zoukankan      html  css  js  c++  java
  • Linux 之集群 LVS

    查看系统是否支持IPVS功能

    [root@nginx ~]# grep -i 'ipvs' /boot/config-2.6.18-308.el5 
    # IPVS transport protocol load balancing support
    # IPVS scheduler
    # IPVS application helper
    [root@nginx ~]# grep -i 'vs' /boot/config-2.6.18-308.el5 
    # CONFIG_X86_VSMP is not set
    CONFIG_IP_VS=m
    # CONFIG_IP_VS_DEBUG is not set
    CONFIG_IP_VS_TAB_BITS=12
    # IPVS transport protocol load balancing support
    CONFIG_IP_VS_PROTO_TCP=y
    CONFIG_IP_VS_PROTO_UDP=y
    CONFIG_IP_VS_PROTO_ESP=y
    CONFIG_IP_VS_PROTO_AH=y
    # IPVS scheduler
    CONFIG_IP_VS_RR=m
    CONFIG_IP_VS_WRR=m
    CONFIG_IP_VS_LC=m
    CONFIG_IP_VS_WLC=m
    CONFIG_IP_VS_LBLC=m
    CONFIG_IP_VS_LBLCR=m
    CONFIG_IP_VS_DH=m
    CONFIG_IP_VS_SH=m
    CONFIG_IP_VS_SED=m
    CONFIG_IP_VS_NQ=m
    # IPVS application helper
    CONFIG_IP_VS_FTP=m
    CONFIG_SCSI_MVSAS=m
    CONFIG_MOUSE_VSXXXAA=m
    CONFIG_MAX_RAW_DEVS=8192

    安装ipvsadm

    [root@nginx yum.repos.d]# yum install ipvsadm
    Loaded plugins: katello, product-id, security, subscription-manager
    Updating certificate-based repositories.
    Unable to read consumer identity
    Setting up Install Process
    Resolving Dependencies
    --> Running transaction check
    ---> Package ipvsadm.x86_64 0:1.24-13.el5 set to be updated
    --> Finished Dependency Resolution
    
    Dependencies Resolved
    
    ===========================================================================================================================================
     Package                         Arch                           Version                              Repository                       Size
    ===========================================================================================================================================
    Installing:
     ipvsadm                         x86_64                         1.24-13.el5                          Cluster                          34 k
    
    Transaction Summary
    ===========================================================================================================================================
    Install       1 Package(s)
    Upgrade       0 Package(s)
    
    Total download size: 34 k
    Is this ok [y/N]: y

    一、配置不带权重的NAT模式 

    配置RealServer的IP,指定路由route add -net 128.0.0.0 netmask 255.255.2550 -gw 128.10.10.7。在RS1和RS2上安装httpd的服务,并在主目录中指定index.html。

    [root@saltstack1 ~]# ifconfig 
    eth1      Link encap:Ethernet  HWaddr 00:50:56:BF:16:DF  
              inet addr:128.10.10.8  Bcast:128.10.10.255  Mask:255.255.255.0
              inet6 addr: fe80::250:56ff:febf:16df/64 Scope:Link
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
              RX packets:15733 errors:0 dropped:0 overruns:0 frame:0
              TX packets:5082 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:1000 
              RX bytes:1404837 (1.3 MiB)  TX bytes:551125 (538.2 KiB)
    
    
    [root@saltstack1 ~]# netstat -rn
    Kernel IP routing table
    Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
    128.10.10.0     0.0.0.0         255.255.255.0   U         0 0          0 eth1
    169.254.0.0     0.0.0.0         255.255.0.0     U         0 0          0 eth1
    0.0.0.0         128.10.10.7     0.0.0.0         UG        0 0          0 eth1

    在Director上配置管理集群服务和RealServer。

    [root@nginx ~]# ipvsadm -A -t 192.168.144.44:80 -s rr
    [root@nginx ~]# ipvsadm -a -t 192.168.144.44:80 -r 128.10.10.8 -m 
    [root@nginx ~]# ipvsadm -a -t 192.168.144.44:80 -r 128.10.10.9 -m 
    [root@nginx ~]# ipvsadm -L -n

    配置完成即可访问页面,可以在另一台机器上利用ab访问Director。

    [root@redhat5 ~]# ab -n 1000 -c 100 http://192.168.144.44/index.html
    This is ApacheBench, Version 2.0.40-dev <$Revision: 1.146 $> apache-2.0
    Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/
    Copyright 2006 The Apache Software Foundation, http://www.apache.org/
    
    Benchmarking 192.168.144.44 (be patient)
    Completed 100 requests
    Completed 200 requests
    Completed 300 requests
    Completed 400 requests
    Completed 500 requests
    Completed 600 requests
    Completed 700 requests
    Completed 800 requests
    Completed 900 requests
    Finished 1000 requests
    
    
    Server Software:        Apache/2.2.3
    Server Hostname:        192.168.144.44
    Server Port:            80
    
    Document Path:          /index.html
    Document Length:        19 bytes
    
    Concurrency Level:      100
    Time taken for tests:   0.164052 seconds
    Complete requests:      1000
    Failed requests:        0
    Write errors:           0
    Total transferred:      287000 bytes
    HTML transferred:       19000 bytes
    Requests per second:    6095.63 [#/sec] (mean)
    Time per request:       16.405 [ms] (mean)
    Time per request:       0.164 [ms] (mean, across all concurrent requests)
    Transfer rate:          1706.78 [Kbytes/sec] received
    
    Connection Times (ms)
                  min  mean[+/-sd] median   max
    Connect:        0    0   0.9      1       3
    Processing:     2    7   1.7      7      12
    Waiting:        1    6   1.5      6      11
    Total:          3    8   1.6      8      14
    WARNING: The median and mean for the initial connection time are not within a normal deviation
            These results are probably not that reliable.
    
    Percentage of the requests served within a certain time (ms)
      50%      8
      66%      9
      75%      9
      80%     10
      90%     10
      95%     11
      98%     11
      99%     12
     100%     14 (longest request)

    查看LB的结果:

    [root@nginx conf]# ipvsadm -L -n --stats
    IP Virtual Server version 1.2.1 (size=4096)
    Prot LocalAddress:Port               Conns   InPkts  OutPkts  InBytes OutBytes
      -> RemoteAddress:Port
    TCP  192.168.144.44:80                2153    10768    10714   829842  1180968
      -> 128.10.10.9:80                   1077     5388     5350   415182   590281
      -> 128.10.10.8:80                   1076     5380     5364   414660   590687

     二、配置带权重的NAT模式 

    在Director上修改配置

    [root@nginx conf]# ipvsadm -E -t 192.168.144.44:80 -s wrr
    [root@nginx conf]# ipvsadm -e -t 192.168.144.44:80 -r 128.10.10.8 -m -w 1
    [root@nginx conf]# ipvsadm -e -t 192.168.144.44:80 -r 128.10.10.9 -m -w 3

    利用ab测试

    [root@redhat5 ~]# ab -n 10000 -c 1000 http://192.168.144.44/index.html
    This is ApacheBench, Version 2.0.40-dev <$Revision: 1.146 $> apache-2.0
    Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/
    Copyright 2006 The Apache Software Foundation, http://www.apache.org/
    
    Benchmarking 192.168.144.44 (be patient)
    Completed 1000 requests
    Completed 2000 requests
    Completed 3000 requests
    Completed 4000 requests
    Completed 5000 requests
    Completed 6000 requests
    Completed 7000 requests
    Completed 8000 requests
    Completed 9000 requests
    Finished 10000 requests
    
    
    Server Software:        Apache/2.2.3
    Server Hostname:        192.168.144.44
    Server Port:            80
    
    Document Path:          /index.html
    Document Length:        19 bytes
    
    Concurrency Level:      1000
    Time taken for tests:   3.244388 seconds
    Complete requests:      10000
    Failed requests:        0
    Write errors:           0
    Total transferred:      2870000 bytes
    HTML transferred:       190000 bytes
    Requests per second:    3082.25 [#/sec] (mean)
    Time per request:       324.439 [ms] (mean)
    Time per request:       0.324 [ms] (mean, across all concurrent requests)
    Transfer rate:          863.65 [Kbytes/sec] received
    
    Connection Times (ms)
                  min  mean[+/-sd] median   max
    Connect:        0   30 290.9      0    3001
    Processing:     0  112 437.9     21    3047
    Waiting:        0  111 437.9     21    3046
    Total:          0  143 524.1     22    3079
    
    Percentage of the requests served within a certain time (ms)
      50%     22
      66%     23
      75%     23
      80%     24
      90%     54
      95%    656
      98%   3003
      99%   3056
     100%   3079 (longest request)

    查看IPVS结果:

    [root@nginx conf]# ipvsadm -L -n --stats
    IP Virtual Server version 1.2.1 (size=4096)
    Prot LocalAddress:Port               Conns   InPkts  OutPkts  InBytes OutBytes
      -> RemoteAddress:Port
    TCP  192.168.144.44:80               15622    79622    76600  6055987  8484211
      -> 128.10.10.9:80                  11179    57362    54470  4394656  6034844
      -> 128.10.10.8:80                   4443    22260    22130  1661331  2449367

     三、配置DR模型,规划如下:

    DIP:192.168.144.44
    VIP:192.168.144.45
    
    RS1:192.168.144.49
    RS2:192.168.144.50

    首先在RS上配置IP和路由,因为每台RS上都需要配置VIP,因此需要设置参数arp_ignore和arp_announce,这两个参数的含义如下:

    arp_ignore:接收到ARP请求时的响应级别
        0:只要本地配置有相应地址就会响应
        1:仅仅在目标IP是本地地址并且配置在请求进来的接口上时才进行响应
    arp_announce:将自己地址向外通告时的通告级别
        0:将本机上的任何接口的任何地址向外通告;
        1:试图仅向目标网络通告与其网络匹配的地址;
        2:仅向与本地接口上地址匹配的网络进行通告;
    
    #echo 1 > /proc/sys/net/ipv4/conf/eth0/arp_ignore 
    #echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore 
    #echo 2 > /proc/sys/net/ipv4/conf/eth0/arp_announce 
    #echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce 

    配置好这两个参数之后才可以进行IP和路由的配置(如果RS上的VIP和CIP不在同一网段,那么必须通过路由出去)

    # ifconfig lo:0 192.168.144.45 netmask 255.255.255.255 broadcast 192.168.144.45 up
    # route add -host 192.168.144.45 dev lo:0

    最后在Director的服务器上配置虚拟IP和路由:

    # ifconfig eth0:0 192.168.144.45/24.
    # route add -host 192.168.144.45 dev eth0:0

    然后在Director上设置IPVS的管理集群服务:

    ipvsadm -A -t 192.168.144.45:80 -s rr
    ipvsadm -a -t 192.168.144.45:80 -r 192.168.144.49 -g -w 5
    ipvsadm -a -t 192.168.144.45:80 -r 192.168.144.50 -g -w 1

    LVS持久连接:
    无论使用什么算法,LVS持久连接都能实现在一定时间内,将来自同一客户端请求派发至此前选定的RS。

    持久连接模板(内存缓冲区):
    每一个客户端以及分配给它的RS的映射关系

    ipvsadm -A|E ...-p timeout:
    timeout:默认300s

    PPC:将来自同一个客户端对同一个集群服务的请求始终定向至此前选定的RS,持久端口连接。
    PCC:将来自同一个客户端对所有端口的请求,始终定向至此前选定的RS,持久客户端连接。
    PNMPP:持久防火墙标记连接

    iptables -t mangle -A PREROUTING -d $VIP -p tcp --dport $ClusterPORT -i $INCARD -j MARK --set-mark $VALUE

  • 相关阅读:
    页面监控容器实现记录
    负载均衡基础理论
    asp.net部署时加密config文件
    还原bak到localdb的问题:The logical database file cannot be found ldf
    Could not load file or assembly 'System.Data.SQLite ... 试图加载格式不正确的程序
    Window vista 以上制作自定义证书并为端口配置ssl
    1-6、算法设计常用思想之迭代法
    1-5、算法设计常用思想之穷举法
    1-4、算法设计常用思想之动态规划法
    游戏开发-cocos creator踩坑-bind(this)导致的事件监听off不掉
  • 原文地址:https://www.cnblogs.com/python-study/p/6169097.html
Copyright © 2011-2022 走看看