Web Load Balancing Finishing

Source: Internet
Author: User
Tags haproxy

Reference: http://www.cnblogs.com/lovingprince/archive/2008/11/13/2166350.html

Http://www.cnblogs.com/lovingprince/archive/2008/11/13/2166349.html

http://news.cnblogs.com/n/208124/

http://network.51cto.com/art/201108/281452.htm

The concept of load balancing

A Web cluster is made up of multiple servers running the same Web application at the same time, and in the outside world it looks like a server in which multiple servers work together to provide customers with higher performance services. The definition of a cluster is more standard: a set of independent servers in the network performance as a single system, and a single system of management, this single system for customer workstations to provide high-reliability services.
The task of load balancing is responsible for the rational assignment of tasks between multiple servers (within the cluster), so that the servers (clusters) do not have the ability to take advantage of one overload and the other servers. Load balancing has two meanings: first, the large amount of concurrent access or data sharing to multiple nodes to deal with, reduce the user waiting for response time; second, a single high-load operation is divided into multiple nodes to do parallel processing, after each node device processing ends, the results are summarized, and then returned to the user, So that the information system processing ability can be greatly improved
It can be seen that clustering and load balancing are inherently different, and they are different scenarios for solving two problems, not to be confused.

Cluster technology can be divided into three main categories:
1. High performance Clustering (HPC Cluster)
2. High Availability cluster (HA Cluster)
3. High Scalability Cluster

First, high-performance clustering (HPC Cluster)
Refers to the cluster technology which aims at improving scientific computing ability. The cluster technology is mainly used for scientific calculation, here is not intended to introduce, if interested can refer to relevant information.
II. High Availability cluster (HA Cluster)
A cluster technology that reduces service downtime for the purpose of making the overall service of the cluster as usable as possible. If a node in a high availability cluster fails, it will be replaced by another node during that time. Of course, for other nodes, the load corresponding increases.
In order to improve the usability of the whole system, in addition to improving the reliability of the various parts of the computer, the cluster scheme is generally used.
For this cluster scenario, there are generally two ways to work:
① Master-Master (active-active) mode of operation
This is the most commonly used cluster model, which provides high availability and provides acceptable performance when there is only one node, which allows for maximum utilization of hardware resources. Each node provides resources over the network to the client, and the capacity of each node is defined so that performance is optimal, and each node can temporarily take over the work of another node when it fails over. All services remain available after failover, but performance is usually degraded.

This is currently the most widely used dual-node dual-application active/active model.

The application that supports the user's business runs on two nodes in a normal state, each with its own resources, such as an IP address, a volume on a disk array, or a file system. When a party's system or resource fails, the application and related resources are switched to each other's nodes.

The biggest advantage of this mode is that there is no "idle" server, and both servers are working under normal conditions. However, if a failure occurs that results in a switchover, the application will run on the same server, and because the server's processing power may not meet the peak requirements of both the database and the application, there will be insufficient processing power to reduce the level of business response.


② master-Slave (active-standby) mode of operation
In order to provide maximum availability and minimal performance impact, the master-slave operation requires a node that is in a standby state during normal operation, the primary node processes the client's request, and the standby node is idle, and when the primary node fails, the standby node takes over the work of the master node and continues to serve the client. And will not have any performance impact.


The two-node Active/standby mode is the simplest of HA, with two servers forming a cluster through a dual heartbeat line. The application application unites various optional system components such as external shared disk arrays, file systems, and floating IP addresses to make up a business operating environment.

The PCL provides a fully redundant server configuration for this environment. Advantages and disadvantages of this model:

    • Disadvantage: Node2 is in the "idle" state when NODE1 is working normally, resulting in a waste of server resources.
    • Advantages: When the Node1 fails, the NODE2 can take over the application completely, and can guarantee the processing capability requirement when the application is running.
Three, high scalability cluster
This refers to the server clustering technology with a load balancing policy (algorithm). The cluster with load balancing provides a more practical solution for enterprise needs, which allows the load to be distributed as evenly as possible in a computer cluster. The need for balance may be application processing load or network traffic load. This scenario is ideal for nodes that run the same set of applications. Each node can handle a portion of the load, and the load can be dynamically allocated between nodes to achieve balance. This is true for network traffic as well. Typically, a single node cannot be processed quickly for too large network traffic, which requires sending traffic to other nodes. It can also be optimized based on the different available resources on each node or the special environment of the network.
A load Balancing cluster distributes the network or calculates processing load between multiple nodes according to a certain policy (algorithm). Based on the existing network structure, load Balancing provides an inexpensive and efficient way to extend server bandwidth, increase throughput, and improve data processing capabilities while avoiding single points of failure.

As we've said before, load balancing is a way to distribute networks or compute processing load between multiple nodes in a certain strategy (algorithm). Load Balancing can be implemented using software and hardware. The general frame structure can be referenced.



Multiple web nodes in the background have the same Web application, and the user's access request is first entered into a load-balanced allocation node (perhaps software or hardware), which is reasonably allocated to a Web application node based on the load Balancing policy (algorithm). The same content for each Web node is not difficult to do, so choosing a load Balancing Strategy (algorithm) is a key issue. The equalization algorithm is specifically described below.
Strategy for load Balancing
The role of Web load balancing is to distribute the request evenly to each node, it is a dynamic equalization, through some tools in real-time analysis of the data packet, the data flow in the network to grasp the situation, the request manager to assign out. For the different application environment (such as e-commerce website, it's computing load is big, again such as network database application, reads and writes frequently, the server's storage subsystem system faces the very big pressure, again such as video service application, the data transmission volume is big, the network interface burden weighs heavily. ), the Equalization Strategy (algorithm) used is different. So the equilibrium strategy (algorithm) also has a variety of forms, generalized load balancing can be set up a special gateway, load balancer, but also through a number of special software and protocols to achieve. In the OSI seven layer protocol model, the second (data link layer), the third (network layer), the fourth (transport layer), the seventh layer (the application layer) have a corresponding load balancing strategy (algorithm), the data link layer to achieve load balancing principle is based on the destination MAC address of the packet to choose a different path In the network layer, the data flow can be unblocked to multiple nodes by using IP address-based allocation, and the Exchange (switch) of the transport layer and the application layer is a kind of control mode based on access traffic, which can achieve load balance.
Currently, there are three main types of algorithms based on load balancing: round robin (round-robin), minimum number of connections (Least Connections first), and fast response priority (Faster Response precedence).
① round-robin algorithm is to assign requests from the network to the nodes in the cluster for processing.
The ② minimum number of connections algorithm, which is to set up a register for each server in the cluster, records the current number of connections per server, and the load balancing system always chooses the server assignment task with the fewest current connections. This is much better than the round robin algorithm, because in some cases a simple round robin cannot tell which node is less loaded, and perhaps the new work is assigned to an already busy server.
The ③ fast response priority algorithm allocates tasks based on the state of the nodes in the cluster (CPU, memory, and so on, the main processing part). This is very difficult to do, in fact, so far, the use of this algorithm of the load balancer system is still very few. Especially for hardware load balancer devices, only in the TCP/IP protocol to do the work, it is almost impossible to drill into the server processing system for monitoring. But it is the direction of future development.

Above is commonly used in load balancing algorithm, based on the above load balancing algorithm used, and divided into the following several:
1. DNS Polling
The first load-balancing technology is implemented through DNS, in DNS for multiple addresses configured with the same name, so the client queried the name will get one of the addresses, so that different customers access to different servers, to achieve load balancing purposes.
DNS load balancing is a simple and efficient method, but it does not differentiate between server differences, nor does it reflect the current state of the server's operation. When using DNS load balancing, you must try to ensure that different client computers have uniform access to different addresses. Because the DNS data has a refresh time flag, once the time limit is exceeded, other DNS servers need to interact with the server to regain address data, and it is possible to obtain different IP addresses. Therefore, in order to make the address can be randomly assigned, should make the refresh time as short as possible, the DNS server in different places can update the corresponding address, to obtain a random address, but the expiration time is set too short, will make the DNS traffic greatly increased, resulting in additional network problems. Another problem with DNS load balancing is that once a server fails, the client computer that holds the failed server address will not be able to access the server properly, even if the DNS settings have been modified in a timely manner, or if there is enough time (refresh time) to work
2. Reverse Proxy Server
With a proxy server, you can forward requests to internal servers, and using this acceleration mode can obviously increase the speed of static Web page access. However, it is also possible to consider a technique that uses a proxy server to forward requests evenly to multiple servers for load balancing purposes.
This kind of proxy is different from the ordinary proxy way, the standard proxy method is that the customer uses the proxy to access multiple external servers, and this proxy way is to proxy multiple clients to access internal servers, and therefore also known as reverse proxy mode. While this task is not particularly complex, it is not easy to implement because of the high efficiency required.
The advantage of using reverse proxies is that load balancing and proxy server caching techniques can be combined to provide useful performance. However, it also has some problems, first of all it must be dedicated to each service to develop a reverse proxy server, this is not an easy task.
Although the proxy server itself can achieve very high efficiency, but for each agent, the proxy server must maintain two connections, an external connection, an internal connection, so for particularly high connection requests, the proxy server load is very large. An optimized load balancing strategy can be applied in reverse proxy mode, providing services every time the most idle internal server is accessed. However, as the number of concurrent connections increases, the load on the proxy server itself becomes very large, and the final reverse proxy server itself becomes a bottleneck for the service.
3. Address Translation Gateway

A load-balanced address translation gateway that maps an external IP address to multiple internal IP addresses and dynamically uses one of the internal addresses for each TCP connection request for load balancing purposes. Many hardware vendors integrate this technology into their switches as a function of their fourth exchange, typically using random selection, load balancing policies based on the number of connections or response times of the server to distribute the load. Because address translation is relatively close to the lower level of the network, it is possible to integrate it into a hardware device, usually such a hardware device is a LAN switch.

Load balancing Soft implementation

At present, there are three kinds of software load balancing, LVS, Nginx and Haproxy. The most used is the LVS and nginx of these two.

LVS

Usually we say that LVs is Linux Virtual Server. This is, of course, Linux-based open source software, which means it's free. It basically supports all applications because LVS works on Layer 4, so it can load balance almost any application, including HTTP, databases, chat rooms, and so on. At the same time, if compared with the hardware load balancing its shortcomings can not be ignored, LVS requires a high level of technology, operation is more complex, the configuration is also very cumbersome, there is no guarantee of service support, stability is relatively low (artificial and network environmental factors more).

Nginx

Here, we introduce nginx will need to compare with LVS. LVS is working on the fourth level, and the dependence on the network is relatively large. However, Nginx is working on the seventh floor, which is much less dependent on the network. Compared with LVS, the installation and configuration of Nginx is relatively simple, in addition to testing is more simple, mainly because of the small network dependence. Nginx is a bit bad is that the application is less than LVS. Generally we do software load balancing, usually consider the LVS first, but encountered more complex network environment, with LVS may encounter a lot of trouble, may wish to consider to try Nginx.

HAProxy

There are very few people who use haproxy, and they don't know much about it. With official knowledge, Haproxy provides high availability, load balancing, and proxies based on TCP and HTTP applications, supporting virtual hosting, which is a free, fast, and reliable solution. Haproxy is especially useful for Web sites that are heavily loaded, and often require session-hold or seven-tier processing. (it is said to work on the 4-7 floor.) and its operating mode makes it easy and safe to integrate into your current architecture, while protecting your Web server from being exposed to the network.

Third, soft load--lvs

LVS is a four-layer load balancer, that is, based on the fourth layer of the OSI model-the transport layer, where our familiar Tcp/udp,lvs support tcp/udp load balancing.

The retransmission of LVS is implemented mainly by modifying the IP address (NAT mode, which is divided into the source address to modify the SNAT and the target address to modify the DNAT) and the target MAC (DR mode).

So why is LVS doing load balancing on the fourth floor?

First of all, LVS is not like HAProxy, such as seven-layer soft load for the HTTP packet, so the seven-layer load can do the URL parsing, etc., LVS can not be completed. Second, a user access is connected to the server after the exchange of data packets implemented, if the third layer of Network Load Balancing, then will lose the "connection" semantics. The soft-load object should be a user who has already established a connection, not a lone IP packet. As you'll see later, the LVs machine actually connects with the user through the TCP three handshake instead of the real server, so LVS needs to be concerned with the state of the "Connection" level.

There are 4 main types of LVS operating modes:

  DR

  Nat

  Tunnel

  Full-nat

Here's a quick introduction to the usual DR, NAT, and Full-nat.

  1. DR

The request is accepted by LVS and is returned directly to the user by the Real service server (Realserver, RS), which is returned without LVS.

In DR mode, LVS is required and the same VIP is bound (RS is implemented by binding the VIP to loopback).

When a request comes in, LVS only need to change the MAC address of the network frame to a certain Rs Mac, the package will be forwarded to the corresponding RS processing, note that at this time the source IP and destination IP have not changed, LVS just do a bit counter switch.

RS received the package of LVS forwarding, link layer found that the MAC is its own, to the network layer above, found that the IP is also their own, so this package is legally accepted, RS does not perceive the presence of LVS.

When RS returns to the response, it is returned directly to the source IP (that is, the user's IP) and is no longer passed LVS.

DR mode is one of the best performance modes.

  2. NAT

NAT (Network address translation) is a technique for external network and intranet addresses mapping.

In NAT mode, the network report must be processed by LVS. LVS is required as a gateway for RS.

When the package arrives at the LVS, the LVS does the destination address translation (DNAT) and changes the target IP to the IP of RS. RS receives the packet as if it were sent directly to it by the client.

When the RS is processed, the source IP is the RS IP and the destination IP is the IP of the client when the response is returned.

At this time, the RS packet through the gateway (LVS) relay, LVS will do the source address translation (SNAT), the source address of the package to the VIP, so that the package to the client appears as if the LVS directly returned to it. The client cannot perceive the presence of the back-end RS.

  3, Full-nat

Both the DR and NAT modes inevitably have a problem: LVs and RS must be in the same VLAN, otherwise LVS cannot be the gateway for Rs.

The two problems that arise are:

1, the same VLAN restrictions cause operation is inconvenient, RS cross VLAN can not access.

2. The level expansion of LVS is restricted. When RS expands horizontally, one day its single-point LVS will become a bottleneck.

Full-nat from this, the solution is LVS and Rs cross-VLAN problem, and after the cross-VLAN problem solved, LVS and RS no longer have a dependency on the VLAN, you can do multiple LVS corresponding to multiple RS, solve the problem of horizontal expansion.

Full-nat the main improvement over NAT is that, on the basis of Snat/dnat, plus another conversion, the conversion process is as follows:

In the process of transferring the package from LVs to RS, the source address is replaced with the LVS intranet IP from the client IP.

Inter-network IP can communicate across VLANs through multiple switches.

When RS finishes processing the received packet, it returns the packet back to the LVS intranet IP, which is not restricted to VLANs.

After the LVS receives the package, the NAT mode modifies the source address, then the target address from the RS packet is changed from the LVS intranet IP to the client IP.

The main idea of Full-nat is to change the communication between the gateway and its lower machine to the normal network communication, which solves the problem of cross-VLAN. In this way, the deployment of LVS and RS will no longer have any restrictions on VLANs, greatly improving the convenience of operational deployment.

  4. Session

Client-to-server communication, a request may contain multiple TCP packets, LVS must ensure that the same connection TCP packet, must be forwarded to the same RS, otherwise it is a mess. To ensure this, the LVS internally maintains a Session Hash table that can be found on which RS should be forwarded via some information from the client.

  5. LVS Clustering

After adopting Full-nat mode, we can build the cluster of LVS, and the topological structure such as:

  6. Disaster tolerance

Disaster tolerance is divided into RS disaster tolerance and LVS disaster tolerance.

The disaster tolerance of Rs can be realized by the LVS regular health test, if an RS loses its heartbeat, it is considered to be offline and will not be forwarded to the RS.

The disaster tolerance of LVS can be achieved by means of the main standby + heartbeat. When the main LVS loses its heartbeat, the LVS can be replaced immediately as a hot spare.

Disaster tolerance is mainly done by keepalived.

Hardware load Balancing

Hardware load balancing is more popular abroad. The Hardware load Balancing solution is to install load balancing devices directly between the server and the external network, a device that we often call a load balancer, as a result of specialized equipment dedicated to the task, independent of the operating system, the overall performance of a large number of improvements, coupled with a variety of load balancing strategies, intelligent traffic management, The best load balancing requirements can be achieved.

Here is a look at the market, the more mainstream of several categories of products.

F5 big-IP load balancer (LTM)

Big-IP products have been widely recognized by users, the use of many people. Its strength is based on a simple Web management interface, including other F5 devices. At the same time, the load balancer can also handle SSL certificates. One of the main features of the F5 is its WAN optimization manager, which has a highly available encryption channel, while having WAN transfer speeds to optimize the transmission path to the data center. Based on this advantage, a simple WAN-based disaster recovery solution is generated almost automatically.

The official name of the F5 big-IP LTM, called local traffic manager, can do 4-7-tier load balancing with load balancing, application switching, session switching, status monitoring, intelligent network address translation, general persistence, response error handling, IPV6 gateways, advanced routing, smart port mirroring, SSL acceleration, Smart HTTP compression, TCP optimization, layer 7th rate shaping, content buffering, content conversion, connection acceleration, caching, cookie encryption, selective content encryption, application attack filtering, denial of service (DoS) attacks, and SYN flood protection, firewall-packet filtering, packet disinfection, and more.

Cisco

Cisco almost every iOS router has load balancing capabilities. This is very exciting because we don't have to add additional hardware products, based on existing devices, just need to add load balancer rules on it. Cisco is the boss of the router domain, and of course the load balancer is just one of the reasons.

Cisco's iOS includes many load balancing features, such as Port bindings, session switching, TCP Optimizations, NAT and server load balancer algorithms, and more.

Cisco's services are in place, and in foreign countries, many technicians say that if you buy a Cisco product you will never be dismissed by the company.

Radware's Appdirector Series

Radware's Appdirector (AD) enables local server load balancing (AD) and wide-area global server load Balancing (ad-global) for server load balancing applications. Its unit price is relatively inexpensive, and has a high level of scalability and intelligent services. It also has network monitoring and detection functions, global load balancing and mitigation of certain DDoS attacks.

In addition, Radware equipment has some features is relatively easy to update and upgrade, can sense the application services, intelligent is one of its propaganda concept, but also a major feature of this product.

Barracuda Load Balancer

The biggest feature of the Barracuda Load balancer is the network security feature. It has intrusion prevention capabilities, rather than detecting intrusions alone. This will protect your network more fully, even if you miss a critical update and bug fixes, and the Barracuda Update Service will allow your system to update automatically.

In addition, the Barracuda load balancer is also a web interface operation, the global load and the content cache is also a significant feature of it.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.