Yuav ua li cas yog tias lub zog ntawm ib tus neeg rau zaub mov tsis txaus los ua txhua qhov kev thov, thiab cov chaw tsim khoom software tsis muab cov khoom sib npaug? Muaj ntau txoj kev xaiv, los ntawm kev yuav ib lub load balancer kom txwv tus naj npawb ntawm kev thov. Qhov twg yog qhov tseeb yuav tsum tau txiav txim siab los ntawm qhov xwm txheej, suav nrog cov xwm txheej uas twb muaj lawm. Hauv tsab xov xwm no peb yuav qhia koj tias koj tuaj yeem ua li cas yog tias koj cov peev nyiaj tsawg thiab koj muaj server dawb.
Raws li lub kaw lus uas nws tsim nyog los txo cov load ntawm ib qho ntawm cov servers, peb xaiv DLP (cov ntaub ntawv xau tiv thaiv kab ke) los ntawm InfoWatch. Ib qho tshwj xeeb ntawm kev siv yog qhov kev tso kawm ntawm kev sib npaug ntawm ib qho ntawm "sib ntaus sib tua" servers.
Ib qho teeb meem uas peb ntsib yog qhov tsis muaj peev xwm siv Source NAT (SNAT). Vim li cas qhov no xav tau thiab yuav daws qhov teeb meem li cas, peb yuav piav qhia ntxiv.
Yog li, pib lub logic daim duab ntawm lub system uas twb muaj lawm zoo li no:
ICAP tsheb, SMTP, txheej xwm los ntawm cov neeg siv computers tau ua tiav ntawm Traffic Monitor (TM) server. Nyob rau tib lub sijhawm, tus neeg rau zaub mov database yooj yim tiv nrog cov khoom thauj tom qab ua tiav cov xwm txheej ntawm TM, tab sis lub nra ntawm TM nws tus kheej hnyav. Qhov no tau tshwm sim los ntawm qhov tshwm sim ntawm cov lus kab lus ntawm Lub Tshuab Saib Xyuas (DM) server, nrog rau los ntawm CPU thiab nco load ntawm TM.
Thaum xub thawj siab ib muag, yog tias peb ntxiv lwm tus neeg rau zaub mov TM rau cov tswv yim no, ces ICAP lossis DM tuaj yeem hloov mus rau nws, tab sis peb txiav txim siab tsis siv txoj kev no, vim tias kev ua txhaum cai raug txo.
Kev piav qhia txog kev daws teeb meem
Nyob rau hauv tus txheej txheem ntawm kev tshawb nrhiav ib qho kev daws teeb meem, peb tau txiav txim siab los ntawm cov software dawb ua ke nrog . Vim tias Keepalived daws qhov teeb meem ntawm kev tsim ib pawg ua tsis tiav thiab tuaj yeem tswj hwm LVS balancer.
Qhov peb xav ua kom tiav (txo cov load ntawm TM thiab tswj cov theem tam sim no ntawm kev ua txhaum cai) yuav tsum tau ua haujlwm raws li cov qauv hauv qab no:
Thaum kuaj xyuas cov haujlwm ua haujlwm, nws tau pom tias kev cai RedHat sib dhos tau nruab rau ntawm cov servers tsis txhawb SNAT. Hauv peb qhov xwm txheej, peb tau npaj siv SNAT los xyuas kom meej tias cov ntawv xa tuaj thiab cov lus teb rau lawv raug xa los ntawm tib tus IP chaw nyob, txwv tsis pub peb yuav tau txais daim duab hauv qab no:
Qhov no yog qhov tsis txaus ntseeg. Piv txwv li, lub npe neeg rau zaub mov, tau xa cov pob ntawv mus rau qhov chaw nyob Virtual IP (VIP), yuav xav tias yuav muaj lus teb los ntawm VIP, tab sis qhov no nws yuav los ntawm IP2 rau cov ntu xa mus rau thaub qab. Ib qho kev daws teeb meem tau pom: nws yog ib qho tsim nyog los tsim lwm lub rooj sib tham ntawm qhov thaub qab thiab txuas ob lub TM servers nrog lub network sib cais, raws li qhia hauv qab no:
Chaw
Peb yuav siv lub tswv yim ntawm ob lub servers nrog ICAP, SMTP, TCP 9100 cov kev pabcuam thiab cov khoom sib npaug nruab rau ntawm ib qho ntawm lawv.
Peb muaj ob lub RHEL6 servers, los ntawm cov txheej txheem repositories thiab qee cov pob tau raug tshem tawm.
Cov kev pabcuam uas peb yuav tsum sib npaug:
β’ ICAP β tcp 1344;
β’ SMTP β tcp 25.
Kev pabcuam tsheb thauj mus los ntawm DM - tcp 9100.
Ua ntej, peb yuav tsum npaj lub network.
Virtual IP chaw nyob (VIP):
β’ IP: 10.20.20.105.
Server TM6_1:
β’ Sab nraud IP: 10.20.20.101;
β’ Sab hauv IP: 192.168.1.101.
Server TM6_2:
β’ Sab nraud IP: 10.20.20.102;
β’ Sab hauv IP: 192.168.1.102.
Tom qab ntawd peb qhib IP xa mus rau ob lub TM servers. Yuav ua li cas qhov no tau piav qhia ntawm RedHat .
Peb txiav txim siab qhov twg ntawm cov servers peb yuav muaj yog lub ntsiab thiab qhov twg yuav yog tus thaub qab. Cia tus tswv yog TM6_1, thaub qab yog TM6_2.
Ntawm kev thaub qab peb tsim ib qho tshiab balancer routing rooj thiab routing cov cai:
[root@tm6_2 ~]echo 101 balancer >> /etc/iproute2/rt_tables
[root@tm6_2 ~]ip rule add from 192.168.1.102 table balancer
[root@tm6_2 ~]ip route add default via 192.168.1.101 table balancerCov lus txib saum toj no ua haujlwm kom txog thaum lub kaw lus rov pib dua. Txhawm rau kom ntseeg tau tias cov kev khaws cia tom qab rov pib dua, koj tuaj yeem nkag mus rau hauv /etc/rc.d/rc.local, tab sis zoo dua los ntawm cov ntaub ntawv teeb tsa /etc/sysconfig/network-scripts/route-eth1 (ceeb toom: sib txawv syntax yog siv ntawm no).
Nruab Keepalived ntawm ob lub TM servers. Peb siv rpmfind.net ua qhov chaw faib khoom:
[root@tm6_1 ~]#yum install https://rpmfind.net/linux/centos/6.10/os/x86_64/Packages/keepalived-1.2.13-5.el6_6.x86_64.rpmHauv qhov chaw khaws cia, peb muab ib qho ntawm cov servers ua tus tswv, lwm qhov yog thaub qab. Tom qab ntawd peb teeb VIP thiab cov kev pabcuam rau kev sib npaug. Cov ntaub ntawv teeb tsa feem ntau nyob ntawm no: /etc/keepalived/keepalived.conf.
Chaw rau TM1 Server
vrrp_sync_group VG1 {
group {
VI_1
}
}
vrrp_instance VI_1 {
state MASTER
interface eth0
lvs_sync_daemon_inteface eth0
virtual_router_id 51
priority 151
advert_int 1
authentication {
auth_type PASS
auth_pass example
}
virtual_ipaddress {
10.20.20.105
}
}
virtual_server 10.20.20.105 1344 {
delay_loop 6
lb_algo wrr
lb_kind NAT
protocol TCP
real_server 192.168.1.101 1344 {
weight 1
TCP_CHECK {
connect_timeout 3
connect_port 1344
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.1.102 1344 {
weight 1
TCP_CHECK {
connect_timeout 3
connect_port 1344
nb_get_retry 3
delay_before_retry 3
}
}
}
virtual_server 10.20.20.105 25 {
delay_loop 6
lb_algo wrr
lb_kind NAT
protocol TCP
real_server 192.168.1.101 25 {
weight 1
TCP_CHECK {
connect_timeout 3
connect_port 25
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.1.102 25 {
weight 1
TCP_CHECK {
connect_timeout 3
connect_port 25
nb_get_retry 3
delay_before_retry 3
}
}
}
virtual_server 10.20.20.105 9100 {
delay_loop 6
lb_algo wrr
lb_kind NAT
protocol TCP
real_server 192.168.1.101 9100 {
weight 1
TCP_CHECK {
connect_timeout 3
connect_port 9100
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.1.102 9100 {
weight 1
TCP_CHECK {
connect_timeout 3
connect_port 9100
nb_get_retry 3
delay_before_retry 3
}
}
}Chaw rau TM2 Server
vrrp_sync_group VG1 {
group {
VI_1
}
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
lvs_sync_daemon_inteface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass example
}
virtual_ipaddress {
10.20.20.105
}
}Peb nruab LVS ntawm tus tswv, uas yuav sib npaug ntawm cov tsheb khiav. Nws ua rau tsis muaj kev nkag siab rau nruab ib qho kev sib npaug rau tus neeg rau zaub mov thib ob, vim peb tsuas muaj ob lub servers hauv kev teeb tsa.
[root@tm6_1 ~]##yum install https://rpmfind.net/linux/centos/6.10/os/x86_64/Packages/ipvsadm-1.26-4.el6.x86_64.rpmLub balancer yuav raug tswj los ntawm keepalived, uas peb twb configured.
Txhawm rau ua kom tiav daim duab, cia peb ntxiv khaws cia rau autostart ntawm ob lub servers:
[root@tm6_1 ~]#chkconfig keepalived onxaus
Tshawb xyuas cov txiaj ntsig
Cia peb khiav Keepalived ntawm ob lub servers:
service keepalived startTshawb xyuas qhov muaj VRRP chaw nyob virtual
Cia peb nco ntsoov tias VIP yog tus tswv:
Thiab tsis muaj VIP rau thaub qab:
Siv cov lus txib ping, peb yuav xyuas qhov muaj VIP:
Tam sim no koj tuaj yeem kaw tus tswv thiab khiav cov lus txib dua ping.
Cov txiaj ntsig yuav tsum nyob li qub, thiab ntawm kev thaub qab peb yuav pom VIP:
Tshawb xyuas qhov kev pabcuam sib npaug
Cia peb ua piv txwv SMTP. Cia peb tso ob qho kev sib txuas rau 10.20.20.105 ib txhij:
telnet 10.20.20.105 25Ntawm tus tswv peb yuav tsum pom tias ob qho kev sib txuas yog nquag thiab txuas nrog cov servers sib txawv:
[root@tm6_1 ~]#watch ipvsadm βLn
Yog li, peb tau siv qhov kev ua txhaum cai ntawm TM cov kev pabcuam los ntawm kev txhim kho qhov sib npaug ntawm ib qho ntawm TM servers. Rau peb lub cev, qhov no txo ββcov load ntawm TM los ntawm ib nrab, uas ua rau nws muaj peev xwm daws tau qhov teeb meem ntawm qhov tsis muaj kab rov tav scaling siv lub system.
Feem ntau, qhov kev daws teeb meem no tau ua tiav sai thiab tsis muaj nqi ntxiv, tab sis qee zaum muaj ntau qhov kev txwv thiab teeb meem hauv kev teeb tsa, piv txwv li, thaum ntsuas UDP tsheb.
Tau qhov twg los: www.hab.com