LVS Keepalived實(shí)現(xiàn)高可用集群.docxVIP

操作系統(tǒng)平臺(tái)：CentOS5.2軟件：LVS+keepalivedLVS+Keepalived 介紹LVSLVS是Linux Virtual Server的簡寫，意即Linux虛擬服務(wù)器，是一個(gè)虛擬的服務(wù)器集群系統(tǒng)。本項(xiàng)目在1998年5月由章文嵩博士成立，是中國國內(nèi)最早出現(xiàn)的自由軟件項(xiàng) 目之一。目前有三種IP負(fù)載均衡技術(shù)（VS/NAT、VS/TUN和VS/DR）；十種調(diào)度算法（rrr|wrr|lc|wlc|lblc|lblcr|dh|sh|sed|nq）。KeepalviedKeepalived在這里主要用作RealServer的健康狀態(tài)檢查以及LoadBalance主機(jī)和BackUP主機(jī)之間failover的實(shí)現(xiàn)IP配置信息: LVS-DR-Master 66 LVS-DR-BACKUP 67 LVS-DR-VIP 70 WEB1-Realserver 71 WEB2-Realserver 72 GateWay 53安裝LVS和Keepalvied軟件包 1. 下載相關(guān)軟件包 #mkdir /usr/local/src/lvs#cd /usr/local/src/lvs#wget /software/kernel-2.6/ipvsadm-1.24.tar.gz#wget /software/keepalived-1.1.15.tar.gz2. 安裝LVS和Keepalived #lsmod |grep ip_vs #uname -r 2.6.18-53.el5PAE #ln -s /usr/src/kernels/2.6.18-53.el5PAE-i686/usr/src/linux #tar zxvf ipvsadm-1.24.tar.gz #cd ipvsadm-1.24 #make & make install #find / -name ipvsadm# 查看ipvsadm的位置 #tar zxvf keepalived-1.1.15.tar.gz #cd keepalived-1.1.15 #./configure& make & make install #find / -name keepalived# 查看keepalived位置 #cp /usr/local/etc/rc.d/init.d/keepalived /etc/rc.d/init.d/ #cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/ #mkdir /etc/keepalived #cp /usr/local/etc/keepalived/keepalived.conf /etc/keepalived/ #cp /usr/local/sbin/keepalived /usr/sbin/ #service keepalived start|stop #做成系統(tǒng)啟動(dòng)服務(wù)方便管理.四. 配置LVS實(shí)現(xiàn)負(fù)載均衡1 LVS-DR，配置LVS腳本實(shí)現(xiàn)負(fù)載均衡 vi /usr/local/sbin/lvs-dr.sh#!/bin/bash# description: start LVS of DirectorServer#Written by :NetSeek GW=53# website director vip.WEB_VIP=70WEB_RIP1=71WEB_RIP2=72. /etc/rc.d/init.d/functionslogger $0 called with $1case $1 instart) # Clear all iptables rules. /sbin/iptables -F # Reset iptables counters. /sbin/iptables -Z # Clear all ipvsadm rules/services. /sbin/ipvsadm -C#set lvs vip for dr /sbin/ipvsadm -set 30 5 60 /sbin/ifconfig eth0:0 $WEB_VIP broadcast $WEB_VIP netmask 55 up /sbin/route add -host $WEB_VIP dev eth0:0 /sbin/ipvsadm -A -t $WEB_VIP:80 -s wrr -p 3 /sbin/ipvsadm -a -t $WEB_VIP:80 -r $WEB_RIP1:80 -g -w 1 /sbin/ipvsadm -a -t $WEB_VIP:80 -r $WEB_RIP2:80 -g -w 1 touch /var/lock/subsys/ipvsadm /dev/null 2&1 # set Arp /sbin/arping -I eth0 -c 5 -s $WEB_VIP $GW /dev/null 2&1 ;stop) /sbin/ipvsadm -C /sbin/ipvsadm -Z ifconfig eth0:0 down route del $WEB_VIP/dev/null 2&1 rm -rf /var/lock/subsys/ipvsadm /dev/null 2&1 /sbin/arping -I eth0 -c 5 -s $WEB_VIP $GW echo ipvsadm stoped ;status) if ! -e /var/lock/subsys/ipvsadm ;then echo ipvsadm is stoped exit 1 else ipvsadm -ln echo .ipvsadm is OK. fi ;*) echo Usage: $0 start|stop|status exit 1esacexit 02 配置Realserver腳本. #!/bin/bash# Written by NetSeek # description: Config realserver lo and apply noarp WEB_VIP=70. /etc/rc.d/init.d/functionscase $1 instart) ifconfig lo:0 $WEB_VIP netmask 55 broadcast $WEB_VIP /sbin/route add -host $WEB_VIP dev lo:0 echo 1 /proc/sys/net/ipv4/conf/lo/arp_ignore echo 2 /proc/sys/net/ipv4/conf/lo/arp_announce echo 1 /proc/sys/net/ipv4/conf/all/arp_ignore echo 2 /proc/sys/net/ipv4/conf/all/arp_announce sysctl -p /dev/null 2&1 echo RealServer Start OK ;stop) ifconfig lo:0 down route del $WEB_VIP /dev/null 2&1 echo 0 /proc/sys/net/ipv4/conf/lo/arp_ignore echo 0 /proc/sys/net/ipv4/conf/lo/arp_announce echo 0 /proc/sys/net/ipv4/conf/all/arp_ignore echo 0 /proc/sys/net/ipv4/conf/all/arp_announce echo RealServer Stoped ;status) # Status of LVS-DR real server. islothere=/sbin/ifconfig lo:0 | grep $WEB_VIP isrothere=netstat -rn | grep lo:0 | grep $web_VIP if ! $islothere -o ! isrothere ;then # Either the route or the lo:0 device # not found. echo LVS-DR real server Stopped. else echo LVS-DR Running. fi;*) # Invalid entry. echo $0: Usage: $0 start|status|stop exit 1;esacexit 0附上realserver機(jī)上的/etc/sysctl.conf：# Kernel sysctl configuration file for Red Hat Linux# For binary values, 0 is disabled, 1 is enabled.See sysctl(8) and# sysctl.conf(5) for more details.# Controls IP packet forwardingnet.ipv4.ip_forward = 1# Controls source route verificationnet.ipv4.conf.default.rp_filter = 1# Do not accept source routingnet.ipv4.conf.default.accept_source_route = 0# Controls the System Request debugging functionality of the kernelkernel.sysrq = 0# Controls whether core dumps will append the PID to the core filename.# Useful for debugging multi-threaded applications.kernel.core_uses_pid = 1net.ipv4.conf.lo.arp_ignore = 1net.ipv4.conf.lo.arp_announce = 2net.ipv4.conf.all.arp_ignore = 1net.ipv4.conf.all.arp_announce = 2或者采用secondary ip address方式配置# vi /etc/sysctl.conf 添加以下內(nèi)容如上所示：net.ipv4.conf.lo.arp_ignore = 1net.ipv4.conf.lo.arp_announce = 2net.ipv4.conf.all.arp_ignore = 1net.ipv4.conf.all.arp_announce = 2#sysctl p#ip addr add /32 dev lo#ip add list 查看是否綁定3. 啟動(dòng)lvs-dr腳本和realserver啟本，在DR上可以查看LVS當(dāng)前狀態(tài):#watch ipvsadm ln五利用Keepalvied實(shí)現(xiàn)負(fù)載均衡和和高可用性1.配置在主負(fù)載均衡服務(wù)器上配置keepalived.conf#vi /etc/keepalived/keepalived.conf (主調(diào)度器)! Configuration File for keepalivedglobal_defs notification_email acassenfirewall.loc failoverfirewall.loc sysadminfirewall.loc notification_email_from Alexandre.Cassenfirewall.loc smtp_server smtp_connect_timeout 30 router_id LVS_DEVELvrrp_instance VI_1 state MASTER interface eth0 virtual_router_id 51 priority 100 advert_int 1 authentication auth_type PASS auth_pass 1111 virtual_ipaddress 70 virtual_server 70 80 delay_loop 6 lb_algo wrr lb_kind DR persistence_timeout 60 protocol TCP real_server 71 80 weight 3 TCP_CHECK connect_timeout 10 nb_get_retry 3 delay_before_retry 3 connect_port 80 real_server 72 80 weight 3 TCP_CHECK connect_timeout 10 nb_get_retry 3 delay_before_retry 3 connect_port 80 在備用調(diào)度器上：#vi /etc/keepalived/keepalived.conf (備用調(diào)度器)! Configuration File for keepalivedglobal_defs notification_email acassenfirewall.loc failoverfirewall.loc sysadminfirewall.loc notification_email_from Alexandre.Cassenfirewall.loc smtp_server smtp_connect_timeout 30 router_id LVS_DEVELvrrp_instance VI_1 state BACKUP interface eth0 virtual_router_id 51 priority 99 advert_int 1 authentication auth_type PASS auth_pass 1111 virtual_ipaddress 70 virtual_server 70 80 delay_loop 6 lb_algo wrr lb_kind DR persistence_timeout 60 protocol TCP real_server 71 80 weight 3 TCP_CHECK connect_timeout 10 nb_get_retry 3 delay_before_retry 3 connect_port 80 real_server 72 80 weight 3 TCP_CHECK connect_timeout 10 nb_get_retry 3 delay_before_retry 3 connect_port 80 2. BACKUP服務(wù)器同上配置，先安裝lvs再按裝keepalived,仍后配置/etc/keepalived/keepalived.conf，只需將紅色標(biāo)示的部分改一下即可.3. vi /etc/rc.local #/usr/local/sbin/lvs-dr.sh將lvs-dr.sh這個(gè)腳本注釋掉。 #/usr/local/sbin/lvs-dr.sh stop 停止lvs-d