One goal. 2 settings. Which one would you recommend?

Hi

I am debating what is a better setting between the 2 settings below.

Setting#1 and Setting#2 attempt to do the same task (flow control by
controlling the IP sources).

Setting#1 uses one machine and Setting#2 uses 2 machines in a cascading
manner.

Thank you for your help

  1. Setting #1 1 machine with N CPU
    ===========================

[…]

upstream dynamic {
least_conn;
server XXX.XXX.XXX.XXX:9990;
[…]
keepalive 5;
}

upstream locallayer {
server 127.0.0.1:7999;
keepalive 200;
}

limit_conn_zone $binary_remote_addr zone=peripconn:100m;
limit_req_zone $binary_remote_addr zone=peripreq:1000m rate=30000r/s;

server {
listen 7999;
server_name local.com;
proxy_intercept_errors on;
location / {
limit_conn peripconn 160;
limit_req zone=peripreq burst=100 nodelay;
limit_conn_status 503;
limit_req_status 503;
proxy_http_version 1.1;
proxy_set_header Connection “”;
proxy_connect_timeout 10ms;
proxy_send_timeout 10ms;
proxy_read_timeout 60ms;
proxy_pass http://dynamic;
}
error_page 302 400 403 404 408 500 502 503 504 = /empty;
location /empty {
return 204;
}
}

server {
listen 8002;
proxy_intercept_errors on;

location / {
    limit_conn peripex 5;
    limit_conn_status 503;
    proxy_http_version 1.1;
    proxy_set_header Connection "";
    proxy_pass http://locallayer;
}
error_page 302 400 403 404 408 500 502 503 504 = /empty;
location /empty {
    return 204;
}

}

[…]

  1. Setting #2 2 machines each N/2 CPU
    ==============================
  • Machine #1:

[…]

upstream machine2 {
least_conn;
server ip/of/machine2:7999;
keepalive 200;
}

server {
listen 8002;
proxy_intercept_errors on;

location / {
    limit_conn peripex 5;
    limit_conn_status 503;
    proxy_http_version 1.1;
    proxy_set_header Connection "";
    proxy_pass http://machine2;
}
error_page 302 400 403 404 408 500 502 503 504 = /empty;
location /empty {
    return 204;
}

}

[…]

  • Machine #2:

[…]

upstream dynamic {
least_conn;
server XXX.XXX.XXX.XXX:9990;
[…]
keepalive 5;
}

limit_conn_zone $binary_remote_addr zone=peripconn:100m;
limit_req_zone $binary_remote_addr zone=peripreq:1000m rate=30000r/s;

server {
listen 7999;
server_name local.com;
proxy_intercept_errors on;
location / {
limit_conn peripconn 160;
limit_req zone=peripreq burst=100 nodelay;
limit_conn_status 503;
limit_req_status 503;
proxy_http_version 1.1;
proxy_set_header Connection “”;
proxy_connect_timeout 10ms;
proxy_send_timeout 10ms;
proxy_read_timeout 60ms;
proxy_pass http://dynamic;
}
error_page 302 400 403 404 408 500 502 503 504 = /empty;
location /empty {
return 204;
}
}
[…]

Posted at Nginx Forum: