SlideShare a Scribd company logo

Loadbalancing In-depth study for scale @ 80K TPS

Download as PPTX, PDF
S
Shrey Agarwal

This PPT is 60 days research on Software loadbalancing tech at scale.

Technology
1 of 26
In-Depth Study to scale @ 80K TPS Load Balancing
Starting ❖ About Me : Engineering @ Paytm . Working on this problem for 2 months ❖ Problem : Identifying Entry Solution for 80K TPS, 20K active transacting connections , while keeping latency loss < 2 ms ❖ Outline : Evaluation and Perf test of all sorts of LB, Routers and classify them ❖ Not Covering : After Every solution, things which are not covered
Evaluation criteria ▸High Availability ( HA ) : Unaffected service during any predefined number of simultaneous failures ▸Balancing strategies : Round robin, least connection, weighted . ▸Health Checks ▸Extensibility : C/Lua Lib support ▸Monitoring and Manageability ▸Perf
Categories of LB ❖ DNS Based ❖ Software & Hardware Based ❖ Layer 3/4 Proxying ❖ Layer 7 Proxying ❖ Routing at L4 cue 5
DNS Based ❖ Multiple IPs : Round Robin ❖ No Concept of HA, Monitoring, health checks ❖ Health Checks, Routing policies are available via custom solutions
Layer 3/4 Load Balancing ❖ Hardware Based LBs mostly. ❖ No well known Prog. which runs in Kernel Space. ❖ Software Based User Space Proxy based LBs examples are Haproxy and Nginx
Haproxy Monitoring ❖ Socket Based Stats are available with ~60 CSV ❖ Web Interface
Benchmarking Env cue 10
Issues with Haproxy L4 ❖ Scale Constraint ❖ Only CPU. Cores 100% with Load(1 min) as 64 ❖ Benchmark ❖ 20K TPS , keep-alive off and 100ms backend latency.
Layer 7 load balancing ❖ Hardware based Lb : F5, Fortinet. ❖ Protocol rigidness ❖ No well known Prog. which runs in Kernel Space. ❖ Software Based : Nginx and HaProxy are popular ones. ❖ Benchmarking Issues with Nginx as L7 ❖ Even more CPU Constraint than L4 : 18-20K TPS in same Env
Not covering these for Haproxy ❖ Security Aspects : IPTables, WAF, Selinux ❖ Bare Metal Machines Detailed Specs and Part Numbers ❖ Decision on choice of Machine. ❖ Networking Details ❖ NIC Bonding Specs ❖ Benchmark Tools Detailing : GOR Detailing cue 15
Routing L3/4 ❖ What is routing ❖ Routing scales , less than half resources are required than proxying.
Types of routing ❖ Natting : Works like proxy ❖ Direct Route : Spoof MAC address and send it back. ❖ IP Tunneling : Most Scalable, works on IPIP Tunnel ( across different DCs )
Routers ❖ Hardware routers : Not designed to be horizontally scalable ❖ No Well-Known Horizontally scalable Hw Routers. ❖ We needed a Software Router : LVS/IPVS cue 20
Software Router : LVS ❖ LVS : Linux Virtual server , 20 years old, both Layer 4 and 7 ❖ IPVS : IP Virtual Server, merged in Kernel 2.4 ❖ KTCPVS : App LB , in dev for last 8 years. ❖ Runs in Kernel Space ❖ Supports different distribution methods : RR, Least connection, Weighted LC
LVS Issues ❖ CPU Affinity of Interrupts ❖ RP Filter Bypass ❖ Manageability and Monitoring ❖ HA ❖ IP Tunnel Extensibility
LVS : CPU Affinity ❖ CPU Affinity of Interrupts ❖ Kernel tries to load balance IRQ ( Interrupt Request Line ) across cores. ❖ irqbalance service is responsible. ❖ cat /proc/interrupts will help see which core will max out. ❖ Balance (1) : echo fff > /sys/class/net/eth0/queues/rx-0/rps_cpus ❖ Balance (2) : echo 'fff' > /proc/irq/14/smp_affinity ❖ Balance (3) : echo '0-3' > /proc/irq/28/smp_affinity_list
LVS : RP Filter ❖ RP Filter : To Avoid Spoofing and DDOS ❖ Kernel checks whether the source of the received packet is reachable through the route it came in. ❖ To Disable : net.ipv4.conf.tun.rp_filter = 0 in /etc/sysctl.conf ( and sysctl -p )
LVS :Monitoring & management❖ Managed by System Calls , No config ( use Consul Template ) ❖ Logging : No Logs in user Space, Kernel messages for Errors ❖ Monitoring : Telegraf plugin available ( internals : ipvsadm —list —numeric /—connection /— stats /—rate )
LVS : HA ❖ KeepAlive(d) + VIP ❖ Connection Sync Service ❖ ipvsadm —start/stop- daemon=master/backu p --mcast-interface=<> - -syncid <>
❖ KeepAlive(d) for own Health Check ❖ Consul Template for Real Server Healtch Check LVS : HealthCheck cue 30
LVS IPIP Debugging ❖ IPIP Tunnel and VIP extension to multiple machines :Painful ❖ IPIP Tunnel Issues and recovery across DC ❖ Setup Probes and Packet Capture
Final Load Test
Final Arch cue 35
Willy Tarreau : Haproxy ❖ Creator of Haproxy ❖ wtarreau.blogspot.com/2006/11/making-applications- scalable-with-load.html ❖ The PPT structure is based on the article.
Shrey Agarwal in.linkedin.com/in/shreyagarwal ❖ wtarreau.blogspot.com/2006/11/making-applications-scalable-with-load.html ❖ opensourceforu.com/2009/05/balancing-traffic-across-data-centres-using-lvs/ ❖ www.austintek.com/LVS/LVS-HOWTO/HOWTO/LVS-HOWTO.LVS-Tun.html ❖ linux.die.net/man/8/ipvsadm ❖ serverfault.com/questions/723786/udp-packets-seen-on-interface-level-but-not-delivered-to-application-on-redhat ❖ serverfault.com/questions/163244/linux-kernel-not-passing-through-multicast-udp-packets References

Recommended

Ch 03 --- the OpenFlow protocols
Ch 03 --- the OpenFlow protocolsCh 03 --- the OpenFlow protocols
Ch 03 --- the OpenFlow protocolsYoram Orzach
 
TRex Realistic Traffic Generator - Stateless support
TRex Realistic Traffic Generator - Stateless support TRex Realistic Traffic Generator - Stateless support
TRex Realistic Traffic Generator - Stateless support Hanoch Haim
 
Part 10 : Routing in IP networks and interdomain routing with BGP
Part 10 : Routing in IP networks and interdomain routing with BGPPart 10 : Routing in IP networks and interdomain routing with BGP
Part 10 : Routing in IP networks and interdomain routing with BGPOlivier Bonaventure
 
20 common port numbers and their purposes
20 common port numbers and their purposes 20 common port numbers and their purposes
20 common port numbers and their purposes salamassh
 
Ixiaexplorer
IxiaexplorerIxiaexplorer
Ixiaexplorernlekh
 
10 routing-bgp
10 routing-bgp10 routing-bgp
10 routing-bgpOlivier Bonaventure
 
Packet Analysis - Course Technology Computing Conference
Packet Analysis - Course Technology Computing ConferencePacket Analysis - Course Technology Computing Conference
Packet Analysis - Course Technology Computing ConferenceCengage Learning
 
Performance test
Performance testPerformance test
Performance testTony Fortunato
 

Recommended

Ch 03 --- the OpenFlow protocols
Ch 03 --- the OpenFlow protocolsCh 03 --- the OpenFlow protocols
Ch 03 --- the OpenFlow protocolsYoram Orzach
 
TRex Realistic Traffic Generator - Stateless support
TRex Realistic Traffic Generator - Stateless support TRex Realistic Traffic Generator - Stateless support
TRex Realistic Traffic Generator - Stateless support Hanoch Haim
 
Part 10 : Routing in IP networks and interdomain routing with BGP
Part 10 : Routing in IP networks and interdomain routing with BGPPart 10 : Routing in IP networks and interdomain routing with BGP
Part 10 : Routing in IP networks and interdomain routing with BGPOlivier Bonaventure
 
20 common port numbers and their purposes
20 common port numbers and their purposes 20 common port numbers and their purposes
20 common port numbers and their purposes salamassh
 
Ixiaexplorer
IxiaexplorerIxiaexplorer
Ixiaexplorernlekh
 
10 routing-bgp
10 routing-bgp10 routing-bgp
10 routing-bgpOlivier Bonaventure
 
Packet Analysis - Course Technology Computing Conference
Packet Analysis - Course Technology Computing ConferencePacket Analysis - Course Technology Computing Conference
Packet Analysis - Course Technology Computing ConferenceCengage Learning
 
Performance test
Performance testPerformance test
Performance testTony Fortunato
 
ACIT Mumbai - OSI Model
ACIT Mumbai - OSI ModelACIT Mumbai - OSI Model
ACIT Mumbai - OSI ModelSleek International
 
Sanitizing PCAPs
Sanitizing PCAPsSanitizing PCAPs
Sanitizing PCAPsJasper Bongertz
 
12 ethernet-wifi
12 ethernet-wifi12 ethernet-wifi
12 ethernet-wifiOlivier Bonaventure
 
Part 9 : Congestion control and IPv6
Part 9 : Congestion control and IPv6Part 9 : Congestion control and IPv6
Part 9 : Congestion control and IPv6Olivier Bonaventure
 
Ports & sockets
Ports & sockets Ports & sockets
Ports & sockets myrajendra
 
The Next Generation Firewall for Red Hat Enterprise Linux 7 RC
The Next Generation Firewall for Red Hat Enterprise Linux 7 RCThe Next Generation Firewall for Red Hat Enterprise Linux 7 RC
The Next Generation Firewall for Red Hat Enterprise Linux 7 RCThomas Graf
 
Ports and protocols
Ports and protocolsPorts and protocols
Ports and protocolssiva rama
 
Efficient Topology Discovery in Software Defined Networks
Efficient Topology Discovery in Software Defined NetworksEfficient Topology Discovery in Software Defined Networks
Efficient Topology Discovery in Software Defined NetworksFarzaneh Pakzad
 
Cisco Router Throughput
Cisco Router ThroughputCisco Router Throughput
Cisco Router Throughput3Anetwork com
 
TCPLS presentation @ietf 109
TCPLS presentation @ietf 109TCPLS presentation @ietf 109
TCPLS presentation @ietf 109Olivier Bonaventure
 
Part 7 : HTTP/2, UDP and TCP
Part 7 : HTTP/2, UDP and TCPPart 7 : HTTP/2, UDP and TCP
Part 7 : HTTP/2, UDP and TCPOlivier Bonaventure
 
Introduction to Remote Procedure Call
Introduction to Remote Procedure CallIntroduction to Remote Procedure Call
Introduction to Remote Procedure CallAbdelrahman Al-Ogail
 
Remote procedure call on client server computing
Remote procedure call on client server computingRemote procedure call on client server computing
Remote procedure call on client server computingSatya P. Joshi
 
Tcpip 1
Tcpip 1Tcpip 1
Tcpip 1myrajendra
 
OSN days 2019 - Open Networking and Programmable Switch
OSN days 2019 - Open Networking and Programmable SwitchOSN days 2019 - Open Networking and Programmable Switch
OSN days 2019 - Open Networking and Programmable SwitchChun Ming Ou
 
DevConf 2014 Kernel Networking Walkthrough
DevConf 2014 Kernel Networking WalkthroughDevConf 2014 Kernel Networking Walkthrough
DevConf 2014 Kernel Networking WalkthroughThomas Graf
 
0-RTT TCP converters
0-RTT TCP converters0-RTT TCP converters
0-RTT TCP convertersOlivier Bonaventure
 
Open vSwitch - Stateful Connection Tracking & Stateful NAT
Open vSwitch - Stateful Connection Tracking & Stateful NATOpen vSwitch - Stateful Connection Tracking & Stateful NAT
Open vSwitch - Stateful Connection Tracking & Stateful NATThomas Graf
 
NAT and firewall presentation - how setup a nice firewall
NAT and firewall presentation - how setup a nice firewallNAT and firewall presentation - how setup a nice firewall
NAT and firewall presentation - how setup a nice firewallCassiano Campes
 
Innovation is back in the transport and network layers
Innovation is back in the transport and network layersInnovation is back in the transport and network layers
Innovation is back in the transport and network layersOlivier Bonaventure
 
Loadbalancing In-depth study for scale @ 80K TPS
Loadbalancing In-depth study for scale @ 80K TPS Loadbalancing In-depth study for scale @ 80K TPS
Loadbalancing In-depth study for scale @ 80K TPS Shrey Agarwal
 
Experiences with Microservices at Tuenti
Experiences with Microservices at TuentiExperiences with Microservices at Tuenti
Experiences with Microservices at TuentiAndrés Viedma Peláez
 

More Related Content

What's hot

Part 9 : Congestion control and IPv6
Part 9 : Congestion control and IPv6Part 9 : Congestion control and IPv6
Part 9 : Congestion control and IPv6Olivier Bonaventure
 
Ports & sockets
Ports & sockets Ports & sockets
Ports & sockets myrajendra
 
The Next Generation Firewall for Red Hat Enterprise Linux 7 RC
The Next Generation Firewall for Red Hat Enterprise Linux 7 RCThe Next Generation Firewall for Red Hat Enterprise Linux 7 RC
The Next Generation Firewall for Red Hat Enterprise Linux 7 RCThomas Graf
 
Ports and protocols
Ports and protocolsPorts and protocols
Ports and protocolssiva rama
 
Efficient Topology Discovery in Software Defined Networks
Efficient Topology Discovery in Software Defined NetworksEfficient Topology Discovery in Software Defined Networks
Efficient Topology Discovery in Software Defined NetworksFarzaneh Pakzad
 
Cisco Router Throughput
Cisco Router ThroughputCisco Router Throughput
Cisco Router Throughput3Anetwork com
 
Introduction to Remote Procedure Call
Introduction to Remote Procedure CallIntroduction to Remote Procedure Call
Introduction to Remote Procedure CallAbdelrahman Al-Ogail
 
Remote procedure call on client server computing
Remote procedure call on client server computingRemote procedure call on client server computing
Remote procedure call on client server computingSatya P. Joshi
 
OSN days 2019 - Open Networking and Programmable Switch
OSN days 2019 - Open Networking and Programmable SwitchOSN days 2019 - Open Networking and Programmable Switch
OSN days 2019 - Open Networking and Programmable SwitchChun Ming Ou
 
DevConf 2014 Kernel Networking Walkthrough
DevConf 2014 Kernel Networking WalkthroughDevConf 2014 Kernel Networking Walkthrough
DevConf 2014 Kernel Networking WalkthroughThomas Graf
 
Open vSwitch - Stateful Connection Tracking & Stateful NAT
Open vSwitch - Stateful Connection Tracking & Stateful NATOpen vSwitch - Stateful Connection Tracking & Stateful NAT
Open vSwitch - Stateful Connection Tracking & Stateful NATThomas Graf
 
NAT and firewall presentation - how setup a nice firewall
NAT and firewall presentation - how setup a nice firewallNAT and firewall presentation - how setup a nice firewall
NAT and firewall presentation - how setup a nice firewallCassiano Campes
 
Innovation is back in the transport and network layers
Innovation is back in the transport and network layersInnovation is back in the transport and network layers
Innovation is back in the transport and network layersOlivier Bonaventure
 

What's hot (20)

ACIT Mumbai - OSI Model
ACIT Mumbai - OSI ModelACIT Mumbai - OSI Model
ACIT Mumbai - OSI Model
 
Sanitizing PCAPs
Sanitizing PCAPsSanitizing PCAPs
Sanitizing PCAPs
 
12 ethernet-wifi
12 ethernet-wifi12 ethernet-wifi
12 ethernet-wifi
 
Part 9 : Congestion control and IPv6
Part 9 : Congestion control and IPv6Part 9 : Congestion control and IPv6
Part 9 : Congestion control and IPv6
 
Ports & sockets
Ports & sockets Ports & sockets
Ports & sockets
 
The Next Generation Firewall for Red Hat Enterprise Linux 7 RC
The Next Generation Firewall for Red Hat Enterprise Linux 7 RCThe Next Generation Firewall for Red Hat Enterprise Linux 7 RC
The Next Generation Firewall for Red Hat Enterprise Linux 7 RC
 
Ports and protocols
Ports and protocolsPorts and protocols
Ports and protocols
 
Efficient Topology Discovery in Software Defined Networks
Efficient Topology Discovery in Software Defined NetworksEfficient Topology Discovery in Software Defined Networks
Efficient Topology Discovery in Software Defined Networks
 
Cisco Router Throughput
Cisco Router ThroughputCisco Router Throughput
Cisco Router Throughput
 
TCPLS presentation @ietf 109
TCPLS presentation @ietf 109TCPLS presentation @ietf 109
TCPLS presentation @ietf 109
 
Part 7 : HTTP/2, UDP and TCP
Part 7 : HTTP/2, UDP and TCPPart 7 : HTTP/2, UDP and TCP
Part 7 : HTTP/2, UDP and TCP
 
Introduction to Remote Procedure Call
Introduction to Remote Procedure CallIntroduction to Remote Procedure Call
Introduction to Remote Procedure Call
 
Remote procedure call on client server computing
Remote procedure call on client server computingRemote procedure call on client server computing
Remote procedure call on client server computing
 
Tcpip 1
Tcpip 1Tcpip 1
Tcpip 1
 
OSN days 2019 - Open Networking and Programmable Switch
OSN days 2019 - Open Networking and Programmable SwitchOSN days 2019 - Open Networking and Programmable Switch
OSN days 2019 - Open Networking and Programmable Switch
 
DevConf 2014 Kernel Networking Walkthrough
DevConf 2014 Kernel Networking WalkthroughDevConf 2014 Kernel Networking Walkthrough
DevConf 2014 Kernel Networking Walkthrough
 
0-RTT TCP converters
0-RTT TCP converters0-RTT TCP converters
0-RTT TCP converters
 
Open vSwitch - Stateful Connection Tracking & Stateful NAT
Open vSwitch - Stateful Connection Tracking & Stateful NATOpen vSwitch - Stateful Connection Tracking & Stateful NAT
Open vSwitch - Stateful Connection Tracking & Stateful NAT
 
NAT and firewall presentation - how setup a nice firewall
NAT and firewall presentation - how setup a nice firewallNAT and firewall presentation - how setup a nice firewall
NAT and firewall presentation - how setup a nice firewall
 
Innovation is back in the transport and network layers
Innovation is back in the transport and network layersInnovation is back in the transport and network layers
Innovation is back in the transport and network layers
 

Similar to Loadbalancing In-depth study for scale @ 80K TPS

Loadbalancing In-depth study for scale @ 80K TPS
Loadbalancing In-depth study for scale @ 80K TPS Loadbalancing In-depth study for scale @ 80K TPS
Loadbalancing In-depth study for scale @ 80K TPS Shrey Agarwal
 
Experiences with Microservices at Tuenti
Experiences with Microservices at TuentiExperiences with Microservices at Tuenti
Experiences with Microservices at TuentiAndrés Viedma Peláez
 
Spy hard, challenges of 100G deep packet inspection on x86 platform
Spy hard, challenges of 100G deep packet inspection on x86 platformSpy hard, challenges of 100G deep packet inspection on x86 platform
Spy hard, challenges of 100G deep packet inspection on x86 platformRedge Technologies
 
FlowER Erlang Openflow Controller
FlowER Erlang Openflow ControllerFlowER Erlang Openflow Controller
FlowER Erlang Openflow ControllerHolger Winkelmann
 
Comparing ZooKeeper and Consul
Comparing ZooKeeper and ConsulComparing ZooKeeper and Consul
Comparing ZooKeeper and ConsulIvan Glushkov
 
Brief LoRaWAN Overview
Brief LoRaWAN OverviewBrief LoRaWAN Overview
Brief LoRaWAN OverviewAlper Yegin
 
Cilium - Fast IPv6 Container Networking with BPF and XDP
Cilium - Fast IPv6 Container Networking with BPF and XDPCilium - Fast IPv6 Container Networking with BPF and XDP
Cilium - Fast IPv6 Container Networking with BPF and XDPThomas Graf
 
L4-L7 Application Services with Avi Networks
L4-L7 Application Services with Avi NetworksL4-L7 Application Services with Avi Networks
L4-L7 Application Services with Avi NetworksAvi Networks
 
PLNOG 18 - Paweł Małachowski - Spy hard czyli regexpem po pakietach
PLNOG 18 - Paweł Małachowski - Spy hard czyli regexpem po pakietachPLNOG 18 - Paweł Małachowski - Spy hard czyli regexpem po pakietach
PLNOG 18 - Paweł Małachowski - Spy hard czyli regexpem po pakietachPROIDEA
 
20160927-tierney-improving-performance-40G-100G-data-transfer-nodes.pdf
20160927-tierney-improving-performance-40G-100G-data-transfer-nodes.pdf20160927-tierney-improving-performance-40G-100G-data-transfer-nodes.pdf
20160927-tierney-improving-performance-40G-100G-data-transfer-nodes.pdfJunZhao68
 
Openlab.2014 02-13.major.vi sion
Openlab.2014 02-13.major.vi sionOpenlab.2014 02-13.major.vi sion
Openlab.2014 02-13.major.vi sionCcie Light
 
Software defined network and Virtualization
Software defined network and VirtualizationSoftware defined network and Virtualization
Software defined network and Virtualizationidrajeev
 
Snabb Switch: Riding the HPC wave to simpler, better network appliances (FOSD...
Snabb Switch: Riding the HPC wave to simpler, better network appliances (FOSD...Snabb Switch: Riding the HPC wave to simpler, better network appliances (FOSD...
Snabb Switch: Riding the HPC wave to simpler, better network appliances (FOSD...Igalia
 
Open vSwitch Introduction
Open vSwitch IntroductionOpen vSwitch Introduction
Open vSwitch IntroductionHungWei Chiu
 
Openflow overview
Openflow overviewOpenflow overview
Openflow overviewopenflowhub
 
Evergreen Sysadmin Survival Skills
Evergreen Sysadmin Survival SkillsEvergreen Sysadmin Survival Skills
Evergreen Sysadmin Survival SkillsEvergreen ILS
 
Network State Awareness & Troubleshooting
Network State Awareness & TroubleshootingNetwork State Awareness & Troubleshooting
Network State Awareness & TroubleshootingAPNIC
 
Tech Talk by Ben Pfaff: Open vSwitch - Part 2
Tech Talk by Ben Pfaff: Open vSwitch - Part 2Tech Talk by Ben Pfaff: Open vSwitch - Part 2
Tech Talk by Ben Pfaff: Open vSwitch - Part 2nvirters
 

Similar to Loadbalancing In-depth study for scale @ 80K TPS (20)

Loadbalancing In-depth study for scale @ 80K TPS
Loadbalancing In-depth study for scale @ 80K TPS Loadbalancing In-depth study for scale @ 80K TPS
Loadbalancing In-depth study for scale @ 80K TPS
 
Experiences with Microservices at Tuenti
Experiences with Microservices at TuentiExperiences with Microservices at Tuenti
Experiences with Microservices at Tuenti
 
Spy hard, challenges of 100G deep packet inspection on x86 platform
Spy hard, challenges of 100G deep packet inspection on x86 platformSpy hard, challenges of 100G deep packet inspection on x86 platform
Spy hard, challenges of 100G deep packet inspection on x86 platform
 
FlowER Erlang Openflow Controller
FlowER Erlang Openflow ControllerFlowER Erlang Openflow Controller
FlowER Erlang Openflow Controller
 
Comparing ZooKeeper and Consul
Comparing ZooKeeper and ConsulComparing ZooKeeper and Consul
Comparing ZooKeeper and Consul
 
Brief LoRaWAN Overview
Brief LoRaWAN OverviewBrief LoRaWAN Overview
Brief LoRaWAN Overview
 
Cilium - Fast IPv6 Container Networking with BPF and XDP
Cilium - Fast IPv6 Container Networking with BPF and XDPCilium - Fast IPv6 Container Networking with BPF and XDP
Cilium - Fast IPv6 Container Networking with BPF and XDP
 
L4-L7 Application Services with Avi Networks
L4-L7 Application Services with Avi NetworksL4-L7 Application Services with Avi Networks
L4-L7 Application Services with Avi Networks
 
PLNOG 18 - Paweł Małachowski - Spy hard czyli regexpem po pakietach
PLNOG 18 - Paweł Małachowski - Spy hard czyli regexpem po pakietachPLNOG 18 - Paweł Małachowski - Spy hard czyli regexpem po pakietach
PLNOG 18 - Paweł Małachowski - Spy hard czyli regexpem po pakietach
 
20160927-tierney-improving-performance-40G-100G-data-transfer-nodes.pdf
20160927-tierney-improving-performance-40G-100G-data-transfer-nodes.pdf20160927-tierney-improving-performance-40G-100G-data-transfer-nodes.pdf
20160927-tierney-improving-performance-40G-100G-data-transfer-nodes.pdf
 
Openlab.2014 02-13.major.vi sion
Openlab.2014 02-13.major.vi sionOpenlab.2014 02-13.major.vi sion
Openlab.2014 02-13.major.vi sion
 
Software defined network and Virtualization
Software defined network and VirtualizationSoftware defined network and Virtualization
Software defined network and Virtualization
 
FD.io - The Universal Dataplane
FD.io - The Universal DataplaneFD.io - The Universal Dataplane
FD.io - The Universal Dataplane
 
Snabb Switch: Riding the HPC wave to simpler, better network appliances (FOSD...
Snabb Switch: Riding the HPC wave to simpler, better network appliances (FOSD...Snabb Switch: Riding the HPC wave to simpler, better network appliances (FOSD...
Snabb Switch: Riding the HPC wave to simpler, better network appliances (FOSD...
 
OpenFlow Tutorial
OpenFlow TutorialOpenFlow Tutorial
OpenFlow Tutorial
 
Open vSwitch Introduction
Open vSwitch IntroductionOpen vSwitch Introduction
Open vSwitch Introduction
 
Openflow overview
Openflow overviewOpenflow overview
Openflow overview
 
Evergreen Sysadmin Survival Skills
Evergreen Sysadmin Survival SkillsEvergreen Sysadmin Survival Skills
Evergreen Sysadmin Survival Skills
 
Network State Awareness & Troubleshooting
Network State Awareness & TroubleshootingNetwork State Awareness & Troubleshooting
Network State Awareness & Troubleshooting
 
Tech Talk by Ben Pfaff: Open vSwitch - Part 2
Tech Talk by Ben Pfaff: Open vSwitch - Part 2Tech Talk by Ben Pfaff: Open vSwitch - Part 2
Tech Talk by Ben Pfaff: Open vSwitch - Part 2
 

Recently uploaded

Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Neo4j
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGMarianaLemus7
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 

Recently uploaded (20)

Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 

Loadbalancing In-depth study for scale @ 80K TPS

  • 1. In-Depth Study to scale @ 80K TPS Load Balancing
  • 2. Starting ❖ About Me : Engineering @ Paytm . Working on this problem for 2 months ❖ Problem : Identifying Entry Solution for 80K TPS, 20K active transacting connections , while keeping latency loss < 2 ms ❖ Outline : Evaluation and Perf test of all sorts of LB, Routers and classify them ❖ Not Covering : After Every solution, things which are not covered
  • 3. Evaluation criteria ▸High Availability ( HA ) : Unaffected service during any predefined number of simultaneous failures ▸Balancing strategies : Round robin, least connection, weighted . ▸Health Checks ▸Extensibility : C/Lua Lib support ▸Monitoring and Manageability ▸Perf
  • 4. Categories of LB ❖ DNS Based ❖ Software & Hardware Based ❖ Layer 3/4 Proxying ❖ Layer 7 Proxying ❖ Routing at L4 cue 5
  • 5. DNS Based ❖ Multiple IPs : Round Robin ❖ No Concept of HA, Monitoring, health checks ❖ Health Checks, Routing policies are available via custom solutions
  • 6. Layer 3/4 Load Balancing ❖ Hardware Based LBs mostly. ❖ No well known Prog. which runs in Kernel Space. ❖ Software Based User Space Proxy based LBs examples are Haproxy and Nginx
  • 7. Haproxy Monitoring ❖ Socket Based Stats are available with ~60 CSV ❖ Web Interface
  • 9. Issues with Haproxy L4 ❖ Scale Constraint ❖ Only CPU. Cores 100% with Load(1 min) as 64 ❖ Benchmark ❖ 20K TPS , keep-alive off and 100ms backend latency.
  • 10. Layer 7 load balancing ❖ Hardware based Lb : F5, Fortinet. ❖ Protocol rigidness ❖ No well known Prog. which runs in Kernel Space. ❖ Software Based : Nginx and HaProxy are popular ones. ❖ Benchmarking Issues with Nginx as L7 ❖ Even more CPU Constraint than L4 : 18-20K TPS in same Env
  • 11. Not covering these for Haproxy ❖ Security Aspects : IPTables, WAF, Selinux ❖ Bare Metal Machines Detailed Specs and Part Numbers ❖ Decision on choice of Machine. ❖ Networking Details ❖ NIC Bonding Specs ❖ Benchmark Tools Detailing : GOR Detailing cue 15
  • 12. Routing L3/4 ❖ What is routing ❖ Routing scales , less than half resources are required than proxying.
  • 13. Types of routing ❖ Natting : Works like proxy ❖ Direct Route : Spoof MAC address and send it back. ❖ IP Tunneling : Most Scalable, works on IPIP Tunnel ( across different DCs )
  • 14. Routers ❖ Hardware routers : Not designed to be horizontally scalable ❖ No Well-Known Horizontally scalable Hw Routers. ❖ We needed a Software Router : LVS/IPVS cue 20
  • 15. Software Router : LVS ❖ LVS : Linux Virtual server , 20 years old, both Layer 4 and 7 ❖ IPVS : IP Virtual Server, merged in Kernel 2.4 ❖ KTCPVS : App LB , in dev for last 8 years. ❖ Runs in Kernel Space ❖ Supports different distribution methods : RR, Least connection, Weighted LC
  • 16. LVS Issues ❖ CPU Affinity of Interrupts ❖ RP Filter Bypass ❖ Manageability and Monitoring ❖ HA ❖ IP Tunnel Extensibility
  • 17. LVS : CPU Affinity ❖ CPU Affinity of Interrupts ❖ Kernel tries to load balance IRQ ( Interrupt Request Line ) across cores. ❖ irqbalance service is responsible. ❖ cat /proc/interrupts will help see which core will max out. ❖ Balance (1) : echo fff > /sys/class/net/eth0/queues/rx-0/rps_cpus ❖ Balance (2) : echo 'fff' > /proc/irq/14/smp_affinity ❖ Balance (3) : echo '0-3' > /proc/irq/28/smp_affinity_list
  • 18. LVS : RP Filter ❖ RP Filter : To Avoid Spoofing and DDOS ❖ Kernel checks whether the source of the received packet is reachable through the route it came in. ❖ To Disable : net.ipv4.conf.tun.rp_filter = 0 in /etc/sysctl.conf ( and sysctl -p )
  • 19. LVS :Monitoring & management❖ Managed by System Calls , No config ( use Consul Template ) ❖ Logging : No Logs in user Space, Kernel messages for Errors ❖ Monitoring : Telegraf plugin available ( internals : ipvsadm —list —numeric /—connection /— stats /—rate )
  • 20. LVS : HA ❖ KeepAlive(d) + VIP ❖ Connection Sync Service ❖ ipvsadm —start/stop- daemon=master/backu p --mcast-interface=<> - -syncid <>
  • 21. ❖ KeepAlive(d) for own Health Check ❖ Consul Template for Real Server Healtch Check LVS : HealthCheck cue 30
  • 22. LVS IPIP Debugging ❖ IPIP Tunnel and VIP extension to multiple machines :Painful ❖ IPIP Tunnel Issues and recovery across DC ❖ Setup Probes and Packet Capture
  • 25. Willy Tarreau : Haproxy ❖ Creator of Haproxy ❖ wtarreau.blogspot.com/2006/11/making-applications- scalable-with-load.html ❖ The PPT structure is based on the article.
  • 26. Shrey Agarwal in.linkedin.com/in/shreyagarwal ❖ wtarreau.blogspot.com/2006/11/making-applications-scalable-with-load.html ❖ opensourceforu.com/2009/05/balancing-traffic-across-data-centres-using-lvs/ ❖ www.austintek.com/LVS/LVS-HOWTO/HOWTO/LVS-HOWTO.LVS-Tun.html ❖ linux.die.net/man/8/ipvsadm ❖ serverfault.com/questions/723786/udp-packets-seen-on-interface-level-but-not-delivered-to-application-on-redhat ❖ serverfault.com/questions/163244/linux-kernel-not-passing-through-multicast-udp-packets References