LVS Related theoretical knowledge

LVS Introduction

LVS is a shorthand for Linux virtual server, which is a virtual server cluster system, which can be implemented under the Unix/linux platform, which was established by Dr. Zhangwensong in May 1998. is one of the earliest natural software that appeared in China.

Official website: http://www.linuxvirtualserver.org/zh/

Linux virtual server, we use this software to configure LVS, can not directly configure the kernel Ipvs, but need to use Ipvs management tools for management, of course, can also be keepalived and other software directly manage Ipvs, rather than ipvsadm to manage Ipvs

Ipvs Management Tools Ipvsadm Management Ipvs

Lvs:

1. Implement the Scheduling tool Ipvs

2. Management Tools Ipvsadm

3.keepalived implementation management and high availability

Name resolution

Virtual IP Address VIP VIP is the IP address that the director uses to provide services to client computers (IP that provides services to the outside)

Virtual IP Address

Real IP address RIP is the IP address used by the node under the cluster, the physical server IP address.

Real Server Ip Address

Director's IP address DIP Director is used to connect the IP address of the external network, the physical network card address, is the IP on the Load Balancer server

Director IP Address

Client host IP address client computer requests the IP address of the cluster server to be used as the source IP address of the request to send the cluster

Client IP Address

The node inside the LVS cluster is called just the server RS, also called the cluster node.

#######################################################

IP Virtual Server Software Ipvs

In the implementation of scheduler technology, IP load Balancing technology is the most efficient. In the existing IP load balancing technology, a set of servers is made up of a high-performance, highly available virtual server through Network address translation (translation), which we call Vs/nat technology (virtual server via Network Address translation), most commercially available IP load Balancer Scheduler products Use this method, such as Cisco's LocalDirector, F5 big/ip, and Alteon acedirector. On the basis of analyzing the disadvantage of vs/nat and the asymmetry of network service, we propose the method of implementing virtual server through IP tunneling Vs/tun (virtual server via IP tunneling), and the method of implementing the dummy server through direct routing vs/ DR (Virtual Server via Direct Routing), which can greatly improve the scalability of the system. So, Ipvs Software realizes these three kinds of IP load balancing technology, their approximate principle is below,

###################################################

Virtual Server via Network Address translation (Vs/nat)

Through the network address translation, the scheduler rewrites the target address of the request message, assigns the request to the backend real server according to the preset scheduling algorithm, and the response message of the real server passes through the scheduler, the source address of the message is rewritten and returned to the customer to complete the load scheduling process.

Virtual Server via IP tunneling (Vs/tun)

When using NAT technology, because the request and response packets must be rewritten by the dispatcher address, the processing power of the scheduler becomes a bottleneck when the customer requests are more and more. To solve this problem, the scheduler forwards the request message through the IP tunnel to the real server, and the real server returns the response directly to the client, so the scheduler only processes the request message. Since the General Network Service response is much larger than the request message, the maximum throughput of the cluster system can be increased by 10 times times with Vs/tun technology.

Virtual Server via Direct Routing (VS/DR)

The VS/DR sends the request to the real server by overwriting the MAC address of the request message, and the real server returns the response directly to the customer. As with Vs/tun technology, VS/DR technology can greatly improve the scalability of the cluster system. This method does not have the overhead of IP tunneling, and there is no need to support the IP tunneling protocol for real servers in the cluster, but requires that both the scheduler and the real server have a NIC attached to the same physical network segment

##################################################################################

##################################################################################

NAT mode

1, NAT technology will request the message Dnat and response message Snat, through the dispatcher address rewrite and then forwarded to the internal server, the message returned to the original user request address.

2, only need to configure the WAN public IP on the scheduler lb, the scheduler must also have a private LAN IP and internal RS node communication

3, the gateway address of each internal RS node, must be configured to the scheduler LB private LAN within the physical network card address Ldip, in order to ensure that the data message back still through the scheduler lb focus

4, because the request and response data packets must go through the scheduler lb, so the site traffic, the scheduler lb has a large bottleneck, generally requires up to 10-20 RS node

5, Nat mode supports IP and port conversion, that is, user request 10.0.0.1:80, can be converted through the scheduler to the RS node 172.16.0.1:8080 (DR and Tun mode does not have such a function)

6, so the NAT internal RS node only need to configure the use of LAN IP

7, because the packet back and forth need to go through the scheduler, therefore, to turn on the kernel forwarding net.ipv4.ip.forward=1, of course, including Iptables firewall forward function, (DR and Tun mode does not need)

##################################################################################

Fullnat mode

1, the request to the scheduler, not only the target IP modification, but also the source of IP modification. Whether the port has changed according to the actual situation, if you need to change the port, it can also modify

##################################################################################

##################################################################################

Dr Mode

1, by modifying the destination MAC address of the packet on the scheduler lb to implement forwarding, note that the source IP address is still CIP, the destination IP is still VIP

2, the requested message passes through the scheduler, and the RS response processing message does not need to go through the scheduler lb, therefore, the concurrent access is large when the use of high efficiency (and NAT mode contrast)

3, because the DR mode is through the MAC address rewriting mechanism implementation of the forwarding, so the RS node and the scheduler lb only in one LAN (small disadvantage)

4. It is important to note that the VIP of the RS node is bound on the Lo interface (LO:VIP, LO1:VIP). And the ARP suppression problem,

5, emphasize: The default gateway of the RS node does not need to be the scheduler lb dip, and directly is the IDC room allocation of Superior routing IP (this is RS with the external network IP address situation), in theory, as long as the RS can be out of the net, not have to configure the external network IP

6, because the DR Mode scheduler only for the purpose of the MAC address rewrite, so the scheduler lb cannot change the destination port of the request message (and NAT mode difference)

7. Currently, the scheduler lb supports almost all unix.linux systems, but the window system is not currently supported, but the real server RS can be a Windows system.

8, Overall Dr mode efficiency is very high, but the configuration is also more trouble, therefore, the concurrency is not particularly large companies, can be replaced with Haproxy/nginx, which conforms to the principle of operation and maintenance, simple, easy-to-use, efficient, in the day PV in 20,000,001 concurrency in 10,001 can be considered with Haproxy, The NAT mode of Nginx or LVS

9, direct external access to the business, such as: Web Services node rs node. RS preferably has a public IP address, if not directly external services, such as: MySQL, storage System of the RS node, it is best to use only internal IP address

##################################################################################

##################################################################################

Tun mode

1. The load balancer passes the request message through the IP tunnel (Ipip Tunnel) (the requested message is not modified by the source destination address (including Mac), but is directly encapsulated into another message)

Forwarded to the real server, and the real server returns the response directly to the client user

2, because the real server will respond to the message directly back to the client, so the best RS has an external IP address, so that the efficiency can be higher, theoretically, as long as the network can be, no need to network IP address can also

3, because the scheduler lb only deal with messages such as station requests, so the throughput of this cluster system can provide more than 10 times times, but the tunnel mode will also bring a certain amount of system overhead, Tun mode suitable for LAN/WAM.

4, Tun mode LAN environment forwarding is not as efficient as Dr Mode, but also to consider the system to the IP tunnel support issues,

5, all the RS server to bind VIP, suppress ARP forwarding, configuration replication

6, LAN environment generally adopt DR Mode, WAN environment can use Tun mode, but currently in the WAN environment, request forwarding more by Haproxy, nginx, DNS scheduling agent substitution, or DNS scheduling, the underlying data can also be synchronized

7, direct external access to the business, such as: Web Services to do RS node, preferably with a public IP address. Not directly outside the business. For example, MySQL, storage System RS node, preferably with internal IP address

##################################################################################

##################################################################################

Scheduling algorithm:

For different network service requirements and server configuration, the Ipvs Scheduler implements the following eight load scheduling algorithms:

Call (Round Robin)

The scheduler uses the "round-robin" scheduling algorithm to sequentially allocate external requests to real servers in the cluster, and treats each server equally, regardless of the actual number of connections and system load on the server.

Weighted round call (Weighted Round Robin)

The scheduler uses the "Weighted round call" scheduling algorithm to schedule access requests based on the different processing capabilities of the real server. This ensures that the processing capacity of the server handles more access traffic. The scheduler can automatically inquire about the load of the real server and adjust its weights dynamically.

Minimum link (Least Connections)

The scheduler dynamically dispatches network requests to the server with the fewest number of links established through the "least connection" scheduling algorithm. If the real server of the cluster system has similar system performance, the "Minimum connection" scheduling algorithm can be used to balance the load well.

Weighted least link (Weighted Least Connections)

In the case of the server performance difference in the cluster system, the scheduler uses the "Weighted least link" scheduling algorithm to optimize the load balancing performance, and the server with higher weights will bear a large proportion of active connection load. The scheduler can automatically inquire about the load of the real server and adjust its weights dynamically.

Minimal links based on locality (locality-based Least Connections)

The "least link based on locality" scheduling algorithm is a load balancing target IP address, which is mainly used in cache cluster system. According to the target IP address of the request, the algorithm finds the most recently used server, if the server is available and not overloaded, sends the request to the server, if the server does not exist, or if the server is overloaded and has half of the workload of the server, the principle of "least link" is used to select an available server. , the request is sent to the server.

Local least-link with replication (locality-based Least Connections with Replication)

The "least local link with replication" Scheduling algorithm is also a load balancer for the target IP address, which is mainly used in the cache cluster system. It differs from the LBLC algorithm in that it maintains a mapping from a destination IP address to a set of servers, while the LBLC algorithm maintains a mapping from a destination IP address to a server. According to the target IP address of the request, the algorithm finds the corresponding server group of the target IP address, selects a server from the server group according to the principle of "minimum connection", if the server is not overloaded, sends the request to the server, if the server is overloaded, select a server from this cluster according to the "minimum connection" principle. Join the server to the server group and send the request to the server. Also, when the server group has not been modified for some time, the busiest server is removed from the server group to reduce the degree of replication.

Destination Address hash (Destination Hashing)

The "Target address hash" scheduling algorithm finds the corresponding server from a statically allocated hash list, based on the requested destination IP address, as a hash key (hash key), if the server is available and not overloaded, sends the request to the server, otherwise returns NULL.

Source Address hash (source Hashing)

The "Source address hash" scheduling algorithm, based on the requested source IP address, as the hash key (hash key) from the static distribution of the hash list to find the corresponding server, if the server is available and not overloaded, send the request to the server, otherwise return empty.

##################################################################################

##################################################################################

This article is from the "Struggle Bar" blog, please be sure to keep this source http://lvnian.blog.51cto.com/7155281/1701986

LVS Related theoretical knowledge