Open Source SSL Acceleration(情報元のブックマーク数)
OSSだけでSSLアクセラレータを作ったら5000ドルで作れたよ!Big-IPの1/10だよ!!っていう記事。。。。それだけじゃねーだろ・・・
"SSL acceleration is a technique that off-loads the processor intensive public key encryption algorithms used in SSL transactions to a hardware accelerator. These solutions often involve a considerable up front investment as the specialized equipment is rather costly. This article though looks at using off the shelf server hardware and open source software to build a cost effective SSL accelerator."
Open Source SSL Acceleration
そりゃ安いだろうよ!!!wwwwSSLでリバースプロキシしかしてないしw
http://www.o3magazine.com/4/a/0/2.htmlPerformance
The lab test system was a dual processor AMD Opteron 2380 2.5GHz Quad-Core system, for a total of 8 processor cores, L2 cache was 4 x 512k, and L3 cache was 6MB. Standard Intel Server Gigabit NICs, and 32GB of RAM. On a Tyan Transport platform, the system cost was under $5k. The system had no problems handling over 26,590 TPS, the test lab ran out of capacity to generate additional transactions. Compare that to the F5 Networks Big-IP 6900 which handles a maximum of 25,000 TPS but carries a starting price tag of $55,000. That starting price only includes 500 SSL TPS, so expect to pay a lot more to get up to the 25,000 level. It should be possible using this solution and even better hardware (8xxx series Opterons and more RAM), and perhaps some 10GbE adapters from Intel to come close, if not beat the performance of the BIG-IP 8900. Which has a maximum rate of 58,000 TPS. While obviously not as polished as the F5 solution, this Open Source solution does get the job done for a fraction of the price.
確かにハード費用が下がってきているので高性能なハードを設置するほうが、専用ハードを設置するより安い時期になっているかもしれませんね。
http://www.o3magazine.com/4/a/0/2.htmlConclusion
Nginx once again has shown that it is a versatile open source project. For the cost of a server and a few hours work, any system administrator can increase the capacity of their existing server farm by building an Open Source SSL Accelerator. Reducing the complexity of certificate management, reducing the number of certificates needed and reducing the overall load per request on the existing server farm, this solution offers a cost-effective way of breathing new life into an existing server farm.
