Scaling service requests
Download
1 / 10

Scaling Service Requests - PowerPoint PPT Presentation


  • 115 Views
  • Uploaded on

Scaling Service Requests. Linux: ipvsadm & iptoip. Initially. Outside Client. Gateway. Inside Server. Outside Client. 137.155.37.33. 137.155.37.34. At this stage the server is able to keep up with client requests at a satisfactory level! No masquerading… assuming valid IPs for

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Scaling Service Requests' - varian


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Scaling service requests

Scaling Service Requests

Linux: ipvsadm & iptoip


Initially
Initially

Outside

Client

Gateway

Inside

Server

Outside

Client

137.155.37.33

137.155.37.34

At this stage the server is able to keep up with

client requests at a satisfactory level!

No masquerading… assuming valid IPs for

gateway and the inside server.


Scaling service requests

Eventually Requests GROW!

Outside

Client

Outside

Client

Gateway

Inside

Server

Outside

Client

137.155.37.33

137.155.37.34

At this stage the server is NOT

able to keep up with

client requests at a satisfactory level!

No masquerading… assuming valid IPs for

gateway and the inside server.

Outside

Client

Outside

Client


Solutions
Solutions?

  • Software configuration of the server to allocate multiple server processes

    • manage preallocation if necessary

  • Hardware

    • Buy another server

      • requires reconfiguration and upgrading as demand grows

    • Create a scalable solution that grows incrementally as the demand grows

      • USE ipvsadm!


Ipvsadm as a scalable solution
ipvsadm as a scalable solution

  • Set to look at a port / ip and map the request to a different set of ips

  • Allows different load balancing algorithms

  • Requires only that you duplicate the original server machine.

  • Provides hardware and software concurrency.


Ipvsadm ip v irtual s erver adm inistration
ipvsadmIPVirtual Server ADMinistration

Inside

Server

137.155.37.34

Outside

Clients

Gateway

Inside

Server

137.155.37.33

137.155.37.35

For simplicity, assume a web server

running on port 80

ipvsadm -A -t 137.155.37.33:80 -s rr

ipvsadm -a -t 137.155.37.33:80 -r 137.155.37.34 -g

ipvsadm -a -t 137.155.37.33:80 -r 137.155.37.35 -g


Scaling service requests

Ipvsadm

runs here!

Sets up 80

to redirect,

scheduling

round-robin

(-s rr)

Add a real server

routing to ..37.34

Add virtual server

Add REAL server

No masquerading

Inside

Server

:80

:80

137.155.37.34

Outside

Clients

Gateway

:80

Inside

Server

137.155.37.33

137.155.37.35

tcp

ipvsadm -A -t 137.155.37.33:80 -s rr

ipvsadm -a -t 137.155.37.33:80 -r 137.155.37.34 -g

ipvsadm -a -t 137.155.37.33:80 -r 137.155.37.35 -g


What if you are masquerading
What if you are masquerading?

  • Add the server behind the firewall.

  • Use basically the same approach but set up a few simple modifications

  • First, don’t use -g which indicates standard gateway forwarding, instead use -m

  • Second, be sure to add commands to allow for forwarding masqueraded packet to ipchains/iptables/etc. for packets behind the firewall going out.


Scaling service requests

Ipvsadm

runs here!

masquerading

Inside

Server

:80

:80

192.168.10.10

Outside

Clients

Gateway

:80

Inside

Server

137.155.37.33

192.168.10.11

Add a real server

routing to ..10.10

First

ipvsadm -A -t 137.155.37.33:80 -s rr

ipvsadm -a -t 137.155.37.33:80 -r 192.168.10.10-m

ipvsadm -a -t 137.155.37.33:80 -r 192.168.10.11-m

Second (ipchains)

ipchains -A forward -j MASQ -s 192.168.10.0/24 -d 0.0.0.0/0

(this may not be necessary if entire network is already masqueraded)


Other points
Other points

  • Setting up ftp requires some special configuration (see man pages)

  • iptoip can do some of this for you but it only does TCP not UDP

  • use -u to map UDP services

  • files for linux configuration in /etc/sysconfig but file names may vary.