Load Balancer Introduction, LVS Introduction, Algorithm Introduction, Lvs_nat load Balancing mode configuration

Load Balancing

Mainstream open source software: LVS, keepalived, Haproxy, Nginx and so on;
OSI Layer: LVS (4), Nginx (7), Haproxy (4, 7);
The Keepalived load balancing function is actually the LVS
LVS Load balancer can distribute other ports than 80, such as MySQL, while Nginx only supports HTTP, https, mail;

LVS Introduction

Latest Version: Based on Linux kernel 2.6
Three common modes: NAT, DR, IP Tunnel
There is a core role in the LVS architecture called the Dispatcher (Load Balance), which is used to distribute the user's requests, as well as many server RS that handle user requests;

Nat Mode

This model is implemented using the Iptables NAT table
After the user's request to the Dispatcher (dir), the requested packet is forwarded to the back-end RS via a preset iptables rule.
RS needs to set the intranet IP of the gateway as the Distributor (dir)
The data packets that are requested by the user and the packets returned to the user are all passed through the dispatcher, so the dispenser becomes a bottleneck
In NAT mode, only the Distributor has a public IP, so it is more economical to save public IP resources.

Dir dual NIC, external network port set public network IP, intranet port set intranet IP
SR Gateways point to dir intranet IP
Dir Install ipvsadm Create script run script just OK

IP tunnel mode

This mode requires a common IP configuration on the Distributor (dir) and all RS, we call it VIP
The target IP requested by the client is the VIP, and after the dispatcher receives the request packet, the packet is processed and the target IP is changed to the IP of Rs so that the packet is on the RS
After the RS receives the packet, it restores the original packet so that the target IP is the VIP, because the VIP is configured on all RS, so it will consider itself

Dr Mode

This mode also requires a common IP configuration on the Distributor and all RS, which is the VIP
Unlike IP tunnel, it modifies the MAC address of the packet to the MAC address of the RS.
After the RS receives the packet, it restores the original packet so that the target IP is the VIP, because the VIP is configured on all RS, so it will consider itself

Algorithm

Poll Round-robin RR
Weighted polling Weight Round-robin WRR
Minimum connection least-connection LC
Weighted minimum connection Weight least-connection WLC
The minimum connection based on locality locality-based Least Connections LBLC
Locally-based minimal connection with replication locality-based Least Connections with Replication LBLCR
Destination Address hash dispatch Destination Hashing DH
Source Address hash Dispatch source Hashing sh

LVS NAT Mode Configuration Preparation

Dispatcher, Scheduler (DIR): Intranet ip192.168.188.2, extranet ip192.168.200.200 (virtual, host-only mode)
Rs1: Intranet ip192.168.188.3, Gateway 192.168.188.2 (gateway points to the IP of the distributor)
RS2: Intranet ip192.168.188.6, Gateway 192.168.188.2 (gateway points to the IP of the distributor)

Firewall settings off SELinux

setenforce 0            //临时关闭getenforce 0            //查看SELinux当前状态vim /etc/selinux/config        //修改配置文件，永久关闭SELinux

Close Firewalld

systemctl stop firewalld            //停用firewalldsystemctl disable firewalld        //禁止firewalld

Configure Iptables

systemctl start iptables                //启用iptablesiptables -F                                    //清空配置service iptables save                    //保存配置

Installation and Configuration Ipvsadm

yum install -y ipvsadm                    //安装ipvsadm

vim /usr/local/sbin/lvs_nat.sh            //创建vls_nat的shell脚本

#! /bin/bash# director 服务器上开启路由转发功能echo 1 > /proc/sys/net/ipv4/ip_forward# 关闭icmp的重定向echo 0 > /proc/sys/net/ipv4/conf/all/send_redirectsecho 0 > /proc/sys/net/ipv4/conf/default/send_redirects# 注意区分网卡名字，两个网卡分别为ens33和ens37echo 0 > /proc/sys/net/ipv4/conf/ens33/send_redirectsecho 0 > /proc/sys/net/ipv4/conf/ens37/send_redirects# director 设置nat防火墙iptables -t nat -Fiptables -t nat -Xiptables -t nat -A POSTROUTING -s 192.168.188.0/24 -j MASQUERADE# director设置ipvsadmIPVSADM=‘/usr/sbin/ipvsadm‘$IPVSADM -C$IPVSADM -A -t 192.168.200.200:80 -s lc -p 300            //其中lc为算法，-p 300 为300秒$IPVSADM -a -t 192.168.200.200:80 -r 192.168.188.3:80 -m -w 1$IPVSADM -a -t 192.168.200.200:80 -r 192.168.188.6:80 -m -w 1

sh /usr/local/sbin/lvs_nat.sh            //执行脚本

Test

Will SR1 and SR2 nginx Open, edit SR1 home output for SR1, edit SR2 home output for SR2
Since SR1 and SR2 are installed using Yum, the vim/usr/share/nginx/html/index.html

ipvsadm -ln            //查看ipvsadm规则curl 192.168.200.200        //测试是否随机访问SR1和sr2

Load Balancer Introduction, LVS Introduction, Algorithm Introduction, Lvs_nat load Balancing mode configuration