M
marc2112
Hi all-
Does anyone have any great ideas or experiences they could share
regarding pushing new code out to a live website? I have two load
balanced machines running my application. There is some important
state in the HttpSession.
I'm currently running Jetty 5 but would consider switching to another
open-source container if it made the most sense for this need.
Some approaches I'm considering:
- Session replication - replicate sessions among all web servers such
that it doesn't matter which web server the user goes to. If I take
one down, the load balancer will just send existing connections to the
other machine.
- Use the load balancer - have all new sessions go to one host. When
all of the sessions on the other host log off, upgrade that machine.
Then, have all new sessions go to the updated host and wait to update
the other
- Manufacture a session id guid and use that to reconstruct state from
the database if the session doesn't exist. Some concerns I have with
this relate to session hijacking issues.
I'm sure there are much better and/or proven strategies that you all
have used. If you could share your thoughts and experiences, I'd be
much obliged.
Thanks!
Does anyone have any great ideas or experiences they could share
regarding pushing new code out to a live website? I have two load
balanced machines running my application. There is some important
state in the HttpSession.
I'm currently running Jetty 5 but would consider switching to another
open-source container if it made the most sense for this need.
Some approaches I'm considering:
- Session replication - replicate sessions among all web servers such
that it doesn't matter which web server the user goes to. If I take
one down, the load balancer will just send existing connections to the
other machine.
- Use the load balancer - have all new sessions go to one host. When
all of the sessions on the other host log off, upgrade that machine.
Then, have all new sessions go to the updated host and wait to update
the other
- Manufacture a session id guid and use that to reconstruct state from
the database if the session doesn't exist. Some concerns I have with
this relate to session hijacking issues.
I'm sure there are much better and/or proven strategies that you all
have used. If you could share your thoughts and experiences, I'd be
much obliged.
Thanks!