Virtualized webserver vs vhost alias?

Phantum

[H]ard|Gawd
Joined
Jul 25, 2001
Messages
1,716
Hey guys, quick question; How much more overhead would there be if one decided to switch over from using Apache's vhost alias to run multiple sites on the same machine to a 'fat-host' which spawns virtual machines for the sites?
 
It's a pretty big amount of extra overhead. Adding an extra vhost is pretty low cost, but an extra virtual machine is likely going to eat up a bunch of disk space for a copy of the OS image, a chunk of ram for the virtualized kernel, and the daemons inside it, plus whatever the VM needs. (running multiple copies of the daemon with different configs might be a less overhead way of getting what you want; still have overhead of running more apache processes, but not another kernel; chroot might be better than full virtualization if you want separate OS builds, but don't need separate kernels or process spaces)

It really depends on how much separation you need between the different vhosts. With one daemon, generally you have the situation where any site can use all the resources; this is good if there aren't any service priorities or guarantees; you won't run into a situation where the box as a whole is underutilized, but one site has maxed out the resources in its VM. It's bad if you're hosting high and low priority stuff together and the low priority stuff eats all the resources; it's also bad if you have (or need) strong service guarantees and a low traffic site misses it's SLA because of a high traffic (or bursty) site on the same machine.
 
Totally depends on how you implement the VMs. If you use something like KVM or Hyper-V you're talking about huge overhead compared to the original implementation. If you use something like LXC, FreeBSD Jails or OpenVZ, your overhead will be low. The performance overhead will also depend on what kind of hardware you are using. If your VM host is an 8-core system with 32GB+ of RAM and you are serving up static HTML sites, the additional overhead may make no difference at all, but provide easier management. For crazy complex vhost management without resorting to a VM-based solution, check out Lighttpd's wildcard/regex-based vhost configurations.
 
Well, the backstory is this; GoDaddy wants to charge me to either upgrade my account in where SSL is a free feature, or they want to charge me extra (about 6 bucks/month) to add SSL to my current account. Now I've spent the last couple weeks playing around with Apache and to my knowledge a certificate is applied server wide; so even though I could technically SSH into my host and possibly issue the proper commands to generate a certificate, it would either apply it server wide or I wouldn't have all the necessary permissions to generate and apply the certificate. But I guess I'm left with the two options GoDaddy gave me (stated above)...
 
Each SSL cert needs its own IP. GoDaddy wants to charge you extra because you need another IP to add SSL to a host. You can't get around that.
 
Each SSL cert needs its own IP. GoDaddy wants to charge you extra because you need another IP to add SSL to a host. You can't get around that.

Apache has supported SNI for a while now, so you "sorta" don't need multiple IPs anymore for multiple SSL vhosts. Only problem with using SNI is that browsers on XP won't support it, but any recent browser on Vista or higher should work fine.

Funnily enough, I was messing with this exact thing today. Or was going to, until I realised my dedicated server actually has 10 IPs, so didn't bother. :)

http://wiki.apache.org/httpd/NameBasedSSLVHostsWithSNI

For a production site I probably wouldn't mess with it, but if it was just my own personal site with a single IP and I have a few vhosts I would probably give it a whirl.
 
Back
Top