LVS负载均衡

最新推荐文章于 2024-09-21 11:17:28 发布

屠绝鬼气-苏醒人魂

最新推荐文章于 2024-09-21 11:17:28 发布

阅读量773

点赞数

分类专栏：集群文章标签：负载均衡

本文链接：https://blog.csdn.net/qq_32034151/article/details/72905049

版权

集群专栏收录该内容

2 篇文章 0 订阅

订阅专栏

服务器IP地址

名称	网络接口	IP地址
lvs	eth2	192.168.1.113
lvs	eth1	192.168.139.142
web1	eth0	192.168.139.144
web2	eth0	192.168.139.129
web3	eth0	192.168.139.131

ipvsadm命令详解

ipvsadm 选项服务器地址 -s 算法
ipvsadm 选项服务器地址 -r 真实服务器地址 [工作模式] [ 权重]

header 1	header 2
-A	添加一个虚拟服务，使用IP地址、端口号，协议来唯一定义一个虚拟服务
-E	编辑一个虚拟服务
-D	删除一个虚拟服务
-C	清空虚拟服务表
-R	从标准输入中还原虚拟服务规则
-S	保存虚拟服务规则值标准输出，输出的规则可以使用-R导入还原
-a	在虚拟服务中添加一台真实服务器
-e	在虚拟服务中编辑一台真实服务器
-d	在虚拟服务中删除一台真实服务器
-L	显示虚拟服务列表
-t	使用TCP服务，该参数后需要跟主机与端口信息
-u	使用udp服务，该参数后需要跟主机与端口信息
-s	指定lvs的的调度算法
-r	设置真实服务器IP地址与端口信息
-g	设置lvs工作模式为DR直接路由模式
-i	设置lvs工作模式为TUN隧道模式
-m	设置lvs工作模式为NAT地址转换模式
-w	指定服务器的权重
-c	连接状态，配合-L使用
-n	数字格式输出

LVS负载均衡调度算法

header 1	header 2
轮询调度	RR
加权轮询	WRR
最小连接调度	LC
加权最小连接	WLC
基于局部性最少的连接	lblc
带复制的基于局部性最少的连接	lblcr
目标地址散列调度	DH
源地址散列调度	SH

虚拟服务实例一

添加一个虚拟服务

ipvsadm -A -t 192.168.1.113:80 -s rr
ipvsadm -a -t 192.168.1.113:80 -r 192.168.139.129:80 -m
ipvsadm -a -t 192.168.1.113:80 -r 192.168.139.131:80 -m
ipvsadm -a -t 192.168.1.113:80 -r 192.168.139.144:80 -m

查看lvs路由规则表

# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  192.168.1.113:80 rr
  -> 192.168.139.129:80           Masq    1      0          0         
  -> 192.168.139.131:80           Masq    1      0          0         
  -> 192.168.139.144:80           Masq    1      0          0

查看目前ipvs调度状态

# ipvsadm -Lnc

删除为虚拟服务提供web功能的真实服务器

# ipvsadm -d -t 192.168.1.113:80 -r 192.168.139.144:80 
# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  192.168.1.113:80 rr
  -> 192.168.139.129:80           Masq    1      0          0         
  -> 192.168.139.131:80           Masq    1      0          0

虚拟服务规则表备份与还原

# ipvsadm -S > /tmp/ip_vs.bak  ##备份规则表
# ls -l /tmp/ip_vs.bak 
-rw-r--r-- 1 root root 202 Jun  7 20:51 /tmp/ip_vs.bak

# ipvsadm -C                  ##清空规则表 
# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
# 


# ipvsadm -R < /tmp/ip_vs.bak   ## 从文件恢复
[root@centos6 ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  192.168.1.113:80 rr
  -> 192.168.139.129:80           Masq    1      0          0         
  -> 192.168.139.131:80           Masq    1      0          0         
  -> 192.168.139.144:80           Masq    1      0          0

　修改虚拟服务的调度算法

# ipvsadm -E -t 192.168.1.113:80 -s wrr
# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  192.168.1.113:80 wrr
  -> 192.168.139.129:80           Masq    1      0          0         
  -> 192.168.139.131:80           Masq    1      0          0         
  -> 192.168.139.144:80           Masq    1      0          0

虚拟服务实例二

DR模式，wrr

# ipvsadm -A -t 192.168.1.113:80 -s wrr
# ipvsadm -a -t 192.168.1.113:80 -r 192.168.139.129:80 -g  -w 1
# ipvsadm -a -t 192.168.1.113:80 -r 192.168.139.144:80 -g  -w 2
# ipvsadm -e -t 192.168.1.113:80 -r 192.168.139.131:80 -g  -w 3
# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  192.168.1.113:80 wrr
  -> 192.168.139.129:80           Route   1      0          0         
  -> 192.168.139.131:80           Route   3      0          0         
  -> 192.168.139.144:80           Route   2      0          0

NAT模式实验

原理

mark

1 关闭iptables和selinux

2 编写执行脚本

#!/bin/bash
# director 服务器上开启路由转发功能:
echo 1 > /proc/sys/net/ipv4/ip_forward
# 关闭 icmp 的重定向
echo 0 > /proc/sys/net/ipv4/conf/all/send_redirects
echo 0 > /proc/sys/net/ipv4/conf/default/send_redirects
echo 0 > /proc/sys/net/ipv4/conf/eth0/send_redirects
echo 0 > /proc/sys/net/ipv4/conf/eth1/send_redirects

# director 设置 nat 防火墙
/sbin/iptables -t nat -F
/sbin/iptables -t nat -X
/sbin/iptables -t nat -A POSTROUTING -s 192.168.139.0/24 -j MASQUERADE
#这部分是针对回报更改源ip地址的

# director 设置 ipvsadm
IPVSADM='/sbin/ipvsadm'
$IPVSADM -C
$IPVSADM -A -t 192.168.1.199:80 -s rr
$IPVSADM -a -t 192.168.1.199:80 -r 192.168.139.254:80 -m
#这部分是针对发包更改目标地址的
$IPVSADM -a -t 192.168.1.199:80 -r 192.168.139.253:80 -m
$IPVSADM -a -t 192.168.1.199:80 -r 192.168.139.252:80 -m

3更改所有realserver的网关为lvs的ip

4测试

测试脚本

# -*- coding: utf-8 -*-
import requests
import time

def getHTMLText(url):
    try:        
        r = requests.get(url)
        r.raise_for_status()
        r.encoding = r.apparent_encoding
        #return r.text
        return r.text        
    except:
        return '产生异常'      

if __name__ == "__main__":
    url = "http://192.168.1.199/"
    for i in range(1000):
        time.sleep(2)
        print(getHTMLText(url) + time.ctime())

tupdump监控的包的时间

tcpdump -nn -i eth0 tcp and port 80 and src host 192.168.1.106
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
22:44:44.674731 IP 192.168.1.106.51729 > 192.168.139.252.80: Flags [S], seq 2841949030, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
22:44:44.675656 IP 192.168.1.106.51729 > 192.168.139.252.80: Flags [.], ack 1384177409, win 2053, length 0
22:44:44.675736 IP 192.168.1.106.51729 > 192.168.139.252.80: Flags [P.], seq 0:144, ack 1, win 2053, length 144
22:44:44.677485 IP 192.168.1.106.51729 > 192.168.139.252.80: Flags [.], ack 290, win 2052, length 0
22:44:44.678669 IP 192.168.1.106.51729 > 192.168.139.252.80: Flags [F.], seq 144, ack 290, win 2052, length 0
22:44:46.698341 IP 192.168.1.106.51730 > 192.168.139.253.80: Flags [S], seq 692870389, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
22:44:46.700948 IP 192.168.1.106.51730 > 192.168.139.253.80: Flags [.], ack 2177794250, win 256, length 0
22:44:46.701147 IP 192.168.1.106.51730 > 192.168.139.253.80: Flags [P.], seq 0:144, ack 1, win 256, length 144
22:44:46.704619 IP 192.168.1.106.51730 > 192.168.139.253.80: Flags [.], ack 290, win 255, length 0
22:44:46.707583 IP 192.168.1.106.51730 > 192.168.139.253.80: Flags [F.], seq 144, ack 290, win 255, length 0
22:44:48.724503 IP 192.168.1.106.51731 > 192.168.139.254.80: Flags [S], seq 1622299946, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
22:44:48.727207 IP 192.168.1.106.51731 > 192.168.139.254.80: Flags [.], ack 2671677042, win 256, length 0
22:44:48.727433 IP 192.168.1.106.51731 > 192.168.139.254.80: Flags [P.], seq 0:144, ack 1, win 256, length 144
22:44:48.731488 IP 192.168.1.106.51731 > 192.168.139.254.80: Flags [.], ack 290, win 255, length 0
22:44:48.735640 IP 192.168.1.106.51731 > 192.168.139.254.80: Flags [F.], seq 144, ack 290, win 255, length 0

python脚本执行结果的输出时间

web3:192.168.139.252
Wed Jun  7 22:44:44 2017
web2:192.168.139.253
Wed Jun  7 22:44:46 2017
web1:192.168.139.254
Wed Jun  7 22:44:48 2017
web3:192.168.139.252