New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Which rProxy (LoadBalancer)?
Hello,
I currently have 3 standard server setup around the world running virtualmin. I've another one I wanna use as kind of LoadBalancer. I read some positive reviews of Varnish as it should have developed a lot in last time. There's also HAproxy recommended as I could get so far. Which one is better as 'LoadBalancer-software'? It should serve two forums, one joomla installation and probably the mail functions too but I'm not sure about it yet. Other possibilities I heard of are Squid and Pound but I'm not sure if they're too powerful and thus too complicated, susceptible and resource consuming.
What do you think?
Comments
Nginx is another option
You could look at SNIproxy
Well, I was actually not looking for an alternative but more which of the above would you recommend?
I'm interested in this as well, but my needs are kinda specific. I'm looking for a loadbalancer software that supports DSR and geolocation. Do you know any?
HAproxy is the best way to achieve your goals. It has all functionality you need (judging from requirements) + a ton of configurable options for infrastructure expansion. You have Webmin (?), so there is even tutorial for HAproxy + Webmin:
http://xmodulo.com/haproxy-http-load-balancer-linux.html
Well, if nginx isn't an option then I'd go for haproxy.
@webcraft: Varnish and HAproxy aim for different things. HAproxy is a proper load balancer and SSL terminator, while Varnish can look deeper into the packet and go beyond static caching. If you use Varnish you will need to find a good config file specific to Joomla or whatever service you are running behind. So you could have HAproxy as your load-balancer and Varnish behind it to cache, and then a bunch of webnodes behind the cache.
@Kupol: I am also reading up on this stuff. Came across something relevant here. Essentially, your loadbalancer tunnels the connection to the webnode, and the webnode then skips the loadbalancer and talks directly to the client through the same virtual IP.
Yes, I use Webmin but where does it explain how to use it with webmin in your linked tutorial?
Also, what about caching? Does it HAproxy too?
Thank you
@rincewind
I know what DSR is and I know LVS can do DSR, but it does not support geo redirection based on the visitor's IP that made the request and that's what I need.
Does it HAproxy?
@webcraft
HAproxy does exactly what I want you can implement geo location with ACLs as well but it does not support DSR. This is the main problem for me with HAproxy.
Thanks.
How do I set that if a user gets an IP assigned it directly connects to this IP and not always to the load balancer and then via the lb to the application host?
@webcraft
You can not do that with HAproxy as it does not support direct server return. You can use sticky tables and make the visitor to be always served by the same backend server, however the visitor will always make requests to the loadbalancer not to the backend and backend will send content to the loadbalancer which in turn servers the content to visitor.
In case you do not care about HAproxy features such as ACLs / health checks and other stuff and you just want DSR, setup LVS. I recommend you to look at DSR-TUN in case you have VMs on multiple networks. But you still won't avoid visitors making requests to loadbalacner as that's the point of it. With LVS the visitor will always make requests to the loadbalancer, but he will be servered directly by the backend not like with HAproxy where the backend would send stuff to the HAproxy instance that would server the content.
HAproxy does support DSR, but DSR is limited to mainly local installs only, and it requires a specific network setup (MAC spoofing etc).
@webcraft it seems all your servers are in different locations, including the one you want to use as a load balancer? If so, a load balancer seems pointless in your situation, you would be better off using geo-based DNS services like rage4 dns, or even nsone as they have load balancing and shedding, all depends on what you really need and budget.
@r0t3n: Is it possible for Anycast peers to handoff the TCP connection to another peer? Suppose two webservers shared an Anycast IP, and the client contacted a heavily-loaded server, could it shed it off to the Anycast peer through a tunnel. Will the connection persist? Essentially simulate DSR in a non-local setting...
In a geo-setting, I think HTTP REDIRECT would also be an option where the load-balancer could pass-off the connection to one of the webservers. Combined with Idirector and heartbeat monitors. Not very transparent though.
NSONE offers monitoring jobs, nice.
@rincewind why would you do it like that? You would run the load balancer on the anycast nodes to pass it off to backend servers and use DSR. I won't go into too much detail, you can google how DSR works, and why its limited to local networks.
I do not like HTTP REDIRECT for geo purposes, unless you have good failover in place, the last thing you want is for a location to go down and browsers caching the redirect...
NSONE is a great company, I've had the pleasure of chatting with Kris and Alex when they just started up, they've added a lot of functionality since then, you will not go wrong with them they will treat you well. People may class them as expensive, but you get what you pay for.
@r0t3n
Please link to DSR support in HAproxy docs, I haven't found it yet. Only some stuff with Aloha loadbalancer.
I see. So geo-based DNS seems to be good for me. Is it kinda this: https://code.google.com/p/bind-geoip/ ? Is the OVH geo-loc and anycast feature similar to rage4's one?
Things are confusing me atm.
Can I ask your reasoning for wanting Geolocation in a load balancer? Is it just latency reduction (i.e not localization, or legal requirements etc)
The end user would be required to still connect to the load balancer IP. It would not matter where you send the connection (to which server) the traffic must go through the load balancer (increased latency, not reduced). Hence you will most likely either require multiple load balancers (if that is a must) or GeoDNS may be a better option.
To reduce latency perhaps consider the following setup -
[DNS Geo Location] -> [EU Balancer, US Balancer] -> Backend
In this case you would configure the Load Balancer with a configuration like the following (e.g is for EU):
Primary: EU Backend
Backup: US Backend
EU & US are just examples of different zones you may configure.
P.S We support this with our Multihomed services
@webcraft: Most DNS providers do Anycast - including OVH DNS and Rage4. As an example, Google has a DNS server at 8.8.8.8. No matter where you are in the world, you will get a response pretty fast, because the response comes from the closest DNS server from Google's huge network. So if you are using a DNS service definitely expect them to do Anycast.
Geolocation : Like the bind-geoip link you gave, your DNS service will use the IP address of the client to forward them to the closest server. For instance if your website is www.example.com, and you have US server at 1.2.3.4 and Europe at 4.3.2.1, then if a DNS lookup comes from US the response will have 1.2.3.4
Loadbalancing : Suppose your US server gets overloaded or crashes then you dont want your geolocation aware DNS service to still keep sending all US requests to the closest US server. Would be good to send some of them to your Europe server, even if it has a higher latency. So you want some software to monitor the health of your servers and include that info for deciding the mapping from client request to server. Like @r0ten suggested, you could try NSONE which provides monitoring as well as Geolocation. NSONE also has a free tier of 500k request/month, which is better than Rage4. NSONE's free tier allows 2 monitors.
TL;DR
Use any good DNS provider that supports geolocation.
@SplitIce: I think you are mixing up load-balancing with reverse proxy. Ideally you want your load-balancer to completely hand over the connection to your webserver - either through DSR, DNS, or HTTP REDIRECT.
@rincewind Nope, no confusion. 99% of the time a load balancer is a reverse proxy (or DSR).
"A load balancer is a device that acts as a reverse proxy and distributes network or application traffic across a number of servers. Load balancers are used to increase capacity (concurrent users) and reliability of applications."
Thats from https://f5.com/glossary/load-balancer, a large manufacturer of LB hardware used by many large companies.
There are exceptions, you can load balance using GeoDNS / DNS Round Robin, anycast or DSR (although this offers you no benefits in this area) however rarely is this called "Load Balancing". Since the OP referenced "'LoadBalancer-software'" and mentions by name software which operates using a Reverse Proxy (or DSR) method (HAProxy, Squid, Varnish etc) he looks to be referring to the major ("99%") case. Edit: Additionally worth mentioning "rProxy" in title.
TL;DR, If my terminology confuses, feel free to replace "load balancing" with "reverse proxy or DSR load balancing" but I believe this is what the OP wants.
@SplitIce: Cool. I think we are both saying the same thing, with different words
@SplitIce
In my case the reason I want geo location in my loadbalancer is because I have a video site which has visitors from EU and US, few from Asia. I need my loadbalancer to redirect the visitor to the correct backend according to his IP. Then I need the loadbalancer to support DSR so my loadbalancer bandwith is not bottleneck. I don't like the idea of geoDNS service since with loadbalancer I have options for more rules and checks, plus DNS queries might be cached even if TTL is low.
@Kupol
Redirection and DSR are different technologies.
DSR over the internet is also known as IP Spoofing. Your Load Balancer will still be a bottleneck for client submitted responses (i.e video uploads).
Have you considered just using subdomains and a simple geoip database?
i.e Run your site at video.com, with the videos hosted at either eu.video.com or us.video.com. In PHP (or whatever) embed the video file link as say http://us.video.com/file1.flv etc
GeoDNS and Load Balancing are obviously more advanced and feature rich solutions, but your requirements can be met easily without introducing a critical point (Load Balancer) or additional costs (DSR/IP Spoofing).
@SplitIce
by 'I need my loadbalancer to redirect the visitor ' I meant server data by the right backend. Not in sense of 301 HTTP redirect.
I have working setup with LVS, but I wasn't able to come up with the geo location solution feature that I made with HAproxy.
Users never submit any video to the site. The site only servers the data to the users, even in case I would need users to submit video I would just use different subdomain for that.
I have tried many different scenarios and I think DSR loadbalancer is the right solution for this, but I have yet to find a right software for that.
What @SplitIce is suggesting is not HTTP REDIRECT, but something simpler from your application.
When the user visits www.example.com, if he is from US he will get a web-page like
and another user visits from EU would get
So all users just visit www.example.com and the videos get served from the appropriate geographic location, while your main www site only serves HTML. You can write the geo-code into your own application when you generate the HTML dynamically based on client IP and a geo-database.
@Kupol you're going about it the wrong way. A load balancers primary focus is to balance the load across multiple backend nodes, not to geo-locate users. You need to get it out of your head that its acceptable for a load balancer to be a geo-based router. Use geodns infront of the load balancer, use round-robin as 99.99999% of browsers will try another IP if the first fails, and then use the load balancer to do its primary job, which is to distribute load...
TLDR: do not use load balancer for geolocation!
Well, Geolocating/GeoDNS seems to be what I was looking for. I'm using NSONE now and it's working perfectly. Thanks for this hint @r0t3n @rincewind Is the owner of the company here on LET (doesn't look like as they're very pricy)?
I use the HAproxy LoadBalancer now for media load balancing and balancing external MySQL servers. I feel that makes it secure enough cause the media and SQL server only accept connections from the lb.
@webcraft I believe Kris is not on let but Alex @avayl is