1. Layer 4 load balancing and Layer 7 load balancing:
(1) Four-layer load balancing:
The four-layer load balancing works on the fourth layer (transport layer) of the OSI seven-layer model, which means that the load balancing device selects the destination internal server through the target IP address, port and load balancing algorithm in the message, and the four-layer load Balancing only plays the role of data forwarding for data packets, and cannot modify or determine the specific type of the requested resource, nor interfere with the communication between the client and the server at the application layer (such as three-way handshake, etc.). However, in some deployment situations, in order to ensure that the server's return packet can be correctly returned to the load balancing device, the original source address of the packet may be modified while forwarding the packet.
Layer 4 load balancing simply provides end-to-end reliable connections, and forwards requests to the backend, with the same connection from beginning to end. LVS is a typical four-layer load balancing.
(2) Layer 7 load balancing:
The seven-layer load balancing works on the seventh layer (application layer) of the OSI model, which means that the load balancing device uses the application layer information (such as URL, HTTP header, resource type, etc.) and load balancing algorithm in the request message to Select the destination internal server to reach. The functions of Layer 7 load balancing are more abundant and flexible. In addition, the connections between the two ends of Layer 7 load balancing (for the user and the server) are independent, which also improves the security of the back-end system to a certain extent. The DoS attack is usually terminated on the load balancing device in the seven-layer load balancing environment, and will not affect the normal operation of the background server. For example, the common Nginx is the load balancing software running on the seventh layer
In short, the four-layer load balancing is implemented based on IP + ports, and the seven-layer load balancing is implemented through application layer resources.
2. Comparison of Lvs, Nginx and HAproxy:
At present, the common load balancing is mainly divided into hardware load balancing and software load balancing. Well-known products for hardware load balancing include F5, Cirtix Netscaler, etc., while software load balancing commonly includes Haproxy, Nginx, Lvs, etc.
1、LVS:
- (1) Strong anti-load capability and high performance, which can reach 60% of hardware F5; low consumption of memory and CPU resources
- (2) It has good stability and reliability, and has its own perfect hot backup solution; (such as: LVS+Keepalived)
- (3) It works at the 4th layer of the network and is forwarded through the vrrp protocol (for distribution only), and the specific traffic is processed by the Linux kernel, so no traffic is generated.
- (4) Support load balancing algorithms: rr (round robin), wrr (weighted round robin), lc (minimum connection), wlc (minimum weight connection)
- (5) The application range is relatively wide, and load balancing can be performed for all applications;
- (6) Regular processing is not supported, and dynamic and static separation cannot be performed.
- (7) The configuration is complex, and it is relatively dependent on the network.
2、Nginx:
- (1) It can stably bear high load pressure, and can generally support more than 10,000 concurrency. Nginx's asynchronous processing of requests can reduce the load on server nodes
- (2) Working on the 7th layer of the network, you can do some diversion strategies for the application layer information in the request message, such as domain name and directory structure, but Nginx can only support http, https and Email protocols, so it is within the scope of application smaller.
- (3) Support load balancing algorithms: Round-robin (round-robin), Weight-round-robin (weighted round-robin), Ip-hash (Ip hash)
- (4) Nginx has little dependence on the network. In theory, it can perform the load function if it can be pinged; the installation and configuration are simple, and the test is convenient; and Nginx can also be used as a Web server, that is, the Cache function.
- (5) Nginx's health check on the back-end server only supports port detection, not URL detection.
- (6) The direct retention of Session is not supported, but it can be solved by ip_hash, and the support for Big request header is not very good
3、HAProxy:
(1) In terms of performance, HAProxy's load balancing speed is better than Nginx
(2) Support two proxy modes, TCP (layer four) and HTTP (layer seven), and also support virtual hosts;
(3) Support load balancing algorithms: Round-robin (round-robin), Weight-round-robin (weighted round-robin), Weighted Source Hash, Weighted URL Hash and Weighted Parameter Hash (Weighted Source Hash) Parameter Hash), rdp-cookie (according to cookie)
(4) HAProxy can load balance Mysql, detect and load balance the back-end DB nodes.
(5) It can supplement some of the shortcomings of Nginx, such as Session maintenance, Cookie guidance, etc.
(6) It cannot be used as a Web server or Cache.
Reference article: https://www.jianshu.com/p/572005e00d16