Loading
kHTTPd, a Kernel-Based Web Server
Linux kernel developers realized that a kernel-based web server was needed.
Web servers have become an important part of today's infrastructure for business, trading, entertainment and information. Some of the Web's sites take millions of hits every day, or even every hour. It is only natural that computer science researchers soon began wondering how to make web servers faster, more resource-efficient and fail-safe.
The search for more speed triggered a whole new area of operating system theory research, that of execution path analysis. The author of this article, while a Ph.D. student, researched this topic at length studying the Apache server. One of the most interesting discoveries was that for static pages, more than 80 percent of the instructions are actually executed in kernel space (protected mode). This has some serious implications.
First, as we learned in the previous three columns, the only way to enter kernel space for a user program such as Apache is to execute a system call. System calls are expensive because they involve complex checks and search many kernel tables.
Also, switching from user space and back often flushes the on-processor TLB (Translation Lookaside Buffer) cache as well as primary and secondary cache entries.
As a consequence, Linux kernel developers realized that a kernel-based web server was needed. Such a kernel-space web server would not incur the costs involved in switching back and forth to and from protected mode.
Just such a kernel-space web server, called kHTTPd, was implemented in Linux kernel versions 2.3.x and 2.4. kHTTPd is different from other kernel web servers in that it runs from within the Linux kernel as a module (device driver).
kHTTPd handles only static (file-based) web pages, and passes all requests for non-static information to a regular user-space web server such as Apache or Zeus. Static web pages, while not complex to serve, are nevertheless very important. This is because virtually all images are static, as are a large portion of HTML pages. A “regular” web server adds little value for static pages; it is simply a “copy file to network” operation. The Linux kernel is very good at this; the NFS (network file system) dæmon, for example, also runs in the kernel.
“Accelerating” the simple case of serving static pages within the kernel leaves user-space dæmons free to do what they are very good at: generating user-specific, dynamic content. A user-space web server such as Apache, typically loaded with many features and many execution paths, can't be as fast as kHTTPd. There are, however, a few web servers that are as simple as kHTTPd but implemented in user space, so they are not expensive consumers of processor cycles, even compared with kHTTPd.
kHTTPd is very simple; it can't handle dynamic content. So, it proxies all requests for those directories you configure via the sysctl called “dynamic” to a fully functional user-space web server such as Apache. It's a global win, though, since most of the transfers of a common web server are images, which are definitely static.
kHTTPd is actually not much different from a normal http dæmon in principle. The main difference is that it bypasses the syscall layer. Normally, an http server contains code like this:
socket(..) bind(..) listen(..) accept(..)
and each call has to enter the kernel, look up kernel structures as function(s) of the parameter(s) passed, return information to user space, etc.
Being a kernel dæmon itself, kHTTPd interfaces directly with the internal kernel structures and system calls involved and so avoids the user-kernel interaction completely. Also, because it's a kernel dæmon, it avoids switch_mm and TLB flushes. Last but not least, it avoids all enter/exit kernel overhead.
There are not many data structures for kHTTPd. They are in net/kHTTPd/structure.h.
The first is a per-connection structure. The second is a per-kHTTPd-thread structure by which many http_requests can be queued.
Listing 1. /proc/sys/net/khttpd/structure.h
kHTTPd can be compiled as a loadable module, or linked statically into the kernel. Linking statically into the kernel will provide better performance, because it will be allocated in a more efficient and TLB-persistent page-table mapping.
Control of kHTTPD is performed via the /proc filesystem at /proc/sys/net/khttpd. Table 1 shows the sysctl parameters which can be set, along with a description of each (from the docs).
Table 1. Parameters Configurable through /proc/sys/net/khttpd
______________________
White Paper
Fabric-Based Computing Enables Optimized Hyperscale Data Centers
Today’s modular x86 servers are compute-centric, designed as a least common denominator to support a wide range of IT workloads. Those generic, virtualized IT workloads have much different resource optimization requirements than hyperscale and cloud applications. They have resulted in a “one size fits all” enterprise IT architecture that is not optimized for a specific set of IT workloads, and especially not emerging hyperscale workloads, such as web applications, big data, and object storage. In this report, you will learn how shifting the focus from traditional compute-centric IT architectures to an innovative disaggregated fabric-based architecture can optimize and scale your data center.
Sponsored by AMD
White Paper
Red Hat White Paper: Using an Open Source Framework to Catch the Bad Guy
Built-in forensics, incident response, and security with Red Hat Enterprise Linux 6
Every security policy provides guidance and requirements for ensuring adequate protection of information and data, as well as high-level technical and administrative security requirements for a system in a given environment. Traditionally, providing security for a system focuses on the confidentiality of the information on it. However, protecting the data integrity and system and data availability is just as important. For example, when processing United States intelligence information, there are three attributes that require protection: confidentiality, integrity, and availability.
Learn more about catching the bad guy in this free white paper.
Sponsored by DLT Solutions
- RSS Feeds
- Making Linux and Android Get Along (It's Not as Hard as It Sounds)
- New Products
- Drupal Is a Framework: Why Everyone Needs to Understand This
- A Topic for Discussion - Open Source Feature-Richness?
- Home, My Backup Data Center
- Validate an E-Mail Address with PHP, the Right Way
- New Products
- Developer Poll
- Trying to Tame the Tablet
Enter to Win an Adafruit Prototyping Pi Plate Kit for Raspberry Pi
It's Raspberry Pi month at Linux Journal. Each week in May, Adafruit will be giving away a Pi-related prize to a lucky, randomly drawn LJ reader. Winners will be announced weekly.
Fill out the fields below to enter to win this week's prize-- a Prototyping Pi Plate Kit for Raspberry Pi.
Congratulations to our winners so far:
- 5-8-13, Pi Starter Pack: Jack Davis
- 5-15-13, Pi Model B 512MB RAM: Patrick Dunn
- Next winner announced on 5-21-13!
Free Webinar: Linux Backup and Recovery
Most companies incorporate backup procedures for critical data, which can be restored quickly if a loss occurs. However, fewer companies are prepared for catastrophic system failures, in which they lose all data, the entire operating system, applications, settings, patches and more, reducing their system(s) to “bare metal.” After all, before data can be restored to a system, there must be a system to restore it to.
In this one hour webinar, learn how to enhance your existing backup strategies for better disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible bare-metal recovery solution for UNIX and Linux systems.
Developer Poll
1 hour 24 min ago
2 hours 10 sec ago
2 hours 1 min ago
2 hours 2 min ago
2 hours 3 min ago
2 hours 6 min ago
2 hours 8 min ago
3 hours 5 min ago
4 hours 24 min ago
7 hours 57 min ago