LVS+Keepalive 实现服务器的负载均衡高可用
一、安装
两台机器的安装是一样的,这里只记录一遍。
1. 下载LVS+Keepalive 所需安装包
http://www.keepalived.org/software/keepalived-1.2.7.tar.gz
http://www.linuxvirtualserver.org/software/kernel-2.6/ipvsadm-1.24.tar.gz
http://down1.chinaunix.net/distfiles/linux-2.6.18.tar.bz2
http://down1.chinaunix.net/distfiles/linux-2.6.32.tar.bz2
2. 安装所需环境
[root@ZH-LVS01 ~]# yum -y install glibc* gcc* cc*
[root@ZH-LVS01 ~]# yum -y install openssl-devel
[root@ZH-LVS01 ~]# yum -y install kernel-devel
3. 安装keepalive
[root@ZH-LVS01 ~]# tar -xzf keepalived-1.2.7.tar.gz
[root@ZH-LVS01 ~]# cd keepalived-1.2.7
[root@ZH-LVS01 keepalived-1.2.7]# ./configure
编译时出现以下问题原因是未安装popt的开发包
解决:
yum install popt-devel
安装好popt的开发包。
[root@ZH-LVS01 keepalived-1.2.7]# make && make install
[root@ZH-LVS01 keepalived-1.2.7]# keepalived --help #查看keepavlied的帮助信息同时也证明了keepalive已经安装成功
[root@ZH-LVS01 ~]# find / -name keepalived #查看keepalived的位置
[root@ZH-LVS01 ~]# cp /usr/local/etc/rc.d/init.d/keepalived /etc/rc.d/init.d/
[root@ZH-LVS01 ~]# cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/
[root@ZH-LVS01 ~]# mkdir /etc/keepalived
[root@ZH-LVS01 ~]# cp /usr/local/etc/keepalived/keepalived.conf /etc/keepalived/
[root@ZH-LVS01 ~]# cp /usr/local/sbin/keepalived /usr/sbin/
[root@ZH-LVS01 ~]# service keepalived start
启动 keepalived:
[root@ZH-LVS01 ~]# service keepalived stop
停止 keepalived: [确定]
[root@ZH-LVS01 ~]# service keepalived start
启动 keepalived: [确定]
[root@ZH-LVS01 ~]#
4. 安装ipvsadm LVS管理工具
4.1 检查kernel是否已经支持LVS的IPVS模块。
[root@ZH-LVS01 ~]# modprobe -l |grep ipvs
4.2 在安装ipvsadm之前应该做一下内核比对,/usr/local/kernels/ 下面的内核版本要和linux所使用的内核版本一样,然后做个链接。
4.3 解压并安装ipvsadm管理软件
[root@ZH-LVS01 ~]# tar -xzf ipvsadm-1.24.tar.gz
[root@ZH-LVS01 ~]# cd ipvsadm-1.24
[root@ZH-LVS01 ipvsadm-1.24]# make && make install
[root@ZH-LVS01 ipvsadm-1.24]# ipvsadm --help #看到帮助提示,表明IPVS已经安装成功。[root@ZH-LVS01 ipvsadm-1.24]# cd
[root@ZH-LVS01 ~]# find / -name ipvsadm #查看ipvsadm软件安装的位置。
二、 配置
1.
[root@ZH-LVS01 ~]# cd /etc/keepalived/
[root@ZH-LVS01 keepalived]# cp keepalived.conf keepalived.conf.bak
[root@ZH-LVS01 keepalived]# vim keepalived.conf2. 配置LVS01为Real Server,通过创建脚本的方式来实现。
1 ! Configuration File for keepalived 2 3 global_defs { 4 notification_email { 5 acassen@firewall.loc 6 failover@firewall.loc 7 sysadmin@firewall.loc 8 } 9 notification_email_from Alexandre.Cassen@firewall.loc 10 smtp_server 192.168.200.1 11 smtp_connect_timeout 30 12 router_id LVS_DEVEL 13 } 14 vrrp_script chk_tomcat 15 { 16 script "/data/ha/scripts/ftp_check.sh" 17 interval 2 18 timeout 2 19 fall 3 20 } 21 22 23 vrrp_instance VI_1 { 24 state MASTER 25 interface eth0 26 virtual_router_id 202 27 priority 99 28 advert_int 1 29 authentication { 30 auth_type PASS 31 auth_pass 1111 32 } 33 virtual_ipaddress { 34 10.143.92.202 35 } 36 track_script { 37 chk_tomcat 38 } 39 } 40 41 virtual_server 10.143.92.202 80 { #此处端口不能写21哦,不然起来后会有问题 42 delay_loop 3 43 lb_algo wlc 44 lb_kind DR 45 nat_mask 255.255.255.255 46 persistence_timeout 50 47 protocol TCP 48 49 50 real_server 10.143.92.115 21 { 51 weight 1 52 MISC_CHECK { 53 misc_path "/usr/local/bin/check_ftpget.pl -H 10.143.92.115 -u dev -p dev" 54 misc_timeout 10 55 } 56 weight 1 57 TCP_CHECK { 58 connect_timeout 3 59 nb_get_retry 3 60 delay_before_retry 3 61 } 62 } 63 64 real_server 10.143.82.10 21 { 65 weight 1 66 MISC_CHECK { 67 misc_path "/usr/local/bin/check_ftpget.pl -H 10.143.92.116 -u dev -p dev" 68 misc_timeout 10 69 } 70 weight 1 71 TCP_CHECK { 72 connect_timeout 3 73 nb_get_retry 3 74 delay_before_retry 3 75 } 76 } 77 }
#!/bin/bash status=$(/usr/local/bin/check_ftpget.pl -H 10.143.92.116 -u dev -p dev) if [ "${status}" != "ftp ok" ];then /etc/init.d/keepalived stop exit 1 else ftp_status=$(ps -ef |grep keepalived |grep -v grep|wc -l) #if [ "${ftp_status}" < "3" ];then if [ "${ftp_status}" != 3 ];then /etc/init.d/keepalived start exit 0 fi fi
1 #!/usr/bin/perl -w 2 ## Written 12/5/00 Jeremy Hanmer 3 # $Id: check_ftpget.pl,v 1.1 2000/12/07 14:40:44 karldebisschop Exp $ 4 use strict; 5 use Net::FTP; 6 use Getopt::Std; 7 use vars qw($opt_H $opt_u $opt_p $opt_f); 8 getopts("H:u:p:f:"); 9 my $host = $opt_H || 10 die "usage: check_ftp.pl -h host [<-u user> <-p pass> <-f file>] "; 11 my $username = $opt_u || 'anonymous'; 12 my $pass = $opt_p || "$ENV{'LOGNAME'}@$ENV{'HOSTNAME'}" ; 13 my $file = $opt_f; 14 my $status = 0; 15 my $problem; 16 my $output = "ftp ok"; 17 my $ftp = Net::FTP->new("$host") || 18 &crit("connect"); 19 $ftp->login("$username", "$pass") || 20 &crit("login"); 21 $ftp->get($file) || 22 &crit("get") if $file; 23 sub crit() 24 { 25 $problem = $_[0]; 26 $status = 2; 27 if ( $problem eq 'connect' ) { 28 $output = "can't connect"; 29 } elsif ( $problem eq 'login' ) { 30 $output = "can't log in"; 31 } elsif ( $problem eq 'get' ) { 32 $output = "cant get $file"; 33 } 34 } 35 print "$output "; 36 exit $status;
配置文件参考博客:http://www.cnblogs.com/MacoLee/p/5858995.html
[root@ZH-LVS01 ~]# vim /etc/init.d/lvsrs
#!/bin/bash
##
Script to start LVS DR real server.
# Decription: LVS DR real server.
. /etc/rc.d/init.d/functions
VIP=10.143.117.200
host=`/bin/hostname`
case "$1" in
start)
# Start LVS-DR real server on this machine.
/sbin/ifconfig lo down
/sbin/ifconfig lo up
echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
/sbin/ifconfig lo:0 $VIP broadcast $VIP netmask 255.255.255.255 up
/sbin/route add -host $VIP dev lo:0
;;
stop)
# Stop LVS-DR real server loopback device(s).
/sbin/ifconfig lo:0 down
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_announce
echo 0 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/all/arp_announce
;;
status)
# Status of LVS-DR real server.
islothere=`/sbin/ifconfig lo:0 | grep $VIP`
isrothere=`netstat -nr | grep "lo:0" | grep $VIP`
if [ ! "$islothere" -o ! "isrothere" ];then
# Either the route or the lo:0 device
# not found.
echo "LVS-DR real server Stoped."
else
echo "LVS-DR real server Running."
fi
;;*)
# Invalid entry .
echo "$0 : Usage: $0 {start|status|stop}"
exit 1
;;
esac
[root@ZH-LVS01 ~]# chmod +x /etc/init.d/lvsrs
4. 安装http 服务测试负载。
[root@ZH-LVS01 ~]# yum -y install http*
[root@ZH-LVS01 ~]# echo "ZH-LVS01" > /var/www/html/index.html
[root@ZH-LVS01 ~]# service httpd start
启动 httpd: [确定]
[root@ZH-LVS01 ~]# netstat -ntlp
5.启动服务
[root@ZH-LVS01 ~]# service keepalived restart
停止 keepalived: [确定]
启动 keepalived: [确定]
[root@ZH-LVS01 ~]# /usr/local/bin/check_interface &
[1] 10719
[root@ZH-LVS01 ~]# /etc/init.d/lvsrs start
[root@ZH-LVS01 ~]# /etc/init.d/lvsrs status
LVS-DR real server Running.
[root@ZH-LVS01 ~]#
ZH-LVS02的配置基本和ZH-LVS01上的配置是一样的,可以直接scp过去。有以下几点不同。
1. /etc/keepalived/keepalived.conf 中将MASTER改为BACKUP
2. 在LVS02中/etc/keepalived/keepalived.conf 中不需要写nopreempt
3.其他的/etc/init.d/lvsrs 可以直接拷贝过去就给执行权限即可。
日志写在 /var/log/messages 中ZH-LVS01配置
[root@ZH-LVS02 ~]# scp root@192.168.211.166:/etc/keepalived/keepalived.conf /etc/keepalived/
[root@ZH-LVS02 ~]# scp root@192.168.211.166:/etc/init.d/lvsrs /etc/init.d/
安装http服务并添加测试网页内容
[root@ZH-LVS02 ~]# echo "ZH-LVS02" > /var/www/html/index.html
[root@ZH-LVS02 ~]# service httpd start
启动 httpd: [确定]
[root@ZH-LVS02 ~]# netstat -ntlp启动服务
[root@ZH-LVS02 keepalived]# service keepalived restart
停止 keepalived: [确定]
启动 keepalived: [确定]
[root@ZH-LVS02 keepalived]# /etc/init.d/lvsrs start
[root@ZH-LVS02 keepalived]# /etc/init.d/lvsrs status
LVS-DR real server Running.
[root@ZH-LVS02 keepalived]#
使用ipvsadm 查看负载节点
