4. Configure Perlbal

Perlbal is a Perl-based reverse-proxying load balancer and web server. It helps distribute site load over a number of servers. A backend can instruct Perlbal to fetch the user's data from a completely separate server and port and URL, 100% transparent to the user. You might use this to serve images elsewhere (like an image caching service, as part of a content delivery network).

One way LiveJournal can use this is with “palimg” files. Palimg files can be used in user styles to dynamically alter the palette of a PNG or GIF image, according to user customizations. Doing this through the Perlbal plugin instead of using mod_perl is more efficient.

4.1. Install Perlbal

Settings.  You will need the Perlbal server code from SVN (http://code.sixapart.com/svn/perlbal/trunk/). It is is automatically checked out into your cvs subdirectory then placed in $LJHOME/src/perlbal for you. To set it up, build and install the code as before:

# cd $LJHOME/cvs/perlbal
# perl Makefile.PL
# make
# make test
# make install

4.2. Set up Perlbal

You will need to create a directory for your configuration file. If you know what you are doing, you may find it useful to combine the contents of the perlbal.conf and ssl.conf files under $LJHOME/cvs/perlbal/conf/ into a single file, and place that under /etc/perlbal. Alternatively, an example perlbal.conf follows.

# mkdir /etc/perlbal
# cp $LJHOME/cvs/perlbal/conf/perlbal.conf /etc/perlbal/

4.3. Example perlbal.conf

Now, edit the configuration file.

# nano -w /etc/perlbal/perlbal.conf

Replace EXAMPLEHOSTNAME.lj with the full hostname of your domain, or virtual machine if you are using one (and verify all hostname configurations). If you will not be using SSL, comment out all SSL lines. Similarly, if you are not storing static files (like site images and stylesheets) under their own subdomain, you can amend or comment out all 'stat' lines.

load palimg
load Vhosts
load AccessControl

SERVER aio_mode = ioaio

CREATE SERVICE uptrack
  SET role = upload_tracker
  SET listen = 127.0.0.1:7002
ENABLE uptrack

CREATE SERVICE ss
  SET listen = 0.0.0.0:80
  SET role = selector
  SET plugins = vhosts
  VHOST *.EXAMPLEHOSTNAME.lj = web_proxy
  VHOST stat.EXAMPLEHOSTNAME.lj = web_stat
ENABLE ss

CREATE POOL web_proxy_pool
  POOL web_proxy_pool ADD 127.0.0.1:8081

CREATE SERVICE web_proxy
  SET role = reverse_proxy
  SET pool = web_proxy_pool
  SET persist_backend = on
  SET max_backend_uses = 10
  SET backend_persist_cache = 2
  SET verify_backend = on
  SET balance_method = random
  SET enable_reproxy = on
  SET upload_status_listeners = 127.0.0.1:7002
  SET buffer_uploads = off
ENABLE web_proxy

CREATE SERVICE ssl_proxy
  SET role = reverse_proxy
  SET pool = web_proxy_pool
  SET listen = 0.0.0.0:443
  SET enable_ssl = on
  SET persist_backend = on
  SET max_backend_uses = 10
  SET backend_persist_cache = 2
  SET verify_backend = on
  SET balance_method = random
  SET enable_reproxy = on
  SET ssl_key_file   = /etc/perlbal/certs/server-key.pem
  SET ssl_cert_file  = /etc/perlbal/certs/server-cert.pem
ENABLE ssl_proxy

CREATE SERVICE web_stat
  SET role = web_server
  SET docroot = /home/lj/htdocs/stc
  SET dirindexing = on
ENABLE web_stat

CREATE SERVICE mgmt
  SET role = management
  SET listen = 127.0.0.1:8065
ENABLE mgmt

4.4. SSL steps and startup

Create a self-signed certificate and key for SSL next. You only need to add this if you are using SSL. If you have already purchased a signed certificate and have a key, then of course you can use that instead.

$ sudo openssl req -x509 -newkey rsa:1024 -keyout server-key.pem -out server-cert.pem -days 365 -nodes
$ sudo mkdir /etc/perlbal/certs
$ sudo mv server-*.pem /etc/perlbal/certs/

Last, start the Perlbal daemon:

# /usr/bin/perlbal -d

If it reports the listening socket is already in use, edit your Apache httpd.conf file:

  • Replace Port 80 with Listen 192.170.2.1:8081 for LiveJournal

  • Replace <VirtualHost 192.170.2.1:80> with <VirtualHost 192.170.2.1:8081>