vyos-1x icon indicating copy to clipboard operation
vyos-1x copied to clipboard

Published 20 hours ago verified publisher icon vyos

load-balancing: inbound: T3116: Support back-end L4 load balancing

Open jack9603301 opened this issue 4 years ago • 10 comments

Change Summary

Support back-end L4 load balancing

Types of changes

  • [ ] Bug fix (non-breaking change which fixes an issue)
  • [x] New feature (non-breaking change which adds functionality)
  • [ ] Code style update (formatting, renaming)
  • [ ] Refactoring (no functional changes)
  • [ ] Migration from an old Vyatta component to vyos-1x, please link to related PR inside obsoleted component
  • [ ] Other (please describe):

Related Task(s)

https://phabricator.vyos.net/T3116

Component(s) name

load-balancing

Proposed changes

Support back-end L4 load balancing

How to test

Checklist:

  • [x] I have read the CONTRIBUTING document
  • [x] I have linked this PR to one or more Phabricator Task(s)
  • [x] My commit headlines contain a valid Task id
  • [x] My change requires a change to the documentation
  • [ ] I have updated the documentation accordingly

jack9603301 avatar Jan 28 '21 13:01 jack9603301

This pull request has conflicts, please resolve those before we can evaluate the pull request.

github-actions[bot] avatar Jul 25 '21 07:07 github-actions[bot]

Update make file. It has some conflicts. For the rest, I approve.

sever-sever avatar Jul 26 '21 12:07 sever-sever

Conflicts have been resolved. A maintainer will review the pull request shortly.

github-actions[bot] avatar Jul 26 '21 13:07 github-actions[bot]

Hi there, I was wondering that when will this PR merge to main branch? @jack9603301 @c-po Just found the implement was done half year ago.

Really looking forward to see LVS (inbound load balancing) cound be a built-in feature in VyOS! =)

helixzz avatar Apr 14 '22 09:04 helixzz

Well depending on your usecase, therebis already support for http inbound load balancind (through keepalived)

c-po avatar Apr 14 '22 09:04 c-po

@dmbaturin can you review this

andamasov avatar May 21 '22 10:05 andamasov

Well depending on your usecase, therebis already support for http inbound load balancind (through keepalived)

It's not just HTTP, in fact it can perform load balancing on the four-layer protocol, and LVS is one of the well-known open source implementations, and keepalived is only hot backup in nature

The implementation is basically awaiting review, would love to see it become a built-in feature of vyos

jack9603301 avatar Aug 01 '22 15:08 jack9603301

keepalived is only hot backup in nature

It is not only "backup" it also uses a load-balancing feature, I guess it also uses LVS as a backend https://github.com/vyos/vyos-1x/blob/a09359828e38c5b51a4579af16b5ea263a98233f/interface-definitions/high-availability.xml.in#L286 https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/load_balancer_administration/ch-initial-setup-vsa#s3-initial-setup-conf-file-virt-VSA https://keepalived.readthedocs.io/en/latest/terminology.html

sever-sever avatar Aug 01 '22 16:08 sever-sever

keepalived is only hot backup in nature

It is not only "backup" it also uses a load-balancing feature, I guess it also uses LVS as a backend

https://github.com/vyos/vyos-1x/blob/a09359828e38c5b51a4579af16b5ea263a98233f/interface-definitions/high-availability.xml.in#L286

https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/load_balancer_administration/ch-initial-setup-vsa#s3-initial-setup-conf-file-virt-VSA https://keepalived.readthedocs.io/en/latest/terminology.html

ok, this could be another wrapper around ipvs, maybe it would be better if we could use ipvs directly?

And I seem to find an interesting place, that is, the implementation time of keepalived's load balancing function is later than LVS

jack9603301 avatar Aug 01 '22 19:08 jack9603301

Keepalived and ipvsadm both use the IPVS framework. ipvsadm is the original tool to configure IPVS (just like iptables is the netfilter config tool). Keepalived has some advantage because you can make your Loadbalancer HA, do backend service health checks (remove dead IPVS backends for example) and configure IPVS in one place.

ipvsadmonly had advantage if you want to use IPVS but not make your loadbalancer HA. AFAIK you have to create your own backend checks.

Will it stil be possible to use both?

roedie avatar Sep 08 '22 19:09 roedie

Keepalived and ipvsadm both use the IPVS framework. ipvsadm is the original tool to configure IPVS (just like iptables is the netfilter config tool). Keepalived has some advantage because you can make your Loadbalancer HA, do backend service health checks (remove dead IPVS backends for example) and configure IPVS in one place.

ipvsadmonly had advantage if you want to use IPVS but not make your loadbalancer HA. AFAIK you have to create your own backend checks.

Will it stil be possible to use both?

you mean?

jack9603301 avatar Apr 05 '23 14:04 jack9603301

There are now implementations in 1.4 based on both Keepalived/LVS and HAProxy, so this is redundant, unfortunately.

dmbaturin avatar Aug 31 '23 14:08 dmbaturin