글로벌 향 서비스 구축 시, 네이버 클라우드 플랫폼에서 사용할 수 있는 서비스들과 인프라단에서 고려해야 할 사항들에 대해서 자세히 소개해 드립니다 | Let me introduce you in detail the services available on the Naver cloud platform and what the infrastructure needs to consider when building a global service.
This document discusses DNS server monitoring using DNSTAP, an open protocol to capture and store DNS server events. It begins by noting the performance impact of traditional monitoring methods and limitations of network packet capture. It then provides an overview of how DNSTAP works, implementations in Unbound, Knot DNS, and upcoming BIND 9, dependencies, available tools, and examples of configuring DNSTAP in Unbound, Knot DNS, and BIND 9.
Deep Dive and Best Practices for Real Time Streaming ApplicationsAmazon Web Services
This document summarizes a presentation on real-time streaming data on AWS. It discusses Amazon Kinesis, Spark Streaming, AWS Lambda, and Amazon EMR. The presentation covers an overview of streaming vs batch processing, common streaming data use cases and design patterns, a deep dive on Amazon Kinesis, examples of ingesting and processing streaming data, and a case study of how Sizmek uses these services for their real-time analytics needs.
Content Delivery Using Amazon CloudFront - AWS Presentation - John MancusoAmazon Web Services
CloudFront is Amazon's content delivery network (CDN) that caches copies of content across a global network of edge servers to improve performance and reduce latency. It uses a distribution configuration to determine how to route requests for content to the optimal edge location. Origins specify the source of the content. CloudFront delivers content through its edge locations, improving load times, providing high bandwidth, and ensuring availability. Many companies use CloudFront to deliver media, software downloads, web assets and even dynamic content through features like cache behaviors and multiple origins. Getting started is self-service through the AWS Management Console or APIs.
AWS re:Invent 를 전후로 AWS에서 제공하는 인스턴스의 수는 약 470여 개에 이를만큼 폭발적으로 증가하였습니다. 본 강연에서는, AWS re:Invent 2021에서 발표된 다양한 AWS 최신 인스턴스들에 대해 소개합니다. AWS에서 제공하는 최신 Intel/AMD/ARM 기반의 인스턴스들뿐만 아니라, 특정 목적을 위해 개발된 특화 인스턴스들에 대한 동향 및 개별 인스턴스의 특징 및 배경 기술에 대해 상세히 알아볼 수 있습니다.
글로벌 향 서비스 구축 시, 네이버 클라우드 플랫폼에서 사용할 수 있는 서비스들과 인프라단에서 고려해야 할 사항들에 대해서 자세히 소개해 드립니다 | Let me introduce you in detail the services available on the Naver cloud platform and what the infrastructure needs to consider when building a global service.
This document discusses DNS server monitoring using DNSTAP, an open protocol to capture and store DNS server events. It begins by noting the performance impact of traditional monitoring methods and limitations of network packet capture. It then provides an overview of how DNSTAP works, implementations in Unbound, Knot DNS, and upcoming BIND 9, dependencies, available tools, and examples of configuring DNSTAP in Unbound, Knot DNS, and BIND 9.
Deep Dive and Best Practices for Real Time Streaming ApplicationsAmazon Web Services
This document summarizes a presentation on real-time streaming data on AWS. It discusses Amazon Kinesis, Spark Streaming, AWS Lambda, and Amazon EMR. The presentation covers an overview of streaming vs batch processing, common streaming data use cases and design patterns, a deep dive on Amazon Kinesis, examples of ingesting and processing streaming data, and a case study of how Sizmek uses these services for their real-time analytics needs.
Content Delivery Using Amazon CloudFront - AWS Presentation - John MancusoAmazon Web Services
CloudFront is Amazon's content delivery network (CDN) that caches copies of content across a global network of edge servers to improve performance and reduce latency. It uses a distribution configuration to determine how to route requests for content to the optimal edge location. Origins specify the source of the content. CloudFront delivers content through its edge locations, improving load times, providing high bandwidth, and ensuring availability. Many companies use CloudFront to deliver media, software downloads, web assets and even dynamic content through features like cache behaviors and multiple origins. Getting started is self-service through the AWS Management Console or APIs.
AWS re:Invent 를 전후로 AWS에서 제공하는 인스턴스의 수는 약 470여 개에 이를만큼 폭발적으로 증가하였습니다. 본 강연에서는, AWS re:Invent 2021에서 발표된 다양한 AWS 최신 인스턴스들에 대해 소개합니다. AWS에서 제공하는 최신 Intel/AMD/ARM 기반의 인스턴스들뿐만 아니라, 특정 목적을 위해 개발된 특화 인스턴스들에 대한 동향 및 개별 인스턴스의 특징 및 배경 기술에 대해 상세히 알아볼 수 있습니다.
by Robbie Wright, HEad of Amazon S3 & Amazon Glacier Product Marketing, AWS
Learn from AWS on how we've designed S3 and Glacier to be durable, available, and massively scalable. Hear how customers are using these services to enhance the accessibility and usability of their data. We will also dive into the benefits of object storage, its applications, and some best practices to follow.
Reducing the time to get actionable insights from data is important to all businesses, and customers who employ batch data analytics tools are exploring the benefits of streaming analytics. Learn best practices to extend your architecture from data warehouses and databases to real-time solutions. Learn how to use Amazon Kinesis to get real-time data insights and integrate them with Amazon Aurora, Amazon RDS, Amazon Redshift, and Amazon S3. The Amazon Flex team describes how they used streaming analytics in their Amazon Flex mobile app, used by Amazon delivery drivers to deliver millions of packages each month on time. They discuss the architecture that enabled the move from a batch processing system to a real-time system, overcoming the challenges of migrating existing batch data to streaming data, and how to benefit from real-time analytics.
Scaling Redis Workloads with Amazon ElastiCache - AWS Online Tech TalksAmazon Web Services
This document provides an overview and best practices for scaling Redis workloads with Amazon ElastiCache. It discusses:
- Amazon ElastiCache features like Redis and Memcached support, high performance, availability, and security.
- Redis cluster mode and how it provides automatic sharding and horizontal scaling.
- How to perform online resharding of Redis clusters with ElastiCache to scale without downtime.
- Common usage patterns for ElastiCache like caching, session management, and pub/sub.
Set it and Forget it: Auto Scaling Target Tracking Policies - AWS Online Tech...Amazon Web Services
Learning Objectives:
- How and when to use step scaling policies
- How to use target tracking scaling policies
- How to use scaling policies for dynamic scaling and EC2 fleet management
1) The document discusses Amazon S3 and Glacier object storage services. It provides an overview of features like storage classes, security practices, analytics, and use cases for large companies.
2) Key recommendations include starting to tag objects to organize data, using lifecycle policies to automate storage class transitions, and reviewing bucket security settings.
3) The presentation aims to help users better understand how to architect applications using S3 and optimize storage and access of trillions of objects stored on AWS.
AWS Glue는 고객이 분석을 위해 손쉽게 데이터를 준비하고 로드할 수 있게 지원하는 완전관리형 ETL(추출, 변환 및 로드) 서비스입니다. AWS 관리 콘솔에서 클릭 몇 번으로 ETL 작업을 생성하고 실행할 수 있습니다. 빅데이터 분석 시 다양한 데이터 소스에 대한 전처리 작업을 할 때, 별도의 데이터 처리용 서버나 인프라를 관리할 필요가 없습니다. 본 세션에서는 지난 5월 서울 리전에 출시한 Glue 서비스에 대한 자세한 소개와 함께 다양한 활용 팁을 데모와 함께 소개해 드립니다.
In addition to running databases in Amazon EC2, AWS customers can choose among a variety of managed database services. These services save effort, save time, and unlock new capabilities and economies. In this session, we make it easy to understand how they differ, what they have in common, and how to choose one or more. We explain the fundamentals of Amazon DynamoDB, a fully managed NoSQL database service; Amazon RDS, a relational database service in the cloud; Amazon ElastiCache, a fast, in-memory caching service in the cloud; and Amazon Redshift, a fully managed, petabyte-scale data-warehouse solution that can be surprisingly economical. We’ll cover how each service might help support your application, how much each service costs, and how to get started.
Flexible and Real-Time Stream Processing with Apache FlinkDataWorks Summit
This document provides an overview of stream processing with Apache Flink. It discusses the rise of stream processing and how it enables low-latency applications and real-time analysis. It then describes Flink's stream processing capabilities, including pipelining of data, fault tolerance through checkpointing and recovery, and integration with batch processing. The document also summarizes Flink's programming model, state management, and roadmap for further development.
Spark and the Hadoop Ecosystem: Best Practices for Amazon EMRAmazon Web Services
by Dario Rivera, Solutions Architect, AWS
Amazon EMR is a managed service that lets you process and analyze extremely large data sets using the latest versions of over 15 open-source frameworks in the Apache Hadoop and Spark ecosystems. In this session, we introduce you to Amazon EMR design patterns such as using Amazon S3 instead of HDFS, taking advantage of both long and short-lived clusters, and other Amazon EMR architectural best practices. We talk about how to scale your cluster up or down dynamically and introduce you to ways you can fine-tune your cluster. We also share best practices to keep your Amazon EMR cluster cost-efficient. Finally, we dive into some of our recent launches to keep you current on our latest features. This session will feature Asurion, a provider of device protection and support services for over 280 million smartphones and other consumer electronics devices.
Do flink on web with flow - Dongwon Kim & Haemee park, SK Telecom)Flink Forward
The document describes FLOW, an abstraction layer that allows domain experts to develop Apache Flink streaming applications without needing expertise in Flink's APIs. FLOW provides a graphical user interface where users can build streaming data pipelines visually using common SQL operations and connectors. When users save their pipelines in FLOW, it generates the underlying Flink code. This allows domain experts across various fields to directly develop real-time stream processing solutions with Flink without involving data engineers to bridge the gap in knowledge.
Deep Dive on Accelerating Content, APIs, and Applications with Amazon CloudFr...Amazon Web Services
This document provides an overview of Amazon CloudFront and Lambda@Edge. It discusses how CloudFront is a global content delivery network that can accelerate content delivery, including both static and dynamic content. It also introduces Lambda@Edge, which allows running code at the edge using AWS Lambda. Lambda@Edge functions can be triggered by CloudFront events to customize content delivery, such as modifying requests and responses. The document provides details on CloudFront pricing and architecture, including how it uses edge locations globally to improve performance.
This is a presentation made at the Burlington, Vermont PHP Users Group about configuring load balancing using the Apache HTTP Server. Load balancing is a technique that can distribute work across multiple server nodes—here we will discuss load balancing HTTP (i.e. web) traffic. There are many software and hardware load balancing options available including HAProxy, Varnish, Pound, Perlbal, Squid, nginx, and Linux-HA (High-Availability Linux) on Linux Standard Base (LSB). However, many web developers are already familiar with Apache as a web server and it is relatively easy to also configure Apache as a load balancer.
Related concepts such as shared nothing architecture are discussed. We also take a look at some basic load balancing scenarios and features including sticky sessions and proxying requests based on HTTP method. Distributed load testing with Tsung is briefly discussed as well.
발표영상 다시보기: https://kr-resources.awscloud.com/data-databases-and-analytics/%EC%98%A4%EB%9D%BC%ED%81%B4-db%EB%A5%BC-aws-%EB%8D%B0%EC%9D%B4%ED%84%B0%EB%B2%A0%EC%9D%B4%EC%8A%A4%EB%A1%9C-%EB%A7%88%EC%9D%B4%EA%B7%B8%EB%A0%88%EC%9D%B4%EC%85%98-%ED%95%98%EA%B8%B0-%EC%9C%A4%EA%B8%B0%EC%9B%90-aws-database-modernization-day-%EC%98%A8%EB%9D%BC%EC%9D%B8-2
온프레미스 Oracle DB를 AWS Database Migration Service와 Schema Conversion Tool을 사용하여 Migration하는 방법을 소개합니다. Migration시 Service Downtime을 최소화 하고, Migration 속도를 향상 시킬 수 있는 방법을 알아봅니다.
This document discusses how Kafka handles timestamps and offsets. It explains that Kafka maintains offset and time-based indexes to allow fetching log data by offset or timestamp. When new log records are appended, the indexes are updated with the largest offset and timestamp. If a record has a timestamp older than the existing minimum in the time index, Kafka will still append it but the time index entry will not be updated.
by Robbie Wright, HEad of Amazon S3 & Amazon Glacier Product Marketing, AWS
Learn from AWS on how we've designed S3 and Glacier to be durable, available, and massively scalable. Hear how customers are using these services to enhance the accessibility and usability of their data. We will also dive into the benefits of object storage, its applications, and some best practices to follow.
Reducing the time to get actionable insights from data is important to all businesses, and customers who employ batch data analytics tools are exploring the benefits of streaming analytics. Learn best practices to extend your architecture from data warehouses and databases to real-time solutions. Learn how to use Amazon Kinesis to get real-time data insights and integrate them with Amazon Aurora, Amazon RDS, Amazon Redshift, and Amazon S3. The Amazon Flex team describes how they used streaming analytics in their Amazon Flex mobile app, used by Amazon delivery drivers to deliver millions of packages each month on time. They discuss the architecture that enabled the move from a batch processing system to a real-time system, overcoming the challenges of migrating existing batch data to streaming data, and how to benefit from real-time analytics.
Scaling Redis Workloads with Amazon ElastiCache - AWS Online Tech TalksAmazon Web Services
This document provides an overview and best practices for scaling Redis workloads with Amazon ElastiCache. It discusses:
- Amazon ElastiCache features like Redis and Memcached support, high performance, availability, and security.
- Redis cluster mode and how it provides automatic sharding and horizontal scaling.
- How to perform online resharding of Redis clusters with ElastiCache to scale without downtime.
- Common usage patterns for ElastiCache like caching, session management, and pub/sub.
Set it and Forget it: Auto Scaling Target Tracking Policies - AWS Online Tech...Amazon Web Services
Learning Objectives:
- How and when to use step scaling policies
- How to use target tracking scaling policies
- How to use scaling policies for dynamic scaling and EC2 fleet management
1) The document discusses Amazon S3 and Glacier object storage services. It provides an overview of features like storage classes, security practices, analytics, and use cases for large companies.
2) Key recommendations include starting to tag objects to organize data, using lifecycle policies to automate storage class transitions, and reviewing bucket security settings.
3) The presentation aims to help users better understand how to architect applications using S3 and optimize storage and access of trillions of objects stored on AWS.
AWS Glue는 고객이 분석을 위해 손쉽게 데이터를 준비하고 로드할 수 있게 지원하는 완전관리형 ETL(추출, 변환 및 로드) 서비스입니다. AWS 관리 콘솔에서 클릭 몇 번으로 ETL 작업을 생성하고 실행할 수 있습니다. 빅데이터 분석 시 다양한 데이터 소스에 대한 전처리 작업을 할 때, 별도의 데이터 처리용 서버나 인프라를 관리할 필요가 없습니다. 본 세션에서는 지난 5월 서울 리전에 출시한 Glue 서비스에 대한 자세한 소개와 함께 다양한 활용 팁을 데모와 함께 소개해 드립니다.
In addition to running databases in Amazon EC2, AWS customers can choose among a variety of managed database services. These services save effort, save time, and unlock new capabilities and economies. In this session, we make it easy to understand how they differ, what they have in common, and how to choose one or more. We explain the fundamentals of Amazon DynamoDB, a fully managed NoSQL database service; Amazon RDS, a relational database service in the cloud; Amazon ElastiCache, a fast, in-memory caching service in the cloud; and Amazon Redshift, a fully managed, petabyte-scale data-warehouse solution that can be surprisingly economical. We’ll cover how each service might help support your application, how much each service costs, and how to get started.
Flexible and Real-Time Stream Processing with Apache FlinkDataWorks Summit
This document provides an overview of stream processing with Apache Flink. It discusses the rise of stream processing and how it enables low-latency applications and real-time analysis. It then describes Flink's stream processing capabilities, including pipelining of data, fault tolerance through checkpointing and recovery, and integration with batch processing. The document also summarizes Flink's programming model, state management, and roadmap for further development.
Spark and the Hadoop Ecosystem: Best Practices for Amazon EMRAmazon Web Services
by Dario Rivera, Solutions Architect, AWS
Amazon EMR is a managed service that lets you process and analyze extremely large data sets using the latest versions of over 15 open-source frameworks in the Apache Hadoop and Spark ecosystems. In this session, we introduce you to Amazon EMR design patterns such as using Amazon S3 instead of HDFS, taking advantage of both long and short-lived clusters, and other Amazon EMR architectural best practices. We talk about how to scale your cluster up or down dynamically and introduce you to ways you can fine-tune your cluster. We also share best practices to keep your Amazon EMR cluster cost-efficient. Finally, we dive into some of our recent launches to keep you current on our latest features. This session will feature Asurion, a provider of device protection and support services for over 280 million smartphones and other consumer electronics devices.
Do flink on web with flow - Dongwon Kim & Haemee park, SK Telecom)Flink Forward
The document describes FLOW, an abstraction layer that allows domain experts to develop Apache Flink streaming applications without needing expertise in Flink's APIs. FLOW provides a graphical user interface where users can build streaming data pipelines visually using common SQL operations and connectors. When users save their pipelines in FLOW, it generates the underlying Flink code. This allows domain experts across various fields to directly develop real-time stream processing solutions with Flink without involving data engineers to bridge the gap in knowledge.
Deep Dive on Accelerating Content, APIs, and Applications with Amazon CloudFr...Amazon Web Services
This document provides an overview of Amazon CloudFront and Lambda@Edge. It discusses how CloudFront is a global content delivery network that can accelerate content delivery, including both static and dynamic content. It also introduces Lambda@Edge, which allows running code at the edge using AWS Lambda. Lambda@Edge functions can be triggered by CloudFront events to customize content delivery, such as modifying requests and responses. The document provides details on CloudFront pricing and architecture, including how it uses edge locations globally to improve performance.
This is a presentation made at the Burlington, Vermont PHP Users Group about configuring load balancing using the Apache HTTP Server. Load balancing is a technique that can distribute work across multiple server nodes—here we will discuss load balancing HTTP (i.e. web) traffic. There are many software and hardware load balancing options available including HAProxy, Varnish, Pound, Perlbal, Squid, nginx, and Linux-HA (High-Availability Linux) on Linux Standard Base (LSB). However, many web developers are already familiar with Apache as a web server and it is relatively easy to also configure Apache as a load balancer.
Related concepts such as shared nothing architecture are discussed. We also take a look at some basic load balancing scenarios and features including sticky sessions and proxying requests based on HTTP method. Distributed load testing with Tsung is briefly discussed as well.
발표영상 다시보기: https://kr-resources.awscloud.com/data-databases-and-analytics/%EC%98%A4%EB%9D%BC%ED%81%B4-db%EB%A5%BC-aws-%EB%8D%B0%EC%9D%B4%ED%84%B0%EB%B2%A0%EC%9D%B4%EC%8A%A4%EB%A1%9C-%EB%A7%88%EC%9D%B4%EA%B7%B8%EB%A0%88%EC%9D%B4%EC%85%98-%ED%95%98%EA%B8%B0-%EC%9C%A4%EA%B8%B0%EC%9B%90-aws-database-modernization-day-%EC%98%A8%EB%9D%BC%EC%9D%B8-2
온프레미스 Oracle DB를 AWS Database Migration Service와 Schema Conversion Tool을 사용하여 Migration하는 방법을 소개합니다. Migration시 Service Downtime을 최소화 하고, Migration 속도를 향상 시킬 수 있는 방법을 알아봅니다.
This document discusses how Kafka handles timestamps and offsets. It explains that Kafka maintains offset and time-based indexes to allow fetching log data by offset or timestamp. When new log records are appended, the indexes are updated with the largest offset and timestamp. If a record has a timestamp older than the existing minimum in the time index, Kafka will still append it but the time index entry will not be updated.
웹 사이트의 빠른 로딩을 위한 프론트 엔드 최적화 기법과 더불어 알아두어야 할 HTTP 프로토콜 최적화를 언급하며, 최근 발표된 HTTP/3를 소개합니다.
HTTP/3는 "Hyper Text Transfer Protocol over QUIC"의 내용을 근간으로 UDP의 장점을 HTTP에 활용한 버전입니다.
HTTP/3를 알기 위해서는 QUIC에 대한 이해와 함께, 기존 버전인 HTTP/2에서 어떤 부분이 개선되었는지에 대한 이해가 동시에 필요합니다.
Chrome을 활용한 웹 성능 비교 예제들은 HTTP/3의 기술들을 빠르게 이해하는 데 도움이 될 것입니다.
게임 서비스에 딱 맞는 AWS 신규 서비스들로 게임 아키텍처 개선하기 - 김병수 솔루션즈 아키텍트, AWS :: AWS Summit Seo...Amazon Web Services Korea
게임 서비스에 딱 맞는 AWS 신규 서비스들로 게임 아키텍처 개선하기
김병수 솔루션즈 아키텍트, AWS
AWS는 고객의 요구사항을 반영하여 끊임없이 서비스들을 추가하고 개선해왔습니다. 본 세션에서는 이러한 서비스들 중 게임 서비스 아키텍처를 개선하는데 직접적으로 도움이 될 수 있는 서비스와 기능들을 신규 서비스들을 중심으로 살펴보고 장르별 게임 아키텍처에서 신규 서비스 도입 이전과 이후의 아키텍처 개선사항을 비교해봅니다.
본 강연에서는 금융 감독원의 클라우드 이용 가이드라인에 맞추어 바로 도입 가능한 HPC, 빅데이터, 백업, VDI 등의 업무에 대하여 간단하게 소개하고 AWS 상에서 구축하기 위한 참조 아키텍쳐와 특장점 및 고객 사례에 대해 설명해 드릴 예정입니다.
연사: 정영준 솔루션 아키텍트, 아마존 웹서비스
The document compares the performance specifications of F5 BIG-IP appliances to competitors across various categories. It provides tables listing the maximum throughput, connections per second, and other metrics for each product's layer 4 and 7 performance, SSL performance, and additional features like compression. Orange text indicates derived or non-public data. The BIG-IP appliances have the highest reported performance numbers in many categories compared to alternatives from Citrix, Radware, Cisco, and A10.
The document discusses Secure Web Gateway (SWG) technology which provides effective control of inbound and outbound network traffic. Key features of SWG include blocking access to dangerous websites or malware, classifying and securely filtering social media and web searches, and detecting malware in web pages. The document then focuses on the F5 SWG product and its primary capabilities such as URL/app filtering, malware detection, user identification, and security management/reporting. A comparison chart shows how F5's SWG compares favorably to other vendors in areas like advanced classification, real-time security, and content filtering.
The document compares the specifications and performance of F5's BIG-IP appliances and VIPRION chassis-based systems. It provides a table listing the processing throughput, throughput, ports, and other technical specifications of each model. The models range from entry-level to high-performance, with the highest-end systems able to handle over 1 million requests per second and terabits of throughput.
2. DNS vs GSLB
일반 DNS : www.domain.com과 같은 도메인 이름을 IP주소로 변환
GTM : DNS기능에 추가하여 보다 지능화된 글로벌 로드 분산
일반 DNS 의 한계
서비스 가용성 미 고려
서버/센터 성능 미 고려
사용자 위치 미 고려
단순한 Round Robin 방식
GLSB의 글로벌 로드 밸런싱
기본적 DNS 서비스
서비스 가용성 고려
서버/센터 성능 및 가용성 고려
사용자의 위치 고려
기업 비즈니스 환경에 맞는
다양하고 지능적인 부하 분산
3. F5 GTM : Global Traffic Manager
Data Center 1 Data Center
2
애플리케이션 및 데이터 최적화
• 동적 데이터 센터 부하분산
• DNS 및 APP 헬스 체크
• Geo IP 기반 라우팅
• 자동 Site-to-Site Failover
• IPv6/IPv4 전환
• DNS 용량 최대 10배 개선
애플리케이션 및 데이터에 대한 보안
• Transaction 보장
• iRule 적용
• DNSSEC
• DNS DDoS 공격 차단
• DNS 방화벽 서비스
4. 퍼블릭 클라우드,
아시아
엔터프라이즈
데이터센터,
북미
엔터프라이즈
데이터센터,
EMEA
F5 GTM : 애플리케이션 검색 및 복구
첨단 로드 밸런싱 및 프록시
• 가장 가용성이 높은 사
이트로 사용자를 연결
• 종합적으로 애플리케
이션 서비스 모니터링
• 최소한의 다운타임으
로 자동 재해 페일오버
구축
홍콩
뉴욕
런던
5. F5 GTM : Health Check – ECV and EAV
ECV (Extended content verification)
• Virtual Server 로 GTM 이 Test 패킷을 보내서 특정 File을 요청함
• ex) HTTP(s) : index.html, FTP : test.exe
• 어플리케이션이 주는 응답에 따라 정상인지 여부를 판단
• 해당 Virtual Server 장애 시, 그 Virtual Server를 서비스에서 제외 시킴
• BIG-IP와 연동 시, 다양한 Health check가 가능
EAV (Extended Application Verification)
• GTM 장비가 실제 클라이언트 역할을 수행, 서버와 상호통신을 수행하여 서비스의 이상 유무 점검
ex) MSSQL, FTP, IMAP, LDAP, NNTP, Oracle, POP3, Radius, SIP,
SMTP, UDP, WAP 등
• BIG-IP와 연동하여 서버 Check 후 결과값을 GTM에 알려주는 기능을 제공하여 Health check에 따른 시스템 부
하를 최소화
• 일반적인 어플리케이션에 대해 기본적인 템플릿 제공
• Customizing을 위한 스크립트 언어 (Perl, C) 제공
6. F5 GTM : Load Balancing 방법
• GTM은 고객의 여러 요구에 대응할 수 있는 다양한 분산 방법을 제공
Static
• Round Robin
• Ratio
• Random
• Persistence
Specialized
• Quality of Service
• Global Availability
• Topology
• E-Commerce
• Dynamic Ratio
• iRule
Dynamic
• KB Per Second
• Packet Rate
• VS Capacity
• Least Connection
• Round Trip Time
• Completion Rate
• Hops
7. 한국 유저
F5 GTM : Topology(국가별) Load Balancing
GTM
미국 유저
서울 데이터 센터
미국 데이터 센터
= 성능 메트릭 수집
- 한국의 Client는 한국 DC를 이용, 미국 Client는 미국 DC를 이용하게 할 수 있다
- 아시아 Client는 한국 DC를 이용, 나머지 대륙의 Client는 미국 DC를 이용하게 할 수 있다.
11. F5 GTM : DNSSEC을 이용한 DNS 위-변조 방어
DNSSEC 구현 :
• 기존의 DNS servers 앞단에 GTM 으로 구현
• 신뢰할 수 있는 DNS queries 확인 및 dynamically signed responses 확인
• 잘못된 응답을 보내는 악성 서버로부터 보호
12. Client
Local DNS
Q) http://erp.dosan.com
erp.dosan.com
203.246.154.170
Root (NS)
192.33.4.12
1
2
3
8
9
Q) http://dosan.com
erp.dosan.com
203.246.170.171
NS.dosan.com
203.246.131.2
GTM 1
gtm1.g.dosan.com 10.1.1.1
6
7
GTM 2
gtm2.g.dosan.com 20.1.1.1
Ans) dosan.com NS ns.dosan.com
Ns.dosan.com A 203.246.131.2
4
5
Q) http://erp.dosan.com
Ans) erp.dosan.com CNAME g.dosan.com
g.dosan.com NS gtm1.g.dosan.com
g.dosan.com NS gtm2.g.dosan.com
gtm1.g.dosan.com A 10.1.1.1
gtm2.g.dosan.com A 20.1.1.1
Q) http://erp.dosan.com
Ans) erp.dosan.com A 203.246.154.170
Ans) erp.dosan.com A 203.246.154.170
IDC#1 IDC#2
IDC#2
6 Q) http://erp.dosan.com
7
Ans) erp.dosan.com A 203.246.154.170
LDNS는 ns.dosan.com으로 부터 2개의 GTM IP 를 받기에 GTM 1 또는 GTM 2 로 질
의 한다. 또한 GTM에서는 각 IDC의 서버의 서비스 상태를 확인 접속 가능한 서버 IP
를 알려 준다.
이때 클라이언트의 LDNS IP에 따라 접근 가능한 IDC를 정의 할 수 있다.
DC#1
F5 GTM : Traffic Flow
13. Active
Active
DNS
고속 DNS Active
DNS 및 GSLB 서비스
DNS
• 최대 1천만 DNS 쿼리/
초를 지원하는 DNS 확
장
• 최고 성능 을 발휘하는
앱 및 데이터센터로 사
용자 연결
• 고가용성을 위해 기존
인프라로 손쉬운 통합
F5 DNS Service
APP
APP
APP
14. F5 DNS Service : DNS Express
DNS Express DNS Server
• DNS 서버의 응답을 캐시로 저장
• 캐시에 저장된 항목에 대한 사용자 요청을 빠르게 처리
• 빠른 DNS 응답 보장 및 대용량 DNS 처리 성능을 통한 DNS 공격 대응 가능
Client
적용 기술
BIG-IP
Manage
DNS
Records
Dynamic DNS
DHCP
Answer
DNS
Query
Admin
Auth
Roles
Answer
DNS
Query
Answer
DNS
Query
Answer
DNS
Query
Answer
DNS
Query
15. F5 DNS Service : Anycast 지원
BIG-IP GTM and IP Anycast Integration
• 같은 IP Address를 여러 장비에서 동시 서비스
• 모든 requests에 대하여 지역적인 정보를 파악 하여 DNS 분산 처리
• Scale DNS infrastructure up and out per BIG-IP
• Revenue and brand are protected
16. F5 DNS Service : DNS 64
IPv6 to IPv4 간의 DNS Translation
Automatically map an IPv6 client making a AAAA DNS query to a IPv4 destination.
• Combined NAT64 and DNS64 provide automatic translation
• Supports pure IPv6 clients accessing both IPv6/IPv4 sites
• Critical for mobile devices and any client optimized for pure IPv6
• Eases evolution and bridges gap between IPv6/IPv4 DNS