Linux Server Load balancer cluster system solution-LVS

1. Introduction to Linux virtual serversLinux virtual server (LVS) is a high-availability server Load balancer cluster system. The system can provide Load Capacity proportional to the number and performance of server nodes, effectively improving service throughput, reliability, redundancy, adaptability, and high performance and price ratio. At the same time, LVS is also an effective way to achieve high-end server performance using low-end devices. Linux virtual server (LVS) is built on a cluster composed of a director server and several real-server instances. Real-server is responsible for providing services. The master server controls the real-Server Based on the specified scheduling algorithm. The cluster structure is transparent to users. The client only communicates with a single IP address (virtual IP address of the cluster system). That is to say, from the client perspective, only one server exists here. Real-server provides many services, such as FTP, HTTP, DNS, telnet, nntp, and SMTP. The master server controls the real-server. When a client sends a service request to LVS, Director uses a specific scheduling algorithm to specify a real-server to respond to the request. The client only responds to the Load balancer IP address (virtual IP address, VIP.

Ii. Advantages* Increase throughput: to achieve higher throughput, the overhead of adding real-servers in LVS only increases linearly. If we choose to replace a higher-performance server to achieve a considerable throughput, the overhead is much larger, and the replaced old server will cause a waste of resources. * Redundancy: if a real-server in LVS stops the service due to upgrade or other reasons, the termination and restoration of the service will not interrupt the service of the entire LVS client. * Adaptability: whether the throughput needs to change gradually (due to changes in daily transactions) or quickly (due to sudden changes in transactions ),ServerThe increase or decrease of the number is transparent to the client.

Iii. Structure Diagram

 

The traditional "Client/Server" relationship is still applicable in LVS because: * The IP addresses of all servers are mapped to one IP address (that is, VIP ), the client can only see this IP address * all servers think it is directly related to the client. Basic settings of an LVS

Iv. Basic principles and functionsIn fact, ctor primarily acts like a vro, but it contains a route table for completing the LVS function. These route tables allow ctor to forward packets belonging to the LVS service to Real-servers. If HTTP (port 80) is a service set by LVS, these packets will be forwarded by ctor, and director does not listen to VIP: 80. Director use three different forwarding methods 1. VS-NAT: Based on Network Address Translation (NAT) 2. vs-Dr: Direct routing (DR ), the MAC address on the package is changed and then forwarded to Real-Server 3 and vs-tun: Tunnelling. The package is encapsulated by ipip and then forwarded to Real-server. VS-NAT method is easier to achieve, only need a function TCPIP stack, the disadvantage is that the throughput is not large enough, and the number of real-server supported is limited. The vs-Dr mode has a large throughput and supports a large number of real-servers. The vs-tun mode has similar characteristics as vs-DR, but it is mainly used for real-Server distribution over the Internet. Real-servers can be remote to ctor, real-servers can be in different network segments. However, the vs-DR and vs-tun forwarding methods need to modify the ifconfig and route table of real-server. LVS can provide almost all services (single-port and 2-port services). Except for vs-DR and vs-Tun, LVS cannot provide services for initializing connections from real-servers (with identd, rsh ). Real-servers can be the same and provide the same services (such as HTTP and FTP). The file system keeps the content consistent. This type of LVS is used to increase the number of service clients. Real-server can also be different and have different services or operating systems.

VS-NAT (Network Address Translation, network address translation, Nat)VS-NAT is the most basic method of LVS, which is the easiest way to set an LVS for testing. When the customer sends a request, director will rewrite the target address of the received package to a real-server and forward it to the real-server. Real-server replies will be sent to ctor. dire changes the source address of the reply packet to VIP. Unlike vs-DR and vs-Tun, real-server only needs one function TCPIP stack. Real-server can be any operating system and does not need to be modified on the Real-server (except in the routing table, the default gateway of real-server must be set to Director ). For VS-NAT extension and workflow:

 

After Director receives a request packet from the client, select a real-Server Based on the scheduling algorithm to parse the MAC address of the Real-server, and sends a link layer package containing an IP datasync to the Mac. After the real-server receives the packet, it restores the IP address datax. After finding the route table, it finds that the VIP address is located locally (device lo: 0, non-ARP) and handed over to the port listener. Because real-server receives a packet from CIP-> VIP, when constructing a reply packet, it is VIP-> CIP. Real-server searches for the route table and sends a reply to the client's default gateway. The reply does not go through ctor. What you need to do on real-server is to configure a non-arping lo: 0 device. And the service needs to listen to the corresponding port of the VIP. The vs-Dr mode has a large throughput and supports a large number of real-servers.

VII. vs-Tun (tunnelling)This method is based on vs-dr. The difference is that Director encapsulates the packet IP address and forwards it to Real-server. Vs-Tun's real-servers can be remotely connected to Director, and each real-server can be deployed on a separate network. However, you need to work on the router to allow output packets whose source address is VIP. The configuration method and requirements are similar to those of vs-dr. You only need to switch the Lo: 0 device to the tunl0 device, and the corresponding module is ipip.