网络服务器负载均衡的研究与实现
|
摘要
经过34年的发展,因特网已成为人类社会不可或缺的部分。与此同时,在企业成功的过程中,网络基础设施正在扮演着越来越重要的角色。由于人们对因特网需求的不断增长,企业业务的扩展,企业WEB站点的持续可用性直接或间接地影响着企业的形象、客户满意度,甚至企业的市场份额。所以,企业的电子商务网站,必须能够提供高性能、高可用性、安全、高可扩展性的网络环境,以供运行于其上的应用可以提供24×7的应用服务。
服务器负载均衡—SLB(Server Load Balance)就是一种常用的解决方案。作为服务器负载均衡的一种实现技术,虚拟服务器技术把多个服务器组成的高性能的、高可扩展性的、高可用性的服务器集群,而整个服务器集群再客户眼里求如同一个服务器一样。
LVS(Linux Virtual Server)是利用Linux操作系统的开放源代码构建的服务器集群系统。其中的负载均衡器,一个具有修改了的路由规则的路由器,把客户的请求按照负载均衡策略分发到集群内的服务器节点,实现负载均衡。笔者在仔细研究了负载均衡的理论的基础上,分别对地址转换(NAT)、IP隧道(IP Tunneling)和直接路由(DR)三种实现方式在性能、适用性、安全等方面进行了讨论、分析与比较,并着重阐述了DR方式的代码实现。
笔者认为,DR方式不论在性能上还是实用性上都优于其他两种方式。虽然DR方式的安全性不如NAT方式,但DR方式却没有牺牲系统安全性。所以,DR方式的LVS系统在实际应用中一定能够满足一般用户的需要。
After the development of 34 years, the Internet has become a indispensable part of human society. Meanwhile, the network infrastructure is playing an increasingly important role in the success of a business. As the increasing demand for the network, and the expanding of enterprise's business, the company image, customer satisfaction, even the market share are all intertwined with the consistent availability of a company's web site. Therefore, the company's e-commerce site must offer a high performance, high availability, high scalability and secure network infrastructure for the applications that operate on it can offer 24 *7 services.
Server Load Balancing(SLB) is a commonly used solution. As a type of one of realizing technologies of SLB, Virtual Server is a high-performance, high available, high scalable cluster of servers which appears to be only one server to an outside client.
Linux Virtual Server(LVS) is a cluster system utilizing Linux's open souce code. The director of which, a router with modified routing rules, directs the client requests to the particular realserver in the cluster according to the load balance schedule. And then, the SLB is realized. Base on the reseach on the Load Balance theory, the author gives a discussion, analysis and comparison about the performance, applicability and security of the realizing method(NAT, IP Tunneling, Direct Route). Then the author describes emphatically the code-realization of the DR method.
The author believes that the DR method is better than the other methods on both hand of applicability and performance. Although the security of DR method is not same as NAT-methor's, surely DR method doesn't sacrifice the system security. So, the LVS system by DR method can satisfy the demand of ordinary users.
服务器负载均衡—SLB(Server Load Balance)就是一种常用的解决方案。作为服务器负载均衡的一种实现技术,虚拟服务器技术把多个服务器组成的高性能的、高可扩展性的、高可用性的服务器集群,而整个服务器集群再客户眼里求如同一个服务器一样。
LVS(Linux Virtual Server)是利用Linux操作系统的开放源代码构建的服务器集群系统。其中的负载均衡器,一个具有修改了的路由规则的路由器,把客户的请求按照负载均衡策略分发到集群内的服务器节点,实现负载均衡。笔者在仔细研究了负载均衡的理论的基础上,分别对地址转换(NAT)、IP隧道(IP Tunneling)和直接路由(DR)三种实现方式在性能、适用性、安全等方面进行了讨论、分析与比较,并着重阐述了DR方式的代码实现。
笔者认为,DR方式不论在性能上还是实用性上都优于其他两种方式。虽然DR方式的安全性不如NAT方式,但DR方式却没有牺牲系统安全性。所以,DR方式的LVS系统在实际应用中一定能够满足一般用户的需要。
After the development of 34 years, the Internet has become a indispensable part of human society. Meanwhile, the network infrastructure is playing an increasingly important role in the success of a business. As the increasing demand for the network, and the expanding of enterprise's business, the company image, customer satisfaction, even the market share are all intertwined with the consistent availability of a company's web site. Therefore, the company's e-commerce site must offer a high performance, high availability, high scalability and secure network infrastructure for the applications that operate on it can offer 24 *7 services.
Server Load Balancing(SLB) is a commonly used solution. As a type of one of realizing technologies of SLB, Virtual Server is a high-performance, high available, high scalable cluster of servers which appears to be only one server to an outside client.
Linux Virtual Server(LVS) is a cluster system utilizing Linux's open souce code. The director of which, a router with modified routing rules, directs the client requests to the particular realserver in the cluster according to the load balance schedule. And then, the SLB is realized. Base on the reseach on the Load Balance theory, the author gives a discussion, analysis and comparison about the performance, applicability and security of the realizing method(NAT, IP Tunneling, Direct Route). Then the author describes emphatically the code-realization of the DR method.
The author believes that the DR method is better than the other methods on both hand of applicability and performance. Although the security of DR method is not same as NAT-methor's, surely DR method doesn't sacrifice the system security. So, the LVS system by DR method can satisfy the demand of ordinary users.
引文
[1] Andrew S.Tanenbaum,《计算机网络》,第3版,熊桂喜、王小虎,2002.07,清华大学出版社;
[2] Steve Shah,《Linux管理员指南》,杨涛、杨晓云、王建桥、高文雅,2001.01,机械工业出版社;
[3] Anonymous,《Linux安全最大化》,第2版,汪辉,2002.01,电子工业出版社;
[4] Neil Matthew、Richard Stones,《Linux程序设计》,杨晓云、王建桥、杨涛、高文雅,2002.01,机械工业出版社;
[5] Neil Matthew,《Linux高级编程》,叶小虎、龙浩,2002.01,机械工业出版社;
[6] Satchell S.T.、Clifford H.B.J.,《Linux IP协议栈源代码分析》,刘隆国、翟刚、陆丽娜等,2000.11,机械工业出版社;
[7] 毛德操、胡希明,《Linux内核源代码情景分析》,2001.09,浙江大学出版社;
[8] 李善平等,《Linux内核2.4版源代码分析大全》,2002.01,机械工业出版社;
[9] Alessandro Rubini、Jonathan Corbet,《LINUX设备驱动程序(第二版)》,魏永明、骆刚、姜君,2002.11,中国电力出版社;
[10] Rusty Russell,Linux2.4 Packet Filtering HOWTO,v1.0.1,网中人,2000.05,HTTP://www.netfilter.org/documentation/HOWTO/cn/packet-filtefing-HOWTO.html;
[11] 李辉、曲波,《校园网代理服务器的负载均衡》,《小型微型计算机系统》,2002.08;
[12] 李辉、曲波 《网络监测系统的性能优化》,CERNET学术年会,南京,2002年,东南大学;
[13] W.Richard Stevens, TCP/IP详解卷1:协议(英文版),2002.01,机械工业出版社;
[14] Jeff Doyle,TCP/IP路由技术卷Ⅰ(英文影印版),2000.11,清华大学出版社;
[15] Douglas E.Comer、David L.Stevens,TCP/IP网络互连 第3卷客户/服务器编程及应用Linux、POSIX Sockets版(英文版),2002.01,人民邮电出版社;
[16] Marco Cesati、Daniel P. Bovet, Understanding the Linux Kernel, 2nd Edition, 2002.12;
[17] Michael D. Bauer, Building Secure Servers with Linux, 2002.10, O'Reilly;
[18] Alex Vrenios, Linux Cluster Architecture, 2002.07, Sams;
[19] Behrouz A. Forouzan & Sophia Chung Fegan, TCP/IP Protocol Suite(2nd Edition), 2002.07, McGraw-Hill Companies
[20] C. Yoshikawa、B. Chun、P. Eastham、A. Vahdat、T. Anderson and D. Culler, Using Smart Clients to Build Scalable Services, 1997.01, In Proceedings of the 1997 USENIX Technical Conference;
[21] D. Dias、W. Kish、R. Mukherjee、and R. Tewari, A Scalable and Highly Available Server, 1996, In Proceeding of COMPCON;
[22] Guerney D.H. Hunt、German S. Goldszmidt、Richard P. King and Rajat Mukherjee, Network Dispatcher: a connection router for scalable Intemet services, 1998.04, In Proceedings of the 7th International WWW Conference;
[23] P. Krueger and M. Livny, The diverse objectives of distributed scheduling policies, 1987.07, Proc. of the 7th IEEE International Conference on Distributed Computing Systems;
[24] Tony Bourke, Server Load Balancing, 2001.08, O'Reilly;
[25] Harald Welte, The netfilter framework in Linux 2.4, 2000.09, HTTP://gnumonks.org/papers/netfilter-lk2000/presentation.html;
[26] What is the difference between REJECT and DENY, HTTP://logi.cc/linux/reject_or_deny.html;
[27] David A. Ranch, A Guide to Configuring Your Linux Server for Performance、Security、and Managability, 2003.01, HTTP://www.ecst.csuchico.edu/~dranch/LINUX/TrinityOS/cHTML/TrinityOS-c.html;
[28] Alessandro Rubini, The'Virtual File System" in Linux, 2002.03, HTTP://www.linuxjournal.com/article.php?sid=2108;
[29] David Bandel, Linux Kernel Installation, 2002.03, HTTP://www.linuxjournal.com/article.php?sid=2404;
[30] Jorge Manjarrez-Sanchez, Jorge Manjarrez-Sanchez, 2002.03, HTTP://www.linuxjournal.com/article.php?sid=3326;
[31] Alessandro Rubini, The Design of an In-Kernel Server, 2000.12, HTTP://www.linux-mag.com/2000-12/gear_02.html;
[32] Zeus Technology, Inc. Zeus Load Balancer vl.1 User Guide. HTTP://www.zeus.com/
[2] Steve Shah,《Linux管理员指南》,杨涛、杨晓云、王建桥、高文雅,2001.01,机械工业出版社;
[3] Anonymous,《Linux安全最大化》,第2版,汪辉,2002.01,电子工业出版社;
[4] Neil Matthew、Richard Stones,《Linux程序设计》,杨晓云、王建桥、杨涛、高文雅,2002.01,机械工业出版社;
[5] Neil Matthew,《Linux高级编程》,叶小虎、龙浩,2002.01,机械工业出版社;
[6] Satchell S.T.、Clifford H.B.J.,《Linux IP协议栈源代码分析》,刘隆国、翟刚、陆丽娜等,2000.11,机械工业出版社;
[7] 毛德操、胡希明,《Linux内核源代码情景分析》,2001.09,浙江大学出版社;
[8] 李善平等,《Linux内核2.4版源代码分析大全》,2002.01,机械工业出版社;
[9] Alessandro Rubini、Jonathan Corbet,《LINUX设备驱动程序(第二版)》,魏永明、骆刚、姜君,2002.11,中国电力出版社;
[10] Rusty Russell,Linux2.4 Packet Filtering HOWTO,v1.0.1,网中人,2000.05,HTTP://www.netfilter.org/documentation/HOWTO/cn/packet-filtefing-HOWTO.html;
[11] 李辉、曲波,《校园网代理服务器的负载均衡》,《小型微型计算机系统》,2002.08;
[12] 李辉、曲波 《网络监测系统的性能优化》,CERNET学术年会,南京,2002年,东南大学;
[13] W.Richard Stevens, TCP/IP详解卷1:协议(英文版),2002.01,机械工业出版社;
[14] Jeff Doyle,TCP/IP路由技术卷Ⅰ(英文影印版),2000.11,清华大学出版社;
[15] Douglas E.Comer、David L.Stevens,TCP/IP网络互连 第3卷客户/服务器编程及应用Linux、POSIX Sockets版(英文版),2002.01,人民邮电出版社;
[16] Marco Cesati、Daniel P. Bovet, Understanding the Linux Kernel, 2nd Edition, 2002.12;
[17] Michael D. Bauer, Building Secure Servers with Linux, 2002.10, O'Reilly;
[18] Alex Vrenios, Linux Cluster Architecture, 2002.07, Sams;
[19] Behrouz A. Forouzan & Sophia Chung Fegan, TCP/IP Protocol Suite(2nd Edition), 2002.07, McGraw-Hill Companies
[20] C. Yoshikawa、B. Chun、P. Eastham、A. Vahdat、T. Anderson and D. Culler, Using Smart Clients to Build Scalable Services, 1997.01, In Proceedings of the 1997 USENIX Technical Conference;
[21] D. Dias、W. Kish、R. Mukherjee、and R. Tewari, A Scalable and Highly Available Server, 1996, In Proceeding of COMPCON;
[22] Guerney D.H. Hunt、German S. Goldszmidt、Richard P. King and Rajat Mukherjee, Network Dispatcher: a connection router for scalable Intemet services, 1998.04, In Proceedings of the 7th International WWW Conference;
[23] P. Krueger and M. Livny, The diverse objectives of distributed scheduling policies, 1987.07, Proc. of the 7th IEEE International Conference on Distributed Computing Systems;
[24] Tony Bourke, Server Load Balancing, 2001.08, O'Reilly;
[25] Harald Welte, The netfilter framework in Linux 2.4, 2000.09, HTTP://gnumonks.org/papers/netfilter-lk2000/presentation.html;
[26] What is the difference between REJECT and DENY, HTTP://logi.cc/linux/reject_or_deny.html;
[27] David A. Ranch, A Guide to Configuring Your Linux Server for Performance、Security、and Managability, 2003.01, HTTP://www.ecst.csuchico.edu/~dranch/LINUX/TrinityOS/cHTML/TrinityOS-c.html;
[28] Alessandro Rubini, The'Virtual File System" in Linux, 2002.03, HTTP://www.linuxjournal.com/article.php?sid=2108;
[29] David Bandel, Linux Kernel Installation, 2002.03, HTTP://www.linuxjournal.com/article.php?sid=2404;
[30] Jorge Manjarrez-Sanchez, Jorge Manjarrez-Sanchez, 2002.03, HTTP://www.linuxjournal.com/article.php?sid=3326;
[31] Alessandro Rubini, The Design of an In-Kernel Server, 2000.12, HTTP://www.linux-mag.com/2000-12/gear_02.html;
[32] Zeus Technology, Inc. Zeus Load Balancer vl.1 User Guide. HTTP://www.zeus.com/
© 2004-2018 中国地质图书馆版权所有 京ICP备05064691号 京公网安备11010802017129号 地址:北京市海淀区学院路29号 邮编:100083 电话:办公室:(+86 10)66554848;文献借阅、咨询服务、科技查新:66554700 |