The basic principle of LVS cluster, configuration of Lvs/nat mode, configuration of LVS/DR mode, writing automatic script checking realserver health of LVS

Linux Virtual Server (LVS) was created by Zhangwensong during a PhD in national Defense Technology University
The use of LVS enables highly available, scalable web, Mail, cache, and media networking services that are integrated into the Linux kernel.

1. What is a cluster?

Use a group of servers to provide the same service
2. What is the purpose of using a cluster?

Increase reliability, reduce costs, improve scalability, improve performance
3. Cluster classification?

HPC High Performance computing clusters (meteorological and aerospace)
LB Load Balancer cluster (evenly distributed processing) * LVS Hproxy

HA High Availability Cluster (master) * keepalived RHCs
4.LVS load Balancing mode?
Lvs/nat mode (network address translation) *
LVS/DR mode (direct route) * *
Lvs/tun mode (tunnel)

5.LVS terminology?
Director Server: Dispatch server, distributing load to the server of real server
Real server: True servers, servers that truly provide application services
RIP: Real IP address, IP address used on cluster nodes
Dip:director connect to Real server IP address
VIP: The virtual IP address that is advertised to the user for access to the IP address

Experiment (I.)

Experiment Objective: To realize the load Balancing cluster of Lvs/nat mode

Lab Environment Preparation:

Extranet IP Address: 1.1.1.1 host name Waiwang

Intranet IP Address: 192.168.1.10 host name: localhost web1

Intranet IP Address: 192.168.1.20 host name: localhost web2

Configure the IP address of the NAT mode server: 1.1.1.254 and IP address 192.168.1.254 host name: FANLJ

1. Enable route forwarding on a NAT mode server to receive packets of two network segments. So the route forwarding function is turned on.

Temporarily turn on the kernel route forwarding function

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/73/83/wKiom1X_10HR_Fk3AACxps-3ZIA176.jpg "title=" Qq20150921181053.png "alt=" Wkiom1x_10hr_fk3aacxps-3zia176.jpg "/>

Permanently turn on the kernel route forwarding function

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/73/83/wKiom1X_16-Bt-sNAAB9e3uNgFc890.jpg "title=" Qq20150921181242.png "alt=" Wkiom1x_16-bt-snaab9e3ungfc890.jpg "/>

Or

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/73/83/wKiom1X_2EejGewlAAK6NS4yeqM650.jpg "title=" Qq20150921181515.png "alt=" Wkiom1x_2eejgewlaak6ns4yeqm650.jpg "/>

2. Configure the gateway, the IP address of the intranet server points to the gateway, the IP address of the client also points to the gateway, so as to be able to forward,

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/73/83/wKiom1X_2e-TU7mSAAHHCYyI8EM686.jpg "title=" Qq20150921182206.png "alt=" Wkiom1x_2e-tu7msaahhcyyi8em686.jpg "/>

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/73/81/wKioL1X_3LqiUJoxAADo3L3fqcI025.jpg "title=" Qq20150921182440.png "alt=" Wkiol1x_3lqiujoxaado3l3fqci025.jpg "/>

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/73/81/wKioL1X_33DRNuUgAAEllSkQih0991.jpg "title=" Qq20150921183616.png "alt=" Wkiol1x_33drnuugaaellskqih0991.jpg "/>

3. Configure the load-balancing cluster in Lvs/nat mode to see if the package that implements the Load Balancer cluster is installed, if the package is not installed.

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/73/81/wKioL1X_6j_z_cboAAEX4mLtL6M404.jpg "title=" Qq20150921192223.png "alt=" Wkiol1x_6j_z_cboaaex4mltl6m404.jpg "/>

4. Configure the/nat mode load Balancer cluster, use the IPVSADM command to configure the cluster feature, add the virtual service, IPVSADM-L-N to view the added policy, RR is the polling algorithm.

650) this.width=650; "Src=" http://s3.51cto.com/wyfs02/M02/73/98/ Wkiol1ycej-zcmwraaiwqoxsqqi672.jpg "title=" Qq20150923104704.png "alt=" Wkiol1ycej-zcmwraaiwqoxsqqi672.jpg "/>

ipvsadm  options
-a     Add Virtual server
-t     Set cluster address (vip,virtual IP)
-s     Specify load scheduling algorithm
-a        add a real server
-d        Delete Real server
-r         Specify the IP address of the server (real server)
-e        Modify policy information
-e         Modifying the scheduling algorithm
-c        Deleting a virtual service
-m        NAT mode   (not specified when mode is Dr Mode)
-g        dr Mode
-i          Tun Mode-w       sets the weight for the node server, which defaults to 1
5. Add Realserver
to the virtual service

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/73/9B/wKiom1YCE6aAHnDdAALx_1H7HoA310.jpg "title=" Qq20150923104923.png "alt=" Wkiom1yce6aahnddaalx_1h7hoa310.jpg "/>

6. Save the configuration and start the service.

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/73/98/wKioL1YCE-PyCaHvAACcIEHbmlQ732.jpg "title=" Qq20150923105405.png "alt=" Wkiol1yce-pycahvaacciehbmlq732.jpg "/>

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/73/98/wKioL1YCFG6iFXluAAD-Lfvq9dE622.jpg "title=" Qq20150923105601.png "alt=" Wkiol1ycfg6ifxluaad-lfvq9de622.jpg "/>

7. Testing by the Client

(1) In WEB1,WEB2 start the website service, and set the default home page, Web1 's default home page content is 192.168.1.10,web2 the content of the default home page is 192.168.1.20.

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/73/9B/wKiom1YCFajBqU9jAADvbzWMfbs746.jpg "title=" Qq20150923110034.png "alt=" wkiom1ycfajbqu9jaadvbzwmfbs746.jpg "/>650" this.width=650; "src=" http://s3.51cto.com /wyfs02/m02/73/9b/wkiom1ycffyi-hnpaaeahrpvlfg629.jpg "title=" Qq20150923110303.png "alt=" Wkiom1ycffyi-hnpaaeahrpvlfg629.jpg "/>

(2) Testing on the client 1.1.1.1

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/73/9B/wKiom1YCF-Lxqs7UAADfUarTc4U147.jpg "title=" Qq20150923111107.png "alt=" Wkiom1ycf-lxqs7uaadfuartc4u147.jpg "/>

(3) View status information for virtual services

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/73/9B/wKiom1YCGJeibvXVAADAFxyOgag405.jpg "title=" Qq20150923111409.png "alt=" Wkiom1ycgjeibvxvaadafxyogag405.jpg "/>

Remove Realserver (192.168.1.20) from the virtual service

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/73/A3/wKiom1YChXrwG8pLAAFtANK8IeA244.jpg "title=" Qq20150923185842.png "alt=" Wkiom1ychxrwg8plaaftank8iea244.jpg "/>

Scheduling algorithm for modifying virtual services

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/73/A3/wKiom1YChdrSQDSDAAGHLoppZtc455.jpg "title=" Qq20150923190018.png "alt=" Wkiom1ychdrsqdsdaaghloppztc455.jpg "/>

Modify the weight value (the default value is 1)

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/73/A0/wKioL1YChkvipUq2AAGiNT4V6dc230.jpg "title=" Qq20150923190210.png "alt=" Wkiol1ychkvipuq2aagint4v6dc230.jpg "/>

What mode does the LVS load balancer use by default? The default is Dr mode

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/73/A0/wKioL1YChzzSsZViAAEBWZB9uAk628.jpg "title=" Qq20150923190611.png "alt=" Wkiol1ychzzsszviaaebwzb9uak628.jpg "/>

Clear all policies and algorithms

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/73/A3/wKiom1YCh5XRFJ7tAAC_guwcM50537.jpg "title=" Qq20150923190745.png "alt=" Wkiom1ych5xrfj7taac_guwcm50537.jpg "/>

Experiment (II)

Experiment Objective: To realize the load Balancing cluster of LVS/DR mode

Lab Environment Preparation:

Client IP Address: 1.1.1.1 host name Waiwang

WEB1IP Address: 1.1.1.10 host name: localhost web1

WEB2IP Address: 1.1.1.20 host name: localhost web2

Configure the IP address of the DR Mode server: 1.1.1.254 hostname: FANLJ

The problem to be solved
(1) Let Realserver have VIP address
(2) Let realserver not respond to the ARP broadcast packet that the client accesses the VIP address

1. Let all servers have the IP address of the virtual service.

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/73/A3/wKioL1YDBGXDQ2LQAAE57AsQnAE652.jpg "title=" Qq20150924040006.png "alt=" Wkiol1ydbgxdq2lqaae57asqnae652.jpg "/>

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/73/A6/wKiom1YDBGySMZu0AAEiTAj8ll8904.jpg "title=" Qq20150924035839.png "alt=" Wkiom1ydbgysmzu0aaeitaj8ll8904.jpg "/>

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/73/A6/wKiom1YDBHnQSW_LAAEURaaa9FU540.jpg "title=" Qq20150924035735.png "alt=" Wkiom1ydbhnqsw_laaeuraaa9fu540.jpg "/>

2. Let realserver not respond to the ARP broadcast packet that the client accesses the VIP address.

Arp_ignore:
0 (Default): Responds to ARP query requests for any local IP address on any network interface
1 Answer only the destination IP address is the ARP query request that visits the local address of the network interface
2 answer only the destination IP address is the ARP query request that accesses the local address of the network interface, and the visiting IP must be within the subnet segment of the network interface
3 do not respond to ARP requests from the network interface, but only to the unique and connected addresses of the settings
4-7 reserved Unused
8 ARP queries that do not respond to all (local addresses)

Arp_announce:
0 (default): Any local address on any network interface
1 try to avoid the ARP response from the local address of the network interface subnet segment. It is useful when the source IP address of the initiating ARP request is set to reach this network interface via routing. This checks whether the visiting IP is one of the IP within the subnet segment on all interfaces. If the IP is not in the subnet segment of each network interface, then the Level 2 is used for processing
2 Use the most appropriate local address for the query target. In this mode, the source address of the IP packet is ignored and an attempt is to select a local address that can communicate with that address. The first is to choose the
There is a local address in the subnet of the network interface that contains the destination IP address in the outgoing access subnet. If no appropriate address is found, the current send network interface or other
The network interface that is likely to receive the ARP response to be sent.
Web1

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/73/A3/wKioL1YDBVui9iKjAAD294k_qQU637.jpg "title=" Qq20150924040359.png "alt=" Wkiol1ydbvui9ikjaad294k_qqu637.jpg "/>

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/73/A3/wKioL1YDDPaSc_1kAAD2KDnShX4768.jpg "title=" Qq20150924043646.png "alt=" Wkiol1yddpasc_1kaad2kdnshx4768.jpg "/>

Web2

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/73/A3/wKioL1YDBWfQyuxiAAD294k_qQU558.jpg "title=" Qq20150924040359.png "alt=" Wkiol1ydbwfqyuxiaad294k_qqu558.jpg "/>

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/73/A6/wKiom1YDDP3DxrU6AAD2KDnShX4165.jpg "title=" Qq20150924043646.png "alt=" Wkiom1yddp3dxru6aad2kdnshx4165.jpg "/>

To make its definition effective

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/73/A6/wKiom1YDDYSgaIXfAAGXaZRiWIc862.jpg "title=" Qq20150924043859.png "alt=" Wkiom1yddysgaixfaagxazriwic862.jpg "/>

3. Set the distribution policy on the LVS/DR mode distributor

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/73/A3/wKioL1YDDtWQipDQAAIRuhawwx4017.jpg "title=" Qq20150924044442.png "alt=" Wkiol1yddtwqipdqaairuhawwx4017.jpg "/>

4. Client-side testing (1.1.1.1)

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/73/A3/wKioL1YDD82h6EWuAAEA9QocdqY607.jpg "title=" Qq20150924044852.png "alt=" Wkiol1ydd82h6ewuaaea9qocdqy607.jpg "/>

5. View the status information for the virtual service on the LVS/DR mode distributor

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/73/A6/wKiom1YDEB6S1A0tAADT2IkMWso822.jpg "title=" Qq20150924045015.png "alt=" Wkiom1ydeb6s1a0taadt2ikmwso822.jpg "/>

Experiment (III)

Experimental Purpose:

Perform a "Monitoring script" on the dispatcher to monitor the status of the Realserver server's services
1. Through the port Scanning Tool NMAP scans the status of the Web server's 80 port to see if Nmap is installed.

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/73/A3/wKioL1YDHkKTxne3AABcgdCZdek376.jpg "title=" Qq20150924055030.png "alt=" Wkiol1ydhkktxne3aabcgdczdek376.jpg "/>

Nmap heel option

-N Do not reverse DNS resolution to speed up scanning.

-S scan

-t Specifies protocol TCP

-p for the specified port

followed by the host that actually provides the Web service

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/73/A3/wKioL1YDIWaxWgPKAAGgfGZzhxs427.jpg "title=" Qq20150924060354.png "alt=" Wkiol1ydiwaxwgpkaaggfgzzhxs427.jpg "/>

2. Write a monitoring script, view its health, monitor the status of the service of the Realserver server , and automatically delete the policy on the dispatcher when the Web page is down, and automatically add the policy on the dispatcher when the Web page returns to its normal service. This script is divided into 2 parts, the first part is to see if the service on the Web service is provided, if the Web service is down after the policy on the dispatcher is removed, and the second part is the policy on the Add dispatcher if the Web service is down and then restarted.

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/73/AF/wKiom1YDvvjTmPXDAAKytWP1RGE023.jpg "title=" Qq20150924171611.png "alt=" Wkiom1ydvvjtmpxdaakytwp1rge023.jpg "/>

Summary of 10 scheduling algorithms for LVS

LVS Scheduling Algorithm (10 algorithms)
Mans Ipvsadm

There are 4 kinds of common scheduling algorithms
Polling (Round Robin) RR
Weighted polling (Weighted Round Robin) WRR
Minimum connection (Least Connections) LC
Weighted minimum connection (Weighted Least Connections) WLC
1. Polling (Round Robin)
Distribute client requests evenly to real Server
2. Weighted polling (Weighted Round Robin)
Set weights based on the performance of real server and then poll scheduling
3. Minimum connection (Least Connections)
Dynamically dispatch network requests to servers with the fewest number of established connections
4. Weighted least connected WLC (Weighted Least Connections)
Set weights based on the performance of real server and dispatch network requests to servers with the fewest number of established connections
5. Minimum link based on locality (locality-based Least Connections) LBLC, based on the destination IP address of the request, identify the most recently used server for that destination IP address, and if the server is available and not overloaded, send the request to the server , if the server does not exist, or if the server is overloaded and has half the workload of the server, the principle of "least link" is used to select an available server to send the request to the server
6. Local least-link with replication (locality-based Least Connections with Replication) LBLCR, maintaining mappings from one destination IP address to one server, According to the target IP address of the requested destination IP address to find the corresponding server group, according to the "minimum connection" principle from the server group to select a server, if the server is not overloaded, send requests to the server, if the server is overloaded, the "minimum connection" principle from the cluster to select a server, Join the server to the server group, send the request to the server when the server group has not been modified for some time, remove the busiest server from the server group to reduce the degree of replication.
7. Destination Address hash (Destination Hashing) DH
According to the requested destination IP address, as the hash key (hash key) from the static distribution of the hash list to find the corresponding server, if the server is available and not overloaded, send the request to the server, otherwise return empty
8. Source Address hash (source Hashing) sh
According to the requested source IP address, as the hash key (hash key) from the static distribution of the hash table to find the corresponding server,
If the server is available and not overloaded, send the request to the server, otherwise return an empty
9. The shortest expected delay (shortest expected delay scheduling SED) is based on the WLC algorithm A, B, C three machine weights 1, 2, 3, the number of connections are 1, 2, 3 respectively. If a new request comes in using the WLC algorithm, it may be assigned to any of the ABC's by using the SED algorithm: A (+)/1,b (1+2/2,c (1+3)/3 According to the result of the operation, the connection is given to C
10. Minimum queue scheduling (never queue scheduling NQ)
If you have a real server with a 0 connection, you can allocate the past directly without the SED operation

This article is from the "Down to earth" blog, make sure to keep this source http://343614597.blog.51cto.com/7056394/1697916

The basic principle of LVS cluster, configuration of Lvs/nat mode, configuration of LVS/DR mode, writing automatic script checking realserver health of LVS