Current time: 11-29-2024, 08:01 PM Hello There, Guest! (LoginRegister)


Post Reply 
Running behind a load balancer?
Author Message
pgentoo Offline
Member
*****
Dev Team

Posts: 326
Joined: Mar 2007
Reputation: 0
Post: #1
Running behind a load balancer?
Hey,

Is anyone running ispCP behind a load balancer? I'm looking to setup one (failover) on my public IP's then just proxy the requests on to private IP's on my web hosts.

I'm curious if anyone has done this, and anything I need to take into consideration, or any recommedations...

The one thing I'm unsure about is the IP assignment in ispCP and corresponding IP vhost settings. Normally we'd assign the public IP's here, but in a load balanced setup how would you handle this?

Any information on this would be greatly appreciated.

Thanks,
pgentoo
09-08-2009 01:20 PM
Find all posts by this user Quote this message in a reply
pgentoo Offline
Member
*****
Dev Team

Posts: 326
Joined: Mar 2007
Reputation: 0
Post: #2
RE: Running behind a load balancer?
Has noone done this before?

I'm assuming in a setup like this you either need to handle SSL on your LB, or on each of your webservers.

If you did it on the LB, then the communicaiton between the LB and Web would be cleartext. If you did it on the web boxes, each web box would need to have the ssl certs configured.

Either way though, wouldn't we need to generate custom apache vhost files to listen on that web boxes IP?

It seems like we'd have to modify ispcp to build vhosts for all internal IP's used by the Web boxes, as well as the appropriate static ip's that are routed through the LB's...

It seems like it would be nice to only have the statics installed on the LB, and just have one private IP on each Web box. Is that what others have done?
09-11-2009 08:11 AM
Find all posts by this user Quote this message in a reply
kilburn Offline
Development Team
*****
Dev Team

Posts: 2,182
Joined: Feb 2007
Reputation: 34
Post: #3
RE: Running behind a load balancer?
I haven't done this before, but this may be a good starting point.

Quote:If you did it on the LB, then the communicaiton between the LB and Web would be cleartext. If you did it on the web boxes, each web box would need to have the ssl certs configured.
Yes, and I would recommend configuring the certificates on all servers.

Quote:Either way though, wouldn't we need to generate custom apache vhost files to listen on that web boxes IP?

It seems like we'd have to modify ispcp to build vhosts for all internal IP's used by the Web boxes, as well as the appropriate static ip's that are routed through the LB's...

It depends on the load balancing solution you use. If your servers are on the same local network, I would use the Direct Routing (DR) approach, where all the service machines use the same IP.

Quote:It seems like it would be nice to only have the statics installed on the LB, and just have one private IP on each Web box. Is that what others have done?

I don't understand this part....
09-11-2009 08:56 PM
Visit this user's website Find all posts by this user Quote this message in a reply
pgentoo Offline
Member
*****
Dev Team

Posts: 326
Joined: Mar 2007
Reputation: 0
Post: #4
RE: Running behind a load balancer?
Thanks,

I looked into this and read through the whole HOWTO and HOWTO-MINI, and think that the LVS-DR approach is what I was looking for.

Thanks for the pointer!

-
pgentoo
09-17-2009 02:25 AM
Find all posts by this user Quote this message in a reply
kilburn Offline
Development Team
*****
Dev Team

Posts: 2,182
Joined: Feb 2007
Reputation: 34
Post: #5
RE: Running behind a load balancer?
No problem, I would love to hear about your results and/or help in the process! Smile
09-18-2009 01:49 AM
Visit this user's website Find all posts by this user Quote this message in a reply
pgentoo Offline
Member
*****
Dev Team

Posts: 326
Joined: Mar 2007
Reputation: 0
Post: #6
RE: Running behind a load balancer?
Sure, i've worked on the load balancers and have them setup currently as keepalived+haproxy running in LVS-NAT. I just need to add the VIP's to a non-ARP'ing interface on the realservers (seems like on net.lo is the best option) and then flip it to use LVS-DR.

Currently its working as expected and i'll try to finish it up over the weekend to get these new loadbalancer boxes out of my office. Smile

I'll update on my progress or issues.

Thanks,
pgentoo
09-18-2009 09:27 AM
Find all posts by this user Quote this message in a reply
kilburn Offline
Development Team
*****
Dev Team

Posts: 2,182
Joined: Feb 2007
Reputation: 34
Post: #7
RE: Running behind a load balancer?
I would love to hear about the complete setup. Basically, what I'm most curious about is:

- What do you use to share files among machines? How do you skip the single point of failure in here?
- Do you use a single-node mysql database, set it to replicate, maybe cluster?
09-18-2009 06:00 PM
Visit this user's website Find all posts by this user Quote this message in a reply
pgentoo Offline
Member
*****
Dev Team

Posts: 326
Joined: Mar 2007
Reputation: 0
Post: #8
RE: Running behind a load balancer?
To start, I was going to leave the single point of failure in mysql and fileserver, and just share out with something easy to start like NFS.

In the future I would address these. I've looked into running a cluster filesystem onto of a DRBD setup a bit, but never settled on a solution.

Any recommendations?
09-19-2009 03:01 AM
Find all posts by this user Quote this message in a reply
kilburn Offline
Development Team
*****
Dev Team

Posts: 2,182
Joined: Feb 2007
Reputation: 34
Post: #9
RE: Running behind a load balancer?
Not really. DRBD has gotten much hype lately, so I would probably try to set it up over this. In fact, I would try to setup two failover NFS servers with the underliying block device being a DRBD device (synchronous if you've a fast network, non-synchronous if you haven't).

I'm not even close to being an NFS expert though, so it may be some better way to achieve the same by just using it's failover facilities (I know it has something, but I don't know what it exactly is...)

On the mysql front, I've heard good things about just mounting a DRBD block device as /var/lib/mysql, and using a master-failover setup. No load balancing with this solution though...
(This post was last modified: 09-20-2009 06:56 PM by kilburn.)
09-20-2009 06:56 PM
Visit this user's website Find all posts by this user Quote this message in a reply
Post Reply 


Forum Jump:


User(s) browsing this thread: 3 Guest(s)