Currently we are using wso2 4.1.0 version. we are using soap based services authentication admin, entitlements service for getting policy decision , getting claims values. we are using cxf for our webservice clients. when we make calls with 500 concurrent users from a single machine everything works fine. but when we make it to 1000 concurrent users we are seeing a huge response time for these service calls from wso2 is. can you tell if there is any configuration change that we need to make for tuning. we increased the wso2 is axis client no. of connections per host but we still didn't see any improvement. By the way we are using the default configuration of wso2 is out of the box
Thanks
Kishore
There are some places you can improve the performances.
1.Increase the memory setting. you can find it in the wso2server script file in /bin. can u increase default value and see.. such as
-Xms1024m -Xmx2048m -XX:MaxPermSize=1024m
2.Increase max thread pool size in catalina-server.xml file which can find in /repository/conf/tomcat
maxThreads="250"
3.Increase caching timeout value. entitlement.properties file which can find in /repository/conf/security
4.Please check you are not authenticating for each request. You need to call AuthenticationAdmin 1st time and get the cookie and then use cookie for subsequence requests.
Else could do use some Jconsole or Jprofiler and see what is going wrong? Also according to your environment, this can be the max load that one server can handle, then you need to do horizontal scaling. (adding WSO2 Identity Server more instance in a cluster)
Related
What is the maximum number that a webservice can take and process request at the same time? Is it possible to set some limit and what might be the problem if webservice gets too many request and how to solve this problem on that situation?
The number of the requests handled by the web service at a given time is depend on the architecture of your web server. If you want to improve the number of requests served by the server at a given time you should improve the architecture and the performance.
Please refer Microsoft article for more information on webservice performance.
You can set limits by implementing a model on top of that by controlling the user requests hit the server in a given time. the most recommended model is to implement this in your middleware platform That will be a security measure too. You can get rid of security threats like Denial-of-Service attack.
In middleware solutions like WSO2 API Manager, Throttling policies have implemented as a solution for access controlling. You can check the docuementations on Throttling Policies for more information on how number of hits for a server at a given time is controlled by using middleware logic.
Background:
I've a local application that process the user input for 3 second (approximately) and then return an answer (output) to the user.
(I don't want to go into details about my application in purpose of not complicate the question and keep it a pure architectural question)
My Goal:
I want to make my application a service in the cloud and expose API
(for the upcoming website and for clients that will connect the service without install the software locally)
Possible Solutions:
Deploy WCF on the cloud and use my application there, so clients can invoke the service and use my application on the cloud. (RPC style)
Use a Web-API that will insert the request into queue and then a worker role will dequeue requests and post the results to a DB, so the client will send one request for creating a request in the queue, and another request for getting the result (which the Web-API will get from the DB).
The Problems:
If I go with the WCF solution (#1) I cant handle great loads of requests, maybe 10-20 simultaneously.
If I go with the WebAPI-Queue-WorkerRole solution (#2) sometimes the client will need to request the results multiple times its can be a problem.
If I go with the WebAPI-Queue-WorkerRole solution (#2) the process isn't sync, the client will not get the result once the process of his request is done, he need to request the result.
Questions:
In the WebAPI-Queue-WorkerRole solution (#2), can I somehow alert the client once his request has processed and done ? so I can save the client multiple request (for the result).
Asking multiple times for the result isn't old stuff ? I remmemeber that 10 - 15 years ago its was accepted but now ? I know that VirusTotal API use this kind of design.
There is a better solution ? one that will handle great loads and will be sync or async (returning result to the client once it done) ?
Thank you.
If you're using Azure, why not simply fire up more servers and use load balancing to handle more load? In that way, as your load increases, you have more servers to handle the requests.
Microsoft recently made available the Azure Service Fabric, which gives you a lot of control over spinning up and shutting down these services.
I am wondering if I can use BAM and CEP to monitor requests from client, and even find the bottleneck of the service.
I found zipkin, a project that could do this, but the base of my application is WSO2, I don't want to get other projects from scratch.
Yes, you can use BAM/CEP for this. If you need real time monitoring you can use CEP and you can use BAM for batch process. From BAM 2.4.0 onwards, CEP features have been added inside BAM also hence you can use BAM and do real time analytics.
What type of services are involved with your scenario? Depends on this you can use already existing data publisher or write new data publisher for BAM/CEP to publish your request details. For example if you are having chain of axis2 webservice calls for a request from client, and you want to monitor where the bottle neck/more time consumed, then you may use the service stats publishing, and monitor the average time take to process the message which will help you to see where the actual delay has been introduced. For this you can use existing service statistics publisher feature. Also BAM will allow you to create your own dashboard to visualize, hence you can customize the dashboard.
Also with BAM 2.4.0 we have introduced notifications feature also which you can define some threshold value and configure to send notification if that cross that threshold value.
I am new to WSO2 ESB clustering, actually I'm still learning about it. I still don't understand the concept here.
In my case, I installed WSO2 ESB on 2 servers. My questions are:
1. Were both of the WSO2 ESB working as one application or as two separate applications?
2. If I configure one WSO2 ESB, will the other ESB have the same configuration?
3. If I configure a VFS proxy service the ESB to poll a file from specific directory, will it create a conflict when I poll a file? I think that both of the ESB will poll the same file.
Please enlighten me :) Thanks...
Check my answers inline.
Were both of the WSO2 ESB working as one application or as two separate applications?
In any cluster, applications or servers are working together to provide a high availability to the end users. It will work as one single server (application).
If I configure one WSO2 ESB, will the other ESB have the same configuration?
Yes. You can achieve this with the deployment synchronization. It will make sure all your changes are evenly distributed among other nodes of the cluster.
If I configure a VFS proxy service the ESB to poll a file from specific directory, will it create a conflict when I poll a file? I think that both of the ESB will poll the same file.
No. Since only one server is active at once. This should not be a problem.
You can learn more from the following link:
http://docs.wso2.org/display/CLUSTER420/Clustering+WSO2+Products
Were both of the WSO2 ESB working as one application or as two separate applications?
No, both ESBs are separate applications. The clustering is done mainly to ensure availability and scalability. So even a member in a cluster fails, others continue to operate.
If I configure one WSO2 ESB, will the other ESB have the same configuration?
Each ESB can get the same cluster configuration, but each will be separately identified by the LB that is fronting the cluster. Therefore, each member will get different IP addresses and even they can use different member-port to create cluster.
If I configure a VFS proxy service the ESB to poll a file from specific directory, will it create a conflict when I poll a file? I think that both of the ESB will poll the same file.
Each request is independently handled by separate ESB depending on the load balancer algorithm of the fronting LB. When two threads poll the same file, there can be conflicts. Since VFS transport deals with file operations, there are certain times that these can fail due to unavailability of some resources. In such a case, VFS transport is equipped with the following fault handling mechanism.
If you point the same directory in a clustered environment, both proxy services will try to poll files and cause issues. Therefore if you want to poll files in a clustered environment, best practice is to use inbound endpoints [1]. But if it is necessary to use proxy services you can apply the following property in your proxy, so that the proxy service will only operate in one server. Thus there will not be any conflicts between the two proxy services. Please refer [2] to further clarify this.
<parameter name="transport.vfs.ClusterAware">true</parameter>
[1]-https://docs.wso2.com/display/EI620/File+Inbound+Protocol
[2]-https://docs.wso2.com/display/ESB500/VFS+Transport
We provide couple of SOAP web service.
Yesterday our service was down, we couldn't access to the service from the outside (can't even load the wsdl), but we could access to the service if we were connected with terminal service on the server.
The thing is one of our partner was calling our web service with 130 simultaneous threads.
So I think the service was down because this partner was occupying all the available connection. And this limitation is done by .net because I can easily read static file (txt) on my server from the outside, and the service accept the connection if it's from the local IP.
Here is my question : how can I limit the simultaneous connection count for one client ? I know I can do it for every one in IIS Manager, I can do it for outgoing request (connectionmanagement configuration). But I can't find it for incoming request.
It's strange because I think it's one of the first thing I'd set to prevent DOS attack.
(.net 3.5 , IIS 6)