19 experience, plainly said load balancing for Linux

First, the current site architecture is generally divided into load balancing tier, web and database tiers, in fact, I usually will pay more layer, that layer file server, because now, with more and more PV site, a file server is also a growing pressure the larger; however with moosefs, DRDB + Heartbeat matures, this problem is not large website forefront of load balancing layer called the Director, it plays the role of sharing request, the most common is polling.

　　Two, F5 is achieved by way of hardware load balancing, CDN systems used in it more for squid reverse accelerated load-balanced cluster, it is a professional hardware load balancing devices, especially for new connections per second and concurrency connecting a high number of requests scene; the LVS and Nginx is accomplished by way of software, but the stability is quite powerful, in the case of high concurrent processing is also quite good performance.

　　Three, Nginx less dependent on the network, in theory, as long as the ping was through, the normal web access, nginx can even get through, nginx distinction between internal and external networks while, at the same time owning node if it is outside the network, you have the equivalent of stand-alone the backup line; lvs is more dependent on the network environment, server and lvs now use direct way split in the same network segment, the effect is more can be guaranteed.

　　Fourth, the current more mature high availability load balancing technology has the LVS + Keepalived, Nginx + Keepalived, Nginx does not mature before the double backup program, but by monitoring shell script can be achieved, specific reference may be interested in me on 51cto the project implementation plan; in consideration of Nginx's high availability load balancing, DNS can also be achieved by way of polling, are interested can refer to Zhang Yan related articles.

　　Fifth, the cluster is load balanced web cluster behind or tomcat clusters, etc., but now refers to the entire significance of the cluster system architecture, which includes the back-end load balancer and application server clustering, and now many people like the Linux cluster It refers to the LVS, but I think the strict sense should be distinguished.

　　Sixth, the high availability load balancing availability refers to the load balancer of the HA, i.e. after a load balancer may be switched in another broken <1s within seconds, is the most commonly used software and Keepalived Heatbeat, mature load balancer programs under production environment Lvs + Keepalived, Nginx + Keepalived.

　Seven, LVS advantages are many: ① anti-load capacity; ② stable (because of the mature HA solutions); ③ no flow; ④ basically support all the applications, based on the above advantages, LVS has a lot of fans ; but nothing is impossible, LVS too dependent on the network, the network environment is relatively complex application scenario, I had to abandon it and choose Nginx.

　　Eight, Nginx dependent on the network is small, but its regular powerful and flexible, powerful features to attract a lot of people, and the configuration is quite easy and simple, small and medium-sized project, I basically consider it; of course, If adequate funding, F5 is the only choice.

　　Nine, in fact, a large site architecture can be used in conjunction with F5, LVS or Nginx, choose two or three of them all selected; if not selected because of budgetary reasons F5, then pointing to the forefront of the site should be LVS, which is DNS the point should be the equalizer lvs, lvs advantage of making it very suitable for this task. Important ip address, best left lvs hosting, such as database ip, webservice server ip and so on, these ip addresses with the passage of time, the use of surface will grow, if the failure to replace the ip will follow. So to these important lvs ip hosting is the most secure.

　　Ten, VIP Keepalived address is a virtual IP, it is an external public IP, DNS is pointing to IP; when designing the site structure, you must apply to your IDC more than a Foreign IP

　　XI, in the actual implementation of the project the process of discovery, Lvs and Nginx support for https are very good, especially LVS, relatively easier to deal with them.

　　XII in troubleshooting LVS + Keepalived and Nginx + Keepalived's, both of which are very convenient; if a system failure or server-related fault occurs, the DNS to point to a real web station by their back-end, reaching Short-term effects of treatment failure, after all, PV is money advertising sites and e-commerce sites, which is why you want to load balancing of the reasons for this high availability design; large advertising site I would recommend CDN directly on the system.
　XIII, Linux clusters are now a myth everyone, in fact, not much complicated; the key to your application scenarios, which applies to the choice of which, Nginx and LVS, F5 is not a myth, what kind of easy to apply what kind of choice.

　　XIV. Also on the session sharing problem, which is also a long talk wants to know the problem; Nginx can ip_hash mechanism to solve the problem of the session, while F5 and LVS have session persistence mechanisms to solve this problem, in addition, can also session into the database, which is also a good way to solve shared session, of course, this will increase the burden on the database, this look at the choice of the system architect.

　　Fifth, I am currently maintain e-commerce website concurrency is about 1000, before the securities information websites are about 100 large-scale online advertising is about 3000, I feel more and more complicated by the web layer is not a problem; now due to server the tough, coupled with Nginx as a web of high resistance concurrency, simultaneous web layer is not a big problem; on the contrary, the pressure file server and database tiers is getting bigger, single NFS can not currently competent the work, now is a good program moosefs and DRDB + Heartbeat + NFS; I like the Mysql server, sophisticated applications or master and slave, if the pressure is too great, I had to choose the oracle RAC dual program.

　　Sixteen, now affected by Zhang Yan, we all play the Nginx (especially for the web), in fact, excellent server performance, memory sufficiently, Apache anti-concurrent capacity is not weak, the bottleneck of the entire site should still on the database side; I can recommend both ways to know Apache and Nginx, with Nginx as a front-end load balancing using Apache as the back-end web, the effect is quite good.

　　XVII split brain problem Heartbeat is not as serious, consider using the online environment; DRDB + Heartbeat considered a mature application, it is recommended to master. I use this combination to replace EMC shared storage in a considerable number of occasions, after all, not every 300,000 of the price customers are willing to accept.

　　Eight, no matter how sophisticated the program is designed, it is recommended to configure Nagios to monitor real-time monitoring machine to our server situation; e-mail and SMS alarms can be turned on, after all, the phone can carry thing; conditions can also purchase special Business website scanning service, it will scan every minute of your website, if found not alive will send a warning message or direct phone contact to your mail.

　　Ninth, site security issues at least, I suggest using a hardware firewall, compare the recommended Chinese game three days of Thai web firewall + firewall, DDOS security protection must be in place; Linux server itself iptables and SElinux can be closed, Of course, the port open as possible.