Skip navigation.

Back and Backing Backhand on top of that! #

Since I got married last year, I haven't had much motivation to blog. The good news is that since the previous year, I've accumulated a list of accomplishments and experiences that i feel are worthwhile sharing.

Recently, my company implemented our first mod_backhand implementation. Mod_backhand is a load-balancing and clustering solution that runs on Apache. Let's say you have 3 web servers that you need to load balance in a cluster. When a server goes down, it will auto-detect that server is down and route subsequent http requests to other servers. You can buy a load-balancing box such as Cisco Redirector, or roll your own package using Linux, Apache 1.3 and mod_backhand.

The mod_backhand load balancer is basically a Linux system with Apache 1.3 (httpds) with the mod_backhand patches installed. The load-balancer also supports redirects and https. Load balancing uses the Apache virtual directory mechanism, so you can configure different load balancing behaviour for different applications on a directory basis.

The nice thing about mod_backhand is that it autodetects servers going up and down in the cluster, with no additional configuration required. All web servers in the cluster need to broadcast that they are alive and available on the cluster at regular intervals. So if you want to add another web server to the cluster, you just need to install the backhand broadcasting service and start it on the server, and the load balancer will pick it up. CPU and load information is also broadcast to the load balancer, so the load balancer can make an intelligent guess as to which web server to pass the http request to.

There are some issues that you need to be aware of:

  • No support of https on the internal network. Communications between the web browser and load-balancer can use https but not between load-balancer and web server. So if you have confidential information and you don't trust your internal network, you need to setup another layer of encryption on top of that (e.g. SSH tunnel). That's what we did for our login system.
  • The load balancer, like any other system in the network, becomes another point of failure. If you want total redundancy, one method is to have multiple mod_backhand load balancers, and round-robin DNS the load balancers.
  • AFAIK, automatic failover to another server of a http request if the 1st web server goes down is not supported.
  • There is Windows support (for the web servers in the cluster, not as a load-balancer) thanks to Rob Butler, but you currently need Visual C++ expertise as the binary "NT Backhand Broadcaster" doesn't work out of the box anymore with mod_backhand. There are patches in CVS but no existing binary download. As a service to the community, I have compiled my own: NT Backhand Broadcaster.
  • Keep-Alives reduce the availability of the load balancer, as web clients can lock a mod_backhand process for unreasonable amounts of time. You need to change your Keep-Alives on to a low value (eg. 1 second), and if possible, move your static HTML and images to the load balancer (which is just Apache after all).
  • Your web page URLs need to be relative URLs of course. The one exception is https, which needs to use the address of the load-balancer.

Additional Windows Notes The Windows Registry settings for Backhand Broadcaster are a bit obscure. Here is a sample config:



"HostName"="Windows Server 1 BHB"

The ContactIP is the IP address of my Windows server running BHB: The SendIP is the broadcast IP for the subnet (not the IP address of the load-balancer).

Sometimes the first time you run NT Backhand Broadcaster, it will fail to calculate Arriba (a benchmark measuring the power of your server) and just die. You need to manually enter the Arriba value yourself in the registry. Just use the above example value if you aren't sure what to do.

The load-balancer provides a page to check out the status of all servers in the cluster, typically http://load-balancing-server/backhand/

Lastly, if you still cannot get it working, check out the Windows Event Log (Applications), as errors and status messages are logged there.

Bye Bye PHP4 #

Matt of WordPress fame gives his opinion on PHP4 and the transition to PHP5. As he says:

None of the most requested features for WordPress would be any easier (or harder) if they were written for PHP 4 or 5 or Python. They’d just be different. The hard part usually has little to do with the underlying server-side language.

Very true. Most of our code continues to run fine on both PHP 4 and 5, with hardly any checking of PHP_VERSION. Migrating from PHP4 to PHP5 has been relatively painless (each time we port an application, we spend at most half a day fixing warnings that didn't appear in PHP4).

Matt asks why the takeup of PHP5 been so low, and is quite disparaging to the PHP internals devs. I don't see it in such black and white terms. PHP5 never had a feature that was must-have or to-die-for. In fact, if you look at PHP's recent changes, most of them are performance improvements, or fixing past mistakes (adding proper date support for example in 5.2.1), or feature tweaks (iterators, etc). Given that most PHP4 developers have found workarounds to things fixed in PHP5, migrating to PHP5 is probably a low priority.

Also some fixes in PHP5 can cause serious problems. For example, In PHP 5.2.0, time-zone calculations started to support epochs, which are time-changing events. Now my timezone was +7.30 GMT until 1980, when we got a new Prime Minister who decreed that the country would combine its 2 time-zones to 1, so Malaysia standardised on +8.00 GMT. A timestamp such as "12.10am Nov 12, 1979 MYT" in PHP 5.1 would be displayed as "11.40pm Nov 11, 1979 MYT" in PHP 5.2.

On a more optimistic note, as long as the market share of PHP remains strong, I think the take-up rate of PHP6 will probably be higher than PHP5 in the non-English world, simply because managing multi-lingual and sites that don't use ASCII for their native script is much easier in Unicode. Now that's a compelling reason!

A big Pfutt to Windows Vista #

Peter Gutmans, a noted security expert talks about Windows Vista Content Protection. Quite disturbing and saddening. I'm about to buy a notebook for my mum, and all the one's I'm looking at have Vista preinstalled. Pfutt.

Beyond the obvious playback-quality implications of deliberately degraded output, this measure can have serious repercussions in applications where high-quality reproduction of content is vital. Vista's content-protection means that video images of premium content can be subtly altered, and there's no safe way around this — Vista will silently modify displayed content under certain (almost impossible-to-predict in advance) situations discernable only to Vista's built-in content-protection subsystem.