Chuyển đến nội dung chính

Linux Virtual Server

Abstract:

The Linux Virtual Sever Project (LVS) allows load balancing of networked services such as web or mail servers using Layer 4 Switching. It is very fast and allows such services to be scaled to service 10s or 100s of thousands of simultaneous connections. The purpose of this tutorial is demonstrate how to use various features of LVS to load balance Internet services, and how this can made highly avaiable using tools such as such as heartbeat and keepalived. It will also cover many advanced  topics which have been the subject of recent development including maintaining active connections in a highly available environment and using active feedback to better distribute load.

Introduction

The Linux Virtual Server (LVS) implements layers 4 Switching in the Linux Kernel. This allows TCP and UDP sessions to be to load balanced between multiple real server. Thus it provides a way to scale Internet services beyond a single host. HTTP and HTTPS traffic for the world wide web is probably the most common use. Though it can also be used for more or less any service.

LVS itself run on Linux, however it is able to load balance connections from end users running any operating system to real servers running any operating system. As long as the connections use TCP or UDP, LVS can be used.

LVS is very high performance. It is able to handle upwards of 100.000 simultaneous connections. Its is easily able to load balance a saturated 100 Mbit ethernet link using inexpensive commodity hardware. It is also able to load balance 1 Gbit link and beyond using higher-end commodity hardware. 

LVS Basics

This section will cover the basics of how LVS works. How to obtain and install LVS, and how to configure for its main modes of operation. In short it will cover how to set up LVS to load balance TCP and UDP services.

Terminology

Linux Director: Host with Linux and LVS installed which receives packets from end users and forwards them to real servers.

End User: Host that originates a connection.

Real Server: Host that terminates a connection. This will be running some sort of daemon such as Apache.

A single host may be act in more than of the above roles at the same time.

Virtual IP Address (VIP): The IP address assigned to a service that a Linux Director will handle.

Real IP address: The IP address of Real Server.

Layer 4 Switching.


Layer 4 switching works by multiplexing incoming TCP/IP connections and UDP/IP datagrams to real servers. Packets are received by a Linux Director and a decision is made as to which real server to forward the packet to. Once this decision is made subsequent packets to for the same connections will be sent to the same real server. Thus, the integrity of the connection is maintained.

Forwarding Packets.

The Linux Virtual Server has three different ways of forwarding packets: network address translation (NAT), IP-IP encapsulation, and direct routing.
  • Network Address Translation (NAT): A method of manipulating the source and/or destination port and/or address of a packet. The most common use of this is IP masquerading which is often used to enable RFC 1918. private networks to access the Internet. In the context of layer 4 switching, packets are received from end users and the destination port and IP address are changed to that of the chosen real server. Return packets pass through the the linux director at which time the mapping is undone so the end user sees replies from expected source.
  • Direct Routing: Packets from end users are forwarded directly to the real server. The IP packet is not modified, so real servers must be configured to accept traffic for the virtual server's IP address. This can be done using a dummy interface or packet filtering to redirect traffic addressed to the virtual server's  IP address to local port. The real server may send replies directly back to end user. Thus, the linux director does not need to be in the return path.
  • IP-IP Encapsulation: Allows packets addressed to an IP address to be redirected to another address, possibly on a different network. In the context layer 4 switching, the behaviour is very similar to that of direct routing, except that when packets are forwarded they are encapsulated in an IP packet, rather than just manipulating the ethernet frame. The main advance of using tunnelling is that real servers can be on a different networks.

Virtual Services.

On the Linux Director a virtual service is defined by either an IP address, port and protocol or a firewall-mark. A virtual service may optionally have a persistance timeout associated  with it.


Nhãn

Nhãn:

Nhận xét

Đăng nhận xét

Bài đăng phổ biến từ blog này

Load balancing howto: LVS + ldirector + heartbeat 2

Problem A high capacity load balancing solution is needed to address current and future needs to provide highly available and scalable services. Solution Linux Virtual Server (LVS) provides the means of building scalable and high performing virtual cluster server. Heartbeat 2 can be used to feather increase the availability of the virtual services. Limitations Iptables redirection to avoid ARP problems with direct routing load balancing is not covered. Heartbeat 2 SSH STONITH is used without quorumd or pingd. Very limited "tiereaker" capability. Concepts LVS hides real servers behind a virtual IP and load balances the incoming request across all cluster nodes based on a scheduling algorithm. It implements transport-layer load balancing inside the Linux kernel, also called Layer-4 switching. There are 3 types of LVS load balancing: Network Address Translation (NAT) Incoming requests arrive at the virtual IP and are forwarded to the real servers by changing the...
Đăng nhận xét
Đọc thêm

npm, ESLint & Prettier

Tiếp nối bài viết trước mình đã giới thiệu các bạn cách dùng ReactJs chỉ thuần Javascript. Tuy nhiên trong các dự án thực tế người ta không sử dụng cách làm việc đó để tạo nên một sản phẩm chất lượng dễ dàng maintain. Một trong những cái quan trọng hơn cả là làm việc nhóm được với nhiều người. Bạn thử tưởng rằng, trong một project mà mỗi ông thích code một phong cách thì sau một thời gian nó sẽ thành một một mớ hỗn độn :) npm npm là viết tắt của cụm từ Node Package Manager. Nó là một Package Manager cho Nodejs. Ngoài npm thì bạn cũng có thể sử dụng một công cụ khác là yarn . Bạn tưởng tượng rằng có rất nhiều người viết các thư viện open source và đẩy lên Node Registry, bạn có thể dùng npm để kéo các thư viện đó về project của mình. Không chỉ dừng lại ở đó npm cũng có thể sử dụng như một command line tools cũng rất ổn. Để bắt đầu sử dụng npm bạn di chuyển tới thư mục gốc của project adopt-me và chạy lệnh npm init . Nếu bạn chưa cài đặt Node, bạn có thể tải bản mới nhất về cài. Khi...
Đăng nhận xét
Đọc thêm

How to pass "This app hasn't been verified by Google yet" in App Script

Why use App Script? App Script let's you do more with Google, all on a Javascript platform in the cloud. You can use Google Spreadsheet, Google Calendar, Gmail, Google Form ... Problems When you completed your application and need testing how it works. You click on run button After then you get. Oh my god :( Don't worry about it. You can see button Advanced . Please click on it Click Go to Testing (unsafe) --> Allow Done. Happy coding :)
Đăng nhận xét
Đọc thêm