4.9 Flow-restricting functionality

When the Web server load increases due to an increase in Web server access or impact of a business application, a functionality called flow-restricting functionality maintains the efficiency of Web service process by restricting the number of users who access the Web site.

You can use flow-restricting functionality by embedding the mod_hws_qos module in Cosminexus HTTP Server. You can achieve the following by using the flow-restricting functionality. Hereafter, 'number of server processes' refers to the 'number of server threads' for Windows version.

For providing an adequate amount of Web service, you need a sufficient number of server processes that can satisfy the number of users accessing the Web service at the same time. If one Web server is not enough, arrange for multiple Web servers, distribute the access by load distribution functionality, and design the operation for assured Web services.

As mentioned above, prepare the Web service resources, and also use the flow-restricting functionality to prepare for the temporary overloaded status. The following figure shows an overview of flow-restricting functionality using mod_hws_qos:

Figure 4-12 Overview of the flow-restricting functionality using mod_hws_qos

[Figure]

Organization of this section
(1) Embedding the mod_hws_qos module
(2) How to set directives
(3) Response message
(4) Notes

(1) Embedding the mod_hws_qos module

You need to embed the mod_hws_qos module to use the flow-restricting functionality. Specify the following directives in the configuration file (httpsd.conf) to embed the mod_hws_qos module:

(2) How to set directives

Following examples describe the settings of each directive for the flow-restricting functionality:

(a) Request denial depending upon the restriction on number of server processes

If the specifications are as follows, and number of server threads being requested is 13, a new request is denied with the status code 503.

MaxClients 15
QOSRejectionServers 2
QOSCookieServers 0

ThreadsPerChild 15
QOSRejectionServers 2
QOSCookieServers 0

(b) Session management using cookies

The session management performed by using cookies provides the HWS creation mode, in which the cookies generated on Cosminexus HTTP Server are used, and the user creation mode, in which the cookies generated on external modules other than on Cosminexus HTTP Server are used. You can select which mode is to be used by using the QOSCookieName directive.

HWS creation mode
When a request process is executed, the cookie generated on Cosminexus HTTP Server is added to the Set-Cookie response header. Requests with a cookie generated by Cosminexus HTTP Server are processed with a higher priority than requests without cookies.
User creation mode
When a cookie which is not generated by Cosminexus HTTP Server is added to the Set-Cookie header, flow restriction is performed by using the cookie. Requests with the cookie are processed with a higher priority than requests without cookies.

If you specify the following, and if the number of requested server threads is 10, the server will deny a new session request without cookie, however, the server will process a maintenance session with cookie. If the number of requested server threads is 13, the server will deny the request regardless of the cookie. This example is performed in the HWS creation mode.

MaxClients 15
QOSRejectionServers 2
QOSCookieServers 5

ThreadsPerChild 15
QOSRejectionServers 2
QOSCookieServers 5

(c) Redirect

When the flow-restricting functionality denies a request process the server returns a response message with the status code 503. However, you can redirect the request to some other Web server by specifying the following. If a request for /index.html is denied from the flow-restricting functionality, index.html of the www1.hitachi.co.jp Web server is set in the response header, and the request is returned with the status code 302:

QOSRedirect /index.html http://www1.hitachi.co.jp/index.html

(d) Customizing the response message

If you specify the following, the contents of htdocs/busy.html are returned in the response message with the status code 503, as the response for the denied request.

QOSResponse file "text/html; charset=ISO-8859-1" htdocs/busy.html

(3) Response message

(a) Cookie sent by the server to the client
HWS creation mode
The cookie generated by Cosminexus HTTP Server is returned to the client by using the Set-Cookie header. Because multiple Set-Cookie headers can be specified in a response, the cookies generated here do not affect the other cookies. The following shows the Set-Cookie header returned by Cosminexus HTTP Server:

Set-Cookie: NAME=VALUE; expires=DATE; path=/; domain=DOMAIN_NAME; secure

NAME=VALUE
The name specified in the QOSCookieName directive is set as NAME. The value for the request control is specified for VALUE.
expires=DATE
Specifies the time when cookie becomes invalid. The value acquired from "received request time + setting value of QOSCookieExpires directive" is set with RFC822 format.
path=/
A URL to which the cookie is applied. In this module, settings are done so that the cookie will be valid for all the URLs in the domain for which the cookie is valid.
domain=DOMAIN_NAME
Domain to which the cookie is applied. The value is specified in QOSCookieDomain directive.
secure
Specify whether to send cookie from the client to the server when using only SSL. The value is specified in QOSCookieSecure directive.
User creation mode
Cosminexus HTTP Server does not generate cookies. Cookies generated by programs other than Cosminexus HTTP Server are returned to the client by using the Set-Cookie header.
(b) Headers when access is denied by the flow-restricting functionality

When access is denied by the flow-restricting functionality, the Expires header, which stops the response message from being cached, is added to the response header. This is because if the response is cached, the cached message is displayed, and requests might not be sent to the server, even if the server can accept request processing. The server disconnects after sending the denial message.

The other response headers are set as shown below. The character set specified in the AddDefaultCharset directive is added to the Content-Type header.

(i) Standard message for the status code 503
Content-Type: text/html
(ii) A customized message from QOSResponse
Content-Type: The QOSResponse directive specification value
(iii) A Message for the status code 302 from QOSRedirect
Content-Type: text/html
Location: The QOSResponse directive specification value

(4) Notes