Making a loadbalancer with CentOS using Linux Virtual Server
When you are new to all terminology Red Hat is using, it can be challenging to understand what actions to take to create a simple load-balancer with Linux. Here is some information to get you started.
Read more on the CentOS Virtual Server Administration pages.
Terminology:
- piranha This is a package that provides a configuration interface for setting up LVS.
- ipvs The name of the module that allows a load-balancing on Linux.
- ipvsadm A package (and a command) that makes administrating ipvs possible. Be aware, you either user piranha-gui or /etc/sysconfig/ipvsadm to configure ipvs.
- LVS Linux Virtual Server - the project name of all tools used in this document.
- pulse A service (/etc/init.d/pulse) that runs on both active and backup machine and opens a port to make checking possible. piranha-gui configures everything, pulse actually activates all configurations.
- nanny A process started by pulse to monitor the realservers.
- nat Network Address Translation. A common combination with LVS. In case NAT is uses, the loadbalancer/director/LVS accepts traffic on one the VIP and sends traffic to the realservers. Be aware, the current implementation of ipvsadm does not properly use Source NAT, it currently does not rewrite the source address.
- direct routing A method of routing available in LVS. Traffic is received on the VIP, sent through to the realservers. The realservers receive the traffic as if it was sent to the VIP, so the VIP must be configured on the realservers. To avoid arp-caches to register the wrong MAC-address-IP-address combination, a few "tricks" must be done.
- wlc Weighted Least Connections, an algorithm to balance load to realservers.
- VIP Virtual IP. The IP-address the service is configured on.
- RIP Real server IP. The IP-address of a real-server.
- realserver The server providing the actual service. This can be Linux, Windows, whatever.
Here is an overview of a possible setup:
Steps to finish before eternal succes:
Install piranha-gui
# yum install piranha-gui(modify 172.16.0.0/24 to whatever network you are using on the realserver network.)
Configure services
# chkconfig httpd on
# chkconfig piranha-gui on
# chkconfig pulse on
# sed -i 's/net.ipv4.ip_forward = 0/net.ipv4.ip_forward = 1/' /etc/sysctl.conf
# echo "*nat
:PREROUTING ACCEPT [46:3346]
:POSTROUTING ACCEPT [431:32444]
:OUTPUT ACCEPT [431:32534]
-A POSTROUTING -o eth0 -j MASQUERADE
COMMIT
*filter
:INPUT ACCEPT [4186:1094786]
:FORWARD ACCEPT [729:111992]
:OUTPUT ACCEPT [4266:388099]
-A FORWARD -i eth1 -j ACCEPT
COMMIT" > /etc/sysconfig/iptables
# chkconfig iptables on
# sed -i 's/SELINUX=enabled/SELINUX=disabled/' /etc/sysconfig/selinuxConfigure via webinterface
Execute these steps to be able to use the piranha-gui web interface:
# service httpd start
# piranha-passwd
# service piranha-gui start Open a browser and open your servers IP-address, port 3636. URL looks something like this: http://192.168.202.50:3636
Synchronize /etc/sysconfig/ha/lvs.cf
You will need to have the piranha configuration the same on both machines. Here are some hints. Do this on both machines, just switch the IP-address.
# ssh-keygen
# scp .ssh/id_rsa* 192.168.202.110:./.ssh/
# cp .ssh/id_rsa.pub .ssh/authorized_keysNow you should be able to connect to both machines without using a password.
# cat update-lvs.cf
#!/bin/sh
copiedserialno=$(grep serial_no /tmp/lvs.cf | awk '{ print $NF }')
runningserialno=$(grep serial_no /etc/sysconfig/ha/lvs.cf | awk '{ print $NF }')
if [ "$copiedserialno" -gt "$runningserialno" ] ; then
mv /tmp/lvs.cf /etc/sysconfig/ha/lvs.cf
fi
# crontab -l
* * * * * /usr/bin/scp /etc/sysconfig/ha/lvs.cf 192.168.1.46:/tmp > /dev/null
* * * * * /root/update-lvs.cfReboot the server.
To activate all changes, simply reboot the load-balancer.
| About | Consultancy | Articles | Contact |
|
|
|
|
|
| References | Red Hat Certified Architect | By Robert de Bock | Robert de Bock |
| Curriculum Vitae | By Fred Clausen | +31 6 14 39 58 72 | |
| By Nelson Manning | robert@meinit.nl |
Comments
Hi. I like your blog. well
Hi. I like your blog. well done!
Your title is wrong as it
Your title is wrong as it suggest Logical Volume Manager, you meant to use LVS (Linux Virtual Server) as the software you use for the load balancing.
You are right, changed the
You are right, changed the subject mentioning LVM to Linux Virtual Server. Thanks!
iptables command is wrong
iptables command is wrong which you have written. You have given iptables command - iptables -A POSTROUTING -s 192.168.56.0/24 -j MASQUERADE but actual command should be iptables -t nat -A POSTROUTING -s 192.168.56.0/24 -j MASQUERADE but still when i fired netstat -an |grep 80 no port is listing on port 80. However ipvsadm -L -n is showing that lvs is running ok.
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 10.0.2.254:80 wlc persistent 600
-> 192.168.56.103:80 Masq 1 0 0
tcp 0 0 0.0.0.0:880 0.0.0.0:* LISTEN
unix 2 [ ACC ] STREAM LISTENING 10672 /tmp/orbit-root/linc-ae7-0-4a39807f69014
unix 2 [ ACC ] STREAM LISTENING 13773 /tmp/orbit-root/linc-ccf-0-412fc47f80f0c
unix 3 [ ] STREAM CONNECTED 13776 /tmp/orbit-root/linc-ccf-0-412fc47f80f0c
unix 3 [ ] STREAM CONNECTED 10809
unix 3 [ ] STREAM CONNECTED 10724 /tmp/orbit-root/linc-ae7-0-4a39807f69014
unix 3 [ ] STREAM CONNECTED 10580
unix 3 [ ] STREAM CONNECTED 9880
unix 3 [ ] STREAM CONNECTED 9809 @/tmp/dbus-aIoulwaK0U
unix 3 [ ] STREAM CONNECTED 9808
unix 2 [ ] DGRAM 6809
unix 3 [ ] STREAM CONNECTED 6280
Any clue... Regards
Tapan Thapa