LVS Load Balancing solution (Windows IIS)

LVS Load Balancing Solution

Because the main platform for our products is windows+iis+sqlserver (over 2000), Lvs+keepalived is the four-tier load balancer under Linux. It has the following characteristics:

The LVS cluster uses IP load balancing technology and content-based request distribution technology. The scheduler has a good throughput rate (in DR mode), transfers requests to different servers evenly, and the scheduler automatically masks the failure of the server, making a set of servers a high-performance, high-availability virtual server. The structure of the entire server cluster is transparent to the customer and eliminates the need to modify client and server-side programs. To do this, you need to consider system transparency, scalability, high availability, and manageability at design time. In general, the LVS cluster uses a three-tier structure, the main components of which are:

A, Load scheduler (balancer), which is the entire cluster to the outside of the front end machine, is responsible for sending the customer's request to a set of servers to execute, and the customer believes that the service is from an IP address (we can call the virtual IP address) on the.

B, server pool, is a set of servers that really perform customer requests, that is, Realserver, which performs services such as Web, MAIL, FTP, and DNS.

C, shared storage (GKFX storage), which provides a shared storage area for a server pool, which makes it easy to have the same content for the server pool and provide the same service.

The IP load balancing technology of LVS realizes:
The current IP load balancing technology is the most efficient in the implementation of the Load scheduler technology. The three kinds of IP load balancing technologies implemented in LVS cluster are:
Virtual server via Network Address translation (Vs/nat): There are also port mappings, with the goal of composing a set of servers into a high-performance, highly available virtual server. Because this technology is prone to a single point of failure, which makes the network inaccessible, and there is a bandwidth bottleneck. So LVS provides the following two implementations.

Virtual Server via IP tunneling (vs/tun): Virtualized services are implemented through IP tunneling.
Virtual server via direct Routing (VS/DR): The method of direct routing (the most load-carrying capacity) is the DR mode.

Our products at present if you want to load balance technology, you need to open remote attachment (FTP) and distributed Cache Service (MEMCACHED) in the management background, for these two features can be found in the two previous articles I wrote.
Http://www.cnblogs.com/daizhj/archive/2010/02/08/discuznt_memcache_syncdata.html
Http://www.cnblogs.com/daizhj/archive/2008/07/28/1254648.html

So our product configuration is complete, the following describes the corresponding server environment to build. The first is the IIS configuration site (required on a physical network segment)

Realserver 1:10.0.8.13:80
Realserver 2:10.0.8.12:80

VIP (virtual IP): 10.0.8.9

Two virtual machines installed Centos5.4 (in DHCP installation mode), Address:
centos1:10.0.8.25 (Keepalived:master)
centos2:10.0.8.55 (Keepalived:backup)

The first thing to note is that because the VS/DR mode of the LVS is used (mentioned above), which means that the realserver will directly return the results to the client, that is, the figure below (right) describes:

 

So we also need to configure the VIP on the Windows Server, you can use the following method:
1. Add a hardware device to the Control Panel, Microsoft Loopback Adapter, such as:

 

2. Set IP to VIP, mask arbitrary:

3. Go to the Registry Editor, search for this VIP, change the mask to 255.255.255.255, then disable the Enable network card (three in Windows Server 2003 System).

In this way, the IP mask of the corresponding Microsoft Loopback Adapter on the ' Network Neighborhood ' becomes 255.255.255.255. Then configure the IP address under the appropriate site for IIS, either by using the VIP address or by using the ' All Unassigned option '. Such as:

This configuration is done, and then by:
C:\>telnet 10.0.8.13 80 and c:\>telnet 10.0.8.12 80 see if the configuration is enabled properly.

This completes the configuration of your Windows server. Before describing how to install the LVS and keepalived, please explain some of the issues to be aware of when installing CentOS on a virtual machine, as follows:

1. Because keepalived requires GCC tools to compile, it is necessary to customize the installation components at installation, as follows:

The installer then verifies the corresponding component dependencies

2. Select Disable after installing the firewall:

3.selinux is also disabled:

Here's how to install LVs and keepalived under Linux.

1. First install the LVS management tool IPVSADM (directly using Yum installation), enable CENTOS1 virtual machine (10.0.8.25), enter terminal mode, type

# yum–y Install Ipvsadm

2. Then install keepalived, because keepalived needs the GCC tool to compile, so install it (described earlier), at compile time, keepalived rely on OpenSSL and kernel source code

# yum–y Install Openssl-devel Kernel-devel

3. Go to the official download the latest keepalived, unzip, and then compile:

#wget http://www.keepalived.org/software/keepalived-1.1.18.tar.gz
#tar ZXVF keepalived-1.1.18.tar.gz
#cd keepalived-1.1.18
#./configure--with-kernel-dir=/usr/src/kernels/2.6.18-164.15.1.el5-i686
--prefix=/usr/local/keepalived #将其布署在LVS的目录下
#上面的with-kernel-dir is a required compilation parameter for integration with LVS

Note: With-kernel-dir is the necessary compilation parameters for integration with LVS, because keepalived will be placed under/usr/local/keepalived to compile, and kernels kernel source will vary depending on the Linux version.

Show Results:
------------------------
....
compiler:gcc
Compiler Flags:-G-O2
Extra Lib:-lpopt-lssl-lcrypto
Use IPVS Framework:yes (must be Yes here)
IPVS Sync Daemon Support:yes (must be Yes here)
Use VRRP Framework:yes (must be Yes here)
Use Linkwatch:no

# make && make install #编译

4. Start-Up service

#ln-S/usr/local/keepalived/etc/rc.d/init.d/keepalived/etc/rc.d/init.d/
#ln-S/usr/local/keepalived/etc/sysconfig/keepalived/etc/sysconfig/
#mkdir/etc/keepalived
#ln-S/usr/local/keepalived/etc/keepalived/keepalived.conf/etc/keepalived/
#ln-S/usr/local/keepalived/sbin/keepalived/usr/sbin/
#service keepalived start #关闭: Stop

5. Bind virtual IP (This step can be ignored in some installation environments because keepalived automatically maintains the VIP and automatically adds VIPs to the system based on the settings, so this step may not be useful)

#/sbin/ifconfig eth0:0 10.0.8.9 broadcast 10.0.8.9 netmask 255.255.255.255 up #这样的设置可防止IP冲突
#/sbin/route add-host 10.0.8.9 Dev eth0:0

6. Configure the network (/etc/sysconfig/network) file, as follows (note: This step is mentioned in some articles on the web, and here is a step more):

Networking=yes
Hostname=localhost.localdomain
gateway=10.0.8.1

7.LVS requires the IP forward feature to be turned on in 3 ways, which can be configured with/etc/sysctl.conf. File with the following line (note: This step is mentioned in some articles on the web, and here is a step more):
#Net.ipv4.ip forward = 1
#sysctl-P #然后执行下面命令使配置生效:

Note: Because keepalived is going to use port 80 (which will be set later in the configuration file), if you want to enable port 80 immediately, you can start Apache with the following command (this step is not in the installation step):

#service httpd start (or restart)

Once the environment has been configured, the following is the open and modified keepalived.conf file, which we can open and edit from the following address:
/usr/local/keepalived/etc/keepalived.conf
Or:
/etc/keepalived/keepalived.conf (previous ln directive pointing to)

This will 10.0.8.25 this virtual machine to master, the configuration file is as follows (see this article for the corresponding configuration information):

! Configuration File for Keepalived

Global_defs {
Notification_email {
[Email protected]

}
Notification_email_from [email protected]
Smtp_server 127.0.0.1
Smtp_connect_timeout 30
router_id Lvs_devel
}

Vrrp_instance Vi_1 {
State MASTER
Interface Eth0 #HA监测网络接口
virtual_router_id #主, Standby virtual_router_id must be the same
Priority #主, standby machine to take different priorities, host value is large, backup machine value is small, the higher the value of higher priority
Advert_int 1 #VRRP multicast broadcast cycle seconds
Authentication {
Auth_type PASS
Auth_pass 1111
}
virtual_ipaddress {
10.0.8.9
}
}

Virtual_server 10.0.8.9 80 {
Delay_loop 6
Lb_algo WRR
Lb_kind DR
Persistence_timeout 10! Requests within the same ip50 seconds are sent to the same realserver
Protocol TCP

Real_server 10.0.8.12 80 {
Weight 2
Tcp_check {
Connect_timeout 3
Nb_get_retry 3
Delay_before_retry 3
Connect_port 80
}
}

Real_server 10.0.8.13 80 {
Weight 2
Tcp_check {
Connect_timeout 3
Nb_get_retry 3
Delay_before_retry 3
Connect_port 80
}
}
}

Then we use the following command to enable keepalived:

#keepalived #位于/usr/local/keepalived/sbin/

Or

#service keepalived Start

We can use the following instructions to view the process:

#ps Aux|grep keepalived

------------------------------

Sr/local/keepalived/etc/keepalived/keepalived.conf
Root 17670 0.0 0.2 4932 564? Ss 19:03 0:00 keepalived-d
Root 17671 0.0 0.6 4976 1416? S 19:03 0:02 keepalived-d
Root 17672 0.0 0.4 4976 928? S 19:03 0:00 keepalived-d
....

Note here that keepalived to start a master and fork two sub-processes, so there are three processes displayed.

Here we can check if the configuration takes effect:

#ping 10.0.8.9-c 4
#telnet 10.0.8.9 80

If normal, it means that keepalived has enabled our configuration.

Note: The previous configuration process found that Telnet often does not have normal access, you can use the following instructions to see if port 80 is enabled:

#netstat-NPL | grep:80 #windows下相应指令为: Netstat-an|findstr LISTEN

You can also check the LVS process using the following command:

#lsmod | grep Ip_vs

This completes the keepalived configuration on the 10.0.8.25 virtual machine. Then repeat 1-7 of these steps, also install and configure keepalived on 10.0.8.55, it is important to note that in the keepalived.conf file to change state master to state BACKUP

Next, we enter the following address on IE: http://10.0.8.9/index.aspx

If you can access it correctly, the load balancing environment is built.

Note: You can also configure configuration files for the host file (/etc/hosts) and DNS domain name resolution (/etc/resolv.conf)

We can use the following instructions to view the forwarding situation of the request:

[Email protected] ~]# Ipvsadm-lcn|grep 10.0.8.9

-------------------------------------------
ClientIP VIP Realserver
TCP 14:44 established 10.0.4.102:5244 10.0.8.9:80 10.0.8.12:80
TCP 14:44 established 10.0.4.102:5232 10.0.8.9:80 10.0.8.12:80
TCP 07:35 established 10.0.4.102:4875 10.0.8.9:80 10.0.8.13:80
TCP 14:44 established 10.0.4.102:5249 10.0.8.9:80 10.0.8.12:80
TCP 14:46 established 10.0.4.102:5246 10.0.8.9:80 10.0.8.12:80
TCP 08:40 established 10.0.4.102:4913 10.0.8.9:80 10.0.8.12:80
TCP 08:40 established 10.0.4.102:4927 10.0.8.9:80 10.0.8.12:80
TCP 14:44 established 10.0.4.102:5247 10.0.8.9:80 10.0.8.12:80
TCP 08:40 established 10.0.4.102:4929 10.0.8.9:80 10.0.8.12:80
TCP 07:35 established 10.0.4.102:4872 10.0.8.9:80 10.0.8.13:80
TCP 14:47 established 10.0.4.102:5243 10.0.8.9:80 10.0.8.12:80
TCP 08:40 established 10.0.4.102:5011 10.0.8.9:80 10.0.8.12:80
TCP 14:56 established 10.0.4.102:5245 10.0.8.9:80 10.0.8.12:80
TCP 00:44 NONE 10.0.4.102:0 10.0.8.9:80 10.0.8.12:80
TCP 00:34 NONE 10.0.4.102:0 10.0.8.9:65535 10.0.8.13:65535
TCP 07:35 established 10.0.4.102:4848 10.0.8.9:80 10.0.8.13:80

Then we can stop the 10.0.8.12:80 or 10.0.8.13:80 site to see if the access is normal.
Then we will turn off the keepalived on the 10.0.8.25 or 10.0.8.55 virtual machine (using Killall keepalived or serivce keepalived stop), and then use IE to visit the appropriate URL to see.
Besides, the keepalived on that machine can switch over normally. If normal, the environment is ha (highly available).

Finally, we will list some common instructions so that we can see the keepalived and network conditions:

#tail-F/var/log/messages #查看系统日志
#tcpdump SRC host 10.0.8.9 and Port #抓包
#curl-I http://10.0.8.9/#利用URL语法在命令行方式下的文件传输工具
#ip addr #IP地址信息或ip Add show eth0 view virtual IP bindings
#service iptables Stop #关闭iptables防火墙
#iptables –NVL #列出防火墙进入数据信息
#ipvsadm-ln #查看lvs服务是否正常, including active links, weight (keepalived configuration), internal links, etc.