This is pen, a load balancer for "simple" tcp based protocols such as http or smtp. It allows several servers to appear as one to the outside and automatically detects servers that are down and distributes clients among the available servers. This gives high availability and scalable performance.
The load balancing algorithm keeps track of clients and will try to send them back to the server they visited the last time. The client table has a number of slots (default 2048, settable through command-line arguments). When the table is full, the least recently used one will be thrown out to make room for the new one.
This is superior to a simple round-robin algorithm, which sends a client that connects repeatedly to different servers. Doing so breaks applications that maintain state between connections in the server, including most modern web applications.
When pen detects that a server is unavailable, it scans for another starting with the server after the most recently used one. That way we get load balancing and "fair" failover for free.
Correctly configured, pen can ensure that a server farm is always available, even when individual servers are brought down for maintenance or reconfiguration. The final single point of failure, pen itself, can be eliminated by running pen on several servers, using vrrp to decide which is active.Refer:
http://siag.nu/pen/
II/Install
This example is based on follwing environmet.
(1) cluster.test.vn [192.168.20.101] Pen Server
(2) www1.test.vn [192.168.20.203] Web Server #1
(3) www2.test.vn [192.168.20.83] Web Server #2
1/Install and configure Pen
[root@ ~]# wget http://dag.wieers.com/rpm/packages/pen/pen-0.17.2-1.el5.rf.i386.rpm
[root@ ~]#rpm -Uvh pen-0.17.2-1.el5.rf.i386.rpm
[root@ ~]#vim /etc/rc.d/init.d/pen
# make scripts
# an example
#!/bin/bash
#
# Pen: Starting Pen
#
# chkconfig: 345 93 92
# description:Simple load-balancer
# processname: pen
. /etc/rc.d/init.d/functions
pen="/usr/local/bin/pen"
lockfile="/var/lock/subsys/pen"
prog="pen"
RETVAL=0
PID=/var/run/pen.pid-80
LOGFILE=/var/log/pen.log
CONTROL=localhost:10080
MAX_CONNECTIONS=500
PORT=80
SERVERS=2
SERVER1=192.168.20.203:80
SERVER2=192.168.20.83:80
start() {
echo -n $"Starting $prog: "
daemon $pen -x $MAX_CONNECTIONS -S $SERVERS -p $PID -l $LOGFILE -C $CONTROL -r $PORT $SERVER1 $SERVER2
RETVAL=$?
echo
[ $RETVAL = 0 ] && touch $lockfile
return $RETVAL
}
stop() {
echo -n $"Stopping $prog: "
killproc $pen
RETVAL=$?
echo
[ $RETVAL = 0 ] && rm -f $lockfile
return $RETVAL
}
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
stop
start
;;
status)
status $pen
;;
*)
echo "Usage: $prog {start|stop|restart|status}"
exit 1
esac
exit $?
#
# Pen: Starting Pen
#
# chkconfig: 345 93 92
# description:Simple load-balancer
# processname: pen
. /etc/rc.d/init.d/functions
pen="/usr/local/bin/pen"
lockfile="/var/lock/subsys/pen"
prog="pen"
RETVAL=0
# PID file
PID=/var/run/pen.pid-80
# log file
LOGFILE=/var/log/pen.log
# control port
CONTROL=localhost:10080
# max connections
MAX_CONNECTIONS=500
# port
PORT=80
# number of servers
SERVERS=2
# IP of a server #1
SERVER1=192.168.20.203:80
# IP of a server #2
SERVER2=192.168.20.83:80
start() {
echo -n $"Starting $prog: "
daemon $pen -x $MAX_CONNECTIONS -S $SERVERS -p $PID -l $LOGFILE -C $CONTROL -r $PORT $SERVER1 $SERVER2
RETVAL=$?
echo
[ $RETVAL = 0 ] && touch $lockfile
return $RETVAL
}
stop() {
echo -n $"Stopping $prog: "
killproc $pen
RETVAL=$?
echo
[ $RETVAL = 0 ] && rm -f $lockfile
return $RETVAL
}
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
stop
start
;;
status)
status $pen
;;
*)
echo "Usage: $prog {start|stop|restart|status}"
exit 1
esac
exit $?
[root@lan ~]#vi /etc/logrotate.d/pen
# an example
/var/log/pen.log { daily copytruncate compress notifempty missingok postrotate /etc/rc.d/init.d/pen restart 2>&1 > /dev/null || true endscript }
[root@lan ~]#chmod 755 /etc/rc.d/init.d/pen
[root@lan ~]#/etc/rc.d/init.d/pen startStarting pen: [ OK ]
[root@lan ~]#chkconfig --add pen
[root@lan ~]#chkconfig pen on
2/Configure a tool that shows status of Pen from web browser.
[root@lan ~]#vi /etc/rc.d/init.d/pen
# line 16: specify html file
daemon $pen -w $WEBFILE -x $MAX_CONNECTIONS -S $SERVERS -p $PID -l $LOGFILE -C $CONTROL -r $PORT $SERVER1 $SERVER2
[root@lan ~]#cp /usr/local/doc/pen/penstats /usr/local/bin/
[root@lan ~]#vi /usr/local/bin/penstats
#!/bin/sh PENHOME=/home/ulric/Projekt/pen PIDFILE=/var/run/pen.pid-80 WEBFILE=/var/www/html/pen/index.html # This will make pen save its stats kill -USR1 `cat $PIDFILE` # We don't know how long it will take; wait a few seconds sleep 2 # And display the results echo "Content-type: text/html" echo cat $WEBFILE
[root@lan ~]#/etc/rc.d/init.d/pen restart
Stopping pen:[ OK ]
Starting pen:[ OK ]
[root@lan ~]#chmod 755 /usr/local/bin/penstats
[root@lan ~]#/usr/local/bin/penstats# run
[root@lan ~]#crontab -e
3/Access to Pen server with web browser. A backend server answers normally like below.
a/First Request
b/Second request
4/ Stop httpd on a server now and access to pen server again. Another backend server answers normally like below.
a/ Stop http in 192.168.20.203
b/ Stop http in 192.168.20.83
[root@lan ~]#chmod 755 /etc/rc.d/init.d/pen
[root@lan ~]#/etc/rc.d/init.d/pen startStarting pen: [ OK ]
[root@lan ~]#chkconfig --add pen
[root@lan ~]#chkconfig pen on
2/Configure a tool that shows status of Pen from web browser.
[root@lan ~]#vi /etc/rc.d/init.d/pen
WEBFILE=/var/www/html/pen/index.html
PID=/var/run/pen.pid-80 LOGFILE=/var/log/pen.log# add options
daemon $pen -w $WEBFILE -x $MAX_CONNECTIONS -S $SERVERS -p $PID -l $LOGFILE -C $CONTROL -r $PORT $SERVER1 $SERVER2
[root@lan ~]#cp /usr/local/doc/pen/penstats /usr/local/bin/
[root@lan ~]#vi /usr/local/bin/penstats
#!/bin/sh PENHOME=/home/ulric/Projekt/pen PIDFILE=/var/run/pen.pid-80
# change
# change
[root@lan ~]#/etc/rc.d/init.d/pen restart
Stopping pen:[ OK ]
Starting pen:[ OK ]
[root@lan ~]#chmod 755 /usr/local/bin/penstats
[root@lan ~]#/usr/local/bin/penstats# run
[root@lan ~]#crontab -e
*/1 * * * * /usr/local/bin/penstats
3/Access to Pen server with web browser. A backend server answers normally like below.
a/First Request
b/Second request
4/ Stop httpd on a server now and access to pen server again. Another backend server answers normally like below.
a/ Stop http in 192.168.20.203
b/ Stop http in 192.168.20.83
Note:you need configure Apache listen port 81:
change listen port 80 to 81
Besides Pen can loadbalance other service (FTP,HTTPS,SMTP,POP3...)pen -l pen443.log -p pen443.pid 192.168.20.101:443
192.168.20.203:443 192.168.20.83:443
(LOAD BALANCE HHTPS)
pen -l pen110.log -p pen110.pid 192.168.20.101:110
192.168.20.203:110 192.168.20.83:110
(LOAD BALANCE POP3)
pen -l pen25.log -p pen25.pid 192.168.20.101:25
192.168.20.203:25 192.168.20.83:25
(LOAD BALANCE SMTP)
pen -l pen21.log -p pen21.pid 192.168.20.101:21
192.168.20.203:21 192.168.20.83:21
(LOAD BALANCE FTP)
Thanks for the response. After researching some more about Pen, I think I came to the same conclusion as you. I just thought Pen was fairly easy to configure. HAProxy is kind of convoluted, but I may have to look at that after all...
ReplyDeleteThanks again!
Hi Babylon
ReplyDeleteThanks for your confirm.I think Beside use HAPROXY for load balance support layer 7(as you write It's is kind of convoluted).You can use pound setup SSL in Pound server as following:
Edit /etc/pound.cfg
# add some config like below
# Pound server settings
ListenHTTP
Address 192.168.236.130
Port 80
End
ListenHTTPS
# pound server's IP
Address 192.168.236.130
# Listen Port
Port 443
# certificates
Cert "/etc/pki/tls/certs/server.crt"
End
Thanks and Best Regards