Wednesday, June 11, 2014

Deployment Performance Patterns - Scaling (Up/Out)

There are below deployment patterns


1.       Performance Patterns

a.       Application Farms

b.      Web Farms

c.       Load Balancing Cluster


Consider the use of Web farms or Load Balancing Clusters, when designing a Scale Out strategy.


2.       Reliability Patterns

a.       Fail-Over Cluster


3.       Security Patterns

a.       Impersonation/Delegation

b.      Trusted Subsystem

c.       Multiple Trusted Service Identities


1). Performance Patterns:


A). WebFarm & Affinity:


A Web farm is a collection of load-balanced array of servers where each server replicate/run the same application.

A Web farm with local business logic is a common deployment pattern that places all application components—user interface components (ASP.NET pages), user process components (if used), business components, and data access components—on each Web farm servers.


A number of technologies can be used to implement the load-balancing mechanism, including

·         Hardware solutions such as those offered by Cisco and Nortel switches and routers, and

·         Software solutions such as Network Load Balancing


Requests from clients are distributed to each server in the farm, so that each has approximately the same loading.

Depending on the routing technology used, it may detect failed servers and remove them from the routing list to minimize the impact of a failure.

In simple scenarios, the routing may be on a "round robin" basis where a DNS server hands out the addresses of individual servers in rotation.


This pattern provides the highest performance, because all component calls are local, and only the databases are accessed remotely.


Figure 3 illustrates a simple Web farm where each server hosts all of the layers of the application except for the data store.


In Non-distributed Architecture - Scaling out Web servers in a Web farm



Affinity and User Sessions


Web applications often rely on the maintenance of Session State between requests from the same user.

A Web farm can be configured to route all requests from the same user to the same server – a process known as Affinity – in order to maintain state where this is stored in memory on the Web server.

However, for maximum performance and reliability, you should use a separate session state store (SqlServer/StateServer) with a Web farm, to remove the requirement for affinity.



B). Application Farms


In Distributed Deployment , where the Business & Data layer runs on different physical tiers from the Presentation layer, Application Farm is used to Scale Out the Business & Data layer.

Applications farms are conceptually similar to Web farms, but they are used to load balance requests for business components across multiple application servers.


Similar to Web-Farm,  Application-Farm is a also collection of servers where each server replicate/run the same application.

Requests from clients(presentation tier) are distributed to each server in the farm, so that each has approximately the same loading.




C). Clustering - Load Balancing Cluster


When we have multiple processors, we should have provision which can spread multiple requests coming to multiple machines.

The solution can come from a number of mechanisms, but they are all grouped under the term "load balancing."


Application/Service can be installed onto multiple servers that are configured to share the workload, as shown below.

This type of configuration is a Load-Balanced Cluster.


Two Approaches:


·         SLB - Software Load Balancer

·         Clustering


Software Load Balancer performs the following functions :


        Intercepts network-based traffic (such as web traffic) destined for a site.

        Splits the traffic into individual requests and decides which servers receive individual requests.

        Maintains a watch on the available servers, ensuring that they are responding to traffic. If they are not, they are taken out of rotation.

        Provides redundancy by employing more than one unit in a fail-over scenario.

        Offers content-aware distribution, by doing things such as reading URLs, intercepting cookies, and XML parsing.





Clustering offers a solution to the same problems that SLB addresses, namely high availability and scalability, but clustering goes about it differently.

Clustering is a highly involved software protocol (proprietary to each vendor) running on several servers that concentrate on taking and sharing the load.


Clustering involves a group of servers that accept traffic and divide tasks amongst themselves.

This involves a fairly tight integration of server software. This is often called load balancing


Load-balanced Servers also serve a failover function by redistributing load to the remaining servers when a server in the load-balanced cluster fails.


With clustering, there is a fairly tight integration between the servers in the cluster, with software deciding which servers handle which tasks and algorithms determining the work load and which server does which task, etc.




Load balancing Scales The Performance of server-based programs, such as a Web server, by distributing client requests across multiple servers.

Load balancing technologies, commonly referred to as Load Balancers, receive incoming requests and redirect them to a specific host if necessary.

The Load-Balanced Hosts concurrently respond to different client requests, even multiple requests from the same client.


For example, a Web browser may obtain the multiple images within a single Web page from different hosts in the cluster.

This distributes the load, speeds up processing, and shortens the response time to clients.



2). Reliability Patterns


Reliability deployment patterns represent proven design solutions to common reliability problems. The most common approach to improving the reliability of your deployment is to use a fail-over cluster to ensure the availability of your application even if a server fails.


Fail-Over Cluster


A Failover Cluster is a set of servers that are configured so that if one server becomes unavailable, another server automatically takes over for the failed server and continues processing.


Failover is a key technology behind clustering to achieve fault tolerance. By choosing another node in the cluster, the process will continue when the original node fails.

Failing over to another node can be coded explicitly or performed automatically by the underlying platform which transparently reroutes communication to another server.




Application/Service can be installed onto multiple servers that are configured to take over for one another when a failure occurs.

The process of one server taking over for a failed server is commonly known as Failover. Each server in the cluster has at least one other server in the cluster identified as its standby server.



3). Security Patterns


Security patterns represent proven design solutions to common security problems.


Impersonation and Delegation approach is a good solution when you must flow the context of the original caller to downstream layers or components in your application.
Trusted Subsystem approach is a good solution when you want to handle authentication and authorization in upstream components and access a downstream resource with a single trusted identity.



In the impersonation/delegation authorization model, resources (such as tables and procedures in SQL Server) and the types of operation (such as read, write, and delete) permitted on such each resource are secured using Windows Access Control Lists (ACLs) or the equivalent security features of the targeted resource.

Users access the resources using their original identity through impersonation, as below.


The impersonation/delegation authorization model



Trusted Subsystem

In the trusted subsystem (or trusted server) model, users are partitioned into application defined, logical roles.

Members of a particular role share the same privileges within the application.

Access to operations is authorized based on the role membership of the caller.


With this role-based (or operations-based) approach to security, access to operations (not back-end resources) is authorized based on the role membership of the caller.

Roles, analyzed and defined at application design time, are used as logical containers that group together users who share the same security privileges or capabilities within the application.

The middle tier service uses a fixed identity to access downstream services and resources, as illustrated in Figure 7.




Multiple Trusted Service Identities

In some situations, you may require more than one trusted identity. For example, you may have two groups of users, one who should be authorized to perform read/write operations and the other read-only operations. The use of multiple trusted service identities provides the ability to exert more granular control over resource access and auditing, without having a large impact on scalability.




Reference: MS Patterns & Practices - Web Application Architecture Guide


Hope this helps.



Arun Manglick


1 comment:

  1. Few More Details:

    A cold standby might be used for something like a network switch. In the case when a switch fails, we need to grab the spare one, plug everything into it, duplicate the configuration, and light it up. This is a cold spare because it requires setup and configuration (either physical or in software; in this case both) before it can take over for the failed component.

    A warm spare is then a piece of hardware that is all configured for use and just needs to be flipped on (again, either physically or in software) to start using it.

    The third and most preferable mode of redundancy is to have hot spare components. When one component fails, the others automatically take over from it. The dead component is detected, and the transition happens without any user intervention.