|
»
« Return to Thread: Software load balancers for red5?
Software load balancers for red5?
by bererton
::
Rate this Message:
We're looking into load balancing our red5 application and I have a
couple of questions that the list might have some experience with.
Has anyone configured red5, or RTMP/RTMPT/RTPMS in general to work
with a software load balancer such as HAProxy, pound, nginx, or other
balancer. Our current requirements make origin/edge clustering
unnecessary (we're mostly just talking to a database through red5 for
now). Obviously a DNS or client side round robin would work, but it
would be great to pass connections off to the least loaded server if
we could.
We don't have access to the physical machines, so a software load
balancer would be best.
Any ideas/ experience with software load balancers and RTMP*?
thanks in advance for any help,
~Curt
p.s. a little rough draft on how to secure red5's default
configuration (this is very much a work in progress, I still have to
read through all of the config files):
* Take a look at jasypt for encrypting properties files.
* When red5 server starts it starts a java management extension bean
(JMX) which can be used to monitor the memory, threads etc. of the
server.
* For more info about jmx start here
http://www-128.ibm.com/developerworks/java/library/j-jtp09196/index.html?ca=drs
* The Spring bean that controls this is in conf/red5-common.xml.
find the jmx section:
* Note that JMX communications are not sent over ssl by default.
* Note that there is an html adapter port on 8082, and an rmi
adapter port on 9999
* Furthermore the JMX user and password are defined in
conf/access.properties, note that the red5user has both read and
write, this should probably be changed to readonly for more security
* Whether or not you change the above to access.properties, you
should definitely open the conf/password.properties and change the
default red5user password
* There is a password file in conf/realm.properties change the
password, and you should probably obfuscate it as well.
* If you were messing around with the admin panel you may have added
some admin users via that to webapps/admin/WEB-INF/users.properties,
also in the same directory the salt for the admin panel password
creator would probably be a good idea to change.
* If your web application doesn't use remoting you can comment out
the remoting servlet in the web.xml file of your webapps' WEB-INF
directory.
_______________________________________________
Red5 mailing list
Red5@...
http://osflash.org/mailman/listinfo/red5_osflash.org
couple of questions that the list might have some experience with.
Has anyone configured red5, or RTMP/RTMPT/RTPMS in general to work
with a software load balancer such as HAProxy, pound, nginx, or other
balancer. Our current requirements make origin/edge clustering
unnecessary (we're mostly just talking to a database through red5 for
now). Obviously a DNS or client side round robin would work, but it
would be great to pass connections off to the least loaded server if
we could.
We don't have access to the physical machines, so a software load
balancer would be best.
Any ideas/ experience with software load balancers and RTMP*?
thanks in advance for any help,
~Curt
p.s. a little rough draft on how to secure red5's default
configuration (this is very much a work in progress, I still have to
read through all of the config files):
* Take a look at jasypt for encrypting properties files.
* When red5 server starts it starts a java management extension bean
(JMX) which can be used to monitor the memory, threads etc. of the
server.
* For more info about jmx start here
http://www-128.ibm.com/developerworks/java/library/j-jtp09196/index.html?ca=drs
* The Spring bean that controls this is in conf/red5-common.xml.
find the jmx section:
* Note that JMX communications are not sent over ssl by default.
* Note that there is an html adapter port on 8082, and an rmi
adapter port on 9999
* Furthermore the JMX user and password are defined in
conf/access.properties, note that the red5user has both read and
write, this should probably be changed to readonly for more security
* Whether or not you change the above to access.properties, you
should definitely open the conf/password.properties and change the
default red5user password
* There is a password file in conf/realm.properties change the
password, and you should probably obfuscate it as well.
* If you were messing around with the admin panel you may have added
some admin users via that to webapps/admin/WEB-INF/users.properties,
also in the same directory the salt for the admin panel password
creator would probably be a good idea to change.
* If your web application doesn't use remoting you can comment out
the remoting servlet in the web.xml file of your webapps' WEB-INF
directory.
_______________________________________________
Red5 mailing list
Red5@...
http://osflash.org/mailman/listinfo/red5_osflash.org
« Return to Thread: Software load balancers for red5?
| Free embeddable forum powered by Nabble | Forum Help |
