For the purpose of Distributed Operating Systems course, we want to manually configure load-balancing using Linux Virtual Server (LVS).
The architecture design presented below is far from ideal, but for the first step, we just need to get more familiar with Linux network and virtual server settings.
It shouldn’t be considered as pattern, but as a warm-up before getting to much nicer load-balanced and high-availability designs.
What we intend to achieve here may be partition into four steps:
On all servers (LVS, RS1, RS2) update information about available packages:
|
1 |
apt-get update |
On LVS install ipvsadm package (for configiuring LVS):
|
1 |
apt-get install ipvsadm |
On RS1 and RS2 install apache2, php5 libraries and mysql server:
|
1 2 3 |
apt-get install apache2 apt-get install php5 php5-mysql apt-get install mysql-server |
Using VMWare Player we’ll modify Virtual Machine Settings.
LVS should have two Network Adapters:
If you want to figure out which network interface is represented as eth0 you should:
If MAC address attached to VMNet8 (NAT) is the same as MAC address on eth0 then everything is all rigth. Otherwise you need to reassign the network in VMWare Player Settings.
Linux Virtual Server and Real Servers config clearing
Put down and flush all the configuration of network interfaces on LVS and RS servers:
|
1 2 3 4 |
root@asl24.pl:~# ifdown eth0 # On LVS, RS1, RS2 root@asl24.pl:~# ip a f dev eth0 # On LVS, RS1, RS2 root@asl24.pl:~# ifdown eth1 # On LVS only root@asl24.pl:~# ip a f dev eth1 # On LVS only |
If error occurs during ifdown, you can probably ignore it and carry on with the work.
Linux Virtual Server interfaces
Change the /etc/network/interfaces – comment out the line with dhcp (dynamic ip configutration) and add the lines with eth0 and eth1 static ip configuration:
|
1 2 3 4 5 6 7 8 9 10 11 12 |
(....) #iface eth0 inet dhcp # !!!! this line is commented out iface eth0 inet static address 192.168.47.111 #this is only valid for labs at FMCS/WMI UAM netmask 255.255.255.0 gateway 192.168.47.100 #this is only valid for labs at FMCS/WMI UAM iface eth1 inet static address 192.168.1.1 netmask 255.255.255.0 |
Save the file and run:
|
1 2 |
root@asl24.pl:~# ifup eth0 root@asl24.pl:~# ifup eth1 |
Real Servers interfaces
Change the /etc/network/interfaces – comment out the line with dhcp (dynamic ip configutration) and add the lines with eth0 static ip configuration:
|
1 2 3 4 5 6 7 8 |
(....) #iface eth0 inet dhcp # !!!! this line is commented out iface eth0 inet static address 192.168.1.100 #On RS1 it's 192.168.1.100 on RS2 it should be 192.168.1.200 netmask 255.255.255.0 gateway 192.168.1.1 |
Save the file and run:
|
1 |
root@asl24.pl:~# ifup eth0 |
Testing
You can try to check reachability:
(Right now this config doesn’t work, so take it as a hints, we used it for environments provided in 2013-2017)
Local communication between nodes
Adding IP address on server interefaces
Add new address 192.168.1.1, mask 255.255.255.0 (/24) to eth1 on LVS:
|
1 |
root@asl244:~# ip a a 192.168.1.1/24 dev eth0 label eth1 |
Add new address 192.168.1.100, mask 255.255.255.0 (/24) on RS1 :
|
1 |
root@asl244:~# ip a a 192.168.1.100/24 dev eth0 label eth0 |
Add new address 192.168.1.200, mask 255.255.255.0 (/24) on RS2:
|
1 |
root@asl244:~# ip a a 192.168.1.200/24 dev eth0 label eth0 |
Setting up RS1 and RS2
On RS1 and RS2, by running “ip a”, check what address was assigned to its network interface (eth0). Check what is the default gateway with “ip r” command. Example below shows configuration of RS2 (do the same on RS1):
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 |
root@asl-client2:~# ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000 link/ether 00:0c:29:f6:51:b5 brd ff:ff:ff:ff:ff:ff inet 192.168.1.200/24 brd 192.168.1.255 scope global eth0:1 #to jest adres na interfejsie eth0:1 nadany przez nas (wewnetrzny) inet 192.168.47.130/24 brd 192.168.47.255 scope global eth0 #to jest adres na interfejsie eth0 nadany przez dhcp vmware inet6 fe80::20c:29ff:fef6:51b5/64 scope link valid_lft forever preferred_lft forever root@asl-client2:~# root@asl-client2:~# ip r 192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.200 #to jest trasa dodana przez interfejs eth0:1 (nasze - ip a a) 192.168.47.0/24 dev eth0 proto kernel scope link src 192.168.47.130 #to jest trasa dodana przez interfejs eth0 z vmware default via 192.168.47.2 dev eth0 #domyślna brama sieciowa skonfigurowana przez dhcp vmware root@asl-client2:~# |
We found that the IP address in ths example is 192.168.47.130, and default gateway is 192.168.47.2.
We want RS1 and RS2 to connect to external networks using LVS as the default gateway.We also want that LVS-RS1,2 communication to be taken on their local IP addresses (192.186.1.0/24).
To do so:
Remove the default gateway (previous route via 192.168.47.2 set up by VMware needs to be deleted).
|
1 2 3 4 5 |
root@asl-client2:~# ip r d default via 192.168.47.2 #usunięcie domyślej trasy rutingu root@asl-client2:~# ip r 192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.132 192.168.47.0/24 dev eth0 proto kernel scope link src 192.168.47.130 root@asl-client2:~# |
we’ll add the default gateway via s192.168.1.1 (LVS)
|
1 |
root@asl-client2:~# ip r a default dev eth0 via 192.168.1.1 #dodanie domyślnej trasy rutingu przez podsieć wewnętrzną |
We’ll remove address assigined by VMware.
|
1 2 |
root@asl-client2:~# ip a d 192.168.47.130/24 dev eth0 #usunięcie komunikacji maszyny SW2 z siecią zewnętrzną root@asl-client2:~# |
From now on LVS is a default gateway for RS2.
Task:
With ipvsadm we’ve already made our LVS to pass and load-balance the connections from externall to RS1 and RS2. We’ve also changed RS1 and RS2 so they’re using LVS as default gateway for the connections coming back.
It will still not work though.
We need to set up NAT (Network Address Translation) of the source addresses in packet coming back from RS1 and RS2 to external network (CLIent).
The work will be done on LVS. Client connected and send HTTP request to external IP address of LVS (VIP), so we cannot send the response from RIP1/RIP2 directly to client. We need to translate source address in responeses from RIP1/RIP2 to VIP.
On LVS we need to first flush all the previous configuration and add SNAT rule:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 |
root@asl244:~# iptables -t nat --flush #flushing out all previuos NAT rules root@asl244:~# iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -d 0.0.0.0/0 -j SNAT --to-source 192.168.47.111 #adding a source address translation (snat) rule to 192.168.47.111 for all ip packets with source IPs in range 192.168.1.0/24 root@asl244:~# iptables -L -t nat -n #printing out the modified NAT Chain PREROUTING (policy ACCEPT) target prot opt source destination Chain POSTROUTING (policy ACCEPT) target prot opt source destination SNAT all -- 192.168.1.0/24 0.0.0.0/24 to:192.168.47.111 Chain OUTPUT (policy ACCEPT) target prot opt source destination root@asl244:~# |
From now on there’ll be proper communication working between external network and our real server.
Caution:
We need to adjust parameters of networking on our virtual server
On LVS run commands as shown below (you may try to write this to a scrip lvs-rso.sh, so you’ll be able to recall it in the future):
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 |
echo "1" > /proc/sys/net/ipv4/ip_forward echo "0" > /proc/sys/net/ipv4/conf/all/send_redirects echo "0" > /proc/sys/net/ipv4/conf/default/send_redirects echo "0" > /proc/sys/net/ipv4/conf/eth0/send_redirects # IP_SG_ZEWN is an external IP address assigned automatically by VMWARE for eth0 # this address can be found in the result of "ip a s dev eth0" command line cosnsisting "inet" word # CAUTION 192.168.47.129 needs to be changed to eth0 external address. IP_SG_ZEWN=192.168.47.111 IP_SW1=192.168.1.100 IP_SW2=192.168.1.200 IP_NET_LOCAL=192.168.1.0/24 ipvsadm -C ipvsadm -A -t $IP_SG_ZEWN:www -s rr ipvsadm -a -t $IP_SG_ZEWN:www -r $IP_SW1:www -m -w 1 ipvsadm -a -t $IP_SG_ZEWN:www -r $IP_SW2:www -m -w 1 ipvsadm iptables -t nat --flush iptables -t nat -A POSTROUTING -s $IP_NET_LOCAL -d 0.0.0.0/0 -j SNAT --to-source $IP_SG_ZEWN iptables -L -t nat -n |
On RS1 and RS2 disable packet forwarding:
|
1 |
echo "0" > /proc/sys/net/ipv4/ip_forward |
On RS1 and RS2 websites server by apache http server are located in /var/www/. Change default index.html files so they differ (we’ll be able to recognize if cluster works).
It may happen that old configuration of nameserver is present in /etc/resolv.conf. It should consist of nameserver 192.168.47.2 (you may have different value than 47).
Check the configuration by launching 192.168.47.111 on Firefox.
LVS:
RS1:
RS2: