Mailing List Archive: Linux Virtual Server: Users

IPVS hosting on the Internet

Index | Next | Previous | View Threaded

tschlabach at gmx

May 11, 2007, 6:51 AM

Post #1 of 9 (737 views)
Permalink

IPVS hosting on the Internet

Dear list!

Does anyone know of any provider which allows the hosting of IPVS at
reasonable prices?

Let me briefly explain what the problem is:

I understand that using IP Virtual Server I can set a a cluster of
machines that share on IP address and use some heartbeat mechanism to
negotiate on what pyhsical NIC that IP address will be at any given
point in time.

Now if we want to build a reliable service on the Internet (say a
website, for example) we can have one A record for www.oursite.net point
to one IP address only. So we would want that IP address to
transparently fail over between two data centers.

Of course we can put two (or more) servers into different data centers
but one IP will be routed to one physical destination, won't it?

So wouldn't it make sense for someone who owns a network infrastructure
to offer IPVS as a service and have the IP address point to whatever
real servers which I can configure?

I hope my question did become clear.

Regards,
Torsten

_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users [at] LinuxVirtualServer
Send requests to lvs-users-request [at] LinuxVirtualServer
or go to http://www.in-addr.de/mailman/listinfo/lvs-users

jmack at wm7d

May 11, 2007, 7:07 AM

Post #2 of 9 (700 views)
Permalink

Re: IPVS hosting on the Internet [In reply to]

On Fri, 11 May 2007, Torsten Schlabach wrote:

> Dear list!
>
> Does anyone know of any provider which allows the hosting of IPVS at
> reasonable prices?
>
> Let me briefly explain what the problem is:
>
> I understand that using IP Virtual Server I can set a a cluster of
> machines that share on IP address and use some heartbeat mechanism to
> negotiate on what pyhsical NIC that IP address will be at any given
> point in time.

not exactly true, but I don't know that this affects your
problem. An LVS appears as a single box to the outside world
with the VIP facing the internet. Whatever trickery goes on
inside the LVS is of no concern to the routing
infrastructure.

> Now if we want to build a reliable service on the Internet (say a
> website, for example) we can have one A record for www.oursite.net point
> to one IP address only. So we would want that IP address to
> transparently fail over between two data centers.

this will cost you $ and the data centers would have to
cooperate. Presumably they'd have to be owned by the same
company.

> Of course we can put two (or more) servers into different data centers
> but one IP will be routed to one physical destination, won't it?

this is the nature of data centers and routing. ISPs are
alloted blocks of IPs.

> So wouldn't it make sense for someone who owns a network infrastructure
> to offer IPVS as a service and have the IP address point to whatever
> real servers which I can configure?

It seems that you think that an LVS operates by failover -
this isn't true.

Joe

--
Joseph Mack NA3T EME(B,D), FM05lw North Carolina
jmack (at) wm7d (dot) net - azimuthal equidistant map
generator at http://www.wm7d.net/azproj.shtml
Homepage http://www.austintek.com/ It's GNU/Linux!
_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users [at] LinuxVirtualServer
Send requests to lvs-users-request [at] LinuxVirtualServer
or go to http://www.in-addr.de/mailman/listinfo/lvs-users

volker.jaenisch at inqbus

May 11, 2007, 9:04 AM

Post #3 of 9 (701 views)
Permalink

Re: IPVS hosting on the Internet [In reply to]

Hello Thorsten!

Torsten Schlabach schrieb:
> Now if we want to build a reliable service on the Internet (say a
> website, for example) we can have one A record for www.oursite.net point
> to one IP address only. So we would want that IP address to
> transparently fail over between two data centers.
One way to achieve this is to use the DNS.

If you give your domain e.g. yourdomain.com more than one IP e.g.
Datacenter1 : IP = 123.123.123.1
Datacenter2 : IP = 146.234.12.2
the DNS performes a round robin loadbalancing on DNS -> IP resolving.

The first time a webbrowser accesses yourdomain.com it will get the first IP
and your customer lands in DC1. If the next webbrowser accesses
yourdomain.com
it will land in DC2. Next in DC1 and so on.

The only problem with this approach is to assure that the DNS TTL
settings are
long enougth so that a typical costomer will not be switched from DC to
DC within its actual session.

A second and from my point of view the most important is the need for
synchronisation of
your data e.g. your databases and the filesystem over the WAN between
the DCs.

The databases you can share across the two locations using a sequoia
DB-Cluster for e.g. MySQL, PGSQL databases.
The filesystem mirroring can be done using DRBD0.8 and a cluster filesystem.

We have done some testing in that direction. This approach is due to the
synchronisation not ideal
for high traffic sites with many changes in the shared filesystem or the
shared DB-Cluster.
If you have a low/medium traffic site with extreme need for high
availability this scheme may help you.

But please be warned - this approach is definitivly not the cheap one.
Such a WAN distributed Cluster
is in the order of $100.000 and more.

Best regards,

Volker

--
====================================================
inqbus it-consulting +49 ( 341 ) 5643800
Dr. Volker Jaenisch http://www.inqbus.de
Herlo�sohnstr. 12 0 4 1 5 5 Leipzig
N O T - F � L L E +49 ( 170 ) 3113748
====================================================

_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users [at] LinuxVirtualServer
Send requests to lvs-users-request [at] LinuxVirtualServer
or go to http://www.in-addr.de/mailman/listinfo/lvs-users

tschlabach at gmx

May 11, 2007, 12:30 PM

Post #4 of 9 (697 views)
Permalink

Re: IPVS hosting on the Internet [In reply to]

Hi Volker!

> If you give your domain e.g. yourdomain.com more than one IP e.g.
> Datacenter1 : IP = 123.123.123.1
> Datacenter2 : IP = 146.234.12.2
> the DNS performes a round robin loadbalancing on DNS -> IP resolving.

I have had that idea as well. But just help me understand what problem
this solved and which it doesn't:

> The first time a webbrowser accesses yourdomain.com it will get the
> first IP
> and your customer lands in DC1. If the next webbrowser accesses
> yourdomain.com
> it will land in DC2. Next in DC1 and so on.

That will for sure distribute load. But if one of the DCs (or one of the
servers) goes down, doesn't that mean that only every 2nd customer will
see our site while every other customer will end up with a timeout?

We had also been asking ourselves if we could have a mechanism where the
DNS servers will receive a heartbeat from the actual servers and just
switch off A records for servers which are currently unavailable. But
the problem with that is caching nameservers. AFAIK even if we would set
the TTL on our nameservers to 10 minutes to make sure that a cached
record for a server that died will expired after no more than 10
minutes, I understand for caching nameservers at any ISP they decide how
long they will cache the record or not.

Regards,
Torsten

Dr. Volker Jaenisch schrieb:
> Hello Thorsten!
>
> Torsten Schlabach schrieb:
>
>> Now if we want to build a reliable service on the Internet (say a
>> website, for example) we can have one A record for www.oursite.net point
>> to one IP address only. So we would want that IP address to
>> transparently fail over between two data centers.
>
> One way to achieve this is to use the DNS.
>
> If you give your domain e.g. yourdomain.com more than one IP e.g.
> Datacenter1 : IP = 123.123.123.1
> Datacenter2 : IP = 146.234.12.2
> the DNS performes a round robin loadbalancing on DNS -> IP resolving.
>
> The first time a webbrowser accesses yourdomain.com it will get the
> first IP
> and your customer lands in DC1. If the next webbrowser accesses
> yourdomain.com
> it will land in DC2. Next in DC1 and so on.
>
> The only problem with this approach is to assure that the DNS TTL
> settings are
> long enougth so that a typical costomer will not be switched from DC to
> DC within its actual session.
>
> A second and from my point of view the most important is the need for
> synchronisation of
> your data e.g. your databases and the filesystem over the WAN between
> the DCs.
>
> The databases you can share across the two locations using a sequoia
> DB-Cluster for e.g. MySQL, PGSQL databases.
> The filesystem mirroring can be done using DRBD0.8 and a cluster
> filesystem.
>
> We have done some testing in that direction. This approach is due to the
> synchronisation not ideal
> for high traffic sites with many changes in the shared filesystem or the
> shared DB-Cluster.
> If you have a low/medium traffic site with extreme need for high
> availability this scheme may help you.
>
> But please be warned - this approach is definitivly not the cheap one.
> Such a WAN distributed Cluster
> is in the order of $100.000 and more.
>
> Best regards,
>
> Volker
>
_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users [at] LinuxVirtualServer
Send requests to lvs-users-request [at] LinuxVirtualServer
or go to http://www.in-addr.de/mailman/listinfo/lvs-users

lists at loadbalancer

May 11, 2007, 12:40 PM

Post #5 of 9 (694 views)
Permalink

Re: IPVS hosting on the Internet [In reply to]

Torsten Schlabach wrote:
>
> That will for sure distribute load. But if one of the DCs (or one of
> the servers) goes down, doesn't that mean that only every 2nd customer
> will see our site while every other customer will end up with a timeout?

No, most web clients accept multiple DNS records and try the second if
the first fails.
This is always worth a read:
http://www.tenereillo.com/GSLBPageOfShame.htm

And on an aside I recently talked to a guy from the SalvationArmy who
said they had been quoted $200,000 for a GSLB type solution from a vendor
and $100,000 for a hosted service from ultradns.com
Although it was for 8 locations rather than 2.

Regards,
Malcolm.

_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users [at] LinuxVirtualServer
Send requests to lvs-users-request [at] LinuxVirtualServer
or go to http://www.in-addr.de/mailman/listinfo/lvs-users

volker.jaenisch at inqbus

May 11, 2007, 12:55 PM

Post #6 of 9 (696 views)
Permalink

Re: IPVS hosting on the Internet [In reply to]

Torsten Schlabach schrieb:
> Hi Volker!
>
> > If you give your domain e.g. yourdomain.com more than one IP e.g.
> > Datacenter1 : IP = 123.123.123.1
> > Datacenter2 : IP = 146.234.12.2
> > the DNS performes a round robin loadbalancing on DNS -> IP resolving.
>
> I have had that idea as well. But just help me understand what problem
> this solved and which it doesn't:
>
> > The first time a webbrowser accesses yourdomain.com it will get the
> > first IP
> > and your customer lands in DC1. If the next webbrowser accesses
> > yourdomain.com
> > it will land in DC2. Next in DC1 and so on.
>
> That will for sure distribute load. But if one of the DCs (or one of
> the servers) goes down, doesn't that mean that only every 2nd customer
> will see our site while every other customer will end up with a timeout?
Thats right. You will have to set the TTL of the domain record as short
enought that you can
switch the DNS to only serve the DC that is still up.

We have made some testing on how long webbrowsers will cache the DNS
information. It seems as that the DNS information
is hold longer in the webbroser than the given TTL. So this gives hope
to reduce the TTL to say 10 Seconds.

Now you will need a third instance that monitors your two DCs. If one of
the DCs went down the monitoring instance have to modify the DNS entry.

>
> We had also been asking ourselves if we could have a mechanism where
> the DNS servers will receive a heartbeat from the actual servers and
> just switch off A records for servers which are currently unavailable.
> But the problem with that is caching nameservers. AFAIK even if we
> would set the TTL on our nameservers to 10 minutes to make sure that a
> cached record for a server that died will expired after no more than
> 10 minutes, I understand for caching nameservers at any ISP they
> decide how long they will cache the record or not.
It would be a violation of the DNS if a ISP caches the domain entries
longer as the TTL.
Have you tested this? Our two big ISPs in germany respect the TTL set by
the domain provider.

mira2:~# dig @195.50.140.250 inqbus.de

;; ANSWER SECTION:
inqbus.de. 300 IN A 193.239.28.142

mira2:~# dig @195.50.140.250 inqbus.de

; <<>> DiG 9.2.4 <<>> @195.50.140.250 inqbus.de

;; ANSWER SECTION:
inqbus.de. 297 IN A 193.239.28.142

As you see the TTL decreases on consequtive queries, as expected. The
DNS server queried is a DNS server of the second largest ISP in germany.

Try it out. We have had to set the "minimum TTL" limit at our Domain to
get this to work.
But the naming of this parameter may vary between the domain providers.

One idea: Setup an arbitrary domain with two IPs. I will test your setup
from germany. Maybe others on this list will support this testing
and we may discover if this IP RR thingy works worldwide over a broad
variety of ISPs or not.

Best regards

Volker

--
====================================================
inqbus it-consulting +49 ( 341 ) 5643800
Dr. Volker Jaenisch http://www.inqbus.de
Herlo�sohnstr. 12 0 4 1 5 5 Leipzig
N O T - F � L L E +49 ( 170 ) 3113748
====================================================

_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users [at] LinuxVirtualServer
Send requests to lvs-users-request [at] LinuxVirtualServer
or go to http://www.in-addr.de/mailman/listinfo/lvs-users

volker.jaenisch at inqbus

May 11, 2007, 1:39 PM

Post #7 of 9 (697 views)
Permalink

Re: IPVS hosting on the Internet [In reply to]

Malcolm schrieb:
> No, most web clients accept multiple DNS records and try the second if
> the first fails.
> This is always worth a read:
> http://www.tenereillo.com/GSLBPageOfShame.htm
Thank you for the insight

best regards,

Volker

--
====================================================
inqbus it-consulting +49 ( 341 ) 5643800
Dr. Volker Jaenisch http://www.inqbus.de
Herlo�sohnstr. 12 0 4 1 5 5 Leipzig
N O T - F � L L E +49 ( 170 ) 3113748
====================================================

_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users [at] LinuxVirtualServer
Send requests to lvs-users-request [at] LinuxVirtualServer
or go to http://www.in-addr.de/mailman/listinfo/lvs-users

rodrico7 at hotmail

May 11, 2007, 3:41 PM

Post #8 of 9 (697 views)
Permalink

RE: IPVS hosting on the Internet [In reply to]

Hello,

Our company provides this type of service. You can find information at
http://www.netdigix.com

Cheers!

~Rod

>From: Torsten Schlabach <tschlabach [at] gmx>
>Reply-To: "LinuxVirtualServer.org users mailing list."
><lvs-users [at] LinuxVirtualServer>
>To: lvs-users [at] LinuxVirtualServer
>Subject: IPVS hosting on the Internet
>Date: Fri, 11 May 2007 15:51:44 +0200
>
>Dear list!
>
>Does anyone know of any provider which allows the hosting of IPVS at
>reasonable prices?
>
>Let me briefly explain what the problem is:
>
>I understand that using IP Virtual Server I can set a a cluster of
>machines that share on IP address and use some heartbeat mechanism to
>negotiate on what pyhsical NIC that IP address will be at any given
>point in time.
>
>Now if we want to build a reliable service on the Internet (say a
>website, for example) we can have one A record for www.oursite.net point
>to one IP address only. So we would want that IP address to
>transparently fail over between two data centers.
>
>Of course we can put two (or more) servers into different data centers
>but one IP will be routed to one physical destination, won't it?
>
>So wouldn't it make sense for someone who owns a network infrastructure
>to offer IPVS as a service and have the IP address point to whatever
>real servers which I can configure?
>
>I hope my question did become clear.
>
>Regards,
>Torsten
>
>_______________________________________________
>LinuxVirtualServer.org mailing list - lvs-users [at] LinuxVirtualServer
>Send requests to lvs-users-request [at] LinuxVirtualServer
>or go to http://www.in-addr.de/mailman/listinfo/lvs-users

_________________________________________________________________
See Fireworks On Live Image Search
http://search.live.com/images/results.aspx?q=Fireworks&mkt=en-ca&FORM=SERNEP

_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users [at] LinuxVirtualServer
Send requests to lvs-users-request [at] LinuxVirtualServer
or go to http://www.in-addr.de/mailman/listinfo/lvs-users

jmack at wm7d

May 11, 2007, 4:30 PM

Post #9 of 9 (697 views)
Permalink

Re: IPVS hosting on the Internet [In reply to]

On Fri, 11 May 2007, Dr. Volker Jaenisch wrote:

> It would be a violation of the DNS if a ISP caches the
> domain entries longer as the TTL.

I haven't looked for 10yrs or so, but back then DNS servers
would not honour a TTL less than some reasonably long time
(a day?) so their cache would be useful.

> Have you tested this? Our two big ISPs in germany respect the TTL set by the
> domain provider.
>
> mira2:~# dig @195.50.140.250 inqbus.de
>
>
> ;; ANSWER SECTION:
> inqbus.de. 300 IN A 193.239.28.142
>
> mira2:~# dig @195.50.140.250 inqbus.de
>
> ; <<>> DiG 9.2.4 <<>> @195.50.140.250 inqbus.de
>
> ;; ANSWER SECTION:
> inqbus.de. 297 IN A 193.239.28.142

I take it that the situation is different nowadays. What's
the point of having DNS servers if every query requires a
hit to the root servers?

Joe

--
Joseph Mack NA3T EME(B,D), FM05lw North Carolina
jmack (at) wm7d (dot) net - azimuthal equidistant map
generator at http://www.wm7d.net/azproj.shtml
Homepage http://www.austintek.com/ It's GNU/Linux!
_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users [at] LinuxVirtualServer
Send requests to lvs-users-request [at] LinuxVirtualServer
or go to http://www.in-addr.de/mailman/listinfo/lvs-users

Index | Next | Previous | View Threaded

Interested in having your list archived? Contact Gossamer Threads