LiteSpeed Load Balancer (LSLB) 2.0RC1 is the worlds first all-in-one load balancer. With built-in features like HTTP/2, High Availability, Page Caching, and a Mod_Security compatible Web Application Firewall, LSLB 2.0RC1 is sure to provide everything needed keep your sites running quickly, safely, and reliably. Let’s go over these new features in some more detail and cover why their inclusion in this release is such a big deal.
With 1.7% of all websites using HTTP/2, we are slowly but surely moving towards a faster, safer, and more secure Internet. With LiteSpeed Web Server being both the first web server to deliver HTTP/2 Support and the most widely used among HTTP/2 enabled web servers, we thought this would be a good time to incorporate HTTP/2 support into LSLB as well. This is significant because without support at the load balancer level, you would be unable to use HTTP/2 for a Layer 7 load balanced cluster.
If interested, you can find out more about the benefits of implementing HTTP/2 here: https://www.litespeedtech.com/http2-ready.
High Availability is commonly required for a cluster setup. To avoid having a single point of failure, Load Balancers are usually deployed in a High Availability pair in front of a cluster and configured with some type of IP fail-over to backup each other. Since IP fail-over can be easily setup with the VRRP or CARP protocols, all Load balancers can be deployed in a High Availability setup.
The advantage of our LSLB High Availability implementation over other load balancers is the inclusion of a built-in High Availability status and management system. These systems make it easy to quickly check the status of your High Availability setup and make any necessary changes all in one place. These systems also make it possible for LSLB to perform it’s own data replication, ensuring that all LSLB instances are kept in sync at all times.
Page Cache is the most popular and efficient way to speed up cache-friendly web applications. As of this release LSLB now supports page caching, a feature uncommon in most load balancers. This means that LSLB will be able to store cached copies of popularly requested dynamic web pages and content and serve them to the client without having to make a request to the backend, getting your content out even faster. The cache policy settings can be adjusted through the LSLB WebAdmin or more finely tuned through the use of Apache compatible rewrite rules that are already familiar to most administrators.
Mod_Security Compatible Web Application Firewall
Mod_Security is a very popular means of protecting against the different kinds of attacks present on the Internet. By providing this protection at the load balancer level, you are able to enable protection at the very edge of your web infrastructure.
LSLB now supports the widely used ModSecurity operators @rbl and @inspectfile. The rbl in @rbl stands for “real-time block-list” and operates as just that, a list of IPs that you would like to block from your site, where as the @inspectFile operator is for the purpose of inspecting files in a request using some script or binary you provide.
Multi-worker Processes support with shared internal states has been added to take advantage of modern multi-CPU/core symmetric multiprocessing(SMP) servers. Today, more and more cores are fitted into one physical CPU chip, making servers with 16 to 32 cores commonly available. LSLB uses a single-thread event-driven architecture over a multi-thread or pre-fork architecture to achieve the best possible network I/O scalability. However, event-driven architecture is only able to use one CPU/core, which is inefficient on today’s multi-CPU core servers. This would become a bottle neck when LSLB is performing CPU intensive tasks, like Web Application Firewall scanning. In the 2.0RC1 release, LSLB is now able to start multiple event-driven worker processes to fully utilize the processing power of multiple CPUs/cores, while keeping internal stats in shared memory, keeping all worker processes in sync, and improving performance and scalability.
Also a part of this release worth briefly mentioning are some new SSL features:
SSL Session Cache & SSL Tickets are both ways to cache SSL sessions to speed-up the slow SSL handshake process for clients reconnecting within a certain time frame.
Multi-Certificate improves the robustness of your site by allowing it to support RSA, DSA, and ECC certificates all at the same time.
SSL SNI Mass Hosting Configuration allows a load balancer to serve SSL connections with multiple site specific certificates, selecting the certificate to use based on the hostname that the client is attempting to connect to when initiating the SSL handshake process instead of serving a generic shared hosting certificate.
With HTTP/2 for a faster and safer Internet, High Availability for increased reliability, Page Caching for improved page serve times, and a Mod_Security compatible Web Application Firewall for an added layer of security, we think that LSLB 2.0RC1 is one of the most feature complete load balancer available today.
While it is still in the release candidate stage, we would highly recommend considering the official release of LSLB 2.0 for anyone needing to build a high performance cluster with built-in caching and protection. In the mean time, why not give LSLB 2.0RC1 a try with your non-production servers.
Excited about the new features available in LSLB 2.0RC1? Have any questions or suggestions for us? Shoot us a comment below and we’ll be sure to get back to you!