10 Replies Latest reply on Jun 15, 2017 5:15 PM by LisaRose

    Understanding FMS16 Worker Machines.

    bigtom

      There have been some questions about how the worker machines really function. I have read what others have written but I still did not fully grasp it so I decided to try it out for myself using only IP addresses. I did figure out a few interesting things.

       

      1. If you only have WD users, adding only one worker machine is not really useful at all if it is comparable the the master in CPU/RAM. WD connections will be on the worker only unless the conditions in #2 and #3 are met.
      2. The master will only handle overflow WD connections if you are using hostnames/SSL.
      3. The master will only handle overflow WD connections if #2 is true and all worker machine have reached 100 connection limit.

       

      I first did a test with one worker machine. Then I added a second worker machine. The master will not support any Web Direct clients if you have any worker machines deployed. So adding one worker machine when you only have WD clients is kind of the same as if you used the worker as the master. This is considering many deployments will have an average of 10-20 WD users. If you have 30+WD users I would guess that the master could be a modest 4 core machine and the worker could be a 20 core machine and there is a different thing going on there.

       

      The master seemed to balance the load pretty evenly between the two worker machines. Adding multiple workers seems to be where the real benefit is even if you have only 10 WD users. When you hit the 100 connection limit on the workers FMS stops taking new WD connections and returns "A server with the specified hostname could not be found."

       

      Per LisaRose, rollover to the master only happens when hostnames and SSL are used AND the worker machines all reach 100 connections. This might also be a way to reserve the master cpu for FMP and FMGo connections.

       

      The redirect the master provides is seamless to the user. The redirection used about 5-7% of the master CPU resources on a 4 core server maintaining a user connection activity once per second.

       

      Tested with the FMServer_Sample file.

       

      Message was edited by: bigtom. Changed the original post based on info from @lisarose regarding physical test results using hostnames/SSL.

        • 1. Re: Understanding FMS16 Worker Machines.
          taylorsharpe

          Interesting, Tom.  Thanks for sharing.  It is useful information that I did not know. 

          • 2. Re: Understanding FMS16 Worker Machines.
            CICT

            Likewise Tom, thanks for sharing this. Raises an issue when someone posts something really useful like this, we're unable to mark as Helpful or Like, only subsequent posts, the only option being the rating.

             

            Regards

             

            Andy

            • 3. Re: Understanding FMS16 Worker Machines.
              bigtom

              I was pretty surprised at how it works but it makes sense now when I think that there can be a master and 5 workers.

               

              The documentation says they all need to be on the same LAN but I have not tested that yet. Maybe it matches the IPs or hostnames?

              1 of 1 people found this helpful
              • 4. Re: Understanding FMS16 Worker Machines.
                LisaRose

                It is true that in a 2-machine deployment (master-worker), the load balancer will never route WebDirect file requests to the master unless the worker has reached capacity (e.g. 100 sessions). And the master thus won't share any WebDirect load until that point. Though there can still be advantages to this arrangement. The worker can be dedicated to only handling WebDirect requests, while the master may be handling other load (e.g. FileMaker Pro & Go sessions, PHP & XML requests, or things unrelated to FileMaker), without having a drain on its own resources from WebDirect requests. Or the worker might be public facing, while the master is secured behind a firewall.

                1 of 1 people found this helpful
                • 5. Re: Understanding FMS16 Worker Machines.
                  bigtom

                  In my test the master never took any of the WD load even when the workers were at full capacity.

                  • 6. Re: Understanding FMS16 Worker Machines.
                    LisaRose

                    That doesn't sound like intended behavior. By design, the master machine should start taking WebDirect requests once the worker's capacity is reached. Though there are some known contexts in which that won't occur. Just to be clear: 1) Your license allows more than 100 user connections? 2) WPE is definitely on in master? 3) And the machines are configured together with host names that can both be accessed from the client browsers you're testing with? (e.g. as in attached screenshot from page 28 of the FileMaker Server 16 Installation and Configuration Guide).admin_console.png

                    3 of 3 people found this helpful
                    • 7. Re: Understanding FMS16 Worker Machines.
                      bigtom

                      I did a quick test on LAN with IP only for all machines. Does FQDN for hostnames make a difference? Have you tested this?

                       

                      WPE is on for master. License has plenty of connections for the test. The IP addresses can all be accessed from the browser.

                       

                      When using the master only it supports WD just fine.

                      • 8. Re: Understanding FMS16 Worker Machines.
                        LisaRose

                        Thanks for the additional info. Yes, FQDNs do make a difference here. We've tested this scenario with FQDNs (based on internal subdomains under main domain, routed by internal DNS server, and also using SAN certificates for valid SSL connections). And spillover to master definitely occurs when worker capacity for WebDirect connections is met in this scenario. And we have also seen that when only IP addresses are used (e.g. as assigned by internal network) that this spillover can fail to occur. When this happens, the load balancer may try to send requests to an inaccessible address (e.g. http://yyy.xxx.yournetworkdomain.com/fmi/webd/yourfile?redirected=true&lgcnt=0 (where xxx & yyy are 3rd & 4th octets of IPv4 address, respectively), though exact form of failure may depend on network routing rules). Do you see something like this when failure occurs on your 101st attempted WebDirect user connection? (or is host address of failed request still fully valid?).

                        2 of 2 people found this helpful
                        • 9. Re: Understanding FMS16 Worker Machines.
                          bigtom

                          LisaRose wrote:

                           

                          Thanks for the additional info. Yes, FQDNs do make a difference here. We've tested this scenario with FQDNs (based on internal subdomains under main domain, routed by internal DNS server, and also using SAN certificates for valid SSL connections). And spillover to master definitely occurs when worker capacity for WebDirect connections is met in this scenario. And we have also seen that when only IP addresses are used (e.g. as assigned by internal network) that this spillover can fail to occur. When this happens, the load balancer may try to send requests to an inaccessible address (e.g. http://yyy.xxx.yournetworkdomain.com/fmi/webd/yourfile?redirected=true&lgcnt=0 (where xxx & yyy are 3rd & 4th octets of IPv4 address, respectively), though exact form of failure may depend on network routing rules). Do you see something like this when failure occurs on your 101st attempted WebDirect user connection? (or is host address of failed request still fully valid?).

                           

                          LisaRose This is good news. I updated the original post. I was testing from the perspective of a small office with local machines that only uses IP and does not have any sort of local hostname DNS server or SSL. Likely a small office would never see over the 100 connection limit on multiple servers, but it was a byproduct result of the load balancing test. I will have to setup the test again and see what the failure is doing and also test a properly networked setup. Do you know if the redirect back to the master is limited by hostnames or SSL or the need to use both.

                           

                          Not using hostnames/SSL Might be a way to reserve the master for FMP/FMGo connections. Not secure, but seems to be that it would work that way.

                           

                          I think the main thing here is that the master will still not handle any WD connections until you overrun the 100 connections per additional worker. It might also be a confusing situation as the master is labeled Worker1 in the WPE and it will not do any work until the limit is overrun.

                          • 10. Re: Understanding FMS16 Worker Machines.
                            LisaRose

                            Thanks for the update! Just to be clear, SSL itself may not be required for rollover to the master (though it's definitely a recommended best practice, and we usually test with it in place). But using valid host names (e.g. FQDNs) as opposed to just network IP addresses may actually be required for rollover to occur correctly. These host names should also be used when configuring the two machines together (e.g. when entering master address into worker's connection setup screen), as opposed to IP addresses, and should also be accessible from all browser client machines. Thanks for taking the initiative to try all this, raise these questions, and provide those numbers!

                            2 of 2 people found this helpful