The recent project to do load balancing, online access to the relevant information, benefit from this article excerpt to prepare for later check.
Related address: Http://kb.linuxvirtualserver.org/wiki/Windows_Servers_in_LVS/DR_and_LVS/TUN_Clusters
http://blog.loadbalancer.org/direct-server-return-on-windows-2008-using-loopback-adpter/
LVS + keepalived + WINDOWS SERVER R2------High-availability load balancing
Http://www.cnblogs.com/shanyou/p/3428155.html
The following configuration is required on Windows Server:
1. Install Microsoft Loopback Adapter.
2, configure the Microsoft Loopback Adapter IP address as the VIP address, the subnet mask is configured to 255.255.255.255,
3, under the command line to modify the client NIC interface, loopback interface connection mode:
Next, enter the following command in CMD:
netsh interface IPv4 set interface "Extranet" weakhostreceive=enabled
netsh interface IPv4 set interface "Extranet" weakhostsend=enabled
netsh interface IPv4 set interface "Intranet" weakhostreceive=enabled
netsh interface IPv4 set interface "Intranet" weakhostsend=enabled
netsh interface IPv4 set interface "Loopback" weakhostreceive=enabled
netsh interface IPv4 set interface "Loopback" weakhostsend=enabled
By default in Windows 2008, the NIC's Stronghost is enabled, which prevents packets from being forwarded across interfaces, which means that requests from one network adapter are not handled by the loopback adapter because the request comes from a different network adapter. In order to switch the loopback adapter from Stronghost to Weakhost, you need to run the above four commands, otherwise the status of TCP will remain in SYN_RECV state, the strength and weakness of the host see http://technet.microsoft.com/zh-cn/ Magazine/2007.09.cableguy.aspx
Working principle here do not explain, go to the official website to learn (http://www.linuxvirtualserver.org), here focus on how to configure!
Note: It is best to learn about it from the official website, and not to misunderstand certain issues, even in English!
Environment:
192.168.1.1 GateWay
192.168.1.10 Lvs_vip (vip:virtual IP)
192.168.1.14 LVS_Master
192.168.1.15 Lvs_backup
192.168.1.16 Web1_realserver
192.168.1.17 Web2_realserver
LINUX (CentOS 5.6) configuration
1. Install CentOS (the version I used here is: centos-5.6-x86_64)
2. Installing Ipvsadm
Knowledge Point: Ipvsadm is understood as Ipvs management tool; LVS (Linux virtual Server) is the core of Ipvs (IP Virtual server), from the Linux kernel version2.6, the Ipvs module has been compiled into the Linux kernel.
> Install with the Yum command, the system chooses the IPVSADM that best fits the kernel version
Yum-y Install Ipvsadm
3. Configuration (This step can be omitted when using keepalived, because keepalived provides a simpler way to configure load balancing.) However, it is still recommended to configure this mode again. )
> Ifconfig eth0:0 192.168.1.10 broadcast 192.168.1.10 netmask 255.255.255.255 up
> Route add-host 192.168.1.10 Dev eth0:0
> ipvsadm-a-T 192.168.1.10:80-s WRR
> ipvsadm-a-T 192.168.1.10:80-r 192.168.1.16:80-g
> ipvsadm-a-T 192.168.1.10:80-r 192.168.1.17:80-g
4. Firewall settings
> Service iptables Stop
Or add a record to the firewall rules table
> Vi/etc/sysconfig/iptables
>-A rh-firewall-1-input-m State--state new-m-tcp-p TCP--dport 80-j ACCEPT
> Service iptables Restart
WINDOWS SERVER R2 Configuration
1. Create a Windows Loopback network card (how to create it, please Google yourself)
2. Set the loopback adapter IP address
> IP Address: 192.168.1.10
> Subnet Mask: 255.255.255.255
Other settings are not necessary.
3. Modify the client NIC interface, loopback interface connection mode (critical)
> netsh interface ipv4 set interface "NIC name" weakhostreceive=enabled
> netsh interface ipv4 set interface "NIC name" weakhostsend=enabled
> netsh interface ipv4 set interface "Loopback Adapter name" weakhostreceive=enabled
> netsh interface ipv4 set interface "Loopback Adapter name" weakhostsend=enabled
Next, we enter http://192.168.1.10 in the browser address bar, you will find that your access request was transferred to 192.168.1.16 or 192.168.1.17, when we try to stop any of the servers, you can visit http:// 192.168.1.10, you will find sometimes normal, sometimes not normal. The reason is simple, because one of the machines was stopped by you, but Ipvs could not find the error, so it would still load the request into the actual server list that was configured, so how can we solve this problem? This is the time for keepalived to debut!
keepalived Configuration
Knowledge Point: Keepalived is a routing software that is primarily designed to allow us to achieve high availability load balancing with simple configuration, and of course load balancing relies on the kernel modules of the Linux virtual Server (IPVS) for high availability
Using the VRRP protocol, keepalived not only detects the health of each machine in a load-balanced server pool, but also notifies Ipvs to remove the unhealthy machine from the pool, and it is able to load-balance the scheduler itself
To implement a health check, the standby Load Balancer Scheduler replaces the master when there is a problem with the primary load Balancer scheduler.
1. Install keepalived (keepalived dependent on OpenSSL, so you need to install OpenSSL before installing keepalived)
> yum-y Install Openssl-devel
> wget http://www.keepalived.org/software/keepalived-1.2.7.tar.gz (keepalived version everybody Go http://www.keepalived.org View, download the latest version)
> Tar zxvf keepalived-1.2.7.tar.gz
> CD keepalived-1.2.7
>./configure-prefix=/usr/local/keepalived
> Make && make Install
2. Configure keepalived
The first :Turn on the IP Forward feature (LVS existing three load balancing rules all need to turn on this feature, if this feature is not turned on, the following configuration is not good enough. )
> vi/etc/sysctl.conf
> Net.ipv4.ip_forward = 1
> sysctl-p (Make settings effective immediately)
Keepalived configuration is divided into three parts
> Global definition Block--global_defs
. Email notifications are not recommended, use Nagios for monitoring
. ROUTER_ID: The Load balancer identity. Within a network, it should be unique.
> VRRP defining Block--vrrp_instance
. State
Equalizer State. Only master and backup two states, and need to capitalize these words, where master is working, backup is the standby state, and when Master is on the server
When it fails, the backup system automatically changes its status from backup to master, and when the failed Master System resumes, backup resumes from master to the backup state.
. Interface
A network interface that provides services externally, such as eth0,eth1; the current mainstream server generally has 2 or more than 2 interfaces, when selecting the service interface, it must be verified clearly.
. virtual_router_id
This identifier is a number, and the same VRRP instance uses a unique identity. That is, the same vrrp_instance,master and backup virtual_router_id are consistent.
. Priority
Priority level. This identifier is also a number, the greater the value, the higher the priority; In the same vrrp_instance, Master has a higher priority than backup.
. Advert_int
Synchronize the notification interval. The time interval, in seconds, between master and the backup load balancer for synchronization checks.
. Authentication
Verify. Contains the authentication type and the authentication password. Type mainly has pass, ah two kinds, usually use pass type, it is said AH use problems; Verify that the password is clear, the same vrrp_instance
The instance master and backup use the same password to communicate properly.
. Virtual_ipaddress
Virtual IP address. There can be multiple addresses, one row per address.
> virtual Server definition block--virtual_server
. Delay_loop
The health check interval, in seconds.
. Lb_algo
Load balancing scheduling algorithms (RR, WRR, DH, SH, LC, WLC, sed, NQ, LBLC, LBLCR).
There are two main types of algorithms: Static and Dynamic algorithms
Static algorithm: Scheduling based on the algorithm does not take into account the actual connection of the backend Realserver
----RR (Round call dispatch-Round-robin scheduling)
The scheduler uses the "round-robin" scheduling algorithm to sequentially allocate external requests to real servers in the cluster, and treats each server equally, regardless of the actual number of connections on the server
and system load.
----WRR (Weighted round call dispatch-Weighted round-robin scheduling)
The scheduler uses the "Weighted round call" scheduling algorithm to schedule access requests based on the different processing capabilities of the real server. This ensures that the processing capacity of the server handles more access traffic. Adjustable
The device can automatically inquire about the load of the real server and adjust its weights dynamically.
----DH (target address hash dispatch-Destination Hashing scheduling)
The "Target address hash" scheduling algorithm finds the corresponding server from a statically allocated hash table based on the requested destination IP address, as hash key (hash key), if the server is available and
is not overloaded, the request is sent to the server, otherwise null is returned.
----SH (source address hash Dispatch-sources Hashing scheduling)
The "Source address hash" Scheduling algorithm finds the corresponding server from a statically allocated hash table, based on the requested source IP address, as a hash key (hash key), if the server is available and not hyper-
Send the request to the server, otherwise it will return null.
Dynamic algorithm: The front-end scheduler allocates requests based on the actual connectivity of the backend Realserver
----LC (Minimum connection schedule-least-connection scheduling)
When a user requests to come over, calculate which Rs link who is the smallest, then this RS obtains the next time responds the client request the opportunity, the calculation method
Overhead=active*256+inactive, if the results of the two are the same, select RS from the rules in the LVS in turn. This algorithm also does not consider the performance of the server.
----WLC (Weighted minimum connection schedule-Weighted least-connection scheduling)
This is the addition of the weight of the LC, considering the performance of the RS, that is, good performance on the weight of a larger value, bad to give a smaller weight. The downside is that if overhead is the same,
Rs,overhead= (active*256+inactive) is selected from top to bottom in the order of the Rules table/weight
----SED (shortest expected delay schedule-shortest expected delay scheduling)
is to complement the WLC's situation, overhead= (active+1) *256/weight, plus one, is to allow it to compare the size.
----NQ (no queue scheduling-never queue scheduling)
The never queue is basically the same as SED, avoiding the disadvantage of poor performance in SED for long periods of idle time, which is the first request to a server with good performance, the second request
Must be given to the idle server regardless of its performance good and bad. The request will be made to a server with good performance
----LBLC (min. link based on locality-locality-based Least Connections scheduling)
It is a combination of dynamic DH and LC, suitable for the cache cluster, and for those new requests that have never been brought to the server that has fewer current connections.
----LBLCR (Local least-link with replication-locality-based Least Connections with Replication scheduling)
With the copy function of the LBLC, its application scenario here, for example, there are now RS1 and RS2, the first visit to RS1 5 requests the second time, the reason should be
Director will give it to RS1, and at this time in RS2 is very busy, so at this time the best way is to be able to the subsequent 5 requests to RS1 and RS2, so
At this point, you need to copy the resources requested by the client for the first time. (Special case)
Pee: Active link active and inactive links inactive
Here in HTTP, for example, HTTP itself is a stateless link, when the client requests access, there is a waiting for the response process, this period can be called active link active state.
When the server is given a response and the request is not disconnected because of keepalive, the state of this time is the inactive link state.
. Lb_kind
Load Balancer Forwarding Rules (DR, NET, TUN), common Dr.
. Persistence_timeout
The session hold time, in seconds. This option is useful for dynamic Web sites where users log on to the site with this session hold function to forward the user's request to the same app service
Manager Here, let's make a hypothesis, assuming that there is now a LVS environment, using the DR Forwarding mode, the real server has 3, if the load balancer does not enable session hold function, when the user first
At the time of the visit, his access request was distributed to a real server, so he saw a login page, the first access was complete, then he filled in the Login box user name and password, and then submitted, this time
, the problem may occur: The login is unsuccessful because there is no session hold, and the load balancer may forward the 2nd request to the other server.
. Protocol
Forwarding protocol. Generally there are two kinds of TCP and UDP, UDP has not tried.
. Real_server
The real server, also the server word. The value of Real_server includes IP and port.
* Weight
Weight value, which is a number, the larger the value, the higher the weight. The purpose of using different weight values is to assign different loads to machines of different performance.
* Tcp_check
TCP Check Machine health status
I've got a good one for you here. (Includes high availability of the load balancer)
MASTER:
BACKUP:
MASTERAndBACKUPConfiguration is only three different: router_id in Global_defs, state in Vrrp_instance, priority
3. Start keepalived
/usr/local/keepalived/sbin/keepalived-d
Note here: keepalived default will go to/etc/keepalived below to find its configuration file, either you copy the keepalived.conf file to the directory, or on startup with the-F parameter to refer to the
Fixed keepalived.conf file location.
4. Here, keepalived is installed successfully! Next we can use some commands to check.
> View process: PS aux | grep keepalived
keepalived normal operation, a total of 3 processes are started, one of which is the parent process, which is responsible for monitoring its child processes; one is the VRRP child process; the other is the Checkers child process.
We can also pass orders (Pstree | grep keepalived) Review the process dependencies to verify the above statement
> View logs: Tail-f/var/log/messages
> View Request Forwarding situation: IPVSADM-LCN | grep Virtual IP
5. Optimization.
Finally, we need to do a bit of optimization, that is to make the keepalived service, random start, so that we eliminate the need to manually start the trouble
Adding keepalived to System services
> Ln-s/usr/local/keepalived/etc/rc.d/init.d/keepalived/etc/rc.d/init.d/
> Ln-s/usr/local/keepalived/etc/sysconfig/keepalived/etc/sysconfig/
> mkdir/etc/keepalived
> Ln-s/usr/local/keepalived/etc/keepalived/keepalived.conf/etc/keepalived/
> Ln-s/usr/local/keepalived/sbin/keepalived/usr/sbin/
Set keepalived system services to start randomly
> Chkconfig--add keepalived
> Chkconfig keepalived on
> View: Chkconfig--list keepalived
Here, the entire configuration is complete, and finally we try to close the master machine or the keepalived service on master to see if the backup machine will work in place of master.
The LVS VS/DR mode is configured on the Realserver for Windows R2 system