Common Load Balancing implementation

Understanding Server Load balancer firstTransferAndForwardingDifferences:

The transfer and forwarding process is similar to whether customers and outsourcing companies need to directly contact each other. If the contact is received by the receiver. Transparency between customers and outsourcing companies means forwarding.
Transfer: to transfer data packets from the client to the actual server, you need to know the address of the actual server.
Forward: data packets must only be sent from the client to the proxy server or DNAT server, and then forwarded to the actual server. When a data packet is sent to the proxy or DNAT, the client considers that the data packet has been sent to the actual server. When the actual server receives a packet from the proxy or DNAT, the actual server considers that the packet is from the client.

The transfer only requires the client, and the actual server participates.
The client proxy or DNAT server is required for forwarding.

 

 

I. DNS load balancing:
DNS load balancing is a [transfer]. Instead of [forwarding].

 

Ii. Reverse Proxy Server Load balancer:
For the client, the actual server is based on the Web server or some specialized proxy varnish, which works in a forwarding mode. The advantage of forwarding is that it works in layer-7 mode and can customize the load for each HTTP request. You can configure the load weight. The scheduling policy can be applied to every HTTP request.

The reverse proxy server works at the HTTP layer and must be personally forwarded for all HTTP requests. This is a big and trivial task, and it also brings a disadvantage to controllability. It is limited by scalability.
Another feature of the reverse proxy server is that it can hash Based on the IP address to achieve sticky session, that is, a customer's continuous request is forwarded to the same backend.
In fact, it is bad smell to save session data and local cache on the backend server. it makes the backend server appear too personalized, so it is incompatible with the entire system. If allowed, we should try to avoid such design, such as using distributed sessions or distributed cache, make the applications on the backend server irrelevant to the local server as much as possible, and better adapt to the environment.
The solution is as follows:
1. SNA.
2. Distributed session: memcached/terracotta

Iii. DNAT load balancing:

How DNAT works with DNS:
DNS is used to translate the domain name into an IP address. DNAT is used to modify the package.
Because DNAT is forwarded by IP address instead of domain name.
If the client accesses the DNAT server through a domain name, the domain name is first translated into an IP address through DNS. Then, the client data packets are sent to the DNAT server. If the client directly uses the IP address. No translation is required for DNS. You can directly find the DNAT server. Then, modify the data packet address and port through DNAT to [forward] The data packet to the actual server.

 

DNAT server: the same job as the dynamic proxy server: [forwarding].
How DNAT works: Modify the destination address and port of the data packet.
DNAT is used to configure iptables (similar to data files) based on the kernel's netfilter package and rules to modify the destination address and port of the data packet.
Note:
1. netfilter and iptables are the tools used to modify DNAT packages and are the most important component of DNAT.
2. DNAT indicates the principle. In fact, DNAT servers are sometimes Nat servers. Therefore, Nat achieves load balancing at the IP layer.

Disadvantages of DNAT:
Iptables seems to be able to work only according to our rules, without the scheduling capability and scheduling policies that the scheduler should possess.

Iv. LVS Load Balancing
Familiar with the Netfilter/iptables mechanism.
It is not difficult to understand ipvs (IP Virtual Server). It is similar to the netfilter module and also works in the Linux kernel, but it is more focused on implementing IP load balancing.
Ipvs not only implements nat-based load balancing, but also includes the direct routing, IP tunneling, and other load balancing described later. The ipvs module has been built into the Linux 2.6.x kernel, which means that servers using the Linux 2.6.x kernel can directly use it without re-compiling the kernel.
Of course, ipvs also needs a management tool similar to DNAT, that is, ipvsadm.

VIP uses the Linux kernel for load balancing:
[Reverse proxy server] as the working mechanism of the Server Load balancer scheduler, its own overhead has severely restricted the scalability of this framework, thus limiting its performance limit.
Can I achieve load balancing at the HTTP level? The answer is yes. Recall the layered network model. In fact, load balancing with different mechanisms can be achieved at the data link layer (Layer 2), network layer (Layer 3), and transmission layer (Layer 4, however, the difference is that the work of these Server Load balancer schedulers must be completed by the Linux kernel, because we want the network packets to be in the process before entering the user address space from the kernel buffer, it will be forwarded to other servers as soon as possible. That's right. The Linux kernel can certainly do it. Then we will introduce the kernel-based netfilter and ipvs, but the user space applications are helpless.
Benefits:
1. Because the scheduler can work below the application layer, these Server Load balancer systems can support more network service protocols, such as FTP, SMTP, DNS, and streaming media and VoIP applications.
2. Scheduling Policy

Three LVS configurations:
LVS-NAT: The same as the result of DNAT, the implementation method is different.
LVS-DR: The returned content does not need to go through the scheduler (NAT server), directly to the client, this can reduce the bandwidth pressure of the scheduler, this method is applicable to scenarios where the response content is much larger than the request content (in fact, it is basically applicable to 80% of scenarios. Generally, the response content is much larger than the request content. Not necessarily video services)
LVS-TUN: The scheduler (NAT server) can be different from the actual server in the same WAN network segment, such as the application is distributed. The scheduler forwards requests to the actual server through the IP tunneling technology, so the actual server must also have a valid IP address.