LVS virtual server
Linux Virtual Server (LVS) is a load balancer for Linux kernel development project, created by our Zhang Wen Song Bo soil in May 1998, the official site is located http://www.linuxvirtualserver.org/ .
LVS is actually equivalent to a virtualized application based on IP address, IP address-based load balancing and content distribution request proposes an efficient solution.
LVS is now part of the Linux kernel, the default compiler for the ip_vs module can automatically open when necessary.
LVS load scheduling algorithm
For different network services and configurations require, the LVS scheduler offers a variety of load scheduling algorithms, the most common of the four algorithms include polling, weighted round-robin, weighted least connections and minimum connection.
Polling (RoundRobin): The access request received in turn assigned to each node in the cluster (real server) in order.
WRR (WeightedRoundRobin): according to the processing capacity of real servers in turn assigned access request is received, the query scheduler may automatically load each node and dynamically adjust its weight. This will ensure a strong server processing power to take on more traffic.
Least Connections (LeastConnections): allocated according to the number of connections the real server is established, access will receive priority in the allocation requests to the node with the fewest number of connections.
Weighted least connections (WeightedLeastConnections): big difference in performance at the server node, the weights can be automatically adjusted to the real server, the node with higher weights will assume a greater proportion of active connections supported.
Use ipvsadm management tools
NAT mode
Address Translation (NetworkAddressTranslation) referred to as the NAT mode, similar to the structure of the private network firewall, load balancer as a gateway for all server node, that is, as a client to access the entrance, as well as access nodes in response to export client. Private IP address of the server node, and a load balancer located in the same physical network, security is better than the other two methods.
Diagram
Description: the role of the private network node server, and the client role in the public network, as a gateway to LVS this case, feedback information server node to the client, the LVS will pass.
lab environment
| Character | IP |
|---|---|
| LVS | 192.168.100.1 / 12.0.0.1 |
| apache1 | 192.168.100.110 |
| apache2 | 192.168.100.120 |
| NFS | 192.168.100.130 |
step
Build service httpd server on both nodes
# yum install httpd -y
# systemctl stop firewalld.service
# setenforce 0Set up NFS service on the NFS server
- install service
# rpm -q nfs-utils # rpm -q rpcbind //看是否安装,服务已安装 - Edit Profile
# vim /etc/exports /usr/share *(ro,sync) /opt/benet 192.168.100.0/24(rw,sync)//创建目录benet,192.168.100.0网段的可以进行读写和同步操作 /opt/accp 192.168.100.0/24(rw,sync)//创建目录accp,192.168.100.0网段的可以进行读写和同步操作 - Create a directory and give permission
# mkdir /opt/benet /opt/accp # chmod 777 /opt/benet /opt/accp - Open nfs service and issued share
# systemctl start nfs.service # exportfs -rv //发布共享
Nfs server nodes to mount a shared file server
- apache1 the / opt / benet mount to the next site directory
# showmount -e 192.168.100.130 //查看共享文件 # mount.nfs 192.168.100.130:/opt/benet /var/www/html //挂载 # cd /var/www/html/ # echo "this is benet" > index.html # systemctl start httpd.service
- The apache2 / opt / accp mount to the next site directory
# showmount -e 192.168.100.130 //查看共享文件 # mount.nfs 192.168.100.130:/opt/accp /var/www/html //挂载 # echo "this is accp" > index.html # systemctl start httpd.service
LVS server (note the dual-NIC)
- Installation ipvsadm management tools
# yum install ipvsadm -y - LKM
# modprobe ip_vs - Set routing and forwarding (because it is a dual-NIC)
# vim /etc/sysctl.conf 末尾添加:net.ipv4.ip_forward = 1 # sysctl -p //立即生效
- Firewall settings
iptables -F # iptables -t nat -F # iptables -L //清空所有规则 # iptables -t nat -I POSTROUTING -s 192.168.100.0/24 -o ens36 -j SNAT --to-source 12.0.0.1 //设置SNAT转发,将所有192.168.100.0段的都转换为12.0.0.1,然后进行访问client
- Open ipvsadm
# systemctl start ipvsadm.service 注:此时开启可能会出现问题 # ipvsadm --save > /etc/sysconfig/ipvsadm //输入该行即可
- Write executable script
# cd /opt # vi net.sh #!/bin/bash ipvsadm -C ipvsadm -A -t 12.0.0.1:80 -s rr ipvsadm -a -t 12.0.0.1:80 -r 192.168.100.110:80 -m ipvsadm -a -t 12.0.0.1:80 -r 192.168.100.120:80 -m ipvsadm # chmod +x net.sh # ./net.sh 解释如下: ipvsadm -C //清除内核虚拟服务器表中的所有记录// -A:添加虚拟服务器 -s:指定调度算法 rr:轮询算法 -a:添加真实服务器 -t:指定外网网关及TCP端口 -r:指定节点服务器的地址及TCP端口 -m:使用NAT集群模式
Open a win7 detection
Note: When two consecutive access 12.0.0.1, may be a time switch, however, the display or the original interface, this time it is necessary to clear the cache to see the two different interfaces. Of course, if the time to turn off the httpd service in which a node server, then go visit 12.0.0.1, the display is another web interface of friends.