Skip to content
sbernard31 edited this page Jun 15, 2016 · 15 revisions

Leshan Cluster

Today a Leshan server cannot be easily deployed in a cluster for high-availability and scalability. This page list the modification to be done to Leshan and Californium and propose an example on how to deploy Leshan as a cluster.

Southbound interface

The southbound interface is the interface between the device and server communication (CoAP).

Load-Balancer

If we deploy Leshan as mutiple machine we need a front load balancer for sending the incoming messages to one of the cluster Leshan instance.

Today Leshan accept CoAP+DTLS device communications. It's all based on UDP (maybe later TCP). One of the few load-balancer supporting UDP is LVS - Linux Virtual Server. We will focus on providing a solution compatible with it. (Please if you know another Level 3 load-balancer usable in this situation please mention it!). We don't explore DNS round robin load balancing, because the amount of state to share would be larger (whole DTLS states). We prefer level 3 source IP/port based routing.

Proposed network infrastructure

States

  • A DTLS connection contains a lot of states (fragment, epoch, handshake states, master key etc..)
  • CoAP states: MID, tokens
  • LWM2M: registrations, security parameters, observations

If we try to share all of those states we are going to greatly reduce the performance. We should try to keep some on the leshan instance. For example we can say the MID and most of the DTLS states (outside of the ones needed for DTLS resume) can be kept in the Leshan instance because the level3 state-full load-balancer will push all the UDP packets coming from the same source IP/port to the same Leshan instance.

The remaining long term states to share would be: CoAP observations (Tokens), LWM2M registration, and parameters for starting a DTLS handshake.

For a first step DTLS resume can be excluded because we can force the client into a full re-handshake (which is not so costly with PSK schemes).

A first implementation based on Redis will be proposed.

Code impacts

Leshan: the registration store is already good, the only problem is the Observation registry.

Californium: observation are based on the "exchange" abstraction and is quite difficult to persist, this should be refactored or we also could create a more low level API for receiving .

Scandium: on a second step we can extract the information for re-handshaking and share it.

Northbound interface

The northbound interface is the interface between the Leshan cluster and the end user, like an IoT backend.

When you have a device connected to a server, only this server (which contains all the DTLS states) is able to communicate with the device.

So when a northbound interface user send a request it should be "routed" to the server in charge of this client.

The proposed solution is to use fan-out publishing in a broker. The request is published from the user to all the Leshan server instanced and if one of the server sees it's a request for one of it's devices it needs to answer back to the client that it's going to process the request. Once the request is processed the server publish the result in the broker (still in fan-out).

The client put a ticket id (a token) on the request and use it to correlate with the received fan-out responses.

(source: https://docs.google.com/presentation/d/1rGkpmPx_W37ojvlp6SL4oLuCkDlIAdd6XkTyHx2Li5k/edit?usp=sharing)

HTTP API and Demo

Since Leshan server exposes its capabilities from a broker interface (redis pub/sub, AMQP, etc..) the demo web UI will not be provided in the Leshan server.

So for demo/testing the leshan-server-demo project can use an in memory implementation of the borker and tunnel this to the javascript UI using web-sockets.