1 LVS
role
LVS
Is an open source software, can be implemented the transport layer four load balancing .
LVS
Is Linux Virtual Server
an abbreviation meaning Linux 虚拟服务器
.
Currently there are:
- Three IP load balancing
VS/NAT
technology: ,VS/TUN
andVS/DR
- Eight kinds of scheduling
rr
algorithms:wrr
,lc
,wlc
,lblc
,lblcr
,dh
, ,sh
2 lvs
with the Nginx
difference
LVS
LVS
The load capacity, since it works is very simple logic to perform only the request distribution, and work 在网络的第4层
, there is no traffic, so its efficiency need not have worried too much.
LVS
Basically supports all applications, because the work at Layer 4, it LVS
can be load-balanced for almost all applications, including Web, database and so on.
Note:
LVS
does not fully distinguish node failures, such asWLC
under the rules, if there is a cluster node is not configuredVIP
, it will cause the entire cluster can not be used. There are other issues, there needs to be further tested.
Nginx
Nginx
Work 网路第7层
, it is possible to HTTP
split the implementation of policy application, such as domain name and structure. In contrast, LVS
we do not have such a function, it is Nginx
the case of far more than can be used LVS
. And Nginx
dependent on the network is relatively small, as long as the theoretically Ping
may pass, web access will be able to communicate properly. LVS
More dependent on the network environment. Only use DR
mode and split server in the same network segment, the effect can be guaranteed.
Nginx
Web server can process the status code returned, like a timeout to detect faults internal server will return an error and request re-transmission to another node. At present LVS
, and LDirectd
also supports the monitoring of conditions within the server, but can not resend the request.
For example, users are uploading a file, the node processes the upload information just fails, it Nginx
will re-send the upload request to another server, and LVS
in this case directly cut off. Nginx
Also it supports HTTP
and Email
( Email
function rarely used), LVS
supported by the application than in the electricity business Nginx
more.
Nginx
The same can withstand very high loads and stable operation, since the processing flow limitation in a machine I/O
like configuration, so load capability is relatively poor.
Nginx
Installation, configuration and testing is relatively simple, because there is a corresponding error logs prompt. LVS
Installation, configuration, and testing it takes a long time, because LVS
of its relatively large network, many times it is possible because the network configuration problems can not be successful, the difficulty when problems arise, the solution is relatively large. Nginx
Itself no ready hot standby program, so run a greater risk, it is recommended on a single machine KeepAlived
used in conjunction. Further, Nginx
as LVS
the node using the machine, make full use of Nginx
the function and performance. Of course, this situation can also directly use Squid
other software with distribution function.
Specific analysis of specific applications. If it is a relatively small site (per day PV
less than one million), Nginx
it is entirely possible to deal with, if the machine a lot, you can use DNS
polling. LVS
After using the machine more, when building large sites or provide essential services and more machines, you can take advantage of further consideration LVS
.
Note: Ali cloud default does not support virtual VIP technology
3 Keepalived
Role
LVS
You can achieve load balancing, but can not carry out health checks, such as a rs
failure, LVS
still will forward the request to the failed rs
server, which would lead to the invalidity of the request.
keepalive
Software can carry out health checks, and can simultaneously achieve LVS
high availability, solve the LVS
problem of single point of failure, in fact, keepalive
is to LVS
born.
4 keepalived
works
keepalived
It is similar to a Layer2、4、7
software switching mechanism. Is the Linux
cluster management software and services to ensure a highly available cluster, its function is to prevent a single point of failure.
keepalived
It works:
keepalived
Is based on VRRP
a software service agreement implemented to ensure high availability cluster, the main function is to achieve failover and fault isolation between the load balancer real machine, preventing single points of failure. In understanding keepalived
before the first look at the principles of VRRP
the agreement.
VRRP
Protocol: Virtual Route
Redundancy Protocol
Virtual Router Redundancy Protocol. Is a fault-tolerant protocol, to ensure that when the next hop of the host fails, the other router instead of the failed router works to maintain the continuity and reliability of network communication. In the introduction VRRP
before the start with some on VRRP
related terms:
虚拟路由器
By: a plurality of Backup Master router and routers. Host virtual router as the default gateway.VRID
: Identifies the virtual router. A group of the same router VRID constitute a virtual router.Master
Router: virtual router router to forward packets to assume the task.Backup
Router: The Master router fails, the router can replace the work of the Master router.虚拟 IP 地址
: IP address of the virtual router. A virtual router can have one or more IP addresses.IP 地址拥有者
: Interface IP address of the virtual router with the same IP address is called IP address owner.虚拟 MAC 地址
: A virtual router has a virtual MAC address. Virtual MAC address format is 00-00-5E-00-01- {VRID}. Typically, the virtual router responds to ARP requests using a virtual MAC address, only specially configured virtual router to do when we come to respond to the real MAC address of the interface.优先级
: VRRP virtual router to determine the status of each router priority.非抢占方式
: If Backup router to work in non-preemptive mode, the router as long as the Master does not fail, even though Backup router is configured with a higher priority will not become the Master router.抢占方式
: If Backup router to work in preemptive mode, when it received VRRP packets will own priority in the packet with the priority comparison. If you own a higher priority than the priority of the current Master router will preempt the Master router; otherwise, remains Backup state.
Virtual routing diagram:
A group of VRRP routers in a LAN into a VRRP backup group is formed, which corresponds in function of a router function, using the virtual router number for identification (VRID). Virtual router has its own virtual IP address and virtual MAC address, and its external liquidity in the form of actual physical routing exactly the same. Hosts in the LAN IP address of the virtual router as the default gateway to communicate with external networks through the virtual router.
Virtual router is working on an actual physical router. It is actually a plurality of routers, and router comprising a plurality of Backup Master Router. When the Master router is working properly, hosts on the LAN to communicate with the outside world through the Master. When the Master router fails, Backup router in one device will become the new Master router to forward packets to take over the work. (Router high availability)
VRRP
Project work:
(1) virtual router router according to the Master priority election. Master router to send gratuitous ARP packets, will own virtual MAC address notification device or host connection to give it, so assume packet forwarding tasks;
(2) Master router periodically sends VRRP packets to announce its configuration information (priority or the like) and working conditions;
(3) If the Master router fails, the virtual router Backup router will be the new Master according to priority re-election;
(4) virtual router state switch, Master router switch from one device to another device, a new Master router simply sends a carrying virtual router MAC address and a virtual IP address of the ARP packet so that it can ARP update information or the host device connected to it in. Hosts in the network is not aware router Master has switched to another device.
When (5) Backup router priority over the Master router, the router works Backup (preemptive and non-preemptive mode mode) decide whether to re-election Master.
VRRP priority is in the range of 0 to 255 (a larger number indicates a higher priority)
5 lvs
+ keepalived
+ nginx
Architecture FIG.
6 Environmental Services Configuration
- Nginx master server:
192.168.153.11
- Nginx standby server:
192.168.153.12
- Lvs virtual VIP:
192.168.153.13
7 environment to build
cd /usr/local
1. Download
keepalived
wget http://www.keepalived.org/software/keepalived-1.2.18.tar.gz
2. Extract the installation:
tar -zxvf keepalived-1.2.18.tar.gz -C /usr/local/
3. Download the plugin
openssl
yum install -y openssl openssl-devel
4. Start compilation
keepalived
cd keepalived-1.2.18/ && ./configure --prefix=/usr/local/keepalived
Compile successfully interface:
If the eepalived
execution ./configure --prefix=/usr/local/keepalived
error when:
configure: error: Popt libraries is required
This error occurs because:
popt development package is not installed
Solution:
yum install popt-devel
Popt development package installed. Re ./configure
can be.
5.
make
what
make && make install
Success interface:
8 keepalived
installed to Linux
system services
The keepalived
installed to Linux
system services, because there is no use keepalived
the default installation path (the default path: /usr/local
), after the installation is complete, you need to make some changes work:
First, create a folder, the keepalived
configuration file copy:
mkdir /etc/keepalived
cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/
Then copy the keepalived
script file:
cp /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/
cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
ln -s /usr/local/sbin/keepalived /usr/sbin/
ln -s /usr/local/keepalived/sbin/keepalived /sbin/
Error:
You can set the boot:
chkconfig keepalived on
8.1 keepalived
Common Commands
start up
keepalived
service keepalived start
Start being given:
Starting keepalived (via systemctl): Job for keepalived.service failed. See 'systemctl status keepalived.service' and 'journalctl -xn' for details.
Solution:
cd /usr/sbin/
rm -f keepalived
cp /usr/local/keepalived/sbin/keepalived /usr/sbin/
Restart
keepalived
service keepalived start
Start Success:
stop
keepalived
service keepalived stop
8.2 Use keepalived
VirtualVIP
cd /etc/keepalived/
rm -rf keepalived.conf
vi keepalived.conf
! Configuration File for keepalived
vrrp_script chk_nginx {
script "/etc/keepalived/nginx_check.sh" #运行脚本,脚本内容下面有,就是起到一个nginx宕机以后,自动开启服务
interval 2 #检测时间间隔
weight -20 #如果条件成立的话,则权重 -20
}
# 定义虚拟路由,VI_1 为虚拟路由的标示符,自己定义名称
vrrp_instance VI_1 {
state MASTER # 来决定主从
interface ens33 # 绑定虚拟 IP 的网络接口,根据自己的机器填写
virtual_router_id 121 # 虚拟路由的 ID 号, 两个节点设置必须一样
mcast_src_ip 192.168.153.11 # 填写本机ip
priority 100 # 节点优先级,主要比从节点优先级高
nopreempt # 优先级高的设置 nopreempt 解决异常恢复后再次抢占的问题
advert_int 1 # 组播信息发送间隔,两个节点设置必须一样,默认 1s
authentication {
auth_type PASS
auth_pass 1111
}
# 将 track_script 块加入 instance 配置块
track_script {
chk_nginx # 执行 Nginx 监控的服务
}
### 虚拟IP地址配置规范
virtual_ipaddress {
192.168.153.13 # 虚拟ip,也就是解决写死程序的ip怎么能切换的ip,也可扩展,用途广泛。可配置多个。
}
}
Turn off the firewall:
systemctl stop firewalld
installation
Nginx
cd /usr/local/
wget http://nginx.org/download/nginx-1.9.10.tar.gz
tar -zxvf nginx-1.9.10.tar.gz
cd nginx-1.9.10
./configure
make && make install
Modify the html
page:
Start Nginx
:
/usr/local/nginx/sbin/nginx
keepalived
service keepalived start
Use the virtual server address, found also visit: http://192.168.153.13/
6.3 nginx
+ keepalived
simple dual-master from the hot spare
6.3.1 Dual master from the hot spare Overview
Two machine can hot standby each other, usually responsible for their own services. When the update line cook, closing a server tomcat
after nginx
automatically switching traffic to a backup machine further service to update painless, sustained, increased service reliability services to ensure server 7*24
hours run.
6.3.2 Nginx Upstream
simple dual-master from the hot spare
Build
主备
Tomcat
server
upstream testproxy {
server 127.0.0.1:8080;
server 127.0.0.1:8081 backup;
}
server {
listen 80;
server_name localhost;
location / {
proxy_pass http://testproxy;
index index.html index.htm;
}
### nginx与上游服务器(真实访问的服务器)超时时间 后端服务器连接的超时时间_发起握手等候响应超时时间
proxy_connect_timeout 1s;
### nginx发送给上游服务器(真实访问的服务器)超时时间
proxy_send_timeout 1s;
### nginx接受上游服务器(真实访问的服务器)超时时间
proxy_read_timeout 1s;
}
As long as the wish to become a backup server ip
behind more than add a backup
parameter, this server will be the backup server.
Is not used in normal times, nginx
will not give it to forward any requests. Only when all other nodes can not connect, nginx
it will enable this node.
Once recovery service is available node, the node is no longer in use, and to enter into reserve status.
6.3.3 - 6.3.5
: Build主备
Nginx
server
6.3.3 Nginx
+ keepalived
simple dual-master from the hot spare
Each service virtual install keepalived
a virtual one VIP
, configure the master-slave relationship, when the main hang up, go directly to the backup machine.
Keepalived
VirtualVIP
Address: 192.168.153.13- A server: 192.168.153.11
- B Server: 192.168.153.12
Cloned directly
192.168.153.11
into192.168.153.12
6.3.4 modify the primary keepalived
information
Modify the master Nginx
server keepalived
file:
vi /etc/keepalived/keepalived.conf
State
forMASTER
mcast_src_ip
:192.168.153.11
! Configuration File for keepalived
vrrp_script chk_nginx {
script "/etc/keepalived/nginx_check.sh" #运行脚本,脚本内容下面有,就是起到一个nginx宕机以后,自动开启服务
interval 2 #检测时间间隔
weight -20 #如果条件成立的话,则权重 -20
}
# 定义虚拟路由,VI_1 为虚拟路由的标示符,自己定义名称
vrrp_instance VI_1 {
state MASTER # 来决定主从
interface ens33 # 绑定虚拟 IP 的网络接口,根据自己的机器填写
virtual_router_id 121 # 虚拟路由的 ID 号, 两个节点设置必须一样
mcast_src_ip 192.168.153.11 #填写本机ip
priority 100 # 节点优先级,主要比从节点优先级高
nopreempt # 优先级高的设置 nopreempt 解决异常恢复后再次抢占的问题
advert_int 1 # 组播信息发送间隔,两个节点设置必须一样,默认 1s
authentication {
auth_type PASS
auth_pass 1111
}
# 将 track_script 块加入 instance 配置块
track_script {
chk_nginx # 执行 Nginx 监控的服务
}
virtual_ipaddress {
192.168.153.13 # 虚拟ip,也就是解决写死程序的ip怎么能切换的ip,也可扩展,用途广泛。可配置多个。
}
}
6.3.5 modify the keepalived
information
Modify the master Nginx
server keepalived
file
/etc/keepalived/keepalived.conf
State
forBACKUP
mcast_src_ip
:192.168.153.12
! Configuration File for keepalived
vrrp_script chk_nginx {
script "/etc/keepalived/nginx_check.sh" #运行脚本,脚本内容下面有,就是起到一个nginx宕机以后,自动开启服务
interval 2 # 检测时间间隔
weight -20 # 如果条件成立的话,则权重 -20
}
# 定义虚拟路由,VI_1 为虚拟路由的标示符,自己定义名称
vrrp_instance VI_1 {
state BACKUP # 来决定主从
interface ens33 # 绑定虚拟 IP 的网络接口,根据自己的机器填写
virtual_router_id 121 # 虚拟路由的 ID 号, 两个节点设置必须一样
mcast_src_ip 192.168.153.12 # 填写本机ip
priority 100 # 节点优先级,主要比从节点优先级高
nopreempt # 优先级高的设置 nopreempt 解决异常恢复后再次抢占的问题
advert_int 1 # 组播信息发送间隔,两个节点设置必须一样,默认 1s
authentication {
auth_type PASS
auth_pass 1111
}
# 将 track_script 块加入 instance 配置块
track_script {
chk_nginx # 执行 Nginx 监控的服务
}
virtual_ipaddress {
192.168.153.13 # 虚拟ip,也就是解决写死程序的ip怎么能切换的ip,也可扩展,用途广泛。可配置多个。
}
}
to sum up
Keepalived
Is LVS
based on the realization heartbeat detection, monitoring server failover, if the server goes down time, it will automatically attempt to retry the script. If multiple retries or fails, it will send a message to the operation and maintenance personnel.
When the server in the production environment downtime occurs, how to deal with?
- Failover
- Heartbeat
- Load Balancing
- Automatic restart
6.4 nginx
+ keepalived
high availability
Written nginx_check.sh
script:
vi /etc/keepalived/nginx_check.sh
#!/bin/bash
A=`ps -C nginx –no-header |wc -l`
if [ $A -eq 0 ];then
/usr/local/nginx/sbin/nginx
sleep 2
if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then
killall keepalived
fi
fi
Note: The script must be authorized
chmod 777 nginx_check.sh