LVS负载均衡机制:
LVS工作在网络层。相对于其它负载均衡的解决办法,比如DNS域名轮流解析、应用层负载的调度、客户端的调度等,它的效率是非常高的。LVS的通过控制IP来实现负载均衡。IPVS是其具体的实现模块。IPVS的主要作用:安装在Director Server上面,在Director Server虚拟一个对外访问的IP(VIP)。用户访问VIP,到达Director Server,Director Server根据一定的规则选择一个Real Server,处理完成后然后返回给客户端数据。这些步骤产生了一些具体的问题,比如如何选择具体的Real Server,Real Server如果返回给客户端数据等等。IPVS为此有三种机制:
1.VS/NAT(Virtual Server via Network Address Translation),即网络地址翻转技术实现虚拟服务器。当请求来到时,Diretor server上处理的程序将数据报文中的目标地址(即虚拟IP地址)改成具体的某台Real Server,端口也改成Real Server的端口,然后把报文发给Real Server。Real Server处理完数据后,需要返回给Diretor Server,然后Diretor server将数据包中的源地址和源端口改成VIP的地址和端口,最后把数据发送出去。由此可以看出,用户的请求和返回都要经过Diretor Server,如果数据过多,Diretor Server肯定会不堪重负。
2.VS/TUN(Virtual Server via IP Tunneling),即IP隧道技术实现虚拟服务器。它跟VS/NAT基本一样,但是Real server是直接返回数据给客户端,不需要经过Diretor server,这大大降低了Diretor server的压力。
3.VS/DR(Virtual Server via Direct Routing),即用直接路由技术实现虚拟服务器。跟前面两种方式,它的报文转发方法有所不同,VS/DR通过改写请求报文的MAC地址,将请求发送到Real Server,而Real Server将响应直接返回给客户,免去了VS/TUN中的IP隧道开销。这种方式是三种负载调度机制中性能最高最好的,但是必须要求Director Server与Real Server都有一块网卡连在同一物理网段上
//环境介绍
#VS/DR模式下,Direct server在VIP:80端口监听用户请求,改写请求报文的MAC地址,将请求负载到real server上,real server将响应直接返回给用户,因此所有的主机必须在同一个网段,且real server可以直接与用户通信
1.主机配置
DIRECT SERVER:10.10.54.155
vip:10.10.54.151
DIRECT BACKUP:10.10.54.156
vip:10.10.54.151
real server:10.10.54.222(80) --nginx
real server:10.10.54.226(80) --nginx
//软件安装
1.所需软件
ipvsadm-1.26.tar.gz
keepalived-1.2.9.tar.gz
2.安装ipvsadm
shell> yum -y install wget libnl* popt* gcc.x86_64 gcc-c++.x86_64 gcc-objc++.x86_64 kernel-devel.x86_64 make popt-static.x86_64
shell> tar xvf ipvsadm-1.26.tar.gz
shell> cd ipvsadm-1.26
shell> ./configure && make && make install
3.安装keepalived
shell> yum install -y net-snmp.x86_64 net-snmp-devel.x86_64
shell> tar xvf keepalived-1.2.9.tar.gz
shell> cd keepalived-1.2.9
shell> ./configure && make && make install
shell> ./configure --prefix=/usr/local/keepalived --enable-snmp --sysconfdir=/etc
shell> cp /usr/local/keepalived/sbin/keepalived /sbin/
shell> cp /usr/local/keepalived/bin/genhash /bin/
//【real server上操作】
1.编辑realserver脚本
shell> vim /etc/init.d/realserver
-----------------------------------------------------
#!/bin/bash
#description:start realserver
#script_name:realserver_config
VIP=10.10.54.151#虚拟IP
source/etc/init.d/functions
case"$1"in
start)
echo"start LVS of realserver."
/sbin/ifconfiglo:0 $VIP broadcast $VIP netmask 255.255.255.255 up
echo"1"> /proc/sys/net/ipv4/conf/lo/arp_ignore
echo"2"> /proc/sys/net/ipv4/conf/lo/arp_announce
echo"1"> /proc/sys/net/ipv4/conf/all/arp_ignore
echo"2"> /proc/sys/net/ipv4/conf/all/arp_announce
;;
stop)
/sbin/ifconfiglo:0 down
echo"0"> /proc/sys/net/ipv4/conf/lo/arp_ignore
echo"0"> /proc/sys/net/ipv4/conf/lo/arp_announce
echo"0"> /proc/sys/net/ipv4/conf/all/arp_ignore
echo"0"> /proc/sys/net/ipv4/conf/all/arp_announce
;;
*)
echo"Usage: $0 {start|stop}"
exit1
esac
-----------------------------------------------------------------
2.shell> /etc/init.d/realserverstart
//【Direct server上操作】
1.[master]修改配置文件
shell> vim /etc/keepalived/keepalived.conf
---------------------------------------------
global_defs {
notification_email {
lij@ssr.com
}
notification_email_from lij@ssr.com
smtp_server lij@ssr.com
smtp_connect_timeout 30
router_id LVS_MASTER2
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.10.54.151/24dev eth0 label eth0:1#虚拟IP,用户可见IP
}
}
virtual_server 10.10.54.151 80 {
delay_loop 6
lb_algo rr
lb_kind DR
# nat_mask 255.255.255.0
# persistence_timeout 50
protocol TCP
real_server 10.10.54.157 80 {#real server上80端口
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 10.10.54.159 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
#查看IPVS表
shell> ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 10.10.54.151:80 rr
-> 10.10.54.157:80 Route 1 0 0
-> 10.10.54.159:80 Route 1 0 0
--------------------------------------------------
2.【backup server】修改配置文件
---------------------------------------------------
global_defs {
notification_email {
lij@ssr.com
}
notification_email_from lij@ssr.com
smtp_server lij@ssr.com
smtp_connect_timeout 30
router_id LVS_BACKUP #改1
}
vrrp_instance VI_1 {
state MASTER #改2
interface eth0
virtual_router_id 51
priority 80 #改3
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
...
}
#backup上查看IPVS表
shell> ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 10.10.54.151:80 rr
-> 10.10.54.157:80 Route 1 0 0
-> 10.10.54.159:80 Route 1 0 0
-----------------------------------------------
推荐阅读: