Cluster Series 1

I have heard of Windows clusters, which can achieve load balancing and high availability, and I have no restrictions on clusters. Today, Marco gave a brief summary about Linux clusters, so that you can learn more about cluster services in Linux. ----- Note what is Li...

I have heard of Windows clusters, which can achieve load balancing and high availability, and I have no restrictions on clusters. Today, Marco gave a brief summary about Linux clusters, so that you can learn more about cluster services in Linux. ----- Note

What is a Linux cluster?
Connecting multiple homogeneous or heterogeneous computers together to complete specific tasks constitutes a cluster system. Linux vendors have also launched a high-availability cluster system that can significantly improve the service quality of multiple network services based on TCP/IP protocols, by connecting physically separated clusters, multiple homogeneous or heterogeneous computers can share computing resources through the LAN or WAN, it also provides users with transparent access to resources. (From CCID)
Linux clusters I understand
In linux, the combination of multiple servers to complete various request tasks is equivalent to the simultaneous processing of operations by multiple CPUs. the speed and security cannot be said. Then, Linux uses a mechanism or algorithm to reasonably allocate the task to each server, so as to complete the task efficiently. Of course, when it comes to clusters, I personally think that the best technology is to provide high availability, especially for real-time online services, which certainly cannot bring servers down for a long time, the cluster also solves this problem.

(1) cluster classification:
LB: load balancing (for large-capacity requests)
HA: high Availability (7x24 online)
HP: high performance and high performance (scientific computing cluster)
Load balancing cluster ):
Server load balancer clusters provide a more practical system for enterprises. This system enables the load to be evenly distributed in the computer group as much as possible. This load may be the load to be balanced by the application processing load or network traffic load. Such a system is very suitable for a large number of users running the same group of applications. Each node can handle part of the load and dynamically allocate the load between nodes to achieve a balance. This is also true for network traffic. Generally, network server applications accept too much incoming traffic and cannot be processed quickly. Therefore, you need to send the traffic to network server applications running on other nodes. It can also be optimized based on different available resources on each node or the special environment of the network.
High Availability cluster ):
High availability clusters are designed to make the overall services of the cluster as available as possible, so as to consider the error tolerance of computing hardware and software. If the master node in the HA cluster fails, it will be replaced by the secondary node during this period of time. The secondary node is usually an image of the master node, so when it replaces the master node, it can take over its identity completely, and thus make the system environment consistent with the user. Real-time online server functionality.
High performance cluster ):
Generally, multiple computers process data at the same time to solve complex scientific problems. This is the foundation of parallel computing, although it does not use a dedicated parallel supercomputer, which is composed of ten to ten thousand independent processors. However, it uses commercial systems, such as a group of single-processor or dual-processor PCs linked through high-speed connections, and communicates on the public message passing layer to run parallel applications. Meteorological Analysis, scientific exploration, nuclear explosion analysis, etc.

We usually use these clusters in combination in actual production. because the server load balancer cluster lvs host has a single point of failure, we can provide services online in real time through high availability.
(2) Common cluster solutions:
LB:
Lvs (Linux Virtual Server)
The following describes LVS in detail.
Haproxy
HAProxy provides high availability, server load balancer, and TCP and HTTP application-based proxy. it supports virtual hosts and is a free, fast, and reliable solution. HAProxy is especially suitable for websites with extremely high loads, which usually require session persistence or layer-7 processing. HAProxy runs on the current hardware and supports tens of thousands of concurrent connections. In addition, its running mode enables it to be easily and securely integrated into your current architecture, while protecting your web servers from being exposed to the network.
HA:
Heartbeat
The Heartbeat project is an integral part of the Linux-HA project, which implements a high-availability cluster system. Heartbeat service and cluster communication are two key components of a highly available cluster. in the heartbeat project, the Heartbeat module implements these two functions.
Corosync + openais: RHCS (Red Hat Suite)
Ultramokey
Keepalive
HP:
Bowerful
(2) LB: load balancing:
Main application of server load balancer technology:
1. the earliest DNS server load balancer technology was implemented through DNS. in DNS, the same name is configured for multiple addresses. Therefore, the client that queries this name will get an address, in this way, different customers can access different servers to achieve load balancing. DNS load balancing is a simple and effective method. Therefore, for the same name, different clients will get different addresses, and they will also connect the Web servers on different addresses, to achieve load balancing. The mechanism of this DNS load balancing is simple round robin. For example, when a client connects to www.51cto.com, DNS can resolve the name to different network addresses such as 202.1.1.1, 202.1.1.2, 202.1.1.3, and 202.1.1.4 in sequence, and these are hosts that provide the same service, make the client feel different.
2. the server load balancer of the proxy server can forward requests to internal servers. using this acceleration mode can obviously increase the access speed of static webpages. However, this technology can also be considered to use a proxy server to evenly forward requests to multiple servers, so as to achieve load balancing.
3. address translation gateway server load balancer supports the address translation gateway of server load balancer. you can map an external IP address to multiple internal IP addresses to dynamically use one of the internal addresses for each TCP connection request, achieve the purpose of load balancing.
4. in addition to the three server load balancer methods, some protocols support server load balancer-related functions, such as HTTP redirection, HTTP runs on the top layer of the TCP connection.
5. NAT server load balancer NAT (Network Address Translation) simply converts an IP Address to another IP Address, it is generally used to convert unregistered internal addresses to valid and registered Internet IP addresses. It is applicable to situations where Internet IP addresses are insufficient and you do not want to know the internal network structure outside the network.
6. reverse proxy server load balancer common proxy is a connection request sent by a proxy internal network user to access a server on the internet. the client must specify the proxy server, and send the connection request that was originally sent directly to the server on the internet to the proxy server for processing. The Reverse Proxy method is to use a Proxy server to accept connection requests from the internet, and then forward the requests to the server on the internal network, return the result obtained from the server to the client requesting connection from the internet. the proxy server is displayed as a server. The reverse proxy server load balancer technology dynamically forwards connection requests from the internet to multiple servers in the internal network for processing in the form of reverse proxy, so as to achieve the purpose of load balancing.
7. Hybrid server load balancer is deployed in some large networks. due to the differences in hardware devices, sizes, and services in multiple server clusters, we can consider using the most appropriate load balancing method for each server group, then, the server load balancer or cluster is used to provide services to the outside world in one whole (that is, the server load balancer group is regarded as a new server load balancer group ), to achieve the best performance. This method is called hybrid load balancing. This method is sometimes used when the performance of a single balanced device cannot meet a large number of connection requests.

LB for different network layers:
Layer 2 server load balancer (link aggregation technology) uses multiple physical links as a single aggregation logical link. network data traffic is shared by all physical links in the aggregation logical link, this increases the capacity of the link logically so that it can meet the demand for increased bandwidth.

Layer-4 server load balancer maps a valid IP address registered on the Internet to multiple IP addresses of internal servers. it dynamically uses one of the internal IP addresses for each TCP connection request to achieve load balancing. In layer-4 vswitches, this balanced technology is widely used. a destination address is the packet sent by the server group VIP (Virtual IP address) to connect to the vSwitch, based on the source and destination IP addresses, TCP or UDP port numbers, and a certain load balancing policy, the vSwitch maps the server IP address and VIP address, and selects the best server in the server group to process connection requests.

Layer 7 server load balancer controls the content of application-layer services and provides a high-level access traffic control method, which is suitable for HTTP server clusters. Layer-7 server load balancer performs load balancing tasks by checking the HTTP header and based on the information in the header.

Currently, layer-4 to layer-7 server load balancer is often used.

The advantages of layer-7 server load balancer are as follows:

1. By checking the HTTP header, you can detect error messages of the HTTP 500, 600, and series. Therefore, you can transparently redirect connection requests to another server to avoid application layer faults.

2. Data traffic can be directed to the server of the corresponding content based on the data type that flows through (such as determining that the data packet is an image file, a compressed file, or a multimedia file format) to improve system performance.

3. Based on the connection request type, such as static document requests such as plain text and images, or dynamic document requests such as asp and cgi, the corresponding requests can be directed to the corresponding server for processing, improve system performance and security.

Disadvantage: layer-7 server load balancer is limited by the protocols supported by server load balancer (generally only HTTP). This limits its wide application and checks HTTP headers to occupy a large amount of system resources, the performance of the system is bound to be affected. in the case of a large number of connection requests, the server load balancer device itself may easily become the bottleneck of the overall network performance.

There are two ways to achieve load balancing:

1. hardware:
Hardware load balancing is popular abroad. The hardware server load balancer solution directly installs server load balancer devices between servers and external networks. This type of device is usually called server load balancer. dedicated devices perform specialized tasks and are independent of the operating system, the overall performance has been greatly improved, coupled with a variety of load balancing policies, intelligent traffic management, to achieve the best load balancing needs.

Next, let's take a look at several mainstream products in the market.

◆ F5 BIG-IP load balancer (LTM)

BIG-IP series products have been widely recognized by the user, the use of a lot of people. Its strength is based on a simple Web management interface, including other F5 devices. The server load balancer can also process SSL certificates. One of the main features of F5 is its WAN Optimization Manager, which has a high-availability encrypted channel and Wan transmission speed, which is also used to optimize the transmission path with the data center. Based on this advantage, a simple Wan-based disaster recovery solution is automatically created.

F5 BIG-IP LTM official name is called local traffic manager, can do 4-7 layer load balancing, server load balancer, application switching, session switching, status monitoring, smart network address translation, General persistence, response error handling, IPv6 gateway, advanced routing, smart port image, SSL acceleration, smart HTTP compression, TCP optimization, 7th layer rate shaping, content buffering, content conversion, connection acceleration, high-speed cache, Cookie encryption, selective content encryption, application attack filtering, DoS) attack and SYN Flood protection, firewall-packet filtering, packet disinfection, and other functions.

◆ Cisco

Almost every Cisco IOS Router has a server load balancer function. This is very exciting because we don't have to add additional hardware products. based on existing devices, we only need to add load balancing rules. Cisco is the leader in the vro field. of course, the load balancing function is only one of the reasons.

Cisco IOS includes many server load balancer functions, such as port binding, session switching, TCP optimization, NAT, and server load balancer algorithms.

Cisco services are very well-placed. many technical staff outside China say that if you buy Cisco products, you will never be dismissed by the company.

◆ Radware AppDirector series

Radware's AppDirector (AD) can achieve local server load balancer (AD) and wide-area Global server load balancer (AD-Global) in terms of server load balancer applications ). Its unit price is relatively low, and it has high scalability and intelligent services. It also provides network monitoring and detection functions, global load balancing, and mitigation of certain DDoS attacks.

In addition, Radware devices are easy to update and upgrade, allowing users to perceive application services. intelligence is one of its promotional concepts and a major feature of this product.

◆ Barracuda Load balancing

The biggest feature of Barracuda Load balancer is its network security function. It provides intrusion protection, rather than simply detecting intrusion. This fully protects your network. even if you miss a critical update and vulnerability fix, the Barracuda update service can automatically update your system.

In addition, the load balancing of Barracuda is also performed on the Web interface, and global load and content cache are also significant features of it.

2. software:
A software load balancing solution is to install one or more additional software on the operating system of one or more servers to achieve load balancing. Its advantages are that it is easy to configure based on a specific environment, flexible use, low cost, can meet General load balancing needs.

Currently, three types of software load balancing are popular: LVS, Nginx, and HAProxy. LVS and Nginx are the most commonly used.

◆ LVS details:
To accept user requests, instead of responding to user requests, the requests are forwarded to subnodes. these subnodes are realservers, which only need to be installed on the scheduling node. It is transparent to users based on layer-4 forwarding.
Capabilities provided:
For higher throughput high throughput
For redundancy
For adaptability, that is, scalability

The IP address naming mechanism involved:
The IP address that the vip provides to the user. if the vip does not provide services, it will only forward
Ip address of the host that rip actually provides services
Dip forwarding address
Cip client address

Working mode:
Lvs-nat (address translation)
Features:
Cluster nodes cannot span ip network segments, and dip and rip must be in the same subnet;
Rip can be a private address. rip must use the dip address as the gateway;
You can perform Port conversion, that is, Port ING;
Any system can be used for rip, which has good compatibility;
Dorector will become a bottleneck;
Limited scalability;
Based on layer-3 forwarding;

 

Lvs-dr (direct routing)
Principle:
Only incoming requests pass through dip, and outgoing responses do not pass through dip. However, the client cannot accept this response for no reason. in this case, two gateways must be set on rip, but there is a problem at this time, how can I know when a cip request is sent to a vip? in this case, the solution is to use arptables, similar to a firewall, which usually configures another vip address on rip.
Features:
The cluster node and director must be in the same physical network segment. we recommend that you use a public network address for rip;
Rip only processes user requests and does not process responses;
The gateway of the cluster realservers cannot point to dip;
Port conversion is not supported;
Realservers can be used in many operating systems (systems with multiple addresses configured for the same Nic );
Can drive more realservers;
Based on layer-2 forwarding, ctor changes the source mac address of the sent data packet to the mac address of realservers to continue forwarding.

Lvs-tun (dr tunnel version)
Principle: The tunnel is ip-based re-encapsulation. The data sent from cip is then encapsulated with the source ip address dip and the target ip address vip address, and then forwarded. gre (general routing encapsulation)
Features:
Cluster nodes, realservers and dip do not have to be in the same network;
Rip must be a public IP address;
Only incoming requests are processed, and the response requests do not pass through dip;
Port ING is not allowed;
You can only use an operating system that supports the ip tunnel protocol for realservers.

Here is some of my understanding about server load balancer. if you have any errors, please correct them.

 

 
Author: "Long Marks"