Cloud Scale Load Balancing

Similar documents
Duet: Cloud Scale Load Balancing with Hardware and Software

Advanced Computer Networks. Layer-7-Switching and Loadbalancing

Optimizing Data Center Networks for Cloud Computing

SDN in the Public Cloud: Windows Azure. Albert Greenberg Partner Development Manager Windows Azure Networking

Layer 4-7 Server Load Balancing. Security, High-Availability and Scalability of Web and Application Servers

Scalable Internet Services and Load Balancing

Networking Topology For Your System

Software Defined Networking What is it, how does it work, and what is it good for?

Multihoming and Multi-path Routing. CS 7260 Nick Feamster January

Load-Balancing Introduction (with examples...)

Lecture 7: Data Center Networks"

CS6204 Advanced Topics in Networking

AppDirector Load balancing IBM Websphere and AppXcel

Ananta: Cloud Scale Load Balancing

How To Understand The Power Of The Internet

Single Pass Load Balancing with Session Persistence in IPv6 Network. C. J. (Charlie) Liu Network Operations Charter Communications

SCALABILITY AND AVAILABILITY

Meeting Management Solution. Technology and Security Overview N. Dale Mabry Hwy Suite 115 Tampa, FL Ext 702

PowerLink Bandwidth Aggregation Redundant WAN Link and VPN Fail-Over Solutions

Load Balancing and Sessions. C. Kopparapu, Load Balancing Servers, Firewalls and Caches. Wiley, 2002.

Design and Implementation of a Linux-based Content switch

Enabling Cloud Architecture for Globally Distributed Applications

Firewalls. Securing Networks. Chapter 3 Part 1 of 4 CA M S Mehta, FCA

How To Build A Policy Aware Switching Layer For Data Center Data Center Servers

How swift is your Swift? Ning Zhang, OpenStack Engineer at Zmanda Chander Kant, CEO at Zmanda

Radware s AppDirector and AppXcel An Application Delivery solution for applications developed over BEA s Weblogic

Lustre Networking BY PETER J. BRAAM

Software Defined Networks

Duet: Cloud Scale Load Balancing with Hardware and Software

Core and Pod Data Center Design

GLOBAL SERVER LOAD BALANCING WITH SERVERIRON

Why SSL is better than IPsec for Fully Transparent Mobile Network Access

Software-Defined Networking for the Data Center. Dr. Peer Hasselmeyer NEC Laboratories Europe

Network Virtualization and Data Center Networks Data Center Virtualization - Basics. Qin Yin Fall Semester 2013

Software-Defined Networks Powered by VellOS

Chapter 11 Cloud Application Development

Firewall Introduction Several Types of Firewall. Cisco PIX Firewall

Firewalls P+S Linux Router & Firewall 2013

INTRODUCTION TO FIREWALL SECURITY

Content-Aware Load Balancing using Direct Routing for VOD Streaming Service

Data Center Network Topologies: FatTree

Duet: Cloud Scale Load Balancing with Hardware and Software

Datacenter Networks Are In My Way

A S B

Multi-layer switch hardware commutation across various layers. Mario Baldi. Politecnico di Torino.

Microsoft Office Communications Server 2007 & Coyote Point Equalizer Deployment Guide DEPLOYMENT GUIDE

Design and Implementation of a Linux-based Content switch

How Router Technology Shapes Inter-Cloud Computing Service Architecture for The Future Internet

Troubleshooting and Maintaining Cisco IP Networks Volume 1

Server Iron Hands-on Training

Router Architectures

VPN Lesson 2: VPN Implementation. Summary

Outline. VL2: A Scalable and Flexible Data Center Network. Problem. Introduction 11/26/2012

Network Security. Chapter 3. Cornelius Diekmann. Version: October 21, Lehrstuhl für Netzarchitekturen und Netzdienste Institut für Informatik

Data Center Infrastructure of the future. Alexei Agueev, Systems Engineer

Allocating Network Bandwidth to Match Business Priorities

Introduction to ServerIron ADX Application Switching and Load Balancing. Module 5: Server Load Balancing (SLB) Revision 0310

The Value of Flow Data for Peering Decisions

Network Security: Network Flooding. Seungwon Shin GSIS, KAIST

TRILL Large Layer 2 Network Solution

VPN Only Connection Information and Sign up

Oracle SDN Performance Acceleration with Software-Defined Networking

Avaya P333R-LB. Load Balancing Stackable Switch. Load Balancing Application Guide

We will give some overview of firewalls. Figure 1 explains the position of a firewall. Figure 1: A Firewall

Internet Protocol: IP packet headers. vendredi 18 octobre 13

Stretched Active- Active Application Centric Infrastructure (ACI) Fabric

Tomás P. de Miguel DIT-UPM. dit UPM

Availability Digest. Redundant Load Balancing for High Availability July 2013

Microsoft Private Cloud Fast Track

B4: Experience with a Globally-Deployed Software Defined WAN TO APPEAR IN SIGCOMM 13

NetFlow/IPFIX Various Thoughts

OVERLAYING VIRTUALIZED LAYER 2 NETWORKS OVER LAYER 3 NETWORKS

Chapter 1 Reading Organizer

The Evolution of Application Acceleration:

Cloud Computing with Microsoft Azure

Highly Available Unified Communication Services with Microsoft Lync Server 2013 and Radware s Application Delivery Solution

Integrating Network. Management for Cloud

EMC Data Domain Boost and Dynamic Interface Groups

Evaluating Bandwidth Optimization Technologies: Bonded Internet

Purpose-Built Load Balancing The Advantages of Coyote Point Equalizer over Software-based Solutions

Virtual Machine in Data Center Switches Huawei Virtual System

Radware s AppDirector and Microsoft Windows Terminal Services 2008 Integration Guide

Software Defined Networking What is it, how does it work, and what is it good for?

Overview and Deployment Guide. Sophos UTM on AWS

Virtualization, SDN and NFV

NetFlow Subinterface Support

Microsoft s Cloud Networks

Data Center Use Cases and Trends

CS 188/219. Scalable Internet Services Andrew Mutz October 8, 2015

MPLS is the enabling technology for the New Broadband (IP) Public Network

A Link Load Balancing Solution for Multi-Homed Networks

How Solace Message Routers Reduce the Cost of IT Infrastructure

ZEN LOAD BALANCER EE v3.04 DATASHEET The Load Balancing made easy

Transcription:

What s happening? Cloud Scale Load Balancing Ananta: Cloud scale load balancing, Parveen Patel et.al; SIGCOMM 03 Duet: Cloud scale Load Balancing with hardware and sojware, Rohan Gandhi, et.al; SIGCOMM 04 Slides taken from SIGCOMM presentapon Cloud Services Azure (), AWS (Amazon), Google Cloud PlaWorm (Google) MulP- tenant Huge Compute Capacity Needs to be shared with high utlizapon Spread requests over compute/storage resources Load balancer in the front end Windows Azure - Some Stats More than 50% of Fortune 500 companies using Azure Nearly 000 customers signing up every day Hundreds of thousands of servers We are doubling compute and storage capacity every 6-9 months Azure Storage is Massive over 4 trillion objects stored Scaling VerPcal scaling (scale up) vs Horizontal scaling (scale out) VerPcal scaling More resource/capacity to a node/switch/server Increase power of resource, bigger Reliability Horizontal scaling More independent elements/nodes to a system Increase resources, more of the same Distributed state failover

Load balancing RotaPng DNS Configure DNS to return different IP addresses for the same name resolupon www.yahoo.com - - - x.y.z., x.y.z.. Advantages, Layer 3.. Scales Disadvantages: DNS does not know the load or the health of the servers Cannot use heterogeneous load balancing policy Most load balancers are switch based. Layer4- Layer7 Layer 4 LB/switching Switch is configured to have virtual IP address (VIP) This is the IP address that the DNS retrurns for the name Switch configured based on policy to determine which actual server the SYN is forwarded Can be based on despnapon port# (80 for hlp, for SMTP, etc) Acts as a despnapon- NAT Return packets come to switch and the Source address changed back to VIP Layer 4 LB Layer 4 LB VIP=4...6 VIP VIP- P DIP DP 4...6 80 0...3 80 4...6 0...4 0...3 0...4 0...5 0...6 Port aware Switching decisions based on TCP SYN DesPnaPon NAT Return packets need to come back to the switch/lb Need to act as Source NAT as well LB becomes bolleneck

Direct path to sender With a NAT box technique for rewripng, packets need to return to the switch Beler to avoid going back to the LB on the return path Direct return to sender Need IP- in- IP encapsulapon Layer 4 vs layer 7 load balancing Layer 4 LB based on TCP header only Layer 7 LB examines the content and then decides the server. Based on hlp requests. Layer 7 switches need to terminate TCP connecpons LB needs to wait for hlp request before deciding on the binding External Client terminates TCP connecpon at switch AJer applicapon level request, binding determined to applicapon server. The client spll need to see the same sequence numbers coming from the applicapon server Need to imitate the same connecpon as the switch. TCP Splicing client L7 switch server SYN(CSEQ) step SYN(DSEQ) ACK(CSEQ HTTPREQ(CSEQ+) +) ACK(DSEQ+) step4 step5 step6 DATA(DSEQ+) step7 ACK(CSEQ+HTTPREQ+) step8 ACK(DSEQ + HTTPRES + ) step step3 SYN(CSEQ) SYN(SSEQ) ACK(CSEQ+) HTTPREQ(CSEQ+) ACK(SSEQ +) DATA(SSEQ+) ACK(CSEQ+HTTPREQ+) ACK(SSEQ+ HTTPRES+). Ananta in a nutshell Is NOT hardware load balancer code running on commodity hardware Is distributed, scalable architecture for Layer- 4 load balancing and NAT Has been in producpon in Bing and Azure for three years serving mulpple Tbps of traffic Key benefits Scale on demand, higher reliability, lower cost, flexibility to innovate 3

Background: Inbound VIP communicapon How are load balancing and NAT used in Azure? Internet LB Client à VIP VIP =..3.4 Terminology: VIP Virtual IP DIP Direct IP Client à DIP DIP = 0.0.. DIP = 0.0.. DIP = 0.0..3 LB load balances and NATs VIP traffic to DIPs Background: Outbound (SNAT) VIP communicapon VIP traffic in a data center..3.4 à 5.6.7.8 Total Traffic VIP Traffic VIP Traffic L B VIP =..3.4 DIP à 5.6.7.8 LB VIP = 5.6.7.8 VIP à DIP VIP Traffic 44% DIP Traffic 56% Intern et Inter- 4% DC 6% Intra- DC 70% Outbo und 50% Inbou nd 50% DIP = 0.0.. Back- end DIP = 0.0..0 DIP = 0.0.. DIP = 0.0.. DIP = 0.0..3 Service Service 4

Why does our world need yet another load balancer? Requirem ent TradiPonal LB/NAT design does not meet cloud requirements Details Scale Throughput: ~40 Tbps using 400 servers 00Gbps for a single VIP Configure 000s of VIPs in seconds in the event of a disaster Reliability N+ redundancy Quick failover State- of- the- art 0Gbps for $80,000 Up to 0Gbps per VIP One VIP/sec configurapon rate + redundancy or slow failover Any Servers and LB/NAT are placed across L service boundaries for scalability and flexibility anywhere Tenant isolapon An overloaded or abusive tenant cannot affect other tenants NAT and Direct Server Return (DSR) supported only in the same L Excessive SNAT from one tenant causes complete outage Key idea: decompose and distribute funcponality VIP ConfiguraPon: VIP, ports, # DIPs MulPple xer Controlle Controlle Ananta Manage r r r Switch N MulPplex er Switch MulPplex er N Switch N SoJware router (Needs to scale to Internet bandwidth) s (Scales naturally with # of servers) MulPple xer Switch N Ananta: data plane MulPplex er Switch N MulPplex er Switch N st Tier: Provides packet- level (layer- 3) load spreading, implemented in routers via ECMP. nd Tier: Provides connecvon- level (layer- 4) load spreading, implemented in servers. 3 rd Tier: Provides stateful NAT implemented in the virtual switch in every server. 5

Inbound connecpons Outbound (SNAT) connecpons Client Packet Headers Rout Rout Rout er er er Dest: Src: VIP Clie nt MU X Dest: Src: Dest: Src: DIP M VIP Clie ux nt 3 8 4 7 6 5 DIP Server VIP:05 à DIP Packet Headers Dest: Src: Client VIP Packet Headers Dest: Src: Server:80 VIP:05 Dest: Src: Server:80 DIP:5555 Fastpath: forward traffic Data Packets VIP SOURCE=VIP VIP SYN DIP DIP Fastpath: return traffic Data Packets VIP SOURCE=VIP DEST=VIP VIP 4 SYN 3 SYN- ACK DIP DIP DesPnaPon DesPnaPon 6

Fastpath: redirect packets VIP Redirect Packets Data Packets 6 7 7 5 ACK DIP Fastpath: low latency and high bandwidth for intra- DC traffic VIP Redirect Packets Data Packets 8 DIP VIP DIP VIP DIP DesPnaPon DesPnaPon Impact of Fastpath on Mux and CPU % CPU 60 50 40 30 0 0 0 55 No Fastpath Fastpath 3 0 Mux Lessons learnt Centralized controllers work There are significant challenges in doing per- flow processing, e.g., SNAT Provide overall higher reliability and easier to manage system Co- locapon of control plane and data plane provides faster local recovery Fate sharing eliminates the need for a separate, highly- available management channel Protocol semanpcs are violated on the Internet Bugs in external code forced us to change network MTU Owning our own sojware has been a key enabler for: Faster turn- around on bugs, DoS detecpon, flexibility to design new features Beler monitoring and management 7

LB architecture Duet: Cloud scale LB with hardware and SoJware Hardware vs sojware LB LimitaPons of SW LB SoJware LB Horizontal Scaling Distributed deployment High availability Slow, latency penalty Hardware Fast, low latency Costly VerPcal scaling Failover difficult 8

Basic idea of using HW LB Use Commodity switches as LB Use forwarding tables already available Use switch resources But Limited table space ParPPon VIP space (make many switches to work as Hardware LB) But Need to route VIP traffic to these switches Deal with failures of switches ImplemenPng HMux on switch Make use of ECMP table and Tunneling Split traffic across DIPS Forward VIP traffic to DIPs Limited S/W memory Availability VIP assignment VIP migrapon Challenges Switches have limited memory Workload: 64K VIPS or more; Millions of DIPs Table Forwarding table ECMP Tunnel Size 6K 4K 5 9

ParPPon VIPs across HLBs Availability? Block of VIPs not accessible? Use SoJware backup Use SoJware LB as a backup SoJware LBs announce a aggregated prefix SoJware LBs can handle enpre range of VIPs like Ananta On failure, a more general prefix routed to SoJware LB 0

Performance Availability Cost effecpve Summary Advantages Use commodity switches Use small # sojware LB as backup Low latency, low cost Disadvantages Traffic redirecpon, link upl high on path to LB switches Fixed mapping of VIPs to DIPs Does not exploit locapon of S, D

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information