Siag Office

Shohei Mail

Webresolve

Pen

Dwatch

XMagick

Myhtml

Simple Database Library

Sdbsiod

mod_log_sdb

mod_sql_sdb

Sdbgrey

Ulric's Router Construction Kit

neXtaw

Mowitz

Kylie

O3read

Ucron

Parsecgi

Mr Big


Ulric's stuff


IPv6 Certification Badge for ulriceriksson
 

Pen

This is Pen, a highly scalable, highly available, robust load balancer for tcp and udp based protocols such as dns, http or smtp. It allows several servers to appear as one to the outside and automatically detects servers that are down and distributes clients among the available servers. This gives high availability and scalable performance.

Pen works on Linux, FreeBSD, OpenBSD, NetBSD, Solaris and most other Posix-like systems. It can also be installed as a service on Windows.

Pen supports GeoIP filtering and can be configured for SSL termination, direct server return and transparent reverse proxy.

Pen is of course compatible with IPv4 and IPv6 as well as local sockets on systems that have them.

Git source here: GitHub
Documentation: Wiki

The load balancing algorithm keeps track of clients and will try to send them back to the server they visited the last time. The client table has a number of slots (default 2048, settable through command-line arguments). When the table is full, the least recently used one will be thrown out to make room for the new one.

This is superior to a simple round-robin algorithm, which sends a client that connects repeatedly to different servers. Doing so breaks applications that maintain state between connections in the server, including most modern web applications.

When pen detects that a server is unavailable, it scans for another starting with the server after the most recently used one. That way we get load balancing and "fair" failover for free.

Correctly configured, pen can ensure that a server farm is always available, even when individual servers are brought down for maintenance or reconfiguration. The final single point of failure, pen itself, can be eliminated by running pen on several servers, using vrrp to decide which is active.

Release notes

Pen 0.29.0 introduces transparent reverse proxying on supported platforms,
which currently means Linux, FreeBSD and OpenBSD. This allows the backend
servers to see the client's real address. It can be used in combination
with SSL termination.

Another improvement is that the server table size is no longer fixed
at startup but grows dynamically as servers are added. The -S option is
still accepted but doesn't do anything. The client and connection tables
can also be expanded on the fly, reducing the number of restarts.


Full list of changes from 0.28.0:

150608  Released 0.29.0.

150528  Transparent reverse proxy support for Linux, FreeBSD and OpenBSD.

150527  Allow the client table size to be updated on the fly. Default size still 2048.
        Allow the connection table size to be updated in the fly. Default still 500.
        See penctl.1, options clients_max and conn_max.

150526  Introduced the macro NO_SERVER to be used instead of -1 to signify
        error conditions and such.
        Removed the fixed server table size along with the -S option.

150525  Fixed cosmetic bug in startup code which required port to be specified
        on backend servers even if it was the same as the listening port.
Description of redundancy using vrrpd on Linux
The Ultimate Cheapskate Cluster

Change log

A blog, mostly about Pen

(Old) mailing list archive

Penlogd

A side-effect of the load-balancing is that several logfiles are produced, and all accesses seem to come from the load balancer. The program penlogd solves this problem by merging pen's log file with the ones produced by the web servers. See penlogd(1) and penlog(1) for details.

Webstats

Pen emits statistics when it receives a USR1 signal, but the output can be hard to interpret. The cgi script webstats can be used in conjunction with the -w option to pen to get statistics in HTML format instead.

Take a look here to see what a Pen status can look like here at siag.nu. This is not "live" data, but generated from this cron job every 10 minutes:

2,12,22,32,42,52 * * * *        kill -USR1 `cat /var/run/pen.pid`
Note that there are usually few active connections. This is because of the way the web works: the client connects, the server sends data, the client disconnects. The whole transaction is over in seconds.

Portability

This load balancer is known to work on a long lite of operating systems, including but not limited to FreeBSD, Linux, HP-UX, Windows and Solaris. Other Unixes should work as well, possibly requiring trivial changes. Success stories or problem reports are welcome.

It runs on Windows, too.
And on MacOS X.

The Git source repository is automatically test built every hour to catch compatibility issues. The current build status can be seen on this web page:

Build status

Installation

The easiest way to install Pen nowadays is to get it from one of the distributions that package it (most do). On e.g. Debian or Ubuntu the entire process is:
	apt-get install pen
And on Fedora:
	yum install pen
If you still want to install from source because you need features not built into the packages, here's how. Type:
	./configure
        make
        make install
By default the programs are installed in /usr/local/bin. This can be changed like this example:
        ./configure --prefix=/usr
to install into /usr/bin instead.

Download source

Contributed start scripts

Links

Github source repository

Hercules Load Balancer Virtual Appliance, a VMware virtual machine based on Pen ("repackaged" version here)

Penbw, Pen backend watcher, monitors and blacklists backends automatically in case of a failure

Pre-compiled packages for Solaris

A redundant load-balancing firewall system, using FreeBSD

Zen load balancer, a load balancer appliance based on Pen.

Freshmeat project page

Load balancing UDP on EC2

Fedora package

Debian package


More stuff