LVS集群高并发和负载均衡
LVS是Linux Virtual Server的简写,Linux虚拟服务器,是一个虚拟的服务器集群系统。
- ipvs:嵌入到linux的内核
- ipvsadm:管理应用程序
类型
- NAT:地址转换
- DR:直接路由
- TUN:隧道
LVS调度方法
- 四种静态:
-
- rr:轮询
- wrr:加权轮询
- dh:
- sh:
- 动态调度方法:
-
- lc:最少连接
- wlc:加权最少连接,默认方法
- sed:最短期望延迟
- nq:never quene
- LBLC:基于本地的最少连接
- DH:
- LBLCR:基于本地的带复制功能的最少连接
1.lvs-3种模型推导
LVS DR
- VIP:虚拟服务地址
- DIP:转发的网络地址
-
- 1.和RIP通信:ARP协议,获取Real Server的RIP:MAC地址
- 2.转发Client的数据包到RIP上(隐藏的VIP)
- RIP:后端真实主机(后端服务器)
- CIP:客户端IP地址
四层:D_NAT :::S,D
四层:DR模型
负载均衡器只需要处理上行数据realserver处理后直接返回客户端解决了NAT的I/O瓶颈问题。
负载均衡器和realserver在同一个局域网
二层技术:MAC地址欺骗:节点间,下一跳。
对外隐藏,对内可见的VIP
四层:TUN模型(隧道技术,VPN)
2.lvs-功能配置介绍
LVS是Linux Virtual Server的简写,意即Linux虚拟服务器,是一个虚拟的服务器集群系统。本项目在1998年5月由章文嵩博士成立,是中国国内最早出现的自由软件项目之一。
隐藏VIP方法:对外隐藏,对内可见
- kernel paramter:
-
- 目标mac地址为全F,交换机触发广播
- /porc/sys/net/ipv4/conf/*IF*/
- arp_ignore:定义接收到ARP请求时的相应级别
-
- 0:只要本地配置的有相应地址,就给予响应;
- 1:仅在请求的目标地址(MAC)地址配置请求到达接口上的时候,才给予响应。
- arp_announce:定义将自己地址向外通告时的通告级别:
-
- 0:将本地任何接口上的任何地址向外通告;
- 1:试图仅向目标网络通告与其网络匹配的地址;
- 2.仅向与本地接口上地址匹配的网络进行通告。
LVS命令:监控多个端口号
-
ipvs内核
-
yum -y install ipvsadm -
集群管理服务
-
- 添加: -A -t|u|f service-address [-s scheduler]
-
- -t:TCP协议的集群
- -u:UDP协议的集群
-
- service-address:IP:PORT
- -f:FWM:防火墙标记
-
- service-address:Mark Number
- -E:修改
- -D:删除 -D -t|u|f service-address
ipvsadm -A -t 192.168.159.98:80 -s rr
ipvsadm -A -t 172.16.11.1:8080 -s rr
LVS命令:管理集群服务中的RS
-
添加:-a -t|u|f service-address [-g|i|m] -w weight
-
-
-t|u|f service-address:事先定义好某集群服务
-
-r service-address:某RS的地址,在NAT模型中,可使用IP:PORT实现端口映射
-
[-g|i|m] :LVS类型
-
-
g:DR
-
i:TUN
-
m:NAT
-
-
修改:-e
-
删除:-d -t|u|f service-address -r server-address
-
ipvsadm -a -t 172.16.100.1:80 -r 192.168.10.8 -g ipvsadm -a -t 172.16.100.1:80 -r 192.168.10.8 -g
-
-
查看:
-
- -L|l
- -n:数字格式显示主机地址和端口
- –stat:统计数据
- –rate:速率
- –timeout:显示tcp,tcpfin和udp的会话超时时长
- -c:显示当前的ipvs连接情况
-
删除所有集群服务
-
- -C:清空ipvs规则
-
保存规则
-
-
-S
-
ipvsadm -S > /path/to/somefile
-
-
载入此前的规则
-
-
-R
-
ipvsadm -R < /path/to/somefile
-
具体配置:
-
1.准备3台虚拟机
-
2.先配置3台虚拟机的网络
-
- eth0,配置在一个网段
-
- DIP,RIP在一个网段
-
3.配置lvs的VIP
-
- ifconfig eth0:0 192.168.159.97/24
- echo “1” > /proc/sys/net/ipv4/ip_forward
-
4.调整RS的响应,通告级别
-
echo 1 > /proc/sys/net/ipv4/conf/eth0/arp_ignore echo 2 > /proc/sys/net/ipv4/conf/eth0/arp_announce echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce -
5.配置RS的VIP(每一台PS都配)
-
ifconfig lo:8 192.168.159.97 netmask 255.255.255.255
3.lvs-DR模型试验
1.准备四台服务器,node01,node02,node03,node04
- node01作为lvs负载均衡服务器;
- node02,node03,node04作为RealServer
- 浏览器作为客户端,进行DR模型负载实验
2.配置4台虚拟机的网络,先打通DIP,RIP的网络(DIP(node01),RIP(其他三台)必须在同一网段)
注意:在xshell中使用发送键盘输入的所有会话,进行快速操作
3.配置lvs的VIP
[root@node01 ~]# ifconfig eth0:2 192.168.159.120/24
[root@node01 ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:E8:99:52
inet addr:192.168.159.97 Bcast:192.168.159.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fee8:9952/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:8941 errors:0 dropped:0 overruns:0 frame:0
TX packets:1385 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:582425 (568.7 KiB) TX bytes:96202 (93.9 KiB)
eth0:2 Link encap:Ethernet HWaddr 00:0C:29:E8:99:52
inet addr:192.168.159.120 Bcast:192.168.159.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
注意:以上配法只是临时配置,一旦重启服务器,配置即失效。
设置数据包的转发功能
#临时配置
[root@node01 ~]# echo 1 > /proc/sys/net/ipv4/ip_forward
4.调整RS的响应,通告级别(每一台RS都配)
[root@node02 ~]# cd /proc/sys/net/ipv4/conf
[root@node02 conf]# ll
total 0
dr-xr-xr-x 0 root root 0 Jun 1 05:24 all
dr-xr-xr-x 0 root root 0 Jun 1 05:06 default
dr-xr-xr-x 0 root root 0 Jun 1 05:24 eth0
dr-xr-xr-x 0 root root 0 Jun 1 05:24 lo
[root@node02 conf]# cd eth0
[root@node02 eth0]# ll
total 0
-rw-r--r-- 1 root root 0 Jun 1 05:25 accept_local
-rw-r--r-- 1 root root 0 Jun 1 05:25 accept_redirects
-rw-r--r-- 1 root root 0 Jun 1 05:25 accept_source_route
-rw-r--r-- 1 root root 0 Jun 1 05:25 arp_accept
-rw-r--r-- 1 root root 0 Jun 1 05:25 arp_announce
-rw-r--r-- 1 root root 0 Jun 1 05:25 arp_filter
-rw-r--r-- 1 root root 0 Jun 1 05:25 arp_ignore
-rw-r--r-- 1 root root 0 Jun 1 05:25 arp_notify
-rw-r--r-- 1 root root 0 Jun 1 05:25 bootp_relay
-rw-r--r-- 1 root root 0 Jun 1 05:25 disable_policy
-rw-r--r-- 1 root root 0 Jun 1 05:25 disable_xfrm
-rw-r--r-- 1 root root 0 Jun 1 05:25 force_igmp_version
-rw-r--r-- 1 root root 0 Jun 1 05:25 forwarding
-rw-r--r-- 1 root root 0 Jun 1 05:25 log_martians
-r--r--r-- 1 root root 0 Jun 1 05:25 mc_forwarding
-rw-r--r-- 1 root root 0 Jun 1 05:25 medium_id
-rw-r--r-- 1 root root 0 Jun 1 05:25 promote_secondaries
-rw-r--r-- 1 root root 0 Jun 1 05:25 proxy_arp
-rw-r--r-- 1 root root 0 Jun 1 05:25 proxy_arp_pvlan
-rw-r--r-- 1 root root 0 Jun 1 05:25 route_localnet
-rw-r--r-- 1 root root 0 Jun 1 05:25 rp_filter
-rw-r--r-- 1 root root 0 Jun 1 05:25 secure_redirects
-rw-r--r-- 1 root root 0 Jun 1 05:25 send_redirects
-rw-r--r-- 1 root root 0 Jun 1 05:25 shared_media
-rw-r--r-- 1 root root 0 Jun 1 05:25 src_valid_mark
-rw-r--r-- 1 root root 0 Jun 1 05:25 tag
[root@node02 eth0]# echo 1 > arp_ignore
[root@node02 eth0]# echo 2 > arp_announce
[root@node02 eth0]# pwd
/proc/sys/net/ipv4/conf/eth0
#对未来新增接口做预配置
[root@node02 eth0]# cd ..
[root@node02 conf]# ll
total 0
dr-xr-xr-x 0 root root 0 Jun 1 05:24 all
dr-xr-xr-x 0 root root 0 Jun 1 05:06 default
dr-xr-xr-x 0 root root 0 Jun 1 05:24 eth0
dr-xr-xr-x 0 root root 0 Jun 1 05:24 lo
[root@node02 conf]# cd all
[root@node02 all]# ls
accept_local accept_source_route arp_announce arp_ignore bootp_relay disable_xfrm forwarding mc_forwarding promote_secondaries proxy_arp_pvlan rp_filter send_redirects src_valid_mark
accept_redirects arp_accept arp_filter arp_notify disable_policy force_igmp_version log_martians medium_id proxy_arp route_localnet secure_redirects shared_media tag
[root@node02 all]# echo 1 > arp_ignore
[root@node02 all]# echo 2 > arp_announce
简化写法
[root@node03 ~]# echo 1 > /proc/sys/net/ipv4/conf/eth0/arp_ignore
[root@node03 ~]# echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
[root@node03 ~]# echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
[root@node03 ~]# echo 2 > /proc/sys/net/ipv4/conf/eth0/arp_announce
5.给每个RS配置VIP
[root@node02 all]# ifconfig lo:8 192.168.159.120 netmask 255.255.255.255
[root@node02 all]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:5F:DA:06
inet addr:192.168.159.98 Bcast:192.168.159.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe5f:da06/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:943 errors:0 dropped:0 overruns:0 frame:0
TX packets:358 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:74685 (72.9 KiB) TX bytes:43344 (42.3 KiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
lo:8 Link encap:Local Loopback
inet addr:192.168.159.120 Mask:255.255.255.255
UP LOOPBACK RUNNING MTU:16436 Metric:1
6.启动RS上的httpd
#安装httpd服务
yum -y install httpd
#编辑每台服务器响应的内容
cd /var/www/html
vi index.html
------------------------------------------------------------
from [RS的IP地址]
------------------------------------------------------------
#启动httpd服务
service httpd start
验证httpd服务是否启动成功
在客户端浏览器上访问每一台RS服务器的httpd服务,按照每一台RS的真实ip地址访问
启动httpd时报错
Starting httpd: httpd: apr_sockaddr_info_get() failed for node02
httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName
[ OK ]
解决方法
vi /etc/hosts
------------------------------------------------------------------------------------------
127.0.0.1 localhost.localdomain localhost 主机名
7.LVS——安装ipvsadm,配置lvs集群
#安装ipvsadm
yum -y install ipvsadm
#1.设置监控的包
[root@node01 ~]# ipvsadm -A -t 192.168.159.120:80 -s rr
[root@node01 ~]# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.159.120:80 rr
#2.添加负载的列表
[root@node01 ~]# ipvsadm -a -t 192.168.159.120:80 -r 192.168.159.98:80 -g
[root@node01 ~]# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.159.120:80 rr
-> 192.168.159.98:80 Route 1 0 0
[root@node01 ~]# ipvsadm -a -t 192.168.159.120:80 -r 192.168.159.99:80 -g
[root@node01 ~]# ipvsadm -a -t 192.168.159.120:80 -r 192.168.159.100:80 -g
[root@node01 ~]# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.159.120:80 rr
-> 192.168.159.98:80 Route 1 0 0
-> 192.168.159.99:80 Route 1 0 0
-> 192.168.159.100:80 Route 1 0 0
ipvsadm常用命令
#1.偷窥RS
[root@node01 ~]# ipvsadm -lnc
IPVS connection entries
pro expire state source virtual destination
TCP 00:17 FIN_WAIT 192.168.159.1:60664 192.168.159.120:80 192.168.159.100:80
TCP 00:17 FIN_WAIT 192.168.159.1:60666 192.168.159.120:80 192.168.159.98:80
TCP 00:10 FIN_WAIT 192.168.159.1:60621 192.168.159.120:80 192.168.159.98:80
TCP 00:13 FIN_WAIT 192.168.159.1:60643 192.168.159.120:80 192.168.159.100:80
TCP 00:08 FIN_WAIT 192.168.159.1:60612 192.168.159.120:80 192.168.159.98:80
TCP 00:14 FIN_WAIT 192.168.159.1:60648 192.168.159.120:80 192.168.159.98:80
TCP 00:14 FIN_WAIT 192.168.159.1:60645 192.168.159.120:80 192.168.159.98:80
TCP 00:06 FIN_WAIT 192.168.159.1:60601 192.168.159.120:80 192.168.159.100:80
TCP 00:09 FIN_WAIT 192.168.159.1:60616 192.168.159.120:80 192.168.159.100:80
TCP 00:09 FIN_WAIT 192.168.159.1:60615 192.168.159.120:80 192.168.159.98:80
TCP 00:07 FIN_WAIT 192.168.159.1:60607 192.168.159.120:80 192.168.159.100:80
TCP 00:15 FIN_WAIT 192.168.159.1:60652 192.168.159.120:80 192.168.159.100:80
TCP 00:17 FIN_WAIT 192.168.159.1:60662 192.168.159.120:80 192.168.159.99:80
TCP 00:14 FIN_WAIT 192.168.159.1:60647 192.168.159.120:80 192.168.159.99:80
以上LVS集群就已经搭建好了。
扫一扫
374
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
