Quick Takes - Coyote Point Equalizer E550si Load Balancer
Providing fault tolerance as well as the ability to scale beyond the capacity of a single server, load balancers are practically a necessity for any commercial site. Because loads on a given Web site can fluctuate by several orders of magnitude (five or six, in the case of sites like Victoria's Secret or the World Cup Soccer site), and given that thousands of dollars a minute may be lost if the site is unavailable, being able to spread the load across many servers and ensure that users can still connect, even if one or more physical servers fails or stops responding, is crucial.
The latest load balancer available from Coyote Point Systems is the Equalizer E550si, a 1u (1.75"-high) appliance that offers 20 10/100/1000 ports, all the load-balancing features necessary to set up a sophisticated Web farm or other type of virtual cluster, and excellent performance, at a cost of $10,995 US.
You may be asking yourself, “Why do I need a load balancer?” Or, “Why should I pay that much for something I can get for free?” In its simplest form, load balancing simply distributes requests as they come in to one of several back-end servers in a virtual cluster, sharing the load equally among all the servers in a round-robin scheme. A DNS server can do this by mapping several IP addresses to the same host name, for instance:
www.store.com 192.168.0.10 www.store.com 192.168.0.11 www.store.com 192.168.0.11
The problem with using a DNS server in this fashion is that requests are distributed to each server in turn, whether or not that server is actually available, and regardless of how heavily loaded each of the servers is. Also, the first address in the list may be cached more often across the Web, resulting in higher loads on that server. Finally, many applications, such as e-commerce, can break unless a client is connected to the same server through its session, and there's no way to ensure this with a DNS round-robin setup.
Apache and Tomcat also can balance loads across a cluster of Apache and Tomcat servers, using a specialized Tomcat Worker instance. This type of load balancing is somewhat more sophisticated, allowing for checks to ensure that a host is available and adding more sophisticated algorithms than simple round-robin—for instance, allowing new requests to be sent to the least heavily loaded server. This type of load balancing can enable persistent sessions, so that a client can be directed to the same server for the duration of the session. However, this method will not work with other Web servers and will take some fairly specialized knowledge to set up and maintain.
There also are open-source load balancers, such as Ultra Monkey, which can offer sophisticated load-balancing algorithms, persistent sessions, health checking, failover to a backup load balancer and more. These can be installed on any Linux server and simply need one or two NICs to begin creating a virtual cluster.
So, why buy a $10,995 box when you can set up a server for a few hundred?
First, performance. A single-processor server with two standard NICs can't hope to match the millions of concurrent users and the levels of traffic that the Equalizer can, with a carefully tuned OS and 20 gigabit ports available.
Second, ease of use. The Equalizer comes with a very simple and straightforward Web-based GUI that any network admin can use to create an enterprise-class load-balanced cluster.
Third, the Equalizer can be used with any IP-based application, not only HTTP/HTTPS. It supports DNS, WAP, RADIUS, SMTP, POP, IMAP, NNTP, FTP and streaming media, as well as most other UDP- and TCP/IP-based protocols. It also can handle Active Server Pages, as well as Java application servers, and pretty much any kind of SQL back-end database server.
The Equalizer also offers an optional SSL acceleration card that provides SSL encoding/decoding, which can reduce server loads quite substantially, and multiple Equalizers can be networked together to provide geographic load balancing, which allows you to set up several geographically separate Web sites that all serve the same URL, so that even if an entire data center is off-line, the others can continue to service users. The geographic load-balancing software, Envoy, can determine which data center will be able to respond the fastest to any given clients and to send those clients to the site that will give them the best service.
Setting up the Equalizer is a simple matter of performing the initial network configuration via serial terminal, then logging in to the system via the browser interface to configure one or more virtual clusters. Setting up a cluster is easily done by filling in the IP addresses of the servers in the cluster and making a few selections from drop-down boxes.
The major choices are the method of load balancing and the type of cluster. The load-balancing options are round-robin, static weight (set percentages of the total number of connections given to each server), adaptive, fastest response, least connections or server agent. Adaptive should be the default in most cases, as it combines the fastest response and least connections to provide very even server loads under most conditions. The type of cluster can be HTTP, HTTPS or any designated TCP/IP port range desired. Once a cluster is set up, you can be as granular as you like about creating persistent sessions, logging, reporting, monitoring services and servers to ensure availability, error handling or even automatically adding additional servers to a cluster as load increases. The default settings generally will be the optimal ones, but your ability to customize things is limited only by your ability to script actions.
For example, you can ping a server to ensure hardware connectivity, but you also can send a query via any text-based request/response protocol—not merely HTTP, but something like a Telnet-based SQL command—and verify that the response is valid. This means you can ensure that specific services are available on each member of a cluster, rather than just confirming that the network interface is operational. You can route traffic to a cluster based on rules that are written in standard POSIX.2 expressions. You could specify a rule that directs all traffic coming from a specific set of IP addresses to one cluster, and all other traffic to another, or match IP ranges assigned to specific countries to localize a Web site in other languages.
The Equalizer can automatically place cookies in the HTTP stream returned to a client so that it can identify a specific client and ensure that all traffic for that session comes to the same server. In addition, you can run scripts when a condition is met. For instance, you could define a rule that sends an e-mail if average loads on the cluster exceed 70% or even add additional servers to a cluster when loads are high.
Although there are load-balancing solutions that are less expensive than the Equalizer E550si (and many that are more expensive), the mix of high performance, ease of use and programmability is hard to beat.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Server Hardening
- May 2016 Issue of Linux Journal
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- The Humble Hacker?
- The Death of RoboVM
- The US Government and Open-Source Software
- BitTorrent Inc.'s Sync
- Open-Source Project Secretly Funded by CIA
- New Container Image Standard Promises More Portable Apps
- ACI Worldwide's UP Retail Payments
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide