was looking for... he had at least a couple dozen cables - along with several high-end disk drives and an entire Dell server, which had all become the property of Exodus, 'cause no one had come back and picked them up in a decent period of time.

Exodus is a good place to dumpster dive. Their facilities are very low key. I doubt that there's a listed phone number for any of them and the one I visited didn't even have a sign indicating what it was, but if you can identify one... there's lots of interesting stuff being thrown away there.
I picked up an entire APC rackmount enclosure while I was there, and a dead Compaq server (which had overheated inside the enclosure). I just happened to be outside when someone was bringing it to the garbage. That was a "kid at christmas" moment for me. That Compaq had a working RAID controller and a dual-port Ethernet card as well (too bad they took all the disks out before they trashed it).

If you're ever working in one, or setting up a cage in one of their facilities, do yourself a BIG favor and bring some kind of chair or stool. There aren't any in the cages, nor any to loan out, and if you're there more than a couple hours, you'll probably want one. Also, a well appointed cage has a land-line phone. Cellular reception in the facility I visited was terrible (go figure), and if you need another phone, well, there was one in the ops area that customers could use, but that's not really a good thing if you need to talk to someone while you're working in a cage.

Walking among the cages at the facility I visited was extremely educational. I would guess that at least 60% of the computers I saw were either Compaqs x86 servers or Compaq Alphas. Probably another quarter were Suns. Almost everything else was Dell. I only saw two SGIs (both in the same cage), one IBM machine (in one of those cute U6 form factors), and maybe a half-dozen VA Linux boxes. One cage I walked past had 42(!) Sun Enterprise 4500s, and 6 Storage Arrays. One has to wonder what was going on in there.

What is all the hardware needed for?

[pyronicide]

I am sorry, but i do not know anything about web serving, anyways, why are all those SWEET systems needed when a 386 can fill a 10meg pipe? It is cool to list/know everything at Slashdot is running on sweet systems like that, why is so much horsepower needed?

Re:What is all the hardware needed for?

[Dr.+Sp0ng]

Well, a 386 can't fill a 10meg pipe - a 486 could, but not a 386. Also, a 486 could only do it if it was only static content (i.e. pre-written HTML and images.) Slashdot isn't static content by any stretch of the imagination. The pages are dynamically generated for each user using data from MySQL. MySQL is very CPU/IO intensive, as is mod_perl, which generates the HTML.
--

Re:What is all the hardware needed for?

[pe1rxq]

Actually a 386 can fill an 10meg (bits, not bytes) pipe. I tried it. It also depends a lot on the type of nic and protocol you use. You can't put any real data over it however since it can't do anything usefull anymore....

Jeroen

Blown up arrowpoint?

[getha]

Just goes to show how little I know about these things...
[..] through an Arrowpoint CS-800 (which replaced the CS-100 that blew up last week)
Do you really mean to say that one of those arrowpoints is a piece of junk after a DDos? Or did this have to do with something else?

Well, since my ignorance is now fully established, I'll just say I think you've got some nice stuff there...


xchg .,@

Re:Blown up arrowpoint?

[gavinhall]

Posted by BSD-Pat:

Essentially the CS-100 had content checking on, combined with the SYN (and the fact it was a loaner unit/refurb until the 800 came) it died.

Arrowpoint is doing a post-mortem now.

-Pat

BSD Firewall....

What is the config of the BSD Firewall? Hardware/Software...

I have a couple of questions and a comment.

[Dante]

I wonder why there is a red hat box in the mix? what is the reason? Now I am a Debian bigot, but my guess is that so are you guys, is there somthing specific about Redhat and mysql that I don't know?

Second why not mylex cards in all the box's? mylex's new DAC110 SCSI cards are simply the fastest I have ever seen.

Why not Gigabit? I use it with Linux it works, it makes all that heavy duty hardware sing, 100mbit is just a passe :>

I am proud that you chose Potato for most of your box's

Re:I have a couple of questions and a comment.

[kirwin]

Gigabit ethernet for network attached storage, which is most likely how the database server is set up. See my explanation above

My $0.02

[dudle]

Hardware : Look at www.raidware.com and their web server director. For your NFS solutions, look at www.netapp.com and their network filers.

Topology : Think about putting some cache engines, proxy servers of some sort in front of your web servers. Think about mod_backhand for your load balancing at an Apache level (www.backhand.org).

Software : I am not qualified to say anything.

BTW : good job guys.

Eat suchi frequently.

Why did you choose MySQL?

[gimpboy]

Fault tolerance was a big issue. We've started by load balancing anything that could easily be balanced, but balancing MySQL is harder. We're funding development efforts with the MySQL team to add database replication and rollback capabilities to MySQL (these improvements will of course be rolled into the normal MySQL release as well).

If this was a big issue why did you choose MySQL over PostgreSQL? I dont know about replication, but Postgres does support transactions/rollback.

john

Re:Why did you choose MySQL?

[LizardKing]

Actually Postgres has been around for quite a while

In one form or another it actually dates back to the late 1970's. Have a look at http://www.postgresql.org/docs/awbook.html for some background information.

Unfortunately, the academic roots of PostgreSQL meant that the codebase was very complex and unstable for years. Apart from commercial offerings based on the codebase, it was mainly a platform for academic research with emphasis on features rather than stabililty.

The release of PostgreSQL 7.0 will see it finally come of age in comparison to it's commercial alternatives.

Chris Wareham

Re:Why did you choose MySQL?

[gimpboy]

Also, I bet they'd have a wonderful time rewriting all of slash to use Postgres instead of MySQL.

There's going to be alot of rewriting involved in implementing any features added to MySQL. Rollback is something you have to do on the scripting side-the server doesn't take care of that for you. Since they are using DBI in perl it shouldnt be that hard to fix the preexsisting code.

What I dont understand is why they didnt do the right thing in the first place. Everyone seems to be saying they did it for speed. If I cared about my data I would have opted for the robustness.

People also dont seem to understand that MySQL is fast due to it's lack of features. Once the features are added it will be just as slow as PostgreSQL.

john

Re:Why did you choose MySQL?

[LizardKing]

I imagine they chose MySQL because:

1) It's very simple to install
2) It's very fast
3) PostgreSQL only really came of age recently

The lack of features in MySQL are only now biting them, but rather than switch to PostgreSQL they're funding the MySQL guys to add those features. Rather a nice way of rewarding them for producing the software at the heart of Slashdot, and one that will benefit others who may find themselves in a similar position one day.

Chris Wareham

Re:Why did you choose MySQL?

[gimpboy]

1) It's very simple to install

PostgreSQL isn't that diffacult to install. It comes standard with redhat now.

2) It's very fast

About a year ago I was considering using MySQL for some stuff I'm working, on but I decided against it. IIRC the reason MySQL is fast because it doesnt support things like transactions and replication. If you add few features then you essentially have PostgreSQL with a few different datatypes. It appeared that If I ever wanted data integrity I would have to either use Postgresql or pay for something like Informix

3) PostgreSQL only really came of age recently

Actually Postgres has been around for quite a while (officially started in 1996). I'm pretty sure it supported transactions back in 1998 (possibly before that).

john

Solution for the Intel EtherExpress Pro w/linux

[deek]

There's something weird with the EtherExpress Pro 100 cards with the Linux drivers. It's either a hardware thing (and the drivers haven't implemented a workaround), or a driver bug/race condition. In any case, the solution to this is to set the multicast_filter_limit option to 3 or less. Most people just set it to 0.

If the driver is compiled into the kernel, you just edit the source and make sure the following line is set:

static int multicast_filter_limit = 0;

Recompile the kernel after this, of course :).

If you've compiled it as a module, then it's a much easier task. Edit your /etc/modules file and make sure that your eepro100 line looks like the following:

eepro100 multicast_filter_limit=0

Of course, you can even do it at the command prompt with an "insmod eepro100 multicast_filter_limit=0". I will not be held responsible for those who initially try to remove the module from memory, via their telnet session.

Re:I got two words for ya...

[EngrBohn]

Mmm. Slashquake. Imagine the possibilities.
Christopher A. Bohn

Because they have lots of expensive stuff

[DragonHawk]

I mean, if I had $ 1 million a year, I could run multiple redundant T3s to my own office and use them for my own personal/company use, too.

I'm sure you could. But Exodus doesn't deal with anything as slow as multiple T3's. They advertise the fact that each of their data centers has multiple OC-12 lines. Each one of those is capable of 622.08 megabits per second. A T3 gets you only 44.736 Mbps.

They have huge battery systems, power conditioners, and multiple disel generators at each site. They are usually connected to more then one power grid. They can function without commercial power indefiniately.

They have redundent everything. Network feeds. Routers. Switches. Power. Cooling.

They have very tight security. Armed guards. Biometric (e.g., hand print) locks. Cameras. Steel doors. Double-walls. Personnel locks.

You use Exodus if you absolutely, positively cannot afford downtime due to third-party service failures. If you have to ask, you can't afford it.

Re:What's all this I've heard about helping others

[Rombuu]

Hey, if you want to waste your money re-inventing the wheel, go right ahead.

Oddessey?

[Matthew+Weigel]

So we all know CmdrTaco is horrible at spelling, my question is, is "Oddessey" a knowing and humorous play on that, or is it an error? Given that the correct (or accepted as correct in English) spelling would be odyssey, is there any plan to correct the spelling?

I'm genuinely curious... with some people, it's difficult to tell the intentional from the unintentional spelling errors.

Re:Oddessey?

[franl]

I'm Fran, the author of Odyssey at Andover.net (francis.litterio-at-andover-dot-net). I can confirm that it was misspelled in the original posting. Odyssey is a remote host administration and monitoring system. I'm implementing the remote administration features first. The monitoring feature will be implemented later.

The goal of Odyssey is to dispense with having each of our admins ssh into each box at Exodus and manually make changes. Instead, an admin here at Andover.net will point their Web browser at our secure server, login to Odyssey, tell it (for example) to change the MaxClients configuration parameter on the Apache servers running on boxes W, X, Y, and Z, click "Make It So", and the change is archived, validated for correctness, checked for collision with other admins making related changes, and performed. Other tasks can also be done the same way: power-cycling boxes remotely, hot-swapping a live spare for a dead box, etc. Changes can be backed out by Odyssey too: just find it in the archive and click on "Revert" -- as long as it can be reverted in a sensible way, it will be done automatically. It streamlines many administration tasks and gives an audit trail of who did what when.

As for monitoring, Odyssey will do both black-box and white-box monitoring of network services and host resources (i.e., instead of just verifying the Web server is listening on port 80, it can also send GET requests and validate the responses).

It's being written in Perl.

Waltham, huh?

[ceo]

Hey, you're really close to my work. So why aren't I getting instantaneous page updates?

$ traceroute slashdot.org
[elided]
3 s1.dtn3.bos.ma.verio.net (199.103.133.29) 7.687 ms 8.224 ms 21.261 ms
4 d1-11-1-3.a00.bstnma04.us.ra.verio.net (129.250.118.41) 10.619 ms 9.470 ms 14.682 ms
5 d3-4-0.a00.bstnma05.us.ra.verio.net (129.250.118.29) 10.126 ms 10.057 ms 10.147 ms
6 fa-6-1-0.r00.bstnma05.us.bb.verio.net (129.250.30.113) 27.626 ms 10.447 ms 9.927 ms
7 p1-7-1-2.r01.nycmny01.us.bb.verio.net (129.250.3.177) 15.872 ms 16.028 ms 16.352 ms
8 nyc1-1.nyc2-1.verio.net (129.250.3.146) 156.702 ms 225.416 ms 188.964 ms
9 p1-1-0-1.r02.chcgil02.us.bb.verio.net (129.250.3.133) 55.075 ms 38.290 ms 39.869 ms
10 ibr01-s3-1-0.okbr01.exodus.net (216.32.132.185) 94.520 ms 39.250 ms 53.993 ms
11 bbr02-g1-0.okbr01.exodus.net (216.34.183.66) 47.932 ms 39.246 ms 39.315 ms
12 bbr01-p5-0.wlhm01.exodus.net (216.32.132.210) 51.079 ms 48.565 ms 48.641 ms
13 dcr03-g2-0.wlhm01.exodus.net (64.14.70.65) 74.841 ms 48.817 ms 50.115 ms
14 64.14.80.130 (64.14.80.130) 50.918 ms 50.388 ms 51.669 ms
15 64.28.66.204 (64.28.66.204) 51.335 ms 49.552 ms 51.074 ms
16 64.28.67.48 (64.28.67.48) 57.524 ms 53.040 ms 48.873 ms

Pity it doesn't actually work that way. All the way out to frickin' Chicago (at least) to go half a mile up the street?! I bet we have line-of-sight; think Exodus would be willing to set up an IR link? :-)

No caching server?

[jcs]

I'm surprised that with all the money and equipment Slashdot has now, you guys still haven't implemented a caching server to prevent the /. effect on the rest of us who don't have the luxury of colocating at Exodus.

I know some have raised questions of copyright infringement and all that crap, saying it would be illegal to copy their content, but how is this any different than a real caching server doing this? Or google's method of caching all the pages it indexes? As an administrator, I'd much rather see my copyrighted content cached than have my server or pipe go down because of all the hits.

Now that you have your pretty new toys at Exodus, how about you actually use them to cache sites?

At least it's not @ Harvard.Net

[d1verse]

You can have a great and powerful redundant system over there, it looks pretty, but a breaker blowing will take them down for days! Yes, it's happened to me! I know, it's somewhat off topic, but a much needed warning to anyone looking for colo space! d1verse sr. sysadmin for a .com

Why spend all that $ to fix MySQL?

[Evro]

Fault tolerance was a big issue. We've started by load balancing anything that could easily be balanced, but balancing MySQL is harder. We're funding development efforts with the MySQL team to add database replication and rollback capabilities to MySQL (these improvements will of course be rolled into the normal MySQL release as well).

Just out of curiosity, wouldn't it be easier to use something like PostgreSQL (which is just as freely available) that already has rollback & atomicity than to pay the MySQL people to develop it? Didn't y'all read the article on here a few weeks ago, "Why not MySQL?"

__________________________________________________ ___

Re:Why spend all that $ to fix MySQL?

[EricTheRed]

PostgreSQL has had ODBC for several years now, and I've been using ODBC for at least the last year. Only this week, I've started integrating two of my PostgreSQL servers with MS_SQL7 utilising DTS and the ODBC driver as a gateway between them.

Re:Why spend all that $ to fix MySQL?

[einstein]

I think it's because Taco is an admitted MySQL junkie, and the fact that the Slashcode is already so embedded in MySQL that a transition would be sorta painful.

Re:Why spend all that $ to fix MySQL?

[valis]

Well PostgeSQL is (technically speaking) slower than death. The performance advantages of MySQL outweigh the (obvious) feature advantages of PostgreSQL. At least for the stuff I do...

Re:Why spend all that $ to fix MySQL?

[MattJ]

PostgreSQL certainly has its good points. I would guess one reason they're sticking with MySQL would be speed. MySQL is significantly faster than PostgreSQL, and everything else. Although recently MS SQL Server 7 has caught up in some kinds of operations.

MySQL is extremely fast if you are doing mostly SELECTs (versus a lot of INSERTs and UPDATEs), and that's what Slashdot tends to do. The site spends much more time retrieving messages (and displaying them) than it does storing new messages. Even after the MySQL team spent lots of time tweaking benchmarks to make *PostgreSQL* look better (!), MySQL continues to be much faster, especially in SELECTs.

But as the friendly MySQL team will tell you (on the excellent, excellent mailing list), there are many scenarios where PostgreSQL is the best choice. And hey, there are situations where industrial-size Oracle is the best choice (although it will cost you 5-7 figures).

Re:Why spend all that $ to fix MySQL?

[hbruijn]

From the MySQ L Documentation:

PostgreSQL has some more advanced features like user-defined types, triggers, rules and some transaction support. However, PostgreSQL lacks many of the standard types and functions from ANSI SQL and ODBC. See the database comparison with crash-me for a complete list of limits and which types and functions are supported or unsupported.

Normally, PostgreSQL is a magnitude slower than MySQL. This is due largely to their transactions system which is not as sofisticated as Berkely DB's. In MySQL you can decide per table if you want the table to be fast or take the speed penalty of making it transaction safe. If you really the rich type system PostgreSQL offers and you can afford the speed penalty, you should take a look at PostgreSQL.

I can imagine with the loads on slashdot on order of magnitude speed difference makes a world of difference. Second there's already an complete MySQL code base for slash, so you get stuck with "industrial inertia".

Re:Why spend all that $ to fix MySQL?

[Exanter]

Why? Because unless they wanted to kill that beefy SQL server, mysql works just fine. Yes, most of us read that nice little article on "Why not mysql?", and lots of people rightly concluded that they guy had a stick up his arse about something, and decided to take it out on the mysql team. Mysql does just fine for slashdot. It's a hell of a lot faster than postgres, and more server friendly too. Remember that for all the hoopla and glitz and glamor, slashdot is a relatively easy setup, not requiring really complex database setups, or "ACID" compliance.

Besides, what's wrong with helping the mysql team? pretty soon, mysql gets most of the features everyones been bitching about (including the replication, thanks Andover!), and it still blows the pants off other dbs in terms of raw speed, and suddenly, the recently much maligned mysql does kick some serious arse.

WHERE ARE THE STATS???

[Duncan3]

OK, so how many HTML hits are you serving, and how many image ones?

Spill it!

Patrick Galbraith

[embobo]

How do I contact you? I need to change the domain contact for horvitznewspapers.net from you to a role-base email address and you are not answering email sent to the address in the whois record.

3 Image servers?

[BoLean]

,i>>3 load balanced Web servers dedicated to images

Why three image servers? Slashdot isn't exactly the most graphics intensive site I've seen. A few icons and the banner ads. Are you planning more graphics/art? Or, is this just to ensure that the Ads are loaded quicker than the rest or the page (jab to the ribs!).

Re:Exodus is the worst place to be..

[octaene]

Exodus isn't all that bad, but Rob & the gang should check out upcoming Colocation offerings from IBM - the facilities are Qwest, with AT&T, UUNET, Qwest, and Sprint as ISPs.

Lots of redundancy, lots of security, lots of available bandwidth!

-octaene@yahoo.com

sexy

[Amalex5]

Now that's what I call sexy!

System Disk not RAID?

[backtick]

So, why isn't the system disk included on a RAID config, mirrored or something? Not that much mroe expensive (1 drive is less than a grand, LVD or not), and could save you quite a bit of downtime. I mean, until the super-secret Odessey is done, you'd still have to copy across a new system disk, or swap it out, etc. Since it is a co-lo'd server, and I don't know what kind of service you're getting from Exodus, RAID could keep you from having to do more than go "Drat, lost a disk, Hrm." Just a question why the tech decision was made like this, with all the whomp-ass hardware involved.

Bonehead question...

[sid+crimson]

Since I'm still on the steep end of the learning curve and the top is not in sight... :-)

I'm curious why there would be 5 servers dedicated to serving pages and 3 more just to images? As opposed to 8 servers dedicated to serving up the complete page?

Or maybe a reverse-proxy arrangement?

Seriously. This stuff is great and I wanna know more!

Open source?

It sounds like you've got some interesting software products in the works. Instead of releasing them When They're Ready, why not release them Now? I always thought that collaborative development was crucial to open source -- that's certainly a recurring theme on these pages, especially when Microsoft code blows up.

Why following a "cathedral" development model when there are many folks out here willing and eager to help out with your code?

Re:Open source?

[Darchmare]

---
Why following a "cathedral" development model when there are many folks out here willing and eager to help out with your code?
---

Because you can't pile a load of crap on someone's doorstep and expect them to suddenly start fixing everything. You need to give them something to work with.

- Jeff A. Campbell
- VelociNews (http://www.velocinews.com)

and what's the root password, too?

[georgeha]

just curious

Think Different, man!

[Electric+Eye]

You could've saved yourselves a lot of money and got a nice Beowolf cluster of green iMacs..... You rich guys like to go overboard, don't ya? ;-)

1 Gig on web servers?

[The+Dev]

Do you really need 1 Gig of ram on the web servers? Wouldn't the extra memory be better
used on the DB server? You're probably not using
more than 150MB for the httpd's.

Re:1 Gig on web servers?

[Dr.+Sp0ng]

Do you really need 1 Gig of ram on the web servers? Wouldn't the extra memory be better used on the DB server? You're probably not using more than 150MB for the httpd's.

Not true at all. I'm running a slash server which doesn't get very many hits (~3000 in the last two days, chump change compared to Slashdot) and right now httpd is using 270MB of RAM.
--

Re:1 Gig on web servers?

[smurfi]

That depends on what you're doing. If you just use Apache::Registry or similar stuff, the modules would be loaded in the child processes, which eats memory like crazy.

The right way to do it is to preload all the modules you need in your PerlStartup code.

Re:1 Gig on web servers?

[gavinhall]

Posted by BSD-Pat:

The web servers are running mod_perl, each process takes up alot of RAM (hrrrm...something to streamline with mod_perl/slash?)

So as a result, the machines that need the most amount of RAM are the webservers and MySQL machines.

essentially we need enough RAM to run up to the MaxClients set in apache *and* have file cache ;)

-Pat

Re:1 Gig on web servers?

[The+Dev]

Oops, sorry. I forgot about mod_perl.
That's one nice thing about coding in C or
Java Servlets, no httpd bloat, but that's another topic :)

Congratulations

[ivanaponte]

The new slahsdot setup rocks!

The specs for the Type III box....

[Salgak1]

. . .can we safely assume that you're running the same 9.1 GB SCSI hotswaps ??

And why no Athlon boxen ... or is that for the future ????

In any case, looks like nice, solid technology, as opposed to bleeding-edge tech, and thus extremely reliable. My hats off to your network architect: VERY nicely done. . . .

More important question

[Ford+Prefect]

I wonder how many peoplehours go into running slashdot each week?

More importantly, how many people-hours are lost due to reading Slashdot each week? :-)

Ford Prefect

Because PostgreSQL is Too Damn Slow, that's why!

[smurfi]

The MySQL people have said exactly the same sort of things about the PostgreSQL people. So please stop the name-calling and the quotes around "test", it's not going to get you anywhere.

That being said, the standard MySQL benchmark _still_ is 30 times faster for MySQL 3.23 than on PostgreSQL 7.0 (with fsync turned off, _and_ nonstandard speed-up PostgreSQL features like VACUUM enabled, I might add). The main reason seems to be some sort of failure to use the index in the SELECT and UPDATE test loops on the part of PostgreSQL.

The benchmark, for the curious, works like this:

First it creates a table with an index:

create table bench1 (id int NOT NULL,id2 int NOT NULL,id3 int NOT NULL,dummy1 char(30)); create unique index bench1_index_ on bench1 using btree (id,id2); create index bench1_index_1 on bench1 using btree (id3);

Then it fills the table with 300.000 entries with unique id values.

Then, it issues a query like this:

update bench1 set dummy1='updated' where id=1747

which causes the backend to do one thousand read() calls. For each query.

No wonder it's slow. An EXPLAIN query states that it's using the index, though. I have no clue what happens here. I've sent this to the pgsql-general mailing list and have just reposted it to -hackers.

Oh yes, the benchmark also revealed that CREATE TABLE in PostgreSQL 7.0 leaks about 2k of memory.

Waltham, MA?

[Mark+F.+Komarinski]

Heck, I work in Waltham. Next time you're out this way, give me a call/email. I'll buy you a beer. You deserve it.

-Mark

Total cost

[ajakk]

I am sure everyone wants to know how much everything here costs. Here are the calculations for the linux boxes(info is off of the va linux custom configuration program):

webservers (type 1) = $4505 each

NFS server (type 2) = $7040

database server (type 3) = $25739

So the grand total is $68819. I haven't found the prices for the switches and firewall. I would suspect that the BSD box is close in price to the webserver (prob. a bit less).

Re:Total cost

[austad]

Depending on their vendor, and what blades they bought with it, it would be around $85-$110k.

Exodus is a *BIG* ISP

[DragonHawk]

Who/what exactly is Exodus?

Exodus is one of the world's biggest (in terms of service capacity available) Internet Service Providers.

"We're going to need bandwidth. Lots of bandwidth."

Exodus specializes in having more bandwidth then most of the third world. They've got NAPs (Network Access Points, i.e., backbone connections) all over the continental United States, and a few outside the US as well. They link this all together using both external and internal networks. The end result is, most anywhere on the net that has a good connection, has a good connection to Exodus.

They provide servers. Do you need to host downloads for ten million users? Exodus can give you servers to do so.

They provide co-location space. If their standard server packages just won't cut it -- bring your own. They'll give you a rack, a dedicated co-loc cage, or a dedicated high security vault.

Their web page has a lot of graphics because they have a lot of pictures of their equipment and graphs of their capacity. It is actually justified. You may want to make a return trip.

Interesting...

[Psarchasm]

You don't really talk a whole lot about where and for what you are using the NFS box for. How is linux's NFS working for you?

All I've ever heard were horror stories about its poor implementation. Water under the bridge? Righty right?

I assume your sharing static content and image serving using the NFS shares. Perhaps you've even gone so far as to utilize qmail or the sendmail/procmail NFS mail hack in order to store your email on the NFS share?

What shyed you away from the Linux Virtual Server Project's implementation of load balancing? Or the mon+hearbeat+fake+coda solution for HA? Or is your "Oddessey" work based on this in any way?

Are you loadbalancing your firewalling BSD box? Or have we reached a critical point of failure at the firewall?

Very interesting stuff, I'd like to know more details though.

Re:Important Question...

[jeddz]

Not to mention... ?ul? ?li?any outward-facing glass (doors, security fishbowl) is 90-minute riot glass. That is, it would take a battering ram 90 minutes to break through the glass ?li?Kevlar-reinforced walls ?li?sensors detecting everything from humidity and temperature to biological agents ?/ul? Yeah, pretty much the only thing getting through there is a nuke. :-) ?p? --jeddz

Re:Important Question...

[CerebusUS]

Receptionists/security chimps sit in a bulletproof enclosure

When I was touring the same facility they had the coolest metric for that enclosure: 90-minute riot glass.

Appearantly the average person (who is that, anyway?) could beat on it with a sledgehammer for 90 minutes before getting through :-)

Re:Important Question...

[Fredbo]

But do they have a diesel powered kitchen sink?

Cachedot?

[Mycroft-X]

I remember back when there was a cachedot.slashdot.org that maintained a replica in case the server was having trouble. Is there any chance that this could be implemented again but in a different location?

Of course such a thing would not need to be as powerful as the main slashdot systems, but would provide some additional backup in case of another DDOS or a network outage of some sort.

Sort of a "battle bridge" for those of you who remember the days when Star Trek was good. (startrek.version = ST:TNG)

Mycroft-X

Re:Cachedot?

[Mycroft-X]

Stupid nonfunctioning ill-previewing HTML code...

That is supposed to be (Startrek.version <= ST:TNG)

Now watch this one not work either...

Debian not on the SQL server?

[Oskuro]

There has been a small talk about this story in the debian-devel channel on IRC just some minutes ago, and of course the great question was:
Why isn't the SQL server Debian as well?
If there's any problem with Potato's MySQL, I think Debian would be pleased to hear, whether it's a bug report in the BTS or whatever.

Thanks

Re:Debian not on the SQL server?

[Kurt+Gray]

The VA boxes all came with Red Hat preinstalled, so we installed Debian on them, expcept for the 3500 machines (one is our SQL server) because VA had some extra drivers 'n stuff installed so we left it mostly as is.

Automate the benching

Run 'ab' (the apache bench tool) with a few different settings, then tweak SQL a bit. Repeat. Tweak httpd a bit. Repeat. Drink coffee. Repeat until dead. And every time you add or change hardware, you start over!

I don't want to be a spoil-sport, but this kind of mechanic work sounds like a job for software!

Some Feedback

[neowintermute]

I for one think that the new setup kicks ass. It's much much faster than the old setup. great job guys!

unfortunately the "highest score first" still doesn't work right, but I'd rather have faster loading pages than anything else. It's a pretty big feat when you think about how big the slashdot pages really are, with 300 comments in an html page generated on the fly. wowza.

___________________________
Michael Cardenas
http://www.fiu.edu/~mcarde02
http://www.deneba.com/linux

Quick question...

[fReNeTiK]

For the MySQL box you list:

Red Hat Linux 6.2 (final release + tweaks)

Is that only a reference to tweaking the max number of processes in the kernel or did you apply some alien-technology-from-outer-space-experimental kernel patches?

If so, details pleeze!

Important Question...

[CokeBear]

How secure is the location where the servers are located?
Are they in a nuke-proof bunker?
You might think this is a joke, but what if someone posts government secrets to Slashdot and the Secret Service (or whoever...) decides to pull a Steve Jackson on Andover HQ?
How would Slashdot stay up? Is there a mirror at another location ready to go up at a moment's notice? Would any of the authors not arrested post notice to Slashcode.org?
I must sound really paranoid, but this is the kind of contingency plan that needs to be considered if Slashdot is to become the flag bearer for Free Speech around the world.

Re:shadouts?

[FattMattP]

This isn't flamebiat. The correct term is shoutouts.

Re:Thank god!

[jamesm]

He did. Do you think that he tarred up and released the first Linux kernel the minute that it worked on his machine? I don't think so. Release Early is important, but so also is releasing code when it's ready - and if you KNOW that your code needs improvement before it's ready for consumption, why would you release an unpolished, buggy, incomplete package? Sometimes a little bit of work would push it above the usability threshold, below which people probably wouldn't take a second look at it.

Suggestions for the future...

[Ron+Harwood]

1. Cluster the SQL box for high availability and fail-over.
2. Switch from NFS to SMB - even the apache site recommends this for speed.
2a. Get rid of NFS and just sync all your web-servers from one server - hence having local copies of all the code.
3. Look into having local instances of SQL running on the web-servers - read-only copies that are replicated from the main DB... then the central DB would only be used for write (aka comments and postings...)

Just my less than humble ideas...

Re:Suggestions for the future...

[Jon+Peterson]

In my experience SMB kicks NFS's arse big time.

Frankly, NFS sucks. It's old, very old, feature poor, inherits Unix's dubious authorisation layer and generally bites. It's dog slow, too.

SMB in general and Samba in particular offer more features, better stability and much faster performance.

And yes, FTP is probably fastest of the lot, and HTTP even faster. But by then we are talking REALLY feature poor, aren't we :-)...

Lies

You're using Win2000, IIS, and Active Server Pages. We all know it. Quit making stuff up.

Network Topology

[howard_wwtg]

I don't know about the other slashdottes, but I for one would love to see how the Slashdot network is configured topologically.

NFS: What are you using it for?

[danbeck]

We are considering using NFS as a backend storage facility for our web cluster nodes, but we are concerned with the performance of that type of setup as opposed to replicated data on the local web server nodes. Are you using the NFS server for this purpose?

Post bug reports at SourceForge

[Pseudonymus+Bosch]

Post your bug reports at the Slashcode Sourceforge page.
__

VA owns them, so isn't hardware at cost?

[Smack]

Rather than the retail price that you quoted?

The important question

[rhk]

GNOME or KDE on the RH6.2 box?

What? servers don't need a GUI? Don't let
redmond find that out...

So... how much traffic?

[Djinh]

So, how much traffic and hits/sec does this setup do?

Nothing to do with data modeling

[daviddennis]

I haven't looked at Postgres SQL specifically, but the mySQL API was designed to look just like the mSQL API. Most likely, they would have to change a lot of stuff around to make it compatible with any other database besides mSQL, and of course mSQL has been an inferior product to mySQL for quite some time now.

That's the most likely reason he did it; that's also why I've been sticking to mySQL. I don't have time to learn something new when I'm asked to take on 3,000 new projects every day :-).

D

----