Load Balancers
All the incoming and Outgoing requests needs to be going through the Load balancers. This is required to fairly distribute the incoming requests across the different application servers.
There are two important type of the load balancers.
- Hardware Load Balancers
- Software Load balancers
Issues with Hardware Load Balancers:
1. COST
2. It will be always acting as a black box, not knowing what exactly goes on inside.
It is always recommend to have multiple Load Balancers, so that it will not be a single point of failure. Although you need only 2 load balancers, add one more extra server.
HAPRoxy:
It is written in C, event based and require only low profile hardware. It requires only low CPU/Memory Footprints. This can handle 20-30,000 connections per seconds.
It is written only to be Reverse Proxy.
Layer 4 vs Layer 7( TCP vs HTTP)
HAPRoxy supports both the TCP and HTTP Load balancing. If used with TCP, it will be forwarding only the TCP packets. This will take less CPU/memory. But it will not parse the http headers before forwarding. Nginx server will be using only the HTTP layer.
SSL Termination:
If we are using HTTPS, We need to decide on where the SSL termination happens. If the SSL termination happens in the application server, HTTP headers cannot be parsed in Load balancer. If the SSL termiantion happens in the Load balancer it will increase the CPU utilization in Load balancer. It is advisable to have this in the application servers.
Better Health checks and distribution algorithm:
Ngnix server will be always use the timeout option for health checks. If the appln server times out, it will be removed from the list of application servers. Further Ngnix supports only the Round robin method for request distribution.
HAPROxy Distribution Algorithms:
1. Round Robin
2. Least Connections
3. Source : Sticky sessions
4. URI: Hashing based on client ip address.
Choosing Hardware for Load Balancers:
HAProxy always uses the single process mode. With this powerful single CPU machines are more preferable than the multi-core machines.
Automatic Failover with keepalived:
keepalived is a daemon used for monitoring the other servers and if it is not responding, it will steal the ip address.
Fine Tuning Linux for handling huge connections:
1. net.core.somaxconn:
This will define the max queue size of the kernel for accepting new connections. By default it will be 128, if we need more connections to be handled this needs to be increased.
2. net.ipv4.ip_local_port_range:
Defines the range of usable ports on your system. The number of the ports opened will increase the number of the connections.
3. net.ipv4.tcp_tw_reuse
In TCP protocal if the connection ends, it will still hold the connection will the TIME_WAIT reported is completed. Only after that connection will be closed. On a busy server, this can cause the issues with running out of ports/sockets. This will tell the server to reuse the TCP sockets when it is safe to do so.
4. Ulimit -n 99999
This will set the max limit for the number of the open files in the os.
Debugging Load Balancer for Slowness or unresponsiveness:
Saturating the network:
Network card configuration needs to be verified. If the network card is configured for 150 mbps, it cannot pass 200mbps. We need to check both the private and public network.
Running Out of Memory:
Check the memory taken by the HAProxy using the ‘free’ command.
Lot of connections in TIME_WAIT:
Having lot of connections in the TIME_WAIT will lead to the slowness of the load balancers.