In the context of parallel computing, Load Balancing is the distribution of a set of tasks over different computing units (or related resources), to make the overall process easier to execute and much more efficient. Ensuring no single server bears too much of demand and evenly spreading the load, it improves the responsiveness and availability of applications or websites for the user.
this slide is created for understand open vswitch more easily.
so I tried to make it practical. if you just follow up this scenario, then you will get some knowledge about OVS.
In this document, I mainly use only two command "ip" and "ovs-vsctl" to show you the ability of these commands.
After an overview presentation, we will demonstrate live how HPE's multi-vendor Intelligent Management Center (IMC) software can be used to manage day to day operations for the datacenter. Introduction to HPE IMC focused on management for data center switching. Topics include REST API, virtualization integration and data center fabric management.
this slide is created for understand open vswitch more easily.
so I tried to make it practical. if you just follow up this scenario, then you will get some knowledge about OVS.
In this document, I mainly use only two command "ip" and "ovs-vsctl" to show you the ability of these commands.
After an overview presentation, we will demonstrate live how HPE's multi-vendor Intelligent Management Center (IMC) software can be used to manage day to day operations for the datacenter. Introduction to HPE IMC focused on management for data center switching. Topics include REST API, virtualization integration and data center fabric management.
This presentation covers the basics about OpenvSwitch and its components. OpenvSwitch is a Open Source implementation of OpenFlow by the Nicira team.
It also also talks about OpenvSwitch and its role in OpenStack Networking
Presented at GDG Devfest Ukraine 2018.
Prometheus has become the defacto monitoring system for cloud native applications, with systems like Kubernetes and Etcd natively exposing Prometheus metrics. In this talk Tom will explore all the moving part for a working Prometheus-on-Kubernetes monitoring system, including kube-state-metrics, node-exporter, cAdvisor and Grafana. You will learn about the various methods for getting to a working setup: the manual approach, using CoreOS’s Prometheus Operator, or using Prometheus Ksonnet Mixin. Tom will also share some little tips and tricks for getting the most out of your Prometheus monitoring, including the common pitfalls and what you should be alerting on.
This is a presentation I held at "DevOps and Security" -meetup on 5th of April 2016 at RedHat.
Source is available at: https://github.com/jerryjj/devsec_050416
Presented @ ISA Safety & Security Symposium 2012
Aneheim, CA, April 2012
Wireshark is the de facto network packet analysis tool used in the industry today. It is an easily extensible open–source tool that provides a large number of capabilities for users. It’s not just for IT–based protocols either. Many industrial protocols have created packet decoders for Wireshark. This tutorial will provide the user with:
* An introduction to protocol layering
* A basic overview of packet capture and analysis
* A demonstration of how Wireshark can be used for packet capture and analysis
* Examples of some industrial protocol in Wireshark
* An explanation of some more advanced features available in Wireshark
(ATS4-PLAT01) Core Architecture Changes in AEP 9.0 and their Impact on Admini...BIOVIA
AEP 9.0 will see several changes to the core infrastructure which will require changes to the way the server is managed as well as new deployment options that may affect the ways that protocol developers deliver content to their users. We will cover the addition of Tomcat as a new side by side service with Apache, new administration features: exporting and importing server configurations, maintenance mode, and new deployment options: HTTPS and HTTP only modes, deploying behind reverse proxies, and HTTP load balancing.
This presentation covers the basics about OpenvSwitch and its components. OpenvSwitch is a Open Source implementation of OpenFlow by the Nicira team.
It also also talks about OpenvSwitch and its role in OpenStack Networking
Presented at GDG Devfest Ukraine 2018.
Prometheus has become the defacto monitoring system for cloud native applications, with systems like Kubernetes and Etcd natively exposing Prometheus metrics. In this talk Tom will explore all the moving part for a working Prometheus-on-Kubernetes monitoring system, including kube-state-metrics, node-exporter, cAdvisor and Grafana. You will learn about the various methods for getting to a working setup: the manual approach, using CoreOS’s Prometheus Operator, or using Prometheus Ksonnet Mixin. Tom will also share some little tips and tricks for getting the most out of your Prometheus monitoring, including the common pitfalls and what you should be alerting on.
This is a presentation I held at "DevOps and Security" -meetup on 5th of April 2016 at RedHat.
Source is available at: https://github.com/jerryjj/devsec_050416
Presented @ ISA Safety & Security Symposium 2012
Aneheim, CA, April 2012
Wireshark is the de facto network packet analysis tool used in the industry today. It is an easily extensible open–source tool that provides a large number of capabilities for users. It’s not just for IT–based protocols either. Many industrial protocols have created packet decoders for Wireshark. This tutorial will provide the user with:
* An introduction to protocol layering
* A basic overview of packet capture and analysis
* A demonstration of how Wireshark can be used for packet capture and analysis
* Examples of some industrial protocol in Wireshark
* An explanation of some more advanced features available in Wireshark
(ATS4-PLAT01) Core Architecture Changes in AEP 9.0 and their Impact on Admini...BIOVIA
AEP 9.0 will see several changes to the core infrastructure which will require changes to the way the server is managed as well as new deployment options that may affect the ways that protocol developers deliver content to their users. We will cover the addition of Tomcat as a new side by side service with Apache, new administration features: exporting and importing server configurations, maintenance mode, and new deployment options: HTTPS and HTTP only modes, deploying behind reverse proxies, and HTTP load balancing.
HPC control systems are evolving into the future. This presentation looks at where this evolution may lead, and describes how the control system of the future might be constructed.
As a follow-up of the previous session about TFB, we will discuss what kind of tuning was made to the mORMot library, and its associated TFB sample implementation, to reach the top scores in charts. How can a pure Pascal project reach 7 millions of HTTP requests per seconds? How to scale and measure on high-end hardware? Are ORM frameworks damned to slow down everything? How to circumvent the lack of “async” programming at language level? How realistic is such a benchmark?
Training Slides: 205 - Installing and Configuring Tungsten DashboardContinuent
This training session introduces Tungsten Dashboard from installation to configuration in a demo type format. Tungsten Dashboard is the ideal tool for cluster maintenance and this training demonstrates how.
TOPICS COVERED
- Present the Dashboard
- Cluster Maintenance with the Dashboard
- How to Install the dashboard
A study and practice of OpenStack release Kilo HA deployment. The Kilo document has some errors, and it's hardly find a detailed document to describe how to deploy a HA cloud based on Kilo release. Hope this slides can provide some clues.
Balázs Bucsay - XFLTReaT: Building a Tunnelhacktivity
XFLTReaT is an open-source tunnelling framework that handles all the boring stuff and offers the capability to the users to take care of only those things that matter. It provides significant improvements over existing tools. From now on there is no need to write a new tunnel for each and every protocol or to deal with interfaces and routing. Any protocol can be converted to a module, which works in a plug-and-play fashion; authentication and encryption can be configured and customised on all traffic and it is also worth mentioning that the framework was designed to be easy to configure, use and develop. In case there is a need to send packets over ICMP, RDP or SSH then this can be done in a matter of minutes, instead of developing a new tool from scratch. The potential use (or abuse) cases are plentiful, such as bypassing network restrictions of an ISP, the proxy of a workplace or obtaining Internet connectivity through bypassing captive portals in the middle of the Atlantic Ocean or at an altitude of 12km on an airplane.
This framework is not just a tool; it unites different technologies in the field of tunnelling. It will be show how to tunnel data over a Windows jumpbox utilising RDP (including the dirty low level "secrets") or how to exfiltrate data over ICMP from barely secured networks. We have simplified the whole process and created a framework that is responsible for everything but the communication itself, we rethought the old way of tunnelling and tried to give something new to the community. After the initial setup the framework takes care of everything. With the check functionality we can even find out, which module can be used on the network, there is no need for any low-level packet fu and hassle. I guarantee that you won’t be disappointed with the tool and the talk, actually you will be richer with an open-source tool.
My talk at ScaleConf 2017 in Cape Town on some tips and tactics for scaling WordPress, with reference to WordPress.com and the container-based VIP Go platform.
Video of my talk is here: https://www.youtube.com/watch?v=cs0DcY80spw
PHP Conference Japan 2019 Track6-5 Aurimas Niekis - How to Supercharge your PHP Web API
https://phpcon.php.gr.jp/2019/
https://www.youtube.com/watch?v=ZtTvUQCDDTM
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptxBrad Spiegel Macon GA
Brad Spiegel Macon GA’s journey exemplifies the profound impact that one individual can have on their community. Through his unwavering dedication to digital inclusion, he’s not only bridging the gap in Macon but also setting an example for others to follow.
2.Cellular Networks_The final stage of connectivity is achieved by segmenting...JeyaPerumal1
A cellular network, frequently referred to as a mobile network, is a type of communication system that enables wireless communication between mobile devices. The final stage of connectivity is achieved by segmenting the comprehensive service area into several compact zones, each called a cell.
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024APNIC
Ellisha Heppner, Grant Management Lead, presented an update on APNIC Foundation to the PNG DNS Forum held from 6 to 10 May, 2024 in Port Moresby, Papua New Guinea.
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdfFlorence Consulting
Quattordicesimo Meetup di Milano, tenutosi a Milano il 23 Maggio 2024 dalle ore 17:00 alle ore 18:30 in presenza e da remoto.
Abbiamo parlato di come Axpo Italia S.p.A. ha ridotto il technical debt migrando le proprie APIs da Mule 3.9 a Mule 4.4 passando anche da on-premises a CloudHub 1.0.
1.Wireless Communication System_Wireless communication is a broad term that i...JeyaPerumal1
Wireless communication involves the transmission of information over a distance without the help of wires, cables or any other forms of electrical conductors.
Wireless communication is a broad term that incorporates all procedures and forms of connecting and communicating between two or more devices using a wireless signal through wireless communication technologies and devices.
Features of Wireless Communication
The evolution of wireless technology has brought many advancements with its effective features.
The transmitted distance can be anywhere between a few meters (for example, a television's remote control) and thousands of kilometers (for example, radio communication).
Wireless communication can be used for cellular telephony, wireless access to the internet, wireless home networking, and so on.
Italy Agriculture Equipment Market Outlook to 2027harveenkaur52
Agriculture and Animal Care
Ken Research has an expertise in Agriculture and Animal Care sector and offer vast collection of information related to all major aspects such as Agriculture equipment, Crop Protection, Seed, Agriculture Chemical, Fertilizers, Protected Cultivators, Palm Oil, Hybrid Seed, Animal Feed additives and many more.
Our continuous study and findings in agriculture sector provide better insights to companies dealing with related product and services, government and agriculture associations, researchers and students to well understand the present and expected scenario.
Our Animal care category provides solutions on Animal Healthcare and related products and services, including, animal feed additives, vaccination
Instagram has become one of the most popular social media platforms, allowing people to share photos, videos, and stories with their followers. Sometimes, though, you might want to view someone's story without them knowing.
1. High Availability Low
Dollar Load Balancing
Simon Karpen
System Architect, VoiceThread
skarpen@voicethread.com
Via Karpen Internet Systems
skarpen@karpeninternet.com
These slides are licensed under the Creative Commons
Attribution Share-Alike 3.0 license,
http://creativecommons.org/licenses/by-sa/3.0/US/
2. Overview
• What is Load Balancing
• Why load balance
• What services should you load balance
• What are some common load balancing topologies
• What are some open source load balancing technologies
• How would we build a HA configuration out of these
technologies
• How do I IPv6 enable IPv4 services with a single
command line on a dual-stack machine
3. What is Load Balancing
• Split traffic across two or more servers
• Many different techniques and topologies
• Layer 4 or layer 7
• Useful for most TCP services
• Divides traffic using a variety of algorithms
(WLC, RR, etc)
4. Why Load Balance
• Improve performance
• Improve redundancy
• More cost effective scaling
o 4-socket machines cost 4x as much as 2-socket
• More cost effective redundancy
o n+1 or n+2 instead of 2n
• SSL Acceleration
• Security / IPS / Choke Point
5. Which Services
• Without built-in failover
• More than one infrastructure unit of
performance
• Good: web services, application services
• Probably not: DNS, inbound SMTP
• Examples: virtually any web site you visit!
• Stickiness – understand your services
9. Application Proxy
• Positives
o Simplest to setup
o Minimal platform dependencies
o Minimal changes to other infrastructure
o 100% Userspace
• Negatives
o Limited total performance
o Hides end user IPs from applications
12. Half and Full NAT
• Full NAT
o Similar to an application proxy
o Destination still doesn’t know source IP
o All packets still go through the load balancer
• Half NAT
o Destination IP is changed, source IP is not
o Allows the application to know the client
o All packets still go through the load balancer
14. Direct Server Return
• Incoming packets pass through the load
balancer
• Outgoing direct to the gateway / client
• Most scalable
• Most complex to configure
• Application servers must all have public
application IP, non-ARP
o via arptables, loopback, etc
15. Apache mod_proxy_balancer
• Application (layer 7) proxy for web
• Runs under any cluster manager
• Cookie based persistence
• Apache rewrite, redirect, etc at the load balancer
• Web (http, https) traffic only
• SSL offload / SSL issues
• Anything that runs Apache (even Windows)
17. pen
• Runs under any cluster manager
• Simple layer 4 or layer 7 proxy
• Very simple configuration
• Moderate traffic
• Really shines for internal services
• Already IPv6 ready!
• Linux, BSD, Solaris
18. pen
• Configuration via command line options
• Use init scripts from web site, or roll your own
• Init scripts store command line options in pen.cf
pen –x 6144 –c 262144 –h –H –p <pidfile>
192.168.232.20:80 192.168.232.21:80 192.168.232.22:80
pen –x 500 –c 16384 –h –p <pidfile> 192.168.232.20:993
192.168.232.23:993 192.168.232.24:993
19. IPVS / Pulse / Piranha
• These work together as a system
• IPVS: load balancing
• Pulse: cluster manager (lightweight)
• Piranha: web interface for configuration
• EL5 version is IPv4 only
• EL6 version is IPv4 / IPv6
• Layer 4, in-kernel, Linux only
20. IPVS
• IP Virtual Server, implemented via Netfilter
• Controlled via ipvsadm
• Or use a front-end like piranha
• Supports persistence, many schedulers
Command line:
ipvsadm –A –t 192.168.23.20:80 –s rr
ipvsadm –a –t 192.168.23.20:80 –r 192.168.23.21:80 –m
Ipvsadm –a –t 192.168.23.20:80 –r 192.168.23.22:80 –m
21. Piranha
• Graphical configuration interface
• Manage Pulse and IPVS configuration
• Web based, some expensive LB use it too
• Handles half-NAT, full-NAT and DSR topologies
• Runs on port 3636, password protected
• Recommend access via ssh tunnel
22. Piranha - Pulse
• Simple, single purpose cluster manager
• Only supports 2-node active/passive failover
• Configured via Piranha web interface
27. Piranha – Real Servers
Add two real servers, and prepare to edit
28. Piranha – Real Server
Configure both real servers on both hosts
29. Piranha - Finalize
• Configure monitoring scripts (write if needed)
• Activate real servers
• Activate virtual servers
• Add non-ARP’d VIPs on actual real servers (if
using DSR)
• Start pulse (init script) on both servers
• Test, verify, debug!
30. Cluster Managers
• LVS / IPVS fits well with Pulse
• Pen and Apache are simple, run under virtually
any cluster manager
• Positive experience with Heartbeat
• Choose based on organizational needs
• (aka use what your team knows!)
• Simple services, limited needs from CM
31. Heartbeat, pen, Apache
• Apache (on EL5/EL6) has good init scripts
• Pen init scripts from web site need killall in stop
section (otherwise it doesn’t work)
• Run under Heartbeat v1 configuration as a
service and an IP Address
• Apache init scripts ready for Heartbeat v2 /
Pacemaker / CRM
• Pen init scripts will need a rewrite
34. IPv6!
• Bootstrapping problem, you can help!
• LVS / IPVS supports IPv6 in EL6 but not EL5
• Pen supports IPv6 out of the box
• Apache mod_proxy supports IPv6
• Reports mixed on mod_proxy_balancer
• Could use IPv6 mod_proxy in front of IPv4
mod_proxy_balancer
35. Easy IPv6
• One command line, as promised!
• Uses pen, mostly cross platform (Linux / Solaris /
BSD)
• Must run on a dual stack box
• Application must be TCP, not UDP
• Run under a cluster manager for HA
pen <regular options> ipv6addr:svcport
ipv4addr:svcport
Now you can IPv6 enable your web site!
36. Final Thoughts
• Lots of options in terms of software and
topology
• This does not cover global load balancing
• This can be layered with global LB or ADN
• Balance performance, cost, complexity
• Think about organizational and application
needs