I am looking for someone who is able to answer me some questions for running a webserver in an "unbreakable" way (HA).
This project is NOT for implementing it! First I need answers and then I will look for someone who implement this. (If you are interested, this can be you, too.)
We have a (single) webserver installation (CentOS 7) with many virtual hosts we would like to make "high available".
It is a non high-traffic webserver (max. 30 req. per second we can easily handle, but we want to answer the requests as fast as possible)!
(No, CDN is no option for us!)
The "high available" should cover:
In case we have to update our webserver software/OS/etc on the current active webserver it must be possible to 'switch' to the standby webserver without loosing any packet or any current connection (e.g. a download of a big file). It is no problem if only new requests are going to the replacement webserver while the current connections are still handled by the old one until they are gone.
The same must also be possible for the HA-Server/Loadbalancer machine/setup in case that needs an update!
In case of a HA-Server/Loadbalancer problem (e.g. machine crashes) this has to be noticed and a replacement machine has to handle the current connections and further requests. (E.g. grab that IP...)
In case of a webserver failure (e.g. machine crashes) that problem has to be noticed and further requests has to go to a different webserver which is waiting/idling for this situation.
We need the source IP on the webserver, because it is needed for many things there (e.g. access control).
Yes, we use HTTPS a lot, but it is no problem to handle this on the webserver.
Yes, we can use almost as many webserver installations as we want. The webserver installation is (almost) only a proxy to the real application.
That are all VMs (VMWare), but that should not bother you.
Now the problem and your job: Answer my questions.
I took a quick look at LVS, IPVS, HAProxy (with transparency mode), Heartbeat, iptables' CLUSTERIP, VRRP, CARP, Corosync, CMAN, and others and now I am confused, because it's not trivial...
My text is too long, see the rest of the question inside the attached text!
Long writing, short question:
Is there a setup which covers all my three cases or can't this be done?
Does HA not mean "Every HTTP request will be handled, except the one and only one that notices the crash of the webserver"?
Does HA mean "OK, there is a webserver crash and all the next requests in time N will also fail, but soon I will make the service available for you again"? In that case I don't see the difference in just using two webservers: An active one and if the standy notices that the first one crashed, just grab that IP. It's almost the same and a hundred times easier to configure....