The basic method of using ipvsadm to configure LVS Cluster in Linux

Time:2020-11-28

LVS cluster has three configuration modes: Dr, Tun and NAT, which can balance the load of WWW service, FTP service and mail service. The following describes the LVS cluster configuration based on Dr mode by building a load balancing example of WWW service.
  1、 Configuration of director server
There are two methods to configure LVS load balancing cluster on director server
A. configure through the ipvsadm command line
B. configure LVS through piranha, a tool provided by RedHat
Configuring LVS through ipvsadm command line
After installing IPVS, you can configure the LVS cluster. First, bind a virtual IP (also known as VIP) on the director server to provide external services. Execute the following command:

Copy code

The code is as follows:

  [[email protected] ~]#ifconfig eth0:0 192.168.60.200 broadcast 192.168.60.200 netmask 255.255.255.255 up

Here, a virtual device eth0:0 is bound to the eth0 device, and a virtual IP is set to 192.168.60.200, which is the IP address planned by us. Then, the broadcast address is also 192.168.60.200. It should be noted that the subnet mask here is 255.255.255.255.
Then assign a route to the device eth0:0 and execute the following instructions:

Copy code

The code is as follows:

  [[email protected] ~]#route add -host 192.168.60.200 dev eth0:0

Then, the packet forwarding function of the system is enabled, so that the system acts as a router and executes the following instructions:

Copy code

The code is as follows:

  [[email protected] ~]#echo “1” >/proc/sys/net/ipv4/ip_forward

In the instruction, IP forwarding is enabled when the parameter value is 1, and prohibited when it is 0. In fact, it is not necessary to enable the packet forwarding function of the system in Dr mode, but it is necessary in NAT mode.
Then start to configure IPVS and do the following:

Copy code

The code is as follows:

  [[email protected] ~]#ipvsadm -C
  [[email protected] ~]#ipvsadm -A -t 192.168.60.200:80 -s rr -p 600
  [[email protected] ~]#ipvsadm -a -t 192.168.60.200:80 -r 192.168.60.132:80 -g
  [[email protected] ~]#ipvsadm -a -t 192.168.60.200:80 -r 192.168.60.144:80 -g

In the above operation, the first line is to clear all records in the kernel virtual server list, and the second line is to add a new virtual IP record. The new IP address is 192.168.60.200 with a specified duration of 600 seconds. The third and fourth lines add two new real server records to the newly added virtual IP record, and specify that the working mode of LVS is direct routing mode.
Finally, start the LVS service and perform the following operations:

Copy code

The code is as follows:

  [[email protected] ~]#ipvsadm

In this way, LVS configuration on director server is completed.
For the convenience of management and configuration, you can write a script file for the above operations. The script content is as follows:

Copy code

The code is as follows:

  #!/bin/bash
  VIP=192.168.60.200
  RIP1=192.168.60.132
  RIP2=192.168.60.144
  GW=192.168.60.1
  # set the Virtual IP Address
  /sbin/ifconfig eth0:0 $VIP broadcast $VIP netmask 255.255.255.255 up
  /sbin/route add -host $VIP dev eth0:0
  echo “1” >/proc/sys/net/ipv4/ip_forward
  #Clear IPVS table
  /sbin/ipvsadm -C
  #set LVS
  /sbin/ipvsadm -A -t $VIP:80 -s rr -p 600
  /sbin/ipvsadm -a -t $VIP:80 -r $RIP1:80 -g
  /sbin/ipvsadm -a -t $VIP:80 -r $RIP2:80 -g
  #Run LVS
  /sbin/ipvsadm
  #end

It can also be written as a service script that can be started and stopped. The script content is as follows:

Copy code

The code is as follows:

  #!/bin/sh
  # description: Start LVS of Director server
  VIP=192.168.60.200
  RIP1=192.168.60.132
  RIP2=192.168.60.144
  ./etc/rc.d/init.d/functions
  case “$1” in
  start)
  echo ” start LVS of Director Server”
  # set the Virtual IP Address and sysctl parameter
  /sbin/ifconfig eth0:0 $VIP broadcast $VIP netmask 255.255.255.255 up
  echo “1” >/proc/sys/net/ipv4/ip_forward
  #Clear IPVS table
  /sbin/ipvsadm -C
  #set LVS
  /sbin/ipvsadm -A -t $VIP:80 -s rr -p 600
  /sbin/ipvsadm -a -t $VIP:80 -r $RIP1:80 -g
  /sbin/ipvsadm -a -t $VIP:80 -r $RIP2:80 -g
  #Run LVS
  /sbin/ipvsadm
  ;;
  stop)
  echo “close LVS Directorserver”
  echo “0” >/proc/sys/net/ipv4/ip_forward
  /sbin/ipvsadm -C
  /sbin/ifconfig eth0:0 down
  ;;
  *)
  echo “Usage: $0 {start|stop}”
  exit 1
  esac

Name this script as lvsDR file, and then put the file in / etc / init. D, and execute:

Copy code

The code is as follows:

  [[email protected] ~]#chomd 755 /etc/init.d/lvsDR

Finally, the LVS service can be started or stopped by the following command:

Copy code

The code is as follows:

  service lvsDR {start|stop}

At this point, the command-line configuration of director server is complete.
  
2. Configuration of real server
In the DR and Tun mode of LVS, when the user’s access request arrives at the real server, it is directly returned to the user, instead of passing through the front-end director server. Therefore, the user’s access request should be returned to the user directly after it reaches the real server Add a virtual VIP address on the server node so that the data can be directly returned to the user. The operation of adding the VIP address can be realized by creating a script, creating the file / etc / init.d/lvsrs. The script content is as follows:

Copy code

The code is as follows:

  #!/bin/bash
  VIP=192.168.60.200
  /sbin/ifconfig lo:0 $VIP broadcast $VIP netmask 255.255.255.255 up
  /sbin/route add -host $VIP dev lo:0
  echo “1″ >/proc/sys/net/ipv4/conf/lo/arp_ignore
  echo “2″ >/proc/sys/net/ipv4/conf/lo/arp_announce
  echo “1″ >/proc/sys/net/ipv4/conf/all/arp_ignore
  echo “2″ >/proc/sys/net/ipv4/conf/all/arp_announce
  sysctl -p
  #end

This operation is to bind a virtual IP address on the loopback device, and set its subnet mask to 255.255.255.255 to keep interworking with the virtual IP on the director server, and then disable ARP requests from the local machine.

The usage and format of the PS: ipvsadm command are as follows:
ipvsadm -A|E -t|u|f virutal-service-address:port [-s scheduler] [-p [timeout]] [-M netmask]
ipvsadm -D -t|u|f virtual-service-address
ipvsadm -C
ipvsadm -R
ipvsadm -S [-n]
ipvsadm -a|e -t|u|f service-address:port -r real-server-address:port
[-g|i|m] [-w weight]
ipvsadm -d -t|u|f service-address -r server-address
ipvsadm -L|l [options]
ipvsadm -Z [-t|u|f service-address]
ipvsadm –set tcp tcpfin udp
ipvsadm –start-daemon state [–mcast-interface interface]
ipvsadm –stop-daemon
ipvsadm -h
Command options explanation:
There are two command option formats, long and short, that have the same meaning. In practical use, both can be used.
-A — add service adds a new virtual server record to the virtual server table in the kernel. That is to add a new virtual server.
-E — edit service to edit a virtual server record in the kernel virtual server table.
-D — delete service to delete a virtual server record in the kernel virtual server table.
-C — clear clears all records in the kernel virtual server table.
-R — restore restore restore virtual server rule
-S — save saves the virtual server rules and outputs them in a readable format with the – R option
-A — add server adds a new real server record to a record in the kernel virtual server table. That is to add a new real server to a virtual server
-E — edit server edit a real server record in a virtual server record
-D — delete server to delete a real server record in a virtual server record
-L- L — list displays the kernel virtual server table
-Z — zero virtual service table counter is cleared (clear the current number of connections, etc.)
–Set TCP tcpfin UDP set connection timeout value
–Start day starts the synchronization daemons. It can be followed by master or backup to indicate whether LVS router is master or backup. The VRRP function of keepalived can also be used in this function.
–Stop daemon stops the synchronization daemons
-H — help displays help information
Other options:
-T — TCP service service address indicates that the virtual server provides TCP services[ vip:port ] or [real-server-ip:port]
-U — UDP service service service address indicates that the virtual server provides UDP services[ vip:port ] or [real-server-ip:port]
-F — fwmark service fwmark indicates the service type marked by iptables.
-S — the scheduling algorithm used by the scheduler. There are several options: RR | WRR | LC | WLC | lblc | lblcr | DH | sed | NQ. The default scheduling algorithm is WLC
-P — persistent [timeout] persistent service. This option means that multiple requests from the same client will be processed by the same real server. The default value for timeout is 300 seconds.
-M –netmask netmask persistent granularity mask
-R — real server server address- Server:port ]
-G — gateway specifies that the working mode of LVS is direct routing mode (also the default mode of LVS)
-I — ipip specifies that the working mode of LVS is tunnel mode
-M — masquerading specifies that the operating mode of LVS is NAT mode
-W — weight weight weight of real server
–Mcast interface interface specifies the synchronization interface of multicast
-C — connection displays the current connection of LVS, such as ipvsadm – L – C
–Timeout displays the timeout value of TCP tcpfin UDP, such as ipvsadm – L — timeout
–The daemon shows the status of the synchronization daemons
–Stats displays statistics
–Rate displays the rate information
–Sort sorts the output of the virtual server and the real server
–Numeric – N outputs the digital form of IP address and port