[nubb]

Fun project. Would anyone actually ever run something like this in production over something like HAProxy?

[sanxiyn]

Congrats, you won HN humor of the day award.

FYI, Facebook runs Katran in production: https://code.facebook.com/posts/1906146702752923/open-sourci...

[kondro]

Yeah, but will it scale to the 9 billion users my growth chart has me at by year 3?

[bscanlan]

In fairness, the question could be interpreted as "would anybody, who is not facebook, ever run this in production?".

This is an interesting question the answer to which is definitely not certain :)

[justinsaccount]

This doesn't really replace something like haproxy. In the diagrams, the "real" servers that they are load balancing to are L7 load balancers like HAProxy (using https://github.com/facebook/proxygen most likely)

The problem this solves is is when you are using haproxy but need redundancy or a single server is no longer capable of handling the load and you need to scale out to 2+ servers.

You could run 4 haproxy servers and use round robin DNS to load balance between them, but as they say, this has the problem of:

> compared to DNS it doesn't need to wait for TTL to redirect traffic from failed L7 lb.

Many people likely use anycast/ECMP for this case, but that has the other issue they mention:

> compared to anycast-based solution, L4 lbs are more resilient to the networking related issues (which triggers mass ECMP reshuffle)/ enable better handling of adding/removing of L7 lbs from the pool as well as provide better support for unequal load balancing.

[workinthehead]

Why does nobody in this thread seem to realize that HAProxy works just fine over layer 4?

[justinsaccount]

> The problem this solves is is when you are using haproxy but need redundancy or a single server is no longer capable of handling the load and you need to scale out to 2+ servers.

Please describe how HAProxy running in l4 mode is a solution to this problem.

[tehnerd]

haproxy terminates tcp session. ipvs/katran does not. the whole purpose of ipvs/katran is to scale out layer of load balancers, which terminates tcp (transport in general) sessions. so tl;dr ipvs/katran solving the problem of scaling out "haproxy/nginx/varnish/w/e else" layer

[buzer]

HAProxy and network layer load balancers are very different kind of beasts. HAProxy requires, for example, you to return your traffic via HAProxy which can make HAProxy a bottleneck, requests are usually smaller than responses. HAProxy will also require you to terminate your connections which will make you lose your source IP address if you cannot get it using proxy protocol.

There are also various other benefits, but network layer balancers do have their own share of downsides as well. Like you need to have pretty big control over your infra in order to use them (generally speaking it's not feasible to use them in public clouds), configuration is more complex, they won't do TLS for you etc.

[CBLT]

HAProxy can be run as a layer 4 load balancer[0]. I think your comment is assuming it's running at http layer?

[0] https://www.haproxy.com/blog/layer-4-load-balancing-nat-mode...

[buzer]

It still requires you to terminate the connection on HAProxy. None of the things I mentioned are affected (you lose source IP without proxy protocol, return traffic must pass thru HAProxy, you can do TLS).