ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    New Project - Thoughts? (CentOS, HAProxy, Load Balance)...

    Scheduled Pinned Locked Moved IT Discussion
    56 Posts 6 Posters 4.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      Jimmy9008 @scottalanmiller
      last edited by

      @scottalanmiller

      @scottalanmiller said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

      @Jimmy9008 said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

      @scottalanmiller

      @scottalanmiller said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

      @Jimmy9008 said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

      Currently, if IIS website A is running on a VM on Host1, and that host dies, we're down. We have to turn the replica VM on which is on Host2. That's not automatic. By having that website on two VM's, one on Host 1 and one on Host 2, with a load balancer, the lb would stop directing traffic to the failed one and push everything to the live one. The service is better for customers...

      I think you are confusing failover with load balancing. I totally see the benefit to having failover, I don't see any to load balancing. That's why I keep prying. I think that you are looking for the wrong solution. Not that the products aren't the same, but your needs and goals are different.

      Load balancing is for when you are too big for one system to host. Until you are that big, load balancing is a negative.

      Part of load balancing is to stop directing traffic to down instances right? If

      Not really. That's failover. Loadbalancers do that, but it is NOT load balancing. It's a different action. What you want is failover WITHOUT load balancing.

      It is a different action, yes. Correct. It is however included by using a load balancer. So why wouldn't I use that for accomplishing this?

      scottalanmillerS 1 Reply Last reply Reply Quote 0
      • scottalanmillerS
        scottalanmiller @Romo
        last edited by

        @Romo said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

        Load balancing lets you spread load over multiple servers. You would want to do this if you were maxing out your CPU or disk IO or network capacity on a particular server.

        And to clarify, you would ONLY want to do this if that were true.

        1 Reply Last reply Reply Quote 1
        • J
          Jimmy9008 @scottalanmiller
          last edited by

          @scottalanmiller

          @scottalanmiller said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

          @Jimmy9008 said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

          Wouldn't load balancing give us what we want here? Load balancer will direct traffic away from a down node. Yes, its not a 'failover', you're right... but customers are not affected...

          Absolutely not. Pure load balancing would keep directing traffic to the dead node. You are mixing concepts together because people often use the same devices for both and have gotten stuck talking about the wrong one of the two.

          Ok, fair do's. So what would you suggest to use here?

          1 Reply Last reply Reply Quote 0
          • scottalanmillerS
            scottalanmiller @Jimmy9008
            last edited by

            @Jimmy9008 said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

            @scottalanmiller

            @scottalanmiller said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

            @Jimmy9008 said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

            @scottalanmiller

            @scottalanmiller said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

            @Jimmy9008 said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

            Currently, if IIS website A is running on a VM on Host1, and that host dies, we're down. We have to turn the replica VM on which is on Host2. That's not automatic. By having that website on two VM's, one on Host 1 and one on Host 2, with a load balancer, the lb would stop directing traffic to the failed one and push everything to the live one. The service is better for customers...

            I think you are confusing failover with load balancing. I totally see the benefit to having failover, I don't see any to load balancing. That's why I keep prying. I think that you are looking for the wrong solution. Not that the products aren't the same, but your needs and goals are different.

            Load balancing is for when you are too big for one system to host. Until you are that big, load balancing is a negative.

            Part of load balancing is to stop directing traffic to down instances right? If

            Not really. That's failover. Loadbalancers do that, but it is NOT load balancing. It's a different action. What you want is failover WITHOUT load balancing.

            It is a different action, yes. Correct. It is however included by using a load balancer. So why wouldn't I use that for accomplishing this?

            It is included in SOME load balancing. Only when the device in question is more than a load balancer. Why do you not use a car for watching television even when it includes seats? You are looking for the wrong action, you are really stuck on this. HA-Proxy or NGinx, which are proxies that do both failover and load balancing, will do what you want... because they have failover proxies NOT because they are load balancers, you want their load balancing component shut off! If you only wanted load balancing ,CloudFlare will do that for you.

            JaredBuschJ 1 Reply Last reply Reply Quote 0
            • scottalanmillerS
              scottalanmiller @Jimmy9008
              last edited by

              @Jimmy9008 said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

              Yes, I get the merit of load balancing. If I am load balancing over multiple VMs on multiple physical boxes, as soon as a host/VM is dead, the load balancer takes the server/VM out of the pool of where to direct clients. One request or so dropped. Very small downtime.

              No, you are mixing the concepts back together. He just split them out for you. Failover does what you want, LB does not.

              1 Reply Last reply Reply Quote 0
              • scottalanmillerS
                scottalanmiller
                last edited by

                NGinx and HA-Proxy are fine tools for this, just DO NOT use them as load balancers. No reason for that complexity, it will have no benefits for you, but will have negatives.

                J 1 Reply Last reply Reply Quote 0
                • J
                  Jimmy9008 @scottalanmiller
                  last edited by

                  @scottalanmiller

                  @scottalanmiller said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

                  NGinx and HA-Proxy are fine tools for this, just DO NOT use them as load balancers. No reason for that complexity, it will have no benefits for you, but will have negatives.

                  Yes, I see this now. Thank you. Wrong terminology from me. My goal then is to have multiple IIS instances running on different hardware (on VMs on different hardware), being routed to through a pair of (somethings?) which will stop routing to any of those sites that are down. 🙂

                  scottalanmillerS 1 Reply Last reply Reply Quote 0
                  • scottalanmillerS
                    scottalanmiller @Jimmy9008
                    last edited by

                    @Jimmy9008 said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

                    @scottalanmiller

                    @scottalanmiller said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

                    NGinx and HA-Proxy are fine tools for this, just DO NOT use them as load balancers. No reason for that complexity, it will have no benefits for you, but will have negatives.

                    Yes, I see this now. Thank you. Wrong terminology from me. My goal then is to have multiple IIS instances running on different hardware (on VMs on different hardware), being routed to through a pair of (somethings?) which will stop routing to any of those sites that are down. 🙂

                    Right, yes, and that's why HA-Proxy doesn't have Load Balancing in its name, but rather High Availability. Because failover is its primary use case.

                    J 1 Reply Last reply Reply Quote 0
                    • J
                      Jimmy9008 @scottalanmiller
                      last edited by

                      @scottalanmiller

                      @scottalanmiller said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

                      @Jimmy9008 said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

                      @scottalanmiller

                      @scottalanmiller said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

                      NGinx and HA-Proxy are fine tools for this, just DO NOT use them as load balancers. No reason for that complexity, it will have no benefits for you, but will have negatives.

                      Yes, I see this now. Thank you. Wrong terminology from me. My goal then is to have multiple IIS instances running on different hardware (on VMs on different hardware), being routed to through a pair of (somethings?) which will stop routing to any of those sites that are down. 🙂

                      Right, yes, and that's why HA-Proxy doesn't have Load Balancing in its name, but rather High Availability. Because failover is its primary use case.

                      So NGINX over HAProxy? Or something else?

                      1 Reply Last reply Reply Quote 0
                      • JaredBuschJ
                        JaredBusch @scottalanmiller
                        last edited by

                        @scottalanmiller said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

                        If you only wanted load balancing ,CloudFlare will do that for you.

                        Actually, no it will not because all loads are behinds two pipes. So Cloudflare could only partially load balance this. He has multiple servers behind two pipes.

                        Cloudflare cannot load balance the servers, only the two pipes.

                        scottalanmillerS 1 Reply Last reply Reply Quote 0
                        • scottalanmillerS
                          scottalanmiller @JaredBusch
                          last edited by

                          @JaredBusch said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

                          @scottalanmiller said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

                          If you only wanted load balancing ,CloudFlare will do that for you.

                          Actually, no it will not because all loads are behinds two pipes. So Cloudflare could only partially load balance this. He has multiple servers behind two pipes.

                          Cloudflare cannot load balance the servers, only the two pipes.

                          As long as each server has an IP address, CF will round robin load balance them.

                          JaredBuschJ 1 Reply Last reply Reply Quote 0
                          • JaredBuschJ
                            JaredBusch @scottalanmiller
                            last edited by

                            @scottalanmiller said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

                            @JaredBusch said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

                            @scottalanmiller said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

                            If you only wanted load balancing ,CloudFlare will do that for you.

                            Actually, no it will not because all loads are behinds two pipes. So Cloudflare could only partially load balance this. He has multiple servers behind two pipes.

                            Cloudflare cannot load balance the servers, only the two pipes.

                            As long as each server has an IP address, CF will round robin load balance them.

                            No Scott, multiple servers on the LAN behind only 2 WAN IP addresses. Cloudflare has no visibility into this. This is basic.

                            scottalanmillerS 1 Reply Last reply Reply Quote 0
                            • scottalanmillerS
                              scottalanmiller @JaredBusch
                              last edited by

                              @JaredBusch said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

                              @scottalanmiller said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

                              @JaredBusch said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

                              @scottalanmiller said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

                              If you only wanted load balancing ,CloudFlare will do that for you.

                              Actually, no it will not because all loads are behinds two pipes. So Cloudflare could only partially load balance this. He has multiple servers behind two pipes.

                              Cloudflare cannot load balance the servers, only the two pipes.

                              As long as each server has an IP address, CF will round robin load balance them.

                              No Scott, multiple servers on the LAN behind only 2 WAN IP addresses. Cloudflare has no visibility into this. This is basic.

                              Oh, I missed that he had only two WAN IP addresses.

                              1 Reply Last reply Reply Quote 0
                              • J
                                Jimmy9008
                                last edited by

                                Hey folks,

                                I've got this working using CentOS and HAProxy. I also want to do this with Nginx, so will run with that as a lab next week. More I understand that the better. Thanks for sending me down a good path.

                                Ok, so, with Linux, what is best practice regarding security?
                                Using CentOS currently. I assume I need to install an AV, what options do I have? From a fresh install, do I need to close any holes? System update has been done already, but I reckon I am missing lots that is a best practice for Linux?

                                Like i'e said... totally new with Linux so any pointers would be great. Ive seen the guide to Linux admin posted on this site already and will work through that in the coming weeks... but anything I should be wary of? The 'whatever you do, don't do...' sort of thing...

                                1 Reply Last reply Reply Quote 0
                                • J
                                  Jimmy9008
                                  last edited by

                                  In Windows, Remote Access/RDP etc is not enabled OOB. I assume the same in Linux? Unless you can connect to each through a command line/ssh or something, which maybe needs to be enabled/disabled etc...

                                  scottalanmillerS 1 Reply Last reply Reply Quote 0
                                  • scottalanmillerS
                                    scottalanmiller @Jimmy9008
                                    last edited by

                                    @Jimmy9008 said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

                                    In Windows, Remote Access/RDP etc is not enabled OOB. I assume the same in Linux? Unless you can connect to each through a command line/ssh or something, which maybe needs to be enabled/disabled etc...

                                    Linux has no default, it is the distros here that would have a default. CentOS defaults to SSH enabled. Most places leave it enabled. But certainly not all.

                                    1 Reply Last reply Reply Quote 0
                                    • 1
                                    • 2
                                    • 3
                                    • 1 / 3
                                    • First post
                                      Last post