Shulou(Shulou.com)06/03 Report--

Load balancing Cluster (Load Balance Cluster)

With the goal of improving the responsiveness of the application system, handling as many access requests as possible, and reducing latency, the overall performance of LB with high concurrency and high load (LB) is dependent on the shunting algorithm of the master node.

There are three working modes of cluster load scheduling technology address translation (this article only introduces NAT mode) IP tunnel direct routing NAT mode address translation (Network AddressTranslation) referred to as NAT mode, similar to the private network structure of the firewall, the load scheduler acts as the gateway of all server nodes, that is, as the access entrance of the client, and the access exit server node that each node responds to the client uses the private IP address Located on the same physical network as the load scheduler, the security is better than the other two ways: the first layer of the load balancing architecture, the second layer of the load scheduler (Load Balancer or Director), the third layer of the server pool (Server Pool), and shared storage (Share Storage).

LVS load scheduling algorithm Round Robin (Round Robin)

The received access requests are distributed sequentially to the nodes in the cluster (real servers) to treat each server equally, regardless of the actual number of connections and system load on the server

Weighted polling (Weighted Round Robin) distributes access requests in turn according to the processing capacity of real servers. The scheduler can automatically query the load of each node and dynamically adjust its weight to ensure that servers with strong processing capacity bear more access traffic and minimum connections (Least Connections).

According to the number of connections established by the real server, the access requests received are given priority to the node with the least number of connections.

Weighted least connection (Weighted Least Connections) in the case of large differences in server node performance Nodes with higher weights that can automatically adjust weights for real servers will bear a greater proportion of active connection loads Experimental operating Environment scheduling Server (centos7): external (ens36): 12.0.0.1 Internal (ens33): 192.168.200.1web Server 1 (centos7): 192.168.200.110web Server 2 (centos7): 192.168.200.120 Storage Server (centos7) ): 192.168.200.130client client (win10): 12.0.0.121, Verify that the storage server has installed related services [root@localhost ~] # rpm-Q nfs-utilsnfs-utils-1.3.0-0.48.el7.x86_64 # has installed [root@localhost ~] # rpm-Q rpcbindrpcbind-0.2.0-42.el7.x86_64 # has installed [root@localhost ~] # 2, and verify that httpd services are installed on two web servers respectively If not, Then install the first: [root@localhost ~] # rpm-Q httpd uninstalled package httpd [root@localhost ~] # yum install httpd-y.bat / omit the installation process [root@localhost ~] # second: [root@localhost ~] # rpm-Q httpd does not install the package httpd [root@localhost ~] # yum install httpd-y. / / omit the installation process [root@localhost ~] # 3, Verify that the scheduling server has management tools If not, install [root@localhost ~] # rpm-Q ipvsadm does not install the software package ipvsadm [root@localhost ~] # yum install ipvsadm-y.bat / omit the installation process [root@localhost ~] # 1, configure the scheduling server 1, change the network mode of the configuration server to host only

2. Configure the storage server Fixed IP address [root@localhost ~] # vim / etc/sysconfig/network-scripts/ifcfg-ens33 TYPE=EthernetPROXY_METHOD=noneBROWSER_ONLY=noBOOTPROTO=static # dhcp to staticDEFROUTE=yesIPV4_FAILURE_FATAL=noIPV6INIT=yesIPV6_AUTOCONF=yesIPV6_DEFROUTE=yesIPV6_FAILURE_FATAL=noIPV6_ADDR_GEN_MODE=stable-privacyNAME=ens33UUID=09073596-a7cf-404c-a098-28c3ff58c44bDEVICE=ens33ONBOOT=yesIPADDR=192.168.200.130 # IP address NETMASK=255.255.255.0 # Subnet Mask GATEWAY=192.168.200.1 # Gateway [root@localhost ~] # systemctl restart network # restart Network Services [root@ Localhost ~] # ifconfig # View Nic information Ip set successfully ens33: flags=4163 mtu 1500 inet 192.168.200.130 netmask 255.255.255.0 broadcast 192.168.200.255 inet6 fe80::5134:22f5:842b:5201 prefixlen 64 scopeid 0x20 ether 00:0c:29:0d:f1:75 txqueuelen 1000 (Ethernet) RX packets 818 bytes 69866 (68.2 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 319 bytes 44103 (43.0 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 03 、 Turn off the firewall Enable storage sharing service [root@localhost] # systemctl stop firewalld.service # turn off firewall [root@localhost] # setenforce 0 # disable enhanced security function [root@localhost] # [root@localhost ~] # systemctl start nfs.service # enable nfs service [root@localhost ~] # systemctl start rpcbind # enable rpcbind service [root@localhost ~] # 4, modify configuration file / etc/exports [root@localhost ~] # vim / etc/exports/usr/share * (ro Sync) # shared directories for all users Permission system / opt/abc/ 192.168.200.0swap 24 (rw,sync) # shared directory to fixed network segment user, permission to read and write / opt/xyz/ 192.168.200.0x24 (rw,sync) # shared directory to fixed network segment user, permission to read and write 5, create shared directory And grant permission [root@localhost ~] # cd / opt/ [root@localhost opt] # lsrh [root@localhost opt] # mkdir abc xyz # create directory [root@localhost opt] # ll total usage 0drwxr-xr-x. 2 root root 6 November 26 17:33 abcdrwxr-xr-x. 2 root root 6 March 26 2015 rhdrwxr-xr-x. 2 root root 6 November 26 17:33 xyz [root@localhost opt] # chmod 777 abc xyz # Licensing [root@localhost opt] # ll Total usage 0drwxrwxrwx. 2 root root 6 November 26 17:33 abcdrwxr-xr-x. 2 root root 6 March 26 2015 rhdrwxrwxrwx. 2 root root 6 November 26 17:33 xyz [root@localhost opt] # 6, reload configuration [root@localhost opt] # exportfs-rvexporting 192.168.200.0/24:/opt/xyzexporting 192.168.200.0/24:/opt/abcexporting *: / usr/share [root@localhost opt] # II, configuration 1 of web server 1, modify the network mode of web server 1 to host only

2 、 Configure a fixed IP address [root@localhost ~] # vim / etc/sysconfig/network-scripts/ifcfg-ens33TYPE=EthernetPROXY_METHOD=noneBROWSER_ONLY=noBOOTPROTO=static # dhcp to staticDEFROUTE=yesIPV4_FAILURE_FATAL=noIPV6INIT=yesIPV6_AUTOCONF=yesIPV6_DEFROUTE=yesIPV6_FAILURE_FATAL=noIPV6_ADDR_GEN_MODE=stable-privacyNAME=ens33UUID=3ceed540-b04c-48d6-a4f7-79951f09ea1dDEVICE=ens33ONBOOT=yesIPADDR=192.168.200.110 # IP address NETMASK=255.255.255.0 # Subnet Mask GATEWAY=192.168.200.1 # Gateway [root@localhost ~] # systemctl restart network # restart Network Services [root @ localhost ~] # ifconfig # View Nic information Ip set successfully ens33: flags=4163 mtu 1500 inet 192.168.200.110 netmask 255.255.255.0 broadcast 192.168.200.255 inet6 fe80::3e1d:31ba:f66a:6f80 prefixlen 64 scopeid 0x20 ether 00:0c:29:27:1c:3f txqueuelen 1000 (Ethernet) RX packets 12581 bytes 15759224 (15.0 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 6118 bytes 501343 (489.5 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 03 、 Turn off the firewall And enable the http service [root@localhost ~] # systemctl stop firewalld.service # turn off the firewall [root@localhost ~] # setenforce 0 # turn off the enhanced security function [root@localhost ~] # systemctl start httpd.service # enable the http service [root@localhost ~] # netstat-ntap | grep 80 # View port tcp6 0: 80: * LISTEN 50076/httpd [root@localhost ~] # 4, View NFS service sharing information [root@localhost ~] # showmount-e 192.168.200.130Export list for 192.168.200.130:/usr/share * / opt/xyz 192.168.200.0/24/opt/abc 192.168.200.0Accord 24 [root@localhost ~] # 5, mount the shared directory where NFS is mounted And check whether the mount is successful [root@localhost ~] # mount.nfs 192.168.200.130:/opt/abc / var/www/html/ # mount [root@localhost ~] # df-h # View mount information file system capacity available available mount point / dev/sda2 20g 3.4G 17G 17g 17% / devtmpfs 898M 0898M 0% / devtmpfs 912M 0912m 0% / dev/shmtmpfs 912M 18M 895m 2% / runtmpfs 912M 0912m 0% / sys/fs/cgroup/dev/sda5 10G 37M 10G 1% / home/dev/sda1 6.0G 174m 5.9G 3% / boottmpfs 183M 4.0K 183M 1% / run/user/42tmpfs 183M 40K 183M 1% / run/user/0192.168.200.130:/opt/abc 20G 3.3G 17G 17% / var/www/html # mount successfully [root@localhost ~] # 6, Create a home file in the mount directory And on the storage server Check whether the file was created successfully web Server 1: [root@localhost ~] # echo "this is abc web" > / var/www/html/index.html # create Home File [root@localhost ~] # Storage Server: [root@localhost opt] # cd abc/ [root@localhost abc] # lsindex.html # successfully created [root@localhost abc] # III. Configuration 1 of web server 2, modify the network mode of web server 2 to host only

2 、 Configure a fixed IP address [root@localhost ~] # vim / etc/sysconfig/network-scripts/ifcfg-ens33 TYPE=EthernetPROXY_METHOD=noneBROWSER_ONLY=noBOOTPROTO=static # change dhcp to staticDEFROUTE=yesIPV4_FAILURE_FATAL=noIPV6INIT=yesIPV6_AUTOCONF=yesIPV6_DEFROUTE=yesIPV6_FAILURE_FATAL=noIPV6_ADDR_GEN_MODE=stable-privacyNAME=ens33UUID=8ecd53ce-afdb-46f8-b7ff-b2f428a3bc8fDEVICE=ens33ONBOOT=yesIPADDR=192.168.200.120 # IP address NETMASK=255.255.255.0 # Subnet Mask GATEWAY=192.168.200.1 # Gateway [root@localhost ~] # systemctl restart network # restart network services [root@localhost ~] # ifconfig # View Nic information Ip set successfully ens33: flags=4163 mtu 1500 inet 192.168.200.120 netmask 255.255.255.0 broadcast 192.168.200.255 inet6 fe80::c776:9d00:618:88f2 prefixlen 64 scopeid 0x20 ether 00:0c:29:eb:34:07 txqueuelen 1000 (Ethernet) RX packets 13713 bytes 15997026 (15.2 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 5590 bytes 452930 (442.3 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 03 、 Turn off the firewall And enable the http service [root@localhost ~] # systemctl stop firewalld.service # turn off the firewall [root@localhost ~] # setenforce 0 # turn off the enhanced security function [root@localhost ~] # systemctl start httpd.service # enable the http service [root@localhost ~] # netstat-ntap | grep 80 # View port tcp6 0: 80: * LISTEN 50572/httpd [root@localhost ~] # 4, View NFS service sharing information [root@localhost ~] # showmount-e 192.168.200.130Export list for 192.168.200.130:/usr/share * / opt/xyz 192.168.200.0/24/opt/abc 192.168.200.0Accord 24 [root@localhost ~] # 5, mount the shared directory where NFS is mounted And check whether the mount is successful [root@localhost ~] # mount.nfs 192.168.200.130:/opt/xyz / var/www/html/ # mount [root@localhost ~] # df-h # View mount information file system capacity available available mount point / dev/sda2 20g 3.4G 17G 17g 17% / devtmpfs 898M 0898M 0% / devtmpfs 912M 0912m 0% / dev/shmtmpfs 912M 18M 895m 2% / runtmpfs 912M 0912m 0% / sys/fs/cgroup/dev/sda5 10G 37M 10G 1% / home/dev/sda1 6.0G 174m 5.9G 3% / boottmpfs 183M 4.0K 183M 1% / run/user/42tmpfs 183M 40K 183M 1% / run/user/0192.168.200.130:/opt/xyz 20G 3.3G 17G 17% / var/www/html # mount successfully [root@localhost ~] # 6, Create a home file in the mount directory And on the storage server Check whether the file was created successfully web Server 2: [root@localhost ~] # echo "this is xyz web" > / var/www/html/index.html # create the home file [root@localhost ~] # Storage Server: [root@localhost abc] # cd.. / xyz/ [root@localhost xyz] # lsindex.html # successfully created [root@localhost xyz] # IV, configuration of the scheduling server, add a network card to the scheduling server Change the network mode of both network cards to host only

2. Modify ens33 Nic configuration file, set fixed IP [root@localhost ~] # vim / etc/sysconfig/network-scripts/ifcfg-ens33TYPE=EthernetPROXY_METHOD=noneBROWSER_ONLY=noBOOTPROTO=static # change dhcp to staticDEFROUTE=yesIPV4_FAILURE_FATAL=noIPV6INIT=yesIPV6_AUTOCONF=yesIPV6_DEFROUTE=yesIPV6_FAILURE_FATAL=noIPV6_ADDR_GEN_MODE=stable-privacyNAME=ens33UUID=c96bc909-188e-ec64-3a96-6a90982b08adDEVICE=ens33ONBOOT=yesIPADDR=192.168.200.1 # IP address NETMASK=255.255.255.0 # Subnet Mask 3, modify ens36 Nic configuration file Set fixed IP [root@localhost ~] # cd / etc/sysconfig/network-scripts/ [root@localhost network-scripts] # cp ifcfg-ens33 ifcfg-ens36 # copy a configuration file of ens33 as ens36 configuration file [root@localhost network-scripts] # vim ifcfg-ens36TYPE=EthernetPROXY_METHOD=noneBROWSER_ONLY=noBOOTPROTO=static # change dhcp to staticDEFROUTE=yesIPV4_FAILURE_FATAL=noIPV6INIT=yesIPV6_AUTOCONF=yesIPV6_DEFROUTE=yesIPV6_FAILURE_FATAL=noIPV6_ADDR_GEN_MODE=stable-privacyNAME=ens36 # ens33 to ens36 And delete UUIDDEVICE=ens36 # ens33 to ens36ONBOOT=yesIPADDR=12.0.0.1 # IP address NETMASK=255.255.255.0 # subnet mask 4, restart the network service Check whether IP configuration is successful [root@localhost network-scripts] # systemctl restart network # restart network service [root@localhost network-scripts] # ifconfig # View network card information ens33: flags=4163 mtu 1500 inet 192.168.200.1 netmask 255.255.255.0 broadcast 192.168.200.255 inet6 fe80::28ad:c7f1:25e8:8708 prefixlen 64 scopeid 0x20 ether 00:0c:29:95:9b:1b txqueuelen 1000 (Ethernet) RX packets 11757 bytes 12899133 RX errors 0 dropped 0 overruns 0 frame 0 TX packets 4731 bytes 325771 (318.1 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0ens36: flags=4163 mtu 1500 inet 12.0.0.1 netmask 255.255.255.0 broadcast 12.0.255 inet6 fe80::10ce:358b:94ed:c4e9 prefixlen 64 scopeid 0x20 ether 00:0c:29:95:9b:25 Txqueuelen 1000 (Ethernet) RX packets 130 bytes 10117 (9.8 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 178bytes 30232 (29.5 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 05, Modify the configuration file / etc/sysctl.conf [root@localhost ~] # vim / etc/sysctl.conf net.ipv4.ip_forward=1 # enable routing function [root@localhost ~] # sysctl-p # reload / etc/sysctl.conf configure net.ipv4.ip_forward=1 [root@localhost ~] # 6, Configure NAT conversion [root@localhost ~] # iptables-t nat-F # clear nat cache [root@localhost ~] # iptables-F # clear rule [root@localhost ~] # iptables-t nat-A POSTROUTING-o ens36-s 192.168.200.0nat 24-j SNAT-- to-source 12.0.0.configuration NAT conversion [root@localhost ~] # 7, Open ipvsadm service [root@localhost ~] # modprobe ip_vs # startup module [root@localhost ~] # cat / proc/net/ip_vs # View service information IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags-> RemoteAddress:Port Forward Weight ActiveConn InActConn [root@localhost ~] # ipvsadm-- save > / etc/sysconfig/ipvsadm # Save service configuration [root@localhost ~] # systemctl start ipvsadm.service # enable service [root@localhost ~] # 8, Add ipvsadm service script And execute [root@localhost ~] # cd / opt/ # switch directory [root@localhost opt] # vim nat.sh # Edit script #! / bin/bashipvsadm-C # clear all records in the kernel virtual server table ipvsadm-A-t 12.0.0.1 vim nat.sh 80-s rr # add a new virtual server ipvsadm-a-t 12.0.0.1 opt/ 80-r 192.168.200.11080- M # add a new real server to the virtual server. Ipvsadm-a-t 12.0.0.1 80-r 192.168.200.120VR 80-m # add a new real server to the virtual server. Ipvsadm # enable service [root@localhost opt] # source nat.sh # execute script IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags-> RemoteAddress:Port Forward Weight ActiveConn InActConnTCP localhost.localdomain:http rr-> 192.168.200.110:http Masq 100-> 192.168.200.120:http Masq 10 0 [root@localhost opt] # ipvsadm related optional meaning:-A: add a new virtual server record to the list of virtual servers in the kernel. That is to add a new virtual server. The virtual server address is uniquely defined by a triple: IP address, port number, and protocol. Virtual servers can also be defined by firewall tags. -C: clears all records in the kernel virtual server table. -a: add a new real server record to a record in the kernel virtual server table. This means adding a new real server to a virtual server. -t: indicates that the virtual server provides tcp services. -s: the algorithm for assigning TCP connections and UDP datagrams to real servers. -m: use camouflage (network access translation or NAT). Rr: polling, the scheduler distributes external requests sequentially to real servers in the cluster through the "polling" scheduling algorithm, which treats each server equally, regardless of the actual number of connections and system load on the server. Wrr: weighted polling, the scheduler schedules access requests according to the different processing capabilities of the real server through the "weighted polling" scheduling algorithm. This ensures that powerful servers handle more access traffic. The scheduler can automatically inquire about the load of the real server and adjust its weight dynamically. Lc: minimum connection. When new jobs arrive, the scheduler selects a real server with less current work and assigns the newly arrived jobs to it. If the real server of the cluster system has similar system performance, the load can be better balanced by using the "minimum connection" scheduling algorithm. Wlc: weighted minimum connection, which assigns more jobs to servers with fewer jobs and higher weights (Ci / Wi). This is the default value. 5. Test load balancing cluster NAT mode 1. Modify win10 host network mode to host-only

2. Modify the IP address of the win10 host

3. Turn off the win10 host firewall

4. Use win10 host to access IP address: 12.0.0.1

5. Refresh the browser again. Due to the polling algorithm, the page goes to another home page.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.