Go Linux load balancer software LVS III (Configuration chapter)

LVS Cluster has DR, TUN, Nat three configuration mode, can be the WWW service, FTP services, mail services, such as load balancing, the following through the construction of the WWW service load Balancer instance, describes the DR model based on the LVS cluster configuration.

First, the configuration of Director server
There are two ways to configure the LVS load Balancer cluster on the director server:
& #61656; Configuring with the Ipvsadm command line
& #61656; Configure LVS with the tool piranha provided by Redhat

1. Configure LVS by IPVSADM command line mode

After installing the Ipvs, you can configure the LVS cluster, first binding a virtual IP (also called VIP) on the director server, this IP is used to provide services externally, execute the following command:
[[Email protected] ~] #ifconfig eth0:0 192.168.60.200 broadcast 192.168.60.200 \
>netmask 255.255.255.255 up
Here a virtual device eth0:0 is bound on the eth0 device, Also set a virtual IP is 192.168.60.200, that is, the IP address we planned above, and then specify the broadcast address is also 192.168.60.200, it is important to note that the subnet mask here is 255.255.255.255.
Then assign a route to the device eth0:0 and execute the following command:
[[Email protected] ~] #route add-host 192.168.60.200 Dev eth0:0
Then enable the system's packet forwarding function, so that the system acts as a router, execute the following command:
[[Email protected] ~] #echo "1" >/proc/sys/net/ipv4/ip_forward
Directive, the value of the parameter is 1 o'clock IP forwarding is enabled and IP forwarding is forbidden for 0 o'clock. In fact, in DR Mode, it is not necessary to turn on the packet forwarding function of the system, while in NAT mode this operation is required.
Then start configuring Ipvs and do the following:
[[Email protected] ~] #ipvsadm-C
[[Email protected] ~] #ipvsadm-A-t 192.168.60.200:80-s rr-p 600
[[Email protected] ~] #ipvsadm-A-t 192.168.60.200:80-r 192.168.60.132:80-g
[[Email protected] ~] #ipvsadm-A-t 192.168.60.200:80-r 192.168.60.144:80-g
In the above operation, the first line clears all records from the kernel virtual server list, and the second line adds a new virtual IP record. This new IP is 192.168.60.200 and specifies a continuous service time of 600 seconds. Line third to fourth adds two new real server records to the new plus virtual IP record, and specifies that the LVS work mode is the direct route mode.
Finally, start the LVS service and do the following:
[[Email protected] ~] #ipvsadm
This way, the LVS configuration on the director server is complete.
For the convenience of management and configuration, you can write out a script file for the above operation, the script content is as follows:
#!/bin/bash
vip=192.168.60.200
rip1=192.168.60.132
rip2=192.168.60.144
gw=192.168.60.1
# Set the Virtual IP Address
/sbin/ifconfig eth0:0 $VIP broadcast $VIP netmask 255.255.255.255 up
/sbin/route add-host $VIP Dev eth0:0
echo "1" >/proc/sys/net/ipv4/ip_forward
#Clear IPVS Table
/sbin/ipvsadm-c
#set LVS
/sbin/ipvsadm-a-T $VIP: 80-s rr-p 600
/sbin/ipvsadm-a-T $VIP: 80-r $RIP 1:80-g
/sbin/ipvsadm-a-T $VIP: 80-r $RIP 2:80-g
#Run LVS
/sbin/ipvsadm
#end
It can also be written as a service script that starts and stops, with the following script:
#!/bin/sh
# Description:start LVS of Director server
vip=192.168.60.200
rip1=192.168.60.132
rip2=192.168.60.144
./etc/rc.d/init.d/functions
Case "$" in
Start
echo "Start LVS of Director Server"
# Set the Virtual IP Address and sysctl parameter
/sbin/ifconfig eth0:0 $VIP broadcast $VIP netmask 255.255.255.255 up
echo "1" >/proc/sys/net/ipv4/ip_forward
#Clear IPVS Table
/sbin/ipvsadm-c
#set LVS
/sbin/ipvsadm-a-T $VIP: 80-s rr-p 600
/sbin/ipvsadm-a-T $VIP: 80-r $RIP 1:80-g
/sbin/ipvsadm-a-T $VIP: 80-r $RIP 2:80-g
#Run LVS
/sbin/ipvsadm
;;
Stop
echo "Close LVS directorserver"
echo "0" >/proc/sys/net/ipv4/ip_forward
/sbin/ipvsadm-c
/sbin/ifconfig eth0:0 Down
;;
*)
echo "Usage: $ {start|stop}"
Exit 1
Esac
Name the script LVSDR file, then put the file under/etc/init.d and execute:
[[Email protected] ~] #chomd 755/ETC/INIT.D/LVSDR
Finally, you can start or stop the LVS service with the following command:
Service LVSDR {Start|stop}
At this end, the command-line configuration of Director server is complete.

2. Configure LVS with the tool piranha provided by Redhat

Piranha is a web-based LVS configuration software provided by Redhat, which eliminates the tedious work of manually configuring LVS, and can also provide cluster functionality separately, for example, by Piranha activating the backup host of the director server. That is, configuring the dual-machine hot standby capability of the director server.
The installation of the Piranha tool is very simple, download the Piranha RPM package and install it:
[[Email protected] ~] #rpm –IVH piranha-0.8.2-1.i386.rpm
Piranha after installation, it will produce/etc/sysconfig/ha/ LVS.CF file, the default file is empty, you can configure this file through the Web interface provided by piranha, or you can edit this file directly, edit the lvs.cf file content similar to the following, note that the contents after the,“#” number is commented.
[Email protected] ~]# MORE/ETC/SYSCONFIG/HA/LVS.CF
Serial_no = #序号.
Primary = 192.168.60.56 #指定主Director The real IP address of the server, relative to the Standby director server, that is, to the director server to do ha Cluster.
Service = LVs #指定双机的服务名.
backup_active = 0 #是否激活备用Director Server. “0” indicates that inactive,“1” is active.
Backup = 0.0.0.0 #这里指定备用Director The real IP address of the server, if there is no standby director server, you can use “0.0.0.0” instead.
Heartbeat = 0 #是否开启心跳, 1 means on, 0 means no.
Heartbeat_port = 539 #指定心跳的UDP通信端口.
KeepAlive = 5 #心跳间隔时间, unit is seconds.
Deadtime = Ten #如果主Director server does not respond after deadtime (seconds), then backup director
Server will take over the services of the Master Director server.
Network = Direct #指定LVS的工作模式, direct represents the DR Mode, Nat represents NAT mode, and tunnel represents TUNL mode.
Debug_level = NONE #定义debug调试信息级别.
Virtual www.gaojf.com{#指定虚拟服务的名称.
Active = 1 #是否激活此服务.
Address = 192.168.60.200 eth0:0 #虚拟服务绑定的虚拟IP以及网络设备名.
Port = #虚拟服务的端口.
Send = "get/http/1.0\r\n\r\n" #给real the validation string sent by the server.
Expect = "HTTP" #服务器正常运行时应该返回的文本应答信息 to determine if real server is working properly.
Use_regex = 0 # The Expect option uses a regular expression, 0 means not used, and 1 means use.
Load_monitor = None #LVS中的Director server can use RUP or ruptime to monitor the load status of individual real servers. There are 3 optional values for this option, RUP, Ruptime, and none, and if you choose RUP, each real server must run the RSTATD service. If Ruptime is selected, each real server must run the Rwhod service.
Scheduler = RR #指定LVS的调度算法.
protocol = TCP #虚拟服务使用的协议类型.
Timeout = 6 #real The time, in seconds, that must elapse after the server fails to remove the defunct real server from the LVS routing list.
reentry = the time, in seconds, that must elapse after the #某个real server is removed to rejoin the LVS routing list.
Quiesce_server = 0 #如果此选项为1. When a new node joins the cluster, the minimum number of connections is reset
is zero, so LVS sends a large number of requests to this service node, causing the new node service to block,
The recommended setting is 0.
Server RS1 {#指定real Server service name.
Address = 192.168.60.132 The IP address of the #指定real server.
Active = 1 #是否激活此real Server service.
Weight = 1 #指定此real The server's weight, which is an integer value, and the weight is relative to all real server nodes, the real server processing load with high weights is relatively strong.
}
Server RS2 {
Address = 192.168.60.144
Active = 1
Weight = 1
}
}
Edit complete, then start the Pulse service, which starts the LVS service
[[Email protected] ~] #service Pulse Start
Similarly, the package forwarding feature of the system is also enabled in this way:
[[Email protected] ~] #echo "1" >/proc/sys/net/ipv4/ip_forward
So far, the Piranha tool configures the director server to complete.

Second, the Real server configuration

In the LVS DR and Tun modes, when the user's access request arrives at the real server, it is returned directly to the user, not the front-end director server, so it is necessary to increase the virtual VIP address on each real server node so that the data can be returned directly to the user , the operation of adding VIP address can be implemented by creating a script, creating the file/etc/init.d/lvsrs, the script content is as follows:
#!/bin/bash
vip=192.168.60.200
/sbin/ifconfig lo:0 $VIP broadcast $VIP netmask 255.255.255.255 up
/sbin/route add-host $VIP Dev lo:0
Echo “1″ >/proc/sys/net/ipv4/conf/lo/arp_ignore
Echo “2″ >/proc/sys/net/ipv4/conf/lo/arp_announce
Echo “1″ >/proc/sys/net/ipv4/conf/all/arp_ignore
Echo “2″ >/proc/sys/net/ipv4/conf/all/arp_announce
Sysctl-p
#end
This action is to bind a virtual IP address on the loopback device and set its subnet mask to 255.255.255.255, which is interoperable with the virtual IP on the director server, and then disables the native ARP request.

The above script can also be written as a service script to start and stop, as follows:
[[Email protected] ~] #more/etc/init.d/lvsrs
#!/bin/bash
#description: Start Real Server
vip=192.168.60.200
./etc/rc.d/init.d/functions
Case "$" in
Start
echo "Start LVS of Real Server"
/sbin/ifconfig lo:0 $VIP broadcast $VIP netmask 255.255.255.255 up
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
;;
Stop
/sbin/ifconfig lo:0 Down
echo "Close LVS Director Server"
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
;;
*)
echo "Usage: $ {start|stop}"
Exit 1
Esac
Then, modify Lvsrs to have executable permissions:
[[Email protected] ~] #chomd 755/etc/init.d/lvsrs
Finally, you can start or close lvsrs with the following command
Service Lvsrs {Start|stop}
Because the virtual IP, which is the VIP address above, is shared between the director server and all real servers, if there is an ARP request VIP address, the Director server responds with all real servers, so the problem occurs. , the real server needs to be prevented from responding to ARP requests. The purpose of the Lvsrs script is to make the real server unresponsive to ARP requests.
For a low version of 2.4, install the ARP hidden kernel patch on real server, fortunately, the ARP broadcast response can be ignored by tuning the kernel parameters in the 2.6 kernel.

Third, configure the redundancy policy on Director Ldirectord

The role of Ldirectord is to monitor real server when real server fails, remove it from the list of virtual servers, add it back to the list when it is restored, and install Ldirectord by default when the previous article describes heartbeat. You only need to configure it here. The configuration file for Ldirectord is/ETC/HA.D/LDIRECTORD.CF.
Here are the options you need to configure, note that after the,“#”, the comment is:
# Global directives
Checktimeout=20 the time interval #判定real server error occurred.
checkinterval=10 #指定ldirectord在两次检查之间的间隔时间.
FALLBACK=127.0.0.1:80 #当所有的real The address of the Web service redirection when the server node does not work.
Autoreload=yes #是否自动重载配置文件, when you choose Yes, the configuration file changes to automatically load configuration information.
Logfile= "/var/log/ldirectord.log" #设定ldirectord日志输出文件路径.
Quiescent=no #当选择no时, if a node does not respond during the Checktimeout set time period, Ldirectord will remove the real server directly from the LVS routing table, at which point the existing client connection will be interrupted and the LV s loses all connection tracking records and persistent connection templates, if select Yes, when a real server fails, Ldirectord sets the weight of the failed node to 0, the new connection will not be reachable, but the node is not purged from the LVS routing table, and Connection tracking Records and program connection templates remain on the director.
Note: The above behavior ldirectord.cf file “ global ” settings, they can be applied to the following multiple virtual hosts, the following is the configuration of each virtual host.
# Sample for an HTTP virtual service
Virtual=192.168.60.200:80 #指定虚拟的IP地址和端口号, note that the line following the virtual line must be
You must indent 4 spaces or mark them with a tab character.
REAL=192.168.60.132:80 Gate #指定Real Server server address and port, while setting LVS operating mode,
The DR mode is represented by Gate, IPIP represents TUNL mode, and MASQ represents NAT mode.
REAL=192.168.60.144:80 Gate
FALLBACK=127.0.0.1:80 Gate
Service=http #指定服务的类型, here is load balancing the HTTP service.
Request= "index.html" #ldirectord将根据指定的Real server address, with this option given
Request path, send an access request, check if the service on the real server is
To ensure that the page address given here is accessible, otherwise Ldirectord
This node is mistakenly considered to be invalid and error monitoring occurs.
receive= "OK"#指定检测的关键字, the setting here indicates whether the test Access Index.html page contains the OK keyword, if any, indicates that the node is normal, otherwise it is considered a failure.

SCHEDULER=RR #指定调度算法, here is the RR (round call) algorithm.
Protocol=tcp #指定协议的类型, LVS supports TCP and UDP protocols.
Checktype=negotiate #指定Ldirectord的检测类型, default is negotiate.
Checkport=80 #指定监控的端口号.
Virtualhost=www.gaojf.com #虚拟服务器的名称, casually designated.
After the configuration is complete, you can start or close the Ldirectord service by executing the following command
/etc/init.d/ldirectord {Start|stop}
The core role of Ldirectord is to monitor the state of the Real server node, and it can also invoke Ipvsadm to automatically create the LVS routing table, as can be seen from LDIRECTORD.CF.
It should be explained here that both Ldirectord and Piranha have the function of monitoring real server, if you want to monitor the node state through Ldirectord, just start the Ldirectord service, the whole cluster system can be run. Instead of executing the LVS script we configured above, because Ldirectord will automatically call Ipvsadm to create the LVS routing table, we have described above using the IPVSADM command line to configure LVS in order to give readers a deeper understanding of IPVSADM implementation details and implementation mechanisms.
If you are configuring LVS through the Piranha tool, you do not need to use the Ldirectord,piranha tool for the system process is pluse, this process will also automatically call Ipvsadm create LVS route table, while using its own nanny daemon monitoring real The state of the server!

This article originates from http://ixdba.blog.51cto.com/2895551/554799

Go Linux load balancer software LVS III (Configuration chapter)