Slashdot Mirror
Load Balancers for Linux?
scales asks: "We currently use the Dispatcher component of IBM's WebSphere Edge Server as a load balancer on some Red Hat boxes where I work, and the boss has asked me to look into OSS alternatives. I've already been pointed at Linux Virtual Server and Ultra Monkey, and I was wondering if any readers have had any experience with these packages, or had any opinions they could offer about other products." Ask Slashdot last visited a similar topic way back in 1999, so I think it might be time for an update.
Mosix will migrate processes. How does that load balance 12 apache servers?
Mosix is good for CPU intensive batch number crunching using custom software. (no shared memory, no threads, smart use of IO and sockets, etc.). Don't get me wron. I think it is very cool, just not a load balancer the way most people use the term "load balancing".
Joe
Joe Batt Solid Design
I hear that the Wai Wai Tribe Is pretty good at balancing large loads.
(ok. that was retarded, but someone had to say it)
HURD - Hurd's Under Research & Development
Hmm. If it's x86 or Alpha hardware there's something called FreeBSD that might really help things out.
I used UltraMonkey way back a few years ago.. It did the job.. and we never went down.. it has i believe 4 ways you can weight the webservers.... Actually.. it does more than just webservers... which is a plus as well...
I liked..
ChiefArcher
If so look at JBoss's load balancing.
If you just want it for Web server there is an Apache module for load balancing as well.
Open Source Identity Management: FreeIPA.org
i havnt used it, but, isnt this what your looking for... http://www.backhand.org/mod_backhand/ anyone here used it? did it leave your days filled with joy and happyness or dispair and bitterness?
no sig today, come back tomorrow
I'm confused. Is there some reason why this job can't best be done with a content balancer? It's been about a year since I looked at them, but last I recall Cisco's Local Directors were very highly regarded. They had intelligent session-level balancing and such, and worked well.
I write in my journal
Dosen't apache now have a load balencing module... or can't you just hack mod_cache and mod_proxy to do it?
No matter what anyone else here says...
That's rather disingenuous of you, actually, to basically assume that your thoughts on this subject should take precident before all others. In response, I would say that there are many more avenues for support in an OSS solution than would exist with a proprietary application.
1) groups.google.com is an infinitely valuable resource.
2) The Linux Documentation Project maintains a searchable list of man pages, HOWTOs and other documentation.
3) Just about every OSS application in existence maintains mailing lists for developers and users alike for you to be able to receive and provide support for that particular application.
4) There are many consulting companies and individuals out there that provide support on an as-needed basis should you be unable to find your answer elsewhere.
The fact remains, that with an OSS solution, many more people (including developers on the project) are likely to have a better understanding of the application that are willing and able to provide knowledgable support just because of its openness, if that's, indeed, what you want. You may not actually be able to use the phone, but instead, you can send an email to a group of people that are actually passionate about the application, instead of trying to get help from poeple who either don't care, can't understand the application as well as the designers, or who are there to get their $10/hour for a few hours before they go home to finish their homework. When my boss is breathing down my neck about a problem, I'd much rather let him know I'm discussing the issue with one of the guys that designed the application rather than a highschool kid that reads a script to meet his inbound call quota.
That's terrible advice. Do you really want to to be on the phone with a Level I tech while your entire website is down? If a service is truly critical to you, and you're basing your decision on the speed of support, you've done something wrong in the design of your network.
A much better solution would be to make everything redundant and failover automatically.
- James
http://www.redhat.com/software/advancedserver/tech nical/piranha.html
Why aren't we told when editors moderate our posts?
LVS was able to handle a medium-sized HTTP/HTTPS load at my last job quite well. It had 6 months of uptime serving 5-10 hits/second, and I literally never had to worry about it going down. In combination with mon, bringing machines up and down was never a problem, and failure situations were handled without the end user noticing.
Installation was a bit frustrating because I hadn't dealt with the networking issues before (the ARP problem). However, in the end it was only my lack of networking knowledge that was lacking, and the ARP problem turned out to be simple to overcome.
Support from the mailing list was great, I got thorough replies to my questions in a few hours. The documentation is good, although some parts of the HOWTO could be trimmed back a bit (more information than is needed to understand the problem, takes a bit of time to filter).
The hardware was two slower UP boxes (one live, one for failover), and the load was esstentially 0, even with mon and MRTG running.
LVS is of course just the load balancer, and the setup also included mon for monitoring, heartbeat for failover, and MRTG for trending. They all play well together, and create a very reliable, informative, load balancer setup.
Depending on your setup, one of the meta-packages such as Ultra Money or Redhat's HA suite might be best, but installing the components individually isn't much of a hassle either.
1> that is great, I am sure you can find support there for almost anything. Including stuff that has support for non OSS projects.
2> That is great what if it is not in the "HOWTO's?". Last time I checked I did not see a HOWTO: What do do when your OSS load balancer goes down and they don't have any support. This is a blanket answer that assumes that what ever he gets has a howto. It also assumes that I can wait on e-mail. Or search for help or anything else under the sun that takes time. I don't want to be in this possition to have to go find help, I want to know it is there. Where, when, and my call...OSS programers/hackers/anything unless you find the right group that is getting paid is not this.
3> Ahhh...ok that is great. You know this personally that every one of them lists the developers? I can call them? I can e-mail them and expect a response quickly? NO you say? mabye...I don't think I want to wait someones e-mail response on the future of my company. Sorry that just does not cut it.
4> Ok now we are getting someplace. This is called support, which is what I said you need to check into. Glad that you agree.
That last statement is an assumption. Period. You don't know that the guy the wrote the OSS is not a high school kid. Not that it even matters. What happends when someone tells you they don't know.
Your telling me that if I had websphere, cisco, or microsoft that you can HONESTLY that a business can get the same support from people for free you can from paying someone? No you can't not for all of them, not for even 10% of them. So I said make sure you have support....find the one that falls in the 10%, buy a product with support at the ready. I did not say "don't get OSS". I said get something with support, your the one the jumped at "OSS does not have support". Why is that?
I don't have time to wait for and e-mail, or a programmer to come back from snowboarding...or whatever when a 4million hit a day e-com site goes down. Sorry, you just can't play in that league without some security around your hardware, software, and everything else. Which your average everyday OSS project just does not have. Sorry if I got your nickers in a twist. Just the way it is.
Neck_of_the_Woods
#/usr/local/surf/glassy/overhead
This is a given. Ff you playing at this level you need redundancy. Problem is what if it is not a hardware error, something else? How about a bug that hoses it from a malformed packet or something like that. DOes not matter how redundant you are, your down.
Support is key. Get good support, I am not a linux or a microsfot biggot. I just believe in the right tool for the right job at the right price, with the right support. OSS sometimes is not the solution and it sometimes lacks support for things you can get a better shake on somewhere else.
Just my 2 cents.
Neck_of_the_Woods
#/usr/local/surf/glassy/overhead
I don't have time to wait for and e-mail, or a programmer to come back from snowboarding...or whatever when a 4million hit a day e-com site goes down. Sorry, you just can't play in that league without some security around your hardware, software, and everything else. Which your average everyday OSS project just does not have. Sorry if I got your nickers in a twist. Just the way it is.
It's working fine for Yahoo!, which uses FreeBSD. FreeBSD isn't exactly providing any support. For that matter, look at all of those 4 million hit sites running Apache. Google runs Linux on their server farm. Now, imagine how incompetent these guys would have looked if they had neglected these software options because they couldn't get phone support. So, no, that's not "just the way it is."
Buy a Cisco Local Director on Ebay. Buy two, they're cheap.
Spend 15 minutes setting it up.
Sleep well at night.
I'm so used to web-admins misusing the term 'cluster' on slashdot that I almost wrote an angry reply to your post out of pure habit. This time it's the other way around, but he *was* very careful to qualify his advice, so give him a break. Besides, not every service can just be 'load-balanced' on the IP level and forgotten. Mosix is a great solution for those that can't.
"I assumed blithely that there were no elves out there in the darkness"
I'd have to agree with this. Having used one of the big names in load balancing and having dealt with their support, my experience is that they are not quick and they are not responsive and my project is slipping because they don't understand their product well enough.
The problem with support is that you assume because you are paying a lot of money to the company who created the product that whomever you contact in that organisation knows the product inside out and can answer your problem instaneously.
The truth of the matter is that they are unlikely to understand you environment, and are likely to waste the first 30 minutes going through a set of basic questions which you have already tried anyway. It is a fallacy that telephone support is quicker because you are dependant on the skill and experience of the person you are calling. More specifically you are dependant on their skill and experience with the particular product you are calling about (no one is an expert on everything) and you are then subsequently dependant on the knowledge of other team members in the same room or the quality of the knowledge base that the support engineer is typing your problem into.
If you ever had to ring up support for the worlds number one database vendor you would recognise this situation as they tell you they are typing your details into the system to see how other people with the same problem resolved it.
It won't give your manager the same warm feeling of comfort but OSS and Google is just quicker and easier to support. As long as you choose a well supported project.
The Romans didn't find algebra very challenging, because X was always 10
I believe an OpenMosix cluster CAN help load balance and thus scale an Apache web farm. Follow my logic here: If your web application is serving very heavy requests, you can very easily be CPU bound, not IO bound (disk IO or comms IO). Take for example a web app that queries a database, grabs a large complex result set, parses the results, and creates a graph or PDF file, and thus takes 15 seconds at 100% cpu per request. On a normal Apache server, two simultaneous requests take 30 seconds and no one is happy (bigtime!).
On an openMosix cluster, the first heavy request uses all local CPU. The primary box (the only one running Apache) spawns a new process for the second, 3rd, 4th, etc. requests, which migrate automatically. They use the available custer CPU power, run to completion, migrate back, and the results returned as if the box was just very fast.
I've written several CPU bound web apps; they made me nervous about timeout (I had limited optimization possibilities). I could have solved this worry with openMosix had it been available then.
Please don't get me wrong, Joe Batt (and Thanks! to "benjamindees Alter Relationship"), this cluster concept will be entirely useless serving thousands of static HTML page requests. It wouldn't help a single bit. But with fewer, heavyweight requests, it could solve the problem rather simply.
OpenMosix seems to be an ideal solution where programming time is limited and CPU needs are large (fat requests). If programming time is less limited, you could do the standard 3-tier architecture of a web, application, and database layer. You would then need to build in a one-to-many web-to-application-server architecture, so the app servers did the CPU and returned results to the web server. This method needs much more programming than my openMosix simple solution. If I was architecting Sears.com (I helped there a bit on back-end stuff), I would do 3-tier with a specialized load balancer where I had a support agreement with Quality-of-Service guarantees and liability insurance.
But, if I was serving in-house queries of subsets of what-if scenarios from a data warehouse in PDF format, I'd probably want to use openMosix since the rest of the project would be so complex I'd want to cut down on complexity if at all possible.
Another workaround would be to move the CPU requirements from Server to Client, running a big Java app on the browser box to farm out computing power. Hmmm. This would also require Java programmers, which are fewer in number, expensive, and add a completely new layer to my design. Ug. This approach limits me - I could't cache results, and I could blame their CPU's for the delay. But, Java already adds overhead (and thus time), and I don't know if the libraries are there for everything I want to do (granted Java has lots of libraries but it's not omnipotent). No, I like OpenMosix better here, too.
Further, since adding more CPU is a simple matter of adding another box with a minimum of disk (or network boot), my project costs come way down even if all 14 VPs love my app and spend every morning from 7:30 to 9 running scenarios, I don't have to explain what "CPU Bound" means to them.
OpenMosix is at OpenMosix.org.
Unitarian Church: Freethinkers Congregate!
I just wanted to correct a few misconceptions in the previous posting.
Disclaimer: I work on IBM Edge Server.
First, the people you'll talk to if you have a problem with Edge Server are full-time career professionals, who specialize in Edge Server and work directly with the developers to get your problem solved. Because the support team work with customer problems every day, I suspect they're more knowledgeable than the developers on the issues that most often affect users. Of course, the developers get directly involved if the problem is tough.
If you don't need a paid level of support, there are newsgroups on news.software.ibm.com where you can post questions and often get a response from other users or directly from a developer.
--dan p.
The primary box (the only one running Apache) spawns a new process for the second, 3rd, 4th, etc. requests, which migrate automatically. They use the available custer CPU power, run to completion, migrate back, and the results returned as if the box was just very fast.
I looked into doing this not long ago. However, the documentation states that Apache won't work with OpenMosix because it uses shared memory, which is not yet supported.
It doesn't make very much sense to say "Should I use UltraMonkey or LVS?" as the latter is a piece of the former. There are other combinations of LVS+other stuff that you might put into that sentence: "Should I use Piranha or UltraMonkey?" or "Should I use UltraMonkey or Joe Macks LVS Config scripts?" or even "Should I build my own LVS scripts or use an existing framework?"
There are other HTTP load balancing options out there. Squid has a new branch in CVS called rproxy that handles multiple backend web servers very effectively with failure detection and other fun stuff (not to mention caching). Pound is a reverse proxy that does load balancing of HTTP traffic and SSL wrapping (most everything Squid can do for reverse proxying minus the caching features).
Balance is a generic TCP load balancer with some nice features. The best features being that it is simple and works on more platforms than just Linux and handles more than just the HTTP protocol. It probably has some disadvantages for some situations because it operates at a lower level than the HTTP proxies above, though it can probably do lots of the same things LVS does (I don't know very much about Balance).
Eddie is a neat framework written in Ericssons Erlang language. Seems to be dormant, but I think it is in pretty widespread use so is probably pretty stable.
Links:
LVS
Squid rproxy branch
Pound
Balance
Eddie
Scenario
m ynet/
v -Routing-HO WTO-15.html
DSL box
|
firewall (Linux/FreeBSD)
|
Your network
For FreeBSD look at dummynet.
http://info.iet.unipi.it/~luigi/ip_dum
Check out the weights and bandwidth stuff.
Or look for traffic shaper in the ipfw man.
For Linux look at netfilter aka iptables.
http://www.fokus.gmd.de/linux/HOWTO/Ad
# iptables -A OUTPUT -t mangle -p tcp --dport telnet \
-j TOS --set-tos Minimize-Delay
# iptables -A OUTPUT -t mangle -p tcp --dport ftp \
-j TOS --set-tos Minimize-Delay
# iptables -A OUTPUT -t mangle -p tcp --dport ftp-data \
-j TOS --set-tos Maximize-Throughput
--
Scenario
DSL
|
Cisco (firewall+router, with real IOS on it)
|
Your internal network
OR
DSL box = a Cisco router with IOS.
|
Your internal network
Use the Cisco queueing features - when I last checked years ago there was at least custom, priority, and fair queuing. The Cisco docs on their website are pretty good - lots of examples, lots of example configs.
We use LVS to handle millions of pages a day and it just goes on and on. I'm glad we didn't spend money on the big names.
Yes, but Yahoo! and Google have people who develop for FreeBSD and Linux, which qualifies as "support".
I don't write FreeBSD kernel drivers or Linux load balancing code, so I wouldn't qualify as support for my company.
"To err is human, to forgive is simply not my policy." --root