LVS-DR架构图
都是一块网卡
Director: DIP:eth0: 192.168.1.3 网关
VIP:eth0:1: 192.168.1.6
RealServer1:RIP1:eth0:192.168.1.7
VIP:lo:0:192.168.1.6
RealServer2:RIP2:eth0:192.168.1.8
VIP:lo:0:192.168.1.6
Client:eth0: 192.168.1.250
原理如下:
1. 用户请求直达Director的VIP地址,Director根据算法从Realserver列表中选取下一个Realserver,并将数据包转发给它, 整个过程中源地址CIP,目标地址VIP不变;
2. Realserver响应数据包不再经过Director直接返回客户端电脑,同时返回数据包的源地址VIP,目标地址CIP;
3.每一台Realserver都必须配置同一VIP地址,因此在同一网络中,所有广播包会到任意一台主机,但数据包通过路由器的内网关及VIP地址时是通过MAC地址实现的,二者通信时必须发起一次ARP广播以解析VIP的MAC地址, 所以任何一台配置VIP地址的主机都能收到一份ARP广播请求,对于Linux而言,地址属于系统,而非网卡。只要系统上有VIP地址,就会响应ARP广播。因此路由器内网关会收到4个不同MAC地址的响应,响应最快的可能正确包但被后面的错误包给冲刷了,无法获知哪个是正确的响应包。造成谁响应最慢谁的数据包反而生效,在一定时间内不再发起ARP广播,这段时间内只响应来自此MAC地址的数据包,失去负载均衡的意义。
4. realserver应该以VIP为源地址响应数据包,但不响应对VIP地址的ARP广播请求。这样才能保证前端客户端请求一旦被路由器内网关ARP广播,只有director的VIP响应。director在转发数据包时IP地址不变,源MAC修改为DIP,直接修改目标MAC地址为RIP MAC。realserver解包发现源地址CIP,目标地址VIP,处理完成返回数据包时,源IP是VIP,目标IP是CIP,源MAC是RIP MAC,目标MAC是CIP MAC。CIP MAC无法接受来自内网的RIP MAC的响应。所以realserver上需另作额外配置,访问时以那个VIP做目标地址,响应时必须以此地址做响应。
5.对realserver所需要配置:
1. 隔离对VIP的ARP请求做响应,修改内核参数 lo:0接口。
2. 任何对目标地址为VIP,响应的源地址也必须是VIP 。设置特定路由。
6.对Director所需要配置:
1. 只开放对VIP的ARP请求做响应
2. 确定只有用户请求的地址是VIP eth0:1 时才转发,对DIP eth0 不转发。VIP:80 和DIP:80 是两个完全不同套接字,可以共存。特殊路由
1.1 Director配置
图形界面setup配置直观但没有文本有思路。不再累述
DIP:eth0: 192.168.1.3 网关
[root@director ~]# vim /etc/hosts
127.0.0.1 localhost.localdomain localhost
192.168.1.3 director.example.com director
::1 localhost6.localdomain6 localhost6
[root@director ~]# vim /etc/sysconfig/network
NETWORKING=yes
NETWORKING_IPV6=no
HOSTNAME=director.example.com
GATEWAY=192.168.1.3 网关
[root@director ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0
# Advanced Micro Devices [AMD] 79c970 [PCnet32 LANCE]
DEVICE=eth0
BOOTPROTO=static
BROADCAST=192.168.1.255
HWADDR=00:0C:29:BB:02:FD
IPADDR=192.168.1.3
NETMASK=255.255.255.0
NETWORK=192.168.1.0
ONBOOT=yes
VIP:eth0:1: 192.168.1.6
[root@director ~]# cd /etc/sysconfig/network-scripts/
[root@director network-scripts]# cp ifcfg-eth0 ifcfg-eth0:1 复制网卡别名配置文件
[root@director network-scripts]# vim ifcfg-eth0:1
# Advanced Micro Devices [AMD] 79c970 [PCnet32 LANCE]
DEVICE=eth0:1 系统是照DEVICE名称识别,所以必须是eth0:1,图形化setup中也必须区别设置
BOOTPROTO=static
BROADCAST=192.168.1.255
HWADDR=00:0C:29:BB:02:FD
IPADDR=192.168.1.6
NETMASK=255.255.255.0
NETWORK=192.168.1.0
ONBOOT=yes
[root@director network-scripts]# service network restart
[root@director network-scripts]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:BB:02:FD
inet addr:192.168.1.3 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:959 errors:0 dropped:0 overruns:0 frame:0
TX packets:758 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:86349 (84.3 KiB) TX bytes:114489 (111.8 KiB)
Interrupt:67 Base address:0x2024
eth0:1 Link encap:Ethernet HWaddr 00:0C:29:BB:02:FD
inet addr:192.168.1.6 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:67 Base address:0x2024
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:34 errors:0 dropped:0 overruns:0 frame:0
TX packets:34 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:2616 (2.5 KiB) TX bytes:2616 (2.5 KiB)
允许数据包转发
[root@director ~]# vim /etc/sysctl.conf
net.ipv4.ip_forward = 1
[root@director ~]# service network restart 重启网络生效
[root@director ~]# sysctl -p
net.ipv4.ip_forward = 1
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
kernel.sysrq = 0
kernel.core_uses_pid = 1
net.ipv4.tcp_syncookies = 1
kernel.msgmnb = 65536
kernel.msgmax = 65536
kernel.shmmax = 4294967295
kernel.shmall = 268435456
检查默认路由
[root@director ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 路由进入
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
0.0.0.0 192.168.1.3 0.0.0.0 UG 0 0 0 eth0 默认路由出去
添加特殊路由
确定只有用户请求的地址是VIP eth0:1 时才转发,对DIP eth0 不转发。VIP:80 和DIP:80 是两个完全不同套接字,可以共存。
[root@director ~]# route add -host 192.168.1.6 dev eth0:1 临时添加的静态路由,重启网络后无效
[root@director ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.1.6 0.0.0.0 255.255.255.255 UH 0 0 0 eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
0.0.0.0 192.168.1.3 0.0.0.0 UG 0 0 0 eth0
[root@director ~]# service network restart
[root@director ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
0.0.0.0 192.168.1.3 0.0.0.0 UG 0 0 0 eth0
保存永久路由
保存路由设置,使其在网络重启后任然有效
[root@director ~]# vim /etc/sysconfig/static-routes
any host 192.168.1.6 gw 192.168.1.6
[root@director sysconfig]# service network restart
[root@director sysconfig]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.1.6 192.168.1.6 255.255.255.255 UGH 0 0 0 eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
0.0.0.0 192.168.1.3 0.0.0.0 UG 0 0 0 eth0
安装集群服务
[root@director ~]# yum -y install ipvsadm
ipvsadm.i386 0:1.24-13.el5
在director上配置集群服务
[root@director ~]# ipvsadm –C 清空ipvs表
[root@director ~]# ipvsadm –ln 十进制地址显示表
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
[root@director ~]# ipvsadm -A -t 192.168.1.6:80 -s rr
-A 添加虚拟服务 -t tcp $ip:$port -s scheduler 调度算法 rr 轮调
[root@director ~]# ipvsadm -a -t 192.168.1.6:80 -r 192.168.1.7 -w 1 -g
[root@director ~]# ipvsadm -a -t 192.168.1.6:80 -r 192.168.1.8 -w 1 -g
-a 添加真实服务器 -t tcp $ip:$port –r 真实服务器 –w 权重
-g --gateway 指定LVS 的工作模式为直接路由模式(也是LVS 默认的模式),不写也没关系
[root@director ~]# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.1.6:80 rr
-> 192.168.1.8:80 Route 1 0 0
-> 192.168.1.7:80 Route 1 0 0
[root@director ~]# service ipvsadm save
ipvsadm: Saving IPVS table to /etc/sysconfig/ipvsadm: [ OK ]
[root@director ~]# service ipvsadm restart
ipvsadm: Clearing the current IPVS table: [ OK ]
ipvsadm: Unloading modules: [ OK ]
ipvsadm: Clearing the current IPVS table: [ OK ]
ipvsadm: Applying IPVS configuration: [ OK ]
配置realserver, 对于任何一台realserver都要先隔离arp广播,再配置地址, 次序一定不能乱。否则失效。
配置RIP1
先清除原始网卡配置
[root@rip1 ~]# vim /etc/hosts
#192.168.1.7 rip1.example.com rip1
[root@rip1 ~]# vim /etc/sysconfig/network
#GATEWAY=192.168.1.3
[root@rip1 ~]# cd /etc/sysconfig/network-scripts/
[root@rip1 network-scripts]# mv ifcfg-eth0 ifcfg-eth0.bak
[root@rip1 network-scripts]# mv ifcfg-lo ifcfg-lo.bak
配置arp通告与忽略规则隔离arp广播
[root@rip1 ~]# echo "net.ipv4.conf.all.arp_announce = 2" >> /etc/sysctl.conf
[root@rip1 ~]# echo "net.ipv4.conf.lo.arp_announce = 2" >> /etc/sysctl.conf
[root@rip1 ~]# echo "net.ipv4.conf.all.arp_ignore = 1" >> /etc/sysctl.conf
[root@rip1 ~]# echo "net.ipv4.conf.lo.arp_ignore = 1" >> /etc/sysctl.conf
[root@rip1 ~]# sysctl -p
net.ipv4.conf.all.arp_announce = 2
#对查询目标使用最适当的本地地址响应。在此模式下将忽略这个IP数据包的源地址并尝试选择与能与该地址通信的本地地址.首要是选择所有的网络接口的子网中外出访问子网中包含该目标IP地址的本地地址. 如果没有合适的地址被发现,将选择当前的发送网络接口或其他的有可能接受到该ARP回应的网络接口来进行发送。
net.ipv4.conf.lo.arp_announce = 2
net.ipv4.conf.all.arp_ignore = 1 #只响应目标IP地址是来访网络接口本地地址的ARP查询请求
net.ipv4.conf.lo.arp_ignore = 1
**************************************************************************************
3.1
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
这两条是可以不用的,因为arp对逻辑接口没有意义。
3.2 如果你的RealServer的外部网络接口是eth0,那么
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
其实真正要执行的是:
echo "1" >/proc/sys/net/ipv4/conf/eth0/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/eth0/arp_announce
所以我个人建议把上面两条也加到你的脚本里去,因为万一系统里上面两条默认的值不是0,那有可能是会出问题。
************************************************************************************
配置地址
[root@rip1 ~]# vim /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost
192.168.1.7 rip1.example.com rip1
::1 localhost6.localdomain6 localhost6
[root@rip1 ~]# vim /etc/sysconfig/network
NETWORKING=yes
NETWORKING_IPV6=no
HOSTNAME=rip1.example.com
GATEWAY=192.168.1.3
[root@rip1 ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0
# Advanced Micro Devices [AMD] 79c970 [PCnet32 LANCE]
DEVICE=eth0
BOOTPROTO=static
BROADCAST=192.168.1.255
HWADDR=00:0C:29:BB:02:F1
IPADDR=192.168.1.7
NETMASK=255.255.255.0
NETWORK=192.168.1.0
ONBOOT=yes
配置VIP:lo:0 IP地址:
[root@r1~]# ifconfig lo:0 192.168.1.6 broadcast 192.168.1.6 netmask 255.255.255.255 up 临时性配置
永久配置
[root@rip1 network-scripts]# cp ifcfg-lo ifcfg-lo:0
[root@rip1 network-scripts]# vim ifcfg-lo:0
DEVICE=lo:0
IPADDR=192.168.1.6
NETMASK=255.255.255.255
# If you're having problems with gated making 127.0.0.0/8 a martian,
# you can change this to something else (255.255.255.255, for example)
BROADCAST=192.168.1.6
GATEWAY=192.168.1.6
ONBOOT=yes
NAME=loopback
[root@rip1 ~]# service network restart
[root@rip1 ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:BB:02:F1
inet addr:192.168.1.7 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2597 errors:0 dropped:0 overruns:0 frame:0
TX packets:1759 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:230523 (225.1 KiB) TX bytes:230795 (225.3 KiB)
Interrupt:67 Base address:0x2024
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:12 errors:0 dropped:0 overruns:0 frame:0
TX packets:12 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:760 (760.0 b) TX bytes:760 (760.0 b)
lo:0 Link encap:Local Loopback
inet addr:192.168.1.6 Mask:255.255.255.255
UP LOOPBACK RUNNING MTU:16436 Metric:1
添加特殊路由,临时设置
[root@rip1 ~]# route add -host 192.168.1.6 dev lo:0
等于realserver上对虚拟vip的路由通过lo:0环回给自己,不对外做响应
[root@rip1 ~]# route –n 还没有显示在路由表
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.1.6 0.0.0.0 255.255.255.255 UH 0 0 0 lo
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
0.0.0.0 192.168.1.3 0.0.0.0 UG 0 0 0 eth0
保存永久路由
保存路由设置,使其在网络重启后任然有效
[root@rip1 ~]# vim /etc/sysconfig/static-routes
any host 192.168.1.6 gw 192.168.1.6
[root@rip1~]# service network restart
[root@rip1 ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.1.6 192.168.1.6 255.255.255.255 UGH 0 0 0 lo
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
0.0.0.0 192.168.1.3 0.0.0.0 UG 0 0 0 eth0
[root@rip1 ~]# echo "web1" > /var/www/html/index.html
[root@rip1 ~]# service httpd start
Starting httpd: [ OK ]
[root@rip1 ~]# netstat -ntlp | grep 80
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 7802/httpd
配置RIP2
先清除原始网卡配置
[root@rip2 ~]# vim /etc/hosts
#192.168.1.8 rip2.example.com rip2
[root@rip2 ~]# vim /etc/sysconfig/network
#GATEWAY=192.168.1.3
[root@rip2 ~]# cd /etc/sysconfig/network-scripts/
[root@rip2 network-scripts]# mv ifcfg-eth0 ifcfg-eth0.bak
[root@rip2 network-scripts]# mv ifcfg-lo ifcfg-lo.bak
配置arp通告与忽略规则隔离广播
[root@rip2 ~]# echo "net.ipv4.conf.all.arp_announce = 2" >> /etc/sysctl.conf
[root@rip2 ~]# echo "net.ipv4.conf.lo.arp_announce = 2" >> /etc/sysctl.conf
[root@rip2 ~]# echo "net.ipv4.conf.all.arp_ignore = 1" >> /etc/sysctl.conf
[root@rip2 ~]# echo "net.ipv4.conf.lo.arp_ignore = 1" >> /etc/sysctl.conf
[root@rip2 ~]# sysctl -p
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.lo.arp_announce = 2
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.lo.arp_ignore = 1
配置地址
[root@rip2 ~]# vim /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost
192.168.1.8 rip2.example.com rip2
::1 localhost6.localdomain6 localhost6
[root@rip2 ~]# vim /etc/sysconfig/network
NETWORKING=yes
NETWORKING_IPV6=no
HOSTNAME=rip2.example.com
GATEWAY=192.168.1.3
[root@rip2 ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0
# Advanced Micro Devices [AMD] 79c970 [PCnet32 LANCE]
DEVICE=eth0
BOOTPROTO=static
BROADCAST=192.168.1.255
HWADDR=00:0C:29:BB:02:F2
IPADDR=192.168.1.8
NETMASK=255.255.255.0
NETWORK=192.168.1.0
ONBOOT=yes
配置VIP:lo:0 IP地址:
[root@rip2~]# ifconfig lo:0 192.168.1.6 broadcast 192.168.1.6 netmask 255.255.255.255 up 临时性配置
永久配置
[root@rip2 network-scripts]# cp ifcfg-lo ifcfg-lo:0
[root@rip2 network-scripts]# vim ifcfg-lo:0
DEVICE=lo:0
IPADDR=192.168.1.6
NETMASK=255.255.255.255
# If you're having problems with gated making 127.0.0.0/8 a martian,
# you can change this to something else (255.255.255.255, for example)
BROADCAST=192.168.1.6
GATEWAY=192.168.1.6
ONBOOT=yes
NAME=loopback
[root@rip2 ~]# service network restart
[root@rip2 ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:BB:02:F1
inet addr:192.168.1.7 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2597 errors:0 dropped:0 overruns:0 frame:0
TX packets:1759 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:230523 (225.1 KiB) TX bytes:230795 (225.3 KiB)
Interrupt:67 Base address:0x2024
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:12 errors:0 dropped:0 overruns:0 frame:0
TX packets:12 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:760 (760.0 b) TX bytes:760 (760.0 b)
lo:0 Link encap:Local Loopback
inet addr:192.168.1.6 Mask:255.255.255.255
UP LOOPBACK RUNNING MTU:16436 Metric:1
添加特殊路由,临时设置
[root@rip2 ~]# route add -host 192.168.1.6 dev lo:0
[root@rip2 ~]# route –n 还没有显示在路由表
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.1.6 0.0.0.0 255.255.255.255 UH 0 0 0 lo
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
0.0.0.0 192.168.1.3 0.0.0.0 UG 0 0 0 eth0
保存永久路由
保存路由设置,使其在网络重启后任然有效
[root@rip2 ~]# vim /etc/sysconfig/static-routes
any host 192.168.1.6 gw 192.168.1.6
[root@rip2~]# service network restart
[root@rip2 ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.1.6 192.168.1.6 255.255.255.255 UGH 0 0 0 lo
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
0.0.0.0 192.168.1.3 0.0.0.0 UG 0 0 0 eth0
[root@rip2 ~]# echo "web2" > /var/www/html/index.html
[root@rip2~]# service httpd start
Starting httpd: [ OK ]
[root@rip2 ~]# netstat -ntlp | grep 80
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 7706/httpd
在客户端192.168.1.250打开http://192.168.1.6, 客户端不断刷新,发现web2和web1交替出现,比率为1:1,说明依次轮询模式为RR
director检查状态
[root@director ~]# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.1.6:80 rr
-> 192.168.1.8:80 Route 1 0 11
-> 192.168.1.7:80 Route 1 0 11
[root@director ~]# ipvsadm -ln –stats 统计数据
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Conns InPkts OutPkts InBytes OutBytes
-> RemoteAddress:Port
TCP 192.168.1.6:80 3093 15459 0 1140059 0
-> 192.168.1.8:80 1670 8343 0 617015 0
-> 192.168.1.7:80 1423 7116 0 523044 0
[root@director ~]# ipvsadm -ln –rate 查速率
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port CPS InPPS OutPPS InBPS OutBPS
-> RemoteAddress:Port
TCP 192.168.1.6:80 1 4 0 652 0
-> 192.168.1.8:80 1 2 0 340 0
-> 192.168.1.7:80 0 2 0 312 0
不能在director本身测试压力
[root@director ~]# ab -c 100 -n 1000 http://192.168.1.6/index.html
This is ApacheBench, Version 2.0.40-dev <$Revision: 1.146 $> apache-2.0
Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/
Copyright 2006 The Apache Software Foundation, http://www.apache.org/
Benchmarking 192.168.1.6 (be patient)
apr_socket_recv: Connection refused (111)
和打开文件数无关,没有报错连接过多
[root@director ~]# ulimit -a
core file size (blocks, -c) 0
data seg size (kbytes, -d) unlimited
scheduling priority (-e) 0
file size (blocks, -f) unlimited
pending signals (-i) 16384
max locked memory (kbytes, -l) 32
max memory size (kbytes, -m) unlimited
open files (-n) 1024
pipe size (512 bytes, -p) 8
POSIX message queues (bytes, -q) 819200
real-time priority (-r) 0
stack size (kbytes, -s) 10240
cpu time (seconds, -t) unlimited
max user processes (-u) 16384
virtual memory (kbytes, -v) unlimited
file locks (-x) unlimited
[root@station250 ~]# ab -c 100 -n 1000 http://192.168.1.6/index.html
This is ApacheBench, Version 2.0.40-dev <$Revision: 1.146 $> apache-2.0
Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/
Copyright 2006 The Apache Software Foundation, http://www.apache.org/
Benchmarking 192.168.1.6 (be patient)
Completed 100 requests
Completed 200 requests
Completed 300 requests
Completed 400 requests
Completed 500 requests
Completed 600 requests
Completed 700 requests
Completed 800 requests
Completed 900 requests
Finished 1000 requests
Server Software: Apache/2.2.3
Server Hostname: 192.168.1.6
Server Port: 80
Document Path: /index.html
Document Length: 5 bytes
Concurrency Level: 100
Time taken for tests: 0.174614 seconds
Complete requests: 1000
Failed requests: 0
Write errors: 0
Total transferred: 264528 bytes
HTML transferred: 5010 bytes
Requests per second: 5726.92 [#/sec] (mean)
Time per request: 17.461 [ms] (mean)
Time per request: 0.175 [ms] (mean, across all concurrent requests)
Transfer rate: 1477.54 [Kbytes/sec] received
Connection Times (ms)
min mean[+/-sd] median max
Connect: 0 2 3.2 1 21
Processing: 5 13 4.3 13 29
Waiting: 4 12 4.3 12 28
Total: 6 15 6.3 15 45
Percentage of the requests served within a certain time (ms)
50% 15
66% 16
75% 18
80% 18
90% 23
95% 30
98% 36
99% 39
100% 45 (longest request)
[root@director ~]# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.1.6:80 rr
-> 192.168.1.7:80 Route 1 0 507
-> 192.168.1.8:80 Route 1 0 495
脚本: [root@director ~]# vim director.sh #!/bin/bash # # LVS script for LVS/DR # . /etc/rc.d/init.d/functions # VIP=192.168.1.6 RIP1=192.168.1.7 RIP2=192.168.1.8 PORT=80 # case"$1"in start) /sbin/ifconfig eth0:1 $VIP broadcast $VIP netmask 255.255.255.255 up /sbin/route add -host $VIP dev eth0:1 # Since thisis the Director we must be able to forward packets echo 1 > /proc/sys/net/ipv4/ip_forward # Clear all iptables rules. /sbin/iptables -F # Reset iptables counters. /sbin/iptables -Z # Clear all ipvsadm rules/services. /sbin/ipvsadm -C # Add an IP virtual service for VIP port 80 # In this recipe, we will use the round-robin scheduling method. # In production, however, you should use a weighted, dynamic scheduling method. /sbin/ipvsadm -A -t $VIP:80 -s wlc # Now direct packets forthis VIP to # the real server IP (RIP) inside the cluster /sbin/ipvsadm -a -t $VIP:80 -r $RIP1 -g -w 1 /sbin/ipvsadm -a -t $VIP:80 -r $RIP2 -g -w 2 /bin/touch /var/lock/subsys/ipvsadm &> /dev/null ;; stop) # Stop forwarding packets echo 0 > /proc/sys/net/ipv4/ip_forward # Reset ipvsadm /sbin/ipvsadm -C # Bring down the VIP interface /sbin/ifconfig eth0:1 down /sbin/route del $VIP /bin/rm -f /var/lock/subsys/ipvsadm echo "ipvs is stopped..." ;; status) if [ ! -e /var/lock/subsys/ipvsadm ]; then echo "ipvsadm is stopped ..."else echo "ipvs is running ..." ipvsadm -L -n fi ;; *) echo "Usage: $0 {start|stop|status}" ;; esac
[root@director ~]# chmod +x director.sh
[root@director ~]# ll director.sh
-rwxr-xr-x 1 root root 1470 Jun 16 01:48 director.sh
[root@director ~]# ./director.sh start
[root@director ~]# ./director.sh status
ipvs is running ...
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.1.6:80 wlc
-> 192.168.1.8:80 Route 2 0 1
-> 192.168.1.7:80 Route 1 0 0
[root@rip1 ~]# vim realserver.sh
#!/bin/bash
#
# Script to start LVS DR real server.
# description: LVS DR real server
#
. /etc/rc.d/init.d/functions
VIP=192.168.1.6
host=`/bin/hostname`
case "$1" in
start)
# Start LVS-DR real server on this machine.
/sbin/ifconfig lo down
/sbin/ifconfig lo up
echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
/sbin/ifconfig lo:0 $VIP broadcast $VIP netmask 255.255.255.255 up
/sbin/route add -host $VIP dev lo:0
;;
stop)
# Stop LVS-DR real server loopback device(s).
/sbin/ifconfig lo:0 down
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_announce
echo 0 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/all/arp_announce
;;
status)
# Status of LVS-DR real server.
islothere=`/sbin/ifconfig lo:0 | grep $VIP`
isrothere=`netstat -rn | grep "lo:0" | grep $VIP`
if [ ! "$islothere" -o ! "isrothere" ];then
# Either the route or the lo:0 device
# not found.
echo "LVS-DR real server Stopped."
else
echo "LVS-DR real server Running."
fi
;;
*)
# Invalid entry.
echo "$0: Usage: $0 {start|status|stop}"
exit 1
;;
esac
[root@rip1 ~]# chmod +x realserver.sh
[root@rip1 ~]# ll realserver.sh
-rwxr-xr-x 1 root root 1481 Jun 16 01:50 realserver.sh
[root@rip1 ~]# ./realserver.sh start
[root@rip1 ~]# ./realserver.sh status
LVS-DR real server Running.
[root@rip2 ~]# vim realserver.sh
#!/bin/bash
#
# Script to start LVS DR real server.
# description: LVS DR real server
#
. /etc/rc.d/init.d/functions
VIP=192.168.1.6
host=`/bin/hostname`
case "$1" in
start)
# Start LVS-DR real server on this machine.
/sbin/ifconfig lo down
/sbin/ifconfig lo up
echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
/sbin/ifconfig lo:0 $VIP broadcast $VIP netmask 255.255.255.255 up
/sbin/route add -host $VIP dev lo:0
;;
stop)
# Stop LVS-DR real server loopback device(s).
/sbin/ifconfig lo:0 down
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_announce
echo 0 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/all/arp_announce
;;
status)
# Status of LVS-DR real server.
islothere=`/sbin/ifconfig lo:0 | grep $VIP`
isrothere=`netstat -rn | grep "lo:0" | grep $VIP`
if [ ! "$islothere" -o ! "isrothere" ];then
# Either the route or the lo:0 device
# not found.
echo "LVS-DR real server Stopped."
else
echo "LVS-DR real server Running."
fi
;;
*)
# Invalid entry.
echo "$0: Usage: $0 {start|status|stop}"
exit 1
;;
esac
[root@rip2 ~]# chmod +x realserver.sh
[root@rip2 ~]# ll realserver.sh
-rwxr-xr-x 1 root root 1481 Jun 16 01:50 realserver.sh
[root@rip2 ~]# ./realserver.sh start
[root@rip2 ~]# ./realserver.sh status
LVS-DR real server Running.