Cluster LVS Nat, Dr, And Tun application configuration

I. Cluster Introduction

Cluster category:

1. Load Balancing cluster (LB: Load Banlancing): to give an application with a particularly large volume of traffic or tasks

Evenly distributed to different servers to provide high capacity and high concurrency.

2. high-availability cluster (HA: High avalibility): combines multiple computers to avoid a service caused by a certain Machine

If a fault occurs and the service is interrupted, the service continuity is guaranteed.

3. A High-Performance cluster (HP: high performance) is also called a scientific computing cluster: a cluster that combines complex computing and generally consists of a large number of computers. SuSE is widely used.

Software represented by clusters

LB: Load Balancing cluster (LB: Load Banlancing)

LVS (Linux virtual serverlinux Virtual Server): provides higher throughput, redundancy, and flexibility.

LVS: ipvsadm (working in user space)/(ipvs working in kernel space) is similar to iptables/Netfilter

Ii. LVS

1. LVS Classification

A. Virtual Server via Network Address Translation (Vs/NAT)
Through network address translation, the scheduler overwrites the target address of the request message and distributes the request to the real backend server based on the preset scheduling algorithm. When the response packet of the real server passes through the scheduler, the source address of the message is overwritten and then returned to the customer to complete the load scheduling process.

Features of the NAT type:

1. The RS application uses a private address. The RS gateway must point to the dip;

2. requests and responses must go through ctor; in High-load scenarios, director is easy to become a performance bottleneck;

3. Supports port ing;

4. The RS can use any OS;

B,Virtual Server via IP tunneling (Vs/TUN)

When NAT technology is used, because requests and response packets must be overwritten by the scheduler address, the processing capability of the scheduler becomes a bottleneck when there are more and more customer requests. To solve this problem, the scheduler forwards the request message to the real server through the IP tunnel, and the real server directly returns the response to the customer. Therefore, the Scheduler only processes the request message. Generally, the network service response is much larger than the request message. after VS/TUN technology is used, the maximum throughput of the cluster system can be increased by 10 times.

Features of the Tun type:

1. Rip, VIP, and dip are all public IP addresses;

2. The RS gateway does not and cannot point to dip;

3. The request message passes through ctor, but the response message must not pass through Director;

4. Port ing is not supported;

5. The rs OS must support tunneling;

C. Virtual Server via direct routing (Vs/DR)

VS/DR rewrite the MAC address of the request message to send the request to the Real Server, while the real server directly returns the response to the customer. Like VS/TUN technology, VS/DR technology can greatly improve the scalability of Cluster Systems. This method does not involve the overhead of the IP tunnel, and does not require real servers in the cluster to support the IP tunnel protocol, however, the scheduler and the Real Server must have a network card connected to the same physical network segment.

Features of the Dr type:

1. Ensure that the frontend route sends all packets whose destination address is VIP to the directory instead of Rs;

Solution:

(1) static address binding: operate on the front-end router

Problem: You may not have the routing operation permission.

(2) aprtables

(3) modify the Kernel Parameters on RS, configure the VIP on RS to the alias of the LO interface, and restrict it from responding to the VIP address resolution request;

2. RS can use a private address, but it can also use a public address. In this case, it can be accessed through the Internet through rip;

3. RS and directory must be in the same physical network;

4. The request message passes through ctor, but the response message must not pass through Director;

5. Port ing is not supported;

6. RS can be a common OS;

7. RS gateways are not allowed to point to dip;

3. LVS Scheduling Algorithm

For different network service requirements and server configurations, the ipvs scheduler implements the following eight load scheduling algorithms:

1) Round Robin)
The scheduler uses the "Wheel call" scheduling algorithm to distribute external requests to the real servers in the cluster in turn in sequence. The scheduler treats each server equally, regardless of the actual number of connections and system load on the server.

2) Weighted Round call (Weighted Round Robin)
The scheduler uses the Weighted Round call scheduling algorithm to schedule access requests based on different processing capabilities of the Real Server. This ensures that servers with high processing capabilities can process more access traffic. The scheduler can automatically query the actual server load and dynamically adjust its weight.

3) least connections (least connections)

The scheduler uses the "least connections" scheduling algorithm to dynamically schedule network requests to servers with the least established connections. If the real server of the cluster system has similar system performance, the "minimum connection" scheduling algorithm can better balance the load.

4) weighted least Link (weighted least connections)

When the server performance in the cluster system is significantly different, the scheduler uses the "weighted least link" scheduling algorithm to optimize the Server Load balancer performance, servers with higher weights will bear a large proportion of the active connection load. The scheduler can automatically query the actual server load and dynamically adjust its weight.

5) locality-based least connections)
The "locality-based least link" scheduling algorithm is a load balancing algorithm for the target IP address. It is currently mainly used in cache Cluster Systems. This algorithm finds the Server recently used by the target IP address of the request. If the server is available and is not overloaded, the request is sent to the server. If the server does not exist, alternatively, if the server is overloaded and has half of the server's workload, use the "least link" principle to select an available server and send the request to the server.

6) locality-based least connections with replication)
The "local least link-based replication" scheduling algorithm is also used for load balancing of the target IP address. It is mainly used in the cache cluster system. It differs from the lblc Algorithm in that it maintains a ing from a target IP address to a group of servers, while the lblc algorithm maintains a ing from a target IP address to a server. This algorithm finds the server group corresponding to the target IP address based on the requested target IP address, and selects a server from the server group based on the "minimum connection" principle. If the server is not overloaded, send requests to the server. If the server is overloaded, select a server from the cluster based on the "minimum connection" principle and add the server to the server group, send the request to the server. At the same time, when the server group has not been modified for a period of time, delete the busiest server from the server group to reduce the degree of replication.

7) Destination hashing)
The scheduling algorithm uses the target IP address as the hash key to find the corresponding server from the static allocation hash list, if the server is available and is not overloaded, send the request to the server. Otherwise, null is returned.

8) Source Address hash)
The "Source Address hash" scheduling algorithm uses the request's source IP address as the hash key to find the corresponding server from the static allocation hash list, if the server is available and is not overloaded, send the request to the server. Otherwise, null is returned.

4. Four IP addresses of LVS

Director: the host responsible for scheduling clusters. It is also referred to as the scheduler and distributor.

VIP: (virtual IP address) IP address of the virtual IP address that provides services externally. Generally, this IP address is bound to a domain name.

Dip :( director's IP address) IP address for Rip communication with the internal host, on the director host

Rip :( real IP address) RealServer IP address; host that actually provides services internally

CIP :( client computer's IP address) Client IP

5. ipvsadm

Online Help http://linux.die.net/man/8/ipvsadm

1. Define the cluster service format:

1) Add a cluster service:

Ipvsadm-A | E-T | u | f service-Address [-s scheduler]

[-P [timeout] [-M netmask]

-A: adds a new cluster service.

-E: edit a cluster service.

-T: indicates the TCP protocol.

-U: UDP protocol

-F: Indicates firewall-mark and firewall flag

Service-Address: IP address of the cluster service, that is, VIP

-S: specified Scheduling Algorithm

-P persistent connection duration, such as # ipvsadm-lcn, to view the persistent connection status

-M defines the mask.

Ipvsadm-D-T | u | f service-address delete a cluster service

Ipvsadm-C clear all rules

Ipvsadm-r reload rules

Ipvsadm-s [-N] Save the rule

Eg:

Ipvsadm-a-t 192.168.1.110: 80-s rr

2. Add RealServer rules to the cluster service:

1) Add RealServer rules

Ipvsadm-A | E-T | u | f service-address-r server-address

[-G | I | M] [-W weight]

-A: Add a new RealServer rule.

-E: Edit RealServer rules.

-T tcp protocol

-U udp protocol

-F firewall-mark, firewall flag

IP address of service-address RealServer

-G representation defined as LVS-DR Model

-I representation defined as a LVS-TUN Model

-M representation defined as LVS-NAT Model

-W defines the weight, followed by the specific weight value

Ipvsadm-D-T | u | f service-address-r server-address -- delete a RealServer

Ipvsadm-L | L [Options] -- View defined rules

Eg: # ipvsadm-l-N

Ipvsadm-Z [-T | u | f service-address] -- clear the counter

Eg: ipvsadm-a-t 192.168.1.110: 80-r 172.16.36.1: 80-m-W 1

Ipvsadm-a-t 192.168.1.110: 80-r 172.16.36.2: 80-m-W 2

LVS-DR

This article from the "broken knife" blog, please be sure to keep this source http://90sec.blog.51cto.com/7404127/1551977

Cluster LVS Nat, Dr, And Tun application configuration