Server Load Balancing made easy & affordable Detlef Lilje KEMP Technologies
Why would I need a Load Balancer? Business Processes depend highly on IT OrganizaHons rely on IT availability and performance slow or unavailable ApplicaHons - are expensive - cause negahve image (external and internal) - threaten your organizahon, thus need to be avoided
High Availability so what to do? make your IT fast and reliable. But - - isn t this super complex? Doesn t that cost a fortune, is too expensive for us? - > not anymore!
Anywhere in the World of Client/Server ApplicaHons......we are facing 2 major challenges.
Challenge: Availability Error! Single Server
Server Load Balancing Idea: Use more than one Server Put a dispatcher in front of the Servers
SoluHon: Server Load Balancing Service ok! Virtual Service
Challenge: Performance Overload! Single Server
SoluHon: Server Load Balancing Service ok! Virtual Service
Server Load Balancing Whenever one Server is not enough. ü Performance / Capacity ü Robustness / Availability
Server Load Balancing The original challenge was: Make it smart and reliable! ü SoluHons exist (F5, Netscaler, Radware,...) But the real- life challenge is: Make it easy and affordable, too!
Server Load Balancing Thus we developed the KEMP LoadMaster
Server Load Balancing Example: F5 LTM3600 vs. KEMP LoadMaster 5300 KEMP with ü Less than ½ the price ü MUCH beder performance!
KEMP Wins Q4/2011 Analyst Report www.enterprisemanagement.com/research/asset.php/2108/free- Summary:- EMA- Radar- for- ApplicaHon- Delivery- Controllers- and- Load- Balancers:- Q4-2011
What can be Load Balanced? Web Servers All things HTTP/S - incl. Proxies, Firewalls etc. Microsoi Sharepoint Just Websites (Full support, even with Kerberos authenhcahon) Email Fairly simple (IMAP, POP, SMTP w/ or w/o SSL) Incl. AnH Spam SoluHons Microsoi Exchange 2010 CerHfied and Used by Microsoi NLB not an ophon! hdp://technet.microsoi.com/en- us/library/ff625247.aspx#ophons
What can be Load Balanced? Microsoi Lync Server (OCS) New: MS CerHficaHon for all KEMP LoadMasters! MS "DNS Load Balancing" does not replace this (Edge Role, HTTP/S) Thin Client SoluHons Incl. Microsoi Remote Desktop Services (a.k.a. Terminal Services) Extensive KEMP support especially for RDP Other Services Database, FTP, DNS, LDAP,... As well as proprietary protocols Basically all TCP/UDP based Client/Server applicahons (Technical limits: Unknown L7 persistance criteria)
Load Balancing Core Tasks Scheduling: Define how much each Server gets used ü Uneven distribuhon may be desired ü Different strategies to determine the current usage Session Persistence: Send Returning Client to same Server ü Based on quality L7 criteria HTTP Headers, RDP token,... (Source IP is not good enough!) Health Checking: Do not use faulty Servers ü As reliable as possible - ApplicaHon Level / Scriptable
Summary "ApplicaHon Level" funchonality is key for quality Server Load Balancing
LoadMaster Flexibility and Convenience AdenHon to the details (even for edge cases) ü Not Available behavior: Go to addihonal server, redirect,... ü MulHple or all TCP ports per IP address ü Freedom of Topology MulHple NICs, VLANs, Trunking, Bonding ü...
SSL Offloading / SSL AcceleraHon Encrypted Traffic can be load balanced, sure. Or can be decrypted on the LoadMaster ü Performance boost through SSL AcceleraHon Hardware, saves CPU on the servers (even more on 2048/4096 bit!) ü Access to ApplicaHon Level - > Beder Quality ü Single point of maintenance (CerHficate renewal, ) HTTPS and all other TCP (POP3/SSL, LDAPS, ) Even if the Server does not know about SSL! OpHonal Re- EncrypHon between LoadMaster and Server SSL Performance is measured in TransacHons per Second (TPS). Which translates into NEW connechons per second at 1k key size.
ApplicaHon Front- End Features ApplicaHon Delivery Controller: Load Balancing + ApplicaHon Front End Services ü SSL Offloading / SSL AcceleraHon ü Reverse Proxy Caching ü Content RouHng ü Compression ü Intrusion PrevenHon (IPS, Snort ruleset compahble)
LoadMaster High Availability If availability maders, the LoadMaster must not be a Single Point of Failure either! Thus it almost always gets deployed in pairs. ü No extra license fee - just use two units (same model) ü Easy Setup - 2nd LoadMaster learns from 1st ü AcHve / Hot Standby for maximum robustness ü AutomaHc sync of configurahon changes and session tables
LoadMaster Hardware Same FuncHon, different Performance and Ports - No hidden costs, no extra licensing! - ü Up to 9,300 SSL TPS (at 1k keys) ü Up to 110,000 HTTP requests/sec ü Up to 60Mio concurrent connechons ü Up to 8.8Gbps throughput ü 1Gbps and 10Gbps interfaces ü No moving parts (HDDs, )
LoadMaster Model Matrix Feature LM- 2200 LM- 2600 LM- 3600 LM- 5300 Gigabit LAN Interfaces 4 4 8 8x GbE 2x10GbE (SFP+) Servers/Virtual Clusters (VIPs) 1000/500 1000/500 1000/1000 1000/1000 Max. L4 Throughput <1Gbps 1.7Gbps 3.4Gbps 8.8Gbps SSL TPS (i.e. new connecuons per sec.) 200 1,000 3,000 9,300 Concurrent ConnecUons 1,000,000 2,000,000 4,000,000 60,000,000 Requests/Second (HTTP) 25,000 69,000 77,000 110,000 Form Factor 1U 1U 1U 1U Power Supply Single Single Single Redundant (Hot Swap) For AcHve/Hot- Standby configurahon, order quanhty 2 (two), HA License at No Extra Cost
New: LoadMaster 5300 LoadMaster 5300 ü 8x GbE and 2x 10G (SFP+) ü 8.8 Gbps ü 9300 SSL TPS ü 110,000 Request per sec HTTP ü 60,000,000 conc. conn. L4 ü 400,000 conc. conn. L7 ü 1U, Redundant Power (Hot- Swap) And Price is way below of what you would expect!
VirtualizaHon Can I Load Balance Virtualized Servers, too? Yes, absolutely. This is a common use case. Don t VMware & Co. do some Load Balancing anyway? Yes - but only on the OS level. Server Load Balancing can do much more, because it operates on the ApplicaHon Level. Then why not go the next step and virtualize the Load Balancer itself?
VirtualizaHon VLM - the Virtual Load Master ü Runs in virtualized environments (Currently: VMware, Hyper- V - next: Xen) ü Provides full LoadMaster funchonality ü Performance only limited by host pla orm (SSL: max. 1000 TPS) ü Great for teshng, too! VLM- 100 (max. 100 SSL TPS, 100 Mbps) VLM- 1000 (max. 1000 SSL TPS, unlimited bandwidth) Actual performance depends on underlying pla4orm
MulH- Site Load Balancing What if One enhre Data Center (or ISP uplink) goes down? What if You want to distribute users across mulhple sites?
MulH- Site Load Balancing LM- GEO: The GEO LoadMaster ü Access distribuhon across two or more Data Centers ü Sites can be achve/achve or achve/passive (Site Failover) ü Five Policies for access distribuhon ü Commercial- grade Source- IP based LocaHon DetecHon
MulH- Site Load Balancing
MulH- Site Load Balancing LM- GEO needs to be deployed redundant Available virtualized, too...then called VLM- GEO
Conclusion..make it EASY and AFFORDABLE? Easy to configure and maintain: ü HA Cluster is up and running in less than 1 hour ü ApplicaHon Services are configured within minutes ü Typical effort for an Exchange 2010 related deployment: 2-3 hours, incl. TesHng ü Firmware Update on Cluster: less than 5 minutes Affordable: ü LM- 2200 HA Cluster (good for 1.000 Users): just 3.780 EUR ü Including 1 year of Support, Soiware Updates, HW replacement
EvaluaHon OpHons Buy & Try VLM ü www.kemptechnologies.com/try/ EvaluaHon Hardware ü KEMP EvaluaHon Units (make sure to schedule up- front)
Why KEMP ü Rich Featureset ü Highly AdracHve Pricing ü Ease of Use ü Wide- Spread, Rock- Solid ü Thousands of Users in the Nordics and all over the world
KEMP Technologies Founded in 2000, Based in New York European HQ in Limerick, Ireland Nordic Sales Team in Hannover, Germany KEMP Partners in every country LanTeam KEMPCenter Partner in Sweden, many references www.lanteam.se
Thank you for adending! QuesUons? Get your individual Live Demo & Free Trial SW visit the KEMP Booth D.01b Find more at www.kemptechnologies.com Also take a look at www.loadbalancerblog.com /.de Twider: @KEMPtech / German: @KEMP_DE And contact us any Hme at emea@kemptechnologies.com