Posts made by Jimmy9008

@scottalanmiller

@scottalanmiller said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

@Jimmy9008 said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

Wouldn't load balancing give us what we want here? Load balancer will direct traffic away from a down node. Yes, its not a 'failover', you're right... but customers are not affected...

Absolutely not. Pure load balancing would keep directing traffic to the dead node. You are mixing concepts together because people often use the same devices for both and have gotten stuck talking about the wrong one of the two.

Ok, fair do's. So what would you suggest to use here?

@scottalanmiller

@scottalanmiller said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

@Jimmy9008 said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

@scottalanmiller

@scottalanmiller said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

@Jimmy9008 said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

Currently, if IIS website A is running on a VM on Host1, and that host dies, we're down. We have to turn the replica VM on which is on Host2. That's not automatic. By having that website on two VM's, one on Host 1 and one on Host 2, with a load balancer, the lb would stop directing traffic to the failed one and push everything to the live one. The service is better for customers...

I think you are confusing failover with load balancing. I totally see the benefit to having failover, I don't see any to load balancing. That's why I keep prying. I think that you are looking for the wrong solution. Not that the products aren't the same, but your needs and goals are different.

Load balancing is for when you are too big for one system to host. Until you are that big, load balancing is a negative.

Part of load balancing is to stop directing traffic to down instances right? If

Not really. That's failover. Loadbalancers do that, but it is NOT load balancing. It's a different action. What you want is failover WITHOUT load balancing.

It is a different action, yes. Correct. It is however included by using a load balancer. So why wouldn't I use that for accomplishing this?

@Romo said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

@Jimmy9008 said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

@scottalanmiller

@scottalanmiller said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

@Jimmy9008 said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

Currently, if IIS website A is running on a VM on Host1, and that host dies, we're down. We have to turn the replica VM on which is on Host2. That's not automatic. By having that website on two VM's, one on Host 1 and one on Host 2, with a load balancer, the lb would stop directing traffic to the failed one and push everything to the live one. The service is better for customers...

I think you are confusing failover with load balancing. I totally see the benefit to having failover, I don't see any to load balancing. That's why I keep prying. I think that you are looking for the wrong solution. Not that the products aren't the same, but your needs and goals are different.

Load balancing is for when you are too big for one system to host. Until you are that big, load balancing is a negative.

Part of load balancing is to stop directing traffic to down instances right? If

@scottalanmiller said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

@Jimmy9008 said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

Also, for things like Windows Updates. I can take VM 1 out of the load balancer at say midnight, then update the VM, then bring back in... all without any real issues to customers.

Currently, we would affect customers with such things...

Also does not need load balancing

Wouldn't load balancing give us what we want here? Load balancer will direct traffic away from a down node. Yes, its not a 'failover', you're right... but customers are not affected...

The goal of fail-over is to allow work that would normally be done by one server to be done by another server should the regular one fail.

Load balancing lets you spread load over multiple servers. You would want to do this if you were maxing out your CPU or disk IO or network capacity on a particular server.

Yes, I get the merit of load balancing. If I am load balancing over multiple VMs on multiple physical boxes, as soon as a host/VM is dead, the load balancer takes the server/VM out of the pool of where to direct clients. One request or so dropped. Very small downtime.

If a host dies but I have to wait for the VM to failover to a second node as part of a windows failover cluster, that takes much longer. The cluster has to realise the VM is down, then bring up and boot it on another host.

By having load balancing do this, as soon as the IIS server stops serving HTTP requests, the LB would take it out of the pool and traffic continues...

I also get the benefit that I can take a VM out of the pool to patch etc, without bringing the service down.

@coliver

@coliver said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

@Jimmy9008 said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

@scottalanmiller

@scottalanmiller said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

@Jimmy9008 said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

@scottalanmiller

@scottalanmiller said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

Why do you want to load balance multiple IIS instances? Are your individual web servers so big that you can't grow them any longer?

The end goal is to 4 x IIS VMs with each being on a different host. Each VM runs the same site (so 4 running copies on different hardware). With load balancer, especially if they can work as a redundant pair too on separate hosts, we'd have to lose all four IIS VMs, or both Internet lines, or both load balancers, or all four hosts to be unavailable to clients.

Or power/flood/Cloudflare issues/what not.

But in terms of what we have available to us, its within reach to at least have better capability with what we can control. I just need to understand what tools to use now, be in HAProxy, NGINX, NetScaler... etc

But why? What's the benefit to this?

Currently, if IIS website A is running on a VM on Host1, and that host dies, we're down. We have to turn the replica VM on which is on Host2. That's not automatic. By having that website on two VM's, one on Host 1 and one on Host 2, with a load balancer, the lb would stop directing traffic to the failed one and push everything to the live one. The service is better for customers...

Also, for things like Windows Updates. I can take VM 1 out of the load balancer at say midnight, then update the VM, then bring back in... all without any real issues to customers.

Currently, we would affect customers with such things...

This is built into IIS. I'm trying to remember what Microsoft calls it, but you can do it with DFS.

If you have any details, i'd appreciate seeing them...

@scottalanmiller

@scottalanmiller said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

@Jimmy9008 said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

Currently, if IIS website A is running on a VM on Host1, and that host dies, we're down. We have to turn the replica VM on which is on Host2. That's not automatic. By having that website on two VM's, one on Host 1 and one on Host 2, with a load balancer, the lb would stop directing traffic to the failed one and push everything to the live one. The service is better for customers...

I think you are confusing failover with load balancing. I totally see the benefit to having failover, I don't see any to load balancing. That's why I keep prying. I think that you are looking for the wrong solution. Not that the products aren't the same, but your needs and goals are different.

Load balancing is for when you are too big for one system to host. Until you are that big, load balancing is a negative.

Part of load balancing is to stop directing traffic to down instances right? If

@scottalanmiller said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

@Jimmy9008 said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

Also, for things like Windows Updates. I can take VM 1 out of the load balancer at say midnight, then update the VM, then bring back in... all without any real issues to customers.

Currently, we would affect customers with such things...

Also does not need load balancing

Wouldn't load balancing give us what we want here? Load balancer will direct traffic away from a down node. Yes, its not a 'failover', you're right... but customers are not affected...

@JaredBusch

@JaredBusch said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

@Jimmy9008 said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

@JaredBusch

@JaredBusch said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

If you're going to constrain yourself to on premise then as Scott suggested Nginx is the probably the best thing to do

We've looked at moving off site a few times. Its way more expensive off site. Since we have our servers, redundant firewalls, switches already, adding a free way to load balance (HAProxy/Nginx/Whatever) adds no real cost to us. We have the hardware and space already.

Moving the kit off site could be done, but why pay to host somewhere else. We have a great DR system, so if we lost Head Office it wouldn't matter. This is for day to day running of the services.

If you already have most of the redundant stuff that you would gain by going to a colocation or a host then yeah you're an exception your companies already have the cost sunk into that so not too bad.

At this point the most cost efficient solution likely will be at implement some kind of low-cost load balancing on site. And look at my greeting offsite again the next time you have to deal with hardware or something else changes the cost equation.

We will look again at the next refresh. I could perhaps see colo as an option with our own hardware being in a datacentre some where like our DR systems... but hosting our VMs on another infrastructure is far more costly and unless prices drop, a lot I don't see that happening.

@scottalanmiller

@scottalanmiller said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

@Jimmy9008 said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

@scottalanmiller

@scottalanmiller said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

Why do you want to load balance multiple IIS instances? Are your individual web servers so big that you can't grow them any longer?

The end goal is to 4 x IIS VMs with each being on a different host. Each VM runs the same site (so 4 running copies on different hardware). With load balancer, especially if they can work as a redundant pair too on separate hosts, we'd have to lose all four IIS VMs, or both Internet lines, or both load balancers, or all four hosts to be unavailable to clients.

Or power/flood/Cloudflare issues/what not.

But in terms of what we have available to us, its within reach to at least have better capability with what we can control. I just need to understand what tools to use now, be in HAProxy, NGINX, NetScaler... etc

But why? What's the benefit to this?

Currently, if IIS website A is running on a VM on Host1, and that host dies, we're down. We have to turn the replica VM on which is on Host2. That's not automatic. By having that website on two VM's, one on Host 1 and one on Host 2, with a load balancer, the lb would stop directing traffic to the failed one and push everything to the live one. The service is better for customers...

Also, for things like Windows Updates. I can take VM 1 out of the load balancer at say midnight, then update the VM, then bring back in... all without any real issues to customers.

Currently, we would affect customers with such things...

@JaredBusch

@JaredBusch said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

If you're going to constrain yourself to on premise then as Scott suggested Nginx is the probably the best thing to do

We've looked at moving off site a few times. Its way more expensive off site. Since we have our servers, redundant firewalls, switches already, adding a free way to load balance (HAProxy/Nginx/Whatever) adds no real cost to us. We have the hardware and space already.

Moving the kit off site could be done, but why pay to host somewhere else. We have a great DR system, so if we lost Head Office it wouldn't matter. This is for day to day running of the services.

@JaredBusch

@JaredBusch said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

I don't edit while driving and honestly I missed the word that time

No problem darn typos!

@JaredBusch

@JaredBusch said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

@Jimmy9008 said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

@JaredBusch

@JaredBusch said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

The better question here is why this crap not posted somewhere else why are you doing in internal.

There's no way you can do this is cost efficiently as a hosting provider.

Bad Thursday Jared? Why don't you post your crap somewhere else.
We have on site for many reasons, none of which I need to explain to you.

Don't throw your bad business decisions on me. I simply asked a question because it's true. Something everyone on here always tries to do was get to an actual valid business solution not just the solution a person asks for especially when they specifically stated they did Not know all possible solutions. And less you tell somebody we have no way to know that you evaluated I hosted solution where this could all be done properly or not.

Yes, all valid questions. 'Why this crap not posted somewhere else' is rude; no need to be rude at all and not appreciated.

Our hosting decisions to keep on site, and to figure out a way to do load balancing etc is also not a bad business decision. It is less expensive than a hosting provider; how exactly do you think it would be more expensive?

@JaredBusch

@JaredBusch said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

The better question here is why this crap not posted somewhere else why are you doing in internal.

There's no way you can do this is cost efficiently as a hosting provider.

Bad Thursday Jared? Why don't you post your crap somewhere else.
We have on site for many reasons, none of which I need to explain to you.

@scottalanmiller

@scottalanmiller said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

Why do you want to load balance multiple IIS instances? Are your individual web servers so big that you can't grow them any longer?

The end goal is to 4 x IIS VMs with each being on a different host. Each VM runs the same site (so 4 running copies on different hardware). With load balancer, especially if they can work as a redundant pair too on separate hosts, we'd have to lose all four IIS VMs, or both Internet lines, or both load balancers, or all four hosts to be unavailable to clients.

Or power/flood/Cloudflare issues/what not.

But in terms of what we have available to us, its within reach to at least have better capability with what we can control. I just need to understand what tools to use now, be in HAProxy, NGINX, NetScaler... etc

@scottalanmiller

The first link i found went to that version hence wondering if a free version exists. Like i said, never looked at anything Linux before so a high learning curve here...

I think I that cloud flare header can't be used, the load balancer would see all traffic from the one address and would then point all traffic, like affinity, to the same webserver. Using that value shows the traffic is from different clients.

@scottalanmiller

@scottalanmiller said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

Nginx is very good for that. Does caching.

'Ip_hash' would load balance to IP; that does what I need if I can specify HTTP_CF_CONNECTING_IP as the client IP rather than Cloudflare. Can NGINX do that?

@scottalanmiller

So, NGINX Plus, I will take a look at that. Do they have a totally free version?
CentOS with HAProxy is totally free right?

@scottalanmiller

Only HTTP/S traffic from the IIS boxes to clients. They aren't used for anything else.

@scottalanmiller said in New Project - Thoughts? (CentOS, HAProxy, Load Balance)...:

Is this pure web? Nginx might be better than HA-Proxy.

I will take a look at Nginx too. Any benefits over HAProxy?

The sites are IIS, only one webserver for each site, all going to a series of SQL Servers for data etc...
I aim to change the IIS boxes to all be load balanced (somehow).

Like I said, don't mind learning new things, like doing so in fact - just want to make sure what I'm learning is down the right path...

Technically, from an infrastructure pov, we have four nodes running HyperV 2016. Each has a number of 2016 VMs running on it, a mix of IIS servers and SQL Servers etc. We have a few older boxes, but still very decent, which could be provisioned as Linux/load balance boxes.

Hi folks,

Thanks for taking the time...

I've been thinking of doing this for a while now and finally have some time! Before investing that time, I would like to make sure this is a path that makes sense, or see if a better options exist... I have no experience of Linux and will hopefully get alternatives if my idea is not a 'production' worthy option... (Probably time I start using Linux anyway!)

Ok, what I currently have:

1. Cloudflare points requests to us.
2. Our firewall gets the traffic from Cloudflare, then allows the traffic through to IIS webservers IF the traffic meets the rules we have in place.
3. IIS serves content.

What I want to do (obviously, as a lab, then as a test with actual test copies of our sites, then a staging test for in depth testing by our test team, before being released to production (far away if its even a solid plan)...

1. Cloudflare points requests to us.
2. Firewall checks the traffic based on our rules.
3. Traffic routes to CentOS, with HAProxy.
4. HAProxy looks at custom header added by Cloudflare "HTTP_CF_CONNECTING_IP", which is the clients origin IP, and points them to an IIS web server.
5. Web server responds.
6. Any following requests from same client route to same web server, unless that web server is unavailable.

So... thoughts? Would CentOS with HAProxy be suitable to crack this? Is it a poor choice compared to other options?
I've looked at load balance options in Windows, but that doesn't look to do what I want. For example, I don't think you can get Windows Load Balancer to check for the custom header and route that client to the same web server until its unavailable. All Windows has is 'affinity', but in a test that points all Cloudflare traffic to the same web server as its all from 'Cloudflare' - didn't check the custom header... and couldn't see a way to make it!

I've also looked at Citrix NetScaler, and I think that could check the header, but compared to CentOS/HAProxy, I do not know if they are even comparable options...

I love to learn and have no issues being told i'm waaaayyyyy off of a good idea if that's the case - so where would you suggest I look based on what i'm trying to do for a solution that could eventually be production?

Thanks,
Jim

@scottalanmiller any specific agencies? Any UK ones?

@scottalanmiller

@Jimmy9008 said in How long is too long?:

I've gone:

• 9 month contract.
• 2 years, one company, then promotion, 2 years again after promotion.
• 1 year at MSP.
• 1 year where I am now.
  (I'd say for me, 1 - 1.5 years max anywhere).

Makes sense, did the contract work come through word of mouth? Or did you use any special recruiters to get the roles? I've always liked the idea... but steady perm employment seems more reliable.

I get bored after 1 or so years at any given place. Pretty much at that point where I am now, so am looking. Gets pretty boring once everything is in place, up to date, patches, and running smoothly etc...