I have a load balancer problem. All load balancer configuration examples I have read inspect the client data and bases all load balancing routing decitions on this. I have a different problem. I need to let the application server tell the load balancer that he serves a specific url right now.
Background:
I have around 10000 hardware devices which connects to tomcat servers (by a binary TCP protocol). The tomcat servers are also serving http towards clients who would like to communicate with these devices.
I don't know when the hardware device connects (and I can't identify them on the connection) but I want all http requests from clients, which are directed towards that device to go to that tomcat-server after a device has connected. The hardware devices are load balanced by round robin dns.
Question:
Are there any good http load balancers to which I can let the tomcat server say "hey, device with id xxx just connected, please redirect all traffic towards this device to me"? The http requests are easy to identify. They have the id of the device in the request url.
Any suggestions on load balancers or google queries to make would be appreciated.
Interesting problem you've got there. I've had the same problem as you, but I was using jboss AS 7 instead of tomcat. However, the principles are more or less the same.
We solved this issue by using apache with mod_cluster which allows the tomcat or jboss server to register which context that it has available to the load balancer. The loadbalancer will determine which application server that has the context and route the traffic to it.
There are lots of tutorials for how to do this online, here is one good example.
http://www.devx.com/Java/Article/48086
For the original question, I think you are not looking for a load balancer, but just a plain reverse proxy with the twist that it has to be dynamic.
Check out Apache httpd mod_proxy with mod_rewrite. For the dynamic part maybe your tomcats can register their connected "refrigerators" in a sqldb, in that case use RewriteMap with dbd.
Related
I'm struggling here with something that may be easy to do, but I haven't found a correct solution, so i hope you can help me please.
Background
We are developing an application that consists in 4 different Java Web projects.
AppA
AppB
AppC
WebService
All of these applications have to be accessed from 4 diferent sub domains of mydomain.com:
a.mydomain.com
b.mydomain.com
c.mydomain.com
api.mydomain.com
Technology
Application server: Payara server 4 (what is almost the same that Glassfish 4).
Payara server is running inside a Docker container which in turn is running inside an Amazon EC2 instance.
I've used Amazon Route 53 in the following scenario:
What I have already done successfully
This was done for another proyect where there was only 1 app which is accessed from a subdomain of otherdomainiown.com.
This works perfectly, because the DNS records of the domain provider (iPage) just points to my Amazon Route 53 records of the hosted zone I configured. This hosted zone has an A record that points to the fixed IP of my Amazon EC2 instance. Then, Docker exposes Payara server through port 80 that is mapped to port 8080 which Payara uses by default to serve it's applications.
Problem
Now, i'm facing a similar scenario. The difference is that I have 4 different apps that need to be accessed by 4 different sub domains.
I've tried with Virtual Servers (virtual hosts) with no luck, I'm not familiar with that, but i think that could be a possible solution.
I considered using Amazon S3 buckets to redirect but I don't think that's what I need.
In an image, this should be the final scenario, although I just draw 2 sub domains for simplicity:
Should I use Docker mappings to resolve this?
Should I use Virtual Servers?
Should I buy 4 different machines? (this will solve all this in a few seconds, but buying more instances is not an option)
Should I use a Docker container for each application?
As you can see, i'm a little lost, so it would be great if you could point me in the right direction.
Thanks in advance.
What are you using Route 53 for? What benefit do you get from it in this scenario?
There is a blog post on the Payara website which gives an overview of using Virtual Servers in Payara Server, but it's a bit in-depth to quote for an answer here.
The key point is that you still need to configure incoming traffic to arrive at different subdomains. If all your traffic is coming in on the same IP address as it looks like Route53 is doing, then it will be very tricky to differentiate what traffic should go to which endpoint.
The usual way to do this would be to have a load balancer or proxy where you have Route53 in your diagram. An Amazon ELB would be able to perform the redirects you need. A cheaper option (though it would involve more management) would be to use something like Apache httpd or Nginx to forward requests to the Payara Server.
You just need to create a virtual server for each subdomain and set the subdomain in the "Hosts" field. Then you need to dpeloy all 4 applications and select the proper virtual server in the "Virtual Servers" field. The blog linked by #Mike will guide you: https://blog.payara.fish/virtual-servers-in-payara-server
All of the virtual servers will be listening on the same IP address but Payara Server will read the domain from incoming HTTP requests and will route the request to the correct virtual server.
However, this is recommended only for very small applications. Bigger applications should be deployed separately on different Payara Server instances running on different ports or different machines. If you use docker then you can run 4 instances in docker and map them to different ports. Then you would need a proxy server (Apache Httpd, Nginx, ) to route requests to the correct Payara instances (ports) according to the domain name in requests.
I'd like to log the TLS version that's being used when my web app receives requests, and when it does server side HTTP requests.
I've tried enabling TLS logging at the VM level, but it's much too verbose for my liking, and I'd like to just log it at a few points in my app.
How can I do this?
Turns out that in my situation, I could never figure this out, as there was a load balancer in front of my app, and the load balancer had the SSL cert installed on it, not my nodes.
My company uses "SSL termination", which means that the SSL connection ends at the load balancer - so no nodes in our app are ever served securely (they're on an internal network of course, which is only available to the load balancer).
So if you're looking into this, first find out if your load balancer is working in this way, because if it is, you won't get any SSL info in your requests at all no matter what!
I googled for load balancing but the only thing I can find is the working theory, which at the moment, is the "easy" part for me. But zero examples of how to implement one.
I have several questions pertaining load balancing:
I have a domain (example.com) and I behind it I have a load balancing server (lets call it A) which, according to the theory, will ask the client to close the connection with A, and connect to B, a sub-server and carry on the request with B. Will the client, in a web browser stop seeing "example.com/page.html" in the address bar and start seeing "B_ip_address/page.html" instead?
How can I implement a simple load balancer from scratch? My doubt targets the HTTP part. Is there some specific message or set of messages I need to send the client which will make him disconnect from me and connect to a sub-server?
What about lower level protocols than HTTP, such as TCP/IP, are there any standard packets to tell the client he just connected to a load balancer server and now he needs to connect to xxx.xxx.xxx.xxx to carry on the request?
What method is the most used? (1) client connects to load balancing server, and it asks the client to directly connect to one of the sub-servers, or (2) the load balancing server starts bridging all traffic from the client to the sub-server and vice-versa in a transparent fashion?
So question 2, 3 and 4 regard the load balancing protocol, and the 1st one the way a domain name can be connected to a load balancer and what are the underlying consequences.
Your approach is a kind of static load balancing by redirect the calls to another server. All following calls may use this other server or are send to the load balancer again for redirect.
An implementation depends on the implementation of your system. A load balancer works best for independent requests with no session state. You need to sync the session state otherwise between the "end" servers. Or use a shared session store to provide the session state to all servers.
There exists a simple and transparent solution for HTTP server load balancing. You can use the load balancing module of an nginx server (http://nginx.org/en/docs/http/load_balancing.html). This can be used for HTTP and HTTPS requests. And it may be extended with extra servers dynamically if the load increases. You need to edit the nginx configuration and restart the server. This can be transparent to existing connections. And nginx does not cause problems with changing domain or host names.
Other protocols need some support by the client and the server. Load balancing may be transparent if a specialized device is between the client and server. Or the communication protocol needs to support connection redirects.
Edit:
Load balancing can be implemented by DNS round robin too. Each DNS lookup call returns another IP address for the same domain name. The client choose an IP and connects to this server. Another client can use the next IP. The address bar name is the same all the time.
Example:
Non-authoritative answer:
Name: www.google.com
Addresses: 2a00:1450:4001:80f::1010
173.194.116.209
173.194.116.210
173.194.116.212
173.194.116.211
173.194.116.208
Non-authoritative answer:
Name: www.google.com
Addresses: 2a00:1450:4001:80f::1010
173.194.116.210
173.194.116.212
173.194.116.211
173.194.116.208
173.194.116.209
Non-authoritative answer:
Name: www.google.com
Addresses: 2a00:1450:4001:80f::1010
173.194.116.212
173.194.116.211
173.194.116.208
173.194.116.209
173.194.116.210
The IP address range rotates. Most HTTP load balancers work as transparent load balancer like nginx or other reverse proxy implementations. A redirecting load balancer is more a low tech implementation I think.
TCP/IP is not a protocol. It's the transport layer used to transfer data implementing a specific communication protocol. While TCP/IP itself is a protocol for the network components. But not the applications. You may check https://en.wikipedia.org/wiki/OSI_model .
For the past few weeks, I have been scouring the internet, the minds of computer programmers, and just a few random people over the situation I am looking to overcome. Basically, what I am trying to do it write a AntiJoinBot "plugin" (if you will) for the popular game Minecraft. This would be like all others in respect that it blocks IPs based on if they are using a proxy or not, but this AntiJoinBot is running on a different VPS than the actual server.
This is the best graph I can make of the situation (it's not that good):
(non-minecraft server) Connection -> Proxy check -> Redirect to the
server -> Minecraft
The only problem is, I need to be able to redirect the IP and close the connection so that the player's real IP is the one that would connect to the server. If the connection is not able to be closed, it would cause real problems due to some of the plugins we are running.
If you have a solution or a better way to do this, please help me.
Redirection of connections along the lines that you want requires support from the (application) protocol. TCP/IP does not support it. AFAIK, SOCKS does not support it either. Unless the Minecraft application protocol (and by implication, Minecraft clients and servers) include support for redirection, you are out of luck.
(FWIW - that's how HTTP redirection works. HTTP has a "protocol element" that allows the server to tell the client to redirect, and where to redirect to. The client then resends the original request to a new address.)
But that doesn't mean that you can't deal with the pests. It just means that the redirection approach is not viable. Try a custom proxy or an IP filter / redirector instead.
You are trying to save the server's resources on the cost of increase Traffic.
I am not sure with the answer but may be by looking into the concept of LBS(Load Balancing Server) you may find the answer.
LBS is purely defined and controlled by us so you can manage the resources of two servers using one load balancing server.
I have a client that make requests to different servers. Sometimes this servers rejects requests from my IP so I need to change it (I have a few public IPs). I also need to change my IP to make geolocalizated request. I'm trying to make a balance server to redirect the client traffic through different server and to keep a log of IPs being rejected. This is what I have in mind:
There would be clients in different networks with different instances of the client. This instances request an output server to the balancer and then all the traffic of clients is redirected through this servers. Output servers could make a connection with the balancer with sockets to say something like "Ey, I'm here. You can use me!". Here I have a silly activity diagram (full of mistakes probably):
Is there a simplest way to do this? Maybe I'm reinventing the wheel. If is a good solution, is if possible to do this with Java/C#? How could I redirect the traffic?
I think you are reinventing the wheel a little, what your describing is just a load balancer in sticky session/sticky IP mode.
There's a few open source projects that will do what you are looking for. (Each word is a link there)
Personally I'd suggest the LVS Project