Original address:
https://yq.aliyun.com/ziliao/78374
1. LVS forwarding mode
LVS is a four-layer high-probability software written by Dr. Zhang Wensong. Unlike the latter two, it supports seven-layer forwarding, but it is the most stable because of its simplicity. There are three IP load balancing technologies: VS/NAT (Virtual Server via Network Address Translation), VS/TUN (Virtual Server via IP Tunneling) and VS/DR (Direct Routing). The specific comparison between the three is shown in the following table
lvs
two, nginx load mode
nginx has five load algorithm modes, namely: polling, weight (weight), ip_hash, fair, url_hash. Now explain one by one:
Polling (default): Each request is allocated to different backend servers one by one in chronological order. If the backend server goes down, it can be automatically eliminated.
weight : Specifies the polling probability. The weight is proportional to the access ratio. It is used when the performance of the backend server is uneven. Configured as:
upstream bakend {
server 192.168.0.14 weight=10;
server 192.168.0.15 weight=10;
}
ip_hash: Each request is allocated according to the hash result of accessing the ip, so that each visitor can access a back-end server fixedly, which can solve the problem of session. Configured as:
upstream bakend {
ip_hash;
server 192.168.0.14:88;
server 192.168.0.15:80;
}
fair: Allocate requests according to the response time of the backend server, and those with short response times will be given priority.
upstream backend {
server server1;
server server2;
fair;
}
url_hash: Allocate requests according to the hash result of accessing the url, so that each url is directed to the same back-end server, which is more effective when the back-end server is cached. Configuration such as:
upstream backend {
server squid1:3128;
server squid2:3128;
hash $request_uri;
hash_method crc32;
}
Note: In the fifth mode, you need to pay attention to adding a hash statement to the upstream, and other parameters such as weight cannot be written in the server statement. hash_method is the hash algorithm used.
The parameters that are often followed by the server are as follows:
down means that the server before the order does not participate in the load temporarily. The
default weight is 1. The larger the weight, the greater the weight of the load.
max_fails : The default number of allowable requests to fail is 1. When the maximum number of times is exceeded, the error defined by the proxy_next_upstream module will be returned.
fail_timeout: The time to pause after max_fails failures.
backup: When all other non-backup machines are down or busy, request the backup machine. So this machine will be the least stressful.
3. haproxy
haproxy has the most load algorithms among the three, and there are eight kinds, so it has the most application scenarios and the most flexible configuration. The specific 8 algorithms are:
①roundrobin, which means simple polling, which is basically available for load balancing;
②static-rr, which means that according to the weight, it is similar to the weight algorithm of nginx;
③leastconn, indicating that the least number of connections are processed first, which is somewhat similar to nginx's fair, but fair is based on response time;
④source, indicating that according to the request source IP, this is similar to Nginx's IP_hash mechanism, we use it as a way to solve the session problem, it is recommended to pay attention;
⑤ri, indicating the URI according to the request, similar to nginx's url_hash;
⑥rl_param, indicating that according to the requested URl parameter 'balance url_param' requires an URL parameter name;
⑦hdr(name), which means to lock each HTTP request according to the HTTP request header;
⑧rdp-cookie(name), which means to lock and hash each TCP request according to cookie(name).
Advantages and disadvantages
The advantages and disadvantages of the three load balancers are described below:
Advantages of LVS:
1. It has strong anti-load capability, works at layer 4 only for distribution, and does not generate traffic. This feature also determines that it has the strongest performance in load balancing software; no traffic, while ensuring The performance of the balancer IO will not be affected by large traffic;
2. The work is stable, and it has a complete dual-system hot backup solution, such as LVS+Keepalived and LVS+Heartbeat;
3. The application range is relatively wide, and it can load all applications Balanced;
4. The configuration is relatively low, which is a disadvantage and an advantage. Because there is not much configuration, it does not require too much contact, which greatly reduces the probability of human error;
Disadvantages of LVS:
1. The software itself Regular processing is not supported, and dynamic and static separation cannot be performed, which highlights the advantages of Nginx/HAProxy+Keepalived.
2. If the website application is relatively large, LVS/DR+Keepalived is more complicated, especially for machines with Windows Server applications behind, the implementation and configuration and maintenance process are more troublesome, relatively speaking, Nginx/HAProxy+Keepalived is simple too much.
################################################## ###########
1. How does LVS/DR process the request packet, and will it modify the content of the IP packet?
1.1 vs/dr itself does not care about the information above the IP layer. Even the port number is determined by the tcp/ip protocol stack to determine whether it is correct. vs/dr itself mainly does the following:
1) Receive the client's request and select the IP of a realserver according to the load balancing algorithm you set;
2) Take the mac address corresponding to the selected ip as the target mac, and then re-encapsulate the IP packet into a frame and forward it to the RS;
3) Record the connection information in the hash table.
vs/dr does few and simple things, so it is very efficient, not much worse than a hardware load balancing device.
The general flow of data packets and data frames is as follows: client --> VS --> RS --> client
1.2 The answer has been made before, vs/dr will not modify the content of the IP packet.
2. Why does RealServer configure VIP on the lo interface? Is it OK to configure VIP on the egress network card?
2.1 Since the RS is to be able to process the IP packet whose destination address is vip, the RS must first be able to receive the packet.
Configuring vip on lo can complete receiving the packet and return the result to the client.
2.2 The answer is that the VIP cannot be set on the egress network card, otherwise it will respond to the client's arp request, causing the client/gateway arp table to be disordered, so that the entire load balance cannot work properly.
3. Why does RealServer suppress arp frames?
This problem has been explained in the previous question, and is further elaborated here in conjunction with the implementation command. When we implement the deployment, we will make the following adjustments:
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce I believe that many people do not understand what they do, only know that there must be. I don't intend to discuss it in detail here, just to make a few explanations, which should be regarded as supplements.
3.1
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce These two can be used, because arp is not logical Interfaces don't make sense.
3.2 If the external network interface of your RS is eth0, then
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce What actually needs to be executed is:
echo "1" >/proc/sys/net/ipv4/conf/eth0/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/eth0/arp_announce So I personally suggest adding the above two to you Go to the script, because if the default value of the above two items in the system is not 0, there may be problems.
4. Why should LVS/DR load balancer (director) and RS be in the same network segment?
From the first question, you should understand how vs/dr forwards requests to RS, right? It is implemented at the data link layer, so the director must be in the same network segment as the RS.
5. Why does the lo interface on the director need an ip (ie DIP) on eth0 in addition to the VIP?
5.1 If tools such as keepalived are used for HA or Load Balance, DIP is required for health check.
5.2 HA or Load Balance without a health check mechanism has no practical significance.
6. Does LVS/DR ip_forward need to be enabled?
unnecessary. Because the director and realserver are on the same network segment, there is no need to enable forwarding.
7. Does the netmask of the director's vip have to be 255.255.255.255?
In lvs/dr, the netmask of the director's vip does not need to be set to 255.255.255.255, and there is no need to go to
route add -host $VIP dev eth0:0director's vip is to be advertised like a normal ip address, don't make it so special.
8. How does LVS/DR perform the three-way handshake of tcp?
#####################################################################
The advantages of Nginx:
1. Working at the seventh layer of OSI, it can do some diversion strategies for http applications. For example, for domain names, directory structure. Its regularity is more powerful and flexible than HAProxy;
2. Nginx has very little dependence on the network. In theory, it can perform the load function if it can be pinged, which is also its advantage;
3. Nginx installation and configuration are relatively simple, test It is more convenient;
4. It can bear high load pressure and is stable, and can generally support more than tens of thousands of concurrency;
5. Nginx can detect internal server failures through ports, such as status codes and timeouts returned by the server processing web pages and so on, and will resubmit the request that returns an error to another node;
6. Nginx is not only an excellent load balancer/reverse proxy software, it is also a powerful web application server. LNMP is also a very popular web environment now, and it has the potential to compete with the LAMP environment. Nginx has advantages over apache in processing static pages, especially in anti-high concurrency;
7. Nginx is now more and more mature as a web reverse acceleration cache , the speed is faster than the traditional Squid server, and friends in need can consider using it as a reverse proxy accelerator;
Disadvantages
of Nginx: 1. Nginx does not support url detection.
2. Nginx can only support http and Email, which is its weakness.
3. The Session of Nginx is maintained, and the guiding ability of Cookie is relatively lacking.
Advantages
of HAProxy: 1. HAProxy supports virtual hosts and can work at layers 4 and 7 (supporting multiple network segments);
2. It can supplement some of the shortcomings of Nginx, such as session retention, cookie guidance, etc.;
3. Support url Detect the back-end server;
4. Like LVS, it is just a load balancing software; purely in terms of efficiency, HAProxy will have better load balancing speed than Nginx, and it is also better than Nginx in concurrent processing;
5. HAProxy can load balance My sql reads, detect and load balance MySQL nodes in the backend, but when the number of MySQL slaves in the backend exceeds 10, the performance is not as good as LVS;
6. HAProxy has many algorithms, up to 8;
4. Summary
For specific existing network applications, you can choose the best load mode according to the actual situation of the data body. Among the three, lvs has the best stability and the least configurability; nginx has the strongest regular matching for domain name and directory structure, and its dependence on the network is relatively small, but its performance is slightly worse than lvs and haproxy ;haproxy supports virtual hosts, especially in terms of session retention. It has three algorithms to achieve session sharing -- ip identification (source), cookie identification, and session identification. In addition, it is doing mysql This software is also often used in HA solutions.
The above is the content carefully prepared for you by the editor of Yunqi Community. There are also related content in the blog, Q&A, official account, people, courses and other columns of Yunqi Community. Welcome to continue to use the search button in the upper right corner to search the algorithm, server, Application, nginx, load balancing configuration haproxy nginx lvs, haproxy lvs, the difference between lvs and haproxy, haproxy lvs comparison, haproxy and lvs, so that you can gain more relevant knowledge.