2004-04-17-inflow
Download
Report
Transcript 2004-04-17-inflow
High Availability Website
Architecture
www.inflow.com
877-2INFLOW
Agenda
•
•
•
•
•
•
•
•
Introduction
Example ASP implementations
Why build redundancy?
Site components
Proof of concept phase
Adding redundancy layer-by-layer
Typical Endpoint
Global Site Load Balancing (GSLB)
Introduction
• Who is Inflow?
– Inflow is a leading provider of carrier-neutral datacenter and
outsourced IT services
– 13 datacenter locations across the U.S
– ISO9001:2000 Certified
– Services:
• Colocation and Application Hosting
• Business Continuity/Disaster Recovery
• IT Consulting
Sample Customers
has divested Its
Enterprise Data Center Mgt
Customer
Nashville IDC
Speech Solutions Business
to
Application
Hosting
Business Continuity
Customer
San Diego,
Phoenix IDCs
$34,500,000
has divested its
has acquired the
Application Hosting
Business Continuity
Customer
Application Hosting
Customer
Philadelphia IDC
Denver IDC
Denver IDC
Denver IDC
Confidential
September 2001
July 2002
Business Continuity
Customer
has been acquired by
Application Hosting
Customer
Application Hosting
Business Continuity
Customer
Application Hosting
Customer
Application Hosting
Customer
Phoenix IDC
Austin IDC
Portland IDC
Application Hosting
Customer
Minneapolis IDC
Enterprise Data Center Mgt
Customer
Minneapolis IDC
Local Customers
Example ASP implementations
• Logistics ASP
– Schedules and tracks shipments
– Rating estimates
– Load and route optimization
• Construction Project Management ASP
– Scheduling, planning, status and reporting
• Maintenance ASP
– Tracks costs, PM events
– Reporting
– Alerting
Why build redundancy?
• Clinical disasters are more frequent than
catastrophic disasters
• Examples:
– User headspace error
– Fat finger of death
– Hardware (hard disk drive) failure
– Plumbing issue above server room
– Power issues
– Network outages
Components
•
•
•
•
•
Utility Services
Network equipment
Database layer
Application layer
Web layer
Component - Utility Services
• Internet Service Provider(s) who provide
“ping”
• Power
– Internal redundancy via generator and UPS
• Competitive Local Exchange Carriers
(CLECs) who provide “pipes”
Power Redundancy
• Phase synching generators is expensive and complex
– Use a split block approach – redundant engines
powering a single generator
• UPS provides power for 5-10 seconds while generator
comes online
• Manage phases
– Evenly load phases – use ampmeter to meter
– Breakers should trip at 80% of rating
– Manage sustained load on redundant power supplies
at <40% of rating
Component - Network equipment
• Routers (including CSU/DSUs)
– Border Gateway Protocol 4 (BGP4) is the standard edge routing
protocol
– Cisco routers use Hot Spare Router Protocol (HSRP)
– Other vendors use Virtual Router Redundancy Protocol (VRRP)
• Firewall(s)
– Plan to add redundancy during your early stages
– See www.icsalab.net for a list of lab reports on firewalls
• Switches
– Multiple VLANs on redundant Switches can be trunked together
on a single port (or set of ports) using IEEE802.1q or ISL (Ciscoproprietary) trunking
• Network Interface Cards
– NICs can be “teamed” for redundancy
Component - Database layer
• Storage intensive
• Most difficult and expensive to:
– Make redundant
– Backup
– Modify, upgrade and/or change
• Examples:
–
–
–
–
IBM DB2
Oracle
MySQL
PostgreSQL
Component - Application layer
• Processes business logic
• Assembles data for publication to weblayer
• Examples:
– ATG Dynamo
– BEA Weblogic
– IBM Websphere (Network Deploy)
Component - Web Layer
• Publication engine
• Examples:
– Apache
– Netscape Enterprise Server
– IBM HTTP Server
– Sun IPlanet
Proof of Concept Phase
Proof of Concept Phase
• Typically “garage built”
• Redundancy isn’t key
• Getting the site working, tuned out and
ready to launch is key
• Typically not acceptable for bet-the-bank
applications
Network Redundancy
Network Redundancy
• Multiple ISPs
– Use Border Gateway Protocol 4 (BGP4) for route
determination
• Multiple CLECs
– Difficult to get Type I (eg: not resold Verizon) circuits
– Difficult to get onto redundant SONET rings
• Multiple routers
• Redundant switching
Web Layer Redundancy
Web Layer Redundancy
• Easiest layer to make redundant
• Horizontally scalable
• Usually start making all components redundant
– Firewall
– Layer 2 Switching
– Local Server Load Balancers (LSLB)
LSLB Terms and Concepts
•
•
•
•
•
•
•
•
Virtual Router Redundancy Protocol (VRRP)
Virtual IP Address (VIP) – What the world sees
Real IP Address (RIP) – Each of the load balanced servers
Least Connections – Ability of LSLB to dish out sessions to the RIP
with least number of active connections
Stickiness or Persistance – Sticking a client to the same Webserver
through the entire session
SSL Acceleration
LSLB does constant health checks of servers and will automatically
pass new connections to survivors
LSLB strips the requesting client IP and replaces it with its own IP
when sending to the Webserver.
Challenges to Persistance
• Meta Proxy Servers that frequently change
source IP
– AOL
– MSN
• LSLB can’t read a cookie in an encrypted
payload of an SSL packet
• Short SSL Session ID Timer (IE 5+)
SSL Acceleration
•
•
•
•
•
•
•
•
•
Add-on feature
– Saves labor by not having to admin so many Webservers, certificates,
etc
– Cures Stickiness/Persistance issues by decrypting the payload and
allowing use of cookies that the LSLB can read
Client sends https request to VIP
LSLB passes to Accelerator
Accelerator decrypts and passes back to LSLB in http
LSLB reads payload (cookie) and passes to appropriate RIP
RIP responses to request through LSLB
LSLB passes to Accelerator for encryption
Accelerator encrypts and passes back to LSLB in https
LSLB responds to requesting client in https
Application Layer Redundancy
Application Layer Redundancy
• Usually accomplished through software
– Have to buy additional licensing
• Might also be accomplished through LSLB
– App servers can become RIPs
– Webservers are the clients
• Choose carefully
– Is the app server J2EE compliant? (May not be very portable)
– How is it licensed? (Could get expensive later)
– Does it provide session state to the webservers? (Session state
could make LSLB easier)
Database Layer Redundancy
Database Layer Redundancy
•
•
•
Requires OS support
– Red Hat Cluster Suite on Enterprise Linux AS or ES
– Veritas Cluster Server on RH Enterprise Linux AS or ES
– MS Cluster Services – part of Enterprise Server 2003
Shared Storage
– Shared LUN for the Quorum
– LUN for data
– Direct Attached SCSI limits to two (2) nodes
– Fiber Channel SAN allows more nodes depending on implementation
• Hint: Get a FC fabric
• Hint: make a dual path to take advantage of both SPs
Heartbeat between servers – hint: make redundant
Typical endpoint
Global Site Load Balancing (GSLB)
• Can be done on LSLB hardware
• Content Distribution Network (CDN) Providers are a
better solution
– Akamai
– Speedera
• CNAME your site to CDN provider
• Can weight traffic between sites
• Latency due to physical factors (eg: speed of light)
dictates that synchronous hot sites be within 60 miles of
each other
Reference Sites
•
•
•
•
•
•
•
•
•
•
•
•
•
•
BEA Supported Platforms: http://edocs.bea.com/platform/docs81/support/supp_plat.html
ATG Supported Platforms: http://www.atg.com/en/products/requirements/atg_62.jhtml
IBM Websphere Supported Platforms: http://www106.ibm.com/developerworks/websphere/downloads/WASsupport.html
IBM Websphere Application Server Network Deployment http://www306.ibm.com/software/webservers/appserv/was/network/
IBM DB2: http://www14.software.ibm.com/webapp/download/search.jsp?rs=db2pde
IBM HTTP Server: http://www-306.ibm.com/software/webservers/httpservers/
Red Hat Cluster Suite: http://www.redhat.com/software/rha/cluster/
Red Hat Enterprise Linux: http://www.redhat.com/software/rhel/
Sun Java System Web Server: http://wwws.sun.com/software/products/web_srvr/datasheet.html
Alteon Websystems: http://www.nortelnetworks.com/products/01/alteon/index.html
Veritas Cluster Server: http://www.veritas.com/Products/www?c=product&refId=20
Oracle on Linux: http://www.oracle.com/technologies/linux/
Netscape Enterprise Servers: http://enterprise.netscape.com/
eWeek article on MySQL Clustering http://www.eweek.com/article2/0,1759,1565415,00.asp