----- Original Message -----
From: "Ramer Ortega" <[EMAIL PROTECTED]>
To: <[email protected]>
Sent: Monday, March 19, 2007 12:23 AM
Subject: [plug] Seeking advise on HA web cache
* An active-passive solution is acceptable. * Content filtering is not
necessary (the cluster will be deployed in front of the application
servers, this is not for human users).
* The cluster solution should monitor at least the following resources -
network interface, the health of squid daemon, and the disk partitions
used by squid.
implementing LVS is another point of failure unless otherwise you have a
redundant LVS which translate to another cost...
the cheapeast solution there is to implement CARP + DNS round robin...
carp is an openbsd project derived from cisco's vrrp... its a simple
protocol... an active-standby setup... when something goes wrong at layer 3
or below at the active device.. the standby device will take over its layer
3 address which is the ip address... it was primarily design for the router
high-availability setup because the router works at the layer 3 of the OSI
layers...
example setup of carp..
routerA - 192.168.0.1 - Master (active)
routerB - 192.168.0.1 - Backup (standby)
when something goes wrong with routerA... routerB will take over the
192.168.0.1 ip address..
routerA - 192.168.0.1 - Dead (unknown state)
routerB - 192.168.0.1 - Master (active)
when routerA back online... there are two scenarios depend on your setup how
routerA will act accordingly... and these are...
1. routerA will be Master (active) again..
routerA - 192.168.0.1 - Master (active)
routerB - 192.168.0.1 - Backup (standby)
or 2. routerA will be Backup (standby) and let routerB the Master (active)
routerA - 192.168.0.1 - Backup (standby)
routerB - 192.168.0.1 - Master (active)
so much so with the carp basics...
now how you will do this with web cache (or any services as long as that
service depends on the DNS name and not the ip address for
highly-availability, scalibility and load balancing)... it requires a little
creativity and trick here <wink :->
create two ip address for every proxy server.. one ip as the master and
another ip for the backup... here is an example...
proxyA - 192.168.0.1 - Master
- 192.168.0.2 - Backup
proxyB - 192.168.0.1 - Backup
- 192.168.0.2 - Master
when something goes wrong with the master either at proxyA or proxyB... the
backup will just take over and set to as master... as simple as that....
therefore 192.168.0.1 and 192.168.0.2 ip addresses are always available thus
gives you a highly-availability setup...
since 192.168.0.1 and 192.168.0.2 are always available.. you can load
balance it by playing at the DNS entry... for example...
proxy IN A 192.168.0.1
IN A 192.168.0.2
so when you query "proxy.yourdomain.com"... it will round robin the entry
thus load balancing it :->
now this kind of a setup is not an active-standby setup but an active-active
setup which you fully maximize your resources...
as you can see.. this is only works at layer 3... but what about at layer 4
and layer 7?.... at layer 4.. what happen if tcp port 3128 is not
responding? at layer 7, what happen if there is something goes wrong
there?... carp cannot solve this... you can easily solve this by creating
either a script or a C program querying at layer 4 and layer 7 for another
layer of health checks.... carp is doing a health check at layer 3 only...
you have to create a script or program doing a health check at layer 4 and
7.... the trick there is that when the layer 4 or 7 health check program
detected service is not available (due to squid exit or overloaded squid for
example).. your health check program will simply put down your carp
interface so that the other server will take over its ip address with a
healthy service in it...
i created a C program which mimics the health check layer 4 and layer 7
algorithm of foundry's server iron load balancing switch...
sorry but i cant give you this program but i just wanted you to know that
this kind of setup is working flawlessly and implemented all over the
philippines where we have a point of presence in that area.... im using
freebsd's carp came from openbsd carp, squid and my health check program...
but you can use linux's userland carp named ucarp for your needs....
this is one of my supposed topic when i decided to accept an offer coming
from the president marvin pascual as a speaker during the linux 10th year
(if i recall correctly) but didnt materialize :->
fooler.
+ never argue with an idiot... they drag you down to their level, then beat
you with experience...
_________________________________________________
Philippine Linux Users' Group (PLUG) Mailing List
[email protected] (#PLUG @ irc.free.net.ph)
Read the Guidelines: http://linux.org.ph/lists
Searchable Archives: http://archives.free.net.ph
