5-layer dismantling website architecture)

As we all know, we are used to dividing websites into three layers: Server Load balancer layer, web layer, and database layer. However, we strongly recommend that you divide websites into five layers based on the actual online pressure, that is, the hardware protection layer, Server Load balancer layer, web layer, file server layer (image), and database layer. This makes it easier for you to understand a simple website. After understanding the most basic website, it may be easier to understand the large-scale website architecture.

 

Hardware firewall layer:

This layer is most important to security protection. The most basic thing is to prevent DDoS attacks and application layer protection. My current application is better than huasai's three-tier firewall + Tiantai's seven-tier application firewall. For specific application cases, refer to my on 51cto.comArticleI will not describe it in detail here. If the cost budget is not too high, you can consider the juniper system firewall, and the effect is also good.

 

Load Balancing Layer

There are many things to consider at this level, including:

1. How much concurrency does your deployed website have;

2. Is there a single point of failure (spof) in the Server Load balancer layer stable;

3. Cost considerations are sometimes higher than technical considerations;

4. The network condition also determines which Server Load balancer you want to consider.

 

Based on the above situations, I will clarify the actual situation:

The CDN advertisement website I previously maintained has a concurrency of more than 6000 for a long time, so I can only consider F5, but also achieve high availability. At this time, it is not a single F5, so I went to the second F5, of course, the cost is also very high. The company's investment in F5 should be between 60-80 thousand. I believe such investment may not be accepted by the Decision-Making layer of your company; however, my post-maintenance and deployment of the securities information website has a relatively small concurrency, which is about 200. So I used two Linux machines for the LVS + keepalived, and the effect was good, it is quite stable. The company's e-commerce website is currently maintained with a concurrency of about 1 K. At the beginning, we also considered LVS + keepalived, however, we found that the company's network conditions were very messy. Each server had at least six or seven static routes, and LVS could not play a role at all, so we changed to nginx + keepalived, I have also compiled shell to monitor the nginx service process to achieve high availability of load in the true sense. At this layer, I have summarized the following situations: cost, network, concurrency, and high availability.

 

Web Cluster Layer

To avoid spof, Apache, nginx, or Tomcat clusters are used for this layer. The benefits are also obvious: ① avoid spof; ② High-concurrency requests of the load client. Apache is the core WebServer of lamp architecture. Open-source, stable, and rich modules are the advantages of Apache. However, Apache is somewhat bloated, with high memory and CPU overhead and performance loss. It is not as efficient as some lightweight Web servers (such as nginx, lightweight Web servers provide much higher response capabilities for static files than Apache servers. According to the actual online environment, the anti-concurrency of the nginx server is indeed higher than that of Apache. This banquet blog has made a lot of details, however, when Apache is in high memory (> = 16 GB), the Anti-concurrency capability of a single Apache is also strong, higher than 6000. My current practice is to generate an existing website using Apache as the webserver. I simply consider adding nginx for load balancing and will not change the architecture of the original website; if it is a new website, I will use nginx as the webserver.

 

File Server Layer

The role of this layer is easy to ignore. In fact, the performance of servers is now on the top, and concurrency is also valued. However, the pressure on the server layer is seldom concerned, in the process of frequent access to large planning, a single NFS is increasingly unable to meet the needs of the website. Sometimes we receive a user report that the website is slow, and the results are discovered only after troubleshooting, NFS is overwhelmed. In this case, the following solutions are currently used:

① The Distributed File System MFs (moosefs) recommended by Tian Yi can be used for storage sharing. He currently applies this system to travel, and what is used online is convincing after all;

② The direct use of NEC's storage, although powerful, increases the implementation cost and complexity of the website;

③ Using drdb + heartbeat + NFS to build an NFS cluster has stable results, but you should also pay attention to the split-brain problem of heartbeat.

 

Database Layer

For better illustration, the websites I use here are all e-commerce and advertising websites. These websites with strict database requirements indicate that these websites have high database requirements, mySQL has requirements on Database concurrency, stability, and latency. MySQL is the first choice in terms of performance, stability, and function. It can store millions of data. Currently, the following solutions are used:

① Currently, the master-slave MySQL solution is adopted. The actual read and write operations are performed on a single server, and the server uses the server with the best performance of the company (the MySQL cluster is not used in the online environment for the time being );

② Using the Oracle RAC dual-host solution, the results are quite good under the actual high concurrency database requirements.

 

Accelerated cache Layer

PHP load uses Apache clusters and squid is used for caching. HTML or image requests can be directly returned to users by squid. This layer can be considered based on your website situation. As the reverse proxy of nginx is getting better and better, we can actually use the front-end nginx to act as the reverse proxy. At this time, the nginx server, the server Load balancer/reverse proxy is used as the Server Load balancer instance. Zhang banquet has used the Server Load balancer instance in the production environment. For details, refer to his related documents.

Website architecture is an artistic activity with great responsibilities. A System Architect is not equal to a system engineer. It requires many years of O & M experience and extensive O & M knowledge to go from a system engineer to a System Architect, we also need to make a lot of effort and hope that everyone will become a system architect in the future. Finally, I wish you a pleasant job!

 

 

From: http://network.51cto.com/art/201009/224756.htm