Linux cluster: Build a Load Balancer cluster (i)

First, load Balancing introduction

• Main open source software LVs, keepalived, Haproxy, Nginx and so on;
• The LVS belongs to 4 layer (network OSI 7 layer model), Nginx belongs to 7 layer, Haproxy can be considered as 4 layer, can be used as 7 layer;
• Keepalived load balancing function is in fact LVS;
• LVS This 4-layer load balancer can be distributed in addition to 80 other ports communication, such as MySQL, and nginx only support Http,https,mail,haproxy also support MySQL this;
• Compared with this 4 layer of LVS more stable, can withstand more requests, and nginx this 7-storey more flexible, can achieve more personalized needs;

Two, LVS to achieve load balancing 1, LVS introduction and Mode

• LVS is developed by Chinese Zhangwensong
• Popularity is no less than Apache httpd, TCP/IP-based routing and forwarding, high stability and efficiency
• The latest version of LVS is based on Linux kernel 2.6 and has not been updated for many years
• LVS has three common patterns: NAT, DR, IP, tunnel
• A core role in the LVS architecture is called the Dispatcher (Load Runner), which is used to distribute the user's requests, as well as many servers that handle user requests (Real server, RS)

A) NAT mode

• This model is implemented using the Iptables NAT table
• After the user's request to the dispatcher, the requested packet is forwarded to the back-end RS via a preset iptables rule.
• RS needs to set the gateway as the Distributor's intranet IP
• The data packets that are requested by the user and the packets returned to the user are all passed through the dispatcher, so the dispenser becomes a bottleneck
• In NAT mode, it is necessary for the distributor to have a public IP, so it is more economical to save public IP resources.

b) IP tunnel mode

• This mode requires a common IP configuration on the Distributor and all RS, we call it VIP
• The target IP requested by the client is the VIP, and after the dispatcher receives the request packet, the packet is processed and the target IP is changed to the IP of Rs so that the packet is on the RS
• After the RS receives the packet, it restores the original packet so that the target IP is the VIP, because the VIP is configured on all RS, so it will consider itself

c) Dr Mode

• This mode also requires a common IP configuration on the Distributor and all RS, which is the VIP
• Unlike IP tunnel, he will change the MAC address of the packet to the MAC address of the RS.
• After the RS receives the packet, it restores the original packet so that the target IP is the VIP, because the VIP is configured on all RS, so it will consider itself

2. LVS Scheduling algorithm

• Poll Round-robin RR
• Weighted polling Weight Round-robin WRR
• Minimum connection least-connection LC
• Weighted minimum connection Weight least-connection WLC
• The minimum connection based on locality locality-based Least Connections LBLC
• Locally-based minimal connection with replication locality-based Least Connections with Replication LBLCR
• Destination Address hash dispatch Destination Hashing DH
• Source Address hash Dispatch source Hashing sh

3, Nat mode build LVSA) Preparation work

• Prepare three servers;
• Nat mode, the scheduler needs two IP, a public network IP an intranet IP;
• The real server only needs the intranet IP;
• Scheduler dir:192.168.242.128 (intranet IP), 192.168.248.88 (Public network IP:VM virtual machine add a network card, select only the host network mode, set the IP as an external IP), reference: http://blog.51cto.com/ 3069201/2065077
• Real Server rs1:192.168.242.129 (intranet IP), gateway to be set as the dispatcher's intranet IP (edit network card configuration file can be)
• Real Server rs2:192.168.242.130 (intranet IP), gateway to be set as the dispatcher's intranet IP (edit network card configuration file can be)

b) Shut down the firewall (required for all three)

[[email protected] ~]# systemctl stop firewalld[[email protected] ~]# systemctl disable firewalld[[email protected] ~]# iptables -F; iptables -t nat -F; service iptables save              //没有iptables，使用yum install -y iptables-services安装# 目的是为了调用一个空的规则

c) Install Ipvsadm and add script on Dir

[[email protected] ~]# yum install -y ipvsadm[[email protected] ~]# vim /usr/local/sbin/lvs_nat.sh   //添加以下内容#! /bin/bash# director 服务器上开启路由转发功能echo 1 > /proc/sys/net/ipv4/ip_forward# 关闭icmp的重定向echo 0 > /proc/sys/net/ipv4/conf/all/send_redirectsecho 0 > /proc/sys/net/ipv4/conf/default/send_redirects# 注意区分网卡名字，两个网卡分别为ens33和ens37echo 0 > /proc/sys/net/ipv4/conf/ens33/send_redirectsecho 0 > /proc/sys/net/ipv4/conf/ens37/send_redirects# director 设置nat防火墙iptables -t nat -Fiptables -t nat -Xiptables -t nat -A POSTROUTING -s 192.168.242.0/24  -j MASQUERADE# director设置ipvsadmIPVSADM=‘/usr/sbin/ipvsadm‘$IPVSADM -C$IPVSADM -A -t 192.168.248.88:80 -s wlc -p 3$IPVSADM -a -t 192.168.248.88:80 -r 192.168.242.128:80 -m -w 1$IPVSADM -a -t 192.168.248.88:80 -r 192.168.242.129:80 -m -w 1[[email protected] ~]# sh /usr/local/sbin/lvs_nat.sh             //没内容输出，说明没问题

D) Testing

  #在dir分别访问两个rs [[email protected] ~]# Curl 192.168.242.129lvs-zlinux02[[email protected] ~]# Curl 192.168.242.130lvs-zlinux03  

#在dir上访问dir的外网IP [[email protected] ~]# curl 192.168.248.88//always access the same because the-P 300 option is set and the request is not changed within 300 seconds lvs-zlinux0 2[[email protected] ~]# Curl 192.168.248.88lvs-zlinux02[[email protected] ~]# Curl 192.168.248.88lvs-zlinux02[[email protected] ~]# Curl 192.168.248.88lvs-zlinux02[[email protected] ~]# Curl 192.168.248.88lvs-zlinux02[[email protected] ~]# Curl 192.168.248.88lvs-zlinux02[[email protected] ~ ]# vim/usr/local/sbin/lvs_nat.sh//Remove-P option [[email protected] ~]# sh/usr/local/sbin/lvs_nat.sh//test again, Will rotate [[email protected] ~]# Curl 192.168.248.88lvs-zlinux03[[email protected] ~]# Curl 192.168.248.88lvs-zlinux03[[email protected] ~]# Curl 192.168.248.88lvs-zlinux03[[email protected] ~]# Curl 192.168.248.88lvs-zlinux03[[email protected] ~]# Curl 192.168.248.88lvs-zlinux03[[email protected] ~ ]# Curl 192.168.248.88lvs-zlinux03[[email protected] ~]# Curl 192.168.248.88lvs-zlinux03[[email proteCTED] ~]# Curl 192.168.248.88lvs-zlinux03[[email protected] ~]# Curl 192.168.248.88lvs-zlinux02[[email  Protected] ~]# Curl 192.168.248.88lvs-zlinux03[[email protected] ~]# Curl 192.168.248.88lvs-zlinux02

Linux cluster: Build a Load Balancer cluster (i)