Data Center Networking Server Load Balancing Server Offload (SSL/HTTP Compression)
Global server load balancing
-
Upload
grodzinski -
Category
Education
-
view
5.786 -
download
18
description
Transcript of Global server load balancing
Global Server Load Balancing {GSLB}Global Server Load Balancing {GSLB}
Presented By Don Williams
Manager Escalation / TRM
Citrix Application Networking Group
Assistant Presenter
Seema Vaibhav Dubey
Lead Escalation Engineer/TRM
Citrix Application Networking Group
Presented By Don Williams
Manager Escalation / TRM
Citrix Application Networking Group
Assistant Presenter
Seema Vaibhav Dubey
Lead Escalation Engineer/TRM
Citrix Application Networking Group
2© 2007 Citrix Systems, Inc. — All rights reserved
Agenda
GSLB Overview
GSLB Operation
Decision Logics
Configuration
Demonstration
3© 2007 Citrix Systems, Inc. — All rights reserved
GSLB Overview
• Load balances services between geographically distributed locations
• Typical uses include:• Distribution of network traffic across multiple sites• Reduction of application latency• Distribution of server load across multiple sites• Disaster recovery
• Operates under many of the same general principles as LB but relies on DNS for directing client requests
• GSLB is a way to share the state & status of various geographically distributed servers and balance the load
4© 2007 Citrix Systems, Inc. — All rights reserved
DNS Features• Record Types
• AAAA, A, CNAME, NS, PTR, SRV, SOA
• Recursion• Ability to look up addresses not owned by the NS
• Negative Caching• Only happens in proxy mode
• Any Queries• Respond to queries with type any
• Delegation with NS records
• DNS Views• Internal and External clients
• Interface DNS expression
• Interface throughput
5© 2007 Citrix Systems, Inc. — All rights reserved
Agenda
GSLB Overview
GSLB Operation
Decision Logics
Configuration
Demonstration
6© 2007 Citrix Systems, Inc. — All rights reserved
GSLB Typical DesignGlobal Server Load Balancing (GSLB) addresses the needs of a distributed
Internet environment with Citrix NetScaler systems located in different
geographic locations
Florida
www.testlab.com Vgslb
VslbA
192.168.100.11:80
172.206.65.10:80
172.206.65.11:80
Atlanta VslbB
192.168.100.12:80
svc1a
svc2a
svc1bsvc2b
Private IP
172.22.8.100:80
Private IP
172.22.8.200:80
Public IP
1.1.1.1
Public IP
2.2.2.2
Allows to configure the system to direct DNS requests, from a client, to
the best performing GSLB Site in a distributed Internet environment
7© 2007 Citrix Systems, Inc. — All rights reserved
GSLB Entities
• Built on NetScaler load balancing environment and entity model
• GSLB entities in the NetScaler environment (descending hierarchy)GSLB domain: Publicly resolvable domain (zone) the GSLB
deployment responds as
GSLB site: Top level entity for linking remote sites, sharing monitoring data. IP needs to be an NS owned address (MIP, SNIP)
GSLB vserver: Linked to GSLB services, is the decision intermediary for directing clients’ requests to one of the site’s LB vservers.
GSLB service: Monitoring link to the vserver to be load balanced
vserver: Represents the servers and services being LB’d to clients
service: Links to & monitors the service/server (http, https, etc) fronted by the vserver
8© 2007 Citrix Systems, Inc. — All rights reserved
GSLB Communications: Monitoring
• MEP: Metric Exchange Protocol• Netscaler Internal Protocol to exchange state and health information
over a TCP session, enabled by default
• Connection establishment involves a secure RPC method
• Connection is initiated from Lower site IP using NSIP by default
• Port 3011 or 3009 {secure} on site’s public IP needs to be allowed on any blocking firewall
• Site to site monitoring• Distributes site metrics, network metrics, persistence information
• DNS queries get best suited response based on configured algorithm and information gathered through MEP
9© 2007 Citrix Systems, Inc. — All rights reserved
GSLB Communications: Monitoring
• MEP can be disabled, but limits GSLB methods to RR, static proximity, source IP hash. All other methods revert to RR when MEP is off/inactive.
set gslb site siteA –metricExchange DISABLED
• Monitoring• Only states Up or Down are learnt
• Status is assumed to be equally good
• Each DNS query gets the IP address of various participating GSLB sites in a round robin fashion
• Advanced Monitors• Extended Content Verification {ECV}
• User Scriptable Monitors
10© 2007 Citrix Systems, Inc. — All rights reserved
GSLB MEP Dependencies
GSLB Methods MEP Enabled MEP Disabled
Active *InActive
Round Robin As Defined As Defined As Defined
Static Proximity As Defined As Defined As Defined
SRCIP Hash As Defined As Defined As DefinedRTT(Dynamic
Proximity) As Defined RR RR
Least Conns As Defined RR RR
Least Packets As Defined RR RR
Least Bandwidth As Defined RR RR
Least Response As Defined RR RR
* In the preceding table, MEP is enabled but is inactive due to external factors. For example, bad network connections, firewalls dropping packets, or mismatch in MEP configuration.
11© 2007 Citrix Systems, Inc. — All rights reserved
DNS Methods
• Authoritative config: NetScaler answers the DNS query• Each NetScaler is locally configured for an authoritative GSLB domain.
Create DNS records for each site in the configuration
• Supported DNS record types: NS, A, AAAA, CNAME, MX, PTR, SRV and SOA
• Zone transfers not supported
• One or all NetScalers can be set to participate as authoritative
• Proxy config: NetScaler passes domain requests to backend DNS server• If the NetScaler is authoritative for the requested zone, the NetScaler
responds to the query
• If the request is for a zone that is within the GSLB domain, the NetScaler responds with the address of optimal vserver in GSLB domain
12© 2007 Citrix Systems, Inc. — All rights reserved
DNS Options• DNS response options (set per gslb vserver)
• MIR: Multi-IP Response, lookup returns all active VIPs with optimal VIP first in the response
• EDR: Empty Down Response, if returned VIP is down, send positive response but no records
• Backup Site • A site can be assigned to take over when all primary sites are
down> bind gslb vserver gslb_VIP_A –domain www.gslbdomain.com –backupip 205.18.145.12
• When all the services behind this vserver go down, the GSLB domain will resolve to the backup site’s IP address
12
13© 2007 Citrix Systems, Inc. — All rights reserved
DNS views
• Internal and External clients• add dns view privatesubnet
• bind gslb service GSLB_SVC1 -view privatesubnet 192.168.10.25
• add dns policy pol1 "CLIENT.IP.SRC.IN_SUBNET(192.168.0.0/16)" -view privatesubnet
• bind dns global pol1 1
• Interface DNS expression• Answer based on the interface the request entered
• Interface throughput• Answer based on the throughput of the interface
14© 2007 Citrix Systems, Inc. — All rights reserved
Agenda
GSLB Overview
GSLB Operation
Decision Logics
Configuration
Demonstration
15© 2007 Citrix Systems, Inc. — All rights reserved
GSLB Decision Logics
• Round Robin
• Static Proximity
• Source IP Hash
• Dynamic Proximity {RTT}
• Least methods
• Connections
• Packets
• Bandwidth
• Response
16© 2007 Citrix Systems, Inc. — All rights reserved
GSLB Decision Logics: Weighted Load Balancing
• Sites may have different infrastructure (Quantity and Capacity of Servers, bandwidth, etc)
• GSLB will send DNS responses in the ratio of weights associated with sites
• Site weight can be calculated dynamically by making it proportional to back end service count or weight
17© 2007 Citrix Systems, Inc. — All rights reserved
GSLB Decision Logics: Policy Based• Bypass the configured site selection algorithm
• User defined qualifying expressions
• Define policies and actions• Even though LDNS is geographically closer to site-1, point to site-2, where the servers are
less loaded than site-1
• Site Affinity via GSLB Policies• Evaluation of attributes on incoming client LDNS requests to
conditionally direct clients to a specific GSLB site
• Requires content filtering be enabled
• Always globally applied in GSLB
18© 2007 Citrix Systems, Inc. — All rights reserved
GSLB Decision Logics: Proximity Methods • Allows for faster response resulting from
selection of the closest available site• Dynamic Network Proximity (RTT)
• Determine site to send client to based on client’s local DNS (LDNS) proximity to various sites
• Gauged by Round Trip Time to the LDNS host• RTT tolerance factor, LDNS mask & entry timeout used to modify RTT further
• Static Proximity• Determine site to direct client to based on proximity to geographic locations in a
static location database
• Use location commands in configuring and populating the location DB
• Proximity methods require a specific license
19© 2007 Citrix Systems, Inc. — All rights reserved
GSLB Decision Logics: Persistence
• Site Persistence• Ensure LDNS requests are sent the same site and not load
balanced
• Source IP persistence set with: > set gslb vserver gslbvip -persistenceType SOURCEIP –persistenceID <positive_integer>
• Cookie based persistence and connection proxy• Allows setting HTTP level persistence
• Configured on local gslb services with options: -SitePersistence ConnectionProxy
-cookieTimeout <integer>
-CIP ENABLED <cipheader>
20© 2007 Citrix Systems, Inc. — All rights reserved
Agenda
GSLB Overview
GSLB Operation
Decision Logics
Configuration
Demonstration
21© 2007 Citrix Systems, Inc. — All rights reserved
Configuration StepsSteps for Basic Configuration via CLI
1. Create GSLB sites
> add gslb site siteA LOCAL 172.22.8.10
> add gslb site siteB REMOTE 172.22.8.11note: If you want them to use secure connections you must enable this after you add the sites
set ns rpcNode <ip_addr> -secure yes
2. Configure LoadBalancing
> add lb vserver vs1 http 172.22.8.200
> add service svc1 192.168.10.25 http 80
> bind lb vserver vs1 svc1
22© 2007 Citrix Systems, Inc. — All rights reserved
Configuration Steps con’t3. Configure GSLB Load Balancing
> add server GSLB_SRV1 172.22.8.200> add server GSLB_RMT1 172.22.8.100> add gslb vserver GSLB_VS1 http –lbmethod ROUNDROBIN> add gslb service GSLB_SVC1 172.22.8.200 http 80 –
siteName siteA> add gslb service GSLB_RMT1 172.22.8.100 http 80 –
siteName siteB > bind gslb vserver GSLB_VS1 -serviceName GSLB_RMT1> bind gslb vserver GSLB_VS1 -serviceName GSLB_SVC1> bind gslb vserver GSLB_VS1 -domainName www.testlab.com
-TTL 5
Once all sites, vservers, services are reported as up, tailor DNS, GSLB methods, persistence, and site affinity as necessary
23© 2007 Citrix Systems, Inc. — All rights reserved
Configuring DNS: ADNS1. Set up each NetScaler site as an SOA:
> add service gslb_adns_svc 172.22.8.205 adns 53
> add dns soarec www.testlab.com –originServer www.testlab.com –contact noc.testlab.com –serial 1 –refresh 300 –retry 600 – expire 604800 –minimum 3600 –ttl 3600
Repeat on each site with corresponding site values
2. Add DNS records for required addresses within the domain> add dns addrec sitea.testlab.com 172.22.8.10
> add dns addrec siteb.testlab.com 172.22.8.11
Duplicate records on the other sites
24© 2007 Citrix Systems, Inc. — All rights reserved
Configuring DNS: ProxyEnable the NetScaler to query a backend DNS
server
1. Create a DNS vserver:
> add vserver dns_vip dns 172.22.8.205
2. Add DNS service:
> add dns_svc 192.168.10.10 dns 53
3. Bind the two:
> bind lb vserver dns_vip dns_svc
Note: With vserver type DNS we will cache responses for TTL. To disable this use “set dns parameter -cacheRecords NO”
25© 2007 Citrix Systems, Inc. — All rights reserved
GSLB GUI
26© 2007 Citrix Systems, Inc. — All rights reserved
GSLB GUI con’t
27© 2007 Citrix Systems, Inc. — All rights reserved
Adding a Server
28© 2007 Citrix Systems, Inc. — All rights reserved
Add GSLB Service
29© 2007 Citrix Systems, Inc. — All rights reserved
Add GSLB Service con’t
30© 2007 Citrix Systems, Inc. — All rights reserved
Add GSLB Vserver
31© 2007 Citrix Systems, Inc. — All rights reserved
Add GSLB Vserver con’t
32© 2007 Citrix Systems, Inc. — All rights reserved
Add GSLB Vserver con’t
33© 2007 Citrix Systems, Inc. — All rights reserved
Add GSLB Vserver con’t
34© 2007 Citrix Systems, Inc. — All rights reserved
Secure Option
>set ns rpcNode 172.22.8.21 -secure YES
35© 2007 Citrix Systems, Inc. — All rights reserved
DNS Records
> flush dns proxyRecords
36© 2007 Citrix Systems, Inc. — All rights reserved
DNS Records
37© 2007 Citrix Systems, Inc. — All rights reserved
DNS Views
38© 2007 Citrix Systems, Inc. — All rights reserved
DNS Views
39© 2007 Citrix Systems, Inc. — All rights reserved
DNS Views con’t
40© 2007 Citrix Systems, Inc. — All rights reserved
DNS Views
41© 2007 Citrix Systems, Inc. — All rights reserved
DNS Views con’t
42© 2007 Citrix Systems, Inc. — All rights reserved
Agenda
GSLB Overview
GSLB Operation
Decision Logics
Configuration
Demonstration
43© 2007 Citrix Systems, Inc. — All rights reserved
Demonstration• Active-Active configuration
• NetScaler will server IP from two active sites in round robin fashion.
• Active-Standby configuration• NetScaler will server IP from SITEA only unless SITEA goes down
then the IP from SITEB will be served.
• Static Proximity• NS will hand out IP based on SRCIP of the request