kHTTPd, a Kernel-Based Web Server
Web servers have become an important part of today's infrastructure for business, trading, entertainment and information. Some of the Web's sites take millions of hits every day, or even every hour. It is only natural that computer science researchers soon began wondering how to make web servers faster, more resource-efficient and fail-safe.
The search for more speed triggered a whole new area of operating system theory research, that of execution path analysis. The author of this article, while a Ph.D. student, researched this topic at length studying the Apache server. One of the most interesting discoveries was that for static pages, more than 80 percent of the instructions are actually executed in kernel space (protected mode). This has some serious implications.
First, as we learned in the previous three columns, the only way to enter kernel space for a user program such as Apache is to execute a system call. System calls are expensive because they involve complex checks and search many kernel tables.
Also, switching from user space and back often flushes the on-processor TLB (Translation Lookaside Buffer) cache as well as primary and secondary cache entries.
As a consequence, Linux kernel developers realized that a kernel-based web server was needed. Such a kernel-space web server would not incur the costs involved in switching back and forth to and from protected mode.
Just such a kernel-space web server, called kHTTPd, was implemented in Linux kernel versions 2.3.x and 2.4. kHTTPd is different from other kernel web servers in that it runs from within the Linux kernel as a module (device driver).
kHTTPd handles only static (file-based) web pages, and passes all requests for non-static information to a regular user-space web server such as Apache or Zeus. Static web pages, while not complex to serve, are nevertheless very important. This is because virtually all images are static, as are a large portion of HTML pages. A “regular” web server adds little value for static pages; it is simply a “copy file to network” operation. The Linux kernel is very good at this; the NFS (network file system) dæmon, for example, also runs in the kernel.
“Accelerating” the simple case of serving static pages within the kernel leaves user-space dæmons free to do what they are very good at: generating user-specific, dynamic content. A user-space web server such as Apache, typically loaded with many features and many execution paths, can't be as fast as kHTTPd. There are, however, a few web servers that are as simple as kHTTPd but implemented in user space, so they are not expensive consumers of processor cycles, even compared with kHTTPd.
kHTTPd is very simple; it can't handle dynamic content. So, it proxies all requests for those directories you configure via the sysctl called “dynamic” to a fully functional user-space web server such as Apache. It's a global win, though, since most of the transfers of a common web server are images, which are definitely static.
kHTTPd is actually not much different from a normal http dæmon in principle. The main difference is that it bypasses the syscall layer. Normally, an http server contains code like this:
socket(..) bind(..) listen(..) accept(..)
and each call has to enter the kernel, look up kernel structures as function(s) of the parameter(s) passed, return information to user space, etc.
Being a kernel dæmon itself, kHTTPd interfaces directly with the internal kernel structures and system calls involved and so avoids the user-kernel interaction completely. Also, because it's a kernel dæmon, it avoids switch_mm and TLB flushes. Last but not least, it avoids all enter/exit kernel overhead.
There are not many data structures for kHTTPd. They are in net/kHTTPd/structure.h.
The first is a per-connection structure. The second is a per-kHTTPd-thread structure by which many http_requests can be queued.
kHTTPd can be compiled as a loadable module, or linked statically into the kernel. Linking statically into the kernel will provide better performance, because it will be allocated in a more efficient and TLB-persistent page-table mapping.
Control of kHTTPD is performed via the /proc filesystem at /proc/sys/net/khttpd. Table 1 shows the sysctl parameters which can be set, along with a description of each (from the docs).
|Jarvis, Please Lock the Front Door||Aug 31, 2016|
|Contrast Security's Contrast Enterprise||Aug 30, 2016|
|illusive networks' Deceptions Everywhere||Aug 29, 2016|
|Happy Birthday Linux||Aug 25, 2016|
|ContainerCon Vendors Offer Flexible Solutions for Managing All Your New Micro-VMs||Aug 24, 2016|
|Updates from LinuxCon and ContainerCon, Toronto, August 2016||Aug 23, 2016|
- Jarvis, Please Lock the Front Door
- Download "Linux Management with Red Hat Satellite: Measuring Business Impact and ROI"
- Contrast Security's Contrast Enterprise
- illusive networks' Deceptions Everywhere
- Happy Birthday Linux
- All about printf
- New Version of GParted
- What I Wish I’d Known When I Was an Embedded Linux Newbie
- Tech Tip: Really Simple HTTP Server with Python
- Blender for Visual Effects
With all the industry talk about the benefits of Linux on Power and all the performance advantages offered by its open architecture, you may be considering a move in that direction. If you are thinking about analytics, big data and cloud computing, you would be right to evaluate Power. The idea of using commodity x86 hardware and replacing it every three years is an outdated cost model. It doesn’t consider the total cost of ownership, and it doesn’t consider the advantage of real processing power, high-availability and multithreading like a demon.
This ebook takes a look at some of the practical applications of the Linux on Power platform and ways you might bring all the performance power of this open architecture to bear for your organization. There are no smoke and mirrors here—just hard, cold, empirical evidence provided by independent sources. I also consider some innovative ways Linux on Power will be used in the future.Get the Guide