Three implementation mode configuration of LVS server cluster

LVS (Linux Virtual server) Linux server cluster

IP-based load balancing technology in the LVS server cluster with 3 implementation modes: Vs/net mode, Vs/tun mode (IP tunneling mode), VS/DR mode (direct route mode)

One, "vs/net mode"

1, configure the Linux Director (front-end load scheduler) IP, and turn on the IP packet forwarding feature

123	ifconfigeth0 192.168.1.2 broacast 192.168.1.255 netmask 255.255.255.0 upifconfig eth1 192.168.2.1 broacast 192.168.2.255 netmask 255.255.255.0 upecho1 > /proc/sys/net/ipv4/ip_forward

2, create and execute the ipvs.sh script (the script needs to be set to executable). Add virtual server logging and scheduling algorithms (polling, based on connection requests) for the front-end load scheduler, and add real server records for this virtual server (added in net mode)

123456

#!/bin/bash#ipvs.shipvsadm -Cipvsadm -A -t 192.168.2.1:80 -s rripvsadm -a -t 192.168.2.1:80 -r 192.168.2.2:80 -mipvsadm -a -t 192.168.2.1:80 -r 192.168.2.3:80 -m

3. Configure Real server Live servers (192.168.2.2), and the default gateway points to the load scheduler to ensure that the data is returned correctly

12	ifconfigeth0 192.168.2.2 broadcast 192.168.2.255 netmask 255.255.255.0 uproute add default gw 192.168.2.1

4. Configure Real server Live servers (192.168.2.3)

12	ifconfigeth0 192.168.2.3 broadcast 192.168.2.255 netmask 255.255.255.0 uproute add default gw 192.168.2.1

Two, "Vs/tun" IP tunnel mode

1, configure the Linux Director load Scheduler, set the IP of the Tunl0 (tunnel network card) as the VIP, and add to the local route (note: The VIP subnet mask is 255.255.255.255, so that the network segment has only one IP)

123	ifconfigtunl0 192.168.1.3 netmask 255.255.255.255 uproute add -host 192.168.1.3 dev tunl0ifconfigeth0 192.168.1.2 broadcast 192.168.1.255 netmask 255.255.255.0 up

2, create the ipvs.sh script and execute, add the virtual server record and scheduling algorithm (polling) for the front-end load scheduler, and add a real server for this virtual server (added in IP tunneling mode)

123456

#!/bin/bash#ipvs.shipvsadm -Cipvsadm -A -t 192.168.1.3:80 -s rripvsadm -a -t 192.168.1.3:80 -r 192.168.1.4:80 -iipvsadm -a -t 192.168.1.3:80 -r 192.168.1.5:80 -i

3. Configure Real Server (192.168.1.4) to bind VIP to tunl0 NIC

123	ifconfigtunl0 192.168.1.3 netmask 255.255.255.255 uproute add -host 192.168.1.3 dev tunl0ifconfigeth0 192.168.1.4 broadcast 192.168.1.255 netmask 255.255.255.0 up

4. Create a arp.sh script and execute it to implement the ignore answer when ARP asks the VIP's MAC address

123456

#!/bin/bash#arp.shecho1 > /proc/sys/net/ipv4/conf/tunl0/arp_ignoreecho 2 > /proc/sys/net/ipv4/conf/tunl0/arp_announceecho 1 > /proc/sys/net/ipv4/conf/all/arp_ignoreecho2 > /proc/sys/net/ipv4/conf/all/arp_announce

5. Configure Real Server (192.168.1.5), also bind VIP to tunl0 NIC

123	ifconfigtunl0 192.168.1.3 netmask 255.255.255.255 uproute add -host 192.168.1.3 dev tunl0ifconfigeth0 192.168.1.5 broadcast 192.168.1.255 netmask 255.255.255.0 up

6, create a arp.sh script and execute

123456

#!/bin/bash#arp.shecho1 > /proc/sys/net/ipv4/conf/tunl0/arp_ignoreecho 2 > /proc/sys/net/ipv4/conf/tunl0/arp_announceecho 1 > /proc/sys/net/ipv4/conf/all/arp_ignoreecho2 > /proc/sys/net/ipv4/conf/all/arp_announce

Three, "VS/DR" Direct route mode

1,linux Director Load Scheduler

123	ifconfigeth0 192.168.1.2 broadcast 192.168.1.255 netmask 255.255.255.0 upifconfigeth0:0 192.168.1.3 netmask 255.255.255.255 uproute add -host 192.168.1.3 dev eth0:0

2, create a ipvs.sh script, and execute

123456

#!/bin/bash#ipvs.shipvsadm -Cipvsadm -A -t 192.168.1.3:80 -s rripvsadm -a -t 192.168.1.3:80 -r 192.168.1.4:80 -gipvsadm -a -t 192.168.1.3:80 -r 192.168.1.5:80 -g

3. Configure Real server Live servers (192.168.1.4)

123	ifconfigeth0 192.168.1.4 broadcast 192.168.1.255 netmask 255.255.255.0 upifconfiglo:0 192.168.1.3 netmask 255.255.255.255 uproute add -host 192.168.1.3 dev lo:0

4, create a arp.sh script, and execute

123456

#!/bin/bash#arp.shecho1 > /proc/sys/net/ipv4/conf/lo/arp_ignoreecho 2 > /proc/sys/net/ipv4/conf/lo/arp_announceecho 1 > /proc/sys/net/ipv4/conf/all/arp_ignoreecho2 > /proc/sys/net/ipv4/conf/all/arp_announce

5. Configure Real server Live servers (192.168.1.5)

123	ifconfigeth0 192.168.1.5 broadcast 192.168.1.255 netmask 255.255.255.0 upifconfiglo:0 192.168.1.3 netmask 255.255.255.255 uproute add -host 192.168.1.3 dev lo:0

6, create a arp.sh script, and execute

123456

#!/bin/bash#arp.shecho1 > /proc/sys/net/ipv4/conf/lo/arp_ignoreecho 2 > /proc/sys/net/ipv4/conf/lo/arp_announceecho 1 > /proc/sys/net/ipv4/conf/all/arp_ignoreecho2 > /proc/sys/net/ipv4/conf/all/arp_announce

Four, three models of advantages and disadvantages

"NET Mode"

Pros: Only one public IP is required

Disadvantage: Both the request and the response need to go through the load scheduler, and the load scheduler may become a bottleneck when the traffic reaches a certain amount. (Reason: The request/Response message will be modified, the requested target Ip/mac, the source of the response Ip/mac)

"Tun Mode"

Advantages:

1, you can set up a cross-domain real server

2, response messages are returned directly from the backend server to the customer, with higher throughput than net mode

Disadvantages:

1, IP tunneling is required. Load scheduler, real server must support network adapter for Tunneling Protocol

2, multiple public IP required

3, an additional overhead is required to establish an IP tunnel

"Dr Direct routing Mode"

Advantage: The response message is returned directly from the backend server to the customer with a throughput similar to Tun mode or higher

Cons: The real server needs to be in the same network segment as the load scheduler

Five, IPVSADM management tool use reference

The usage and format of IPVSADM are as follows:
ipvsadm-a| E-t|u|f Virutal-service-address:port [-S scheduler] [-P
[Timeout]] [-M netmask]
ipvsadm-d-t|u|f virtual-service-address
Ipvsadm-c
Ipvsadm-r
Ipvsadm-s [-N]
Ipvsadm-a|e-t|u|f Service-address:port-r Real-server-address:port
[-g|i|m] [-W weight]
ipvsadm-d-t|u|f service-address-r server-address
ipvsadm-l|l [Options]
Ipvsadm-z [-t|u|f service-address]
Ipvsadm--set TCP Tcpfin UDP
Ipvsadm--start-daemon state [--mcast-interface interface]
Ipvsadm--stop-daemon
Ipvsadm-h
Command Options explained:
There are two types of command options, long and short, with the same meaning. In practical use, both types can be
To.
-a--add-service adds a new virtual server record to the Virtual server table in the kernel. Also
is to add a new virtual server.
-e--edit-service Edit a virtual server record in the Kernel Virtual server table.
-D--delete-service Deletes a virtual server record from the kernel Virtual server table.
-C--clear clears all records in the kernel Virtual server table.
-R--restore Restore virtual Server rules
-S--save Save virtual Server rule, output to-r option readable format
-A--add-server add a new real server to a record in the Kernel Virtual server table
Recording. That is, adding a new real server to a virtual server
-e--edit-server edit a real server record in a virtual server record
-D--delete-server Delete a real server record in a virtual server record
-l|-l--list display kernel Virtual server table
-Z--zero Virtual Service Table counter clear 0 (empty current number of connections, etc.)
--set TCP tcpfin UDP setting Connection timeout value
--start-daemon initiates the synchronization daemon. Behind him can be master or backup, use to say
Ming LVs Router is master or backup. Keepalived can also be used in this function.
VRRP function.
--stop-daemon Stop the synchronization daemon
-H--help Display Help information
Other options:
-T--tcp-service service-address indicates that the virtual server provides a TCP service
[Vip:port] or [Real-server-ip:port]
-U--udp-service service-address indicates that the virtual server provides UDP services
[Vip:port] or [Real-server-ip:port]
The-F--fwmark-service fwmark description is a service type that has been iptables marked.
-S--scheduler Scheduler uses a scheduling algorithm that has such several options
RR|WRR|LC|WLC|LBLC|LBLCR|DH|SH|SED|NQ,
The default scheduling algorithm is: WLC.
-P--persistent [timeout] a durable and stable service. This option means that the same guest
will be processed by the same real server. The default value for timeout is 300 seconds.
-M--netmask netmask persistent granularity mask
-R--real-server server-address real server [Real-server:port]
-G--gatewaying The operating mode of the specified LVS is the direct route mode (also the LVS default mode)
-I--IPIP the operating mode of the specified LVS is tunnel mode
-M--masquerading specifies the operating mode of LVS for NAT mode
-W--weight weight real server weights
--mcast-interface interface Specifies the multicast synchronization interface
-C--connection Display LVS current connection such as: Ipvsadm-l-C
--timeout shows the timeout value for TCP Tcpfin UDP such as: Ipvsadm-l--timeout
--daemon Show Synchronization daemon Status
--stats displaying statistics
--rate Display rate Information
--sort sorting the virtual server and the real server output
--numeric-n the digital form of the output IP address and port

Record notes

Thank the original author Jianbo-zh

LVS server cluster Three implementation mode configuration