軟體負載平衡 SDN (SLB)Software Load Balancing (SLB) for SDN

適用於:Windows Server(以每年次管道)、Windows Server 2016Applies To: Windows Server (Semi-Annual Channel), Windows Server 2016

若要了解軟體負載平衡軟體定義 Windows Server 2016 中的 [網路,您可以使用此主題。You can use this topic to learn about Software Load Balancing for Software Defined Networking in Windows Server 2016.

雲端服務提供者 (Csp) 與要部署的軟體定義網路 (SDN) 在 Windows Server 2016 中的企業可以使用軟體負載平衡 (SLB) 平均散發承租人和承租人客戶網路流量分配 virtual 網路資源。Cloud Service Providers (CSPs) and Enterprises that are deploying Software Defined Networking (SDN) in Windows Server 2016 can use Software Load Balancing (SLB) to evenly distribute tenant and tenant customer network traffic among virtual network resources. Windows Server SLB 可讓伺服器多個主機相同的工作負載,可用性和延展性。The Windows Server SLB enables multiple servers to host the same workload, providing high availability and scalability.

Windows Server SLB 包含下列功能。Windows Server SLB includes the following capabilities.

  • 層級 4 (4) 負載平衡服務 '北南' 及 '東西' TCP 日 UDP 傳輸。Layer 4 (L4) load balancing services for 'North-South' and 'East-West' TCP/UDP traffic.

  • 公開和內部網路流量負載平衡。Public and Internal network traffic load balancing.

  • 和您使用 HYPER-V 網路模擬建立 virtual 網路上區域網路 (Vlan),支援動態 IP 位址 (DIPs)。Supports dynamic IP addresses (DIPs) on virtual Local Area Networks (VLANs) and on virtual networks that you create by using Hyper-V Network Virtualization.

  • 健康探查支援。Health probe support.

  • 準備好要雲端縮放比例,包括擴充功能,並 multiplexers 和主機代理程式擴充功能。Ready for cloud scale, including scale-out capability, and scale up capability for multiplexers and Host Agents.

如需詳細資訊,請查看軟體負載平衡功能本主題中。For more information, see Software Load Balancing Features in this topic.

注意

不支援 Vlan Network Controller 的 multitenancy,但是您可以使用 Vlan SLB 服務提供者管理工作負載,例如 datacenter 基礎結構密度網頁伺服器。Multitenancy for VLANs is not supported by Network Controller, however you can use VLANs with SLB for service provider managed workloads, such as the datacenter infrastructure and high density Web servers.

使用 Windows Server SLB,您可以調整出您負載平衡使用 SLB Vm 您 VM 工作負載您使用的相同 HYPER-V 運算伺服器上的功能。Using Windows Server SLB, you can scale out your load balancing capabilities using SLB VMs on the same Hyper-V compute servers that you use for your other VM workloads. 因此,SLB 支援快速建立和刪除負載平衡端點所需的 CSP 作業。Because of this, SLB supports the rapid creation and deletion of load balancing endpoints that is required for CSP operations. 此外,Windows Server SLB 支援的每個叢集 gb 數以萬計、 提供簡單提供模式,並輕鬆地查看和縮放。In addition, Windows Server SLB supports tens of gigabytes per cluster, provides a simple provisioning model, and is easy to scale out and in.

SLB 的運作方式How SLB works

SLB 的運作方式是對應 virtual IP 位址 (Vip) 動態的 IP 位址 (DIPs) 的雲端服務的資料中心中的資源集的一部分。SLB works by mapping virtual IP addresses (VIPs) to dynamic IP addresses (DIPs) that are part of a cloud service set of resources in the datacenter.

Vip 的單一提供公用存取集區的負載平衡 Vm 的 IP 位址。VIPs are single IP addresses that provide public access to a pool of load balanced VMs. 例如,Vip 是 tenants 和承租人針對可以連接到雲端的資料中心承租人資源,會顯示在網際網路的 IP 位址。For example, VIPs are IP addresses that are exposed on the Internet so that tenants and tenant customers can connect to tenant resources in the cloud datacenter.

DIPs 的成員負載平衡集區 VIP 背後的 Vm 的 IP 位址。DIPs are the IP addresses of the member VMs of a load balanced pool behind the VIP. 雲端基礎結構承租人資源於指派 dIPs。DIPs are assigned within the cloud infrastructure to the tenant resources.

Vip 位於中 SLB 多工器 (MUX)。VIPs are located in the SLB Multiplexer (MUX). MUX 包括一或多個虛擬電腦 (Vm)。The MUX consists of one or more virtual machines (VMs). Network Controller 提供的每個 VIP,每個 MUX 與每個 MUX 轉使用邊境閘道通訊協定 (BGP) 廣告到路由器上的實體網路 / 32 為每個 VIP 之前的路徑。Network Controller provides each MUX with each VIP, and each MUX in turn uses Border Gateway Protocol (BGP) to advertise each VIP to routers on the physical network as a /32 route. BGP 可路由器實體網路,以:BGP allows the physical network routers to:

  • 了解 VIP 是可在每個 MUX,即使 MUXes 不同子網路中層級 3 網路上。Learn that a VIP is available on each MUX, even if the MUXes are on different subnets in a layer 3 network.

  • 針對每個 VIP 載入分散所有可用的 MUXes 使用路由相等成本多路徑 (ECMP)。Spread the load for each VIP across all available MUXes using Equal Cost Multi-Path (ECMP) routing.

  • 自動偵測 MUX 失敗或移除並停止流量傳送到失敗 MUX。Automatically detect a MUX failure or removal and stop sending traffic to the failed MUX.

  • 從失敗或移除 MUX 載入分散健康 MUXes。Spread the load from the failed or removed MUX across the healthy MUXes.

從網際網路公用流量時,SLB MUX 檢查流量,包含 VIP 為目標,並地圖服務,讓它將會抵達個人 DIP 重新寫入傳輸。When public traffic arrives from the Internet, the SLB MUX examines the traffic, which contains the VIP as a destination, and maps and rewrites the traffic so that it will arrive at an individual DIP. 輸入網路流量,此交易以之間 MUX 虛擬電腦 (Vm) 和目的地 DIP 所在 HYPER-V 主機分割兩個步驟執行:For inbound network traffic, this transaction is performed in a two-step process that is split between the MUX virtual machines (VMs) and the Hyper-V host where the destination DIP is located:

  • 負載平衡-MUX 使用 VIP 選取 DIP,封裝封包,並流量送給 HYPER-V 主機 DIP 所在的位置。Load balance - the MUX uses the VIP to select a DIP, encapsulates the packet, and forwards the traffic to the Hyper-V host where the DIP is located.

  • 網路位址轉譯 (NAT)-HYPER-V 主機封裝移除封包、 會轉譯到 DIP VIP、 重新連接埠對應及 DIP VM 轉送給封包。Network Address Translation (NAT) - the Hyper-V host removes encapsulation from the packet, translates the VIP to a DIP, remaps the ports, and forwards the packet to the DIP VM.

MUX 知道如何對應正確 DIPs Vip 因為負載平衡定義您可以使用 Network Controller 的原則。The MUX knows how to map VIPs to the correct DIPs because of load balancing policies that you define by using Network Controller. 本規則包括通訊協定,前端連接埠後, 端連接埠,以及 distribution 演算法 (5、 3 日,或 2 許多組)。These rules include Protocol, Front-end Port, Back-end port, and distribution algorithm (5, 3, or 2 tuples).

當回應 Vm 承租人並傳送輸出網路流量回網際網路或遠端承租人位置,因為 NAT 都由 HYPER-V 主機,資料傳輸略過 MUX 和直接移至 edge 路由器從 HYPER-V 主機。When tenant VMs respond and send outbound network traffic back to the Internet or remote tenant locations, because the NAT is performed by the Hyper-V host, the traffic bypasses the MUX and goes directly to the edge router from the Hyper-V host. 此 MUX 略過程序稱為直接伺服器傳回 (DSR)。This MUX bypass process is called Direct Server Return (DSR).

然後輸入的網路流量建立初始網路流量之後,完全略過 SLB MUX。And after the initial network traffic flow is established, the inbound network traffic bypasses the SLB MUX completely.

下圖,client 的電腦執行 DNS 查詢公司 Sharepoint 網站-在本案例中名 Contoso 虛構公司的 IP 位址。In the following illustration, a client computer performs a DNS query for the IP address of a company Sharepoint site - in this case, a fictional company named Contoso. 下列程序。The following process occurs.

  • DNS 伺服器傳回 client VIP 107.105.47.60。The DNS server returns the VIP 107.105.47.60 to the client.

  • Client vip 傳送 HTTP 要求。The client sends an HTTP request to the VIP.

  • 實體網路上已經有多個可供瑞曲之戰位於任何 MUX VIP 的路徑。The physical network has multiple paths available to reach the VIP located on any MUX. 每個路由器過程中使用 ECMP 要求到達 MUX 之前,請選取下一個區段的路徑。Each router along the way uses ECMP to pick the next segment of the path until the request arrives at a MUX.

  • 收到要求 MUX 檢查設定的原則,並會看到有兩個 DIPs 使用 10.10.10.5 和 10.10.20.5,來處理 vip 107.105.47.60 要求 virtual 網路上The MUX that receives the request checks configured policies, and sees that there are two DIPs available, 10.10.10.5 and 10.10.20.5, on a virtual network to handle the request to the VIP 107.105.47.60

  • MUX 選取 DIP 10.10.10.5 和封裝讓它可以傳送到包含使用主機 DIP 主機實體網路位址,請使用 VXLAN 封包。The MUX selects the DIP 10.10.10.5 and encapsulates the packets using VXLAN so it can send it to the host containing the DIP using the hosts physical network address.

  • 主機接收封包封裝,並檢查它。The host receives the encapsulated packet and inspects it. 它會移除封裝,並讓目的地現在已而不是 VIP DIP 10.10.10.5 與傳送流量 DIP vm 重新寫入封包。It removes the encapsulation and rewrites the packet so the destination is now the DIP 10.10.10.5 instead of the VIP and sends the traffic to DIP VM.

  • 要求現在已達到伺服器發電廠 2 Contoso Sharepoint 網站。The request has now reached the Contoso Sharepoint site in Server Farm 2. 伺服器產生回應,並將其傳送到 client,做為來源使用其本身的 IP 位址。The server generates a response and sends it to the client, using its own IP address as the source.

  • 主機攔截傳出封包 virtual 切換,這會記住中的 client,現在的目的地對 VIP 原始要求。The host intercepts the outgoing packet in the virtual switch which remembers that the client, now the destination, made the original request to the VIP. 主機重新寫入來源,以 client 看不到 DIP 地址,將 VIP 封包。The host rewrites the source of the packet to be the VIP so that to the client does not see the DIP address.

  • 主機轉送直接給實體網路使用標準路由表轉送到最後接收回應 client 封包預設閘道封包。The host forwards the packet directly to the default gateway for the physical network which uses its standard routing table to forward the packet on to the client which eventually receives the response.

軟體負載平衡程序

負載平衡內部 datacenter 流量Load balancing internal datacenter traffic

例如之間承租人資源,但在不同的伺服器上執行 virtual 在相同網路的成員,連接的 Vm HYPER-V Virtual 切換執行 NAT 時載入平衡內部 datacenter、 網路流量When load balancing network traffic internal to the datacenter, such as between tenant resources that are running on different servers and are members of the same virtual network, the Hyper-V Virtual Switch to which the VMs are connected performs NAT.

使用內部流量負載平衡第一次要求傳送到並 MUX,選取適當的 DIP,傳送的資料傳輸到 DIP 處理。With internal traffic load balancing, the first request is sent to and processed by the MUX, which selects the appropriate DIP and routes the traffic to the DIP. 從那之後,已建立的流量略過 MUX 來到直接從 VM VM。From that point forward, the established traffic flow bypasses the MUX and goes directly from VM to VM.

健康探查Health probes

SLB 包含健康探查驗證網路基礎結構,包括下列的健康狀態。SLB includes health probes to validate the health of the network infrastructure, including the following.

  • 連接埠 TCP 探查TCP probe to port

  • HTTP 探查連接埠和 URLHTTP probe to port and URL

然而傳統負載平衡器應用裝置位置探查來自應用裝置並在網路上以 DIP,SLB 探查來自的主機 DIP 位置位於,直接從 SLB 主機代理程式前往 DIP,進一步散布各個主機的工作。Unlike a traditional load balancer appliance where the probe originates on the appliance and travels across the wire to the DIP, the SLB probe originates on the host where the DIP is located and goes directly from the SLB host agent to the DIP, further distributing the work across the hosts.

軟體負載平衡基礎結構Software Load Balancing Infrastructure

若要部署的 Windows Server SLB,您必須先部署 Windows Server 2016 中的 Network Controller and 一或多個 SLB MUX Vm。To deploy Windows Server SLB, you must first deploy Network Controller in Windows Server 2016 and one or more SLB MUX VMs.

此外,您必須設定 HYPER-V 主機 SDN 式 HYPER-V Virtual 切換,並確定 SLB 主機代理程式正在執行。In addition, you must configure Hyper-V hosts with the SDN-enabled Hyper-V Virtual Switch and ensure that the SLB Host Agent is running. 服務主機路由器相等成本多重路徑 (ECMP) 路由並邊境閘道通訊協定 (BGP) 必須支援,必須接受 BGP 等要求 SLB MUXes 的設定。The routers that serve the hosts must support equal cost multipath (ECMP) routing and Border Gateway Protocol (BGP) and must be configured to accept BGP peering requests from the SLB MUXes.

以下是 SLB 基礎結構的概觀。Following is an overview of the SLB infrastructure.

軟體負載平衡基礎結構

下列章節提供詳細資訊 SLB 基礎結構的這些項目。The following sections provide more information about these elements of the SLB infrastructure.

SCVMMSCVMM

使用 System Center 2016,您可以在 Windows Server 2016,包括 SLB 管理員和健康監視器設定 Network Controller。With System Center 2016, you can configure Network Controller on Windows Server 2016, including the SLB Manager and Health Monitor. 您也可以使用 System Center 部署 SLB MUXs 並安裝 SLB 主機代理程式正在執行 Windows Server 2016 和 HYPER-V 的電腦上。You can also use System Center to deploy SLB MUXs and to install SLB Host Agents on computers that are running Windows Server 2016 and Hyper-V.

如需 System Center 2016 的詳細資訊,請查看系統中心 2016年For more information about System Center 2016, see System Center 2016.

注意

如果您不想使用 System Center 2016,您可以使用 Windows PowerShell 或其他管理應用程式安裝和設定 Network Controller and 其他 SLB 基礎結構。If you do not want to use System Center 2016, you can use Windows PowerShell or another management application to install and configure Network Controller and other SLB infrastructure. 如需詳細資訊,請查看使用 Windows PowerShell 部署 Network ControllerFor more information, see Deploy Network Controller using Windows PowerShell.

Network ControllerNetwork Controller

Network Controller 裝載 SLB 經理,並針對 SLB 執行下列動作。Network Controller hosts the SLB Manager and performs the following actions for SLB.

  • 處理程序 SLB 來自透過 Northbound API System Center、 Windows PowerShell 或其他網路管理應用程式的命令。Processes SLB commands that come in through the Northbound API from System Center, Windows PowerShell, or another network management application.

  • 計算 distribution HYPER-V 主機和 SLB MUXes 原則。Calculates policy for distribution to Hyper-V hosts and SLB MUXes.

  • 提供 SLB 基礎結構的健康狀態。Provides the health status of the SLB infrastructure.

SLB MUXSLB MUX

SLB MUX 處理輸入的網路流量和 Vip 對應至 DIPs,然後正確 DIP 轉送給流量。The SLB MUX processes inbound network traffic and maps VIPs to DIPs, then forwards the traffic to the correct DIP. 每個 MUX 也會使用 BGP edge 路由器發行 VIP 路徑。Each MUX also uses BGP to publish VIP routes to edge routers. MUX 失敗時,可讓使用中 MUXes 轉散發載入故障 MUX-基本上負載平衡器提供負載平衡持續運作 BGP 通知 MUXes。BGP Keep Alive notifies MUXes when a MUX fails, which allows active MUXes to redistribute the load in case of a MUX failure - essentially providing load balancing for the load balancers.

執行 HYPER-V 主機Hosts that are running Hyper-V

您可以使用電腦正在執行 Windows Server 2016 和 HYPER-V SLB。You can use SLB with computers that are running Windows Server 2016 and Hyper-V. HYPER-V 主機上的 Vm 執行任何 HYPER-V 支援的作業系統。The VMs on the Hyper-V host can run any operating system that is supported by Hyper-V.

SLB 主機代理程式SLB Host Agent

當部署 SLB 時,您必須使用 System Center、 Windows PowerShell 或其他管理應用程式部署 SLB HYPER-V 主機上每個主機代理程式。When you deploy SLB, you must use System Center, Windows PowerShell, or another management application to deploy the SLB Host Agent on every Hyper-V host computer. Windows Server 2016 的提供 HYPER-V 支援,包括 Nano Server 的所有版本上,您可以安裝 SLB 主機代理程式。You can install the SLB Host Agent on all versions of Windows Server 2016 that provide Hyper-V support, including Nano Server.

從 Network Controller SLB 的原則更新接聽 SLB 主機代理程式。The SLB Host Agent listens for SLB policy updates from Network Controller. 此外,主機代理程式的規則的 SLB 到 SDN 式 HYPER-V Virtual 參數本機電腦上設定。In addition, the host agent programs rules for SLB into the SDN-enabled Hyper-V Virtual Switches that are configured on the local computer.

SDN 支援 HYPER-V Virtual 開關切換至SDN Enabled Hyper-V Virtual Switch

Virtual 切換至相容 SLB,您必須使用 HYPER-V Virtual 切換管理員或 Windows PowerShell 命令來建立切換,以及您必須再讓 Virtual 篩選平台 (VFP) virtual 切換。For a virtual switch to be compatible with SLB, you must use Hyper-V Virtual Switch Manager or Windows PowerShell commands to create the switch, and then you must enable Virtual Filtering Platform (VFP) for the virtual switch.

關於讓 VFP 上 virtual 參數,查看 Windows PowerShell 命令取得-VMSystemSwitchExtension讓-VMSwitchExtensionFor information on enabling VFP on virtual switches, see the Windows PowerShell commands Get-VMSystemSwitchExtension and Enable-VMSwitchExtension.

SDN 支援 HYPER-V Virtual 切換為 SLB 執行下列動作。The SDN enabled Hyper-V Virtual Switch performs the following actions for SLB.

  • 適用於 SLB 處理資料路徑。Processes the data path for SLB.

  • 輸入的網路流量接收 MUX。Receives inbound network traffic from the MUX.

  • 傳送給使用 DSR 路由器輸出網路流量 MUX 會略過。Bypasses the MUX for outbound network traffic, sending it to the router using DSR.

  • 執行於 HYPER-V 的 Nano Server 執行個體。Runs on Nano Server instances of Hyper-V.

BGP 支援路由器BGP Enabled Router

BGP 路由器 SLB 執行下列動作。The BGP router performs the following actions for SLB.

  • 若要使用 ECMP MUX 輸入的流量的路徑。Routes inbound traffic to the MUX using ECMP.

  • 輸出網路流量,使用主機提供的路徑。For outbound network traffic, uses the route provided by the host.

  • 從 SLB MUX Vip 接聽之前的路徑更新。Listens for route updates for VIPs from SLB MUX.

  • 如果失敗繼續運作,請移除 SLB 旋轉 SLB MUXes。Removes SLB MUXes from the SLB rotation if Keep Alive fails.

軟體負載平衡功能Software Load Balancing Features

以下是部分功能和 SLB 的功能。Following are some of the features and capabilities of SLB.

核心功能Core functionality

  • SLB 提供層級 4 負載平衡 '北南' 及 '東西' TCP 日 UDP 流量服務SLB provides Layer 4 load balancing services for 'North-South' and 'East-West' TCP/UDP traffic

  • 您可以使用 SLB HYPER-V 網路模擬網路You can use SLB on a Hyper-V Network Virtualization-based network

  • 您可以使用 SLB VLAN 網路 DIP vm 連接 SDN 支援 HYPER-V Virtual 切換。You can use SLB with a VLAN-based network for DIP VMs connected to a SDN Enabled Hyper-V Virtual Switch.

  • 一個 SLB 處理多個 tenantsOne SLB instance can handle multiple tenants

  • SLB 和 DIP 支援延展性,而且低延遲退貨路徑,實作,直接伺服器傳回 (DSR)SLB and DIP support a scalable and low-latency return path, as implemented by Direct Server Return (DSR)

  • 您也會使用切換 Embedded 小組 (設定) 或單一根輸入/輸出模擬 (SR IOV) 時的 SLB 函式SLB functions when you are also using Switch Embedded Teaming (SET) or Single Root Input/Output Virtualization (SR-IOV)

  • SLB 包含網際網路通訊協定第 4 (IPv4) 支援SLB includes Internet Protocol version 4 (IPv4) support

  • S:B 網站-閘道案例中,提供 NAT 功能,讓利用單一公用 IP 的所有網站-連接For site-to-site gateway scenarios, S:B provides NAT functionality to enable all site-to-site connections to utilize a single public IP

  • 您可以安裝 SLB,包括主機代理程式與 Windows Server 2016 上的 MUX,完整、 核心和 Nano 安裝。You can install SLB, including the Host Agent and the MUX, on Windows Server 2016, Full, Core, and Nano Install.

縮放及效能Scale and performance

  • 準備好要雲端縮放比例,包括擴充功能,並 MUXes 和主機代理程式擴充功能。Ready for cloud scale, including scale-out capability, and scale up capability for MUXes and Host Agents.

  • 作用中的其中一個管理員 SLB Network Controller 模組可支援 8 MUX 執行個體One active SLB Manager Network Controller module can support 8 MUX instances

可用性High availability

  • 您可以將 SLB 部署 2 個以上節點主動日主動設定You can deploy SLB to more than 2 nodes in an active/active configuration

  • MUXes 可以新增和移除 MUX 集區中,而不影響 SLB 服務。MUXes can be added and removed from the MUX pool without impacting the SLB service. 這會維持 SLB 可用性時This maintains SLB availability when
    修補個人 MUXes。individual MUXes are being patched.

  • 個人 MUX 執行個體有執行 99%的時間Individual MUX instances have an uptime of 99%

  • 管理實體可健康監視資料Health monitoring data is available to management entities

對齊Alignment

  • 您可以部署,並使用 SCVMM 設定 SLBYou can deploy and configure SLB with SCVMM

  • SLB 順暢整合的 Microsoft 裝置,例如 RAS Multitenant 閘道、 Datacenter 防火牆和之前的路徑反映提供 multitenant 整合的邊緣。SLB provides a multitenant unified edge by seamlessly integrating with Microsoft appliances such as the RAS Multitenant Gateway, Datacenter Firewall, and Route Reflector.