Running behind a load balancer? - Printable Version +- ispCP - Board - Support (http://www.isp-control.net/forum) +-- Forum: ispCP Omega Support Area (/forum-30.html) +--- Forum: Usage (/forum-34.html) +--- Thread: Running behind a load balancer? (/thread-7798.html) |
Running behind a load balancer? - pgentoo - 09-08-2009 01:20 PM Hey, Is anyone running ispCP behind a load balancer? I'm looking to setup one (failover) on my public IP's then just proxy the requests on to private IP's on my web hosts. I'm curious if anyone has done this, and anything I need to take into consideration, or any recommedations... The one thing I'm unsure about is the IP assignment in ispCP and corresponding IP vhost settings. Normally we'd assign the public IP's here, but in a load balanced setup how would you handle this? Any information on this would be greatly appreciated. Thanks, pgentoo RE: Running behind a load balancer? - pgentoo - 09-11-2009 08:11 AM Has noone done this before? I'm assuming in a setup like this you either need to handle SSL on your LB, or on each of your webservers. If you did it on the LB, then the communicaiton between the LB and Web would be cleartext. If you did it on the web boxes, each web box would need to have the ssl certs configured. Either way though, wouldn't we need to generate custom apache vhost files to listen on that web boxes IP? It seems like we'd have to modify ispcp to build vhosts for all internal IP's used by the Web boxes, as well as the appropriate static ip's that are routed through the LB's... It seems like it would be nice to only have the statics installed on the LB, and just have one private IP on each Web box. Is that what others have done? RE: Running behind a load balancer? - kilburn - 09-11-2009 08:56 PM I haven't done this before, but this may be a good starting point. Quote:If you did it on the LB, then the communicaiton between the LB and Web would be cleartext. If you did it on the web boxes, each web box would need to have the ssl certs configured.Yes, and I would recommend configuring the certificates on all servers. Quote:Either way though, wouldn't we need to generate custom apache vhost files to listen on that web boxes IP? It depends on the load balancing solution you use. If your servers are on the same local network, I would use the Direct Routing (DR) approach, where all the service machines use the same IP. Quote:It seems like it would be nice to only have the statics installed on the LB, and just have one private IP on each Web box. Is that what others have done? I don't understand this part.... RE: Running behind a load balancer? - pgentoo - 09-17-2009 02:25 AM Thanks, I looked into this and read through the whole HOWTO and HOWTO-MINI, and think that the LVS-DR approach is what I was looking for. Thanks for the pointer! - pgentoo RE: Running behind a load balancer? - kilburn - 09-18-2009 01:49 AM No problem, I would love to hear about your results and/or help in the process! RE: Running behind a load balancer? - pgentoo - 09-18-2009 09:27 AM Sure, i've worked on the load balancers and have them setup currently as keepalived+haproxy running in LVS-NAT. I just need to add the VIP's to a non-ARP'ing interface on the realservers (seems like on net.lo is the best option) and then flip it to use LVS-DR. Currently its working as expected and i'll try to finish it up over the weekend to get these new loadbalancer boxes out of my office. I'll update on my progress or issues. Thanks, pgentoo RE: Running behind a load balancer? - kilburn - 09-18-2009 06:00 PM I would love to hear about the complete setup. Basically, what I'm most curious about is: - What do you use to share files among machines? How do you skip the single point of failure in here? - Do you use a single-node mysql database, set it to replicate, maybe cluster? RE: Running behind a load balancer? - pgentoo - 09-19-2009 03:01 AM To start, I was going to leave the single point of failure in mysql and fileserver, and just share out with something easy to start like NFS. In the future I would address these. I've looked into running a cluster filesystem onto of a DRBD setup a bit, but never settled on a solution. Any recommendations? RE: Running behind a load balancer? - kilburn - 09-20-2009 06:56 PM Not really. DRBD has gotten much hype lately, so I would probably try to set it up over this. In fact, I would try to setup two failover NFS servers with the underliying block device being a DRBD device (synchronous if you've a fast network, non-synchronous if you haven't). I'm not even close to being an NFS expert though, so it may be some better way to achieve the same by just using it's failover facilities (I know it has something, but I don't know what it exactly is...) On the mysql front, I've heard good things about just mounting a DRBD block device as /var/lib/mysql, and using a master-failover setup. No load balancing with this solution though... |