Implementing security, load Balancing, and anti-collocation rules in a virtual infrastructure

Source: Internet
Author: User
Keywords Load balancing anti-collocation virtual infrastructure
Tags address aliyun anti- anti-collocation apache code configuration configure

In this article, we look at the most common use cases for setting up an environment with high availability (HA) and load balancing:

Load balancing enables you to spread the http://www.aliyun.com/zixun/aggregation/13999.html ">" workload across multiple instances, increasing throughput and achieving redundancy.

Use case: Load balancing across two WEB servers running Apache HTTP Server or IBM HTTP server. You can use your own WEB server to perform load balancing and caching of data from the application server. Note: You can perform load balancing not only on HTTP, but also on other services.

High availability technology ensures that your infrastructure remains in operation even if an element becomes unavailable.

Use case: Configure the Virtual Router Redundancy Protocol (VRRP) on the firewall instance. If one of the instances fails, your infrastructure continues to run.

Anti-collocation is an IBM smartcloud Enterprise feature that allows you to configure two instances on two different physical hosts.

Use case: Make sure that each member in the HA group is configured on a different virtual Machine Manager (physical host).

Set up

Let's pause for a moment and take a look at the symbols and conventions used in this article, as well as some considerations for setting up the environment.

Commands executed as root on the system are prefixed with root@host#. Use the user@host# sudo as root on the system to prefix with the sudo execution command. A command executed on the system as a general user uses user@host $ as the prefix. The command output separates the command with a newline character and indents a tab to the right (as shown in the following example):

Note: We deliberately set the code block in this article to prevent pasting of the complete code section. This code can only be used as a guide, and you need to adjust for factors such as your environment, ID, scope, and so on.

root@host# 1st command-to be run as rootroot@host# 2nd command-to to run as root (previous command super-delegates no output) output from 2nd commanduser@host$ 3rd Command-to is run as useroutput from 3rd command

Use sudo to run commands that require elevated privileges (or use sudo-s). Do not use sudo bash because this command retains idcuser environment settings, such as sudo yum install Rpmdevtools rpm-devel rpm-build.

Scenarios and schemas

Figure 1 shows the underlying architecture in this article.

Figure 1. Infrastructure diagram

Primary and backup firewall/load Balancer instance

The configuration details are as follows:

has been allocated from IBM firewall mirroring has been configured with two private IP addresses and two public IP addresses respectively. Each IP group has the same subnet (for example, using 21 bits to represent a public IP address) to ensure a valid configuration on the data center network running iptables and Linux Keepali VED service, which uses VRRP to achieve high availability and load balancing with Linux virtual Server (LVS)

The instance list looks like this:

LB1,IBM Firewall Instance (Master): Serves as primary firewall, router, and load balancer. VRRP Configure virtual IP (VIP) addresses on this instance and designate them as Master. LB2,IBM Firewall Instance (Backup): Serves as a back-up server, router, and load balancer. VRRP Configure the virtual IP (VIP) address on this instance only if the primary server fails.

Examples of load balancing

For load balancing, the configuration details are as follows:

Rationing from Red Hat Enterprise Linux (RHEL) V6 using a private IP address to run Apache HTTP Server on port 80

The instance list looks like this:

WEB1, a RHEL instance running Apache HTTP server: Used as the first load-balanced WEB server. WEB2, a RHEL instance running Apache HTTP server: Used as a second load-balanced WEB server.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.