{"id":13575296,"url":"https://github.com/labring/lvscare","last_synced_at":"2026-01-11T21:59:57.059Z","repository":{"id":39802034,"uuid":"179063497","full_name":"labring/lvscare","owner":"labring","description":"A lightweight LVS baby care, support ipvs health check","archived":false,"fork":false,"pushed_at":"2025-11-18T15:22:08.000Z","size":1954,"stargazers_count":181,"open_issues_count":0,"forks_count":79,"subscribers_count":8,"default_branch":"master","last_synced_at":"2025-11-18T17:13:44.151Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Go","has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/labring.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2019-04-02T11:30:06.000Z","updated_at":"2025-11-18T15:22:11.000Z","dependencies_parsed_at":"2023-02-17T21:25:20.824Z","dependency_job_id":"6b46f45b-9945-4113-926a-bd71fd3a2f06","html_url":"https://github.com/labring/lvscare","commit_stats":null,"previous_names":["sealyun/lvscare","fanux/lvscare"],"tags_count":15,"template":false,"template_full_name":null,"purl":"pkg:github/labring/lvscare","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/labring%2Flvscare","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/labring%2Flvscare/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/labring%2Flvscare/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/labring%2Flvscare/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/labring","download_url":"https://codeload.github.com/labring/lvscare/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/labring%2Flvscare/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28324801,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-11T18:42:50.174Z","status":"ssl_error","status_checked_at":"2026-01-11T18:39:13.842Z","response_time":60,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-01T15:00:59.778Z","updated_at":"2026-01-11T21:59:57.052Z","avatar_url":"https://github.com/labring.png","language":"Go","funding_links":[],"categories":["Go"],"sub_categories":[],"readme":"# LVScare\n\nA lightweight LVS baby care, support health check, currently only HTTP prober supported， [sealos](https://github.com/labring/sealos) using lvscare for kubernetes masters HA.\n\n## Feature\n\nIf real server is unavailable, lvscare firstly set weight of rs to 0(for TCP graceful termination), and remove it from backends during the next check, if real server return to available, add it back. This is useful for kubernetes master HA.\n\n## Attention\n\n1. running lvscare static pod in kubernetes with cilium CNI, cilium **MUST** configured with `prepend-iptables-chains: false`\n\n## Quick Start\n\n```bash\nlvscare care --run-once --vs 10.103.97.12:6443 --rs 192.168.0.2:6443 --rs 192.168.0.3:6443 --rs 192.168.0.4:6443\n```\n\n\u003e run once mode just simply setup rules and exit. and it WON'T perform health checks.\n\nThen kubeadm join can use `10.103.97.12:6443` instead of real masters.\n\nRun lvscare as a static pod on every kubernetes workers. **now control planes are also supported with `link` mode.**\n\n```bash\nlvscare care --vs 10.103.97.12:6443 --rs 192.168.0.2:6443 --rs 192.168.0.3:6443 --rs 192.168.0.4:6443 --interval 5 --mode link\n```\n\n- --mode defaults to `route`, from my test case seems `route` mode doesn't make sense..\n- --interval every 5s check the real server port\n- --health-path \"/healthz\" if returned status code is smaller than 400, then real server will be removed. this default behavior can be override by `--health-status` flag.\n\nCheck with `lvscare care --help` command for more options.\n\n### Test\n\nIf the real server is listening on the same host, you **MUST** run with `link` mode.\n\nstart some echoserver as real servers\n\n```bash\ndocker run -p 8081:80 --name echoserver1 -d cilium/echoserver\ndocker run -p 8082:80 --name echoserver2 -d cilium/echoserver\ndocker run -p 8083:80 --name echoserver3 -d cilium/echoserver\n```\n\nand run lvscare foreground\n\n```bash\nlvscare care --vs 169.254.0.1:80 --rs 127.0.0.1:8081 --rs 1.0.0.1:8082 --rs 127.0.0.1:8083 --logger DEBG --health-schem http --health-path / --mode link\n```\n\n`link` mode actually automatically setup rules below.\n\n```bash\nip link add lvscare type dummy\nip addr add 169.254.0.1/32 dev lvscare\n\n# enable conntrack for ipvs\necho 1 | tee /proc/sys/net/ipv4/vs/conntrack\n\niptables -t nat -N VIRTUAL-SERVICES\niptables -t nat -A PREROUTING -m comment --comment \"virtual service portals\" -j VIRTUAL-SERVICES\n\niptables -t nat -N VIRTUAL-MARK-MASQ\n# create ipset\nipset create VIRTUAL-IP hash:ip,port -exist\niptables -t nat -A VIRTUAL-SERVICES -m comment --comment \"virtual service ip + port for masquerade purpose\" -m set --match-set VIRTUAL-IP dst,dst -j VIRTUAL-MARK-MASQ\n# do mark\niptables -t nat -A VIRTUAL-MARK-MASQ -j MARK --set-xmark 0x2/0x2\n# do snat at POSTROUTING\niptables -t nat -N VIRTUAL-POSTROUTING\niptables -t nat -A POSTROUTING -m comment --comment \"virtual service postrouting rules\" -j VIRTUAL-POSTROUTING\niptables -t nat -A VIRTUAL-POSTROUTING -m mark ! --mark 0x2/0x2 -j RETURN\niptables -t nat -A VIRTUAL-POSTROUTING -m comment --comment \"virtual service traffic requiring SNAT\" -m mark --mark 0x2 -j MASQUERADE\n\niptables -t nat -A OUTPUT -m comment --comment \"virtual service portals\" -j VIRTUAL-SERVICES\n```\n\ncreate another terminal, check ipvs rules:\n\n```bash\n[root@VM-16-107-centos ~]# sudo ipvsadm -Ln\nIP Virtual Server version 1.2.1 (size=4096)\nProt LocalAddress:Port Scheduler Flags\n  -\u003e RemoteAddress:Port           Forward Weight ActiveConn InActConn\nTCP  169.254.0.1:80 rr\n  -\u003e 127.0.0.1:8080               Masq    1      0          2\n  -\u003e 127.0.0.1:8081               Masq    1      0          2\n  -\u003e 127.0.0.1:8082               Masq    1      0          2\n```\n\nAs you can see, all the real server had been added. Now you can perform a HTTP request to `http://$vip:$port` with curl:\n\n```bash\n[root@VM-16-107-centos ~]# curl -s 169.254.0.1 | grep -i hostname\nHostname: 962ed9edb0b0\n[root@VM-16-107-centos ~]# curl -s 169.254.0.1 | grep -i hostname\nHostname: 9d44216a7ee8\n[root@VM-16-107-centos ~]# curl -s 169.254.0.1 | grep -i hostname\nHostname: a15e1c0d0f62\n[root@VM-16-107-centos ~]# sudo ipvsadm -Ln\nIP Virtual Server version 1.2.1 (size=4096)\nProt LocalAddress:Port Scheduler Flags\n  -\u003e RemoteAddress:Port           Forward Weight ActiveConn InActConn\nTCP  169.254.0.1:80 rr\n  -\u003e 127.0.0.1:8081               Masq    1      0          1\n  -\u003e 127.0.0.1:8082               Masq    1      0          1\n  -\u003e 127.0.0.1:8083               Masq    1      0          2\n```\n\nstop any of echoservers, and wait for 2 rounds(10s), then restart it\n\n```bash\n[root@VM-16-107-centos ~]# docker stop echoserver3\nechoserver3\n[root@VM-16-107-centos ~]# sudo ipvsadm -Ln\nIP Virtual Server version 1.2.1 (size=4096)\nProt LocalAddress:Port Scheduler Flags\n  -\u003e RemoteAddress:Port           Forward Weight ActiveConn InActConn\nTCP  169.254.0.1:80 rr\n  -\u003e 127.0.0.1:8081               Masq    1      0          0\n  -\u003e 127.0.0.1:8082               Masq    1      0          0\n  -\u003e 127.0.0.1:8083               Masq    0      0          0\n[root@VM-16-107-centos ~]# sudo ipvsadm -Ln\nIP Virtual Server version 1.2.1 (size=4096)\nProt LocalAddress:Port Scheduler Flags\n  -\u003e RemoteAddress:Port           Forward Weight ActiveConn InActConn\nTCP  169.254.0.1:80 rr\n  -\u003e 127.0.0.1:8081               Masq    1      0          0\n  -\u003e 127.0.0.1:8082               Masq    1      0          0\n[root@VM-16-107-centos ~]# docker start echoserver3\nechoserver3\n[root@VM-16-107-centos ~]# sudo ipvsadm -Ln\nIP Virtual Server version 1.2.1 (size=4096)\nProt LocalAddress:Port Scheduler Flags\n  -\u003e RemoteAddress:Port           Forward Weight ActiveConn InActConn\nTCP  169.254.0.1:80 rr\n  -\u003e 127.0.0.1:8081               Masq    1      0          0\n  -\u003e 127.0.0.1:8082               Masq    1      0          0\n  -\u003e 127.0.0.1:8083               Masq    1      0          0\n```\n\nyou can observe logs from lvscare\n\n```log\n2022-07-30T18:55:34 debug probe: Get \"http://127.0.0.1:8083/\": dial tcp 127.0.0.1:8083: connect: connection refused\n2022-07-30T18:55:34 debug Trying to update wight to 0 for graceful termination\n2022-07-30T18:55:39 debug probe: Get \"http://127.0.0.1:8083/\": dial tcp 127.0.0.1:8083: connect: connection refused\n2022-07-30T18:55:39 debug Trying to delete real server\n2022-07-30T18:55:44 debug probe: Get \"http://127.0.0.1:8083/\": dial tcp 127.0.0.1:8083: connect: connection refused\n2022-07-30T18:55:49 debug Trying to add real server back\n```\n\nBut the address is still accessible!\n\nYou can remove one or more, even destroy all of them and then check out IPVS rules.\n\n### Cleanup\n\nAppend `-C` or `--clean` option with lvscare command ran before.\n\n```bash\nlvscare care --vs 169.254.0.1:80 --logger DEBG --mode link -C\n```\n\nWelcome to give it a shot, have fun with it.\n\n\n# Contribution Policy\n\n🚫 **This repository does NOT accept any form of contributions.**  \nThis includes:\n- ❌ Pull requests\n- ❌ Direct code submissions\n- ❌ Bug reports\n- ❌ Feature requests\n- ❌ Documentation changes\n\n**All contributions must be submitted exclusively to the central repository:**  \n👉 **https://github.com/labring/sealos**\n\n---\n\n## Contribution Guidelines\n1. **For bugs**  \n   → Report in the [Issues section of the main repository](https://github.com/labring/sealos/issues)  \n   → Include reproduction steps and environment details\n\n2. **For code contributions**  \n   → Submit changes via **main repository only**  \n   → Follow contribution guidelines at [sealos/CONTRIBUTING.md](https://github.com/labring/sealos/blob/main/CONTRIBUTING.md)\n\n3. **For feature requests**  \n   → Create an Issue in the [main repository](https://github.com/labring/sealos/issues) with `[Feature]` prefix\n\n---\n\n## Important Notes\n⚠️ **This repository is read-only**\n- Serves as reference implementation only\n- Active development occurs exclusively at [labring/sealos](https://github.com/labring/sealos)\n- PRs/issues submitted here will be **closed immediately without review**\n\n📌 **Any contributions made to this repository will be invalid**  \nFor your submissions to be considered, please use the central repository.","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flabring%2Flvscare","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Flabring%2Flvscare","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flabring%2Flvscare/lists"}