Shulou(Shulou.com)06/02 Report--

What is load balancing?

Load balancing is composed of multiple servers in a symmetrical way to form a set of servers, each server has an equivalent status, and can supply effectiveness independently without the assistance of other servers. Through some kind of load sharing technology, the request sent from the outside is evenly distributed to a server in the symmetrical structure, and the server that receives the request responds to the customer's request when it is logged on alone. Balanced load can be evenly distributed to the server array requested by customers, so that the supply can quickly obtain important data and solve many concurrent access effectiveness problems. This clustering technology can achieve performance close to that of a mainframe with minimal investment.

Type of load balancer

Load balancing based on DNS

Load balancing is completed by random name resolution in DNS effectiveness. In the DNS server, multiple different addresses can be considered to be configured with the same name, and the client that eventually queries the name will get one of the addresses when it parses the name. Therefore, with regard to the same name, different customers get different addresses at different times, and they will access Web servers at different addresses, and then achieve the purpose of load balancing.

Reverse acting load balancing

Using the acting server, you can forward the request to the internal Web server, and let the acting server forward the request evenly to one of several internal Web servers, and then achieve the purpose of load balancing. This kind of acting method is different from the general acting mode, the standard acting mode is that customers use acting to access multiple external Web servers, and this acting mode is used by multiple customers to access internal Web servers, so it is also called reverse acting mode. Apusic load balancers fall into this type.

According to the load balancing technology of NAT

The network address is translated between an internal address and an external address so that a computer with an internal address can access the external network, and when a computer in the external network accesses an external address owned by the address translation gateway, the address translation gateway can forward it to a mapped internal address. Therefore, if the address translation gateway can uniformly transform each connection into a different internal server address, then the computers in the external network will communicate with the server on the address they have changed, and then achieve the purpose of load division.

Benefits of load balancing server

Due to the surge in the number of Internet users and the long network access path, the access quality of users has been seriously affected, especially when the link between the user and the website is unexpectedly congested. This often happens in the rapid increase in the use of Internet users in other places. At this time, if we use load balancing (GSLB) technology on the effective side, we can reasonably manage the system load, improve the reliability of the system, and support the virtualization of website content. In practical application, many IDC, such as Internet, choose the combination of GSLB, Cache and Mirror to supply network acceleration effectiveness. The effectiveness of load balancing has the following characteristics:

Highly intelligent

The virtual IP (VIP) address is used to represent the policy server and application, the session is assigned to the server with the highest availability, each session is monitored throughout, the registration is automatically re-registered after the effectiveness is restored, and full address transformation is provided when forwarding client and server packets. Simple and useful load balancing algorithms can be configured with a variety of different load balancing methods, including cyclic method, minimum join method, hash method, or least error method, as well as maximum connection threshold and weighting values for individual servers. to prevent server overload.

High reliability

The architecture is based on a dedicated high-speed backbone network, which provides network connectivity with minimal latency, and then ensures the normal functioning and high performance of the GSLB, which is far better than the GSLB according to the public network. Moreover, when the Internet exit of the main site computer room shows a problem, the user can automatically and transparently direct the user to the main site server from the Internet entrance of other sub-sites.

High availability

The hot backup method is selected to detect and transfer the server links, switching ports and switches in a very short time, so that the application is protected from defects; any server or server group has problems or blockages, the user will be automatically guided to the next best backup server or site, and then further improve the effectiveness and content availability.

Server load balancing

Network load balancing is a dynamic balancing technology, through some things real-time analysis of data packets, grasp the status of data flow in the network, a reasonable and balanced distribution of tasks.

Centralized computing applications, such as e-commerce sites, the server computing load will be very large; frequent use of reading and writing, such as network databases, storage systems are faced with detection; large use of transmission, such as video effectiveness, data is always unable to transmit quickly, unable to complete the best results; the use of large traffic, routers and firewalls simply become a bottleneck. In order to solve these problems reasonably, upgrading equipment and changing topology is a "stupid way". A relatively ingenious way is to choose load balancing technology and use multiple devices to finish the task together.

According to the existing network structure, load balancing technology provides a cheap and useful method to expand server bandwidth and increase server throughput, which strengthens the network data processing capacity and improves the flexibility and availability of the network. The use of load balancing can effectively solve the problem of network congestion, supply efficiency nearby, and end location independence (remote load balancing). At the same time, this technology can also improve the response speed of the server, improve the utilization efficiency of the server and other resources, prevent the key parts of the network from showing a single point of failure, and then provide users with better access quality.

This paper introduces the basic functions and implementation principles of load balancing, which does not seem difficult, but the knowledge involved in load balancing is actually very extensive. According to different user systems, we should be familiar with different protocols and application processes, and even involve some development languages and software platforms, otherwise we may not be able to make effective judgments in the event of failure, in this sense. An engineer of load balancing equipment should master the knowledge of network, application and system, which should be used as a foundation to accumulate.

As a device of layer 2-7 protocol across the network, load balancing devices are often placed at the connection between network devices and application devices, and the requirements for engineers in the basic knowledge of network and applications are much higher than those of other devices. so we need to make more efforts on the understanding of basic functions. There is another name for load balancing equipment: layer 7 switch, but it is a layer 2-3 switch first, which requires us to master the basic knowledge of layer 2-3 first, and then the content of this article.

There are three basic Feature of server load balancing: load balancing algorithm, health check and session persistence. These three Feature are the basic elements to ensure the normal operation of load balancing. Other functions are deepened on top of these three functions. Let's introduce the function and principle of each function in detail.

Before the load balancing device is deployed, the user directly accesses the server address (there may be a mapping of the server address to another address on the firewall, but essentially one-to-one access). When a single server is unable to handle the access of many users due to lack of performance, it is necessary to consider using multiple servers to provide services, which is achieved by load balancing. The implementation principle of load balancing equipment is to map the addresses of multiple servers to an external service IP (we usually call it VIP. The mapping about the server can directly map the server IP to the VIP address, or the server IP:Port can be mapped to VIP:Port. Different mapping methods will take the corresponding health check, during the port mapping. The server port can be different from the VIP port. This process is transparent to the client. Users actually do not know that the server is load balancer, because they are accessing the same destination IP. Then, after the user's visit reaches the load balancer device, how to distribute the user's access to the appropriate server is the work of the load balancer device. Specifically, the above three Feature are used.

Let's do a detailed analysis of the access process:

When a user (IP:207.17.117.20) accesses the domain name www.a10networks.com, the public network address of the domain name is first resolved through DNS query: 199.237.202.124, and then the user 207.17.117.20 accesses the address 199.237.202.124, so the packet will arrive at the load balancer device, and then the load balancer device will distribute the packet to the appropriate server, as shown below:

When the load balancer sends the packet to the server, the packet makes some changes. As shown in the figure above, before the packet arrives at the load balancer, the source address is 207.17.117.20, and the destination address is 199.237.202.124. When the load balancer forwards the packet to the selected server, the source address is 207.17.117.20, and the destination address is 172.16.20.1. We call this the destination address NAT (DNAT). Generally speaking, DNAT must be done in server load balancing (there is another mode called server direct return-DSR, which does not do DNAT, which we will discuss separately), while the source address sometimes needs to be converted to another address according to the deployment mode. We call it source address NAT (SNAT). Generally speaking, the bypass mode needs to do SNAT, while the concatenation mode does not. This diagram is the concatenation mode. So the source address is not NAT.

Let's take a look at the return packet of the server, as shown in the following figure, it also goes through the IP address translation process, but the source / destination address in the reply packet is exactly reversed with the request packet. The source address of the packet returned from the server is 172.16.20.1 and the destination address is 207.17.117.20. After arriving at the load balancer device, the load balancer device changes the source address to 199.237.202.124, and then forwards it to the user. The consistency of the visit is guaranteed.

The above is the processing flow of a single packet. So how does the load balancing device choose the server? This is the first Feature we are going to introduce:

Load balancing algorithm

Generally speaking, load balancer devices support multiple load balancer distribution strategies by default, such as:

ZR polling (RoundRobin) circulates requests to each server sequentially. When one of the servers fails, AX takes it out of the sequential loop queue and does not participate in the next poll until it returns to normal.

Ratio: assign a weighted value to each server in proportion, according to which user requests are assigned to each server. When one of the servers fails, AX takes it out of the server queue and does not participate in the allocation of the next user request until it returns to normal.

Priority (Priority): group all servers, define priority for each group, and assign users' requests to the highest priority server group (in the same group, assign users' requests using a predetermined polling or ratio algorithm); when all servers in the highest priority or a specified number of servers fail, AX will send the request to the server group of the second priority. In this way, it actually provides a way of hot backup for users.

Minimum connections (LeastConnection): AX records the current number of connections on each server or service port, and new connections are passed to the server with the least number of connections. When one of the servers fails, AX takes it out of the server queue and does not participate in the allocation of the next user request until it returns to normal.

Fastest response time (Fast Reponse time): the new connection is passed to the server that responds most quickly. When one of the servers fails, AX takes it out of the server queue and does not participate in the allocation of the next user request until it returns to normal.

The above are general load balancing algorithms, and some algorithms may be used according to different requirements, such as:

The hash algorithm: the source address and port of the client are hashed and forwarded to a server for processing according to the result of the operation. When one of the servers fails, it is taken out of the server queue and does not participate in the allocation of the next user request until it returns to normal.

Policy-based load balancing: set guiding rules for different data flows, and users can edit traffic allocation policies by themselves, and use these policies to implement oriented control over the passed data flow.

Packet-based content distribution: for example, determine the URL of HTTP, and if the URL has a .jpg extension, forward the packet to the specified server.

Continue to look at the figure analysis, the second user 207.17.117.21 also accesses www.a10networks.com, and the load balancer forwards the request of the second user to the second server according to the load balancing algorithm.

Suppose that in the course of work, suddenly a server has a problem? This leads to the second Feature we are going to introduce:

Health examination

A health check is used to check the availability of various services open to the server. Load balancer devices are generally configured with various health check methods, such as Ping,TCP,UDP,HTTP,FTP,DNS. Ping belongs to the layer 3 health check, which is used to check the connectivity of the server IP, while TCP/UDP belongs to the layer 4 health check, which is used to check the UP/DOWN of the service port. If you want to check more accurately, you need to use the health check based on layer 7, such as creating a HTTP health check, Get a page back, and check whether the page content contains a specified string. If so, the service is UP. If the page is not included or cannot be retrieved, the server's Web service is considered DOWN. As shown in the figure below, the load balancer device checks that port 80 of the 172.16.20.3 server is DOWN. The load balancer device will not forward the subsequent connection to this server, but will forward the packet to another server according to the algorithm. When you create a health check, you can set the interval and the number of attempts. For example, if the interval is set to 5 seconds and the number of attempts is 3, then the load balancer device initiates a health check every 5 seconds. If the check fails, it will try 3 times. If the check fails all 3 times, mark the service as DOWN, and then the server will still check the DOWN server every 5 seconds. When the server health check is found to be successful again at some point, the server is re-marked as UP. The interval and number of attempts for health check should be set according to the overall situation. The principle is that it will not affect the business, nor will it cause a heavy burden to the load balancing equipment.

Assuming that the same user continues to access, what will happen to the subsequent connection? Look at the following picture:

The first connection initiated by the user before 207.17.117.25 is 207.17.117.25-> 199.237.202.127-80. The load balancer device forwards the connection to 172.16.20.4, and then initiates the second connection: 207.17.117.25-- > 199.237.202.127-80. We see that the connection is still forwarded to the server 172.16.20.4. Why? Because the load balancing device is configured with session persistence.

Session persistence

Session maintenance is used to maintain the continuity and consistency of the session, because it is difficult to synchronize user access information in real time between servers, which requires that the user's front and back access sessions are maintained on one server. For example, when a user visits an e-commerce site, if the first server handles the user's login, but the second server handles the user's purchase, the second server does not know the user's information. so this purchase will not be successful. In this case, session persistence is required, and the user's operations are handled through the first server to be successful. Of course, not all visits require session persistence. For example, the server provides static pages such as the news channel of the website, and each server has the same content, so this kind of access does not require session persistence.

Load balancer devices generally configure some session persistence options by default, such as source address session persistence, Cookie session persistence and so on. Different session persistence should be configured based on different applications, otherwise it will cause load imbalance or even access anomalies. Specifically, you can refer to another of my works: "the Choice of session persistence in different Application environments".

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.