Shulou(Shulou.com)06/03 Report--

The following brings you how LVS+Keepalived should achieve high-availability load balancing, hoping to give you some help in practical application. Load balancing involves more things, there are not many theories, and there are many books on the Internet. Today, we will use the accumulated experience in the industry to do an answer.

To achieve high availability load balancing with LVS+Keepalived, simply speaking, LVS provides load balancing. Keepalived achieves high availability by checking the health of rs and automatically switching between master and slave machines (director).

1. LVS NAT mode configuration

Prepare three CVMs, one director and two real server

Dr1: public network ip 192.168.75.130, private network ip 10.1.1.10

Two real server sets

Rs1: private network ip 10.1.1.11

Rs2: private network ip 10.1.1.12

The intranet gateways of two real server are set to dr1's intranet ip 10.1.1.10

Install apache or nginx on both real server (for detailed installation method, please refer to the previous LAMP environment)

Install ipvsadm on dr1

Yum install-y ipvsadm

Vi / usr/local/sbin/lvs_nat.sh

Increase

#! / bin/bash

# enable route forwarding on the director server:

Echo 1 > / proc/sys/net/ipv4/ip_forward

# turn off the redirection of icmp

Echo 0 > / proc/sys/net/ipv4/conf/all/send_redirects

Echo 0 > / proc/sys/net/ipv4/conf/default/send_redirects

Echo 0 > / proc/sys/net/ipv4/conf/eth0/send_redirects

Echo 0 > / proc/sys/net/ipv4/conf/eth3/send_redirects

# director set nat Firewall

Iptables-t nat-F

Iptables-t nat-X

Iptables-t nat-A POSTROUTING-s 10.1.1.0 Universe 24-j MASQUERADE

# director sets ipvsadm

IPVSADM='/sbin/ipvsadm'

$IPVSADM-C

$IPVSADM-A-t 192.168.75.130 80-s wrr

$IPVSADM-a-t 192.168.75.130 virtual 80-r 10.1.1.11 virtual 80-m-w 1

$IPVSADM-a-t 192.168.75.130 virtual 80-r 10.1.1.12 virtual 80-m-w 1

Run the script

/ bin/bash / usr/local/sbin/lvs_nat.sh

To distinguish between testing the web content on the two machines through a browser, we can modify the default page of apache:

On rs1: echo "This is web1!" > / usr/local/apache2/htdocs/index.html

On rs2: echo "This is web2!" > / usr/local/apache2/htdocs/index.html

Find a computer to test:

[root@local ~] # curl 192.168.75.130

This is web1!

[root@local ~] # curl 192.168.75.130

This is web2!

[root@local ~] # curl 192.168.75.130

This is web1!

[root@local ~] # curl 192.168.75.130

This is web2!

View the current connection on dr1

[root@dr1 ~] # ipvsadm-ln

IP Virtual Server version 1.2.1 (size=4096)

Prot LocalAddress:Port Scheduler Flags

-> RemoteAddress:Port Forward Weight ActiveConn InActConn

TCP 192.168.75.130:80 wrr

-> 10.1.1.11 Masq 80 10 2

-> 10.1.1.12 Masq 80 10 2

2. LVS DR mode configuration

Prepare three servers:

Dr1

Eth0 192.168.75.130

Vip eth0:0: 192.168.75.100

Rs1

Eth0 rip: 192.168.75.131

Vip lo:0: 192.168.75.100

Rs2

Eth0 rip: 192.168.75.132

Vip lo:0: 192.168.75.100

Operate on dr1

Vi / usr/local/sbin/lvs_dr.sh

Increase

#! / bin/bash

Echo 1 > / proc/sys/net/ipv4/ip_forward

Ipv=/sbin/ipvsadm

Vip=192.168.75.100

Rs1=192.168.75.131

Rs2=192.168.31.132

Ifconfig eth0:0$ vip broadcast $vip netmask 255.255.255.255 up

Route add-host $vip dev eth0:0

$ipv-C

$ipv-A-t $vip:80-s wrr

$ipv-a-t $vip:80-r $rs1:80-g-w 1

$ipv-a-t $vip:80-r $rs2:80-g-w 1

On the two rs:

Vi / usr/local/sbin/lvs_dr_rs.sh

Increase

#! / bin/bash

Vip=192.168.75.100

Ifconfig lo:0$ vip broadcast $vip netmask 255.255.255.255 up

Route add-host $vip lo:0

Echo "1" > / proc/sys/net/ipv4/conf/lo/arp_ignore

Echo "2" > / proc/sys/net/ipv4/conf/lo/arp_announce

Echo "1" > / proc/sys/net/ipv4/conf/all/arp_ignore

Echo "2" > / proc/sys/net/ipv4/conf/all/arp_announce

Then execute it on dr1

Bash / usr/local/sbin/lvs_dr.sh

Execute on two rs

Bash / usr/local/sbin/lvs_dr_rs.sh

Find a computer to test:

[root@local ~] # curl 192.168.75.100

This is web2!

[root@local ~] # curl 192.168.75.100

This is web1!

[root@local ~] # curl 192.168.75.100

This is web2!

[root@local ~] # curl 192.168.75.100

This is web1!

View the current connection on dr1

[root@dr1 ~] # ipvsadm-ln

IP Virtual Server version 1.2.1 (size=4096)

Prot LocalAddress:Port Scheduler Flags

-> RemoteAddress:Port Forward Weight ActiveConn InActConn

TCP 192.168.75.100:80 wrr

-> 192.168.75.131 Route 80 1 0 2

-> 192.168.75.132 Route 80 1 0 2

3. The main scheduling algorithm of LVS

1: the polling algorithm (RR) is to schedule requests to different servers in turn. The most important feature of this algorithm is that it is easy to implement. The polling algorithm assumes that all servers have the same ability to process requests, and the scheduler distributes all requests equally to each real server.

2: weighted polling algorithm (WRR) is mainly an optimization and supplement to the polling algorithm. LVS will consider the performance of each server and add a weight to each server. If the weight of server An is 1 and the weight of server B is 2, the request dispatched to server B will be twice as much as server A. The higher the weight of the server, the more requests are processed.

3: the minimum connection scheduling algorithm (LC) will schedule requests to the smallest number of servers in a row.

4: the weighted minimum connection algorithm (WLC) gives each server a weight, and the scheduler will try its best to keep the balance between the number of server connections and the weights.

5: the locality-based minimum connection scheduling algorithm (lblc) is a scheduling algorithm for the target IP address of the request packet. The algorithm first finds all the servers used by the nearest target IP address according to the target IP address of the request. If the server is still available and uses the capacity to process the request, the scheduler will try to choose the same server, otherwise it will continue to choose other feasible servers.

6: the complex connection algorithm based on least locality (lblcr) does not stimulate the connection record between a target IP and a server, but maintains a mapping relationship between a target IP and a set of servers to prevent a single point of server from being overcharged.

7: the destination address hash scheduling algorithm (DH) also establishes a mapping relationship between the target IP and the server through the hash function according to the target IP address. If the server is unavailable or the load is too high, the request to the target IP will be sent to the server regularly.

8: the source address hash scheduling algorithm (SH) is similar to the destination address hash scheduling algorithm, but it statically allocates fixed server resources according to the source address hash algorithm.

4. LVS + keepalived to achieve high availability load balancing (DR mode)

The previous lvs has successfully implemented load balancing. What should I do if a real server fails?

At this time, keepalived is used, which can check the health of the back-end server to ensure the high availability of the back-end server; at the same time, keepalived also uses the VRRP protocol to ensure the high availability between the master and slave (Director).

Let's start configuring LVS+keepalived.

Add a backup director (dr2) to the "LVS DR mode configuration" just now

Clear the previous configuration and execute it on dr1

Ipvsadm-C

Ifconfig eth0:0down

Yum install-y keepalived

After installation, edit the configuration file

Vi / etc/keepalived/keepalived.conf

Clear the original text and add the following:

Vrrp_instance VI_1 {

State MASTER # BACKUP on the standby server

Interface eth0

Virtual_router_id 51

90 on priority 100 # standby server

Advert_int 1

Authentication {

Auth_type PASS

Auth_pass 1234

}

Virtual_ipaddress {

192.168.75.100

}

}

Virtual_server 192.168.75.100 80 {

Delay_loop 6 # (query realserver status every 10 seconds)

Lb_algo wlc # (lvs algorithm)

Lb_kind DR # (Direct Route)

Persistence_timeout 60 # (connections to the same IP are assigned to the same realserver within 60 seconds)

Protocol TCP # (check realserver status with TCP protocol)

Real_server 192.168.75.131 80 {

Weight 100 # (weight)

TCP_CHECK {

Connect_timeout 10 # (10 seconds no response timeout)

Nb_get_retry 3

Delay_before_retry 3

Connect_port 80

}

}

Real_server 192.168.75.132 80 {

Weight 100

TCP_CHECK {

Connect_timeout 10

Nb_get_retry 3

Delay_before_retry 3

Connect_port 80

}

}

}

Execute on dr2

Yum install-y keepalived

Yum install-y ipvsadm

Copy the configuration text on dr1

Scp 192.168.75.130:/etc/keepalived/keepalived.conf / etc/keepalived/keepalived.conf

Vi / etc/keepalived/keepalived.conf

From the director configuration file, you only need to modify

State MASTER-> state BACKUP

Priority 100-> priority 90

After configuring keepalived, you need to enable port forwarding (both master and slave):

Echo 1 > / proc/sys/net/ipv4/ip_forward

Then, execute the / usr/local/sbin/lvs_dr_rs.sh script on both rs

Finally, start the keepalived service on the two director, first master and then slave

/ etc/init.d/keepalived start

Note: starting the keepalived service automatically generates vip and ipvsadm rules, eliminating the need to execute the / usr/local/sbin/lvs_dr.sh script mentioned above.

test

Find a computer to test with crul:

[root@local ~] # curl 192.168.75.100

This is web2!

[root@local ~] # curl 192.168.75.100

This is web1!

[root@local ~] # curl 192.168.75.100

This is web2!

[root@local ~] # curl 192.168.75.100

This is web1!

Simulate a failure of the primary director:

Disable the keepalived service on the main director

[root@dr1 ~] # / etc/init.d/keepalived stop

Stop keepalived: [OK]

View the log on the director

[root@dr2] # tail-f / var/log/messages

May 18 12:10:56 dr2 Keepalived_vrrp [1641]: VRRP_Instance (VI_1) Transition to MASTER STATE

May 18 12:10:57 dr2 Keepalived_vrrp [1641]: VRRP_Instance (VI_1) Entering MASTER STATE

May 18 12:10:57 dr2 Keepalived_vrrp [1641]: VRRP_Instance (VI_1) setting protocol VIPs.

May 18 12:10:57 dr2 Keepalived_vrrp [1641]: VRRP_Instance (VI_1) Sending gratuitous ARPs on eth0 for 192.168.75.100

May 18 12:10:57 dr2 Keepalived_healthcheckers [1640]: Netlink reflector reports IP 192.168.75.100 added

May 18 12:11:02 dr2 Keepalived_vrrp [1641]: VRRP_Instance (VI_1) Sending gratuitous ARPs on eth0 for 192.168.75.100

Successfully switched to the slave node

Simulate a real server failure:

Disable the httpd service on rs2

[root@rs2 ~] # / etc/init.d/httpd stop

Find a computer to test with crul

[root@local ~] # curl 192.168.75.100

This is web1!

[root@local ~] # curl 192.168.75.100

This is web1!

[root@local ~] # curl 192.168.75.100

This is web1!

[root@local ~] # curl 192.168.75.100

This is web1!

Only rs1 can access, rs2 has been removed

After reading the above about how LVS+Keepalived should achieve high-availability load balancing, if you have anything else you need to know, you can find out what you are interested in in the industry information or find our professional and technical engineers for answers. Technical engineers have more than ten years of experience in the industry.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.