Cluster and system expansion three: persistent connectivity and health detection

First, FWM

Fwm:firewall Mark

Iptables/netfilter:

Filter, NAT, Mangle, Raw

Mangle: Firewall tag

Prerequisite: Define iptables rules on a hook function of NetFilter before the Ipvs comes into effect, and implement a firewall tag for the message;

Define the method:

(1) Marking: implemented on the prerouting chain of mangle table on director

 # iptables-t mangle-a prerouting-d $vip-P $protocol--dport $port-j MARK--set-mark [1-99]

(2) Define Cluster service based on FWM

# ipvsadm-a-F fwm-s SCHEDULER

# ipvsadm-a-F fwm-r server-address-g|-i|-m-w #

Ii. Persistence:lvs Persistent connection of LVS

regardless of which scheduling method is used, the persistent connection function ensures that requests from the same IP will always be directed to the same RS within a specified time frame;

PersistenceTemplate: Persistent connection templates

PPC: Durable per port

The persistent connection takes effect only for a single cluster service, and if there are multiple cluster services, each service is individually and persistently dispatched;

PCC: Persistent per client

The persistent connection takes effect for all services , and when the Cluster service is defined, the target port of its TCP or UDP protocol is used 0;

PFWM: Lasting per FWM

The persistent connection takes effect for all services defined as the same fwm;

Define the method:

Ipvsadm-a-t|-u|-f service-address-s SCHEDULER [-P [#]]

No-P option: Do not enable persistent connections

-P #: Specify Long duration, omit duration, default is 360seconds

Three, LVS health testing

The LVS itself does not support the detection of the health status of RS;

Health: Periodic check mechanism

When the state changes, the corresponding treatment should be made

Up-and-down: it is recommended to confirm at least three times;

Down-to-up: suggest more than once (including once);

Downline processing mechanism:

(1) Set the weight to 0;

(2) Remove the corresponding RS from the list of available RS Ipvs;

On-line processing mechanism:

(1) Set as normal weight;

(2) Add the corresponding RS to the list of available RS for Ipvs;

Solution:

(1) Write the program to complete the corresponding functions;

How to do health check:

Three options:

IP layer: Ping and other host online status detection tool;

Transport Layer: port scan Tool probe service online status;

Application layer: Request a resource or a normal resource that is specific to a health state check;

Standby server:

Sorry server, Backup server

Can be directly implemented on the director: that is, configure Director to become a Web service, provide only limited resources, in the case of all RS failure, just enable this server;

Homework: Write a script to complete the RS health status check;

#!/bin/bash#fwm=10sorry_server= ' 127.0.0.1 ' lvstype= '-M ' checkloop=3    #  cycle times logfile=/var/log/ipvs_health_check.logrs= (' 192.168.10.11 '   ' 192.168.10.12 ') rw= (' 1 ')   ' 1 ')   #  define weight rsstatus= (0 0)  #  define initial state Addrs ()  { # $1: rs,  $2: rs weightipvsadm -a -f  $FWM  -r $1  $lvstype  -w $2         [ $? -eq 0 ] && return  0 | |  RETURN 1} 

delrs ()  {            # $1: rsipvsadm -d -f  $FWM  -r $1[ $? -eq 0  ] && return 0 | |  return 1}chkrs ()  { # $1: rslocal i=1while [  $i  -le $ checkloop ]; do      if curl --connect-timeout 1 - s http://$1/index.html | grep -i  "Real[[:space:]]* server"  &> / dev/null; thenreturn 0filet i++sleep 2  #  Hibernate 2sdonereturn 1} 

initstatus ()  {for host in  ' seq 0 $[${#rs [@ ]}-1] ';  doif chkrs ${rs[$host]}; then    if [ ${rsstatus[$ host]} -eq 0 ]; thenrsstatus[$host]=1             fi        else    if  [ ${rstatus[$host]} -eq 1 ]; thenrsstatus[$host]=0     fifi     done} 

Initstatuswhile:; Dofor host in ' seq 0 $[${#rs [@]}-1] '; Doif chkrs ${rs[$host]}; Then if [${rsstatus[$host]}-eq 0];  Then Addrs ${rs[$host]} ${rw[$host]} [$?-eq 0] && rsstatus[$host]=1 fielse If [ ${rsstatus[$host]}-eq 1]; Then Delrs ${rs[$host]} [$?-eq 0] && rsstatus[$host]=0 Fifi do sleep 10done

Jobs: improving this script

(1) Enable logging when the RS is up and down;

(2) Enable Sorry_server when all RS is offline;

Blog assignment: The principle of LVS, the realization of lvs-nat and the realization of LVS-DR

Cluster and system expansion three: persistent connectivity and health detection