Pages

Friday, November 25, 2011

HAProxy for Exchange 2010–Part 2 (Redundancy)

After I wrote the blog for using HAProxy (http://haproxy.1wt.eu/) for Exchange 2010 in order to reduce a few thousand dollars from your budget of purchasing a load balancer. Now though that blog would have helped people in doing a Proof of Concept, there is some thing that is missing from it. REDUNDANCY!!!
Yes, the whole idea of load balancing is to remove the single point of failure, but what if the Load balancer is the new single point of failure ? yes, that’s why we need two of them
For the people who are reading this first, please read the http://3-4-5-6.blogspot.com/2011/03/ha-proxy-for-exchange-2010-deployment.html
Now, once you have read through it, you should know that this is a working load balancer example and Steve has also created a VMWare solution for it.
Now, this is brilliant if the load balancer stays up, but we have to plan for the worse. Though, I haven’t seen the HAProxy crash “Knock on wood”, we still need a redundant solution.
This blog will explain only the differences as to what you need to do to get a redundant solution. In terms of implementation, you will need to do this before you follow the HA Proxy deployment guide (link mentioned earlier). Just for the sake of completeness, I will document the complete solution here.
Design
image

The above shows the diagram shows the single arm configuration of the load balancer.  The Single arm configuration concept is explained here. In the blog post, I have used f5 LTM as an example, but it is the same concept in all the load balancers.
So, we can start now
We will need 2 components for this to work, again, I am going to use Ubuntu. Once you have installed Ubuntu, we are going to have to install the following components
  • keepalived
  • haproxy
After installing these components, we will configure the HA Proxy and the Exchange server.
Before Starting:
Please note, we will be needing the following IP addresses, I have mentioned the IP’s I am going to use for this example in brackets
1. Management IP of Load Balancer 1  (10.10.10.9/24)
2. Management IP of Load Balancer 2  (10.10.10.10/24)
3. Floating IP  (10.10.10.11/24)
4. IP address of CAS 1 : (10.10.10.20/24)
5. IP address of CAS 2 : (10.10.10.21/24)
Once the installation is done, set the management IP to the load balancer, here we will configure the Primary system
On Active System
Set up IP address on eth0

Edit the file /etc/network/interfaces using vi or your preferred editor 

Add the following

auto eth0
iface eth0 inet static
           address 10.10.10.9
           netmask 255.255.255.0
           network 10.10.10.0
           broadcast 10.10.10.255
           gateway 10.10.10.1

This will set the management IP on the Active box, lets continue

Backup box

Set the management IP address of the backup box

Step 1: Install KeepAlived
apt-get install keepalived

Once you execute this command, now the Keep Alive daemon is installed on the Ubuntu system

Step 2: Install HAProxy
apt-get install haproxy

This command will install the HA Proxy on the box.

Step 3: Allow HAProxy to use non local IP

In order to do this, edit the file “/etc/sysctl.conf” and ensure this is added
net.ipv4.ip_nonlocal_bind=1

As you see, this will mention the HAProxy to allow to bind to an IP which may not be assigned to it. after you have added it

run the command

sysctl -p



The idea is there will be a floating IP and that IP will be assigned to the active box and if the active box dies or the HA proxy dies, the standby will take over.

Step 4: Configure the KeepAliveD

Configuring the keep alive d is very simple, you will need the floating IP. As an option you can send yourself an e-mail if the primary fails so that you can preemptively know.

Edit the file “/etc/keepalived/keepalived.conf”
global_defs {
    notification_email {
        yourusername@example.com
    }
    notification_email_from keepalived@loadbalancer01.example.com
    smtp_server 192.168.1.200
    smtp_connect_timeout 30
}
 
vrrp_script chk_haproxy { 
    script "killall -0 haproxy" # this will check if the haproxy is up
    interval 5 # check every 5 seconds
    weight 2 # add 2 points of priority if OK
}
 
vrrp_instance VI_1 {
    interface eth0
    state MASTER # or "BACKUP" on backup
    priority 101 # 101 on master, 100 on backup
    virtual_router_id 51
 
    smtp_alert # Activate SMTP notifications, you can remove this if you dont want alerts
 
    authentication {
        auth_type PASS
        auth_pass somepassword
    }
 
    virtual_ipaddress {
        10.10.10.11
    }

    track_script {
        chk_haproxy
    }
}



This will actually have the 10.10.10.11 as a floating IP and it will be assigned to only to the active box.

The same configuration works on the Backup box , just change the priority to 100 and state to backup

After this just follow the older blog from here, Please follow it from the title “Configuration of Exchange Server”

You don’t need to follow other networking steps mentioned before the title. Once you complete that on both the load balancers, you officially have a redundant pair.

You can now check on netstat –la to check the listening ports, you will see the active box is listening on the floating ip.



Enjoy !!!

Tuesday, November 1, 2011

How to SaaS-ify your .NET Application

Lately, I have been working on designing Cloud based Datacenters and suggesting Cloud Solutions for customers, etc. I have evaluated quite a few vendors at different spaces in the cloud (Infra, Platform, Security, etc.). I thought, I would share one of the most asked questions by customers.
Q: How do I SaaSify (or SaaS enable) my application ?
Before I jump on to answering that question, I would like to draw some background here, I believe in my prior blogs, I did mention about what is Cloud and all the other stuff (which you may not care about) . In this section, we will look at SaaS
So, lets start from the basics, the “Necessity”…Quite frankly, the primary need for cloud is to ‘Get more Bang out of the buck’ and that all … Isn’t it always about it? Almost, the cloud however also provides other features like availability, resiliency, yada yada … Lets answer the following question …
Q: What is SaaS?  
Let’s take a look at software! How can I get more from the investment that I have always made? Wouldn’t it be nice, if I could have the same application used by my many customers, without having to deploy a completely new infrastructure, servers  or instances of application for each one of them. (Like in traditional days) Now there is nothing wrong doing it the old way, but the overhead costs are high and a lot of computing resources are not effectively utilized. Now, I have already mentioned in my earlier blog, that cloud follows the “Natural Evolution” … It evolved from Servers to Blade Servers, to Virtual Servers, and now even squeezing more from the virtuals.
This is nothing but SaaS, where multiple people can use the same software, without us having to put in a completely different deployment for each customer. People like the idea of multiple people using the software, and they getting paid for it. Then normally the next question is
Q: So how can I SaaS enable my application?
There are 2 ways,
1. Have your developer re write the code to incorporate, the names of the client, billing structures, connection with some Authentication & Authorization (if not already present), etc !!!
Doesn’t sound easy … Does it ? The cost of development (actually re-development) will be high and even going forward the overhead for management and operations will be high,
I guess the below cartoon will portray my point
saas_option1
This option works, but has a lot of Cons , let us take a look at Pro’s and Cons for this method
Pros:
  • Completely Controlled
  • Any programming Language
Cons:
  • High Capital Expenditure
  • Time taking process
  • The business logic and the costing is still hard coded a lot of times and its essential for the program to change to modify pricing, etc

Option 2: Use SaaS Grid
SaaS Grid is the product from Apprenda.  Please remember that this will only work if you have a .NET program (3-Tier web Architecture) to be SaaSified . It doesn’t work on Java
Now, what SaaS Grid is under the covers is a .NET program itself which is capable of running other .NET programs inside it. Yes!! that’s it, same concept of Hypervisors (For those who don’t know, Hypervisors are the heart of the Virtual machine, a layer between the Hardware and multiple operating systems that they run on top of them) in the same way, (drawing an analogy ofcourse, ) SaaSgrid is the hypervisor between the operating system and the programs running on it.
This product is a .NET application, it needs to be installed on servers, after which the application will itself host multiple other .NET applications. The application has a few features like
  • · Authentication (Federation is Allowed)
  • · Authorization
  • · Multi tenancy
  • · Billing
These features can be used by any underlying .NET application by API calls. This is how it transforms a normal application in a multi tenanted model;
image
With SaaSgrid, you are sure to use the following features
  • You don’t have to code for the platform.
  • Time to market is made better by giving the developers access to create and deploy applications on will
  • Enforce compliance, by allowing / disallowing methods (DLL’s)
  • Allow easy scaling of the application.
  • Standardizing components like authentication
  • Offloading multi tenancy concepts
  • Abstract Infrastructure layer from the application.
  • Consolidate applications.
And the below diagram shows how SaaSGrid will assist when deploying multiple application
image

Q: How does SaaS Grid saasify my application
SaaS Grid deployed the application as a normal application; it went ahead and did some changes on the database. (There are how ever 2 modes on the Database)
If you chose commingled, it added columns representing the tenant name (so on and so forth), and it also created views, so when the application queries, it will query the view and hence no change needed in the application.
If you chose Isolated, it created isolated databases for each tenant and then directed the queries of the application to the appropriate databases during the run time.
SaaS Grid inherently has authentication and authorization, so it knows who logged in and what are they allowed to-do.
SaaS Grid intercepts user calls to the application and application calls to the resources and re-routes accordingly, completely transparent to the application. The application doesn’t even need to know. As you can see, we have not deployed multiple different applications; we have not over used the resources at all.
The SaaS grid does it very intelligently, so we don’t see any performance degradation.
There is other fancy stuff that you can do but more on that later….