1vip = "10.10.0.1" 2ss = [ 3 "172.18.1.3", 4 "172.18.1.4", 5 "172.18.1.5", 6] 7 8print "*nat" 9 10# iptables -t nat -A myservice -d 10.10.0.1 -m statistic --mode random --probability 0.3333 -j DNAT --to-destination 172.18.1.3 11x, n = 0, 10000 12def build_chain(s, e): 13 n = e-s+1 14 if n<=16: 15 pass 16 else: 17 # split 18 m = (s+e)/2 19 x = "myservice%d_%d" % (s, m) 20 print ":%s - [0:0]" % x 21 x = "myservice%d_%d" % (m+1, e) 22 print ":%s - [0:0]" % x 23 build_chain(s, m) 24 build_chain(m+1, e) 25 26def build(s, e, p): 27 n = e-s+1 28 if n<=16: 29 m = n 30 for i in range(s, e): 31 pp = 1.0/m 32 print "-A %s -d %s -m statistic --mode random --probability %.16f -j DNAT --to-destination %s" % (p, vip, pp, ss[i%len(ss)]) 33 m-=1 34 print "-A %s -d %s -j DNAT --to-destination %s" % (p, vip, ss[i%len(ss)]) 35 else: 36 # split 37 m = (s+e)/2 38 x = "myservice%d_%d" % (s, m) 39 pp = (m-s+1)*1.0/n 40 print "-A %s -m statistic --mode random --probability %.16f -j %s" % (p, pp, x) 41 build(s, m, x) 42 x = "myservice%d_%d" % (m+1, e) 43 print "-A %s -j %s" % (p, x) 44 build(m+1, e, x) 45 46build_chain(0, n-1) 47build(0, n-1, "myservice") 48 49print "COMMIT" 50