docker swarm load balancer
内部负载均衡和 VIP
IPVS
IPVS, which stands for IP Virtual Server, is a high-performance load balancing technology designed for Linux systems. It operates at Layer 4 of the OSI model (the transport layer), making it particularly efficient for distributing network traffic across multiple servers. IPVS is part of the Linux kernel and can be used in conjunction with the Linux Virtual Server (LVS) framework to create scalable and resilient server clusters.
The primary function of IPVS is to balance incoming network requests among a group of real servers, known as backends or real servers, which are hidden behind a virtual IP address (VIP). When a connection request arrives at the VIP, IPVS selects an appropriate backend server based on various scheduling algorithms and forwards the request to that server. Subsequent packets of the same connection are routed back to the same backend to maintain session consistency.
IPVS uses the Netfilter framework within the Linux kernel to intercept and manipulate network packets. It can perform operations such as:
- Packet Filtering: Using iptables rules to filter out unwanted traffic.
- Source Network Address Translation (SNAT): Changing the source IP address of packets before they leave the load balancer to ensure responses from the backend servers are correctly routed back to the client.
- Masquerading: Allowing a server to use a single IP address for multiple services or hosts.
The management of IPVS is typically done through the
ipvsadmcommand-line tool, which allows administrators to add, delete, and modify virtual services and real servers in the cluster.IPVS is well-suited for handling large volumes of traffic and can be used in scenarios where high availability and scalability are required, such as in web server farms, database clusters, or any other distributed application architecture. It supports both TCP and UDP protocols, making it versatile for a wide range of applications.
In summary, IPVS is a powerful tool for implementing load balancing in Linux environments, providing a robust solution for managing and distributing network traffic efficiently across multiple servers.
experiment
https://dockertips.readthedocs.io/en/latest/docker-swarm/internal_lb.html
从本文中的测试看出,
ping service, 是由service对应的IPVS进行响应, 代表service, 使用ICMP,工作在IP层。
但是curl service, 实际上是由真正的real server进行响应,使用http协议,工作在应用层, 工作路径 IP -> TCP -> HTTP
vagrant@swarm-manager:~$ docker container ls CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 36dce35d56e8 xiaopeng163/net-box:latest "ping 8.8.8.8" 19 minutes ago Up 19 minutes client.1.sg9b3dqrgru4f14k2tpxzg2ei vagrant@swarm-manager:~$ docker container exec -it 36dc sh /omd # curl web Hostname: 6039865a1e5d IP: 127.0.0.1 IP: 10.0.1.32 IP: 172.18.0.3 RemoteAddr: 10.0.1.37:40972 GET / HTTP/1.1 Host: web User-Agent: curl/7.69.1 Accept: */* /omd # curl web Hostname: c3b3e99b9bb1 IP: 127.0.0.1 IP: 10.0.1.31 IP: 172.18.0.3 RemoteAddr: 10.0.1.37:40974 GET / HTTP/1.1 Host: web User-Agent: curl/7.69.1 Accept: */* /omd # curl web Hostname: 6039865a1e5d IP: 127.0.0.1 IP: 10.0.1.32 IP: 172.18.0.3 RemoteAddr: 10.0.1.37:40976 GET / HTTP/1.1 Host: web User-Agent: curl/7.69.1 Accept: */* /omd # /omd # ping web -c 2 PING web (10.0.1.30): 56 data bytes 64 bytes from 10.0.1.30: seq=0 ttl=64 time=0.044 ms 64 bytes from 10.0.1.30: seq=1 ttl=64 time=0.071 ms --- web ping statistics --- 2 packets transmitted, 2 packets received, 0% packet loss round-trip min/avg/max = 0.044/0.057/0.071 ms /omd #
How to setup simple load balancing with IPVS, demo with docker.
简单易懂的IPvS入门文章。
https://dev.to/douglasmakey/how-to-setup-simple-load-balancing-with-ipvs-demo-with-docker-4j1d
