Shulou(Shulou.com)06/03 Report--

Today, I will bring you how to deploy the load balancer and introduce the workflow. I hope it can give you some help in practical application. There are many things involved in load balancing, there are not many theories, and there are many books on the Internet. Today, we will use the accumulated experience in the industry to do an answer.

Overview

Load balancing (Load Balance)

At present, with the increase of business volume and the rapid growth of access volume and data traffic, the processing capacity and computing strength of each core part of the existing network also increases accordingly, which makes a single cloud server device impossible to bear. In this case, if we throw away the existing equipment to do a large number of hardware upgrades, it will result in a waste of existing resources, and if we face the next increase in business volume, it will lead to another high cost of hardware upgrading. even the equipment with excellent performance can not meet the demand of the current business growth.

Classification of load balancing implementation methods

1: software load balancing technology

This technology is suitable for some small and medium-sized website systems and can meet the general load balancing needs. Software load balancing technology is a load balancing technology that installs one or more corresponding load balancing software on multiple servers in one or more interactive network systems. The software can be easily installed on the server and achieve a certain load balancing function. Software load balancing technology is simple to configure, easy to operate, and the most important thing is that the cost is very low.

2: hardware load balancing technology

As the hardware load balancing technology requires additional load balancer, the cost is relatively high, so it is suitable for large-scale website systems with high traffic. However, in today's larger corporate networks and government websites, hardware load balancing devices are generally deployed (reason 1. The hardware is more stable, 2. Hardware load balancing technology is to install corresponding load balancing equipment, that is, load balancer, among multiple servers to complete load balancing technology. Compared with software load balancing technology, hardware load balancing technology can achieve better load balancing effect.

3: local load balancing technology

The local load balancing technology is to balance the load of the local server group. This technology optimizes the performance of the server so that the traffic can be evenly distributed among the servers in the server farm, and the local load balancing technology does not need to buy expensive servers or optimize the existing network structure.

(for example, Microsoft NLB network load balancing technology, which implements load balancing through applications on multiple servers, the principle is that several servers virtualize an IP address, and the application will make the server cycle response data, but there are problems encountered in the deployment of a security gateway. You can pay attention to this experience later, and the problem is briefly described as follows: when external test PC After a ping packet is sent to the virtual IP address, the virtual IP responds to a packet, and the real host also responds to the packet, causing the security device to think that the session is not secure. Therefore, it is blocked, resulting in abnormal business. )

4: global load balancing technology (also known as WAN load balancing)

Global load balancing technology is suitable for large website systems with multiple server clusters. Global load balancing technology is to balance the load of multiple servers distributed in various regions of the country. This technology can automatically turn to the nearest point of the region by determining the IP geographical location of the visiting users. This technology is used by many large websites.

5: link set load balancing technology

Link set load balancing technology uses multiple physical links in the network system as a single aggregation logical link, so that the data traffic in the website system is shared by all the physical links in the aggregation logical link. This technology can greatly improve the network data throughput and save the cost without changing the existing line structure and increasing the existing bandwidth.

Summary:

There are at least four applications for load balancer:

§Server load balancing

§wide area network server load balancing

§Firewall load balancing

§transparent website accelerator load balancing.

Server load balancing is responsible for distributing the tasks requested by customers to multiple servers to expand the service capacity and exceed the processing capacity of one server, and to make the application system fault-tolerant.

The wide area network server load balancing is responsible for directing customer requests to server farms in different data centers in order to provide customers with faster response and intelligent redundancy in the event of a catastrophic accident in a data center.

Firewall load balancer distributes the request load to multiple firewalls to improve security performance so as to exceed the processing capacity of one firewall.

Transparent website Accelerator (Transparent cache) exchanges directed traffic to multiple website accelerators, which is used to unload the static content of the website server to the website Accelerator (Cache), so as to improve the performance of website services and accelerate the response time of cache.

Hardware load balancing deployment mode

There are generally two kinds of deployment of load balancing hardware devices: one is series deployment and the other is bypass deployment. In part, we mainly analyze the deployment mode of hardware load balancer equipment through the direct connection and bypass configuration mode of F5 load balancer.

1. Directly connected mode structure

Load balancing

Structure description: the Bigip in the figure is an F5 load balancer device. The public ip address is used on the bigip, and the private ip address is used on the server with the load balancer under the bigip. However, the public ip is used to provide services.

Load balancer bypass deployment

Structure description: the Bigip in the figure is an F5 load balancer device. Bigip and the servers connected to the switch below all use public ip addresses.

Second, take a look at the two modes of traffic moving towards normal traffic under direct connection, as shown in the figure.

Traffic trend diagram of load balancing series deployment

As shown in the figure above, the traffic between bigip and the client is on the uplink interface of bigip, and the traffic between bigip and the server is on the interface below.

Take a look at the direction of traffic in bypass mode, as shown in the figure

Traffic trend of load balancer bypass deployment

As shown in the figure above, the traffic with both the client and the server is on an interface of bigip.

Third, the comparison and thinking of the two modes.

1. In terms of interface flow pressure

In the case of direct connection, the traffic between bigip and the client is on the uplink interface of bigip, and the traffic between bigip and server is on the downlink interface, so the pressure on the single interface of bigip is less.

In bypass mode, the communication traffic between bigip and client or server is on one interface of bigip, so the pressure of single interface of bigip is high. To solve this problem, link aggregation technology, namely port bundling, can be adopted between the bigip and the switch to prevent the interface from becoming a network bottleneck.

2. From the perspective of network structure security.

In the case of a direct connection, you can not publish the real ip address used by the internal server, but only need to publish the virtual address that provides the load balancer. In the case of bypass, the client can know the real address of the server. In this mode, to ensure the security of the server, the gateway of the server points to bigip, and you can use the packet filtering (firewall) feature on bigip to protect the server.

3. From the perspective of management convenience

In the case of a direct connection, because the real address of the server can be implied, the management needs to enable address translation (NAT) on the bigip, which is relatively complicated. Bypass mode does not require the configuration of address translation.

4. In terms of expansibility

Direct connection mode does not support npath mode, while bypass mode supports npath mode. Enabling npath mode can reduce the pressure on F5 devices and the direction of traffic in bypass npath mode, as shown in the following figure. (in the case of this kind of traffic direction, if there is a security device in the network, there are likely to be problems, depending on whether the security device is above or under the load balancer device)

Npath traffic trend diagram

In bypass mode, using npath traffic processing, all server response traffic can not pass through the bigip, which can greatly reduce the pressure on the traffic on the bigip. However, the traffic handling mode of npath does not work in directly connected mode.

5. During the follow-up system transformation, the work complexity of the two modes is not the same.

If a system without load balancing technology is reformed, then, in the case of a direct connection, the ip address of the server needs to be modified and the network structure needs to be adjusted (the server is transferred to the bigip backend). At the same time, the associated applications also need to be changed, and strict testing is required before they can be run online. However, in the bypass mode, only the gateway of the server needs to be changed, and the rest of the original system (including the network structure) basically does not need to be changed, so the former makes greater changes to the system, while the latter makes less changes.

Finally, summarize the main advantages of the side-hanging mode in the system architecture compared to the directly connected mode:

1. Increase the flexibility of the network: if F5 adopts the way of side-hanging, the gateway of the back-end server points to the address of the layer 3 switch, not the address of F5. When maintaining the network equipment, it is convenient to modify the route to make the equipment offline and easy to maintain and manage. At the same time, some special applications can also point to specific network devices by means of policy routing on the core switch.

2. Improve the reliability of the network as a whole: due to the existence of bypass mode, if there is a problem with the F5 device, the route can be modified on the switch and the data flow can be used to bypass F5 without affecting the whole business system.

3. For some special applications, the speed is improved: after using bypass, some specific application data that are sensitive to speed and delay can take different paths when entering and leaving, for example, they can go through F5 devices when they inflow, check them, and load balance. When the data stream leaves, it does not pass through F5 to improve its speed.

Looking at the above how the load balancer is deployed and the solution to the workflow introduction, if you have anything else you need to know, you can find what you are interested in in the industry information or find our professional and technical engineer to answer it. Technical engineers have more than ten years of experience in the industry. Official website link www.yisu.com

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.