linux集群系列(3)
一、简介1.1. 负载均衡集群:LB (load balancing)
LVS 是linux virtual server 的简写,即linux的虚拟服务器,是一个虚拟的服务器集群系统。ip负载均衡技术是在负载调度器的实现技术中效率最高的,在已有的ip负载均衡技术中,主要通过网络地址转换(即VS/NAT 技术)、由于使用nat技术会使分派器成为瓶颈,所以提出了通过ip隧道实现虚拟服务器(即VS/TUN)和通过直接路由实现虚拟服务器的方法即VS/DR。 VS/NAT、VS/TUN和VS/DR技术是LVS集群中实现的三种IP负载均衡技术。
LVS采用ip负载均衡技术和基于内容的请求分发技术。调度器具有很好的吞吐率,将请求均衡的转移到不同的服务器上执行,且调度器自动屏蔽故障的服务器,从而将一组服务器构成了一个高性能、高可用的虚拟服务器 。整个服务器对客户完全透明,而且无需修改客户端和服务器端的程序,所以有透明性、可伸缩性、高可用性和易管理性优点。
1.2. DR模型:
如下图所,外网用户直接访问Director上的VIP地址,Director将请求分派给real server 进行处理,当realserver处理后不再经过Director,而是直接送至客户端,绕开了Director,使Director不再成为瓶颈。可以有大量的节点,最多可以有100个节点
1.3. LVS调度算法:
当Director收到请求后,需要将请求发送给Real server 进行处理,但是发送哪一台服务器就要按照算法进行分派。
共有十总调度算法:
固定算法4个:按照设置的算法执行,不考虑现实状况
RR:Round-robin 轮循调度算法
WRR:Weighted round-robin 加权的轮循调度算法,权值越大越优先
DH:Destination hashing 目标hash 同一个ip用户的请求都发送给其中的一台固定的realserver
SH:Source hashing 来源hash
当director的前端同时连接有两台或多台路由器或防火墙时,用户通过通过其中一台路由器(或防火墙)将请求发送给director,realserver处理完后将仍然从进入的路由器(或防火墙)的接口出去
动态算法6个:根据Director中的跟踪表,查看每个服务器的active 和inactive 个数进行调整
LC:least-connection :最小连接
查看每个节点的active 和inactive数量,根据active* 256+inactive,哪个结果小,就将请求发送给该服务器
WLC:weighted least-connection 加权的最小连接,
计算方法:(active* 256+inactive)/权值,哪个结果小,就将请求发送给该服务器
SED:最少的期望权值
只考虑active激活的连接,不考虑inactive连接。计算方法:(active+1)*256
NQ:永不排队
若果某个节点未处于活动连接,就将下一个请求发送给该节点进行处理
LBLC:
当director和服务器之间有squid或varnish缓存服务器时,需在director上设置,使请求分别到两台缓存服务器上
LBLCR:在LBLC的基础上,
若其中一部分人不在访问网站,则下面一台缓存服务器将不会有页面缓存,这时候该缓存服务器将会空闲下来。该算法使下面一台缓存服务器自动复制上面一台缓存服务器的网页,用于提供缓存。
二、DR类型手动配制示例
2.1. 实验环境:
VIP=10.109.134.210
DIP=10.109.134.201
RIP1=10.109.134.202
RIP2=10.109.134.203
2.2.Director的配置示例:
# ifconfig eth0:0 10.109.134.210/22
# ifconfig
eth0 Link encap:EthernetHWaddr 00:50:56:B9:0B:B9
inet addr:10.109.134.201Bcast:10.109.135.255Mask:255.255.252.0
eth0:0 Link encap:EthernetHWaddr 00:50:56:B9:0B:B9
inet addr:10.109.134.210Bcast:10.109.135.255Mask:255.255.252.0
UP BROADCAST RUNNING MULTICASTMTU:1500 Metric:1
# route add -host 10.109.134.210 dev eth0:0
2.2.1.测试远程访问网页是否正常:
# curl http://10.109.134.202
test202
# curl http://10.109.134.203
test203
2.2.2.配制LVS
# ipvsadm -C
# ipvsadm -A -t 10.109.134.210:80 -s wlc
# ipvsadm -a -t 10.109.134.210:80 -r 10.109.134.202 -g -w 2
# ipvsadm -a -t 10.109.134.210:80 -r 10.109.134.203 -g -w 1
# ipvsadm -L -n
IPVirtual Server version 1.2.1 (size=4096)
ProtLocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP10.109.134.210:80 wlc
-> 10.109.134.203:80 Route1 0 0
-> 10.109.134.202:80 Local2 0 0
2.3.RealServer1的配置示例:
# ifconfig -a
eth0 Link encap:EthernetHWaddr 00:50:56:B9:76:D1
inet addr:10.109.134.202 Bcast:10.109.135.255 Mask:255.255.252.0
# cd/proc/sys/net/ipv4/conf
# echo 1 > lo/arp_ignore
# echo 1 > all/arp_ignore
# echo 2 > all/arp_announce
# echo 2 > lo/arp_announce
# cat lo/arp_announce
2
# ifconfig lo:0 down
# ifconfig lo:0 10.109.134.210 broadcast 10.109.134.210 netmask255.255.255.255 up
# iptables –F
2.4.RealServer2的配置示例:
# ifconfig -a
eth0 Link encap:EthernetHWaddr 00:50:56:B9:42:5D
inet addr:10.109.134.203Bcast:10.109.135.255Mask:255.255.252.0
# cd /proc/sys/net/ipv4/conf
# echo 1 > lo/arp_ignore
# echo 1 > all/arp_ignore
# echo 2 > all/arp_announce
# echo 2 > lo/arp_announce
# cat lo/arp_announce
2
# ifconfig lo:0 down
# ifconfig lo:0 10.109.134.210 broadcast 10.109.134.210 netmask255.255.255.255 up
# iptables -F
2.5. 实例截图:
三、DR类型服务自动配制示例
3.1. Director的配置脚本:
#!/bin/bash
# lvsDR_dr_Change.sh
# LVS script for VS/DR
# chkconfig: - 90 10
#
. /etc/rc.d/init.d/functions
#
VIP=10.109.134.210
DIP=10.109.134.201
RIP1=10.109.134.202
RIP2=10.109.134.203
PORT=80
RSWEIGHT1=2
RSWEIGHT2=5
#
case "$1" in
start)
/sbin/ifconfig eth0:1 $VIP broadcast $VIP netmask 255.255.255.255 up
/sbin/routeadd -host $VIP dev eth0:0
# Since this is the Director we must be able toforward packets
echo 1 >/proc/sys/net/ipv4/ip_forward
# Clear all iptables rules.
/sbin/iptables -F
# Reset iptables counters.
/sbin/iptables -Z
# Clear all ipvsadm rules/services.
/sbin/ipvsadm-C
# Add an IP virtual service for VIP 192.168.0.219port 80
# In this recipe, we will use the round-robinscheduling method.
# In production, however, you should use a weighted,dynamic scheduling method.
/sbin/ipvsadm-A -t $VIP:80 -s wlc
# Now direct packets for this VIP to
# the real server IP (RIP) inside the cluster
/sbin/ipvsadm-a -t $VIP:80 -r $RIP1 -g -w $RSWEIGHT1
/sbin/ipvsadm-a -t $VIP:80 -r $RIP2 -g -w $RSWEIGHT2
/bin/touch/var/lock/subsys/ipvsadm &> /dev/null
;;
stop)
# Stop forwarding packets
echo 0 >/proc/sys/net/ipv4/ip_forward
# Reset ipvsadm
/sbin/ipvsadm-C
# Bring down the VIP interface
/sbin/ifconfig eth0:0 down
/sbin/routedel $VIP
/bin/rm -f/var/lock/subsys/ipvsadm
echo"ipvs is stopped..."
;;
status)
if [ ! -e/var/lock/subsys/ipvsadm ]; then
echo"ipvsadm is stopped ..."
else
echo"ipvs is running ..."
ipvsadm -L-n
fi
;;
*)
echo"Usage: $0 {start|stop|status}"
;;
esac
3.2. RealServer的配置脚本:
#!/bin/bash
# lvsDR_rs_Change.sh
# Script to start LVS DR real server.
# chkconfig: - 90 10
# description: LVS DR real server
#
. /etc/rc.d/init.d/functions
VIP=10.109.134.210
host=`/bin/hostname`
case "$1" in
start)
# Start LVS-DR real server on this machine.
/sbin/ifconfig lo down
/sbin/ifconfig lo up
echo 1> /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 2> /proc/sys/net/ipv4/conf/lo/arp_announce
echo 1> /proc/sys/net/ipv4/conf/all/arp_ignore
echo 2> /proc/sys/net/ipv4/conf/all/arp_announce
/sbin/ifconfig lo:0 $VIP broadcast $VIP netmask 255.255.255.255 up
/sbin/route add -host $VIP dev lo:0
;;
stop)
# StopLVS-DR real server loopback device(s).
/sbin/ifconfig lo:0 down
echo 0> /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 0> /proc/sys/net/ipv4/conf/lo/arp_announce
echo 0> /proc/sys/net/ipv4/conf/all/arp_ignore
echo 0> /proc/sys/net/ipv4/conf/all/arp_announce
;;
status)
#Status of LVS-DR real server.
islothere=`/sbin/ifconfig lo:0 | grep $VIP`
isrothere=`netstat -rn | grep "lo:0" | grep $VIP`
if [ !"$islothere" -o ! "isrothere" ];then
# Either the route or the lo:0 device
#not found.
echo "LVS-DR real server Stopped."
else
echo "LVS-DR real server Running."
fi
;;
*)
#Invalid entry.
echo "$0: Usage: $0 {start|status|stop}"
exit 1
;;
esac
3.3. 自动识别RS状态的配置脚本:
第一版:
#!/bin/bash
# RShealth_Check.sh
VIP=10.109.134.210
CPORT=80
FAIL_BACK=127.0.0.1
RS=("10.109.134.203" "10.109.134.204")
RSTATUS=("1" "1")
RW=("2" "1")
RPORT=80
TYPE=g
let COUNT=0
add() {
ipvsadm -a -t $VIP:$CPORT -r $1:$RPORT -$TYPE -w $2
[ $? -eq 0 ] && return 0 || return 1
}
del() {
ipvsadm -d -t $VIP:$CPORT -r $1:$RPORT
[ $? -eq 0 ] && return 0 || return 1
}
for I in ${RS
[*]}; do
if ipvsadm -L -n|grep "$I:$RPORT" && > /dev/null; then
RSTATUS[$COUNT]=1
else
RSTATUS[$COUNT]=0
fi
if curl --connect-timeout 1 http://$I &>/dev/null; then
if [ ${RSTATUS[$COUNT]} -eq 0 ]; then
add $I ${RW[$COUNT]}
[ $? -eq 0 ] && RSTATUS[$COUNT]=1
fi
else
if [ ${RSTATUS[$COUNT]} -eq 1 ]; then
del $I
[ $? -eq 0 ] && RSTATUS[$COUNT]=0
fi
fi
let COUNT++
done
自动识别RS状态最终版:
#!/bin/bash
# RShealth_Check.sh
EIGHT=("1" "4")
VIP=10.109.134.210
DIP=10.109.134.201
VPORT=80
RIP=("10.109.134.203" "10.109.134.204")
STATUS=("0" "0")
TYPE=g
let COUNT=0
LOG=/var/log/ipvsmonitor.log
initstats() {
local I
for I in `seq 0 1`;do
if ipvsadm -L -n |grep ${RIP[$I]} &>/dev/null ;then
STATUS[$I]=1
else
STATUS[$I]=0
fi
done
}
add() {
ipvsadm -a -t $VIP:$VPORT -r ${RIP[$1]} -$TYPE -w ${WEIGHT[$1]}
[ $? -eq 0 ] && return 0 || return 1
}
del() {
ipvsadm -d -t $VIP:$VPORT -r ${RIP[$1]}
[ $? -eq 0 ] && return 0 || return 1
}
check() {
if curl --connect-timeout 1 http://$1 &>/dev/null;then
return 0
else
return 1
fi
}
initstats
while :;do
for N in `seq 0 1`;do
if check ${RIP[$N]} ;then
if [ ${STATUS[$N]} -eq 0 ] ;then
add $N && STATUS[$N]=1 && echo "`date +%F-%T` , ${RIP[$N]} is back">>$LOG
fi
else
if [ ${STATUS[$N]} -eq 1 ];then
del $N && STATUS[$N]=0 &&echo "`date +%F-%T`, ${RIP[$N]} is gone" >>$LOG
fi
fi
done
if [ ${STATUS} -eq 0 -a ${STATUS} -eq 0 ] ;then
ipvsadm -a -t $VIP:$VPORT -r $DIP -$TYPE &>/dev/null && echo "`date +%F-%T` , ${RIP[$N]} is back">>$LOG
else
ipvsadm -d -t $VIP:$VPORT -r $DIP &>/dev/null && echo "`date +%F-%T`, ${RIP[$N]} is gone" >>$LOG
fi
#ipvsadm
sleep 5
done
---END---
页:
[1]