Zeus Extensible Traffic Manager in Virtualized Hosting Environments.



Similar documents
Load balancing Microsoft IAG

Deploying Microsoft SharePoint Services with Stingray Traffic Manager DEPLOYMENT GUIDE

Cisco Application Networking for IBM WebSphere

EMC VPLEX FAMILY. Continuous Availability and data Mobility Within and Across Data Centers

A Layman's Guide to Global Server Load Balancing

AppDirector Load balancing IBM Websphere and AppXcel

Bill Ting, Product Marketing Riverbed Technology

Cisco ACE 4710 Application Control Engine

VMware DRS: Why You Still Need Assured Application Delivery and Application Delivery Networking

Veritas Storage Foundation High Availability for Windows by Symantec

Brocade Virtual Traffic Manager and Microsoft IIS Deployment Guide

EMC VPLEX FAMILY. Continuous Availability and Data Mobility Within and Across Data Centers

SDC The Service Delivery Controller FACT SHEET

Sun CoolThreads Servers and Zeus Technology Next-generation load balancing and application traffic management

Reducing the Cost and Complexity of Business Continuity and Disaster Recovery for

Running VirtualCenter in a Virtual Machine

Cisco Application Networking for BEA WebLogic

Solution Brief Availability and Recovery Options: Microsoft Exchange Solutions on VMware

Managing Application Performance and Availability in a Virtual Environment

Brocade Virtual Traffic Manager and Microsoft SharePoint 2010 Deployment Guide

Managing SIP traffic with Zeus Traffic Manager

Radware s AppDirector and AppXcel An Application Delivery solution for applications developed over BEA s Weblogic

Basic & Advanced Administration for Citrix NetScaler 9.2

Scaling with Zeus Global Load Balancer

SiteCelerate white paper

Neverfail Solutions for VMware: Continuous Availability for Mission-Critical Applications throughout the Virtual Lifecycle

Brocade Virtual Traffic Manager

Configuring Citrix NetScaler for IBM WebSphere Application Services

Successfully Deploying Globalized Applications Requires Application Delivery Controllers

VMware Virtual Desktop Infrastructure (VDI) - The Best Strategy for Managing Desktop Environments Mike Coleman, VMware (mcoleman@vmware.

RED HAT ENTERPRISE VIRTUALIZATION FOR SERVERS: COMPETITIVE FEATURES

What s New with VMware Virtual Infrastructure

TESTING & INTEGRATION GROUP SOLUTION GUIDE

Zeus Traffic Manager VA Performance on vsphere 4

F5 and Oracle Database Solution Guide. Solutions to optimize the network for database operations, replication, scalability, and security

Brocade Virtual Traffic Manager and Oracle EBS 12.1 Deployment Guide

Flexible Routing and Load Control on Back-End Servers. Controlling the Request Load and Quality of Service

Deployment Guide July-2014 rev. a. Deploying Array Networks APV Series Application Delivery Controllers with Oracle WebLogic 12c

Intel Ethernet Switch Load Balancing System Design Using Advanced Features in Intel Ethernet Switch Family

Veritas Cluster Server from Symantec

Radware s AppDirector and Microsoft Windows Terminal Services 2008 Integration Guide

A Comparison of VMware and {Virtual Server}

ManageEngine (division of ZOHO Corporation) Infrastructure Management Solution (IMS)

Data Sheet. VLD 500 A Series Viaedge Load Director. VLD 500 A Series: VIAEDGE Load Director

Getting More Performance and Efficiency in the Application Delivery Network

DEPLOYMENT GUIDE DEPLOYING THE BIG-IP LTM SYSTEM WITH MICROSOFT WINDOWS SERVER 2008 TERMINAL SERVICES

Connection Broker Managing User Connections to Workstations, Blades, VDI, and More. Quick Start with Microsoft Hyper-V

Cisco Application Control Engine in the Virtual Data Center

Availability Acceleration Access Virtualization - Consolidation

VMware vsphere-6.0 Administration Training

VMware vcloud Networking and Security Overview

Journey to the Private Cloud. Key Enabling Technologies

ZEN LOAD BALANCER EE v3.04 DATASHEET The Load Balancing made easy

PIVOTAL CRM ARCHITECTURE

F5 PARTNERSHIP SOLUTION GUIDE. F5 and VMware. Virtualization solutions to tighten security, optimize performance and availability, and unify access

Brocade Virtual Traffic Manager and Magento Deployment Guide

Zeus Technology Limited Zeus Technology UK: +44 (0) The Jeffreys Building 5201 Great America Parkway Suite 320 US:

Cloud Optimize Your IT

DEPLOYMENT GUIDE DEPLOYING F5 WITH MICROSOFT WINDOWS SERVER 2008

VMware Horizon Mirage Load Balancing

Virtualization Essentials

VMware System, Application and Data Availability With CA ARCserve High Availability

Release Version 4.1 The 2X Software Server Based Computing Guide

WHITE PAPER. Enhancing Application Delivery and Load Balancing on Amazon Web Services with Brocade Virtual Traffic Manager

Application Delivery and Load Balancing for VMware View Desktop Infrastructure

CA Virtual Assurance/ Systems Performance for IM r12 DACHSUG 2011

VMware Virtual Desktop Manager User Authentication Guide

Introducing ZENworks 11 SP4

Brocade Virtual Traffic Manager

ZEN LOAD BALANCER EE v3.02 DATASHEET The Load Balancing made easy

DEPLOYMENT GUIDE. Deploying the BIG-IP LTM v9.x with Microsoft Windows Server 2008 Terminal Services

Brocade Virtual Traffic Manager and Microsoft Outlook Web Access Deployment Guide

Barracuda Load Balancer Online Demo Guide

Red Hat enterprise virtualization 3.0 feature comparison

FlexNetwork Architecture Delivers Higher Speed, Lower Downtime With HP IRF Technology. August 2011

NetScaler: A comprehensive replacement for Microsoft Forefront Threat Management Gateway

VMware vcenter Update Manager Administration Guide

Windows Server 2008 R2 Hyper V. Public FAQ

2X HTML5 Gateway v10.6

Symantec Storage Foundation High Availability for Windows

DEPLOYMENT GUIDE. Deploying F5 for High Availability and Scalability of Microsoft Dynamics 4.0

VMware vsphere: Fast Track [V5.0]

Brocade Virtual Traffic Manager and Microsoft Skype for Business 2015 Deployment Guide

FEATURE COMPARISON BETWEEN WINDOWS SERVER UPDATE SERVICES AND SHAVLIK HFNETCHKPRO

vcenter Chargeback User s Guide

Best Practices for Monitoring Databases on VMware. Dean Richards Senior DBA, Confio Software

Migrating to ESXi: How To

Deploying the BIG-IP System v10 with VMware Virtual Desktop Infrastructure (VDI)

Protecting Your Organisation from Targeted Cyber Intrusion

VMware Infrastructure and IBM WebSphere Software

VMware vcenter Log Insight Security Guide

Load Balancing for Microsoft Office Communication Server 2007 Release 2

Enabling comprehensive data protection for VMware environments using FalconStor Software solutions

RSA Authentication Manager 8.1 Setup and Configuration Guide. Revision 2

WHITE PAPER 1

Transcription:

Zeus Extensible Traffic Manager in Virtualized Hosting Environments. Zeus Technology Limited Sales: +44 (0)1223 568555 The Jeffreys Building Main: +44 (0)1223 525000 Cowley Road Fax: +44 (0)1223 525100 Cambridge CB4 0WS Email: info@zeus.com United Kingdom Web: http://www.zeus.com/

Introduction This document outlines ZXTM s capabilities within virtualized service-hosting environments. It describes ZXTM, gives some deployment scenarios, and a little bit of future vision. Although the document uses VMware s virtualization technologies as an example, it is equally applicable to other implementations such as Microsoft s Virtual Server. The appendix discusses the RDP desktop hosting problem in depth, and describes how ZXTM can alleviate some of the management and security problems. This is applicable to both physical and virtual desktop hosting. What is ZXTM? ZXTM is a non-intrusive, software traffic manager that load balances network services across clusters of physical or virtual servers. Virtual / Physical servers Web Server: Apache, IIS, Zeus Web Application: WebLogic, WebSphere, Oracle, SAP ZXTM Traffic Manager Remote Desktop: RDP Web Services: SOAP, XMLRPC Email, DNS, Media In any environment where multiple servers provide a network-based service, some form of network traffic distribution is required. ZXTM is the only non-hardware load balancer that can meet this requirement. ZXTM reinforces the virtualization benefits of server consolidation, server containment and business continuity. As virtual machines (VMs) are deployed, moved and removed, ZXTM can ensure that incoming network traffic is always delivered to the most available, responsive machines. ZXTM makes these machine and services faster, more reliable, more secure and easier to manage. ZXTM ON VMWARE - BRIEFING NOTE 2

ZXTM makes the services run faster Buffering TCP requests and responses, so that the server talks to a fast local client rather than a slow, unreliable, remote client. Multiplexing the client-side HTTP requests into many fewer server-side keepalive connections, reducing the number of connections the application must manage. TCP buffering and HTTP multiplexing can reduce the number of simultaneous connections by a factor of 100, and verifiably improve the capacity of services like WebSphere, WebLogic and Apache by factors of 10, 36 and 100 respectively 1,2 Offloading CPU-intensive tasks such as SSL, Compression and XML pre-processing onto ZXTM s highly-optimized implementations, freeing up the application server to concentrate on application code. Dynamic Content Caching eliminates the impact of repeated requests for common data. These benefits are particularly pertinent to virtualized environments, where the limits on performance and scalability of network traffic are very acute. ZXTM makes the services more reliable Load-balancing traffic to the fastest-responding servers and routing traffic away from poorly-performing or failed servers. Allowing for multiple levels of redundancy. If one unit fails, additional redundancy means that the failed unit does not have to be repaired immediately. Facilitating routine maintenance, such as rolling out new virtual machine instances. Old virtual machines can be drained of traffic in a managed way, so that they can be retired without interrupting any ongoing requests or sessions. ZXTM makes the services more secure Acting as a gatekeeper ; totally isolating the servers from the external networks. It is impossible for an external hacker to access the servers without going through ZXTM. Inspecting and filtering each request against desired criteria. SSL traffic can be decrypted, and users or requests can be blacklisted or whitelisted using ZXTM s TrafficScript inspection language. ZXTM makes the servers easier to manage Traffic management policies are implemented using TrafficScript, ZXTM s scripting language. You can pull together custom bandwidth, caching, access control, persistence, routing and rewriting logic to build the precise solution you require. A Web Services-based Control API can be used to query and reconfigure ZXTM programmatically. Visualization: a wide range of traffic statistics, from bandwidth to response times are published in real time, via SNMP and an interactive graphing environment. 1 http://www.zeus.com/news/pdf/white_papers/zxtm_application_acceleration.pdf 2 http://www.zeus.com/news/pdf/white_papers/improving_apache.pdf 3 ZXTM ON VMWARE - BRIEFING NOTE

Typical Deployment Scenario An organisation hosts a business-critical network-based service, such as a web site, mail server, database server, or even just a sub-component of a web site, such as a CRM system. Typically, these services are accessed via HTTP, HTTPS, SOAP/Web Services, etc. Because a single physical/virtual server has insufficient capacity to host the service, or because the organisation requires application continuity if a server fails, it is necessary to host multiple independent instances of the service. With multiple service instances, it s necessary to distribute incoming traffic across the servers that are functioning. A Traffic Management solution is required. ZXTM Traffic Distribution Application Servers (VMs) Transaction Servers (VMs) Traditional or Blade-based x86 servers ZXTM could be deployed in standalone mode, running on a pair of dedicated servers or blades for maximum performance, or could be deployed in a pair of virtual appliances. ZXTM is often deployed in clusters of two or more to give full resilience in the unlikely event of a software or host server failure. The following scenarios illustrate what is possible with custom integration between ZXTM (using the Control API), VirtualCenter and a central policy server. Scenario 1: Failing Servers ZXTM detects by way of its asynchronous monitoring capability that a particular server has failed due to a software or configuration fault, or a request-of-death incident. 1. ZXTM routes traffic away from the failed server 2. ZXTM raises an alert that is programmed to communicate with the virtualization manager (e.g. VirtualCenter). This restarts the VM image from a known good snapshot. ZXTM ON VMWARE - BRIEFING NOTE 4

3. ZXTM continues to asynchronously probe the server. When it begins to function correctly, ZXTM reintroduces it into the cluster. Scenario 2: Service has insufficient capacity ZXTM monitors response times (using its Service Level Monitoring capability) and publishes the percentage conforming to the desired threshold (e.g. 200ms) via SNMP. A remote policy server (e.g. IBM Director) monitors ZXTM and performs the following actions: 1. Uses the virtualization manager web services interface to deploy additional VMs or increase resource allocations. 2. If necessary, uses ZXTM s Control API to inform ZXTM that new VMs have been deployed. ZXTM begins to route traffic to the new VMs when they are online. Scenario 3: New hardware is deployed A new virtualization host (e.g. ESX Server instance) is introduced to the resource pool. Some running VMs are migrated to the new managed systems, e.g. using VMotion: 1. Before the VMotion, use ZXTM s Control API to inform ZXTM to drain the virtual machine. 2. Afterwards, use the Control API to reintroduce traffic to the machine. Under some circumstances (for example, if the VM acquires a new IP address), it may be necessary to change the IP addresses that the VM listens through. 1. After moving the VMs, use ZXTM s Control API to remove the old VM IPs from ZXTM s configuration and add the new IPs in. Scenario 4: A Virtual Machine is to be powered off For operational reasons, a VM is to be powered off. For example, a new instance of the VM is to be deployed, perhaps with updated OS patches, upgraded software or new versions of the service configuration or content. If the old VM were simply to be powered off, requests it was processing and sessions established with it would be lost. ZXTM s Connection Draining feature is designed to solve this problem: 1. Use ZXTM s Control API to inform ZXTM to drain the VM that will shortly be powered off. 2. After sufficient time to expire sessions, use the Control API to remove the old VM from ZXTM s configuration. Power off the VM. 5 ZXTM ON VMWARE - BRIEFING NOTE

Summary: Key Benefits Software-based Solution ZXTM allows the Traffic Management layer to be treated identically to the application layer, deployed on the same hardware and managed as a set of virtual appliances if desired. Support ZXTM on VMware is an actively supported configuration, within the performance limits of the virtual machine environment. Zeus actively promotes the use of VMware Player as a way of distributing evaluation, demonstration and development software. ZXTM will be actively supported on other virtualization platforms as they mature and gain industry acceptance. A comprehensive knowledgebase of ZXTM technical information, use cases and expertise is freely available online at http://knowlegehub.zeus.com/. Highly Flexible ZXTM s layer 7 inspection, large feature-set and TrafficScript language combine to give an extremely flexible and capable solution, able to deal with the great many problems that can arise when clustering complex applications. Zeus has significant experience in this area. Features like asynchronous monitoring and connection draining have clear applicability in a virtualized environment. ZXTM Control API ZXTM s Control API is a Web Services-based API very similar in nature to VMware s VirtualCenter or Microsoft s Virtual Server Web Services interfaces. It allows corporate developers and ISVs to manage and control ZXTM from their own independent programs and from existing frameworks such as IBM Director. This is a complementary technology to the virtualization Web Services management interface, and enables full next-generation control within the datacentre. ZXTM ON VMWARE - BRIEFING NOTE 6

Compute Fabric Evolution Zeus is partnering with many of the key players who are shaping the next generation of datacenter architectures. Dynamic provisioning and migration of applications to meet business demands ZXTM is a complementary component: Deployed within the virtualized environment Monitors the performance of services within the virtualized environment As performance problems are detected, ZXTM alerts the Utility Manager Utility Manager provisions new application instances and informs ZXTM ZXTM intelligently routes and balance traffic across all the instances of the application All communication and configuration takes place via VMware s and ZXTM's SOAP APIs. ZXTM can provide a fundamental monitoring and traffic management service within virtualized environments A completely automated datacenter utility manager will dynamically reprovision and repurpose software and hardware resources in the datacenter. ZXTM s traffic management will form a fundamental part of this architecture. 7 ZXTM ON VMWARE - BRIEFING NOTE

Appendix: Using ZXTM to assist Virtual Desktop hosting Zeus is a founder member of VMware s Virtual Desktop Infrastructure (VDI) Alliance and Zeus Traffic Management technology can alleviate many of the security and manageability problems inherent in publishing virtual desktop services. In current deployments, end users connect directly to their remote desktop server. Each user requires their own publicly routed IP address which must be permanently reserved: Public IP 1 Public IP 2 Public IP 3 Public IP 4 This introduces management problems: large numbers of externally routed IP addresses must be maintained and managed as users are added or removed from the shared system. Placing virtual desktops on public addresses also creates unacceptable security concerns. At VMware s TSX conference (Paris 2006), Zeus demonstrated a proof-of-concept solution using ZXTM to offer a single point of entry to a suite of virtual desktops running on a private network: Private IP 1 Private IP 2 Private IP 3 Private IP 4 Authentication and Location Server The proof-of-concept solution used a web-based authentication server where users logged into their desktop. The server returned an RDP connection file for Microsoft s RDP client, which then automatically connected to the ZXTM gateway. ZXTM inspected the connection and queried the location server for the location of the users desktop, ZXTM ON VMWARE - BRIEFING NOTE 8

1. User accesses authentication server using HTTP/HTTPS: 2. Authentication server authenticates user against database. Upon a successful authentication, the server returns the RDP connection info which directs the user s RDP client to connect to the ZXTM-hosted public IP address. The user s web browser can automatically start the appropriate RDP client software. 3. User s RDP client makes a secure connection to the ZXTM gateway. 4. Using TrafficScript, ZXTM extracts the username from the RDP connect and queries the Location Server to determine the location of the database: 5. ZXTM then connects the user s RDP session to the correct desktop. Note that by using ZXTM at both ends of the connection (client side and server side), it s additionally possible to SSL-encrypt all publicly routed internet traffic. This further improves security by making the RDP man-on-the-middle attack 3 impossible. 3 http://www.securiteam.com/windowsntfocus/5ep010kg0g.html 9 ZXTM ON VMWARE - BRIEFING NOTE

Summary Zeus RDP hosting architecture is a proof-of-concept design that is currently under evaluation with Zeus clients. Many extensions are possible. For example, the authentication server could automatically provision a new desktop if the user had not logged in before. Idle desktops could be suspended, and then unsuspended or allocated more CPU resources when the user returned. For further information, please contact Zeus Technology s sales information line using the details given at the end of this document. Further Reading VMware s Virtualization Technology: http://www.vmware.com/virtualization/ Microsoft Virtual Server: http://www.microsoft.com/windowsserversystem/virtualserver/ ZXTM ON VMWARE - BRIEFING NOTE 10

Copyright Zeus Technology Limited [2006]. Copyright in this document belongs to Zeus Technology Limited. All rights are reserved. Trademarks Zeus Technology, the Zeus logo, Zeus Web Server, Zeus Load Balancer, Zeus Mass Hosting Application, ZISP CGI Toolkit, Zeus Extensible Traffic Manager, TrafficScript and RuleBuilder are trademarks of Zeus Technology Limited. Other trademarks may be owned by third parties. Contact Information If you would like to learn more about any of the topics covered by this white paper, please feel free to contact us for more information. You can reach us in a variety of ways: By Email For general enquiries: info@zeus.com For commercial and technical enquiries: sales@zeus.com For reseller information: partners@zeus.com For press and public relations information: press@zeus.com By Telephone Main switchboard: +44 (0)1223 525000 Information line: +44 (0)1223 568555 Fax: +44 (0)1223 525100 By Post or in Person Zeus Technology Limited The Jeffreys Building Cowley Road Cambridge CB4 0WS United Kingdom www.zeus.com Our web site contains a wealth of information on our products, services and solutions, as well as customer case studies, press information and a comprehensive knowledge base. For more information, please visit http://www.zeus.com/. 11 ZXTM ON VMWARE - BRIEFING NOTE

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information