Centos LVS deployment DR, NAT load balancing mode

Brief introduction

• LVS is short for Linux Virtual Server, which meansLinux Virtual Server, It is a virtual server cluster. The project in May 1998 by the Zhang Wen Song establishment Ph.D., is one of free software projects in China first appeared.
• LVS can achieve highly available, scalable Web, Mail, Cache, Media and other network services.
• The ultimate goal is to use the Linux operating system and LVS cluster software to achieve a high availability, high-performance, low-cost application server clusters.

LVS cluster consisting of

• Front-end :Load balancing layer
  • The one or more load balancer composition
• Middle :Server group level
  • By a group of servers actually run the application service component
• The bottom :Shared data storage layer
  • It provides shared storage space for storage area

LVS term

• Director Server: scheduler
  • The load distribution to the Real Server server
• Real Server: real server
  • Application servers provide real services
• VIP: Virtual IP address
  • Announced the virtual IP address to access the user's
• RIP: real IP address
  • IP addresses used on the cluster nodes
• DIP: connecting node dispatcher server IP address

LVS operating mode

• NAT mode
  • Convert virtual server achieved through Network Address
  • When a large concurrent access, the performance of the scheduler become a bottleneck

• DR mode
  • Benefits: direct routing using virtual server technology
  • Node server needs to be configured VIP, pay attention to the broadcast MAC address

Scheduling Algorithm

• LVS currently achieve 10 kinds of scheduling algorithms
• There are four kinds of common algorithm
  • Polling (Round Robin) - rr
  • WRR (Weighted Round Robin) -wrr
  • Least Connection (Least Connections) -lc
  • Weighted least connections (Weighted Least Connection) -wlc

--------------------------------------------------------------------------------------------------

--------------------------------------------------------------------------------------------------

LVS deployment

• linux kernel integration LVS

• Installation LVS tool settings ipvsadm

  yum -y install ipvsadm
  

• ipvsadm command syntax:
  
  

LVS-NAT cluster deployment

Requirements Web server on port 80 can be a normal visit.
Web server gateway settings for the same network segment scheduler IP

After four experiments for the IP address of the server :()
customers a: 1.1
scheduler LVS one: 1.2 / 2.2
Web Two: 2.10 / 2.20 Gateway 2.2

• Route confirmation scheduler forwarding

  ]# echo 1 > /proc/sys/net/ipv4/ip_forward
  ]# cat /proc/sys/net/ipv4/ip_forward
  1
  ]# echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf
  #修改配置文件，设置永久规则
  

• Create a cluster server

  ]# ipvsadm -A -t 192.168.1.2:80 -s wrr
  

• Adding Real Servers

  ]# ipvsadm -a -t 192.168.1.2:80 -r 192.168.2.10 -w 1 -m
  ]# ipvsadm -a -t 192.168.1.2:80 -r 192.168.2.20 -w 1 -m
  

• View the list of rules, and saves rules

  ]# ipvsadm -Ln
  IP Virtual Server version 1.2.1 (size=4096)
  Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
  TCP  192.168.1.2:80 wrr
  -> 192.168.2.10:80              Masq    1      0          0         
  -> 192.168.2.20:80              Masq    1      0          1
  ]# ipvsadm-save -n > /etc/sysconfig/ipvsadm
  -A -t 192.168.1.2:80 -s wrr
  -a -t 192.168.1.2:80 -r 192.168.2.10:80 -m -w 1
  -a -t 192.168.1.2:80 -r 192.168.2.20:80 -m -w 1
  

END ~~ client may be tested -
---------------------------------------- -------------------------------------------------- --------

--------------------------------------------------------------------------------------------------

LVS-DR cluster deployment

• Use LVS implement DR mode server cluster scheduling, to provide users with Web services:
  (The following is the experimental configuration)

  • The client IP address is 192.168.6.11
  • LVS scheduler VIP address 192.168.6.12
  • LVS scheduler address to 192.168.6.22 DIP
  • The real address of the Web server are 192.168.6.14,192.168.6.15

• Description:

  • CIP is the client IP address;

  • VIP Shi client IP address service delivery;

  • RIP is a back-end server real IP address;

  • DIP is a scheduler in communication with back-end server IP address
    - VIP must be configured in the virtual interface

• Set scheduling server VIP and DIP
  Note: To prevent conflicts, VIP must configure the virtual interface card! ! !

  ~]# cd /etc/sysconfig/network-scripts/
  ~]# cp ifcfg-ens32{,:0}
  ~]# vim ifcfg-ens32:0
  TYPE=Ethernet
  #网卡类型为：以太网卡
  BOOTPROTO=none
  #none手动配置IP，或者dhcp自动配置IP
  NAME=ens32:0
  #网卡名称
  DEVICE=ens32:0
  #设备名称
  ONBOOT=yes
  #开机时是否自动激活该网卡
  IPADDR=192.168.6.22
  #IP地址
  PREFIX=24
  #子网掩码
  ~]# systemctl restart network
  ~]# ifconfig
  ens32:0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
      inet 192.168.6.22  netmask 255.255.255.0  broadcast 192.168.6.255
      ether 00:0c:29:dc:f0:54  txqueuelen 1000  (Ethernet)
  

FAQ: RHEL7 and Centos7 system has two network management services, there may be a conflict?
Solution: After closing the service NetworkManager restart the network can be.

• web server is configured VIP addressTwo Web exactly the same approach

  ~]# cd /etc/sysconfig/network-scripts/
  ~]# cp ifcfg-lo{,:0}
  ~]# vim ifcfg-lo:0
  DEVICE=lo:0
  IPADDR=192.168.6.22
  NETMASK=255.255.255.255
  NETWORK=192.168.6.22
  BROADCAST=192.168.6.22
  ONBOOT=yes
  NAME=lo:0
  ~]# systemctl restart network
  

• Focus here ... address conflict, how do? Look down to ~

• Prevent conflicts address the problem :

  • Here because the web server is also configured with the same VIP address scheduler, there will be a default address conflicts;
  • The main purpose of this sysctl.conf file write access to the following four lines of data packets is 192.168.4.15, only the scheduler will respond, other hosts do not make any response, to prevent problems such address conflicts.

  ]# vim /etc/sysctl.conf
  #手动写入如下4行内容
  net.ipv4.conf.all.arp_ignore = 1
  net.ipv4.conf.lo.arp_ignore = 1
  net.ipv4.conf.lo.arp_announce = 2
  net.ipv4.conf.all.arp_announce = 2
  #当有arp广播问谁是192.168.4.15时，本机忽略该ARP广播，不做任何回应
  #本机不要向外宣告自己的lo回环地址是192.168.4.15
  ]# sysctl -p  #立即生效
  

• LVS virtual server configuration

  ]# ipvsadm -C	#清空所有之前的配置
  ]# ipvsadm -A -t 192.168.6.22:80 -s wrr
  ]# ipvsadm -a -t 192.168.6.22:80 -r 192.168.6.14
  ]# ipvsadm -a -t 192.168.6.22:80 -r 192.168.6.15
  ]# ipvsadm-save -n /etc/sysconfig/ipvsadm #一定要记得保存
  -A -t 192.168.6.22:80 -s wrr
  -a -t 192.168.6.22:80 -r 192.168.6.14:80 -g -w 1
  -a -t 192.168.6.22:80 -r 192.168.6.15:80 -g -w 1
  

• CIP test results:

  [root@11 ~]# curl 192.168.6.22
  This 15
  [root@11 ~]# curl 192.168.6.22
  This 14
  [root@11 ~]# 
  

Sentence to read: ↓↓↓↓↓↓↓↓↓

1. LVS scheduler
   • Configuration ens32 (6.12)
   • Configuration ens32: 0IP (6.22) ------ ---- Shu three different IP
2. Web1 Configuration
   • ens32 (6.14)
   • lo: 0 (6.22) --------------------- ---- Shu three different IP
   • sysctl.conf conflict prevention
3. Web1 Configuration
   • ens32 (6.15)
   • lo: 0 (6.22) --------------------- ---- Shu three different IP
   • sysctl.conf conflict prevention

Dynamic detection script

Health Check ... LVS without the use of ships with keepalived keepalived ... ... if not used the following code may be used for a checkup

[root@proxy ~]# vim check.sh
#!/bin/bash
VIP=192.168.6.22:80
RIP1=192.168.6.14
RIP2=192.168.6.15
while :
do
   for IP in $RIP1 $RIP2
   do
           curl -s http://$IP &>/dev/vnull
if [ $? -eq 0 ];then
            ipvsadm -Ln |grep -q $IP || ipvsadm -a -t $VIP -r $IP
        else
             ipvsadm -Ln |grep -q $IP && ipvsadm -d -t $VIP -r $IP
        fi
   done
sleep 10
done