Linux cluster--lvs

The following describes the Linux cluster

First, the Linux cluster Foundation

1. Linux cluster type: LB, HA, HP, DS

(1), LB: Load Balancing cluster

Defect: A single point of failure, its scheduler can become a performance bottleneck

(2), HA: High Availability Cluster

Mean time between failures (MTBF), mean time to repair (MTTR).

RMS ==mtbf/(mtbf+mttr)-------------Increase availability formula

(3) HP: High Performance cluster

(4), DS: Distributed System cluster

Features: Distributed processing, distributed storage

2, Linux Cluster Scheduler: Hardware (F5), Software (LVS).

3. Load Balancing

(1), Transport Layer load balancing: four-layer switching

Application protocol Tools: LVs, Nginx, Haproxy

(2), Application layer load balancing: seven-layer switching

Application protocol Tools: httpd, Nginx, Haproxy

(3), fastcgi load Balancing:------------good performance, no httpd stability

Application Protocol tool: HTTPD, Nginx

(4), MySQL load balancing:

Management tools: Mysql-proxy

Two, LVS--------------Linux virtual server

Virtual Server: vs------------Scheduler

Real server: RS (real server)----------back-end server

CIP: Client IP, request sender IP Address

VIP: Virtual server IP, Client access address

DIP: Scheduler IP

RIP: IP for real servers

1. LVS Foundation

LVS is based on sockets (Ip:port) for data distribution. LVS, according to the target socket, dispatches the data message to the back-end Real Server (RS), when dispatched, through different algorithms to dispatch the response of the server.

Schedule rule chain used by LVS: INPUT

The rules of iptables and LVS cannot be used at the same time, at least the input rule chain cannot be used at the same time.

Kernel component of LVS: Ipvs----------receive IPVSADM management commands, support TCP, UDP, SCTP, AH, ESP, AH_ESP protocol

The User space tool is: IPVSADM------------Cluster service and RS Management

2, LVS cluster type: Lvs-nat, LVS-DR, Lvs-tunnel.

(1), Lvs-nat-----------Multi-target IP address Dnat

Client---------> DIP---------->rip------------> RS (target address, destination port)

(Same network segment, private IP)

Specific steps:

Client------> VIP--------> INPUT------> DIP------> RIP------>rs

Lvs-nat: (note)

1, RIP and dip in the same network segment, and should be a private IP address, RS gateway points to dip.

2, request messages and response messages, must be forwarded through the Director transponder, easily lead to performance bottlenecks, single point of failure.

3, can implement port redirection, that is, VIP, dip port number can be different.

4, vs must be a Linux system, and RS can be any operating system.

(2), LVS-DR (default type)----------Important

DR: Direct routing (pay attention to the gateway)----------------response messages do not go through the transponder

Specific steps:

Client-------> Router----------> Switch---------> VS-----------> RS---------------> Switch--------> Router---- -----> Client (RIP, dip same network segment)

LVS-DR: (note)

1, by encapsulating a data link layer header (MAC address) on the request message.

2. Re-encapsulate the source MAC address, which is the MAC address of the network where the dip is located.

The destination MAC address is a MAC address that is dispatched to the selected Rs RIP interface.

3. Source IP address and source port, destination IP address and destination port, remain unchanged throughout the message forwarding process

4. Switch-------> vs: Send a message with the VIP address to VS, by statically binding the IP address and MAC address on the router.

Switch--------> RS: Switch to Rs method, there are two ways: using the Arptables,rs kernel parameters (Arp_announce, Arp_ignore) on the RS

5. Port redirection is not supported

6. RS for Linux

7. The RIP and VIP must be configured on the RS, and the VIP should be configured on the lable of the Lo Interface

(3), Lvs-tun----------only once vs

Tunnel: Data transfer between the tunnel package, vs and Rs.

Instead of modifying the IP header (CIP/VIP) of the request message, it encapsulates an IP header (dip/rip) outside.

Specific steps:

Client----------> vs--------> RS---------> Client (only once VS)

Lvs-tun: (note)

1, Cip,vip,dip,rip should be the public IP address

2, RS Gateway can not point to dip, so the response message will not be forwarded by the Director, but directly to the CIP

3. Port redirection is not supported

4. RS must support tunnel protocol

5. RIP and VIP must be configured on RS

(4), Lvs-fullnat-----------non-standard type (VS is more expensive, but can add a certain amount of security)

At the same time, the source IP address and destination IP address of the request message are modified to realize the message forwarding.

CIP--------->dip

VIP--------->rip

namely: CIP/VIP-------> Dip/rip

Lvs-fullnat: (note)

1, CIP, VIP for the public address, DIP, rip as private address. DIP, RIP can not be the same network segment.

2, RS response to the received request message is the destination address of the dip, so the request message and response messages must go through the Director

3. Support Port redirection

3. LVS Scheduling algorithm

Depending on whether it is related to the load state of RS, it is divided into: static algorithm (irrelevant), dynamic algorithm (related).

(1), Static algorithm: related to the algorithm itself

RR: Polling algorithm

WRR: Weighted round robin algorithm

SH: Source Address hash algorithm (source address binding)

DH: Destination Address hash (forward proxy server)---------caching method implementation

(2), dynamic algorithm: With the current load status of RS, RS load: Overhead.

LC: Minimum connection number algorithm (select overhead value is small)------------there is a "starting point problem"

*WLC (default algorithm): Weighted minimum join algorithm-------------there is a "starting point problem"

SED: The shortest expected latency algorithm-------------solve the starting point problem, there is a "continuous request problem"

NQ: Sequence-free queueing algorithm------------start by assigning one to Rs weights, guaranteeing an active connection, and then SED

LBLC:----------------Dynamic DH (forward proxy) based on local minimum connection number algorithm

LBLCR: LBLC algorithm with copy function------------dynamic DH with replication (forward proxy)

Linux cluster--lvs