introduction:
Linux has a powerful feature in terms of network. You can use Linux architecture Firewall (firewall), IDS (intrusion detection), cache & proxy, large MAIL system,
Even high-end routers, etc., omnipos. This article describes the application and specific implementation of Linux on load balancing. The first half of this article is mainly some instructions and used.
As a brief introduction, the second half is specific implementation, including software installation, configuration, and start. The content of this article is from this experiment, it is inevitable that there is omission, please understand!
The goal of this article:
The goal of this article is to implement a web server group consisting of two Linux Load Balancer (LLB) and three web servers. This server group is like a user.
It is a server. LLB load balancing three web servers. And when the web server fails, the LLB will automatically remove the faulty web server from the server group.
LLB automatically adds the web server to the server group after the fault repair of the web server. One of the two LLBs is the master LLB, one is attached (SLAVE LLB),
After the Master LLB fails, Slave LLB will automatically take over all the work of Master LLB. The system structure is shown in the figure.
Client
________ | __________
| | |
| | |
Master LLB Slave LLB
| | |
| __________________ |
|
Hub
____________ | _______________
| | | | |
| | | | |
WebServer1 WebServer2 WebServer3
Description of theory and a brief introduction to the components used:
The load balancing of us here is to be protracitized by IPvsadm of www.linuxvirtualserver.org project, and cooperate with some other open source software.
Here, we need four components:
· Ipchains
· Ipvsadm, (http://www.linuxvirtualserver.org)
Keepalived, (http://keepalived.sourceforge.net)
Heartbeat, (http://www.linux-ha.org)
Ipchains
Ipchains is a well-known firewall software under Linux, and IPchains controls the data of the accessible Linux in the core of Linux, including filtering and camouflage of packets.
Three standard control packets go to the link: Input, Forward, Output. INPUT is controlled to enter Linux packets. Forward is
Control the route packet, OUTPUT is controlled to the Linux packet. There are many articles about Ipchains on the Internet, used in the core of the 2.4.0 version of Linux.
It is iptable. In our scheme, the role of Ipchains is to handle the user's request data to IPvsAdm, and determine the user's request data by IPvsadm.
Which web server is coming. You can also refer to Ipchains-HOWTO. Not much here.
IPVSADM (www.linuxvirtualser.org)
IPvsadm is maintained by China's young hackers, and he is developing from ipportfw. IPVSADM is implemented in Linux kernel, and his monitoring needs in Linux core
The IP packets to be routed, the IPvsAdm performs the corresponding operation of the packet according to the condition of the user settings. Understanding Ipchains users know that there are three control numbers in Linux kernels.
By the contained chain: INPUT, Forward, Output, IPvsadm is operated on the packet during the Forward process. The role of IPVSADM is to select the appropriate web server for users. LLB has four different rules when selecting a server, which is used to select which server handles the user's request. These four rules are: runk-robin (rr),
Weighted Round-Robin (WRR), Least-Connection (LC), Weighted Least-Connection (WLC). These four rules have their own adaptive environment.
Round-robin:
If your LLB is this algorithm, she will distribute the packet to each server, and he puts all the servers in the equal position, but will not actually go to test.
Considering the differences between servers, such as response time, session number, etc.! For example, there is three servers in ABC, then the order of the LLB distribution packet is ... Abcabcabc .....
The benefits of the Round-Robin algorithm are simple, the occupancy system resources, the disadvantage is that which server has a higher response speed, fewer connections, so he is very suitable
The ability of the server performance.
Weighted Round-Robin
This rule applies to the user expansion system, because this is the performance of the server in the cluster, which is necessary to define a parameter for each server.
This is an algorithm with parametric Round-Robin, the name of the parameter called weighd. You can assign each server based on your server's processing capabilities
Weighted value, the higher the value, the higher its priority, the default value is 1. For example: You have three servers, which are A: 486, B: Pentium, C: Pentium 2, you can assign them
The weighted value is: 1, 2, 3, the order in which the server to process the data packet according to the Weight-Robin algorithm is: CCCBBBA
Round-Robin can be said to be a special case of Weight Round-Robin, which has the same weighted value as all servers.
Least-Connection
This is a dynamic algorithm that will forward the packet based on the current connection number of each server, and the server with the least connection will process the next request. This kind of algorithm can be very good
Allocate various traffic, for burst requests or a large number of requests to make a relatively smooth process, and do not generate the case where the requested data is sent to the same server.
Weighted Least-Connection
This algorithm is an extension of Least-Connection Scheduling, and she assigns a weight value for each server and then according to this value and the current state of each server.
The number of connections is determined by who will process the user's request. You can give an example to explain her working principle:
If there is N server, each server's weight value is Wi (i = 1, 2.. .N), session is CI (i = 1, ... n), all-connection is all servers
SESSION and, both C1 C2 .... CN., Then according to the following algorithm, server J will process the next request:
(CJ / All-Connections) / WJ = min {(CI / ALL-Connections) / Wi} (i = 1, .., N)
It can also be simplified to:
CJ / WJ = min {CI / Wi} (i = 1, .., n)
We can make a comparison of these four algorithms, Round-Robin and Weighted Round-Robin are static methods. For the current state of the server, it is not a good estimate, so the distribution of data is not the most reasonable.
But Round-Robin is the best choice when the server's performance is quite. Least-Connection and Weighted Least-Connection are dynamic methods that can be paired by the server.
The current state makes a relatively reasonable estimate, which can make a relatively optimized selection when balance each server.
Keepalived
Keepalived is a software similar to the Layer3, 4 & 5 exchange mechanism, which is the 3rd floor, 4th and 5th floors, which usually say. KeepaliveD's role is to detect web
The status of the server, if there is a web server crash, or the work has failed, Keepalive is detected and the faulty web server is removed from the system, when the web server
After work is normal, KeepaliveD automatically adds the web server to the server group. All of these work is complete, no artificial interference, it is necessary to work only the Web that repairs the fault
server.
Layer3, 4 & 5 works in the IP layer, TCP layer, and application layer of IP / TCP protocol stack, and the principles are as follows:
Layer3: KeepaliveD uses the way to work in the way, KeepaliveD will send an ICMP packet to the server in the server group.
(I usually use the PING program), if you find that the IP address of a service is not activated, KeePalive reports the server invalidate and remove it from the server group.
A typical example of this is that a server is illegally shut down. The way of the Layer3 is whether it is based on the server's IP address as a standard that the server works normally or not. in the text
This method will be adopted.
Layer4: If you understand the way of Layer3, Layer4 is easy. Layer4 mainly determines whether the server works normally in the status of TCP ports. WEB SERVER service
The port is generally 80. If KeepaliveD detects that the 80 port is not started, Keepalive will remove this server from the server group.
Layer5: Layer5 is working in a specific application layer, complicated than Layer3, Layer4, which is more than the bandwidth of the network. KeepaliveD will be based on the user's
Setting Check that the server program is running normally. If you do not match the user's settings, KeepaliveD will remove the server from the server group.
HEARTBEAT
HeartBeat In the front we briefly explained, the two LLBs can back up each other, this job is completed by HeartBeat. Heartbeat's Chinese is
"Heartbeat detection". Slave LLB uses HeartBeat to detect the current state of Master LLB, when Master LLB cannot work (such as: DOWN)
Slave LLB takes over all the work of Master LLB through HeartBeat, which is completed within 10 seconds, and there is no peek for users.
The HeartBeat contains an IP Take Over (IP Address) function, which is done by ARP spoofing means.
