First, load Balancing cluster introduction
Ii. introduction of LVS
LVS NAT Mode
Access to NAT mode is not too large, usually more than 10 or 10 units or less
In NAT mode, only the distributor needs to configure a public IP, and then the Distributor and RS only need to set the network IP
LVS IP tunnel mode
A virtual tunnel between load Balancer and Real server is called IP Tunnel, the implementation principle is actually changed the destination IP of the packet, the client request dispatcher, the dispatcher receives the request packet, will make a processing of the packet, will change the target IP to RS IP , so that the packet on the RS, RS after receiving the packet, will restore the original packet, so that the target IP is the VIP, because all the RS configured on this VIP, so it will consider itself, Real server has its own public IP, it directly feed the packet to the client, So there's no bottleneck in the dispenser.
LVS Dr Mode
Unlike IP tunnel, it will change the MAC address of the packet to the MAC address of the RS, there is an intranet between the Distributor and RS, and the MAC address involves an ARP communication, and this mode is also the direct feedback to the client after the RS receives the packet, so the distributor has no bottleneck. This also requires a VIP to be configured on all machines.
Three, LVS scheduling algorithm
1. Polling: Polling is the equalizer of the distribution of the packet to the various RS machines, no merits and demerits of the
2. Weighted polling: Polling with weights
3. Minimum connection: The Distributor distributes the packets to the least-requested or the most idle RS
4. Weighted minimum Connection: Minimum connection with weight
The above four kinds are our usual use of more than four kinds of scheduling algorithm
The following four kinds of use are not much, can be used as an understanding
5, the minimum connection based on locality
6. Local-based minimum connection with replication
7, the target address hash dispatch
8. Source Address Hash Dispatch
Four, Nat mode construction
Prepare three machines, one as a dispatcher, also known as the scheduler, referred to as DIR, the other two as rs1 and RS2, the distributor needs two network card, an intranet IP, one for the external network IP, the external network card select only the host mode
1, respectively, three machines to configure the IP address, modify the good hostname
2, in order to test successfully, three machine firewall/selinux need to shut down
#systemctl Stop Firewalld
#systemctl Disable FIREWALLD
#iptables-NVL
#yum install-y iptables-services//iptables before using CENTOS6
#systemctl Stat iptables
#systemctl Enable Iptables
#iptables-F
#service iptables Save
#setenforce 0
Rs1 and RS2 gateways are set as the network IP of the Distributor respectively
#vi/etc/sysconfig/network-scripts/ifcfg-ens33
#systemctl Restart Network
#route-n//detection Gateway
Install the Ipvsadm tool on the Distributor to implement the LVS NAT function, this tool is a bit like iptables
#yum install-y Ipvsdam
Write a script on the Dispatcher dir and write the following:
#vim/usr/local/sbin/lvs_nat.sh
#! /bin/bash
Turn on routing forwarding on #director server
Echo 1 >/proc/sys/net/ipv4/ip_forward
#关闭icmp的重定向
echo 0 >/proc/sys/net/ipv4/conf/all/send_redirects
echo 0 >/proc/sys/net/ipv4/conf/default/send_redirects
#注意区分网卡名字, the Amin two NICs are ENS33 and ENS37, respectively.
echo 0 >/proc/sys/net/ipv4/conf/ens33/send_redirects
echo 0 >/proc/sys/net/ipv4/conf/ens37/send_redirects
#director setting up a NAT firewall
Iptables-t nat-f
Iptables-t Nat-x
Iptables-t nat-a postrouting-s 192.168.133.0/24-j Masquerade
#director设置ipvsadm
Ipvsadm= '/usr/sbin/ipvsadm '
$IPVSADM-C
$IPVSADM-A-T 192.168.142.147:80-s wlc-p 3
$IPVSADM-T 192.168.142.147:80-r 192.168.133.132:80-m-W 1
$IPVSADM-T 192.168.142.147:80-r 192.168.133.133:80-m-W 1
//Script Interpretation:
Echo 1 >/proc/sys/net/ipv4/ip_forward redirects a number 1, making an adjustment to the kernel to enable Routing and forwarding; Iptables-t nat-a postrouting-s 192.168.133.0/24-j Masquerade This rule can enable the same network segment of the intranet to the Internet;
Director Settings Ipvsadm The following rules, the LVS function is achieved by these rules, ipvsadm= '/usr/sbin/ Ipvsadm ' Sets a variable, the following rule to refer to the variable;
$IPVSADM-C is the purge rule;
$IPVSADM-A-T 192.168.142.147:80-s wlc-p 3 This is the big rule-T setting which rule to use LVS, 192.168.142.147:80 is the external network ip,-s WLC is its algorithm,-P 3 is the timeout time is 3 seconds;
$IPVSADM-T 192.168.142.147:80-r 192.168.133.132:80-m-W 1 This is the specific rule, the-R 192.168.133.132:80 is the RS machine,-M is the NAT mode, and the-W 1 sets its weight
#sh/usr/local/sbin/lvs_ nat.sh//Execute script
#yum install-y epel-release
#yum install-y nginx
on rs1 machine start Nginx
#systemctl start nginx< br> set two RS home page, make a distinction
#vi/usr/share/nginx/html/index.html//Modify the home page of the rs1
aming02
#curl localhost
aming02
#vi/usr/share/nginx/html/index.html//Modify RS2 's homepage
Aming03
#curl localhost
Aming03
Use the Curl command on the Distributor to access the public IP
#curl 1192.168.142.147
Aming02
#curl 1192.168.142.147
Aming03
#curl 1192.168.142.147
Aming02
#curl 1192.168.142.147
Aming03
Prove the success of the test
#ipvsadm-ln command to view ipvsadm distribution data
Load Balancing cluster Introduction LVS introduction LVS scheduling algorithm LVS NAT mode construction
