From: Padraig Brady (padraig.brady at domain corvil.com)
Date: Fri 06 Sep 2002 - 14:21:45 IST
Dermot Buckley wrote:
> Hi all,
>
> I'm looking for some suggestions for a failover/proxy service I would like
> to setup up. We will be hosting a number of sites (9 initially, and all
> capable of running on the same server) which will be running on two
> identical servers. I would like to put a proxy between them and the web,
> which would:
> 1. Do load balancing
> 2. Handle failover
> 3. Offer protection (servers are iis5 and I trust linux to handle trouble
> better than any 2k machine).
>
> Unfortunately there is some session level stuff on the sites, so user
> sessions would have to stay with the server they started with.
>
> The setup I am thinking of will look like this (forgive poor ascii art):
>
> Internet
> |
> |
> Firewall
> |
> |
> Linux Proxy
> |
> --------------------------------- ...
> | |
> | |
> Web server 1 Web server 2 ... (maybe more)
>
> (The machine I'm talking about is 'Linux Proxy').
>
> Is there a (preferably free) linux tool that will do this for me? This
> setup is by no means rigid, I'm open to other ways of doing this.
There's a product called the S1000 from antefacto that does this,
and you don't need a seperate firewall. Hang on a minute, let me start again.
It all depends on the apps that are running on the webservers,
or more specifically, where the apps store their state.
Now from your diagram I'm inferring that a particular site
will only run on one machine at a time (as there is no shared data).
Hmm, but you say does load balancing? Does this mean that
a particular site can run on both machines simultaneously?
OK I'll assume this. So another thing to consider is can a client
send a request to either webserver (any required state is saved in a shared
location). If this is the case then you've the most robust/flexible
config as you can load balance at layer 4 (TCP). IPVS does this.
Now IPVS doesn't automatically notice when HTTP services etc die,
so you will need to deploy something like: http://www.ultramonkey.org/
which has ldirectord which checks every so often whether your sites
are OK and dynamically configures the load balancing accordingly.
Now it gets more complicated if one web server needs to deal
with a particular client, and much more complicated if a
web site is just on one machine and you need to automatically
migrate it to another one. Note if you just need to support
"sticky sessions" then it can be hacked fairly well in IPVS
using timeouts, but this causes problems if many of your
clients are comming from one location (proxy).
A comerical product that could be useful is www.sysmaster.com
(around €10K)
Padraig.
This archive was generated by hypermail 2.1.6 : Thu 06 Feb 2003 - 13:18:42 GMT