Show page

Differences

This shows you the differences between two versions of the page.

--- scgc:laboratoare:06 [2020/03/30 21:02]
darius.mihai
+++ scgc:laboratoare:06 [2021/10/27 14:08] (current)
maria.mihailescu
@@ Line 1: / Line 1: @@
-====== Laboratory 06. Load balancing and web acceleration ======
+====== Load balancing and web acceleration ======
 ===== Lab Setup =====
-  * We will be using a virtual machine in the [[http://cloud.curs.pub.ro/|faculty's cloud]].
+  * We will be using a virtual machine in the [[http://cloud.grid.pub.ro/|faculty's cloud]].
-  * When creating a virtual machine follow the steps in this [[https://cloud.curs.pub.ro/about/tutorial-for-students/|tutorial]].
   * When creating a virtual machine in the Launch Instance window:
-    * For **Availability zone**, choose **CAMPUS**, **CI** or **hp**
     * Select **Boot from image** in **Instance Boot Source** section
-    * Select **SAISP Template** in **Image Name** section
+    * Select **SCGC Template** in **Image Name** section
     * Select a flavor that is at least **m1.medium**.
   * The username for connecting to the VM is ''student''
   * First, download the laboratory archive:<code bash>
-[student@saisp ~] $ cd saisp
+[student@scgc ~] $ cd scgc
-[student@saisp ~/saisp] $ wget --user=<username> --ask-password https://repository.grid.pub.ro/cs/scgc/laboratoare/lab-06.zip
+[student@scgc ~/scgc] $ wget --user=<username> --ask-password https://repository.grid.pub.ro/cs/scgc/laboratoare/lab-06.zip
-[student@saisp ~/saisp] $ unzip lab-06.zip
+[student@scgc ~/scgc] $ unzip lab-06.zip
 </code>
   * After unzipping the archive, in the ''scgc'' directory the following files should be present:
@@ Line 22: / Line 20: @@
 In order to start the virtual machines, use the following command:
 <code>
-student@scgc:~/saisp$ chmod +x lab06-start-kvm
+student@scgc:~/scgc$ chmod +x lab06-start-kvm
-student@scgc:~/saisp$ ./lab06-start-kvm
+student@scgc:~/scgc$ ./lab06-start-kvm
 </code>
@@ Line 29: / Line 27: @@
 <code>
-student@scgc:~/saisp$ ssh student@10.0.0.10
+student@scgc:~/scgc$ ssh student@10.0.0.10
-student@scgc:~/saisp$ ssh student@10.0.0.20
+student@scgc:~/scgc$ ssh student@10.0.0.20
-student@scgc:~/saisp$ ssh student@10.0.0.30
+student@scgc:~/scgc$ ssh student@10.0.0.30
 </code>
-After logging in you can use ''su'' to switch the user to ''root''.
+After logging in, use ''su'' to switch the user to ''root''.
 ===== Tasks ======
@@ Line 53: / Line 51: @@
 === Topology ===
-{{:saisp:labs:05:contents:lab05-lvs.jpg| ceva}}
+{{ :scgc:laboratoare:schema-lab6.png?600 |}}
 The machines from the topology (the 3 KVM machines and the physical one) have the following roles:
-  * **saisp-vm-1** is the **director (Virtual Server)**. It performs load balancing for saisp-vm-2 and saisp-vm-3;
+  * **scgc-vm-1** is the **director (Virtual Server)**. It performs load balancing for scgc-vm-2 and scgc-vm-3;
-  * **saisp-vm-2** and **saisp-vm-3** are the **real servers**
+  * **scgc-vm-2** and **scgc-vm-3** are the **real servers**
   * the physical machine is the **client**.
@@ Line 66: / Line 64: @@
 The **ipvsadm** package required for load balancing configuration is already installed on the director machine.
-First we will configure the virtual address on the director machine. We will add the 10.0.0.1/24 address on the eth0:1 subinterface on the saisp-vm-1 machine.
+First we will configure the virtual address on the director machine. We will add the 10.0.0.1/24 address on the ens3:1 subinterface on the scgc-vm-1 machine.
 <code>
-root@saisp-vm-1:~# ip addr add dev eth0 10.0.0.1/24 label eth0:1
+root@scgc-vm-1:~# ip addr add dev ens3 10.0.0.1/24 label ens3:1
 </code>
 We will configure the HTTP service as a virtual service. To do this, we need to specify the virtual server address and port and the transport protocol used (TCP, in our case).
 <code>
-root@saisp-vm-1:~# ipvsadm -A -t 10.0.0.1:80
+root@scgc-vm-1:~# ipvsadm -A -t 10.0.0.1:80
 </code>
 Now that the virtual service has been configured, we also need to add the real servers:
 <code>
-root@saisp-vm-1:~# ipvsadm -a -t 10.0.0.1:80 -r 10.0.0.20:80 -g
+root@scgc-vm-1:~# ipvsadm -a -t 10.0.0.1:80 -r 10.0.0.20:80 -g
-root@saisp-vm-1:~# ipvsadm -a -t 10.0.0.1:80 -r 10.0.0.30:80 -g
+root@scgc-vm-1:~# ipvsadm -a -t 10.0.0.1:80 -r 10.0.0.30:80 -g
 </code>
 The -g parameter specifies that we are using LVS-DR.
@@ Line 89: / Line 87: @@
 <code>
-root@saisp-vm-2:~# iptables -t nat -A PREROUTING -d 10.0.0.1 -j REDIRECT
+root@scgc-vm-2:~# iptables -t nat -A PREROUTING -d 10.0.0.1 -j REDIRECT
-root@saisp-vm-3:~# iptables -t nat -A PREROUTING -d 10.0.0.1 -j REDIRECT
+root@scgc-vm-3:~# iptables -t nat -A PREROUTING -d 10.0.0.1 -j REDIRECT
 </code>
 Now we can use the virtual service we just configured.
@@ Line 98: / Line 96: @@
 Using Wireshark (or tcpdump), start a capture on the br0 interface on the client machine.
 <code>
-student@saisp:~$ sudo tcpdump -i br0
+student@scgc:~$ sudo tcpdump -i br0 -e
 </code>
 Notice the IP and MAC addresses from:
@@ Line 108: / Line 106: @@
 <code>
-root@saisp-vm-1:~# ipvsadm -l
+root@scgc-vm-1:~# ipvsadm -l
 </code>
 To check more detailed information regarding the connections managed by the VS, add the -c parameter:
 <code>
-root@saisp-vm-1:~# ipvsadm -l -c
+root@scgc-vm-1:~# ipvsadm -l -c
 </code>
 Besides the basic configuration, we can modify additional parameters.
@@ Line 120: / Line 118: @@
 <code>
-root@saisp-vm-1:~# ipvsadm -E -t 10.0.0.1:80 -s rr
+root@scgc-vm-1:~# ipvsadm -E -t 10.0.0.1:80 -s rr
-root@saisp-vm-1:~# ipvsadm -e -t 10.0.0.1:80 -r 10.0.0.20:80 -x 4
+root@scgc-vm-1:~# ipvsadm -e -t 10.0.0.1:80 -r 10.0.0.20:80 -x 4
-root@saisp-vm-1:~# ipvsadm -e -t 10.0.0.1:80 -r 10.0.0.30:80 -x 4
+root@scgc-vm-1:~# ipvsadm -e -t 10.0.0.1:80 -r 10.0.0.30:80 -x 4
 </code>
 The -E parameter means the service is going to be edited (in our case, we're going to change the scheduler).
@@ Line 135: / Line 133: @@
 <code>
-root@saisp-vm-1:~# ipvsadm -D -t 10.0.0.1:80
+root@scgc-vm-1:~# ipvsadm -D -t 10.0.0.1:80
 </code>
 We also have to delete the iptables rules on the real servers:
 <code>
-root@saisp-vm-2:~# iptables -t nat -F
+root@scgc-vm-2:~# iptables -t nat -F
-root@saisp-vm-3:~# iptables -t nat -F
+root@scgc-vm-3:~# iptables -t nat -F
 </code>
 ==== 2. [10p] LVS-TUN (tunneling) ====
@@ Line 154: / Line 152: @@
 <code>
-root@saisp-vm-2:~# ip tunnel add tun0 mode ipip local 10.0.0.20
+root@scgc-vm-2:~# ip tunnel add tun0 mode ipip local 10.0.0.20
-root@saisp-vm-2:~# ip addr add 10.0.0.1/24 dev tun0
+root@scgc-vm-2:~# ip addr add 10.0.0.1/24 dev tun0
-root@saisp-vm-2:~# ip link set tun0 up
+root@scgc-vm-2:~# ip link set tun0 up
-root@saisp-vm-3:~# ip tunnel add tun0 mode ipip local 10.0.0.30
+root@scgc-vm-3:~# ip tunnel add tun0 mode ipip local 10.0.0.30
-root@saisp-vm-3:~# ip addr add 10.0.0.1/24 dev tun0
+root@scgc-vm-3:~# ip addr add 10.0.0.1/24 dev tun0
-root@saisp-vm-3:~# ip link set tun0 up
+root@scgc-vm-3:~# ip link set tun0 up
 </code>
 Perform a capture again using Wireshark (or tcpdump) on the br0 interface on the physical machine. Notice the packet encapsulation and the differences compared to when the VS was operating the LVS-DR mode.
@@ Line 166: / Line 164: @@
 <code>
-root@saisp-vm-2:~# ip tunnel del tun0
+root@scgc-vm-2:~# ip tunnel del tun0
-root@saisp-vm-3:~# ip tunnel del tun0
+root@scgc-vm-3:~# ip tunnel del tun0
 </code>
 ==== 3. [20p] Varnish configuration ====
-For Varnish configuration we will use the ''saisp-vm-1'' as the Varnish machine and ''saisp-vm-2'' as the web server.
+For Varnish configuration we will use the ''scgc-vm-1'' as the Varnish machine and ''scgc-vm-2'' as the web server.
-On ''saisp-vm-1'' we will have to install ''varnish'':
+On ''scgc-vm-1'' we will have to install ''varnish'':
 <code>
-root@saisp-vm-1:~# apt-get update
+root@scgc-vm-1:~# apt-get update
-root@saisp-vm-1:~# apt-get install gcc varnish
+root@scgc-vm-1:~# apt-get install gcc varnish
-root@saisp-vm-1:~# service varnish restart
+root@scgc-vm-1:~# service varnish restart
 </code>
@@ Line 186: / Line 184: @@
 <code>
-root@saisp-vm-1:~# netstat -tlpn | grep varnish
+root@scgc-vm-1:~# netstat -tlpn | grep varnish
 tcp        0      0 0.0.0.0:6081              0.0.0.0:*               LISTEN      2366/varnishd
 tcp        0      0 127.0.0.1:6082          0.0.0.0:*               LISTEN      2364/varnishd
@@ Line 195: / Line 193: @@
 <code>
-root@saisp-vm-1:~# grep -A 4 DAEMON_OPTS /etc/default/varnish | grep -v '^#'
+root@scgc-vm-1:~# grep -A 4 DAEMON_OPTS /etc/default/varnish | grep -v '^#'
 --
 --
@@ Line 210: / Line 208: @@
 <code>
-root@saisp-vm-1:~# grep -A 4 DAEMON_OPTS /etc/default/varnish | grep -v '^#'
+root@scgc-vm-1:~# grep -A 4 DAEMON_OPTS /etc/default/varnish | grep -v '^#'
 --
 --
@@ Line 225: / Line 223: @@
 <code>
-root@saisp-vm-1:~# grep -A 3 'backend default' /etc/varnish/default.vcl
+root@scgc-vm-1:~# grep -A 3 'backend default' /etc/varnish/default.vcl
 backend default {
     .host = "elf.cs.pub.ro";
@@ Line 233: / Line 231: @@
 The above configuration means that any requests received by the Varnish server will be redirected towards the ''elf.cs.pub.ro'' server. The requests will be cached and the content of future requests will be directly served from the Varnish cache.
+Modify ''/lib/systemd/system/varnish.service'' as below to set the Varnish port on ''80'':
+<code>
+root@scgc-vm-1:~# grep ExecStart /lib/systemd/system/varnish.service
+ExecStart=/usr/sbin/varnishd -j unix,user=vcache -F -a :80 -T localhost:6082 -f /etc/varnish/default.vcl -S /etc/varnish/secret -s malloc,256m
+</code>
 Do not forget to restart the Varnish service every time its configuration is changed:
 <code>
-student@saisp-vm-1:~$ service varnish restart
+student@scgc-vm-1:~$ sudo systemctl daemon-reload
+student@scgc-vm-1:~$ sudo service varnish restart
 </code>
-We will evaluate the performance from the host machine (saisp). For this we will configure the system to send the requests towards ''elf.cs.pub.ro'' towards the Varnish machine:
+We will evaluate the performance from the host machine (scgc). For this we will configure the system to send the requests towards ''elf.cs.pub.ro'' towards the Varnish machine:
 <code>
@@ Line 248: / Line 254: @@
 <code>
-student@saisp:~$ ping elf.cs.pub.ro
+student@scgc:~$ ping elf.cs.pub.ro
 PING elf.cs.pub.ro (10.0.0.10) 56(84) bytes of data.
 bytes from elf.cs.pub.ro (10.0.0.10): icmp_seq=1 ttl=64 time=0.361 ms
@@ Line 254: / Line 260: @@
 </code>
-Connect using a browser from the host machine (or wget in the CLI) and access the''http://elf.cs.pub.ro'' URL. We will notice that the first access takes longer than subsequent requests.
+Connect using a browser from the host machine (or wget in the CLI) and access the ''http://elf.cs.pub.ro'' URL. We will notice that the first access takes longer than subsequent requests.
 To evaluate this, install ''httperf'' on the host machine:
 <code>
-student@saisp:~$ sudo apt-get install httperf
+student@scgc:~$ sudo apt-get install httperf
 </code>
@@ Line 265: / Line 271: @@
 <code>
-student@saisp:~$ httperf --server=elf.cs.pub.ro --wsess=2000,10,2 --rate 300 --timeout 5
+student@scgc:~$ httperf --server=elf.cs.pub.ro --wsess=2000,10,2 --rate 300 --timeout 5
 </code>
 Notice in the output information related to Connection rate, Request rate, Net I/O.
@@ Line 273: / Line 279: @@
 ==== 4. [10p] Varnish configuration with local web server ====
-Configure Varnish in order to be the front-end for the web server residing on the ''saisp-vm-2'' machine. Afterwards, we will evaluate the web access performance.
+Configure Varnish in order to be the front-end for the web server residing on the ''scgc-vm-2'' machine. Afterwards, we will evaluate the web access performance.
 For starters, configure the Varnish instance to use web server 10.0.0.20 as its back end. After the configuration, do not forget to restart the service.
 <code>
-root@saisp-vm-1:~# service varnish restart
+root@scgc-vm-1:~# service varnish restart
 </code>
-In order to test this, connect to a browser from the host machine (or wget in the CLI) and access the following URL: http://10.0.0.10. The following message should appear: This is saisp-vm-2 (10.0.0.20).
+In order to test this, connect to a browser from the host machine (or wget in the CLI) and access the following URL: http://10.0.0.10. The following message should appear: This is scgc-vm-2 (10.0.0.20).
 The same message will appear if you directly access the web server at http://10.0.0.20 although this request will not go through the Varnish server.
@@ Line 287: / Line 293: @@
 Next we will check the Varnish performance when executing a data transfer. For this, we will create a 10MB file on the web server:
 <code>
-root@saisp-vm-2:~# cd /var/www
+root@scgc-vm-2:~# cd /var/www
-root@saisp-vm-2:~# mkdir data; cd data
+root@scgc-vm-2:~# mkdir data; cd data
-root@saisp-vm-2:~# dd if=/dev/urandom of=10M.dat bs=100k count=100
+root@scgc-vm-2:~# dd if=/dev/urandom of=10M.dat bs=100k count=100
 </code>
-We will also need to change the DocumentRoot of the Apache server on ''saisp-vm-2''. For this, edit''/etc/apache2/sites-available/000-default.conf'' and change the DocumentRoot from ''/var/www/html'' to ''/var/www''.
+We will also need to change the DocumentRoot of the Apache server on ''scgc-vm-2''. For this, edit''/etc/apache2/sites-available/000-default.conf'' and change the DocumentRoot from ''/var/www/html'' to ''/var/www''. Restart the ''apache2'' service.
 In order to measure the duration of the data transfer with and without Varnish, use ''httperf'' on the host machine in order to download the following file: http://10.0.0.20/data/10M.dat for direct access or http://10.0.0.10/data/10M.dat for Varnish access.
@@ Line 298: / Line 304: @@
 While ''httperf'' is running, check with ''htop'' the load on both virtual machines.
-Use the ''--uri'' option for ''httperf'' to specify what page is to be accessed (in our case http://10.0.0.20/data/10M.dat). Notice the difference between the Request rate parameter for the direct access and the Varnish access.
+Use the ''%%--%%uri'' option for ''httperf'' to specify what page is to be accessed (in our case http://10.0.0.20/data/10M.dat). Notice the difference between the Request rate parameter for the direct access and the Varnish access.
 ==== 5. [10p] Varnish statistics ====
@@ Line 307: / Line 313: @@
 <code>
-# varnishlog -I RxURL
+root@scgc-vm-1:~# varnishlog -I RxURL
 only the receive URL will be shown
 </code>
@@ Line 313: / Line 319: @@
 The ''varnishstat'' command shows information regarding the service state. The output is a screen similar to the one shown by the ''top'' or ''htop'' commands. Run the command, connect to the Varnish web service and check the output, especially the Hitrate ratio.
-The ''varnishhist'' command shows a histogram of the serving requests duration. On the horizontal axis we have the serving requests timers at a logarithmic scale. The requests that do not access the cache appear with # and the ones that reach the cache appear with |. Create multiple, different connection to the Varnish service (e.g. access 3 files with different sizes) and check the output. Notice how small the serving request timer is when the request is retrieved from the cache instead of a direct web server access.
+The ''varnishhist'' command shows a histogram of the serving requests duration. On the horizontal axis we have the serving requests timers at a logarithmic scale. The requests that do not access the cache appear with # and the ones that reach the cache appear with ''|''. Create multiple, different connection to the Varnish service (e.g. access 3 files with different sizes) and check the output. Notice how small the serving request timer is when the request is retrieved from the cache instead of a direct web server access.
 Use the ''varnishlog'' command to show only the requests towards the /data/10M.dat file.
@@ Line 327: / Line 333: @@
 <code>
-root@saisp-vm-1:~# varnishadm param.show default_ttl
+root@scgc-vm-1:~# varnishadm param.show default_ttl
 </code>
 This value can be changed by editing the ''VARNISH_TTL'' directive in the ''/etc/default/varnish'' configuration file.
@@ Line 334: / Line 340: @@
 <code>
-root@saisp-vm-1:~# varnishlog -i VCL_Call
+root@scgc-vm-1:~# varnishlog -i VCL_Call
 </code>
@@ Line 344: / Line 350: @@
 <code>
-root@saisp-vm-2:/var/www/html/data# dd if=/dev/urandom of=10M.dat bs=100k count=100
+root@scgc-vm-2:/var/www/html/data# dd if=/dev/urandom of=10M.dat bs=100k count=100
 </code>
@@ Line 352: / Line 358: @@
 <note>
-Follow the steps [[https://varnish-cache.org/docs/3.0/tutorial/purging.html#bans|here]]. Use the ''varnishadm'' command in order to access the Varnish CLI.
+Follow the steps [[https://varnish-cache.org/docs/6.1/users-guide/purging.html#bans|here]]. Use the ''varnishadm'' command in order to access the Varnish CLI.
 </note>
@@ Line 362: / Line 368: @@
 <note>
-Follow the steps [[https://stackoverflow.com/questions/10284813/howto-control-varnish-and-a-browser-using-cache-control-max-age-header-in-a-rai/10346942#10346942|here]]. Restart the Varnish service after the configuration.
+Follow the steps [[https://stackoverflow.com/questions/10284813/howto-control-varnish-and-a-browser-using-cache-control-max-age-header-in-a-rai/10346942#10346942|here]] and [[https://varnish-cache.org/docs/6.1/users-guide/increasing-your-hitrate.html#overriding-the-time-to-live-ttl|here]]. Restart the Varnish service after the configuration.
 </note>
@@ Line 369: / Line 375: @@
 ==== 8. [15p] Varnish serving multiple servers ====
-We want the Varnish service to accelerate the web access towards both the local web server on the ''saisp-vm-2'' machine and elf.cs.pub.ro. For this, we need to configure two back ends.
+We want the Varnish service to accelerate the web access towards both the local web server on the ''scgc-vm-2'' machine and elf.cs.pub.ro. For this, we need to configure two back ends.
 Configure both back ends so that if the URL starts with ''/ndk/'' (elf.cs.pub.ro/ndk) the request will be served by elf.cs.pub.ro back end, otherwise it will be served by the local web server back end.
 <note>
-Use the [[https://varnish-cache.org/docs/3.0/tutorial/advanced_backend_servers.html|Varnish documentation]].
+Use the [[https://varnish-cache.org/docs/6.1/users-guide/vcl-backends.html#multiple-backends|Varnish documentation]].
 </note>
 ==== 9. [BONUS - 20p] Load balancing in Varnish ====
-We will perform load balancing using Varnish (also called [[https://varnish-cache.org/docs/3.0/tutorial/advanced_backend_servers.html#directors|directors]] in Varnish). We will use the two web servers on ''saisp-vm-2'' and ''saisp-vm-3'' as back ends for load balancing.
+We will perform load balancing using Varnish (also called [[https://varnish-cache.org/docs/6.1/users-guide/vcl-backends.html#directors|directors]] in Varnish). We will use the two web servers on ''scgc-vm-2'' and ''scgc-vm-3'' as back ends for load balancing.
-Configure the Varnish service on ''saisp-vm-1'' to perform load balancing with the two web servers using a round robin scheduler.
+Configure the Varnish service on ''scgc-vm-1'' to perform load balancing with the two web servers using a round robin scheduler.
 <note>
-Use these examples [[https://stackoverflow.com/questions/31291374/varnish-backend-vcc-compiler-failed/45082602#45082602|here]] and [[https://varnish-cache.org/trac/wiki/LoadBalancing|here]]. Take into account the fact that the VCL version is 4.0.
+Use the examples and information [[https://stackoverflow.com/questions/31291374/varnish-backend-vcc-compiler-failed/45082602#45082602|here]] and [[https://varnish-cache.org/docs/6.5/reference/vmod_directors.html#description|here]]. Take into account the fact that the VCL version may differ from the one used by the varnish on your system, and the syntax may be need to be changed.
 </note>
 In order to verify this task, access in a browser (or wget in the CLI) 10.0.0.10, wait 2 minutes (for the Varnish cache to expire) and access it again.

Resources

Laboratories

scgc/laboratoare/06.1585591340.txt.gz · Last modified: 2020/03/30 21:02 by darius.mihai

Show page Old revisions

Media Manager Back to top