System preparation
1.ubuntu
2.vmware, NAT mode, start three virtual machines.
Model diagram
node1 acts as an LVS load balancing server, node2 and node3 simulate application (httpd) real servers. The VIP is 192.168.100.100, and the load of the rotation training algorithm is adopted.
operating
node1
- Install the ipvs client, yum -y ipvsadm
- Configure VIP: ifconfig ens33:1 192.168.100.100/24
- Configure the connection entry: ipvsadm -A -t 192.168.100.100:80 -s rr
- Configure node2 of the connection exit: ipvsadm -a -t 192.168.100.100 -r 192.168.174.4 -g -w 1
- Configure the connection exit value node3: ipvsadm -a -t 192.168.100.100 -r 192.168.174.5 -g -w 1
node2 , node3
- 修改内核:echo 1 > /proc/sys/net/ipv4/ens33/arp_ignore,echo 1 > /proc/sys/net/ipv4/all/arp_ignore,echo 2 > /proc/sys/net/ipv4/ens33/arp_announce,/proc/sys/net/ipv4/all/arp_announce,
- The loopback network card adds invisible VIP: ifconfig lo:1 192.168.100.100 netmask 255.255.255.255
- Install the application httpd: yum -y install httpd
- Edit the application homepage for easy identification: vi /var/www/html/index.html, enter from No. 2 machine (node2, node3 write No. 4 machine), save and exit
- Start the application: service httpd start
- Verify that the application has been started: ubuntu browser access 192.168.172.4/5, can access correctly
ubuntu adds a route to 192.168.100.100: route add -net 192.168.100.100 netmask 255.255.255.255 gw 192.168.172.3
Then verify whether it is successful, enter 192.168.100.100 in the browser, refresh it frantically to see if you switch back and forth between the 2nd machine and the 3rd machine, if it is correct, the 1st machine can see the voyeur record of ipvs. Among them, FIN_WAIT: I have connected and peeped at all the packages. SYN_RECV: Basically lvs has been recorded. It proves that lvs is okay. There must be a problem with the network layer behind! [insert picture description here](https://img-blog.csdnimg. cn/20210331094314870.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L3dlaXhpbl8zOTM3MDFF_OQ, the description of the picture here[img_70][img_70](https://img_70)[size_70][size_FF-color-][size_70][][] blog.csdnimg.cn/20210331094429322.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L3dlaXhpbl8zOTM3(picture number is inserted in the description of the machine number_FF3_FF16,t_FF_FF_MD_0L3dlaXhpbl8zOTM3. //img-blog.csdnimg.cn/20210331094524875.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L3DlaXhpbl8O, hidden to external parameters, #FFFF_tm3FF_t70_color=m3FFips_color=vvip_tm=vvv0L3dlaXhpbl8zO. Visible inside: kernel parameter:Four kinds of static:
RR: Round-robin
WRR:
DH:
SH:
Dynamic scheduling algorithm:
LC: Least connected
WLC: Weighted least connected
SED: Shortest expected delay
NQ: Never queue
LBLC: Local-based least connected
DH:
LBLCR: Local-based Minimal connection with copy function
ipvs kernel module
yum -y install ipvsadm
Manage cluster service connections coming in.
Add: -A -t|u|f service-address [-s scheduler]
-t: TCP protocol cluster
-u: UDP protocol cluster
service-address: IP:PORT
-f:FWM: Firewall mark
Modification: -E
delete : -D -t|u|f service-address
ipvsadm -A -t 192.168.9.100:80 -s rr
Management cluster service connection matching distribution
Add: -a -t|u|f service-address -r service-address [-g|i|m] [-w weight]
-t|u|f service-address: pre-defined a good cluster service
-r service-address: an address of the RS, the NAT model may be used IP: pORT implement port mapping;
[-g | I | m]: the LVS type
-g: the DR
-i: TUN
- m:NAT
[-w weight]: Define server weight
Modify: -e
Delete: -d -t|u|f service-address -r server-address
ipvsadm -a -t 172.16.100.1:80 -r 192.168.10.8- g
ipvsadm -a -t 172.16.100.1:80 -r 192.168.10.9 -g
view
-L|l
-n: display host address and port in numeric format
--stats: statistics
--rate: rate --timeout
: display TCP, TCPFIN and UDP session timeout duration
-c: display current ipvs connection status
delete all cluster services
-C: clear ipvs rules
save rules
-S
ipvsadm -S> /path/to/somefile
Load previous rules
-R
ipvsadm -R </path/to/somefile