Introduction to LVS Load balancing

Introduction to LVS Load balancing

Typical open source software for load Balancing clusters: lvs,nginx,haproxy,lighttpd.

High-availability clusters typically commonly used open source software: keepalived,beartbeat

Commercial hardware load devices: F5, Netscale

LoadBalancer is the load scheduler, which dispatches network requests to the real server without gaps. LVS has three load balancing techniques, namely NAT, Dr, TUN, Full-nat.

There are 4 main types of LVS operating modes:

DR

Nat

Tunnel

Full-nat

IP Load Balancing Technology

1.VS/DR (direct route)

By rewriting the MAC address of the request message, sending the request to the true server, the real server will return the response directly to the user, the time of the traffic pattern can greatly improve the scalability of the cluster system, this method does not have the IP tunnel overhead, the real server in the cluster does not need to support the IP Tunneling Protocol, Just need the scheduler and the real server has a NIC attached to the same physical network segment.

Schematic diagram of this mode:

650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M01/8B/CB/wKioL1hZIOqzEv42AADS5Wh6Y-I658.png "title=" dr.png "alt=" Wkiol1hzioqzev42aads5wh6y-i658.png "/>

2.vs/nat (network address translation)

Through the network address translation, the scheduler rewrites the target address of the request message, according to the preset scheduling algorithm, distributes the request to the backend real server, the real server response message through the scheduler, the source address of the message is rewritten, and then returned to the client, complete the entire scheduling process

Schematic diagram of this mode:

650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M02/8B/CB/wKioL1hZHPrS-uEpAADWbosYSrs477.png "title=" Nat.png "alt=" Wkiol1hzhprs-uepaadwbosysrs477.png "/>

3.vs/tun (IP tunneling mode)

The dispatcher forwards the requested message through the IP tunnel to the real server, and the real server returns the result directly to the user, the scheduler only processes the request message, because the General Network service response is larger than the request, the maximum throughput of the cluster system can be increased by 10 times times by the IP tunneling mode.

Schematic diagram of the pattern: As with the DR pattern

650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M02/8B/CB/wKioL1hZIXfTfvMeAADTMouoPL8214.png "title=" Tun.png "alt=" Wkiol1hzixftfvmeaadtmouopl8214.png "/>

4.full-nat

Both the DR and NAT modes inevitably have a problem: LVs and RS must be in the same VLAN, otherwise LVS cannot be the gateway for Rs.

The two problems that arise are:

1, the same VLAN restrictions cause operation is inconvenient, RS cross VLAN can not access.

2. The level expansion of LVS is restricted. When RS expands horizontally, one day its single-point LVS will become a bottleneck.

Full-nat from this, the solution is LVS and Rs cross-VLAN problem, and after the cross-VLAN problem solved, LVS and RS no longer have a dependency on the VLAN, you can do multiple LVS corresponding to multiple RS, solve the problem of horizontal expansion.

Full-nat the main improvement compared to NAT is, on the basis of Snat/dnat, plus another conversion.

Schematic diagram of this mode:

650) this.width=650; "Src=" http://s5.51cto.com/wyfs02/M02/8B/CA/wKioL1hZD2mwnQvvAAHECutOxqE241.jpg " Title= "4.jpg" alt= "Wkiol1hzd2mwnqvvaahecutoxqe241.jpg"/>

Among the four IP load balancing technologies, the DR and Tun modes need to be configured on the real server for the Arp_ignore and arp_announce parameters, mainly to implement an ARP request that disables the response to the VIP.

Nat Mode (the scheduler changes the requested destination IP, the VIP address to the IP of the real server, the returned packets also go through the scheduler, and the scheduler then modifies the source address to the VIP)

DR (The scheduler changes the destination MAC address of the requested packet to the MAC address of the real server and returns to the client without going through the scheduler)

Tun Mode (the scheduler encapsulates the requested packet encryption over the IP tunnel to the back-end real server, and real server returns the data directly to the client without the scheduler)

Full-nat mode when the package is transferred from LVS to RS, the source address is replaced with the LVS intranet IP from the client IP. Inter-network IP can communicate across VLANs through multiple switches.

When RS finishes processing the received packet, it returns the packet back to the LVS intranet IP, which is not restricted to VLANs. After the LVS receives the package, the NAT mode modifies the source address, then the target address from the RS packet is changed from the LVS intranet IP to the client IP.

The main idea of Full-nat is to change the communication between the gateway and its lower machine to the normal network communication, which solves the problem of cross-VLAN. In this way, the deployment of LVS and RS will no longer have any restrictions on VLANs, greatly improving the convenience of operational deployment.

One, NAT mode (Vs-nat)

Principle: It is the destination address of the IP header of the packet sent by the client, in the load balancer replaced by one of the RS IP address, and the RS to deal with, the RS processing after the completion of the data to the load balancer, load balancer and then the original IP address of the packet to its own IP, When you change the destination address to a client IP address, both incoming and outgoing traffic must go through the load balancer

Advantage: The physical servers in the cluster can use any TCP/IP-enabled operating system, only the load balancer requires a legitimate IP address.

Cons: Limited scalability. When the server node (normal PC server) grows too much, the load balancer becomes the bottleneck for the entire system because all the flow of the request packet and the reply packet goes through the load balancer. When there are too many server nodes, a large number of packets converge on the load balancer, and the speed slows down!

Second, IP tunnel mode (Vs-tun)

Principle: The first thing to know is that the request packet for most Internet services on the Internet is very short, and the response packet is usually very large. Then the tunnel mode is, the packet sent to the client, encapsulating a new IP header tag (destination IP only) sent to Rs,rs, first to unpack the packet, restore the packet, processed, directly back to the client, do not need to go through the load balancer attention, Since RS needs to restore the packets sent by the load balancer, it must support the Iptunnel protocol so, in the kernel of RS, the option to support Iptunnel must be compiled

Advantage: The load balancer is only responsible for distributing the request packet to the backend node server, and RS sends the reply packet directly to the user. So, by reducing the load balancer's massive data flow, the load balancer is no longer a system bottleneck and can handle a huge amount of requests, a load balancer that can be distributed to many Rs. and running on the public network can be distributed in different regions.

Cons: The tunnel mode RS node requires a legitimate IP, which requires all servers to support the "IP Tunneling" (IP Encapsulation) protocol, and the server may only be limited to some Linux systems.

Third, direct route mode (VS-DR)

Principle: Both the Load balancer and the RS use the same IP service but only the Dr responds to the ARP request, and all RS is silent on its own ARP request for this IP. That is, the gateway directs all requests for this service IP to the DR, and the Dr receives the packet and finds the corresponding RS according to the scheduling algorithm. , change the destination MAC address to Rs mac (because IP is consistent) and distribute the request to this RS then RS receives this packet, after processing completes, because the IP is consistent, can return the data directly to the customer, is equal to receive this packet directly from the client is identical, Returned directly to the client after processing because the load balancer is changing the two-layer header, the load balancer and RS must be in a broadcast domain or simply understood to be on the same switch

Pros: Like Tun (tunnel mode), the load balancer is just a distribution request, and the reply packet is returned to the client through a separate routing method. Compared to Vs-tun, this implementation of VS-DR does not require a tunneling structure, so most operating systems can be used as physical servers.

Disadvantage: (Can not say the shortcomings, can only be said to be insufficient) requires the network card of the load balancer with the physical network card on a physical segment.

LVS three operating mode principle, and comparison of advantages and disadvantages

One, NAT mode (Vs-nat)

Principle: It is the destination address of the IP header of the packet sent by the client, in the load balancer replaced by one of the RS IP address, and the RS to deal with, the RS processing after the completion of the data to the load balancer, load balancer and then the original IP address of the packet to its own IP, When you change the destination address to a client IP address, both incoming and outgoing traffic must go through the load balancer

Advantage: The physical servers in the cluster can use any TCP/IP-enabled operating system, only the load balancer requires a legitimate IP address.

Cons: Limited scalability. When the server node (normal PC server) grows too much, the load balancer becomes the bottleneck for the entire system because all the flow of the request packet and the reply packet goes through the load balancer. When there are too many server nodes, a large number of packets converge on the load balancer, and the speed slows down!

Second, IP tunnel mode (Vs-tun)

Principle: The first thing to know is that the request packet for most Internet services on the Internet is very short, and the response packet is usually very large. Then the tunnel mode is, the packet sent to the client, encapsulating a new IP header tag (destination IP only) sent to Rs,rs, first to unpack the packet, restore the packet, processed, directly back to the client, do not need to go through the load balancer attention, Since RS needs to restore the packets sent by the load balancer, it must support the Iptunnel protocol so, in the kernel of RS, the option to support Iptunnel must be compiled

Advantage: The load balancer is only responsible for distributing the request packet to the backend node server, and RS sends the reply packet directly to the user. So, by reducing the load balancer's massive data flow, the load balancer is no longer a system bottleneck and can handle a huge amount of requests, a load balancer that can be distributed to many Rs. and running on the public network can be distributed in different regions.

Cons: The tunnel mode RS node requires a legitimate IP, which requires all servers to support the "IP Tunneling" (IP Encapsulation) protocol, and the server may only be limited to some Linux systems.

Third, direct route mode (VS-DR)

Principle: Both the Load balancer and the RS use the same IP service but only the Dr responds to the ARP request, and all RS is silent on its own ARP request for this IP. That is, the gateway directs all requests for this service IP to the DR, and the Dr receives the packet and finds the corresponding RS according to the scheduling algorithm. , change the destination MAC address to Rs mac (because IP is consistent) and distribute the request to this RS then RS receives this packet, after processing completes, because the IP is consistent, can return the data directly to the customer, is equal to receive this packet directly from the client is identical, Returned directly to the client after processing because the load balancer is changing the two-layer header, the load balancer and RS must be in a broadcast domain or simply understood to be on the same switch

Pros: Like Tun (tunnel mode), the load balancer is just a distribution request, and the reply packet is returned to the client through a separate routing method. Compared to Vs-tun, this implementation of VS-DR does not require a tunneling structure, so most operating systems can be used as physical servers.

Disadvantage: (Can not say the shortcomings, can only be said to be insufficient) requires the network card of the load balancer with the physical network card on a physical segment.

LVS Scheduling algorithm

The main scheduling algorithm of LVS

Polling schedule-weighted polling schedule-Minimum connection schedule-weighted minimum connection schedule-minimum connection based on locality-

Local minimum connection with replication-destination address hash dispatch-Source address hash Schedule

1: The polling algorithm (RR) is to schedule the request to a different server in a sequential way, the most important feature of the algorithm is simple to implement. The polling algorithm assumes that all servers have the same ability to process requests, and the scheduler distributes all requests evenly to each real server

2: The weighted polling algorithm (WRR) is mainly a polling algorithm optimization and supplement, LVS will consider the performance of each server, and add a weight to each server, if the weight of server A is 1, Server B has a weight of 2, then the request dispatched to Server B will be twice times the server A. The higher the weighted value of the server, the more requests are processed.

3: The Minimum connection scheduling algorithm (LC) will dispatch the request to the server with the smallest number of successive

4: Weighted minimum connection algorithm (WLC) is to give each server a weight, the scheduler will keep the number of server connections and weights as far as possible balance

5: The least-Connection scheduling algorithm based on locality (LBLC) is a scheduling algorithm for the target IP address of the request packet, the algorithm first finds the most recent destination IP address for all used servers based on the destination IP address of the request, if the server is still available and is capable of processing the request, The scheduler chooses the same server as much as possible, otherwise it will continue to select other viable servers.

6: With complex local least-based connection algorithm (LBLCR) is not a target IP and a server connection between the record, he will maintain a target IP to a set of servers between the mapping relationship, to prevent the single-point server responsible for too high

7: The target address hash scheduling algorithm (DH) is also based on the destination IP address through the hash function of the target IP and the server to establish a mapping relationship, the server is unavailable or the load is too high, the request to the destination IP is pinned to the server.

8: The source address hash scheduling algorithm (SH) is similar to the target address hash scheduling algorithm, but it is a static allocation of fixed server resources based on the source address hashing algorithm

This article is from the "Bill Linux Operations Notes" blog, please be sure to keep this source http://chenshoubiao.blog.51cto.com/6159058/1884466

Introduction to LVS Load balancing