Nginx load balancing

[Mornincupofhate]

So I'm very confused in setting up load balancing. 

 

https://www.digitalocean.com/community/tutorials/how-to-set-up-nginx-load-balancing

 

This article says to add backed servers with sub domains. What software do I install on those "backend servers"? Just nginx itself? Very confused on how they communicate. 

 

Also so when I'm setting up the load balancer, do I upload my website to just that one server? Or do I need to upload it to all of the backend servers?

 

 

[brwainer]

You put your website on the backend servers (e.g. www1.example.com and www2.example.com) using whatever HTTP software you want (probably nginx) - these should be fully set up as identical web servers, and they should function normally if a user browses to them. The load balancing server (www.example.com) is seperate from the backend servers and just manages the allocation of incoming users to backend servers.

[dzonidev]

Considering that you are not familiar with the concept we need to start from the beginning... What you are looking at here is a classic round robin setup.

 

How load balancing works?
Load balancing is a concept that is meant to distribute load (read high traffic) onto multiple servers. Conventionally you would have 1 server and people would access it, when 100k people visit it, it will probably break. So avoid that we use load balancing, imagine you have 4 servers, 1 server is the "front" which the client sees and 3 servers which only you see. When a client access' the site it will go through that first server, let's call it "Freddy". Freddy then looks at your remaining 3 servers and sees which one is the least busy, then "freddy" forwards the traffic of that particular client to the least busy server. Each of those 3 servers is configured to take the double amount of traffic than the server before.
 

             |----- Server 1
 Freddy ---- |----- Server 2
             |----- Server 3

 

Each of those 3 servers are exact copies of one another. Which means if you change something on one of the 3 servers, you will have to change it on the other 2 as well. To be clear, you don't have to but you should because if you don't, not all visitors will view the same content. Now there are ways to make this easier by configuring a distribution system which will apply the changed to all of the nodes (read servers) but that's another topic.

 

In short, yes you need to upload your site to all 3 servers.

There are many ways to load balance, this is one way to do it. If you have really high traffic let's say more than LTT then you should consider running load balancing, otherwise it's a waste of time and money. But if you are doing to to further your knowledge, then that's something entirely different...
 

[Mornincupofhate]

On 7/8/2016 at 1:58 AM, dzonidev said:

too long

Ah alright, this makes sense. But let's say I'm using an actual load balancer to forward the traffic. Won't that load balancer crash if it gets a high enough request rate? Since the requests are first sent to that server before being forwarded?

[brwainer]

58 minutes ago, Mornincupofhate said:

Ah alright, this makes sense. But let's say I'm using an actual load balancer to forward the traffic. Won't that load balancer crash if it gets a high enough request rate? Since the requests are first sent to that server before being forwarded?

A load balancer can get taken down by a high rate of traffic, but the rate of traffic required to take it down is going to be much higher than a non load balanced server could handle. And once a connection is handed off to a backend server, the load balancing server is no longer involved in the connection.

[Mornincupofhate]

18 hours ago, brwainer said:

A load balancer can get taken down by a high rate of traffic, but the rate of traffic required to take it down is going to be much higher than a non load balanced server could handle. And once a connection is handed off to a backend server, the load balancing server is no longer involved in the connection.

So even if someone launched a GET flood from for say, a botnet, it would just keep spamming the requests on the server that it was assigned to, and not the load balancer?

[Mornincupofhate]

18 hours ago, brwainer said:

A load balancer can get taken down by a high rate of traffic, but the rate of traffic required to take it down is going to be much higher than a non load balanced server could handle. And once a connection is handed off to a backend server, the load balancing server is no longer involved in the connection.

Also, If I have connections like s1.example.com and s2.example.com, will it show those? Or just example.com?

[brwainer]

5 hours ago, Mornincupofhate said:

So even if someone launched a GET flood from for say, a botnet, it would just keep spamming the requests on the server that it was assigned to, and not the load balancer?

Each GET request, assuming it's a new HTTP connection, will hit the load balancer server, which will reapond to each one with a redirect for one of the backend server.

 

5 hours ago, Mornincupofhate said:

Also, If I have connections like s1.example.com and s2.example.com, will it show those? Or just example.com?

 I have no idea what you are asking.

 

 

EDIT: I forgot that the load balancing type you had linked was ProxyPass (Reverse Proxy), in which case every single communication in either direction has to pass through the load balancing server.

[Mornincupofhate]

13 hours ago, brwainer said:

Each GET request, assuming it's a new HTTP connection, will hit the load balancer server, which will reapond to each one with a redirect for one of the backend server.

 

 I have no idea what you are asking.

 

 

EDIT: I forgot that the load balancing type you had linked was ProxyPass (Reverse Proxy), in which case every single communication in either direction has to pass through the load balancing server.

Never mind that question, I got it answered.

 

You also reminded me another question I had when you brought up reverse proxies. Is there a way to somewhat mimic the tor network when trying to create a completely anonymous web server?

 

for example:

Reverseproxy1 --> Reverseproxy2 --> Reverseproxy3 --> Webserver

 

Would this be effective?

[brwainer]

6 hours ago, Mornincupofhate said:

Never mind that question, I got it answered.

 

You also reminded me another question I had when you brought up reverse proxies. Is there a way to somewhat mimic the tor network when trying to create a completely anonymous web server?

 

for example:

Reverseproxy1 --> Reverseproxy2 --> Reverseproxy3 --> Webserver

 

Would this be effective?

I would not consider that effective. The problem you face, and the reason how sites like the Silk Road get taken down, is that the content of thesite itself, or things like errors, end up giving away your identity. I also woulsn't consider that anywhere near the anonymity of Tor.