實驗環境
| LVS-Master | 10.0.100.201 |
VIP:10.0.100.203 |
| LVS-Slave |
10.0.100.204 |
| WEB1-Tomcat | 10.0.2.29 | gateway:10.0.2.253 |
| WEB2-Tomcat | 10.0.100.202 |
(注意:應保持所有伺服器的時間一致)
Install LVS
# ln -s /usr/src/kernels/2.6.32-431.el6.i686/ /usr/src/linux //若找不到這個目錄則先安裝kernel-devel # yum -y install kernel-devel # tar xf ipvsadm-1.24.tar.gz # cd /soft/ipvsadm-1.24 # make;make install # ipvsadm -L IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn
Install keepalived
# tar –xvf keepalived-1.2.12.tar.gz # ./configure --sysconf=/etc/ --with-kernel-dir=/usr/src/kernels/2.6.32-431.el6.i686/ Keepalived version : 1.2.12 Compiler : gcc Compiler flags : -g -O2 Extra Lib : -lssl -lcrypto -lcrypt Use IPVS Framework : Yes //表示使用ipvs框架也代表啟動ipvs功能 IPVS sync daemon support : Yes //表示啟動ipvs的同步功能,--disabled-lvs-sysncd此引數可以關閉 IPVS use libnl : No //表示使用新的libn1版本,如果想使用新的版本,需要重新安裝libn1的包 Use VRRP Framework : Yes //表示使用VRRP框架,這個實現keepalived高可用的必須功能 Use VRRP VMAC : Yes //表示使用基礎VMAC介面的xmit VRRP包 SNMP support : No SHA1 support : No Use Debug flags : No # make;make install # cp /soft/keepalived-1.2.12/bin/keepalived /usr/bin/
配置
1. LVS-Master的Keepalived配置
! Configuration File for keepalived //全域性定義 global_defs { notification_email //定義郵件 { xxxxxxxxx@163.com //定義郵件地址 } notification_email_from xxxxxxxxx@163.com smtp_server mail.163.com //定義郵件伺服器 smtp_connect_timeout 30 //郵件超時時間 router_id LVS_DEVEL //route_id標識 } //定義VRR組 vrrp_instance VI_1 { state MASTER //定義為MASTER interface eth0 //對外訪問的網路介面 virtual_router_id 100 //虛擬路由標識(注意要主從一致) priority 100 //優先順序(主肯定比從高) nopreempt //不搶佔模式 advert_int 1 //廣播週期秒數 authentication { auth_type PASS auth_pass 2209 } virtual_ipaddress { 10.0.100.203 //VIP地址 } } //VIP地址與埠等設定-->注意DR模式的VIP埠和所有WEB埠應該保持一致 virtual_server 10.0.100.203 80 { delay_loop 6 //健康檢查時間間隔,單位秒 lb_algo rr //排程演算法為rr lb_kind DR //模式為DR persistence_timeout 0 //設定同一IP多少秒內的請求都傳送到同一個realserver protocol TCP //使用TCP協議 //realserver的IP與埠等設定 real_server 10.0.2.29 80{ weight 1 TCP_CHECK { connect_timeout 10 //連線超時時間,單位s nb_get_retry 3 delay_before_retry 3 connect_port 80 //連線埠 } } real_server 10.0.100.202 80 { weight 1 TCP_CHECK { connect_timeout 10 nb_get_retry 3 delay_before_retry 3 connect_port 80 } } }
2. LVS-Slave的keepalived配置
! Configuration File for keepalived global_defs { notification_email { xxxxxxxxx@163.com } notification_email_from xxxxxxxxx@163.com smtp_server mail.163.com smtp_connect_timeout 30 router_id LVS_DEVEL } vrrp_instance VI_1 { state BACKUP //這裡的角色是BACKUP interface eth0 virtual_router_id 100 //這裡注意和MASTER保持一致 priority 90 //優先順序設定應比MASTER低 advert_int 1 authentication { auth_type PASS auth_pass 2209 } virtual_ipaddress { 10.0.100.203 } } virtual_server 10.0.100.203 80 { delay_loop 6 lb_algo rr lb_kind DR persistence_timeout 0 protocol TCP real_server 10.0.2.29 80{ weight 1 TCP_CHECK { connect_timeout 10 nb_get_retry 3 delay_before_retry 3 connect_port 80 } } real_server 10.0.100.202 80 { weight 1 TCP_CHECK { connect_timeout 10 nb_get_retry 3 delay_before_retry 3 connect_port 80 } } }
3. 利用指令碼配置所有的WEB伺服器
#!/bin/bash # Written by NetSeek # description: Config realserver lo and apply noarp WEB_VIP="10.0.100.203" //這裡是VIP地址 . /etc/rc.d/init.d/functions case "$1" in start) ifconfig lo:0 $WEB_VIP netmask 255.255.255.255 broadcast $WEB_VIP /sbin/route add -host $WEB_VIP dev lo:0 echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce sysctl -p >/dev/null 2>&1 echo "RealServer Start OK" ;; stop) ifconfig lo:0 down route del $WEB_VIP >/dev/null 2>&1 echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce echo "RealServer Stoped" ;; status) # Status of LVS-DR real server. islothere=`/sbin/ifconfig lo:0 | grep $WEB_VIP` isrothere=`netstat -rn | grep "lo:0" | grep $web_VIP` if [ ! "$islothere" -o ! "isrothere" ] then echo "LVS-DR real server Stopped." else echo "LVS-DR Running." fi ;; *) # Invalid entry. echo "$0: Usage: $0 {start|status|stop}" exit 1 ;; esac exit 0
啟動與驗證
1. 在所有WEB伺服器執行指令碼,並檢視是否都有了VIP?
WEB1:10.0.2.29 # ./realserver.sh start RealServer Start OK # ip add show 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet 10.0.100.203/32 brd 10.0.100.203 scope global lo:0 inet6 ::1/128 scope host valid_lft forever preferred_lft forever WEB2:10.0.100.202 # ./realserver.sh start RealServer Start OK # ip add show 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet 10.0.100.203/32 brd 10.0.100.203 scope global lo:0 inet6 ::1/128 scope host valid_lft forever preferred_lft forever
2. 在MASTER和SLAVE都啟動LVS,檢視VIP位置
LVS-Master:10.0.100.201 # /etc/init.d/keepalived start 正在啟動 keepalived: [確定] # ip add show 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000 link/ether 00:0c:29:0f:bf:4a brd ff:ff:ff:ff:ff:ff inet 10.0.100.201/16 brd 10.0.255.255 scope global eth0 inet 10.0.100.203/32 scope global eth0 inet6 fe80::20c:29ff:fe0f:bf4a/64 scope link valid_lft forever preferred_lft forever LVS-Slave:10.0.100.204 # /etc/init.d/keepalived start 正在啟動 keepalived: [確定] # ip add show 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000 link/ether 00:0c:29:2e:1d:0d brd ff:ff:ff:ff:ff:ff inet 10.0.100.204/16 brd 10.0.255.255 scope global eth0 inet6 fe80::20c:29ff:fe2e:1d0d/64 scope link valid_lft forever preferred_lft forever
3. 訪問測試(可通過瀏覽器訪問VIP,我們測試是否在兩個實驗WEB伺服器訪問中實現了負載均衡)
LVS-Master:10.0.100.201
# ipvsadm -L
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 10.0.100.203:http rr
-> 10.0.100.202:http Route 1 0 0
-> 10.0.2.29:http Route 1 0 0
LVS-Slave:10.0.100.204
# ipvsadm -L
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 10.0.100.203:http rr
-> 10.0.100.202:http Route 1 0 0
-> 10.0.2.29:http Route 1 0 0