Use LVS and ipvsadm for Web load balancing in Linux

In Linux, LVS and ipvsadm are used for Web load balancing. If you want to have a comprehensive and macro understanding of Server Load balancer, you can see: Principles and Applications of Server Load balancer .

I. Introduction and environment Configuration

In Linux, LVS and ipvsadm are used for Web load balancing. In this example, the operating system is Ubuntu, and LVS is used to create a virtual server based on the Linux operating system, implements load balancing between service nodes. It is implemented based on the Linux kernel. 2.6.x kernel integrates the LVS module by default. The implementation of LVS common load balancing is based on the IP protocol, so it is generally called ipvs.

in this example, there are three Ubuntu servers, 192.168.0.111, 192.168.0.197, and 192.168.0.198. We use 192.168.0.111 as the Server Load balancer server, first, check whether the operating system has integrated LVS. Run modprobe-L | grep ipvs on the command line. if:
kernel/NET/Netfilter/S/ip_vs.ko
kernel/NET/Netfilter/ipvs/ip_vs_rr.ko
kernel/NET/Netfilter/ipvs/ip_vs_wrr.ko
kernel/NET/Netfilter/ipvs/ip_vs_lc.ko
kernel/NET/ Netfilter/ipvs/ip_vs_wlc.ko
kernel/NET/Netfilter/ipvs/ip_vs_lblc.ko
kernel/NET/Netfilter/ ipvs/ip_vs_lblcr.ko
kernel/NET/Netfilter/ipvs/ip_vs_dh.ko
kernel/NET/Netfilter/ipvs/ ip_vs_sh.ko
kernel/NET/Netfilter/S/ip_vs_sed.ko
kernel/NET/Netfilter/ipvs/ip_vs_nq.ko
kernel/NET/Netfilter/ipvs /Ip_vs_ftp.ko
indicates that LVS has been installed and does not need to be re-compiled. If it is another Linux system, it does not have built-in LVS, you can also search for the installation on the Internet, which is not very complicated.

Then you need to install ipvsadm and run the apt-Get install ipvsadm command directly. After the installation is successful, run the command:
Ipvsadm
The prompt is displayed:
IP Virtual Server version 1.2.1 (size = 4096)
Prot localaddress: Port sched1_flags
-> Remoteaddress: port forward weight activeconn inactconn

The installation is successful.

Ii. Server Load balancer Configuration

Next, configure LVS to create a virtual IP address on the server Load balancer (192.168.0.111), and then use ipvsadm to create forwarding rules:
Ifconfig eth0: 0 192.168.0.112 netmask 255.255.255.255 broadcast 192.168.0.112
Echo "1">/proc/sys/NET/IPv4/ip_forward
Ipvsadm-C
Ipvsadm-a-t 192.168.0.112: 8888-s rr
Ipvsadm-a-t 192.168.0.112: 8888-r 192.168.0.197-g-W 1
Ipvsadm-a-t 192.168.0.112: 8888-r 192.168.0.198-g-W 1

Note: 192.168.0.197 and 192.168.0.198 run a web server with both ports 8888. Before that, make sure that the two web servers can be accessed through a browser.

After the preceding command is executed, run the following command again:
Ipvsadm

If the following information is displayed, the configuration is successful:
IP Virtual Server version 1.2.1 (size = 4096)
Prot localaddress: Port sched1_flags
-> Remoteaddress: port forward weight activeconn inactconn
TCP eric-app-server.local: 8888 rr
-> Ubuntu-2.local: 8888 Route 1 0 0
-> Ubuntu. Local: 8888 Route 1 0 0

Iii. Real Server Configuration

Then you need to configure the Real Server 192.168.0.197 and 192.168.0.198 and run the following commands on the two servers respectively:
Ifconfig lo: 0 192.168.0.112 netmask 255.255.255.255 broadcast 192.168.0.112
Route add default GW 192.168.0.112
Echo "1">/proc/sys/NET/IPv4/CONF/LO/arp_ignore
Echo "2">/proc/sys/NET/IPv4/CONF/LO/arp_announce
Echo "1">/proc/sys/NET/IPv4/CONF/All/arp_ignore
Echo "2">/proc/sys/NET/IPv4/CONF/All/arp_announce
Sudo sysctl-P

4. Check the effect after the configuration is complete

Now the configuration of the Server Load balancer is complete. Enter http: // 192.168.0.112: 8888/index.html in the browser and you will see hello word-1111111111111111111! Or hello word-222222222222222222222! Because the content on the http: // 192.168.0.197: 8888/index.html page is: Hello word-1111111111111111111 !, The http: // 192.168.0.197: 8888/index.html page contains: Hello word-222222222222222222222!

In addition, a detour was taken at the beginning, that is, the three servers that were initially found were not in the same local area, and there were also virtual machines, so the configuration was unsuccessful. In this mode, Server Load balancer requires that the Server Load balancer server have two NICs, one for the Intranet and the other for the Internet, and must be in the same local area as the real server.

V. ipvsadm command reference

1, virtual-service-Address: indicates the IP address of the virtual server
2, real-service-address: it refers to the IP address of the real server
3. schedadm: Scheduling Method
the usage and format of ipvsadm are as follows:
ipvsadm-A | E-T | u | f virutal-service-address: port [-s scheduler] [-P [timeout] [-M netmask]
ipvsadm-D-T | u | f virtual-Service -Address
ipvsadm-C
ipvsadm-r
ipvsadm- s [-N]
ipvsadm-A | E-T | u | f service-address: port-R real-server-address: port
[-G | I | M] [-W weight]
ipvsadm-D-T | u | f service-address-r server-address
ipvsadm-L | L [Options]
ipvsadm -Z [-T | u | f service-address]
ipvsadm -- set TCP tcpfin UDP
ipvsadm -- start-daemon State [-- MCAST-interface]
ipvsadm -- stop-daemon
ipvsadm-H

Command Option explanation:
There are two Command Option formats, long and short, with the same meaning. In actual use, either of them can be used.
-A -- add-service adds a new virtual server record in the virtual server table of the kernel. That is, add a new virtual server.
-E -- edit-service: edit a virtual server record in the kernel virtual server table.
-D -- delete-service: delete a virtual server record in the kernel virtual server table.
-C -- clear clears all records in the kernel virtual server table.
-R -- Restore restore virtual server rules
-S -- save saves the Virtual Server rule and outputs the readable format of the-r Option
-A -- add-Server adds a new Real Server record to a record in the kernel virtual server table. That is, add a new real server to a virtual server.
-E -- edit-server: edit a Real Server record in a virtual server record
-D -- delete-server: delete a Real Server record in a virtual server record.
-L |-l -- List displays the kernel virtual server table
-Z -- zero virtual service table counters are cleared (the current number of connections is cleared, etc)
-- Set TCP tcpfin UDP sets the connection timeout value
-- Start-daemon: Start the synchronization daemon. It can be followed by a master or backup to indicate that the LVS router is Aster or backup. You can also use the vrrp feature of keepalived.
-- Stop-daemon: Stop synchronization daemon
-H -- help: displays help information.

Other options:
-T -- TCP-Service-Address indicates that the virtual server provides the TCP Service [VIP: Port] or [real-server-IP: Port].
-U -- UDP-Service-Address indicates that the virtual server provides the UDP Service [VIP: Port] or [real-server-IP: Port].
-F -- fwmark-service fwmark indicates the service type marked by iptables.
-S -- scheduler SchedulingAlgorithmThe following options are available: RR | WRR | LC | wlc | lblc | lblcr | DH | sh | sed | NQ. The default scheduling algorithm is wlc.
-P -- persistent [timeout] persistent and stable service. This option means that multiple requests from the same customer will be processed by the same real server. The default timeout value is 300 seconds.
-M -- netmask persistent granularity mask
-R -- real-server-address Real Server [real-server: Port]
-G -- gatewaying specifies that the LVS working mode is the direct routing mode (also the default LVS mode)
-I -- ipip: Specify the LVS working mode as tunnel mode.
-M -- masquerading: Specify the LVS working mode as Nat
-W -- weight actual server weight
-- MCAST-Interface: Specifies the multicast synchronization interface.
-C -- connection displays the current connection of LVS, for example, ipvsadm-L-C.
-- Timeout: display the timeout value of TCP tcpfin UDP, for example, ipvsadm-l -- timeout.
-- Daemon: displays the synchronization daemon status.
-- Stats display statistics
-- Rate: Display rate information
-- Sort sorts and outputs virtual servers and real servers
-- Numeric-N: Number of output IP addresses and ports