zoukankan      html  css  js  c++  java
  • lvs+keepalived

     环境:两台lvs、两台real server(四台简化为两台)

    关闭所有服务器的防火墙和selinux

     sed -i "s#SELINUX=enforcing#SELINUX=disabled#g" /etc/selinux/config      #重启生效 reboot
    
    /etc/init.d/iptables stop
    • 安装依赖包

    可参考 http://www.cnblogs.com/zzzhfo/p/5957113.html 

    两台lvs配置相同

    [root@lvs02 /]# yum -y install kernel-devel gcc gcc-c++ libnl* libpopt* popt-static
    • 创建一个软链接,防止后面编译安装ipvsadm时找不到系统内核

    2.6.32-642.4.2.el6.x86_64用tab键补全

    [root@lvs01 /]# uname -r
    2.6.32-431.el6.x86_64
    [root@lvs01 /]# ln -s /usr/src/kernels/2.6.32-642.4.2.el6.x86_64/ /usr/src/linux

    这里我们使用的2.6版本,并且注意内核是2.6版本的,如果你的版本是6.X版本的话,那么可以使用2.6版本

    [root@lvs01 /]# wget http://www.linuxvirtualserver.org/software/kernel-2.6/ipvsadm-1.26.tar.gz
    --2016-10-05 23:52:06--  http://www.linuxvirtualserver.org/software/kernel-2.6/ipvsadm-1.26.tar.gz
    Resolving www.linuxvirtualserver.org... 69.56.251.119
    Connecting to www.linuxvirtualserver.org|69.56.251.119|:80... connected.
    HTTP request sent, awaiting response... 200 OK
    Length: 41700 (41K) [application/x-gzip]
    Saving to: “ipvsadm-1.26.tar.gz”
    
    100%[=======================================>] 41,700      41.6K/s   in 1.0s    
    
    2016-10-05 23:52:23 (41.6 KB/s) - “ipvsadm-1.26.tar.gz” saved [41700/41700]

    解压、配置、编译、安装

    [root@lvs01 /]# tar zxvf ipvsadm-1.26.tar.gz 
    [root@lvs01 /]# cd ipvsadm-1.26
    [root@lvs01 ipvsadm-1.26]# make
    [root@lvs01 ipvsadm-1.26]# make install
    [root@lvs ipvsadm-1.26]# lsmod | grep ip_vs
    把ipvs模块加载进系统,需要我们执行ipvsadm命令才会加载进去
    或者modprobe ip_vs。
    [root@lvs01 ipvsadm-1.26]# modprobe ip_vs
    [root@lvs01 ipvsadm-1.26]# lsmod | grep ip_vs
    ip_vs                 125220  0 
    libcrc32c               1246  1 ip_vs
    ipv6                  317340  142 ip_vs,ip6t_REJECT,nf_conntrack_ipv6,nf_defrag_ipv6

    两台real server配置相同

    web01配置
    [root@web01 /]# hostname
    web01
    [root@web01 /]# yum -y install httpd
    [root@web01 /]# find / -name httpd.conf
    /etc/httpd/conf/httpd.conf
    [root@web01 /]# vim /etc/httpd/conf/httpd.conf
    ServerName 127.0.0.1
    [root@web01 /]# cd /var/www/html/
    [root@web01 html]# echo "web01_192.168.119.130" > index.html
    [root@web01 html]# ls
    index.html
    [root@web01 html]# cat index.html 
    web01_192.168.119.130
    [root@web01 html]# /etc/init.d/httpd start
    Starting httpd:                                            [  OK  ]
    [root@web01 html]# curl localhost
    web01_192.168.119.130
    
    
    web02配置
    [root@web02 /]# hostname
    web02
    [root@web02 /]# yum -y install httpd
    [root@web02 /]# vim /etc/httpd/conf/httpd.conf
    ServerName 127.0.0.1
    [root@web02 /]# echo "web02_192.168.119.133" > /var/www/html/index.html 
    [root@web02 /]# cat /var/www/html/index.html 
    web02_192.168.119.133
    [root@web02 /]# /etc/init.d/httpd start
    Starting httpd:                                            [  OK  ]
    [root@web02 /]# curl localhost
    web02_192.168.119.133

    real server 脚本

    用于绑定VIP和ARP抑制

    [root@web01 /]# vim /usr/local/sbin/ipvs_client.sh
    #!/bin/bash VIP=192.168.119.150 PORT=80 case "$1" in start) ifconfig eth0:0 $VIP/32 up route add -host $VIP dev eth0 echo "1">/proc/sys/net/ipv4/conf/lo/arp_ignore echo "2">/proc/sys/net/ipv4/conf/lo/arp_announce echo "1">/proc/sys/net/ipv4/conf/all/arp_announce echo "2">/proc/sys/net/ipv4/conf/all/arp_announce echo "start LVS of REALServer IP" ;; stop) ifconfig eth0:0 $VIP/32 down route del -host $VIP dev eth0 echo "0">/proc/sys/net/ipv4/conf/lo/arp_ignore echo "0">/proc/sys/net/ipv4/conf/lo/arp_announce echo "0">/proc/sys/net/ipv4/conf/all/arp_announce echo "0">/proc/sys/net/ipv4/conf/all/arp_announce echo "stop LVS OF REALServer" ;; *) echo "Usage: $0 {start|stop}" esac

    启动脚本

    [root@web01 /]# chmod 755 /usr/local/sbin/ipvs_client.sh 
    [root@web01 /]# ipvs_client.sh start
    start LVS of REALServer IP
    [root@web01 /]# ifconfig eth0:0
    eth0:0    Link encap:Ethernet  HWaddr 00:0C:29:1B:BA:FB  
              inet addr:192.168.119.150  Bcast:255.255.255.255  Mask:0.0.0.0
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

     安装keepalived

    可参考  http://www.cnblogs.com/zzzhfo/p/6070065.html

    lvs01和lvs02

    检查下

    [root@lb01 /]# ln -s /usr/src/kernels/2.6.32-642.6.2.el6.x86_64/ /usr/src/linux
    [root@lb01 /]# ls -l /usr/src/
    total 8
    drwxr-xr-x. 2 root root 4096 Sep 23  2011 debug
    drwxr-xr-x. 3 root root 4096 Oct  6 11:05 kernels
    lrwxrwxrwx  1 root root   43 Oct  6 11:09 linux -> /usr/src/kernels/2.6.32-642.6.2.el6.x86_64/

    下载keepalived

    [root@lvs01 /]# wget http://www.keepalived.org/software/keepalived-1.2.16.tar.gz

    安装依赖包

    报错
    configure: error: 
      !!! OpenSSL is not properly installed on your system. !!!
      !!! Can not include OpenSSL headers files.            !!!
    解决
    [root@lvs01 /]# yum -y install openssl openssl-devel

    解压、配置、编译、安装

    [root@lvs01 /]# tar zxvf keepalived-1.2.16.tar.gz 
    [root@lvs01 /]# cd keepalived-1.2.16
    [root@lvs01 keepalived-1.2.16]# ./configure 
    
    Keepalived configuration
    ------------------------
    Keepalived version       : 1.2.16
    Compiler                 : gcc
    Compiler flags           : -g -O2 -I/usr/include/libnl3  
    Extra Lib                : -lssl -lcrypto -lcrypt  -lnl-genl-3 -lnl-3  
    Use IPVS Framework       : Yes
    IPVS sync daemon support : Yes
    IPVS use libnl           : Yes
    fwmark socket support    : Yes
    Use VRRP Framework       : Yes
    Use VRRP VMAC            : Yes
    SNMP support             : No
    SHA1 support             : No
    Use Debug flags          : No
    
    [root@lvs01 keepalived-1.2.16]# make && make install
    [root@lvs01 keepalived-1.2.16]# cp /usr/local/etc/rc.d/init.d/keepalived /etc/init.d/ 
    [root@lvs01 keepalived-1.2.16]# cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/
    [root@lvs01 keepalived-1.2.16]# mkdir /etc/keepalived
    [root@lvs01 keepalived-1.2.16]# cp /usr/local/etc/keepalived/keepalived.conf  /etc/keepalived/
    [root@lvs01 keepalived-1.2.16]# cp /usr/local/sbin/keepalived /usr/sbin/
    [root@lvs01 keepalived-1.2.16]# /etc/init.d/keepalived start
    Starting keepalived:                                       [  OK  ]
    [root@lvs01 keepalived-1.2.16]# ps -ef | grep keepalived
    root      3217     1  0 01:08 ?        00:00:00 keepalived -D
    root      3219  3217  0 01:08 ?        00:00:00 keepalived -D
    root      3220  3217  0 01:08 ?        00:00:00 keepalived -D
    root      3222  1074  0 01:08 pts/0    00:00:00 grep keep
    [root@lvs01 keepalived-1.2.16]# /etc/init.d/keepalived stop
    Stopping keepalived:                                       [  OK  ]

    修改配置文件(单实例)

    lvs01

    [root@lvs01 keepalived-1.2.16]# cd /etc/keepalived/
    [root@lvs01 keepalived]# cp keepalived.conf keepalived.conf.bak
    [root@lvs01 keepalived]# vim keepalived.conf
    ! Configuration File for keepalived
    
    global_defs {
       notification_email {
         acassen@firewall.loc
         failover@firewall.loc
         sysadmin@firewall.loc
       }
       notification_email_from Alexandre.Cassen@firewall.loc
       smtp_server 192.168.200.1
       smtp_connect_timeout 30
       router_id LVS_01
    }
    
    vrrp_instance VI_1 {
        state MASTER
        interface eth0
        virtual_router_id 51
        priority 150
        advert_int 1
        authentication {
            auth_type PASS
            auth_pass 1111
        }
        virtual_ipaddress {
            192.168.119.150
        }
    }
    
    virtual_server 192.168.119.150 80 {
        delay_loop 6
        lb_algo wrr
        lb_kind DR
        nat_mask 255.255.255.0
        persistence_timeout 300
        protocol TCP
    
        real_server 192.168.119.130 80 {
            weight 1
        TCP_CHECK
                connect_timeout 8
                nb_get_retry 3
                delay_before_retry 3
            connect_port 80
            }
        }
        real_server 192.168.119.133 80 {
            weight 1
            TCP_CHECK
                connect_timeout 8
                nb_get_retry 3
                delay_before_retry 3
                connect_port 80
            }
        }

    启动keepalived

    [root@lvs01 keepalived]# /etc/init.d/keepalived start
    Starting keepalived:                                       [  OK  ]

    查看VIP

    [root@lvs01 keepalived]# ip add 
    1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN 
        link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
        inet 127.0.0.1/8 scope host lo
        inet6 ::1/128 scope host 
           valid_lft forever preferred_lft forever
    2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
        link/ether 00:0c:29:6e:24:e0 brd ff:ff:ff:ff:ff:ff
        inet 192.168.119.134/24 brd 192.168.119.255 scope global eth0
        inet 192.168.119.150/32 scope global eth0
        inet6 fe80::20c:29ff:fe6e:24e0/64 scope link 
           valid_lft forever preferred_lft forever

    查看ipvs

    [root@lvs01 keepalived]# ipvsadm -ln
    IP Virtual Server version 1.2.1 (size=4096)
    Prot LocalAddress:Port Scheduler Flags
      -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
    TCP  192.168.119.150:80 rr persistent 300
      -> 192.168.119.130:80           Masq    1      0          0         
      -> 192.168.119.133:80           Masq    1      0          0    

    lvs02配置

    [root@lvs02 keepalived]# vim keepalived.conf
    ! Configuration File for keepalived
    
    global_defs {
       notification_email {
         acassen@firewall.loc
         failover@firewall.loc
         sysadmin@firewall.loc
       }
       notification_email_from Alexandre.Cassen@firewall.loc
       smtp_server 192.168.200.1
       smtp_connect_timeout 30
       router_id LVS_02
    }
    
    vrrp_instance VI_1 {
        state BACKUP
        interface eth0
        virtual_router_id 51
        priority 100
        advert_int 1
        authentication {
            auth_type PASS
            auth_pass 1111
        }
        virtual_ipaddress {
            192.168.119.150
        }
    }
    
    virtual_server 192.168.119.150 80 {
        delay_loop 6
        lb_algo wrr
        lb_kind DR
        nat_mask 255.255.255.0
        persistence_timeout 300
        protocol TCP
    
        real_server 192.168.119.130 80 {
            weight 1
        TCP_CHECK
                connect_timeout 8
                nb_get_retry 3
                delay_before_retry 3
            connect_port 80
            }
        }
        real_server 192.168.119.133 80 {
            weight 1
            TCP_CHECK
                connect_timeout 8
                nb_get_retry 3
                delay_before_retry 3
                connect_port 80
            }
        }

    查看vip和ipvs

    (没有VIP但lvs服务启动、不接受请求)

    [root@lvs02 keepalived]# ip add | grep 192.168.119.150
    [root@lvs02 keepalived]# ip add | grep 192.168.119.150
    [root@lvs02 keepalived]# ip add | grep 192.168.119.150
    [root@lvs02 keepalived]# ip add | grep 192.168.119.150
    [root@lvs02 keepalived]# ipvsadm -ln
    IP Virtual Server version 1.2.1 (size=4096)
    Prot LocalAddress:Port Scheduler Flags
      -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
    [root@lvs02 keepalived]# ipvsadm -ln
    IP Virtual Server version 1.2.1 (size=4096)
    Prot LocalAddress:Port Scheduler Flags
      -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
    TCP  192.168.119.150:80 wrr persistent 300
      -> 192.168.119.130:80           Route   1      0          0         
      -> 192.168.119.133:80           Route   1      0          0         
    [root@lvs02 keepalived]# ipvsadm -ln
    IP Virtual Server version 1.2.1 (size=4096)
    Prot LocalAddress:Port Scheduler Flags
      -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
    TCP  192.168.119.150:80 wrr persistent 300
      -> 192.168.119.130:80           Route   1      0          0         
      -> 192.168.119.133:80           Route   1      0          0         
    [root@lvs02 keepalived]# ip add | grep 192.168.119.150

    测试

     

  • 相关阅读:
    「ruby/MiniMagick」用MiniMagick处理图片
    「thunar」给thunar增加搜索文件功能
    Software--Architecture--SOA Factory
    DataArchitecture--数据结构与算法 (Java)
    Software--Architecture--SOA 面向服务体系结构
    Software--Develop -- WCF Setting
    Industry--OPC UA (OPC Unified Architecture) 统一架构
    Software--IoC 依赖倒置 控制反转
    虚拟表dual。字符串函数UPPER,LOWER。&变量。INITCAP,LENGTH,SUBSTR
    运算符关键字。数据区别大小写。日期范围。判空的两种写法。NOT IN的两种写法。IN范围可含NULL,但NOT IN值范围不能含NULL。
  • 原文地址:https://www.cnblogs.com/hwlong/p/6079374.html
Copyright © 2011-2022 走看看