|
Hi Jochen,
I have been researching the LVS, and doing experimentation for over 6 months
now but I must admit that I haven't done anything on a production level thus
far. My plans I think are similar to yours though, mass, ultra high
reliability web hosting.
The best solution I have been able to come up with for file serving is to use
two NFS servers, one as a hot standby using fake to assume it's IP if the
primary fails. Then connect both machines to an external SCSI RAID, that way
there is only one copy of the data and no syncing is required. The primary
machine mounts the RAID, while the other one waits, and if it detects a failure
of the primary, it shuts down the primary (if it isn't already), assumes it's
IP address, loads the SCSI module, mounts the RAID, and starts NFS. I believe
you could also have the RAID mounted as read-only on the hot spare but I don't
know for sure how well two SCSI cards on get along with each other on one bus
when they are both trying to access devices at the same time.
I always viewed data syncing as a serious problem because, sooner or later,
there will be a failure in the primary NFS machine, and you would lose any
updates users made to their sites, not to mention any email that arrived, since
the last data sync. Even syncing continuously would not solve that; obviously
losing data is not acceptable. While I haven't tried the dual-homed external
SCSI RAID solution myself, it is the method in my plan and the best one I've
been able to come up with which doesn't use any experimental distributed file
systems or anything like that to add complexity.
If you wanted a less expensive option, you could skip the hardware RAID
controller and use software RAID with external SCSI disks connected to SCSI
cards in each machine, but keep in mind that (check this to make sure) when you
lose a SCSI disk on a bus, you'll probably lose the whole bus, so you'd want 2
SCSI cards in each machine or 1 dual channel card in each machine. Then start
with two SCSI disks, one on each bus. With this implementation you'd be using
RAID1 (mirroring) and remember you're mirroring the buses, so each SCSI disk
must be mirrored with it's counterpart on the other bus.
As far as your security concerns go, I have had the same concerns.. I haven't
got any solution there other than to just use standard good practice in
security and keep access to a minimum, including between the machines on your
LVS network. I know there are some projects which allow you to place
restrictions on root, but I haven't had time to check them out. One that I
read about is Medusa DS9 http://medusa.fornax.sk/ but I'm not sure how good it
is.
One suggestion, I'm not sure how much load your LDAP servers will have, but why
not use the same machines as the NFS servers? Or if not, store the data on the
NFS servers RAID anyways..
My personal opinion, I think LVS is great and have had very good experience
with it, albeit on a very small scale though. But there are many good examples
of it being used with great results on a large scale.. And I definately think
LVS is the way to go over the "standalone-Server solution" you mentioned, I
think ISP's doing that I think are only demonstrating their laziness and
inability to plan out a large scale high availability, redundant solution, then
trying to find things to say to justify themselves. Reminds me of someone who
once tried to convince me that it's good to have single points of failure
because it makes it easy to figure out at what point your network failed, he
happens to be an MCSE lol :-).
Comments/Suggestions?
Cheers,
Robert
Jochen Tuchbreiter wrote:
>
> Hi,
>
> while planning the technical part of some webhosting company I studied
> various techniques to provide high-availability to the (potential) customers
> combined with good scalabilty and I stumbled over LVS.
>
> Would you people consider LVS stable/robust enough for usage for
> mass-webhosting ? Currently a lot of webhosting-companys go for the "put 300
> Domains on one machine that can run standalone - if the machine crashes only
> 300 Domains will be down" principle.
>
> Since I would like to avoid the problems that come with those
> "standalone"-webserver solutions I thought about setting up two LVS-Boxes,
> two NFS-Servers, two LDAP-Servers (which will store all userdata) and a
> number of "webslaves" that will share one filesystem (from the NFS-Server)
> and that will serve the requests the LVS-Boxes direct to them.
>
> Do you think that such a setup would prove more stable than the
> "standalone"-Server solution ? Would clustering/LVS (in your eyes) make
> sense for (quality) mass-virtual hosting at all ?
>
> Do you know a way to keep two NFS-Servers in sync in realtime ? I am
> insecure about using coda, since it is still considered "not ready for
> production use".
>
> A lot of questions, I would be happy if I get some advice from
> LVS-experienced people :)
>
> Greetings,
>
> Jochen
>
|
