Apache Traffic Server Extensible Host Resolution

Similar documents
DEPLOYMENT GUIDE Version 1.0. Deploying the BIG-IP LTM with Apache Tomcat and Apache HTTP Server

Lab 5 Explicit Proxy Performance, Load Balancing & Redundancy

Deploying the BIG-IP System v11 with LDAP Servers

Web Application Hosting Cloud Architecture

Deployment Topologies

FAQ: BroadLink Multi-homing Load Balancers

DNS. The Root Name Servers. DNS Hierarchy. Computer System Security and Management SMD139. Root name server. .se name server. .

Global Server Load Balancing

GLOBAL SERVER LOAD BALANCING WITH SERVERIRON

The secret life of a DNS query. Igor Sviridov <sia@nest.org>

DNS SRV Usage June 22, 2011

Cloud Computing at Google. Architecture

Implementing Reverse Proxy Using Squid. Prepared By Visolve Squid Team

A distributed system is defined as

How Comcast Built An Open Source Content Delivery Network National Engineering & Technical Operations

Understanding Slow Start

Table of Contents. Chapter 1: Installing Endpoint Application Control. Chapter 2: Getting Support. Index

Architecture and Data Flow Overview. BlackBerry Enterprise Service Version: Quick Reference

Apache Tomcat. Load-balancing and Clustering. Mark Thomas, 20 November Pivotal Software, Inc. All rights reserved.

q for Gods Whitepaper Series (Edition 7) Common Design Principles for kdb+ Gateways

Chapter 1 - Web Server Management and Cluster Topology

Lecture 8a: WWW Proxy Servers and Cookies

Hypertable Architecture Overview

CSE 473 Introduction to Computer Networks. Exam 2 Solutions. Your name: 10/31/2013

TFE listener architecture. Matt Klein, Staff Software Engineer Twitter Front End

Local DNS Attack Lab. 1 Lab Overview. 2 Lab Environment. SEED Labs Local DNS Attack Lab 1

FortiOS Handbook - Load Balancing VERSION 5.2.2

Application Note. SIP Domain Management

CS514: Intermediate Course in Computer Systems

WhatsUpGold. v3.0. WhatsConnected User Guide

Global Server Load Balancing (GSLB) Concepts

ExamPDF. Higher Quality,Better service!

A programming model in Cloud: MapReduce

A Link Load Balancing Solution for Multi-Homed Networks

HUAWEI OceanStor Load Balancing Technical White Paper. Issue 01. Date HUAWEI TECHNOLOGIES CO., LTD.

Detecting rogue systems


Lecture 3: Scaling by Load Balancing 1. Comments on reviews i. 2. Topic 1: Scalability a. QUESTION: What are problems? i. These papers look at

IERG 4080 Building Scalable Internet-based Services

WEBTITAN CLOUD. User Identification Guide BLOCK WEB THREATS BOOST PRODUCTIVITY REDUCE LIABILITIES

Common Server Setups For Your Web Application - Part II

Deploying the BIG-IP System v11 with DNS Servers

Security Design.

Load Balancing Web Applications

This guide provides detailed information on how to configure and use server redundancy on Yealink IP phones.

DEPLOYMENT GUIDE Version 1.2. Deploying the BIG-IP System v10 with Microsoft IIS 7.0 and 7.5

Apache Tomcat Clustering

Load Balancing. FortiOS Handbook v3 for FortiOS 4.0 MR3

Hosting more than one FortiOS instance on. VLANs. 1. Network topology

CNS-207 Implementing Citrix NetScaler 10.5 for App and Desktop Solutions

BlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: Security Note

Configuring Apache HTTP Server as a Reverse Proxy Server for SAS 9.3 Web Applications Deployed on Oracle WebLogic Server

DEPLOYMENT GUIDE Version 1.2. Deploying F5 with Oracle E-Business Suite 12

C#5.0 IN A NUTSHELL. Joseph O'REILLY. Albahari and Ben Albahari. Fifth Edition. Tokyo. Sebastopol. Beijing. Cambridge. Koln.

How To Set Up Wiremock In Anhtml.Com On A Testnet On A Linux Server On A Microsoft Powerbook 2.5 (Powerbook) On A Powerbook 1.5 On A Macbook 2 (Powerbooks)

Introduction to the Domain Name System

Getting Started with AWS. Hosting a Static Website

Citrix NetScaler Global Server Load Balancing Primer:

Ping Device Driver Help Schneider Electric

Lesson Plans Managing a Windows 2003 Network Infrastructure

Fundamentals of Windows Server 2008 Network and Applications Infrastructure

DEPLOYMENT GUIDE Version 2.1. Deploying F5 with Microsoft SharePoint 2010

Appendix D: Configuring Firewalls and Network Address Translation

DEPLOYMENT GUIDE Version 1.1. Deploying F5 with Oracle Application Server 10g

Configuring Nex-Gen Web Load Balancer

ECE 4321 Computer Networks. Network Programming

Availability Digest. Redundant Load Balancing for High Availability July 2013

FortiBalancer: Global Server Load Balancing WHITE PAPER

The Domain Name System

IBM Software Group Enterprise Networking Solutions z/os V1R11 Communications Server

DNS Update API November 15, 2006 Version 2.0.3

Application Layer. CMPT Application Layer 1. Required Reading: Chapter 2 of the text book. Outline of Chapter 2

Installing and Configuring vcloud Connector

Network File System (NFS) Pradipta De

High Availability Solutions for the MariaDB and MySQL Database

This guide provides detailed information on how to configure and use server redundancy on Yealink IP phones.

IBM Endpoint Manager Version 9.1. Patch Management for Red Hat Enterprise Linux User's Guide

Understand Names Resolution

Techniques for implementing & running robust and reliable DB-centric Grid Applications

NEFSIS DEDICATED SERVER

Configuring Failover

"Charting the Course... Implementing Citrix NetScaler 11 for App and Desktop Solutions CNS-207 Course Summary

Deploying the BIG-IP System v10 with Oracle Application Server 10g R2

DNS ROUND ROBIN HIGH-AVAILABILITY LOAD SHARING

Job Reference Guide. SLAMD Distributed Load Generation Engine. Version 1.8.2

Troubleshooting BlackBerry Enterprise Service 10 version Instructor Manual

Apache Tomcat. Tomcat Clustering: Part 2 Load balancing. Mark Thomas, 15 April Pivotal Software, Inc. All rights reserved.

Presented by Greg Lindsay Technical Writer Windows Server Information Experience. Presented at: Seattle Windows Networking User Group April 7, 2010

Disaster Recovery White Paper

DMZ Network Visibility with Wireshark June 15, 2010

Name Services (DNS): This is Quick rule will enable the Domain Name Services on the firewall.

Lecture 8a: WWW Proxy Servers and Cookies

Monitoring Nginx Server

Glossary of Technical Terms Related to IPv6

Copyright

Transcription:

Apache Traffic Server Extensible Host Resolution at ApacheCon NA 2014

Speaker Alan M. Carroll, Apache Member, PMC Started working on Traffic Server in summer 2010. Implemented Transparency, IPv6, range acceleration, yada yada yada Works for Network Geographics Provides ATS and other development services Network Geographics at ApacheCon NA 2014 2

Outline Current state of things. Design and Implementation. Not just an API upgrade. Example extensions / use cases. Network Geographics at ApacheCon NA 2014 3

Current status HOSTDB / DNS Network Geographics at ApacheCon NA 2014 4

Resolution Services Resolve host names ( FQDN ) to IP addresses. Fully Qualified Domain Name HostDB caches resolutions for performance. Persistent across process restarts. DNS performs DNS queries (packet level) Partially handles some additional features Round robin Split DNS Handles IPv4, IPv6, SRV to some extent. Network Geographics at ApacheCon NA 2014 5

Host Resolution HTTP state machine creates query for FDQN. HostDB does look up and returns data if found. Otherwise the query is passed to the DNS and a network query is done. HTTP state machine gets raw data, handles server retries and round robin. Network Geographics at ApacheCon NA 2014 6

What s the point? High performance is not possible if doing a DNS query for every transaction. Need more control than available from standard OS host resolution calls. Control latency / retries. Non-blocking. May require specialized DNS for Traffic Server. Network Geographics at ApacheCon NA 2014 7

What s the problem? Short answer it s a mess. Resolution logic is spread between transaction state machine and HostDB. Example: had to change SM for TS-1422 Little modularity inside HostDB. Mishmash of data structures for IPv4, IPv6, SRV records segregated by hash fiddling. Network Geographics at ApacheCon NA 2014 8

More problems Very difficult to upgrade or change Logic is hardwired, not accessible via any API This means changes require expertise in ATS core. Few configuration options. Fixed sized heap allocation Configured at process start. Must configure size and count (inode problem). Bad things happen if size exceeded. Network Geographics at ApacheCon NA 2014 9

Doing Better Remove address resolution state from HTTP state machine. Plugin address provisioning. Customized DNS querying. Other address sources (file/database/yp/etc.). Filter and re-order addresses. Extensible data associated with addresses or FQDN. Remove requirement for core expertise. Network Geographics at ApacheCon NA 2014 10

Take a bow for the new Resolution HOST RESOLUTION ARCHITECTURE Network Geographics at ApacheCon NA 2014 11

Style API Minimal. Orthogonal. Consistent. No limits on extensions. Maintainable. Clean separation of framework from function. Network Geographics at ApacheCon NA 2014 12

Features Plugins for host resolution. Access to external address data. Filtering and control of resolved addresses. Simple interface for HTTP state machine Generator / forward iterator style. Maintain current functionality, modularized. Minimize performance loss. Asynchronous. Network Geographics at ApacheCon NA 2014 13

Design Elements Framework Traffic Server core. Host Query Database Traffic Server core. Host Resolution Provider plugin. Host Resolver rooted tree of providers. Network Geographics at ApacheCon NA 2014 14

Package Layout The ATS core has the framework and the HQD. Providers are contained in user created plugins. Network Geographics at ApacheCon NA 2014 15

Host Resolver A host resolver is a tree of providers with a root. The root serves as the external interface of the resolver. Network Geographics at ApacheCon NA 2014 16

Host Query Database Indexed by FQDN. Record is set of key/value pairs plus fixed metadata. Plugins must register keys. Values are plugin formatted, opaque to framework. Expiration / reaping by framework. Network Geographics at ApacheCon NA 2014 17

Host Query Database 2 A process persistent store Each provider can store data in a record. This is similar to what is done now but more elegantly, explicitly, and extensibly. A communication channel. Values are cooperative data no access controls. Providers are expected to share data via the HQD. Core plugins will document value format Network Geographics at ApacheCon NA 2014 18

HQD Record Simple hash table mapping from FQDN to a set of key / value pairs. Network Geographics at ApacheCon NA 2014 19

Provider Interface between framework and plugin. Framework calls the plugin via provider instance. All providers must have the address iterator interface. Provider state. Plugin globals. Provider instance. HQD record. Query in HTTP state machine. Network Geographics at ApacheCon NA 2014 20

State data diagram Providers can access data in the plugin (dynamic library) and any internally defined local state. Data for the FQDN of the query is available and a fixed amount of space in the HTTP state machine (transaction) instance. Network Geographics at ApacheCon NA 2014 21

Provider Instance State Support multiple instances of the same underlying provider with distinct configuration. Expected to be relatively inexpensive to have multiple instances of a provider. Network Geographics at ApacheCon NA 2014 22

Provider Query state Need state for each query. Want to avoid allocation, even class allocator. Most providers should need a fixed amount of query state. Provider must export amount of query state required. Network Geographics at ApacheCon NA 2014 23

Framework Query State Therefore we can provide a static buffer in the state machine instance for the query. Buffer size build time configurable. Obvious error message if exceeded. Dynamic storage must be allocated. Framework handles doling out memory to each provider. Framework will call provider for cleanup. Network Geographics at ApacheCon NA 2014 24

Resolver Resolver is a rooted tree of providers. HTTP State machine talks to root provider. Root provider can pass query to descendents. Each provider has complete control of whether any descendent provider is used. Providers share data via the HQD. Network Geographics at ApacheCon NA 2014 25

Query Actions State machine initiates query by invoking framework. Framework locates the HQD record and passes it and the query to root provider. Root provider can provide addresses out of current data or make requests to descendents. Framework also sends IP family preference. ATS HTTP Transaction handle. Network Geographics at ApacheCon NA 2014 26

Query Results Root provider streams addresses to HTTP state machine. HTTP state machine gets addresses as needed. Provider can defer decisions until asked. TBD: does state machine provide feedback to provider on failed addresses? Network Geographics at ApacheCon NA 2014 27

Asynchronicity Provider can return blocked. Therefore queries forwarded to descendent providers can block. Provider can forward multiple blocked queries to different descendent providers. This is how parallelism is done. Provider resume called for each completion on ancestor providers of blocking provider. Network Geographics at ApacheCon NA 2014 28

Asynchronicity 2 Provider that blocks handles continuation and resumption. Must notify framework of resume. Framework calls standard resume method on ancestor providers. The resume method can return blocked to indicate the framework should wait for further continuation completions. Network Geographics at ApacheCon NA 2014 29

Locking Global lock for HQD for table lookup/modify. Per record lock for local access. Lock is held for query by framework. Lock is released if root provider is blocked. Network Geographics at ApacheCon NA 2014 30

Expiration Expiration time for record in fixed metadata. Providers can record additional timeouts. Providers control whether stale data is used. Framework cleans up expired records not in use. Serious issue for forward proxies. Network Geographics at ApacheCon NA 2014 31

Open HQD HQD API is available to any plugin. Intended for external address control not directly involved with host resolution. E.g. external updates to propagate to HQD. Network Geographics at ApacheCon NA 2014 32

Persistence Not in standard / default configuration. Can be useful for quicker restarts. More useful for reverse proxies. Requires either Persistence of HQD key registration values. Key / ID table and conversion on load. Network Geographics at ApacheCon NA 2014 33

Core Providers DNS Host file Round robin Failover Split DNS Network Geographics at ApacheCon NA 2014 34

RESOLVER EXAMPLES Network Geographics at ApacheCon NA 2014 35

DNS Performs DNS queries to an external resolver. Stores results in HQD under ipv4 or ipv6 Provides addresses in order of returned record. Each provider locked to a specific name server. Network Geographics at ApacheCon NA 2014 36

Host File Loads standard Unix host file to HQD. Handles external file update / synchronization. This is its main function. Can act as pass through or an unaccessed leaf. Network Geographics at ApacheCon NA 2014 37

Round Robin Cycles HQD address data. Will forward to another provider for data. Shift by time or query count. Network Geographics at ApacheCon NA 2014 38

Failover Requires descendent DNS providers. Monitors external query success. Only uses one descendent at a time. Shifts among descendents based on availability. Network Geographics at ApacheCon NA 2014 39

Split DNS Requires descendent providers. Returns data if found. Otherwise selects descendent provider based on split rules. Network Geographics at ApacheCon NA 2014 40

Gatherer Requires DNS provider. Requests IPv4 and IPv6 addresses in parallel. May also be used to parallel request across multiple DNS servers for performance. Network Geographics at ApacheCon NA 2014 41

Simple Load Balancer Requires descendent providers for addresses. Permutes address data based on balancing rules. Client IP address Query counts URL Network Geographics at ApacheCon NA 2014 42

Active Load Balancer Requires descendent providers. Or not? Derive from load data? Uses external data about current server loads. Store in global state or HQD. Iterates addresses in inverse proportion to server loads. Network Geographics at ApacheCon NA 2014 43

Resolver Structure HostFile is used to inject the /etc/hosts files but otherwise not directly used. IPv4 is done in parallel for performance and redundancy. Network Geographics at ApacheCon NA 2014 44

Walkthrough Root provider receives query. It uses the HQD handle to check for address information but does not find any. It forwards the query to an IPv6 provider which returns blocked. The ALB then forwards the query to the SplitDNS. It decides to forward the query to one of its IPv4 providers. This also returns blocked which SplitDNS returns and then the ALB returns. When the DNS plugin receives a DNS reply it calls the framework to resume query processing. The framework in turns calls resume on the appropriate DNS provider and up the ancestors of that provider. Network Geographics at ApacheCon NA 2014 45

Other Fundamental point all of these can be replaced by user without changes to core. Users can build tweaked versions based on core provider plugin code. Much lower barrier to entry to work on plugin code vs. core code. Network Geographics at ApacheCon NA 2014 46

descendent information address providers APPENDIX Network Geographics at ApacheCon NA 2014 47

Current Status Basically this slideware. Overall design done Waiting for time / funding to begin implementation. Thanks to Openwave for initial design funding. Network Geographics at ApacheCon NA 2014 48

Open Design Issues Feedback from server connect fails Should the provider be told? Does iteration suffice? Handling overlapping requests for same FQDN from different transactions. Fixed metadata for records Expiration Last modified? Last accessed? Network Geographics at ApacheCon NA 2014 49

Resources ATS has online documentation, a wiki, mailing lists, bug tracker, and IRC channel. Access these via http://trafficserver.apache.org Active community become involved! NG Consulting services http://network-geographics.com Network Geographics at ApacheCon NA 2014 50

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information