实验环境
| LVS-Master | 10.0.100.201 |
VIP:10.0.100.203 |
| LVS-Slave | 10.0.100.204 |
| WEB1-Tomcat | 10.0.2.29 | gateway:10.0.2.253 |
| WEB2-Tomcat | 10.0.100.202 |
(注意:应保持所有服务器的时间一致)
Install LVS
# ln -s /usr/src/kernels/2.6.32-431.el6.i686/ /usr/src/linux
//若找不到这个目录则先安装kernel-devel
# yum -y install kernel-devel # tar xf ipvsadm-1.24.tar.gz # cd /soft/ipvsadm-1.24 # make;make install # ipvsadm -L
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
Install keepalived
# tar –xvf keepalived-1.2.12.tar.gz # ./configure --sysconf=/etc/ --with-kernel-dir=/usr/src/kernels/2.6.-.el6.i686/
Keepalived version : 1.2.
Compiler : gcc
Compiler flags : -g -O2
Extra Lib : -lssl -lcrypto -lcrypt
Use IPVS Framework : Yes //表示使用ipvs框架也代表启动ipvs功能
IPVS sync daemon support : Yes //表示启动ipvs的同步功能,--disabled-lvs-sysncd此参数可以关闭
IPVS use libnl : No //表示使用新的libn1版本,如果想使用新的版本,需要重新安装libn1的包
Use VRRP Framework : Yes //表示使用VRRP框架,这个实现keepalived高可用的必须功能
Use VRRP VMAC : Yes //表示使用基础VMAC接口的xmit VRRP包
SNMP support : No
SHA1 support : No
Use Debug flags : No # make;make install # cp /soft/keepalived-1.2./bin/keepalived /usr/bin/
配置
1. LVS-Master的Keepalived配置
! Configuration File for keepalived
//全局定义
global_defs {
notification_email //定义邮件
{
xxxxxxxxx@.com //定义邮件地址
}
notification_email_from xxxxxxxxx@.com
smtp_server mail..com //定义邮件服务器
smtp_connect_timeout //邮件超时时间
router_id LVS_DEVEL //route_id标识
} //定义VRR组
vrrp_instance VI_1 {
state MASTER //定义为MASTER
interface eth0 //对外访问的网络接口
virtual_router_id //虚拟路由标识(注意要主从一致)
priority //优先级(主肯定比从高)
nopreempt //不抢占模式
advert_int //广播周期秒数
authentication {
auth_type PASS
auth_pass
}
virtual_ipaddress {
10.0.100.203 //VIP地址
}
} //VIP地址与端口等设置-->注意DR模式的VIP端口和所有WEB端口应该保持一致
virtual_server 10.0.100.203 {
delay_loop //健康检查时间间隔,单位秒
lb_algo rr //调度算法为rr
lb_kind DR //模式为DR
persistence_timeout //设置同一IP多少秒内的请求都发送到同一个realserver
protocol TCP //使用TCP协议 //realserver的IP与端口等设置
real_server 10.0.2.29 {
weight
TCP_CHECK {
connect_timeout //连接超时时间,单位s
nb_get_retry
delay_before_retry
connect_port //连接端口
} }
real_server 10.0.100.202 {
weight
TCP_CHECK {
connect_timeout
nb_get_retry
delay_before_retry
connect_port
}
}
}
LVS-Master:keepalived.conf
2. LVS-Slave的keepalived配置
! Configuration File for keepalived
global_defs {
notification_email
{
xxxxxxxxx@.com
}
notification_email_from xxxxxxxxx@.com
smtp_server mail..com
smtp_connect_timeout
router_id LVS_DEVEL
} vrrp_instance VI_1 {
state BACKUP //这里的角色是BACKUP
interface eth0
virtual_router_id //这里注意和MASTER保持一致
priority //优先级设置应比MASTER低
advert_int
authentication {
auth_type PASS
auth_pass
}
virtual_ipaddress {
10.0.100.203
}
} virtual_server 10.0.100.203 {
delay_loop
lb_algo rr
lb_kind DR
persistence_timeout
protocol TCP real_server 10.0.2.29 {
weight
TCP_CHECK {
connect_timeout
nb_get_retry
delay_before_retry
connect_port
}
}
real_server 10.0.100.202 {
weight
TCP_CHECK {
connect_timeout
nb_get_retry
delay_before_retry
connect_port
}
}
}
LVS-Slave:keepalived.conf
3. 利用脚本配置所有的WEB服务器
#!/bin/bash
# Written by NetSeek
# description: Config realserver lo and apply noarp
WEB_VIP="10.0.100.203" //这里是VIP地址 . /etc/rc.d/init.d/functions case "$1" in
start)
ifconfig lo: $WEB_VIP netmask 255.255.255.255 broadcast $WEB_VIP
/sbin/route add -host $WEB_VIP dev lo:
echo "" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "" >/proc/sys/net/ipv4/conf/all/arp_announce
sysctl -p >/dev/null >&
echo "RealServer Start OK"
;;
stop)
ifconfig lo: down
route del $WEB_VIP >/dev/null >&
echo "" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "" >/proc/sys/net/ipv4/conf/all/arp_announce
echo "RealServer Stoped"
;;
status)
# Status of LVS-DR real server.
islothere=`/sbin/ifconfig lo: | grep $WEB_VIP`
isrothere=`netstat -rn | grep "lo:0" | grep $web_VIP`
if [ ! "$islothere" -o ! "isrothere" ]
then
echo "LVS-DR real server Stopped."
else
echo "LVS-DR Running."
fi
;;
*)
# Invalid entry.
echo "$0: Usage: $0 {start|status|stop}"
exit
;;
esac
exit
realserver.sh
启动与验证
1. 在所有WEB服务器运行脚本,并查看是否都有了VIP?
WEB1:10.0.2.29
# ./realserver.sh start
RealServer Start OK
# ip add show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet 10.0.100.203/32 brd 10.0.100.203 scope global lo:0
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever WEB2:10.0.100.202
# ./realserver.sh start
RealServer Start OK
# ip add show
: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00::00:00:00 brd ::00:00:00:00
inet 127.0.0.1/8 scope host lo
inet 10.0.100.203/ brd 10.0.100.203 scope global lo:
inet6 ::1/ scope host
valid_lft forever preferred_lft forever
2. 在MASTER和SLAVE都启动LVS,查看VIP位置
LVS-Master:10.0.100.201
# /etc/init.d/keepalived start
正在启动 keepalived: [确定]
# ip add show
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu qdisc pfifo_fast state UNKNOWN qlen
link/ether 00:0c:29:0f:bf:4a brd ff:ff:ff:ff:ff:ff
inet 10.0.100.201/16 brd 10.0.255.255 scope global eth0
inet 10.0.100.203/32 scope global eth0
inet6 fe80::20c:29ff:fe0f:bf4a/64 scope link
valid_lft forever preferred_lft forever LVS-Slave:10.0.100.204
# /etc/init.d/keepalived start
正在启动 keepalived: [确定]
# ip add show
: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu qdisc pfifo_fast state UNKNOWN qlen
link/ether :0c::2e:1d:0d brd ff:ff:ff:ff:ff:ff
inet 10.0.100.204/16 brd 10.0.255.255 scope global eth0
inet6 fe80::20c:29ff:fe2e:1d0d/ scope link
valid_lft forever preferred_lft forever
3. 访问测试(可通过浏览器访问VIP,我们测试是否在两个实验WEB服务器访问中实现了负载均衡)
LVS-Master:10.0.100.201
# ipvsadm -L
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 10.0.100.203:http rr
-> 10.0.100.202:http Route 1 0 0
-> 10.0.2.29:http Route 1 0 0 LVS-Slave:10.0.100.204
# ipvsadm -L
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 10.0.100.203:http rr
-> 10.0.100.202:http Route 1 0 0
-> 10.0.2.29:http Route 1 0 0