Shulou(Shulou.com)06/03 Report--

The following brings you the concept of LVS, its components and the three major load balancing technologies of IPVS, hoping to give you some help in practical application. Load balancing involves more things, there are not many theories, and there are many books on the Internet. Today, we will use the accumulated experience in the industry to do an answer.

What is LVS?

Main components of LVS

Three load balancing techniques of IPVS

What is LVS?

In order to meet the requirements of highly scalable and highly available network services, LVS proposes load balancing scheduling solutions based on IP layer and content request distribution, and implements these methods in the Linux kernel, forming a group of cloud servers into a virtual server that implements scalable and highly available network services.

A group of servers are connected to each other through a high-speed local area network and a geographically distributed wide area network, with a load scheduler (Load Balancer) at the front end. The load scheduler can seamlessly schedule network requests to real servers, so that the structure of the server cluster is transparent to customers. Customer access to the network services provided by the cluster system is like visiting a high-performance, high-availability server. The client program is not affected by the server cluster and does not need to be modified. The scalability of the system is achieved by transparently adding and deleting a node in the server cluster, and high availability is achieved by detecting node or service process failures and correctly resetting the system. Because our load scheduling technology is implemented in the Linux kernel, we call it the Linux virtual server (Linux Virtual Server).

The goal of the Linux Virtual Server project is to use cluster technology and Linux operating system to achieve a high-performance, high-availability server with good Scalability, Reliability and Manageability.

At present, the LVS project has provided a Linux Virtual Server framework to implement scalable network services. In the LVS framework, IP virtual server software "IPVS", "kernel Layer-7 switch machine KTCPVS based on content request distribution" and "cluster management software" are provided with three "IP load balancing technologies". LVS framework can be used to achieve highly scalable and highly available network services such as Web, Cache, Mail and Media; on this basis, we can launch e-commerce applications that support a large number of users, high scalability and high availability.

Main components of LVS

1) load scheduler

The English name is "load balancer" or "Director". It is the external front-end machine of the entire cluster, which is responsible for sending customers' requests to a group of servers for execution, and the customers think that the service comes from an IP address (we can call it the virtual IP address VIP).

2) Server pool

"server pool/ Realserver" is a group of servers that actually execute customer requests, such as WEB, MAIL, FTP, and DNS.

3) shared storage

"shared storage", which provides a shared storage area for the server pool, which makes it easy for the server pool to have the same content and provide the same services.

3 IPVS three major load balancing technologies

In the implementation technology of the scheduler, the IP load balancing technology is the most efficient. Among the existing IP load balancing technologies, a group of servers are formed into a high-performance and highly available virtual server through network address translation (Network Address Translation), which we call VS/NAT technology (Virtual Server via Network Address Translation). Most commercial IP load balancing schedulers use this method, such as Cisco's LocalDirector, F5's Big/IP and Alteon's ACEDirector. Based on the analysis of the shortcomings of VS/NAT and the asymmetry of network services, we propose two methods: VS/TUN (Virtual Server via IP Tunneling) to realize virtual server through IP tunnel and VS/DR (Virtual Server via Direct Routing) to implement virtual server through direct routing, which can greatly improve the scalability of the system. Therefore, IPVS software implements these three IP load balancing technologies, and their general principles are as follows

[VS/NAT]

He is the abbreviation of "Virtual Server via Network Address Translation". Through the network address translation, the scheduler rewrites the target address of the request message, and dispatches the request to the real server at the back end according to the preset scheduling algorithm; when the response message of the real server passes through the scheduler, then rewrite the source address of the message, and then return it to the customer to complete the whole load scheduling process. In the VS/NAT way, the Director can also be used as a RealServer. The working schematic diagram of VS/NAT is as follows:

An example is given to illustrate the message address translation process, as shown in the following figure:

Take the web service as an example, the messages accessing the Web service may have the following source and destination addresses:

SOURCE

DEST

200.203.10.5:80

200.203.100.6:80

The scheduler selects a server from the scheduling list, for example, 172.18.14.55 virtual 80. The message will be rewritten to the following address and sent to the selected server.

SOURCE

DEST

200.203.10.5:80

172.18.14.66:80

The response message returned from the server to the scheduler is as follows:

SOURCE

DEST

172.18.14.66:80

200.203.10.5:80

The source address of the response message is rewritten to the address of the virtual service, and then the message is sent to the customer:

SOURCE

DEST

200.203.100.6:80

200.203.10.5:80

In this way, the customer thinks that the correct response is received from the 200.203.100.6 virtual 80 service, without knowing which server is handling the request.

| some key points of VS/NAT |:

RIP and DIP are usually on the same IP network and should use a private network address. If the gateway of RS points to a different network than DIP;, you should make sure that the gateway points to keep the link open.

VS/NAT is the easiest way. All RealServer needs to point their gateway to Director.

Both the request message and the response message must be forwarded through Director, and Director can easily become the bottleneck of the system.

Port mapping is supported and the target PORT of the request message can be modified

VS must be a Linux system, and RS can be any OS system

[VS/TUN]

He is the acronym "Virtual Server via IP Tunneling". IP tunneling (IP tunneling) is a technology that encapsulates one IP message in another IP message, which enables data packets destined for one IP address to be encapsulated and forwarded to another IP address. IP tunneling technology is also known as IP encapsulation technology (IP encapsulation). The structure diagram of VS/TUN is as follows:

IP tunnels are mainly used for mobile hosts and virtual private networks (Virtual Private Network), where tunnels are statically established. There is an IP address at one end of the tunnel and a unique IP address at the other end. Its connection scheduling and management is the same as in "VS/NAT", except that its message forwarding method is different. According to the load of each server, the scheduler dynamically selects a server, encapsulates the request message in another IP message, and then forwards the encapsulated IP message to the selected server. After receiving the message, the server first unencapsulates the message with the original destination address of VIP. The server finds that the VIP address is configured on the local IP tunnel device, so it processes the request, and then returns the response message directly to the customer according to the routing table.

When using NAT technology, because the request and response packets must be rewritten by the scheduler address, when there are more and more customer requests, the processing capacity of the scheduler will become a bottleneck. In order to solve this problem, the scheduler forwards the request message to the real server through the IP tunnel, while the real server returns the response directly to the client, so the scheduler only processes the request message. Since the response of general network service is much larger than the request message, the maximum throughput of the cluster system can be increased by 10 times after adopting VS/TUN technology.

[VS/DR]

VS/DR sends the request to the real server by rewriting the MAC address of the request message, and the real server returns the response directly to the customer. Like VS/TUN technology, VS/DR technology can greatly improve the scalability of cluster system. This method does not have the overhead of IP tunneling, and does not require real servers in the cluster to support IP tunneling protocol, but requires that both the scheduler (Director) and the real server (RealServer) have a network card connected to the same physical network segment. The VIP bound to the RealServer is configured on the network device of the respective Non-ARP, such as lo or tunl, and the VIP address of the Director is visible to the outside, while the VIP of the RealServer is not visible to the outside. The address of a RealServer can be either an internal address or a real address. The structure of VS/DR is as follows:

Details of the working process of VS/DR:

Its connection scheduling and management are the same as those in VS/NAT and VS/TUN, and its packet forwarding method is different, routing the message directly to the target server. In VS/DR, the scheduler dynamically selects a server according to the load of each server, neither modifies nor encapsulates the IP message, but changes the MAC address of the data frame to the MAC address of the selected server, and then sends the modified data frame on the local area network with the server group. Because the MAC address of the data frame is the selected server, the server is sure to receive the data frame from which the IP message can be obtained. When the server discovers that the destination address VIP of the message is on the local network device, the server processes the message and then returns the response message directly to the customer according to the routing table.

Comparison of three load balancing modes of IPVS

1) Virtual Server via NAT

| advantages of VS/NAT |:

The server can run any operating system that supports TCP/IP, it only needs an IP address configured on the scheduler, and the server group can use a private IP address.

| disadvantages of VS/NAT |:

The disadvantage is that its scalability is limited, when the number of server nodes rises to 20:00, the scheduler itself may become a new bottleneck of the system, because in VS/NAT request and response messages need to go through the load scheduler.

For those network services that transmit the IP address or port number in the message data, it is necessary to write the corresponding application module to convert the IP address or port number in the message data. This will bring the workload of implementation, and the overhead of the application module checking packets will reduce the throughput of the system.

2) Virtual Server via IP Tunneling

In the cluster system of VS/TUN, the load scheduler only dispatches the request to different back-end servers, and the back-end server returns the answered data directly to the user. In this way, the load scheduler can handle a large number of requests, it can even schedule more than 100 servers (servers of the same size), and it will not become the bottleneck of the system. Even if the load scheduler has only the full-duplex network card of 100Mbps, the maximum throughput of the whole system can exceed 1Gbps. Therefore, VS/TUN can greatly increase the number of servers scheduled by the load scheduler.

VS/TUN scheduler can schedule hundreds of servers, but it itself will not become the bottleneck of the system, and can be used to build high-performance super servers.

VS/TUN technology requires that all servers support the "IP Tunneling" or "IP Encapsulation" protocols. Currently, VS/TUN 's back-end servers mainly run the Linux operating system, and we have not tested other operating systems. Because "IP Tunneling" is becoming the standard protocol for each operating system, VS/TUN should be suitable for back-end servers running other operating systems.

3) Virtual Server via Direct Routing

Like the VS/TUN method, the VS/DR scheduler only handles client-to-server connections, and response data can be returned directly from a separate network route to the client. This can greatly improve the scalability of the LVS cluster system. Compared with VS/TUN, this method does not have the cost of IP tunnel, but requires that the load scheduler and the actual server have a network card connected to the same physical network segment, the server network device (or device alias) does not respond to ARP, or can redirect the message to the local Socket port.

Summary: advantages and disadvantages of three LVS load balancing techniques

After reading the above about the concept of LVS, its components and the three major load balancing technologies of IPVS, if there is anything else you need to know, you can find out what you are interested in in the industry information or find our professional and technical engineers for answers. Technical engineers have more than ten years of experience in the industry.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.