LVS使用整理(1)

开始安装LVS

1）下载相关软件包

mkdir -p /home/tools/
cd /home/tools/
wget http://www.linuxvirtualserver.org/software/kernel-26/ipadm-1.26.tar.gz

2）安装LVS命令

lsmod |grep ip_vs
cat /etc/redhat-release
uname -r
ln -s /usr/src/kernels/2.6.18- /usr/src/linux
特别注意：
1）此ln命令的路径要和uname -r 输出结果内核版本对应。
2）如果没有/usr/src/kernels/2.6,是因为缺少kernel-devel-2.6.18软件包。可通过yum install kernel-devel -y 安装。
3）ln这个命令也可以不执行，直接指定内核参数编译。

tar zxvf ipvsadm-1.26.tar.gz
make
make install
lsmod |grep ip_vs
提示：
1.此时ipvs模块没有被加载，可以执行ipvsadm命令就会吧ip_vs加载到系统内核或执行命令modprobe ip_vs也可以把ip_vs模块加载到内核。然后再执行lsmod -l |grep ip_vs 应该看见ip_vs模块被列出。

需要安装依赖包
yum install libnl* popt* -y.

-----

负载均衡器配置

配置别名网卡

ifconfig eth0:1 192.168.1.181 netmask 255.255.255.0 up #<=别名的方式

④ 手工执行配置添加LVS服务器并增加两台RS

ipvsadm -C
ipvsadm --set 30  5 60
ipvsadm -A -t 192.168.1.181:80 -s wrr -p 20
ipvsadm -a -t 192.168.1.181:80 -r 192.168.1.178:80 -g -w 1
ipvsadm -a -t 192.168.1.181:80 -r 192.168.1.179:80 -g -w 1

[删除方法]

ipvsadm -D -t 192.168.1.181:80 -s wrr
ipvsadm -d -t 192.168.1.181:80 -r 192.168.1.178:80

[相关参数说明]

ipvsadm -help
--clear  -C  clear the whole table
--add-service -A add virtual service with options
--tcp-service -t service-address service-address is host[:port]
--scheduler -s   scheduler  one of rr|wrr|lc|wlc|lblc|lblcr|dh|sh|sed|nq
--add-server -a add real server with options
--real-server -r server-address server-addres s is host(and port)
--masquerading -m masquerading (NAT)
--gatewaying -g gatewaying(direct routing)(default)
--delete-server -d delete real server
--persistent -p [timeout]   persistent server(会话保持功能）
--set tcp tcpfin udp       set connection timeout values
--weight  -w weight  capacity of real server
提示：更多参数请ipvsadm -help自行查看

⑤命令执行过程及检查配置的执行结果

ipvsadm -C
ipvsadm --set 30  5 60
ipvsadm -A -t 192.168.1.181:80 -s wrr -p 20
ipvsadm -a -t 192.168.1.181:80 -r 192.168.1.178:80 -g -w 1
ipvsadm -a -t 192.168.1.181:80 -r 192.168.1.179:80 -g -w 1
ipvsadm -L -n --sort
ipvsadm -d -t 192.168.1.181:80 -r 192.168.1.178:80
ipvsadm -L -n --sort
ipvsadm -a -t 192.168.1.181:80 -r 192.168.1.178:80
ipvsadm -L -n --sort

手工在RS端绑定VIP

ifconfig lo:181.168.1.181 netmask 255.255.255.255 up
route add -host 192.168.1.181 dev lo

 每个集群节点的回环接口（lo）设备上被绑定VIP地址（其广播地址是其本身，子网掩码255.255.255.255，采取可变掩码方式把网段划分成只含一个主机地址的目的是避免ip地址冲突）允许LVS-DR集群中的集群节点接收发向该VIP地址的数据包，这会有一个非常严重的问题发生，集群内部的真实服务器将尝试回复来自正在请求VIP客户端的ARP广播，这样所有的真实服务器都将声称自己拥有该VIP地址，这时客户端将直接发送请求数据包到真实服务器上，从而破坏DR集群的方法。因此，必须要抑制真实服务器的ARP广播。

手工在RS端抑制ARP响应

⑦抑制ARP响应方法如下：

echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce

以RS179为例演示执行过程如下：

ifconfig lo:181 192.168.1.181 netmask 255.255.255.255 up
route add -host 192.168.1.181 dev lo
cat /proc/sys/net/ipv4/conf/lo/arp_ignore
cat /proc/sys/net/ipv4/conf/all/arp_ignore
cat /proc/sys/net/ipv4/conf/all/arp_ignore
cat /proc/sys/net/ipv4/conf/lo/arp_announce

echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce

arp音质技术参数说明

arp_ignore- INTEGER

0 默认值：

检查手工配置成果

使用http://192.168.1.178{179}(181)

使用脚本配置LVS负载均衡服务器端

#!/bin/bash

. /etc/init.d/functions
VIP=192.168.1.181
SUBNET=eth0:`echo $VIP|cut -d. -f4`
PORT=80
GW=192.168.1.1

#w=3
RIP1=(
        192.168.1.178
     )
#w=1
RIP2=(
        192.168.1.179
     )
IFCONFIG=/sbin/ifconfig
ROUTE=/sbin/route
IPVSADM=/sbin/ipvsadm
ARPING=/sbin/arping

#functions
function usage (){
        local script_name
        script_name=$1
        echo "Usgae : $script_name [ start | stop | restart ]"
        echo ""
        return 1
}

function checkCmd (){
        if [ ! -f $1 ]; then
                echo "Can't find "$1
                return 1
        fi
}

function checkSubnet (){
        $IFCONFIG |grep "$1"|wc -l
}

function ipvsStart (){
        #judge if $SUBNET is exist.
        if [ $(checkSubnet $SUBNET) -ne 0 ]; then
                $IFCONFIG $SUBNET down
        fi
        local rs
        #$IFCONFIG $SUBNET $VIP broadcast $VIP netmask 255.255.255.255 up
        $IFCONFIG $SUBNET $VIP broadcast $VIP netmask 255.255.255.0 up
        #$ROUTE add -host $VIP dev $SUBNET
        $IPVSADM -C
        $IPVSADM -A -t $VIP:$PORT -s wrr -p 60

        for ((i=0; i<`echo ${#RIP1[*]}`; i++))
        do
                $IPVSADM -a -t $VIP:$PORT -r ${RIP1[$i]}:$PORT -g -w 1
        done

        for ((i=0; i<`echo ${#RIP2[*]}`; i++))
        do
                $IPVSADM -a -t $VIP:$PORT -r ${RIP2[$i]}:$PORT -g -w 1
        done
        rs=$?
        $IPVSADM >/tmp/oldboy.log

        # update MAC
     NetIf=$(echo ${SUBNET}|awk -F ":" '{print $1}')
        $ARPING -c 1 -I ${NetIf} -s $VIP $GW >>/tmp/oldboy.log
        [ $rs -eq 0 ] && action "Ipvsadm start." /bin/true
        return $rs
}

function ipvsStop (){
        local rs
     rs=1
        #clean ipvs
     $IFCONFIG $SUBNET down
        $IPVSADM -C
        $IPVSADM -Z
       
        rs=$?
        #$ROUTE del $VIP
     $ARPING -c 1 -I ${NetIf} -s $VIP $GW  >/dev/null 2>&1
        [ $rs -eq 0 ] && action "Ipvsadm stoped." /bin/true
        return $rs
}

main ()
{
     #judge argv num by oldboy
        if [ $# -ne 1 ]; then
                usage $0
        fi

        case "$1" in
                start)
                        ipvsStart
                        ;;
                stop)
                        ipvsStop
                        ;;
                restart)
                        ipvsStop
                        ipvsStart
                        ;;
                *)
                        usage $0
                        ;;
        esac
}

#start operating
main $*

开发脚本配置LVS RS真实服务器处理脚本

#!/bin/bash
# description: Config realserver lo and apply noarp
VIP=(
        192.168.1.181
     )

. /etc/rc.d/init.d/functions

case "$1" in
start)
        for ((i=0; i<`echo ${#VIP[*]}`; i++))
        do
           interface="lo:`echo ${VIP[$i]}|awk -F . '{print $4}'`"
           /sbin/ifconfig $interface ${VIP[$i]} broadcast ${VIP[$i]} netmask 255.255.255.255 up
        done
        echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
        echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
        echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
        echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
         action "Start LVS of RearServer.by old1boy"
        ;;
stop)
        for ((i=0; i<`echo ${#VIP[*]}`; i++))
        do
            interface="lo:`echo ${VIP[$i]}|awk -F . '{print $4}'`"
            /sbin/ifconfig $interface ${VIP[$i]} broadcast ${VIP[$i]} netmask 255.255.255.255 down
        done
        echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
        echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
        echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
        echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
         action "Close LVS of RearServer.by old2boy"
        ;;
*)
        echo "Usage: $0 {start|stop}"
        exit 1
esac

一个脚本同时实现自动剔除和加入RS

CURL方法很不错

#!/bin/bash

PORT="80"
VIP=192.168.1.181

RIP=(
    192.168.1.178
    192.168.1.179
)

function check_url()
{

for ((i=0; i<`echo ${#RIP[*]}`; i++))
do
judge=($(curl -I -s http://${RIP[$i]}|head -1|tr " " " "))
if [[ "${judge[1]}" == '200' && "${judge[2]}"=='OK' ]]
   then
     if [ `ipvsadm -L -n|grep "${RIP[$i]}"|wc -l` -ne 1 ]
      then
      ipvsadm -a -t $VIP:$PORT -r ${RIP[$i]}:$PORT
     fi

else
      if [ `ipvsadm -L -n|grep "${RIP[$i]}"|wc -l` -eq 1 ]
      then
      ipvsadm -d -t $VIP:$PORT -r ${RIP[$i]}:$PORT
     fi
fi
done
}

while true
do
check_url
sleep 5
done