0%

七层与四层负载均衡

负载均衡

七层负载均衡作用:(OSI 应用层)

​ 流量分发
​ 后端服务高可用
​ 调度策略
​ 轮询
​ 加权轮询
​ ip_hash (会话登录) redis将session_id进行共享
​ url_hash
​ 健康检查(官方)
​ backup 备机
​ down 注释
​ max_fails 失败的次数
​ fail_timeout 多长时间内失败max_fails次,则视为down
​ 健康检查 check_upstream 第三方

upstream
proxy_pass

四层负载均衡:(OSI传输层 ip:port)

​ nginx1.9 版本
硬件:F5
软件:LVS、Haproxy、Nginx

1.四层+七层来作负载均衡,4层可以保证7层的负载均衡的高可用性。如:nginx就无法保证自己的服务高可用,需要依赖lvs或者keepalive来作。

2.如:tcp协议的负载均衡,有些请求是TCP协议的(mysql、ssh),或者说这些请求只需要使用4层进行端口的转发就可以了,所以使用4层负载均衡。
比如做:mysql读的负载均衡(轮询)
比如做:端口映射、端口转发 tcp/udp

四层负载均衡总结
1.四层负载均衡仅能转发TCP/IP协议、UDP协议,通常用来转发端口,如: tcp/3306,tcp/22,udp/53。
2.四层负载均衡可以用来解决七层负载均衡的端口限制问题。(七层负载均衡最大使用65535个端口号)
3.可以用来解决七层负载均衡的高可用问题。(多台后端七层负载均衡能同时的使用)
4.四层的转发效率比七层的高的多,但仅支持tcp/ip协议,不支持http或者https协议

lb-4 10.0.0.3
lb-7 10.0.0.5 172.16.1.5
lb-7 10.0.0.6 172.16.1.6
nfs
mysql
redis

1.在lb02上面安装Nginx

1
2
3
4
5
6
7
[root@lb02 ~]# cat /etc/yum.repos.d/nginx.repo 
[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/7/$basearch/
gpgcheck=0
enabled=1
[root@lb02 ~]# yum install nginx -y

2.在lb02上面拷贝lb02的所有nginx相关配置即可。

1
[root@lb02 ~]# scp -rp root@172.16.1.5:/etc/nginx /etc/

3.启动nginx

1
2
3
[root@lb02 conf.d]# nginx -t
[root@lb02 conf.d]# systemctl start nginx
[root@lb02 conf.d]# systemctl enable nginx

4.配置nginx四层负载均衡

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
	stream   --with-stream	tcp

[root@lb02 ~]# cat /etc/yum.repos.d/nginx.repo
[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/7/$basearch/
gpgcheck=0
enabled=1
[root@lb02 ~]# yum install nginx -y
[root@lb02 ~]# vim /etc/nginx/nginx.conf
events {
​ ....
}

include /etc/nginx/conf.c/*.conf;

http {
.....
}

3.创建存放四层负载均衡配置的目录

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
[root@lb4-01 conf.c]# rm -f /etc/nginx/conf.d/default.conf   #删除http的80端口
[root@lb4-01 ~]# mkdir /etc/nginx/conf.c
[root@lb4-01 ~]# cd /etc/nginx/conf.c
[root@lb4-01 conf.c]# cat lb_domain.conf
stream {
upstream lb {
server 172.16.1.5:80 weight=5 max_fails=3 fail_timeout=30s;
server 172.16.1.6:80 weight=5 max_fails=3 fail_timeout=30s;
}

server {
listen 80;
proxy_connect_timeout 3s;
proxy_timeout 3s;
proxy_pass lb;
}

}

4.重载服务

1
2
3
4
5
[root@lb4-01 conf.c]# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[root@lb4-01 conf.c]# systemctl restart nginx
[root@lb4-01 conf.c]# systemctl enable nginx

使用nginx四层负载均衡实现tcp的转发
请求负载均衡 5555 —> 172.16.1.7:22;
请求负载均衡 6666 —> 172.16.1.51:3306;

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
[root@lb4-01 ~]# cat /etc/nginx/conf.c/lb_domain.conf 
stream {
log_format proxy '$remote_addr $remote_port - [$time_local] $status $protocol '
'"$upstream_addr" "$upstream_bytes_sent" "$upstream_connect_time"' ;
access_log /var/log/nginx/proxy.log proxy;

#定义转发ssh的22端口
upstream ssh_7 {
server 10.0.0.7:22;
}
#定义转发mysql的3306端口
upstream mysql_51 {
server 10.0.0.51:3306;
}
server {
listen 5555;
proxy_connect_timeout 3s;
proxy_timeout 300s;
proxy_pass ssh_7;
}

server {
listen 6666;
proxy_connect_timeout 3s;
proxy_timeout 3s;
proxy_pass mysql_51;
}

}

nginx四层负载均衡记录日志
stream {
log_format proxy '$remote_addr $remote_port - [$time_local] $status $protocol '
'"$upstream_addr" "$upstream_bytes_sent" "$upstream_connect_time"' ;

```
access_log /var/log/nginx/proxy.log proxy;
```

}

日志展示效果
10.0.0.1 59129 - [23/Jan/2019:12:11:40 +0800] 200 TCP “172.16.1.5:80” “0” “0.000”
10.0.0.1 59124 - [23/Jan/2019:12:11:41 +0800] 200 TCP “172.16.1.6:80” “1298” “0.000”
10.0.0.1 59145 - [23/Jan/2019:12:11:44 +0800] 200 TCP “172.16.1.6:80” “1316” “0.001”
10.0.0.1 59598 - [23/Jan/2019:12:22:03 +0800] 200 TCP “10.0.0.7:22” “2213” “0.001”
10.0.0.1 59672 - [23/Jan/2019:12:23:51 +0800] 200 TCP “10.0.0.7:22” “2893” “0.001”
10.0.0.1 59698 - [23/Jan/2019:12:26:43 +0800] 200 TCP “10.0.0.7:22” “3309” “0.000”

四层负载均衡:
转发TCP/ip协议,端口转发
解决七层负载均衡高可用,解决网站并发或者链接的瓶颈。
场景:
4+7 大规模集群使用场景
通过四层负载均衡的2222端口,转发到后端的某一台主机的22端口

四层负载均衡
硬件:F5
软件:LVS、Haproxy、Nginx(1.90)诞生 stream(tcp) 不能配置在http层