ansible: Batch automated deployment tools
The bottom layer is written in python, the main module of the call is:
1.paramiko: ssh simulation protocol, client connection linux
2.yaml: language used to write the script yaml
3.jinjia2: Template Language
working principle:
ansible to implement batch management by the host or hosts file keyless Login
Run mode:
hoc命令行:ansible client -m copy -a 'src=/root/ceshi.sh dest=/root
playbooks: script writing yaml
roles: call playbooks
lvs: Load Balancer
Features:
1, anti-load capacity. Anti-load capacity, high performance, can reach 60% F5 hardware; memory and cpu resource consumption is relatively low
2, 4 in the working layer of the network, forwarding the vrrp protocol (the distribution purposes only), the specific processing flow of the linux kernel, so no flow.
2, stability, reliability, itself has a perfect Redundancy; (eg: LVS + Keepalived)
3, broad range of applications, load balancing can be done for all applications;
4, does not support regular treatment, can not do static and dynamic separation.
5, supports load balancing algorithms: rr (round robin), WRR (Weighted Round Robin), LC (minimum connection), WLC (weighted least connections)
6, the configuration complex, dependent on the network is relatively large, high stability.
Three models and principles:
nat mode:
①. The client sends the requests to the front end of the load balancer, the request packet source address of the CIP (client the IP), followed by collectively referred to as the CIP), destination address VIP (load balancer front end address, later referred to as VIP).
②. After the load balancer receives a packet, the request is found in the rules which exist in the address, then the client will request packet destination address to the address of the back-end server RIP message sent out according to an algorithm.
③. After the packets to the Real Server, due to the packet destination address is its own, it will respond to the request and response messages returned to the LVS.
④. Lvs then this packet's source address changes for this machine and sent to the client.
note:
In NAT mode, Real Server gateway must point LVS, otherwise the message will not be delivered to the client
advantage:
A cluster of physical servers can use any support TCP / IP operating systems, load balancing requires only a valid IP address.
Disadvantages :
Limited scalability. When too many server nodes (ordinary PC server) growth, the load balancer will become the bottleneck of the whole system, because all the request packets and response packets have been flowing to the load balancer. When too many server nodes, a large number of packets are in the intersection of the load balancer that, the speed will slow down!
DR mode:
①. The client sends the requests to the distal end of the load balancer, the request packet is the source address of the CIP, the destination address for the VIP.
②. Load balancer after receiving the packets, the request is found to exist in the rules inside address, it will read the MAC address destination MAC RIP, and this packet is sent for RS.
③.RS that the destination MAC request packet is its own, it will be down time packets received, processed request packet, the response packet by the interface card to the eth0 lo sent directly to the client.
note:
VIP lo interface to set arp request can not respond within the local network.
Advantages :
And TUN (tunnel mode), as only the load balancer to distribute the request response packet back to the client via a separate routing method. Compared with the VS-TUN, VS-DR tunnel structure does not require such an implementation, the operating system can be used most as a physical server.
DR mode is very efficient, but slightly more complex configuration, can be substituted with haproxy / nginx not particularly large amount of access to the company. Day 1000-2000W PV or 10,000 concurrent requests it can be considered by haproxy / nginx.
Disadvantages :
RS all nodes and a scheduler LB only inside the LAN.
tun mode:
①. The client sends the requests to the distal end of the load balancer, the request packet is the source address of the CIP, the destination address for the VIP.
After ②. Load balancer receives a packet, the request is found in the rules which exist in the address, then it will be in the client request packet header and then encapsulating an IP packet, the source address to DIP, destination address to RIP, and this packet is sent for RS.
③.RS After receiving the request packet, the first layer will first open the package, and then found that there is also a layer of IP header destination address is on their VIP lo interface, the processing time will request packets and response packets by sending lo eth0 interfaces to the card directly to the client.
note:
Need to set the lo interface VIP can not appear in public Internet.
Advantages :
The load balancer is only responsible for the request package to the back-end server node, and the RS package will answer directly to the user. Therefore, reducing the amount of data flow in the load balancer, the load balancer is no longer the bottleneck of the system, it can handle the huge amount of requests in this way, a load balancer can be distributed into many RS. And running can be distributed in different areas of the public Internet.
Disadvantages:
RS node tunnel mode requires legitimate IP, this approach requires all servers support the "IP Tunneling" (IP Encapsulation) protocol, a server may only be limited to the part of the Linux system.
keepalived: linux under a lightweight high-availability solutions
principle:
adding VRRP keepalived function, VRRP protocol is a protocol of a fault-tolerant backup mode, to ensure that when the next hop of the host fails, the other router instead of the failed router to work by the network may VRRP transparent switching device is performed when a failure occurs without affecting data communication between the host.