第22章 负载均衡架构设计
学习目标
- 理解负载均衡的原理和分类
- 掌握LVS、Nginx、HAProxy等负载均衡技术
- 了解云原生负载均衡方案
- 能够设计高可用的负载均衡架构
前置知识
22.1 负载均衡概述
22.1.1 什么是负载均衡
负载均衡是将网络请求分发到多个服务器上,以提高系统的可用性、可靠性和性能的技术。
核心功能:
- 请求分发:将请求分发到多个后端服务器
- 健康检查:监控后端服务器状态
- 故障转移:自动剔除故障服务器
- 会话保持:保持用户会话状态
22.1.2 负载均衡分类
1. 按网络层次分类
- 四层负载均衡:基于IP和端口
- 七层负载均衡:基于HTTP/HTTPS内容
2. 按实现方式分类
- 硬件负载均衡:专用硬件设备
- 软件负载均衡:软件实现
- 云负载均衡:云服务提供商
22.2 LVS负载均衡
22.2.1 LVS架构
LVS(Linux Virtual Server)是Linux内核的负载均衡解决方案
┌─────────────────────────────────────────────────────────────┐
│ LVS Architecture │
├─────────────────────────────────────────────────────────────┤
│ Client Request │
│ │ │
│ ┌──────┐ │
│ │ LVS Director │ │
│ └───┬───┘ │
│ │ │
│ ┌──────┐ ┌──────┐ ┌──────┐ │
│ │Real Server1│ │Real Server2│ │Real Server3│ │
│ └─────────┘ └─────────┘ └─────────┘ │
└─────────────────────────────────────────────────────────────┘
22.2.2 LVS工作模式
1. NAT模式
# 配置NAT模式
ipvsadm -A -t 192.168.1.100:80 -s rr
ipvsadm -a -t 192.168.1.100:80 -r 192.168.1.10:80 -m
ipvsadm -a -t 192.168.1.100:80 -r 192.168.1.11:80 -m
ipvsadm -a -t 192.168.1.100:80 -r 192.168.1.12:80 -m
2. DR模式
# 配置DR模式
ipvsadm -A -t 192.168.1.100:80 -s rr
ipvsadm -a -t 192.168.1.100:80 -r 192.168.1.10:80 -g
ipvsadm -a -t 192.168.1.100:80 -r 192.168.1.11:80 -g
ipvsadm -a -t 192.168.1.100:80 -r 192.168.1.12:80 -g
3. TUN模式
# 配置TUN模式
ipvsadm -A -t 192.168.1.100:80 -s rr
ipvsadm -a -t 192.168.1.100:80 -r 192.168.1.10:80 -i
ipvsadm -a -t 192.168.1.100:80 -r 192.168.1.11:80 -i
ipvsadm -a -t 192.168.1.100:80 -r 192.168.1.12:80 -i
22.2.3 LVS调度算法
1. 轮询(rr)
# 配置轮询算法
ipvsadm -A -t 192.168.1.100:80 -s rr
2. 加权轮询(wrr)
# 配置加权轮询
ipvsadm -A -t 192.168.1.100:80 -s wrr
ipvsadm -a -t 192.168.1.100:80 -r 192.168.1.10:80 -w 3
ipvsadm -a -t 192.168.1.100:80 -r 192.168.1.11:80 -w 2
ipvsadm -a -t 192.168.1.100:80 -r 192.168.1.12:80 -w 1
3. 最少连接(lc)
# 配置最少连接
ipvsadm -A -t 192.168.1.100:80 -s lc
22.3 Nginx负载均衡
22.3.1 Nginx配置
基本配置:
# nginx.conf
upstream backend {
server 192.168.1.10:80 weight=3;
server 192.168.1.11:80 weight=2;
server 192.168.1.12:80 weight=1;
server 192.168.1.13:80 backup;
}
server {
listen 80;
server_name example.com;
location / {
proxy_pass http://backend;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
22.3.2 负载均衡算法
1. 轮询(默认)
upstream backend {
server 192.168.1.10:80;
server 192.168.1.11:80;
server 192.168.1.12:80;
}
2. 加权轮询
upstream backend {
server 192.168.1.10:80 weight=3;
server 192.168.1.11:80 weight=2;
server 192.168.1.12:80 weight=1;
}
3. IP哈希
upstream backend {
ip_hash;
server 192.168.1.10:80;
server 192.168.1.11:80;
server 192.168.1.12:80;
}
4. 最少连接
upstream backend {
least_conn;
server 192.168.1.10:80;
server 192.168.1.11:80;
server 192.168.1.12:80;
}
22.3.3 健康检查
Nginx健康检查:
upstream backend {
server 192.168.1.10:80 max_fails=3 fail_timeout=30s;
server 192.168.1.11:80 max_fails=3 fail_timeout=30s;
server 192.168.1.12:80 max_fails=3 fail_timeout=30s;
}
第三方健康检查模块:
upstream backend {
server 192.168.1.10:80;
server 192.168.1.11:80;
server 192.168.1.12:80;
}
server {
listen 80;
server_name example.com;
location / {
proxy_pass http://backend;
health_check;
}
}
22.4 HAProxy负载均衡
22.4.1 HAProxy配置
基本配置:
# haproxy.cfg
global
daemon
user haproxy
group haproxy
log 127.0.0.1:514 local0
defaults
mode http
timeout connect 5000ms
timeout client 50000ms
timeout server 50000ms
frontend web_frontend
bind *:80
default_backend web_servers
backend web_servers
balance roundrobin
server web1 192.168.1.10:80 check
server web2 192.168.1.11:80 check
server web3 192.168.1.12:80 check
listen stats
bind *:8080
stats enable
stats uri /stats
stats refresh 30s
22.4.2 负载均衡算法
1. 轮询(roundrobin)
backend web_servers
balance roundrobin
server web1 192.168.1.10:80 check
server web2 192.168.1.11:80 check
2. 最少连接(leastconn)
backend web_servers
balance leastconn
server web1 192.168.1.10:80 check
server web2 192.168.1.11:80 check
3. 源IP哈希(source)
backend web_servers
balance source
server web1 192.168.1.10:80 check
server web2 192.168.1.11:80 check
22.4.3 健康检查
TCP健康检查:
backend web_servers
server web1 192.168.1.10:80 check
server web2 192.168.1.11:80 check
server web3 192.168.1.12:80 check
HTTP健康检查:
backend web_servers
server web1 192.168.1.10:80 check httpchk GET /health
server web2 192.168.1.11:80 check httpchk GET /health
server web3 192.168.1.12:80 check httpchk GET /health
22.5 云原生负载均衡
22.5.1 Kubernetes Service
ClusterIP Service:
apiVersion: v1
kind: Service
metadata:
name: web-service
spec:
selector:
app: web
ports:
- port: 80
targetPort: 8080
type: ClusterIP
NodePort Service:
apiVersion: v1
kind: Service
metadata:
name: web-service
spec:
selector:
app: web
ports:
- port: 80
targetPort: 8080
nodePort: 30080
type: NodePort
LoadBalancer Service:
apiVersion: v1
kind: Service
metadata:
name: web-service
spec:
selector:
app: web
ports:
- port: 80
targetPort: 8080
type: LoadBalancer
22.5.2 Ingress控制器
Nginx Ingress:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: web-ingress
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
spec:
rules:
- host: example.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: web-service
port:
number: 80
HAProxy Ingress:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: web-ingress
annotations:
haproxy.org/backend-config-snippet: |
balance roundrobin
option httpchk GET /health
spec:
rules:
- host: example.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: web-service
port:
number: 80
22.6 高可用设计
22.6.1 负载均衡器冗余
主备模式:
# 配置VRRP
interface vlan 100
ip address 192.168.1.10 255.255.255.0
vrrp 1 ip 192.168.1.1
vrrp 1 priority 120
vrrp 1 preempt
双活模式:
# 配置多台负载均衡器
# 使用DNS轮询或Anycast
22.6.2 后端服务器冗余
健康检查:
# 配置健康检查
# 自动剔除故障服务器
# 自动恢复健康服务器
会话保持:
# 配置会话保持
# 确保用户会话不中断
22.7 性能优化
22.7.1 连接池优化
Nginx连接池:
upstream backend {
server 192.168.1.10:80;
server 192.168.1.11:80;
keepalive 32;
}
server {
location / {
proxy_pass http://backend;
proxy_http_version 1.1;
proxy_set_header Connection "";
}
}
HAProxy连接池:
backend web_servers
option httpchk GET /health
http-check expect status 200
server web1 192.168.1.10:80 check
server web2 192.168.1.11:80 check
22.7.2 缓存优化
Nginx缓存:
proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=my_cache:10m max_size=10g inactive=60m;
server {
location / {
proxy_cache my_cache;
proxy_cache_valid 200 302 10m;
proxy_cache_valid 404 1m;
proxy_pass http://backend;
}
}
22.8 故障排查
22.8.1 常见问题诊断
问题1:负载均衡不工作
# 检查配置
nginx -t
haproxy -c -f /etc/haproxy/haproxy.cfg
# 检查后端服务器
curl http://192.168.1.10:80
curl http://192.168.1.11:80
问题2:会话丢失
# 检查会话保持配置
# 检查Cookie配置
# 检查IP哈希配置
问题3:性能问题
# 检查连接数
netstat -an | grep :80 | wc -l
# 检查响应时间
curl -w "@curl-format.txt" -o /dev/null -s http://example.com
22.8.2 排错工具
# 使用curl测试
curl -v http://example.com
# 使用ab测试
ab -n 1000 -c 10 http://example.com/
# 使用wrk测试
wrk -t12 -c400 -d30s http://example.com/
22.9 排错清单
22.9.1 配置检查
- [ ] 负载均衡器配置是否正确
- [ ] 后端服务器是否正常
- [ ] 健康检查是否配置
- [ ] 会话保持是否配置
- [ ] 监控是否正常
22.9.2 性能检查
- [ ] 响应时间是否正常
- [ ] 吞吐量是否满足要求
- [ ] 连接数是否正常
- [ ] 错误率是否正常
- [ ] 资源使用是否正常
22.10 延伸阅读
下一章:第23章 高可用架构
返回目录:README