Shulou(Shulou.com)06/03 Report--

DR (Direct routing) is one of the three load balancing modes, and it is also the most frequently used one. For an introduction to this mode, please refer to the blog article: LVS load balancing Cluster for details.

The schematic diagram of the working mode of DR is as follows:

The principle of this pattern has been written down in the blog post linked above. Now build a load balancing cluster based on DR mode directly.

The environment is as follows:

In the above environment, the problems that need to be solved are as follows:

1. All web nodes and schedulers are configured with VIP: when the client accesses VIP (the virtual IP address of the cluster), if

The scheduler forwards the request to the web node, and then the web node responds directly to the client, and the client receives

After the packet, it is found that the source address of the received packet is not 200.0.0.254, then the web server will be directly discarded.

To solve this problem, 200.0.0.254 needs to be configured on the virtual interfaces of all web nodes and schedulers

This address, and by adding a route, restricts data access to the VIP locally to avoid communication confusion.

2. Solve the problem about the ARP response of web nodes: configure 200.0.0.254 on all web nodes and schedulers

After this address, when client accesses the address 200.0.0.254, all web nodes have this address, so

Will do the ARP response, so this may cause the client to skip the scheduler to access the web node directly.

In this way, the scheduler has no meaning to exist, and naturally it will not be able to achieve the effect of load balancing, so it is necessary

Turn off part of the ARP reply of the web node, and when broadcasting the address 200.0.0.254, only let the scheduler respond, web

If the node does not ring, it should be broadcast.

3. Solve the ICMP redirection optimization problem that comes with the scheduler kernel: the Linux kernel has an ICMP optimization function.

It is when client first accesses the scheduler that the scheduler forwards the request to a web node. At this point, Linux

The built-in ICMP optimization feature will find that the client can communicate directly with the web node and then send a data

Packet, tell client, then all packets accessing 200.0.0.254 can be sent directly to that web node, so that

All subsequent access requests will be sent directly to a web node without going through the scheduler, which must not be possible.

As a result, the effect of load balancing can not be achieved. So you need to turn off the ICMP redirect parameter response of the Linux kernel.

The configuration process is as follows:

1. Configure the load scheduler (configure the IP address except VIP in the environment by yourself):

1. Configure virtual IP address (VIP)

[root@LVS network-scripts] # cp ifcfg-ens33 ifcfg-ens33:0 # configure VIP [root@LVS network-scripts] # vim ifcfg-ens33:0 # change the following configuration items. IPADDR = 200.0.0.254NETMASK=255.255.255.0 # must write subnet mask information NAME=ens33:0 # Note Change the name of the network card DEVICE=ens33:0ONBOOT=yes [root@LVS network-scripts] # systemctl restart network # restart the network card to make the change take effect [root@LVS network-scripts] # ifconfig # query whether the relevant IP is configured correctly ens33: flags=4163 mtu 1500 inet 200.0.0.1 netmask 255.255.255.0 broadcast 200.0.0.255 inet6 fe80::2e1e:d068:9c41:c688 prefixlen 64 scopeid 0x20 .. ens33:0: flags=4163 mtu 1500 inet 200.0.0.254 netmask 255.255.255.0 broadcast 200.0.0.255 ether 00:0c:29:77:2c:03 txqueuelen 1000 (Ethernet)

2. Adjust the corresponding parameters of / proc:

[root@LVS ~] # vim / etc/sysctl.conf # write the following three lines .net.ipv4.conf.all.send _ redirects = 0net.ipv4.conf.default.send_redirects = 0net.ipv4.conf.ens33.send_redirects = 0 [root@LVS ~] # sysctl-p # refresh the configuration net.ipv4.conf.all .send _ redirects = 0net.ipv4.conf.default.send_redirects = 0net.ipv4.conf.ens33.send_redirects = 0

3. Configure load distribution policy:

[root@LVS ~] # modprobe ip_vs # load ip_vs module [root@LVS ~] # yum-y install ipvsadm # install ipvsadm tool [root@LVS ~] # ipvsadm-C # clear the original policy [root@LVS ~] # ipvsadm-A-t 200.0.254ip_vs 80-s rr # configure cluster VIP and add related node [root@LVS ~] # ipvsadm- A-t 200.0.0.254root@LVS 80-r 200.0.0.2root@LVS 80-g-w 1 [root@LVS ~] # ipvsadm- a-t 200.0.254purl 80-r 200.0.0.3purl 80-g-w 1 [root@LVS ~] # ipvsadm-save # Preservation Strategy [root@LVS ~] # ipvsadm-save > / etc/sysconfig/ipvsadm # introduction [root@LVS ~] # ipvsadm-ln # confirm the current policy of the cluster IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags-> RemoteAddress:Port Forward Weight ActiveConn InActConnTCP 200.0.254ln 80 rr-> 200.0.0.2purl 80 Route 100-> 200.0.0.3 ln 80 Route 1 0 0

2. Configure web node server:

The VIP address of the web node server is used only to send the source address of the web response packet, and there is no need to listen to the client's access request (listened for and distributed by the scheduler). Therefore, the virtual interface lo:0 is used to carry the VIP address and a routing record is added to limit the packets accessing the VIP to local.

1. Configure virtual IP address (VIP):

[root@web1 ~] # cd / etc/sysconfig/network-scripts/ [root@web1 network-scripts] # cp ifcfg-lo ifcfg-lo:0 [root@web1 network-scripts] # vim ifcfg-lo:0 # edit the file, keep only the following four lines, and configure VIPDEVICE=lo:0IPADDR=200.0.0.254NETMASK=255.255.255.255 # Note: the subnet mask must be all 1. That's four 255. ONBOOT=yes [root@LVS network-scripts] # systemctl restart network # restart the Nic to make the changes take effect [root@LVS network-scripts] # ifconfig # query whether the VIP is configured correctly. Lo:0: flags=73 mtu 65536 inet 200.0.0.254 netmask 255.255.255.255 loop Txqueuelen 1000 (Local Loopback) [root@web1 ~] # route add-host 200.0.0.254 dev lo:0 # add VIP local access routing record [root@web1 ~] # vim / etc/rc.local # set up to automatically add this routing record. . / sbin/route add-host 200.0.0.254 dev lo:0

2. Adjust / proc response parameters:

[root@web1 ~] # vim / etc/sysctl.conf # adjust / proc response parameters Write the following six lines .net.ipv4.conf.all.arp _ ignore = 1net.ipv4.conf.all.arp_announce = 2net.ipv4.conf.default.arp_ignore = 1net.ipv4.conf.default.arp_announce = 2net.ipv4.conf.lo.arp_ignore = 1net.ipv4.conf.lo.arp_announce = 2 [root@web1 ~] # sysctl-p # refresh net.ipv4.conf.all.arp_ignore = 1net.ipv4.conf.all.arp_announce = 2net.ipv4.conf.default.arp_ignore = 1net.ipv4.conf.default.arp_announce = 2net.ipv4.conf.lo.arp_ignore = 1net.ipv4.conf.lo.arp_announce = 2

3. Install and start the httpd service (you can choose whether to build Nginx or apache according to your needs):

[root@web1 ~] # yum-y install httpd # install the http service [root@web1 ~] # echo 11111111111 > / var/www/html/index.html # prepare the test web page, and then mount the shared storage device after seeing the effect of load balancer. [root@web1 ~] # systemctl start httpd # start the http service [root@web1 ~] # systemctl enable httpd # set to boot

Repeat the above three steps to configure other web node servers (here I changed the home file of another web node to: 2222222222222222).

3. Client accesses VIP to test the LVS cluster:

If you visit the same page, if you eliminate configuration errors, you can open multiple pages, or refresh them later, because it may have a time to stay connected, so there will be delays.

4. Configure NFS shared storage:

After testing the clustering effect, you need to deploy shared storage so that all web nodes can provide the same web page file to the client. The specific configuration process has been written at the end of this blog post: detailed description of Centos 7 load balancing configuration based on NAT (address translation) mode.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.