第110集:负载均衡配置
教学目标
- 理解负载均衡的基本概念和工作原理
- 掌握Nginx负载均衡的安装和配置方法
- 掌握HAProxy负载均衡的安装和配置方法
- 掌握LVS负载均衡的安装和配置方法
- 了解其他负载均衡软件的配置方法
- 能够独立配置和管理负载均衡服务
- 能够排查负载均衡的常见故障
主要知识点
- 负载均衡的概念和工作原理
- Nginx负载均衡的安装和配置
- HAProxy负载均衡的安装和配置
- LVS负载均衡的安装和配置
- 其他负载均衡软件的配置
- 负载均衡的调度算法
- 负载均衡的会话保持
- 负载均衡的健康检查
- 负载均衡的性能优化
- 负载均衡的故障排查
核心知识点讲解
负载均衡的概念和工作原理
负载均衡简介
负载均衡是一种将网络流量或计算任务分配到多个服务器的技术,以提高系统的可用性、可靠性和性能。
负载均衡的作用
- 提高系统可用性:当某个服务器故障时,负载均衡器会自动将流量转移到其他健康的服务器
- 提高系统可靠性:通过多服务器冗余,减少单点故障的风险
- 提高系统性能:将流量分散到多个服务器,减轻单个服务器的负载
- 扩展性:可以根据业务需求灵活添加或移除服务器
- 灵活性:可以根据不同的业务场景选择不同的负载均衡策略
负载均衡的类型
按网络层次分类
- 网络层负载均衡(Layer 4):基于IP地址和端口进行负载均衡,如LVS
- 应用层负载均衡(Layer 7):基于应用层协议进行负载均衡,如Nginx、HAProxy
按部署方式分类
- 硬件负载均衡:专用的负载均衡设备,如F5、Citrix NetScaler
- 软件负载均衡:基于软件实现的负载均衡,如Nginx、HAProxy、LVS
按负载均衡算法分类
- 轮询(Round Robin):按顺序将请求分配给服务器
- 加权轮询(Weighted Round Robin):根据服务器权重分配请求
- 最少连接(Least Connections):将请求分配给当前连接数最少的服务器
- 加权最少连接(Weighted Least Connections):根据服务器权重和连接数分配请求
- IP哈希(IP Hash):根据客户端IP地址进行哈希计算,将同一客户端的请求分配给同一服务器
- URL哈希(URL Hash):根据请求URL进行哈希计算,将同一URL的请求分配给同一服务器
- 响应时间(Response Time):根据服务器响应时间分配请求
负载均衡的工作原理
- 客户端请求:客户端向负载均衡器发送请求
- 负载均衡决策:负载均衡器根据配置的调度算法选择目标服务器
- 转发请求:负载均衡器将请求转发到选定的服务器
- 服务器处理:服务器处理请求并生成响应
- 返回响应:服务器将响应返回给负载均衡器
- 转发响应:负载均衡器将响应转发给客户端
Nginx负载均衡的安装和配置
Nginx简介
Nginx是一种高性能的开源Web服务器和反向代理服务器,也可以作为负载均衡器使用。
Nginx的版本
- Nginx Open Source:开源版本,免费使用
- Nginx Plus:商业版本,提供更多功能和支持
安装Nginx
Ubuntu/Debian
# 安装Nginx
apt update
apt install nginx
# 启动Nginx服务并设置自启
systemctl start nginx
systemctl enable nginx
# 查看Nginx服务状态
systemctl status nginxCentOS/RHEL
# 安装Nginx
yum install nginx
# 启动Nginx服务并设置自启
systemctl start nginx
systemctl enable nginx
# 查看Nginx服务状态
systemctl status nginxArch Linux
# 安装Nginx
pacman -S nginx
# 启动Nginx服务并设置自启
systemctl start nginx
systemctl enable nginx
# 查看Nginx服务状态
systemctl status nginx配置Nginx负载均衡
基本配置
创建负载均衡配置文件:
# Ubuntu/Debian vim /etc/nginx/conf.d/load-balancer.conf # CentOS/RHEL vim /etc/nginx/conf.d/load-balancer.conf # Arch Linux vim /etc/nginx/conf.d/load-balancer.conf添加负载均衡配置:
upstream backend { server backend1:8080; server backend2:8080; server backend3:8080; } server { listen 80; server_name example.com; location / { proxy_pass http://backend; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } }重启Nginx服务:
systemctl restart nginx
调度算法配置
轮询:
upstream backend { server backend1:8080; server backend2:8080; server backend3:8080; }加权轮询:
upstream backend { server backend1:8080 weight=5; server backend2:8080 weight=3; server backend3:8080 weight=2; }IP哈希:
upstream backend { ip_hash; server backend1:8080; server backend2:8080; server backend3:8080; }最少连接:
upstream backend { least_conn; server backend1:8080; server backend2:8080; server backend3:8080; }加权最少连接:
upstream backend { least_conn; server backend1:8080 weight=5; server backend2:8080 weight=3; server backend3:8080 weight=2; }
健康检查配置
添加健康检查配置:
upstream backend { server backend1:8080 max_fails=3 fail_timeout=30s; server backend2:8080 max_fails=3 fail_timeout=30s; server backend3:8080 max_fails=3 fail_timeout=30s; }参数说明:
max_fails:最大失败次数,默认为1fail_timeout:失败超时时间,默认为10秒
会话保持配置
IP哈希:
upstream backend { ip_hash; server backend1:8080; server backend2:8080; server backend3:8080; }Sticky Cookie:
upstream backend { server backend1:8080; server backend2:8080; server backend3:8080; sticky cookie srv_id expires=1h path=/; }
HAProxy负载均衡的安装和配置
HAProxy简介
HAProxy是一种高性能的开源负载均衡器和代理服务器,特别适合处理高流量的Web应用。
HAProxy的版本
- HAProxy 1.x:稳定版本,广泛使用
- HAProxy 2.x:最新版本,提供更多功能
安装HAProxy
Ubuntu/Debian
# 安装HAProxy
apt update
apt install haproxy
# 启动HAProxy服务并设置自启
systemctl start haproxy
systemctl enable haproxy
# 查看HAProxy服务状态
systemctl status haproxyCentOS/RHEL
# 安装HAProxy
yum install haproxy
# 启动HAProxy服务并设置自启
systemctl start haproxy
systemctl enable haproxy
# 查看HAProxy服务状态
systemctl status haproxyArch Linux
# 安装HAProxy
pacman -S haproxy
# 启动HAProxy服务并设置自启
systemctl start haproxy
systemctl enable haproxy
# 查看HAProxy服务状态
systemctl status haproxy配置HAProxy
基本配置
编辑HAProxy配置文件:
# Ubuntu/Debian vim /etc/haproxy/haproxy.cfg # CentOS/RHEL vim /etc/haproxy/haproxy.cfg # Arch Linux vim /etc/haproxy/haproxy.cfg添加负载均衡配置:
global log /dev/log local0 log /dev/log local1 notice chroot /var/lib/haproxy stats socket /run/haproxy/admin.sock mode 660 level admin expose-fd listeners stats timeout 30s user haproxy group haproxy daemon defaults log global mode http option httplog option dontlognull timeout connect 5000 timeout client 50000 timeout server 50000 frontend http_front bind *:80 default_backend http_back backend http_back balance roundrobin server backend1 backend1:8080 check server backend2 backend2:8080 check server backend3 backend3:8080 check重启HAProxy服务:
systemctl restart haproxy
调度算法配置
轮询:
backend http_back balance roundrobin server backend1 backend1:8080 check server backend2 backend2:8080 check server backend3 backend3:8080 check加权轮询:
backend http_back balance roundrobin server backend1 backend1:8080 weight 5 check server backend2 backend2:8080 weight 3 check server backend3 backend3:8080 weight 2 check最少连接:
backend http_back balance leastconn server backend1 backend1:8080 check server backend2 backend2:8080 check server backend3 backend3:8080 check加权最少连接:
backend http_back balance leastconn server backend1 backend1:8080 weight 5 check server backend2 backend2:8080 weight 3 check server backend3 backend3:8080 weight 2 checkIP哈希:
backend http_back balance source server backend1 backend1:8080 check server backend2 backend2:8080 check server backend3 backend3:8080 checkURL哈希:
backend http_back balance url_param server backend1 backend1:8080 check server backend2 backend2:8080 check server backend3 backend3:8080 check
健康检查配置
基本健康检查:
backend http_back balance roundrobin server backend1 backend1:8080 check server backend2 backend2:8080 check server backend3 backend3:8080 check高级健康检查:
backend http_back balance roundrobin server backend1 backend1:8080 check inter 2000 rise 2 fall 3 server backend2 backend2:8080 check inter 2000 rise 2 fall 3 server backend3 backend3:8080 check inter 2000 rise 2 fall 3参数说明:
inter:健康检查间隔时间,单位为毫秒rise:服务器从失败状态恢复到正常状态需要的健康检查成功次数fall:服务器从正常状态变为失败状态需要的健康检查失败次数
会话保持配置
源IP会话保持:
backend http_back balance source server backend1 backend1:8080 check server backend2 backend2:8080 check server backend3 backend3:8080 checkCookie会话保持:
backend http_back balance roundrobin cookie SERVERID insert indirect nocache server backend1 backend1:8080 check cookie server1 server backend2 backend2:8080 check cookie server2 server backend3 backend3:8080 check cookie server3
监控页面配置
添加监控页面配置:
listen stats bind *:9000 mode http stats enable stats uri /stats stats realm Haproxy\ Statistics stats auth admin:admin stats refresh 10s访问监控页面:
- 浏览器访问:http://服务器IP:9000/stats
- 用户名:admin
- 密码:admin
LVS负载均衡的安装和配置
LVS简介
LVS(Linux Virtual Server)是一种基于Linux内核的负载均衡器,由章文嵩博士开发,性能优异,特别适合处理高并发的网络流量。
LVS的组成部分
- IPVS:内核模块,实现负载均衡的核心功能
- IPVSADM:用户空间工具,用于配置和管理IPVS
LVS的工作模式
- NAT模式(Network Address Translation):负载均衡器修改请求和响应的IP地址
- DR模式(Direct Routing):负载均衡器只修改请求的MAC地址,响应直接返回给客户端
- TUN模式(Tunneling):负载均衡器通过IP隧道将请求转发给后端服务器
安装LVS
Ubuntu/Debian
# 安装IPVSADM
apt update
apt install ipvsadm
# 加载IPVS模块
modprobe ip_vs
modprobe ip_vs_rr
modprobe ip_vs_wrr
modprobe ip_vs_lc
modprobe ip_vs_wlc
modprobe ip_vs_sh
modprobe ip_vs_sed
modprobe ip_vs_nq
# 查看IPVS模块
lsmod | grep ip_vsCentOS/RHEL
# 安装IPVSADM
yum install ipvsadm
# 加载IPVS模块
modprobe ip_vs
modprobe ip_vs_rr
modprobe ip_vs_wrr
modprobe ip_vs_lc
modprobe ip_vs_wlc
modprobe ip_vs_sh
modprobe ip_vs_sed
modprobe ip_vs_nq
# 查看IPVS模块
lsmod | grep ip_vsArch Linux
# 安装IPVSADM
pacman -S ipvsadm
# 加载IPVS模块
modprobe ip_vs
modprobe ip_vs_rr
modprobe ip_vs_wrr
modprobe ip_vs_lc
modprobe ip_vs_wlc
modprobe ip_vs_sh
modprobe ip_vs_sed
modprobe ip_vs_nq
# 查看IPVS模块
lsmod | grep ip_vs配置LVS
NAT模式配置
- 配置负载均衡器:
# 启用IP转发
echo "1" > /proc/sys/net/ipv4/ip_forward
添加虚拟服务器
ipvsadm -A -t 192.168.1.100:80 -s rr
添加后端服务器
ipvsadm -a -t 192.168.1.100:80 -r 192.168.2.1:80 -m
ipvsadm -a -t 192.168.1.100:80 -r 192.168.2.2:80 -m
ipvsadm -a -t 192.168.1.100:80 -r 192.168.2.3:80 -m
保存配置
ipvsadm -S > /etc/sysconfig/ipvsadm
查看配置
ipvsadm -L -n
2. **配置后端服务器**:
```bash
# 设置默认网关为负载均衡器的内网IP
route add default gw 192.168.2.100DR模式配置
配置负载均衡器:
# 添加虚拟IP ifconfig eth0:0 192.168.1.100 netmask 255.255.255.0 broadcast 192.168.1.255 up # 添加虚拟服务器 ipvsadm -A -t 192.168.1.100:80 -s rr # 添加后端服务器 ipvsadm -a -t 192.168.1.100:80 -r 192.168.1.101:80 -g ipvsadm -a -t 192.168.1.100:80 -r 192.168.1.102:80 -g ipvsadm -a -t 192.168.1.100:80 -r 192.168.1.103:80 -g # 保存配置 ipvsadm -S > /etc/sysconfig/ipvsadm # 查看配置 ipvsadm -L -n配置后端服务器:
# 添加虚拟IP(lo接口) ifconfig lo:0 192.168.1.100 netmask 255.255.255.255 up # 禁用ARP响应 echo "1" > /proc/sys/net/ipv4/conf/lo/arp_ignore echo "2" > /proc/sys/net/ipv4/conf/lo/arp_announce echo "1" > /proc/sys/net/ipv4/conf/all/arp_ignore echo "2" > /proc/sys/net/ipv4/conf/all/arp_announce
TUN模式配置
- 配置负载均衡器:
# 加载IP隧道模块 modprobe ipip # 添加IP隧道接口 ifconfig tunl0 192.168.1.100 netmask 255.255.255.0 broadcast 192.168.1.255 up # 启用IP转发
echo "1" > /proc/sys/net/ipv4/ip_forward
添加虚拟服务器
ipvsadm -A -t 192.168.1.100:80 -s rr
添加后端服务器
ipvsadm -a -t 192.168.1.100:80 -r 192.168.2.1:80 -i
ipvsadm -a -t 192.168.1.100:80 -r 192.168.2.2:80 -i
ipvsadm -a -t 192.168.1.100:80 -r 192.168.2.3:80 -i
保存配置
ipvsadm -S > /etc/sysconfig/ipvsadm
查看配置
ipvsadm -L -n
2. **配置后端服务器**:
```bash
# 加载IP隧道模块
modprobe ipip
# 添加IP隧道接口
ifconfig tunl0 192.168.1.100 netmask 255.255.255.255 up
# 禁用ARP响应
echo "1" > /proc/sys/net/ipv4/conf/tunl0/arp_ignore
echo "2" > /proc/sys/net/ipv4/conf/tunl0/arp_announce
echo "1" > /proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" > /proc/sys/net/ipv4/conf/all/arp_announce
# 路由配置
route add -host 192.168.1.100 dev tunl0其他负载均衡软件的配置
Keepalived
Keepalived是一种基于VRRP协议的高可用解决方案,常与LVS配合使用,提供负载均衡器的高可用性。
安装和配置Keepalived
# 安装Keepalived
apt install keepalived
# 或
yum install keepalived
# 配置Keepalived
vim /etc/keepalived/keepalived.conf
# 主负载均衡器配置
global_defs {
router_id LVS_DEVEL
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.100
}
}
virtual_server 192.168.1.100 80 {
delay_loop 6
lb_algo rr
lb_kind NAT
persistence_timeout 50
protocol TCP
real_server 192.168.2.1 80 {
weight 1
TCP_CHECK {
connect_timeout 3
retry 3
delay_before_retry 3
}
}
real_server 192.168.2.2 80 {
weight 1
TCP_CHECK {
connect_timeout 3
retry 3
delay_before_retry 3
}
}
real_server 192.168.2.3 80 {
weight 1
TCP_CHECK {
connect_timeout 3
retry 3
delay_before_retry 3
}
}
}
# 启动Keepalived服务并设置自启
systemctl start keepalived
systemctl enable keepalived
# 查看Keepalived服务状态
systemctl status keepalivedTraefik
Traefik是一种现代的反向代理和负载均衡器,支持自动服务发现。
安装和配置Traefik
# 下载Traefik
wget https://github.com/traefik/traefik/releases/download/v2.9.10/traefik_v2.9.10_linux_amd64.tar.gz
# 解压Traefik
tar -xzf traefik_v2.9.10_linux_amd64.tar.gz
# 移动Traefik到/usr/local/bin
mv traefik /usr/local/bin/
# 创建Traefik配置文件
vim /etc/traefik/traefik.yml
# 配置内容
defaultEntryPoints: ["http"]
entryPoints:
http:
address: ":80"
providers:
file:
directory: "/etc/traefik/conf.d"
watch: true
api:
dashboard: true
insecure: true
# 创建配置目录
mkdir -p /etc/traefik/conf.d
# 创建负载均衡配置
vim /etc/traefik/conf.d/load-balancer.yml
# 配置内容
http:
services:
backend:
loadBalancer:
servers:
- url: "http://backend1:8080"
- url: "http://backend2:8080"
- url: "http://backend3:8080"
healthCheck:
path: "/health"
interval: "10s"
routers:
router1:
rule: "Host(`example.com`)"
service: "backend"
# 启动Traefik
nohup traefik --configfile=/etc/traefik/traefik.yml &
# 查看Traefik状态
ps aux | grep traefik负载均衡的性能优化
Nginx性能优化
配置优化
编辑Nginx配置文件:
vim /etc/nginx/nginx.conf添加性能优化配置:
user nginx; worker_processes auto; worker_rlimit_nofile 65535; events { worker_connections 10240; use epoll; multi_accept on; } http { include /etc/nginx/mime.types; default_type application/octet-stream; # 日志优化 access_log off; error_log /var/log/nginx/error.log warn; # 连接优化 sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; keepalive_requests 100000; # 压缩 gzip on; gzip_min_length 1k; gzip_buffers 4 16k; gzip_comp_level 2; gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; # 缓存 open_file_cache max=102400 inactive=20s; open_file_cache_valid 30s; open_file_cache_min_uses 1; include /etc/nginx/conf.d/*.conf; }重启Nginx服务:
systemctl restart nginx
HAProxy性能优化
配置优化
编辑HAProxy配置文件:
vim /etc/haproxy/haproxy.cfg添加性能优化配置:
global log /dev/log local0 log /dev/log local1 notice chroot /var/lib/haproxy stats socket /run/haproxy/admin.sock mode 660 level admin expose-fd listeners stats timeout 30s user haproxy group haproxy daemon maxconn 10000 nbproc 2 cpu-map 1 0 cpu-map 2 1 defaults log global mode http option httplog option dontlognull option http-server-close option forwardfor except 127.0.0.0/8 option redispatch retries 3 timeout connect 5000 timeout client 50000 timeout server 50000 maxconn 8000重启HAProxy服务:
systemctl restart haproxy
LVS性能优化
内核参数优化
编辑sysctl配置文件:
vim /etc/sysctl.conf添加性能优化配置:
# 网络参数优化 net.ipv4.ip_forward = 1 net.ipv4.conf.all.rp_filter = 0 net.ipv4.conf.default.rp_filter = 0 net.ipv4.conf.eth0.rp_filter = 0 net.ipv4.tcp_tw_reuse = 1 net.ipv4.tcp_tw_recycle = 1 net.ipv4.tcp_fin_timeout = 30 net.ipv4.tcp_keepalive_time = 1200 net.ipv4.ip_local_port_range = 1024 65000 net.ipv4.tcp_max_syn_backlog = 8192 net.ipv4.tcp_max_tw_buckets = 5000应用配置:
sysctl -p
负载均衡的故障排查
常见问题及解决方案
- 负载均衡器无法启动:检查配置文件语法,检查端口占用,检查服务依赖
- 后端服务器无法访问:检查网络连接,检查防火墙设置,检查后端服务器状态
- 负载均衡不均:检查调度算法配置,检查后端服务器权重,检查健康检查配置
- 会话丢失:检查会话保持配置,检查后端服务器状态,检查负载均衡算法
- 健康检查失败:检查后端服务器状态,检查健康检查配置,检查网络连接
诊断工具
Nginx诊断工具
nginx:Nginx管理工具
# 检查配置文件 nginx -t # 查看Nginx进程 ps aux | grep nginx # 查看Nginx连接数 netstat -an | grep :80 | wc -l日志文件:
# 查看错误日志 tail -f /var/log/nginx/error.log # 查看访问日志 tail -f /var/log/nginx/access.log
HAProxy诊断工具
haproxy:HAProxy管理工具
# 检查配置文件 haproxy -c -f /etc/haproxy/haproxy.cfg # 查看HAProxy进程 ps aux | grep haproxy # 查看HAProxy状态 echo "show info" | socat stdio /run/haproxy/admin.sock # 查看后端服务器状态 echo "show servers state" | socat stdio /run/haproxy/admin.sock监控页面:
- 浏览器访问:http://服务器IP:9000/stats
LVS诊断工具
ipvsadm:LVS管理工具
# 查看LVS配置 ipvsadm -L -n # 查看LVS连接数 ipvsadm -L -n -c # 查看LVS统计信息 ipvsadm -L -n --stats # 查看LVS详细信息 ipvsadm -L -n --rate网络工具:
# 查看网络连接 netstat -an | grep :80 # 查看网络接口 ifconfig # 查看路由表 route -n
实用案例分析
案例1:配置Nginx负载均衡
配置步骤:
- 安装Nginx
# 在Ubuntu/Debian上安装
apt update
apt install nginx
# 在CentOS/RHEL上安装
yum install nginx
# 启动Nginx服务并设置自启
systemctl start nginx
systemctl enable nginx
# 查看Nginx服务状态
systemctl status nginx- 配置Nginx负载均衡
# 创建负载均衡配置文件
vim /etc/nginx/conf.d/load-balancer.conf
# 添加以下配置
upstream backend {
server 192.168.1.10:8080 weight=5;
server 192.168.1.11:8080 weight=3;
server 192.168.1.12:8080 weight=2;
}
server {
listen 80;
server_name example.com;
location / {
proxy_pass http://backend;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
# 检查Nginx配置
nginx -t
# 重启Nginx服务
systemctl restart nginx- 测试负载均衡
# 使用curl测试多次
for i in {1..10}; do curl http://example.com; done
# 查看Nginx访问日志
tail -f /var/log/nginx/access.log
# 查看后端服务器日志
tail -f /var/log/nginx/error.log案例2:配置HAProxy负载均衡
配置步骤:
- 安装HAProxy
# 在Ubuntu/Debian上安装
apt update
apt install haproxy
# 在CentOS/RHEL上安装
yum install haproxy
# 启动HAProxy服务并设置自启
systemctl start haproxy
systemctl enable haproxy
# 查看HAProxy服务状态
systemctl status haproxy- 配置HAProxy负载均衡
# 编辑HAProxy配置文件
vim /etc/haproxy/haproxy.cfg
# 添加以下配置
global
log /dev/log local0
log /dev/log local1 notice
chroot /var/lib/haproxy
stats socket /run/haproxy/admin.sock mode 660 level admin expose-fd listeners
stats timeout 30s
user haproxy
group haproxy
daemon
defaults
log global
mode http
option httplog
option dontlognull
timeout connect 5000
timeout client 50000
timeout server 50000
frontend http_front
bind *:80
default_backend http_back
backend http_back
balance roundrobin
server backend1 192.168.1.10:8080 check inter 2000 rise 2 fall 3
server backend2 192.168.1.11:8080 check inter 2000 rise 2 fall 3
server backend3 192.168.1.12:8080 check inter 2000 rise 2 fall 3
listen stats
bind *:9000
mode http
stats enable
stats uri /stats
stats realm Haproxy\ Statistics
stats auth admin:admin
stats refresh 10s
# 检查HAProxy配置
haproxy -c -f /etc/haproxy/haproxy.cfg
# 重启HAProxy服务
systemctl restart haproxy- 测试负载均衡
# 使用curl测试多次
for i in {1..10}; do curl http://example.com; done
# 查看HAProxy日志
tail -f /var/log/haproxy.log
# 访问监控页面
# 浏览器访问:http://服务器IP:9000/stats案例3:配置LVS负载均衡(DR模式)
配置步骤:
- 安装LVS
# 在Ubuntu/Debian上安装
apt update
apt install ipvsadm
# 在CentOS/RHEL上安装
yum install ipvsadm
# 加载IPVS模块
modprobe ip_vs
modprobe ip_vs_rr
modprobe ip_vs_wrr
modprobe ip_vs_lc
modprobe ip_vs_wlc
modprobe ip_vs_sh
# 查看IPVS模块
lsmod | grep ip_vs- 配置负载均衡器(DR模式)
# 添加虚拟IP
ifconfig eth0:0 192.168.1.100 netmask 255.255.255.0 broadcast 192.168.1.255 up
# 添加虚拟服务器
ipvsadm -A -t 192.168.1.100:80 -s rr
# 添加后端服务器
ipvsadm -a -t 192.168.1.100:80 -r 192.168.1.10:80 -g
ipvsadm -a -t 192.168.1.100:80 -r 192.168.1.11:80 -g
ipvsadm -a -t 192.168.1.100:80 -r 192.168.1.12:80 -g
# 保存配置
ipvsadm -S > /etc/sysconfig/ipvsadm
# 查看配置
ipvsadm -L -n- 配置后端服务器
# 在每个后端服务器上执行以下操作
# 添加虚拟IP(lo接口)
ifconfig lo:0 192.168.1.100 netmask 255.255.255.255 up
# 禁用ARP响应
echo "1" > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" > /proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" > /proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" > /proc/sys/net/ipv4/conf/all/arp_announce
# 启动Web服务
systemctl start nginx
# 或
systemctl start httpd- 测试负载均衡
# 使用curl测试多次
for i in {1..10}; do curl http://192.168.1.100; done
# 查看LVS连接数
ipvsadm -L -n -c
# 查看LVS统计信息
ipvsadm -L -n --stats案例4:配置负载均衡高可用(Keepalived + LVS)
配置步骤:
- 安装Keepalived和LVS
# 在主备负载均衡器上执行以下操作
# 安装Keepalived和LVS
apt install keepalived ipvsadm
# 或
yum install keepalived ipvsadm
# 加载IPVS模块
modprobe ip_vs
modprobe ip_vs_rr
modprobe ip_vs_wrr
modprobe ip_vs_lc
modprobe ip_vs_wlc
modprobe ip_vs_sh- 配置主负载均衡器
# 编辑Keepalived配置文件
vim /etc/keepalived/keepalived.conf
# 主负载均衡器配置
global_defs {
router_id LVS_MASTER
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.100
}
}
virtual_server 192.168.1.100 80 {
delay_loop 6
lb_algo rr
lb_kind DR
persistence_timeout 50
protocol TCP
real_server 192.168.1.10 80 {
weight 1
TCP_CHECK {
connect_timeout 3
retry 3
delay_before_retry 3
}
}
real_server 192.168.1.11 80 {
weight 1
TCP_CHECK {
connect_timeout 3
retry 3
delay_before_retry 3
}
}
real_server 192.168.1.12 80 {
weight 1
TCP_CHECK {
connect_timeout 3
retry 3
delay_before_retry 3
}
}
}
# 启动Keepalived服务并设置自启
systemctl start keepalived
systemctl enable keepalived
# 查看Keepalived服务状态
systemctl status keepalived- 配置备负载均衡器
# 编辑Keepalived配置文件
vim /etc/keepalived/keepalived.conf
# 备负载均衡器配置
global_defs {
router_id LVS_BACKUP
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.100
}
}
virtual_server 192.168.1.100 80 {
delay_loop 6
lb_algo rr
lb_kind DR
persistence_timeout 50
protocol TCP
real_server 192.168.1.10 80 {
weight 1
TCP_CHECK {
connect_timeout 3
retry 3
delay_before_retry 3
}
}
real_server 192.168.1.11 80 {
weight 1
TCP_CHECK {
connect_timeout 3
retry 3
delay_before_retry 3
}
}
real_server 192.168.1.12 80 {
weight 1
TCP_CHECK {
connect_timeout 3
retry 3
delay_before_retry 3
}
}
}
# 启动Keepalived服务并设置自启
systemctl start keepalived
systemctl enable keepalived
# 查看Keepalived服务状态
systemctl status keepalived- 配置后端服务器
# 在每个后端服务器上执行以下操作
# 添加虚拟IP(lo接口)
ifconfig lo:0 192.168.1.100 netmask 255.255.255.255 up
# 禁用ARP响应
echo "1" > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" > /proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" > /proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" > /proc/sys/net/ipv4/conf/all/arp_announce
# 启动Web服务
systemctl start nginx
# 或
systemctl start httpd- 测试高可用
# 测试负载均衡
for i in {1..10}; do curl http://192.168.1.100; done
# 模拟主负载均衡器故障
systemctl stop keepalived
# 测试故障转移
for i in {1..10}; do curl http://192.168.1.100; done
# 恢复主负载均衡器
systemctl start keepalived
# 测试恢复
for i in {1..10}; do curl http://192.168.1.100; done案例5:负载均衡故障排查
排查步骤:
- Nginx负载均衡故障排查
# 检查Nginx服务状态
systemctl status nginx
# 检查Nginx配置文件
nginx -t
# 查看Nginx错误日志
tail -f /var/log/nginx/error.log
# 查看Nginx访问日志
tail -f /var/log/nginx/access.log
# 测试后端服务器连接
curl http://backend1:8080
curl http://backend2:8080
curl http://backend3:8080
# 检查网络连接
ping backend1
ping backend2
ping backend3
# 检查防火墙设置
ufw status
# 或
iptables -L- HAProxy负载均衡故障排查
# 检查HAProxy服务状态
systemctl status haproxy
# 检查HAProxy配置文件
haproxy -c -f /etc/haproxy/haproxy.cfg
# 查看HAProxy日志
tail -f /var/log/haproxy.log
# 查看后端服务器状态
echo "show servers state" | socat stdio /run/haproxy/admin.sock
# 测试后端服务器连接
curl http://backend1:8080
curl http://backend2:8080
curl http://backend3:8080
# 检查网络连接
ping backend1
ping backend2
ping backend3
# 检查防火墙设置
ufw status
# 或
iptables -L- LVS负载均衡故障排查
# 检查LVS配置
ipvsadm -L -n
# 查看LVS连接数
ipvsadm -L -n -c
# 查看LVS统计信息
ipvsadm -L -n --stats
# 测试后端服务器连接
curl http://backend1:8080
curl http://backend2:8080
curl http://backend3:8080
# 检查网络连接
ping backend1
ping backend2
ping backend3
# 检查防火墙设置
ufw status
# 或
iptables -L
# 检查IPVS模块
lsmod | grep ip_vs课后练习
配置Nginx负载均衡
- 步骤:安装Nginx → 配置负载均衡 → 启动服务 → 测试负载均衡
- 验证:请求被均匀分配到多个后端服务器
配置HAProxy负载均衡
- 步骤:安装HAProxy → 配置负载均衡 → 启动服务 → 测试负载均衡
- 验证:请求被均匀分配到多个后端服务器,监控页面显示正常
配置LVS负载均衡(DR模式)
- 步骤:安装LVS → 配置负载均衡器 → 配置后端服务器 → 测试负载均衡
- 验证:请求被均匀分配到多个后端服务器,响应直接返回给客户端
配置负载均衡高可用
- 步骤:安装Keepalived → 配置主备负载均衡器 → 配置后端服务器 → 测试高可用
- 验证:主负载均衡器故障时,备负载均衡器自动接管,服务不中断
负载均衡性能优化
- 步骤:分析负载均衡性能 → 调整配置参数 → 测试性能改善
- 验证:负载均衡的响应速度和吞吐量得到明显改善
负载均衡故障排查
- 步骤:模拟负载均衡故障 → 使用排查工具定位问题 → 修复问题 → 验证服务恢复
- 验证:负载均衡服务能够正常工作,请求被正确分配到后端服务器
总结
本集详细介绍了Linux系统中负载均衡的配置方法,包括:
- 负载均衡的概念和工作原理
- Nginx负载均衡的安装和配置
- HAProxy负载均衡的安装和配置
- LVS负载均衡的安装和配置
- 其他负载均衡软件的配置(Keepalived、Traefik)
- 负载均衡的调度算法
- 负载均衡的会话保持
- 负载均衡的健康检查
- 负载均衡的性能优化
- 负载均衡的故障排查
通过本集的学习,读者应该能够理解负载均衡的基本原理,并能够独立配置和管理不同类型的负载均衡服务。负载均衡是构建高可用、高可靠、高性能系统的重要技术,掌握它的配置和管理技巧对于系统管理员来说非常重要。
在实际应用中,需要根据具体的业务需求和环境,选择合适的负载均衡软件和工作模式,并采取适当的配置和优化措施,确保负载均衡服务的稳定性、安全性和性能。同时,还需要定期维护和监控负载均衡服务,及时发现和解决问题,确保服务的正常运行。