Load-balancing an SSL-based server farm?

Jarod Wilson jarod at wilsonet.com
Mon Jan 18 14:40:37 EST 2010


On Mon, Jan 18, 2010 at 2:29 PM, Paul Lussier <p.lussier at comcast.net> wrote:
>
> Hi all,
>
> Has anyone here set up LVS (or something equivalent) to load balance
> across a set of apache servers serving up SSL-protected sites?

Yes, but it was 4+ years ago. :)

> I've googled around, and all the docs I've come up with are at least 4+
> years old, and somewhat incomplete.  Interestingly, I can't even find a
> single book about the topic!

In my case, we were using Foundry Networks ServerIron (iirc) load
balancers. There really wasn't any difference between the
load-balanced http and https setups that I can recall -- you just need
to make sure the same ssl cert exists on each of the load-balanced
servers.

> The examples I've found tend to be concerned with a basic apache config
> without SSL being involved, and don't address the scalability of the LVS
> configuration.  The things I'm most concerned with :)

No clue there.

> The basic scope of the project is this:
>
>  - we have about 10 apache servers handling 10,000 sites over both http
>   and https (for a total of ~20K sites)
>
>  - we need a scalable HA load-balancing solution to sit in front of
>   these servers and load balance across them dealing with both http and
>   https traffic.
>
> My questions at this point are:
>
> - Is LVS the right tool, or is there something better (OSS) ?

Pretty sure LVS is the right tool. Its what we probably would have
used if we didn't already have hardware load-balancers.

> - Can LVS handle this size of a load ?
> - How many sites can LVS scale to serving?
> - Can the LVS config be updated dynamically, on-the-fly, without
>  restarting ldirectord ?
> - Is there any recent (w/in the last 2 years) documentation or are there
>  any books on building such an environment with LVS ?

Not really sure on any of these, its been a good long while since I've
actually looked into it.

> Many thanks for any information, URLs, pointers, references, etc.

I assume you've found http://www.linuxvirtualserver.org/Documents.html

-- 
Jarod Wilson
jarod at wilsonet.com



More information about the gnhlug-discuss mailing list