« Did you know that each integer in a PHP array takes 68 bytes of storage? | Main | Ten Years at HP »

Hercules made me a fan of VM appliances

Came across Hercules, a VM appliance, while looking for a TCP-level load-balancer for a WebLogic Cluster setup. WebLogic Server does includes a HTTP-level load-balancing servlet known as HttpClusterServlet, which works okay for HTTP and simple HTTPS traffic, but not for 2-way SSL (or SSL with mutual authentication). The problem is that the connection originated from the client terminates at HttpClusterServlet and a new connection is established to one of the servers within the cluster, losing the user identification embedded within the client certificate. What you need for such configurations is a load-balancer that can transparently forward the TCP connection to a cluster machine and let the machine do the SSL handshake and map the certificate DN to a user identity. Hercules fit the bill.

Once I started playing with Hercules, I realized that it did more than just fitting the bill -- at download size of just 2.5MB, it was the tiniest VM image I have ever come across. Built with BusyBox, uClibc, Pen, Dropbear, thttpd and udhcpc, it does a remarkable job of providing all the needed basic functionality of load-balancing a wide variety of TCP-based protocols such as HTTP/S, SMTP, FTP, POP3 and LDAP with minimal of disk and memory footprint. Not only that, the documentation included was very concise, clear and very complete, a rarity among less well-known opensource software.

Getting it to work with VMware Server was a snap. Even making configuration changes from default of supporting only HTTP to support both HTTP and HTTPS was fairly straight-forward. And it did its job of load-balancing client connections and failing over flawlessly.

Although I have only good things to say about Hercules, my experience with VMware hosted Virtual Appliance Marketplace was less than stellar. It does a great job of maintaining a directory of third-party appliances and providing basic information, including download statistics that can help one determine the popularity of a particular appliance. Where it fell short, in my opinion, is how users download the VM images, some of which could be very big, running into Giga bytes. VMware doesn't really host images, it simply points to the location specified by the creator. Appliance creators often provide downloads through BitTorrent, which, unfortunately, are blocked within most corporate firewalls and are not very helpful anyway as few appliances are so popular to attract large no. of simultaneous downloads. I could get Hercules image bits only because its creator prabhakar posted a message with http download URL.

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)

About

This page contains a single entry from the blog posted on June 27, 2008 3:35 PM.

The previous post in this blog was Did you know that each integer in a PHP array takes 68 bytes of storage?.

The next post in this blog is Ten Years at HP.

Many more can be found on the main index page or by looking through the archives.

Powered by
Movable Type 3.33