· KLDP.org · KLDP.net · KLDP Wiki · KLDP BBS ·
ipvsadm

ipvsadm/QuickStart


1.1. Notice

  • ÀÛ¼º ÀÚ : ±è¼®¿ø {segenny (at) gmail.com}
  • ÀÛ¼º ½ÃÀÛ : 2008-05-20
  • ¸¶°¨ ¿¹Á¤ÀÏ : 2008-05-29
¡Ø ipvsadm À» ÀÌ¿ëÇÏ´Â ·Îµå ¹ë·±½ÌÀº ÀÌ¹Ì google¿¡¼­µµ ¸¹ÀÌ Ã£¾Æ º¼ ¼ö ÀÖ´Ù. ÀÌ ±ÛÀ» ¾´ ÀÌÀ¯´Â
  • doc¹®¼­ °ü¸® º¸´Ü ÀÌ°Ô ÆíÇÏ´Ù.
  • Ãʺ¸·Î¼­ google¿¡¼­ ã¾Æº» ÀÚ·á·Î´Â ÀÌÇØ ¾ÈµÇ´Â ºÎºÐÀ» Á¤¸®ÇÔ(¾ðÁ¦!)

1.2. ±¸Çö ȯ°æ

1. ¼­¹ö
  • vmware
  • redhat enterprise 4 (update5) Linux Kernel 2.6.9
2. vmware À» ÀÌ¿ëÇÑ ¸®´ª½º ¼³Ä¡
  • vmwareÀ» ÀÌ¿ëÇÏ¿© RHEL-4.5À» µÎ¹ø ¼³Ä¡ÇÑ´Ù.(Çѹø ¼³Ä¡ ÈÄ º¹»çÇÏ¿© »ç¿ëÇصµ ¹¹...)
3. ¼­¹ö ȯ°æ
  • ¾Æ·¡ 192.168.0.50 ¾Æ·¡ÀÇ IPÁÖ¼Ò´Â µÎ°³ÀÇ ³ëµå°¡ µ¿ÀÏÇÏ°Ô °°´Â ¾ÆÀÌÇÇ ÁÖ¼ÒÀÌ´Ù. ¼¼ÆÃÀÌ ÁøÇà µÇ¸é¼­ È®ÀÎÇÏ°í ¾Æ·¡ÀÇ ±×¸²Àº ÂüÁ¶¸¸ ÇÑ´Ù.
===============================================================
|                                                             |
|              +-------------------------------+-------------------  Client    
|         192.168.0.50:eth0:1       dummy0:192.168.0.50       |      ========
|         192.168.0.10:eth0           eth0:192.168.0.11       |/---- |      |
|                        /-------------\                      /      ========
|       ====================          ====================   /|          | 
|       | Linux Box Master |          | Linux Box Slave  |  / |          | 
|       |  Direct Routing  |          |                  | /  |          | 
|       |                  |          |                  |/   |          | 
|       |   RealServer 1   |          |   RealServer 2   |    |          | 
|       ====================          ====================    |          | 
|              +---------------------------------------------------------+ 
|         hosts: cnode1                  hosts: cnode2        |
|                                                             |
===============================================================


1.3. Master Node

1.3.1. Whatis ipvsadm

  1. 2°³ ÀÌ»óÀÇ ³ë¸£¸¦ °¡Áø Ŭ·¯½ºÅ͸µ ½Ã½ºÅÛ¿¡¼­ Ä¿³Î³»ºÎÀÇ IPVSÅ×À̺íÀ» ¼³Á¤ÇÏ°í À¯ÁöÇÏ´Â À¯Æ¿¸®Æ¼
  2. IPVSÅ×À̺íÀº Ä¿³ÎÀÌ ·Îµå¹ë·±¼­(Director)·Î µé¾î¿À´Â ÆÐŶÀ» °¢°¢ÀÇ ¸®¾ó¼­¹ö ³ëµå·Î Àü´ÞÇϱâ À§ÇØ ÂüÁ¶
  3. 2°³ÀÇ ÇÁ·ÎÅäÄÝ Áö¿ø - TCP ¿Í UDP
  4. 3°¡Áö ¹æ½ÄÀÇ ÆÐŶ Æ÷¿öµù ¹æ½Ä Áö¿ø - NAT, tunneling, direct routing
  5. 4°¡Áö ½ºÄɵѸµ ¾Ë°í¸®Áò Áö¿ø
    • round robin
      • ¼øÂ÷Àû ¹æ½ÄÀ» ÀÌ¿ëÇØ ³×Æ®¿öÅ© ¿¬°áÀ» ¼­·Î ´Ù¸¥ ¼­¹ö¿¡ ¿¬°á
      • ½ÇÁ¦ ¼­¹öÀÇ ¿¬°á °³¼ö³ª ¹ÝÀÀ½Ã°£ µîÀº °í·Á¸¦ ÇÏÁö ¾ÊÀ½
    • weighted round robin
      • °¡ÁßÄ¡±â¹Ý ¶ó¿îµå ·Îºó ½ºÄÉÁÙ¸µ
      • ¼­¹ö¿¡ ¼­·Î ´Ù¸¥ ó¸® ¿ë·®(°¡ÁßÄ¡)À» ÁöÁ¤ °¡´É. ±âº» °¡ÁßÄ¡´Â 1ÀÌ´Ù.
        • ¿¹) ¼­¹ö°¡ A,B,C ÀÌ°í °¢°¢ÀÇ °¡ÁßÄ¡°¡ 4,3,2 ÀÏ °æ¿ì ½ºÄÉÁÙ¸µ ¼ø¼­´Â ABCABCABA
      • ¶ó¿îµå ·Îºó ½ºÄÉÁÙ¸µÀº °¡ÁßÄ¡ ±â¹Ý ¶ó¿îµå ·Îºó ½ºÄÉÁÙ¸µÀÇ Æ¯º°ÇÑ ÇÑ Á¾·ùÀÌ¸ç ¸ðµç °¡ÁßÄ¡°¡ µµÀÏÇÑ °æ¿ì
      • Àå´ÜÁ¡
        • ½ÇÁ¦ ¼­¹öÀÇ ³×Æ®¿öÅ© Á¢¼Ó ¼ö¸¦ °è»êÇÒ ÇÊ¿ä°¡ ¾øÀ½
        • ½ºÄÉÁÙ¸µÀÇ °úºÎÇÏ°¡ Àû¾î ´õ ¸¹Àº ½ÇÁ¦ ¼­¹ö¸¦ ¿î¿µ °¡´É
        • ¿äû¿¡ ´ëÇÑ ºÎÇÏ°¡ ¸Å¿ì ¸¹À» °æ¿ì ½ÇÁ¦ ¼­¹ö»çÀÌ¿¡ µ¿ÀûÀÎ ºÎÇÏ ºÒ±ÕÇü »óÅ ¹ß»ý °¡´É
    • least-connection
      • ÃÖ¼Ò Á¢¼Ó ½ºÄÉÁÙ¸µ
      • °¡Àå Á¢¼ÓÀÌ ÀûÀº ¼­¹ö·Î ¿äûÀ» Á÷Á¢ ¿¬°á ÇÏ´Â ¹æ½Ä
      • °¢ ¼­¹ö¿¡¼­ µ¿ÀûÀ¸·Î ½ÇÁ¦ Á¢¼ÓÇÑ ¼ýÀÚ¸¦ ¼¼¾î¾ß ÇϹǷΠµ¿ÀûÀÎ ½ºÄÉÁÙ¸µ ¾Ë°í¸®Áò ÁßÀÇ ÇϳªÀÌ´Ù.
      • Á¢¼Ó ºÎÇÏ°¡ ¸Å¿ì Å« °æ¿ì¿¡µµ ¾ÆÁÖ È¿°úÀû
      • °¡Àå ºü¸¥ ¼­¹ö¿¡¼­ ´õ ¸¹Àº ³×Æ®¿öÅ© Á¢¼ÓÀ» ó¸®ÇÒ ¼ö ÀÖÀ½
      • ½ÇÁ¦·Î´Â TCPÀÇ TIME_WAIT »óŶ§¹®¿¡ ¾ÆÁÖ ÁÁÀº ¼º´ÉÀ» ³¾ ¼ö´Â ¾øÀ½
      • ´Ù¾çÇÑ Ã³¸®¿ë·®À» Áö³­ ¼­¹ö·Î ±¸¼ºµÇ¾úÀ» °æ¿ì ºÎÇϺлêÀÌ È¿À²ÀûÀ¸·Î µÇÁö ¸øÇÒ ¼ö ÀÖÀ½
    • weighted least-connection
      • °¡ÁßÄ¡ ±â¹Ý ÃÖ¼Ò Á¢¼Ó ½ºÄÉÁÙ¸µ
      • ÃÖ¼Ò Á¢¼Ó ½ºÄÉÁÙ¸µ ÇÑ ºÎºÐÀ¸·Î¼­ °¢°¢ÀÇ ½ÇÁ¦ ¼­¹ö¿¡ ¼º´É °¡ÁßÄ¡¸¦ °¡´É
      • °¡ÁßÄ¡°¡ ³ôÀº ¼­¹ö¿¡¼­ ´õ ¸¹Àº ¿äûÀ» ¹ÞÀ» ¼ö ÀÖÀ½
      • °¡ÁßÄ¡ÀÇ ºñÀ²ÀÎ ½ÇÁ¦ Á¢¼ÓÀÚ¼ö¿¡ µû¶ó ³×Æ®¿öÅ© Á¢¼ÓÀÌ ÇÒ´çµÈ´Ù. ±âº» °¡ÁßÄ¡´Â 1
      • ¼­¹öµéÀÌ °°Àº ó¸® ¿ë·®À» °¡Á³À» ¶§´Â ÃÖ¼Ò Á¢¼Ó ½ºÄÉÁÙ¸µ°ú µ¿ÀÏ
¡Ø¹ßÃé : http://it.dsu.ac.kr/pdf/ha_webservice.pdf
¡ØÂü°í : http://www.austintek.com/LVS/LVS-HOWTO/HOWTO/LVS-HOWTO.ipvsadm.html

1.3.2. Install ipvsadm

1. RPM ¼³Ä¡
  • ¿©±â¼­ ÇÊÀÚ´Â ipvsadm-1.24-6.i386.rpm ¾ÆÁÖ ½±°Ô ÀνºÅç ÇÏ¿´´Ù. ¹°·Ð ¼Ò½º·Î ºôµµ ÇÏ¿©µµ »ó°ü ¾ø´Ù. ¼Ò½º ºôµå ½Ã "make rpm"À¸·Î ÇÏ¿© ´ÙÀ½ ¹ø »ç¿ë½Ã À¯¿ëÇÏ°Ô ¼³Ä¡ ÇÏ¿©µµ »ó°ü¾ø´Ù.
ÀÛ¾÷ ¼­¹ö [Master]
===================================================================================
[root@cnode1 ~]# rpm -Uvh ipvsadm-1.24-6.i386.rpm
warning: ipvsadm-1.24-6.i386.rpm: V3 DSA signature: NOKEY, key ID 443e1821
Preparing...                ########################################### [100%]
   1:ipvsadm                ########################################### [100%]
[root@cnode1 ~]# 
[root@cnode1 ~]# ipvsadm -version
ipvsadm v1.24 2003/06/07 (compiled with popt and IPVS v1.2.0) // ¼³Ä¡¸¦ È®ÀÎ ÇÑ´Ù.
[root@cnode1 ~]# _

1.3.3. Conguration - ipvsadm

  • ipvsÅ×ÀÌºí¿¡ Real Server(Ŭ¶óÀ̾ðÆ®¿¡ µ¥ÀÌÅ͸¦ °ø±ÞÇÒ ¼­¹ö)¸¦ ÁöÁ¤ÇÑ´Ù.
  • ¾Æ·¡¿Í °°Àº ¼³Á¤À¸·Î´Â Master & Slave node¸¦ Real Server ·Î µî·ÏÇÑ »óÅÂÀÌ´Ù.
  • Âü°í·Î µÎ°³ÀÇ ¸®¾ó¼­¹ö °¡ÁßÄ¡¸¦ 1À» ÁáÀ» °æ¿ì lcÀÇ ¾Ë°í¸®Áò°ú °°´Ù.
ÀÛ¾÷ ¼­¹ö [Master]
===================================================================================
[root@cnode1 ~]# ipvsadm -A -t 192.168.0.50:80 -s wlc
[root@cnode1 ~]# ipvsadm -a -t 192.168.0.50:80 -r 192.168.0.11:80 -g -w 1
[root@cnode1 ~]# ipvsadm -a -t 192.168.0.50:80 -r 192.168.0.10:80 -g -w 1
[root@cnode1 ~]# /etc/init.d/ipvsadm save
[root@cnode1 ~]# _

1.3.4. Conguration - ip_forward

  • ÆÐŶ Æ÷¿öµå¸¦ À§ÇØ ´ÙÀ½°ú °°ÀÌ ¼¼ÆÃÀ» ÇÑ´Ù.
ÀÛ¾÷ ¼­¹ö [Master]
===================================================================================
[root@cnode1 ~]# vi /etc/sysctl.conf 
net.ipv4.ip_forward = 1 // 0 ¿¡¼­ 1·Î ¼öÁ¤
[root@cnode1 ~]# sysctl -p
net.ipv4.ip_forward = 1
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
kernel.sysrq = 0
kernel.core_uses_pid = 1
[root@cnode1 ~]#_

1.4. Slave Node

1.4.1. Whatis arptables_jf

  1. ÁغñÁß ....

1.4.2. Install arptables_jf

1. RPM ¼³Ä¡
  • ¿©±â¼­ ÇÊÀÚ´Â arptables_jf-0.0.8-2.i386.rpm ¾ÆÁÖ ½±°Ô ÀνºÅç ÇÏ¿´´Ù.
  • ifconfig¿¡ NOARP ¿É¼ÇÀÌ ÀÖ´Ù. (ex: ifconfig -a {dev} -arp )
ÀÛ¾÷ ¼­¹ö [Slave]
===================================================================================
[root@cnode2 ~]#  rpm -Uvh arptables_jf-0.0.8-2.i386.rpm    
warning: arptables_jf-0.0.8-2.i386.rpm: V3 DSA signature: NOKEY, key ID db42a60e
Preparing...                ########################################### [100%]
   1:arptables_jf-0.0.8-2   ########################################### [100%]
[root@cnode2 ~]# 
[root@cnode2 ~]# arptables -V
arptables v0.0.8 // ¼³Ä¡¸¦ È®ÀÎ ÇÑ´Ù.
[root@cnode2 ~]# _

1.4.3. Configuration - arptables

1. 192.168.0.50 ¸¦ ¿äûÇÏ´Â ³ª¸¥ ³ëµåÀÇ "Arp Request" ÆÐŶÀº ¸ðµÎ ¹«½ÃÇÑ´Ù.
  • ÀÌ·¯¹Ç·Î¼­, °°Àº ³×Æ®¿öÅ©(Äݸ®Àü µµ¸ÞÀÎ)¾È¿¡¼­ µÎ°³ ÀÌ»óÀÇ ¾ÆÀÌÇǸ¦ °¡Áú ¼ö ÀÖ´Ù.
ÀÛ¾÷ ¼­¹ö [Slave]
===================================================================================
[root@cnode2 ~]# arptables -A IN -j DROP -d 192.168.0.50
[root@cnode2 ~]# /etc/init.d/arptables_jf save
Saving current rules to /etc/sysconfig/arptables:          [  OK  ]
[root@cnode2 ~]# _

1.4.4. Configuration - Set virtual IP

  • Dummy0 net/dev ¸¸µé°í È®ÀÎ ÇÑ´Ù.
ÀÛ¾÷ ¼­¹ö [Slave]
===================================================================================
[root@cnode2 ~]# ifconfig dummy0 192.168.0.50 netmask 255.255.255.255 broadcast 192.168.0.50 up
[root@cnode2 ~]# ifconfig
dummy0    Link encap:Ethernet  HWaddr 00:01:02:03:04:03  
          inet addr:192.168.0.50  Bcast:192.168.0.120  Mask:255.255.255.255
          UP BROADCAST RUNNING NOARP  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:3 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:0 (0.0 b)  TX bytes:210 (210.0 b)

eth0      Link encap:Ethernet  HWaddr 00:01:02:03:04:02  
          inet addr:192.168.0.11  Bcast:192.168.0.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:54613114 errors:0 dropped:0 overruns:0 frame:0
          TX packets:154669808 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:4190538150 (3.9 GiB)  TX bytes:524576645 (500.2 MiB)
          Interrupt:11 Base address:0xc000 
[root@cnode2 ~]# 

1.5. Test

  1. Áغñ
    • Master & Slave °¢ node 80Æ÷Æ®·Î ¼­ºñ½ºÇÒ À¥ ¼­¹ö¸¦ ¼³Ä¡ ÇÑ´Ù.
    • °¢ ¼­¹öÀÇ µ¿ÀÏÇÑ index.htmlÆÄÀÏÀ» ¸¸µé°í ÆÄÀÏ ³»¿ëÀº hostname À» Àû¾î ÁغñÇÑ´Ù.
  2. Á¢¼Ó
  3. È®ÀÎ
    • Refresh¸¦ ÅëÇØ index.html ÆÄÀÏÀ» º¸°í ·Îµå ¹ë·±½ÌÀÌ µÇ´ÂÁö È®ÀÎ ÇÑ´Ù.
  4. ÂüÁ¶
    • (Á¤È®È÷ ¸»ÇÏ¸é ¸®´ª½º ´ÙÀÌ·ºÆ® ¶ó¿ìÆÿ¡ ÀÇÇÑ ·Îµå ¹ë·±½ÌÀÌÁö, Ŭ¶óÀ̾ðÆ® ´ë»óÀ¸·Î ÇÑ ·Îµå ¹ë·±½ÌÀº ¾Æ´Ï´Ù. ´Ù¸¸ ·Îµå ¹ë·±½Ì ÇÏ´Â ºñ½ÁÇÑ È¿°ú¸¦ ³¾»Ó.....)

ID
Password
Join
The wise shepherd never trusts his flock to a smiling wolf.


sponsored by andamiro
sponsored by cdnetworks
sponsored by HP

Valid XHTML 1.0! Valid CSS! powered by MoniWiki
last modified 2008-05-22 10:11:43
Processing time 0.0073 sec