[ILUG] Web proxy server with failover
jr at inconspicuous.org
Fri Sep 6 14:52:53 IST 2002
I just happened to read a bit about this yesterday - the lvs (linux virtual
server) stuff. They claim to be able to do sticky sessions. See
http://www.linuxvirtualserver.org/Documents.html (esp. persistence
See http://www.linux-ha.org/#Links also. It links to Linux FailSafe also
http://oss.sgi.com/projects/failsafe/ ) which sounds interesting, but I
haven't really looked at it.
----- Original Message -----
From: "Padraig Brady" <padraig.brady at corvil.com>
To: "Dermot Buckley" <derbuck at eircom.net>
Cc: <ilug at linux.ie>
Sent: Friday, September 06, 2002 2:21 PM
Subject: Re: [ILUG] Web proxy server with failover
> Dermot Buckley wrote:
> > Hi all,
> > I'm looking for some suggestions for a failover/proxy service I would
> > to setup up. We will be hosting a number of sites (9 initially, and all
> > capable of running on the same server) which will be running on two
> > identical servers. I would like to put a proxy between them and the
> > which would:
> > 1. Do load balancing
> > 2. Handle failover
> > 3. Offer protection (servers are iis5 and I trust linux to handle
> > better than any 2k machine).
> > Unfortunately there is some session level stuff on the sites, so user
> > sessions would have to stay with the server they started with.
> > The setup I am thinking of will look like this (forgive poor ascii art):
> > Internet
> > |
> > |
> > Firewall
> > |
> > |
> > Linux Proxy
> > |
> > --------------------------------- ...
> > | |
> > | |
> > Web server 1 Web server 2 ... (maybe more)
> > (The machine I'm talking about is 'Linux Proxy').
> > Is there a (preferably free) linux tool that will do this for me? This
> > setup is by no means rigid, I'm open to other ways of doing this.
> There's a product called the S1000 from antefacto that does this,
> and you don't need a seperate firewall. Hang on a minute, let me start
> It all depends on the apps that are running on the webservers,
> or more specifically, where the apps store their state.
> Now from your diagram I'm inferring that a particular site
> will only run on one machine at a time (as there is no shared data).
> Hmm, but you say does load balancing? Does this mean that
> a particular site can run on both machines simultaneously?
> OK I'll assume this. So another thing to consider is can a client
> send a request to either webserver (any required state is saved in a
> location). If this is the case then you've the most robust/flexible
> config as you can load balance at layer 4 (TCP). IPVS does this.
> Now IPVS doesn't automatically notice when HTTP services etc die,
> so you will need to deploy something like: http://www.ultramonkey.org/
> which has ldirectord which checks every so often whether your sites
> are OK and dynamically configures the load balancing accordingly.
> Now it gets more complicated if one web server needs to deal
> with a particular client, and much more complicated if a
> web site is just on one machine and you need to automatically
> migrate it to another one. Note if you just need to support
> "sticky sessions" then it can be hacked fairly well in IPVS
> using timeouts, but this causes problems if many of your
> clients are comming from one location (proxy).
> A comerical product that could be useful is www.sysmaster.com
> (around €10K)
> Irish Linux Users' Group: ilug at linux.ie
> http://www.linux.ie/mailman/listinfo/ilug for (un)subscription
> List maintainer: listmaster at linux.ie
More information about the ILUG