I am looking for a solution to load balancing and failover strategy, mainly for big web applications. We have many services to be balanced, such as web, MySQL, and many other HTTP or TCP based services. But I am not sure what their pros and cons are, and which I should choose.
2 Answers
The most important thing that differentiates the two solutions (LVS, HAproxy) is that one is working at layer 4 (LVS) and the other at layer 7 (HAproxy). Note that the layers references are from OSI networking model.
If you understand this, you'll be able to use one in the right place. For example : if you need to balance based solely on number of connections (let's say), the layer 4 load balancer should suffice; on the other hand, if you want to load-balancer based on HTTP response time, you'll need a higher layer kind of LB.
The drawbacks of using a higher level LB is the resource needed (for the same amount of let's say, traffic). The plusses are obvious - think "packet level inspection", "protocol routing", etc - things far more complicated than simple "packet routing".
The last point I want to make is that HAproxy is userspace (think "far more easy to customize/tweak", but slower (performance)), while LVS is in kernel space (think "fast as hell", but rigid as the kernel). Also, don't forget about "upgrading LVS might mean kernel change - ergo, reboot"...
In conclusion, use the right tool for the right job.
- 554
- 4
- 5
-
1I love how people still use OSI layers, despite they were never implemented in reality. – kubanczyk Nov 17 '15 at 18:31
You should use both: HAProxy is great load balancer and LVS is a solution for failover and avoid a Single Point of Failure.
- 4,579
- 3
- 20
- 20
-
1+1, except HAProxy is mainly for HTTP usage as it otherwise hides the source IP of the request which can be a problem (for SMTP RBL for example) – Antoine Benkemoun Aug 23 '10 at 10:57
-
3I am using HAProxy for pure tcp servers and works very well. The source Ip hidden is a problem for all load balancer. – lg. Aug 23 '10 at 11:18
-
2I believe hidden source IP is one reason why loadbalancers aren't often used for SMTP services. – Stefan Lasiewski Oct 22 '10 at 22:12
-
3lvs and ha proxy do the same thing. I prefer LVS, really faster because it runs on the kernel. – Diego Woitasen May 30 '12 at 23:16
-
1@AntoineBenkemoun you can use transparent mode of HAProxy to show the client IP. – Thomas Decaux Jul 26 '14 at 10:43
-
1For reference, as of [HAproxy 1.5](http://www.haproxy.org/download/1.5/doc/proxy-protocol.txt), use the `send-proxy` feature for TCP connections so that the SMTP server (in my case, [Haraka](https://github.com/haraka/Haraka/blob/1801cdbccaf0a9fc40cd27910130e11b20143bc3/docs/HAProxy.md)) has access to the remote's IP address. – Matt Simerson Nov 09 '15 at 19:01