Various load balancing technologies under Linux

1. At present, the website architecture is generally divided into a load balancing layer, a web layer and a database layer. In fact, I usually add one more layer, that is, the file server layer, because now with more and more PVs of the website, the pressure on the file server is also increasing. The bigger it is; but with the maturity of moosefs and DRDB+Heartbeat, this problem is not too big. The load balancing layer at the front end of the website is called Director, which plays the role of allocating requests, the most common being polling. 2. F5 realizes load balancing through hardware. It is mostly used in CDN systems and is used for Squid reverse acceleration cluster load balancing. It is a professional hardware load balancing device, especially suitable for new connections per second and concurrency. Scenarios that require a high number of connections; LVS and Nginx are implemented by software, but the stability is also quite strong, and it also performs quite well in dealing with high concurrency.
　　3. Nginx has less dependence on the network. In theory, as long as the ping is available and the web page access is normal, nginx can be connected. At the same time, nginx can distinguish between internal and external networks. If it is a node that has both internal and external networks, it is equivalent to having a single machine The backup line is used; lvs is more dependent on the network environment. At present, the server is in the same network segment and the lvs uses the direct method to divide the traffic, and the effect can be guaranteed.
　　4. At present, the more mature load balancing high-availability technologies include LVS+Keepalived and Nginx+Keepalived. In the past, Nginx did not have a mature dual-machine backup solution, but it can be realized through shell script monitoring. If you are interested, you can refer to me on 51cto. In addition, if you consider the high availability of Nginx's load balancing, it can also be implemented by DNS polling. If you are interested, you can refer to Zhang Yan's related articles.
　　5. Cluster refers to the web cluster or tomcat cluster behind load balancing, but now the meaning of cluster refers to the entire system architecture, which includes load balancer and back-end application server cluster, etc. Now many people like to use Linux cluster Refers to LVS, but I think it should be distinguished in a strict sense.
　　6. High availability in load balancing high availability refers to the realization of HA of load balancers, that is, when one load balancer fails, the other can be switched within <1s. The most commonly used software is Keepalived and Heatbeat, which are mature The load balancer solutions in the production environment are Lvs+Keepalived, Nginx+Keepalived.
　　7. LVS has many advantages: 1. Strong anti-load capability; 2. Stable work (because of the mature HA solution); 3. No traffic; 4. Basically, it can support all applications. Based on the above advantages, LVS has many fans ; But there are no absolutes in the world. LVS relies too much on the network. In the application scenario with relatively complex network environment, I have to give up it and choose Nginx.
　　8. Nginx has little dependence on the network, and its regularity is powerful and flexible. Its powerful features attract many people, and the configuration is quite convenient and simple. I basically consider it in the implementation of small and medium-sized projects; of course, If the funds are sufficient, F5 is the best choice.
　　9. In the large-scale website architecture, you can actually use F5, LVS or Nginx in combination, and choose two or all three of them; if you do not choose F5 for budget reasons, then the front-end point of the website should be LVS, which is DNS. The pointer should be the lvs equalizer, and the advantages of lvs make it very suitable for this task. Important IP addresses are best managed by lvs, such as the IP of the database, the IP of the webservice server, etc. These IP addresses will be used more and more over time. If the IP is replaced, failures will follow. So it is safest to hand over these important IPs to lvs hosting.
　　10. The VIP address is a virtual IP of Keepalived. It is an external public IP and also the IP pointed to by DNS. Therefore, when designing the website architecture, you must apply for an additional external IP from your IDC.
　　11. Implementation in actual projects During the process, it was found that both Lvs and Nginx support https very well, especially LVS, which is relatively easier to handle.
　　12. In the troubleshooting of LVS+Keepalived and Nginx+Keepalived, both of them are very convenient; if a system failure or server-related failure occurs, the DNS can be pointed to a real web at the back end of them to achieve The effect of dealing with failures in the short term, after all, the PV of advertising websites and e-commerce websites is money, which is why the load balancing and high availability are designed here; for large advertising websites, I recommend going directly to the CDN system.
　　13. Now Linux clusters are all myths. In fact, this is not too complicated. The key depends on your application scenario, whichever is applicable. Nginx, LVS, F5 are not myths, whichever is convenient and applicable. Which to choose.
　　14. In addition to the issue of session sharing, this is also a long-standing issue; Nginx can use the ip_hash mechanism to solve the problem of sessions, while F5 and LVS have session retention mechanisms to solve this problem. The session is written into the database, which is also a good solution to session sharing. Of course, this will also increase the burden on the database, which depends on the choice of the system architect.
　　15. The concurrency of the e-commerce website I currently maintain is about 1000, the previous stock information website is about 100, and the large online advertisement is about 3000. I feel that the concurrency of the web layer is less and less a problem; now due to the server The power of Nginx, coupled with the high anti-concurrency of Nginx as the web, the concurrency of the web layer is not a big problem; on the contrary, the pressure on the file server layer and the database layer is increasing, and NFS alone cannot be competent at present. Now the good solutions are moosefs and DRDB+Heartbeat+NFS; and the Mysql server I like, the mature application solution is still the master-slave solution. If the pressure is too high, I have to choose oracle's RAC dual-machine solution.
　　16. Under the influence of Zhang Yan, everyone is playing Nginx (especially for web). In fact, when the server performance is excellent and the memory is sufficient, the anti-concurrency capability of Apache is not weak. The bottleneck of the entire website should still be In terms of database; I suggest that you can understand both Apache and Nginx, and use Nginx for load balancing in the front end and Apache for web in the back end, and the effect is quite good.
　　17. The split-brain problem of Heartbeat is not as serious as imagined, and it can be considered in the online environment; DRDB+Heartbeat is a mature application, and it is recommended to master it. I have used this combination to replace EMC shared storage on quite a few occasions. After all, the price of 300,000 is not what every customer is willing to accept.
　　18. No matter how mature the designed solution is, it is recommended to configure Nagios monitoring machine to monitor our server situation in real time; email and SMS alarms can be turned on, after all, mobile phones can be carried with you; Commercial scanning website service, it will scan your website every one minute, if it finds no alive, it will send a warning message to your email or contact you directly.
　　19. At least for the security of the website, I recommend using a hardware firewall. The more recommended is the Huasai three-layer firewall + Tiantai web firewall. The DDOS security protection must be in place; the iptables and SElinux of the Linux server itself can be turned off. Of course, the fewer ports are open, the less