部署lvs负载均衡

企业开发 2023-07-21 01:47:29 阅读次数: 0

部署lvs负载均衡

文章目录

一、简介

​ LVS(Linux Virtual Server)即Linux虚拟服务器,是由章文嵩博士主导的开源负载均衡项目,目前LVS已经被集成到Linux内核模块中。在Linux内核中实现了基于IP的数据请求负载均衡调度方案,终端互联网用户从外部访问公司的负载均衡服务器,终端用户的Web请求会发送给LVS调度器,调度器根据自己预设的算法决定将该请求发送给后端的某台Web服务器,比如,轮询算法可以将外部的请求平均分发给后端的所有服务器,终端用户访问LVS调度器虽然会被转发到后端真实的服务器,但如果真实服务器连接的是相同的存储,提供的服务也是相同的服务,最终用户不管是访问哪台真实服务器,得到的服务内容都是一样的,整个集群对用户而言都是透明的。最后根据LVS工作模式的不同,真实服务器会选择不同的方式将用户需要的数据发送到终端用户,LVS工作模式分为NAT模式、TUN模式、以及DR模式。

二、工作模式

1、NAT模式:

  • 通过网络地址转换实现的虚拟服务器

  • 大并发访问时,调度器的性能成为瓶颈

2、DR模式

  • 直接使用路由技术实现虚拟服务器

  • 节点服务器需要配置VIP,注意MAC地址广播

3、TUN模式

  • 通过隧道方式实现虚拟服务

三、调度算法

1. 静态调度算法

1、轮询调度rr

均等的对待每一台服务器,不管服务器上的实际连接数和系统负载

2、加权论调wrr

调度器可以自动问询真实服务器的负载情况,并动态调整权值

3、源地址散列调度算法 sh
与目标地址散列调度算法类似,但它是根据源地址散列算法进行静态分配固定的服务器资源。

4、目标地址散列调度算法 dh
该算法是根据目标 IP 地址通过散列函数将目标 IP 与服务器建立映射关系,出现服务器不可用或负载过高的情况下,发往该目标 IP 的请求会固定发给该服务器。

2. 动态调度算法

5、最少链接 lc
动态地将网络请求调度到已建立的连接数最少的服务器上
如果集群真实的服务器具有相近的系统性能,采用该算法可以较好的实现负载均衡

6、 加权最少链接 wlc
调度器可以自动问询真实服务器的负载情况,并动态调整权值
带权重的谁不干活就给谁分配,机器配置好的权重高

7、 基于局部性的最少连接调度算法 lblc
这个算法是请求数据包的目标 IP 地址的一种调度算法,该算法先根据请求的目标 IP 地址寻找最近的该目标 IP 地址所有使用的服务器,如果这台服务器依然可用,并且有能力处理该请求,调度器会尽量选择相同的服务器,否则会继续选择其它可行的服务器

8、 复杂的基于局部性最少的连接算法 lblcr
记录的不是要给目标 IP 与一台服务器之间的连接记录,它会维护一个目标 IP 到一组服务器之间的映射关系,防止单点服务器负载过高。

9、最少期望延迟 sed
不考虑非活动链接,谁的权重大,优先选择权重大的服务器来接收请求,但权重大的机器会比较忙

10、 永不排队 nq
无需队列,如果有realserver的连接数为0就直接分配过去

四、部署

1. 部署lvs-nat模式的httpd负载集群

环境说明

主机名 作用 IP/DIP VIP
DR LVS服务器 192.168.183.137 192.168.65.10
RS1 apache服务器1 192.168.183.138 网关为DR网关
RS2 apache服务器2 192.168.183.139 网关为DR网关
Client 客户端(测试) 192.168.183.135 客户端不需要VIP

DR配置:

//关闭防火墙和selinux
[root@DR ~]# systemctl disable --now firewalld
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@DR ~]# setenforce 0
[root@DR ~]# sed -ri 's/^(SELINUX=).*/\1disabled/g' /etc/selinux/config

//添加一块网卡,设置仅主机模式
//设置网卡ip
[root@DR ~]# nmcli connection modify Wired\ connection\ 1 con-name ens37 ipv4.addresses 192.168.65.10/24 ipv4.dns 114.114.114.114 ipv4.method manual autoconnect yes
[root@DR ~]# nmcli con up ens37
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/3)
[root@DR ~]# ip a | grep ens37
3: ens37: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    inet 192.168.65.10/24 brd 192.168.65.255 scope global noprefixroute ens37

//开启转发功能
[root@DR ~]# vim /etc/sysctl.conf
net.ipv4.ip_forward = 1
[root@DR ~]# sysctl -p
net.ipv4.ip_forward = 1

//安装ipvsadm并添加规则
[root@DR ~]# dnf -y install ipvsadm
······
Complete!
[root@DR ~]# ipvsadm -A -t 192.168.65.10:80 -s rr
[root@DR ~]# ipvsadm -a -t 192.168.65.10:80 -r 192.168.183.138:80 -m
[root@DR ~]# ipvsadm -a -t 192.168.65.10:80 -r 192.168.183.139:80 -m
[root@DR ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  192.168.65.10:80 rr
  -> 192.168.183.138:80           Masq    1      0          0         
  -> 192.168.183.139:80           Masq    1      0          0         
[root@DR ~]# ipvsadm -Sn > /etc/sysconfig/ipvsadm
[root@DR ~]# systemctl restart ipvsadm
[root@DR ~]# systemctl enable ipvsadm
Created symlink /etc/systemd/system/multi-user.target.wants/ipvsadm.service → /usr/lib/systemd/system/ipvsadm.service.
[root@DR ~]#

RS1配置:

//关闭防火墙和selinux
[root@RS1 ~]# systemctl disable --now firewalld
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@RS1 ~]# setenforce 0
[root@RS1 ~]# sed -ri 's/^(SELINUX=).*/\1disabled/g' /etc/selinux/config

//配置IP
[root@RS1 ~]# nmcli con modify ens33 ipv4.addresses 192.168.183.138/24 ipv4.gateway 192.168.65.10 ipv4.dns 114.114.114.114 ipv4.method manual autoconnect yes
[root@RS1 ~]# nmcli con up ens33
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/2)

//配置好yum源,安装httpd配置首页
[root@RS1 ~]# dnf install httpd -y
······
[root@RS1 ~]# echo "RS1" > /var/www/html/index.html
[root@RS1 ~]# systemctl enable --now httpd
Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service → /usr/lib/systemd/system/httpd.service.

RS2配置:

//关闭防火墙和selinux
[root@RS2 ~]# systemctl disable --now firewalld
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@RS2 ~]# setenforce 0
[root@RS2 ~]# sed -ri 's/^(SELINUX=).*/\1disabled/g' /etc/selinux/config

//配置IP
[root@RS2 ~]# nmcli connection modify ens33 ipv4.addresses 192.168.183.139/24 ipv4.gateway 192.168.65.10 ipv4.dns 114.114.114.114 ipv4.method manual autoconnect yes
[root@RS2 ~]# nmcli con up ens33
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/2)

//配置好yum源,安装httpd配置首页
[root@RS2 ~]# dnf install -y httpd
[root@RS2 ~]# echo "RS2" > /var/www/html/index.html
[root@RS2 ~]# systemctl enable --now httpd
Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service → /usr/lib/systemd/system/httpd.service.

客户端进行测试

[root@Client ~]# curl http://192.168.65.10
RS2
[root@Client ~]# curl http://192.168.65.10
RS1
[root@Client ~]# curl http://192.168.65.10
RS2
[root@Client ~]# curl http://192.168.65.10
RS1

2. 部署lvs-dr模式的httpd负载集群

环境说明

主机名 作用 IP/DIP VIP
DR LVS服务器 192.168.183.137 lo:192.168.183.200
RS1 apache服务器1 192.168.183.138 lo:192.168.183.200
RS2 apache服务器2 192.168.183.139 lo:192.168.183.200
Client 客户端(测试) 192.168.183.135 客户端不需要VIP

DR配置:

//关闭selinux和防火墙
[root@DR ~]# systemctl disable --now firewalld
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@DR ~]# setenforce 0
[root@DR ~]# sed -ri 's/^(SELINUX=).*/\1disabled/g' /etc/selinux/config

//配置lo网卡ip
[root@DR ~]# dnf -y install net-tools
······
[root@DR ~]# ifconfig lo 192.168.183.200/32 broadcast 192.168.183.200 netmask 255.255.255.255 up
[root@DR ~]# ip a | grep lo
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 192.168.183.200/0 brd 192.168.183.200 scope global lo

//永久生效lo网卡配置
[root@DR ~]# echo "ifconfig lo 192.168.183.200/32 broadcast 192.168.183.200 netmask 255.255.255.255 up" >> /etc/rc.d/rc.local
[root@DR ~]# chmod +x /etc/rc.d/rc.local

//安装ipvsadm并添加规则
[root@DR ~]# dnf -y install ipvsadm
[root@DR ~]# ipvsadm -A -t 192.168.183.200:80 -s rr
[root@DR ~]# ipvsadm -a -t 192.168.183.200:80 -r 192.168.202.138:80 -g
[root@DR ~]# ipvsadm -a -t 192.168.183.200:80 -r 192.168.202.139:80 -g
[root@DR ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  192.168.183.200:80 rr
  -> 192.168.202.138:80           Route   1      0          0         
  -> 192.168.202.139:80           Route   1      0          0         
[root@DR ~]# ipvsadm -Sn > /etc/sysconfig/ipvsadm
[root@DR ~]# systemctl restart ipvsadm
[root@DR ~]# systemctl enable ipvsadm
Created symlink /etc/systemd/system/multi-user.target.wants/ipvsadm.service → /usr/lib/systemd/system/ipvsadm.service.

RS1配置:

//关闭防火墙和selinux
[root@RS1 ~]# systemctl disable --now firewalld.service
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@RS1 ~]# setenforce 0
[root@RS1 ~]# sed -ri 's/^(SELINUX=).*/\1disabled/g' /etc/selinux/config

//RS1上配置内核参数
[root@RS1 ~]# vim /etc/sysctl.conf
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
net.ipv4.conf.all.arp_ignore = 1	//下面两条是为了保险,其实只需要关闭lo网卡的对外公布apr即可
net.ipv4.conf.all.arp_announce = 2
[root@RS1 ~]# sysctl -p
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2

//配置VIP
[root@RS1 ~]# dnf install -y net-tools
[root@RS1 ~]# ifconfig lo 192.168.183.200/32 broadcast 192.168.183.200 netmask 255.255.255.255 up

//永久生效
[root@RS1 ~]# echo "ifconfig lo 192.168.183.200/32 broadcast 192.168.183.200 netmask 255.255.255.255 up" >> /etc/rc.d/rc.local
[root@RS1 ~]# chmod +x /etc/rc.d/rc.local

//添加路由
[root@RS1 ~]# route add -host 192.168.183.200/32 dev lo

//安装httpd配置首页
[root@RS1 ~]# dnf -y install httpd
[root@RS1 ~]# echo "RS1" > /var/www/html/index.html
[root@RS1 ~]# systemctl enable --now httpd
Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service → /usr/lib/systemd/system/httpd.service.

RS2配置:

//关闭防火墙和selinux
[root@RS2 ~]# systemctl disable --now firewalld.service
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@RS2 ~]# setenforce 0
[root@RS2 ~]# sed -ri 's/^(SELINUX=).*/\1disabled/g' /etc/selinux/config

//RS2配置内核参数
[root@RS2 ~]# vim /etc/sysctl.conf
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
[root@RS2 ~]# sysctl -p
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2

//配置VIP
[root@RS2 ~]# dnf install -y net-tools
[root@RS2 ~]# ifconfig lo 192.168.183.200/32 broadcast 192.168.183.200 netmask 255.255.255.255 up

//永久生效
[root@RS2 ~]# echo "ifconfig lo 192.168.183.200/32 broadcast 192.168.183.200 netmask 255.255.255.255 up" >> /etc/rc.d/rc.local
[root@RS2 ~]# chmod +x /etc/rc.d/rc.local

//添加路由
[root@RS2 ~]# route add -host 192.168.183.200/32 dev lo

//安装httpd配置首页
[root@RS2 ~]# dnf install -y httpd
[root@RS2 ~]# echo "RS2" > /var/www/html/index.html
[root@RS2 ~]# systemctl enable --now httpd
Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service → /usr/lib/systemd/system/httpd.service.

客户端测试

[root@Client ~]# curl 192.168.183.200
RS1
[root@Client ~]# curl 192.168.183.200
RS2
[root@Client ~]# curl 192.168.183.200
RS1
[root@Client ~]# curl 192.168.183.200
RS2

3. 部署lvs-tun模式的httpd负载集群

环境说明

主机名 作用 IP/DIP VIP
DR LVS服务器 192.168.183.137 192.168.183.210
RS1 apache服务器1 192.168.183.138 192.168.183.210
RS2 apache服务器2 192.168.183.139 192.168.183.210
Client 客户端(测试) 192.168.183.135 客户端不需要VIP

DR配置:

//关闭防火墙和selinux
[root@DR ~]# systemctl disable --now firewalld
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@DR ~]# setenforce 0
[root@DR ~]# sed -ri 's/^(SELINUX=).*/\1disabled/g' /etc/selinux/config
[root@DR ~]# systemctl disable --now firewalld
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@DR ~]# setenforce 0
[root@DR ~]# sed -ri 's/^(SELINUX=).*/\1disabled/g' /etc/selinux/config

//修改内核参数
[root@DR ~]# vim /etc/sysctl.conf 
net.ipv4.ip_forward = 1
[root@DR ~]# sysctl -p
net.ipv4.ip_forward = 1

//配置VIP
[root@DR ~]# dnf -y install net-tools
[root@DR ~]# ifconfig tunl0 192.168.183.210 broadcast 192.168.183.210 netmask 255.255.255.255
[root@DR ~]# ip a|grep tunl0
3: tunl0@NONE: <NOARP,UP,LOWER_UP> mtu 1480 qdisc noqueue state UNKNOWN group default qlen 1000
    inet 192.168.183.210/32 brd 192.168.183.210 scope global tunl0

//永久生效
[root@DR ~]# echo "ifconfig tunl0 192.168.183.210 broadcast 192.168.183.210 netmask 255.255.255.255" >> /etc/rc.d/rc.local
[root@DR ~]# chmod +x /etc/rc.d/rc.local

//安装ipvsadm并添加规则
[root@DR ~]# dnf -y install ipvsadm
[root@DR ~]# ipvsadm -A -t 192.168.183.210:80 -s rr
[root@DR ~]# ipvsadm -a -t 192.168.183.210:80 -r 192.168.202.138:80 -i
[root@DR ~]# ipvsadm -a -t 192.168.183.210:80 -r 192.168.202.139:80 -i
[root@DR ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  192.168.183.210:80 rr
  -> 192.168.202.138:80           Tunnel  1      0          0         
  -> 192.168.202.139:80           Tunnel  1      0          0         
[root@DR ~]# ipvsadm -Sn > /etc/sysconfig/ipvsadm
[root@DR ~]# systemctl restart ipvsadm
[root@DR ~]# systemctl enable ipvsadm
Created symlink /etc/systemd/system/multi-user.target.wants/ipvsadm.service → /usr/lib/systemd/system/ipvsadm.service.

RS1配置:

//关闭防火墙和selinux
[root@RS1 ~]# systemctl disable --now firewalld
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@RS1 ~]# setenforce 0
[root@RS1 ~]# sed -ri 's/^(SELINUX=).*/\1disabled/g' /etc/selinux/config

//启用ipip模块,配置VIP
[root@RS1 ~]# dnf -y install net-tools 
[root@RS1 ~]# modprobe ipip
[root@RS1 ~]# ifconfig tunl0 192.168.183.210 broadcast 192.168.183.210 netmask 255.255.255.255
[root@RS1 ~]# echo "ifconfig tunl0 192.168.183.210 broadcast 192.168.183.210 netmask 255.255.255.255" >> /etc/rc.d/rc.local
[root@RS1 ~]# chmod +x /etc/rc.d/rc.local

//修改内核参数
[root@RS1 ~]# vim /etc/sysctl.conf
net.ipv4.conf.tunl0.arp_ignore = 1
net.ipv4.conf.tunl0.arp_announce = 2
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.tunl0.rp_filter = 0
net.ipv4.conf.all.rp_filter = 0
[root@RS1 ~]# sysctl -p
net.ipv4.conf.tunl0.arp_ignore = 1
net.ipv4.conf.tunl0.arp_announce = 2
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.tunl0.rp_filter = 0
net.ipv4.conf.all.rp_filter = 0

//安装httpd配置首页
[root@RS1 ~]# dnf -y install httpd
[root@RS1 ~]# echo "RS1" > /var/www/html/index.html
[root@RS1 ~]# systemctl enable --now httpd
Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service → /usr/lib/systemd/system/httpd.service.

RS2配置:

//关闭防火墙和selinux
[root@RS2 ~]# systemctl disable --now firewalld
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@RS2 ~]# setenforce 0
[root@RS2 ~]# sed -ri 's/^(SELINUX=).*/\1disabled/g' /etc/selinux/config

//启用ipip模块,配置VIP
[root@RS2 ~]#  dnf -y install net-tools
[root@RS2 ~]# modprobe ipip
[root@RS2 ~]# ifconfig tunl0 192.168.183.210 broadcast 192.168.183.210 netmask 255.255.255.255
[root@RS2 ~]# echo "ifconfig tunl0 192.168.183.210 broadcast 192.168.183.210 netmask 255.255.255.255" >> /etc/rc.d/rc.local
[root@RS2 ~]# chmod +x /etc/rc.d/rc.local

//修改内核参数
[root@RS2 ~]# vim /etc/sysctl.conf
net.ipv4.conf.tunl0.arp_ignore = 1
net.ipv4.conf.tunl0.arp_announce = 2
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.tunl0.rp_filter = 0
net.ipv4.conf.all.rp_filter = 0
[root@RS2 ~]# sysctl -p
net.ipv4.conf.tunl0.arp_ignore = 1
net.ipv4.conf.tunl0.arp_announce = 2
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.tunl0.rp_filter = 0
net.ipv4.conf.all.rp_filter = 0

//安装httpd配置首页
[root@RS2 ~]# dnf install -y httpd
[root@RS2 ~]# echo "RS2" > /var/www/html/index.html
[root@RS2 ~]# systemctl enable --now httpd
Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service → /usr/lib/systemd/system/httpd.service.

客户端测试:

[root@Client ~]# curl http://192.168.183.210
RS2
[root@Client ~]# curl http://192.168.183.210
RS1
[root@Client ~]# curl http://192.168.183.210
RS2
[root@Client ~]# curl http://192.168.183.210
RS1

猜你喜欢

转载自blog.csdn.net/qq_65998623/article/details/127066707
今日推荐
Arc Browser for Windows 1.0 正式 GA
90后程序员开发视频搬运软件、不到一年获利超 700 万,结局很刑!
《美国对全球网络空间安全与发展的威胁和破坏》报告发布
火速冲上 GitHub 热榜 —— 开源编程语言、框架哪有这么可爱?
北京人形机器人创新中心发布全球首个纯电驱拟人奔跑的全尺寸人形机器人“天工”
周排行
rbac——界面、权限
Apache CXF + SpringMVC 整合发布WebService
so插件化
Vue.js实战系列---图标字体制作(svg格式)
PAT乙级 1007 素数对猜想(孪生素数对) (20分) ---(C语言 + 详细注释)
被IRM保护的文档,打开失败
Calendar和Date计算日期差的小问题
win10子系统ubuntu18.4安装docker
利用Wrap Shell Script定位Android Native内存泄漏
MySQL: Transaction (Part I - Basic Concept)
每日归档
更多
2024-05-03(19)
2024-05-02(0)
2024-05-01(4)
2024-04-30(1)
2024-04-29(40)
2024-04-28(0)
2024-04-27(56)
2024-04-26(39)
2024-04-25(22)
2024-04-24(36)

代码天地 © 2018 codetd.com

境外服务器   最新电视剧2022