Lvs-负载均衡DR模式

Lvs-负载均衡DR模式

    LVS是Linux Virtual Server的间写，意为Linux虚拟服务器。采用的是IP负载均衡技术和基于内容请求分发技术。它可以将请求均衡的转移到不同的服务器上，且调度器自动屏蔽掉服务器的故障，从而将一组服务器构成一个高性能的，高可用的虚拟服务器。LVS有四种工作模式：DR NAT TUNNEL FULLNAT，其中FULLNAT模式需要对内核进行编译，本篇文章讲的是DR直连路由模式。

LVS-DR拓扑图

                                        

操作系统：Linux redhat6.5
LVS负载均衡器：server1
后端真实服务器：server2 server3

1.配置yum源，安装ipvsadm，ipvsadm为LVS的一个底层管理器。

#lvs和后端服务器都要配置
[root@server1 ~]# vim /etc/yum.repos.d/rhel-source.repo 
[rhel-source]
name=Red Hat Enterprise Linux $releasever - $basearch - Source
baseurl=http://172.25.60.250/rhel6.5
enabled=1
igpgcheck=0

[HighAvailability]
name=HighAvailability
baseurl=http://172.25.60.250/rhel6.5/HighAvailability
gpgcheck=0

[LoadBalancer]
name=LoadBalancer
baseurl=http://172.25.60.250/rhel6.5/LoadBalancer
gpgcheck=0


[ResilientStorage]
name=ResilientStorage
baseurl=http://172.25.60.250/rhel6.5/ResilientStorage
gpgcheck=0

[ScalableFileSystem]
name=ScalableFileSystem
baseurl=http://172.25.60.250/rhel6.5/ScalableFileSystem
gpgcheck=0

#刷新yum源
[root@server1 ~]# yum repolist

#lvs和后端服务器都要安装
[root@server1 ~]# yum install ipvsadm -y
[root@server2 ~]# yum install ipvsadm -y
[root@server3 ~]# yum install ipvsadm -y

2.lvs配置

#添加vip172.25.60.100，让访问vip的请求转发给后端服务器，使用轮叫算法。
[root@server1 ~]# ip addr add 172.25.60.100/24 dev eth0
[root@server1 ~]# ipvsadm -A -t 172.25.60.100:80 -s rr
[root@server1 ~]# ipvsadm -a -t 172.25.60.100:80 -r 172.25.60.2:80 -g
[root@server1 ~]# ipvsadm -a -t 172.25.60.100:80 -r 172.25.60.3:80 -g

#将规则保存后可查看
[root@server1 ~]# /etc/init.d/ipvsadm save
ipvsadm: Saving IPVS table to /etc/sysconfig/ipvsadm:      [  OK  ]
[root@server1 ~]# ipvsadm -nl
Try `ipvsadm -h' or 'ipvsadm --help' for more information.
[root@server1 ~]# ipvsadm -l
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  172.25.60.100:http rr
  -> server2:http                 Route   1      0          0         
  -> server3:http                 Route   1      0          0         

3.后端服务器配置

[root@server2 ~]# ip addr add 172.25.60.100/32 dev lo
[root@server2 ~]# /etc/init.d/httpd start
[root@server2 ~]# echo server2 > /var/www/html/index.html
[root@server3 ~]# ip addr add 172.25.60.100/32 dev lo
[root@server3 ~]# /etc/init.d/httpd start
[root@server3 ~]# echo server3 > /var/www/html/index.html

#让172.25.60.100不向外广播
[root@server2 ~]# yum install -y arptables_jf
[root@server2 ~]# arptables -A IN -d 172.25.60.100 -j DROP
[root@server2 ~]# arptables -A OUT -s 172.25.60.100 -j mangle --mangle-ip-s 172.25.60.2 
[root@server2 ~]# /etc/init.d/arptables_jf save

#让172.25.60.100不向外广播
[root@server3 ~]# yum install -y arptables_jf
[root@server3 ~]# arptables -A IN -d 172.25.60.100 -j DROP
[root@server3 ~]# arptables -A OUT -s 172.25.60.100 -j mangle --mangle-ip-s 172.25.60.3
[root@server3 ~]# /etc/init.d/arptables_jf save

4.测试

[root@foundation60 images]# curl 172.25.60.100
server2
[root@foundation60 images]# curl 172.25.60.100
Server3
[root@foundation60 images]# curl 172.25.60.100
server2
[root@foundation60 images]# curl 172.25.60.100
server3

#但是，ipvsadm配置的负载均衡没有健康检查机制，当一台node的服务挂掉之后，会出现以下情况
[root@server2 ~]# /etc/init.d/httpd stop
[root@foundation60 ~]# curl 172.25.60.100
curl: (7) Failed connect to 172.25.60.100:80; Connection refused
[root@foundation60 ~]# curl 172.25.60.100
server3

5.设置和安全检查

#ldirectord-3.9.5-3.1.x86_64.rpm需要自行下载
[root@server1 ~]# /etc/init.d/ipvsadm stop
[root@server1 ~]# yum install ldirectord-3.9.5-3.1.x86_64.rpm -y

#ldirectord自身没有主配置文件
[root@server1 ~]# cp /usr/share/doc/ldirectord-3.9.5/ldirectord.cf /etc/ha.d/
[root@server1 ~]# vim /etc/ha.d/ldirectord.cf
# Sample for an http virtual service
virtual=172.25.60.100:80
        real=172.25.60.2:80 gate
        real=172.25.60.3:80 gate
        fallback=127.0.0.1:80 gate
        service=http
        scheduler=rr
        #persistent=600
        #netmask=255.255.255.255
        protocol=tcp
        checktype=negotiate
        checkport=80
        request="index.html"
        #receive="Test Page"
        #virtualhost=www.x.y.z
[root@server1 ~]# /etc/init.d/ldirectord restart
[root@server1 ~]# /etc/init.d/ipvsadm start

#测试
[root@server2 ~]# /etc/init.d/httpd stop
[root@foundation60 ~]# curl 172.25.60.100
server3
[root@foundation60 ~]# curl 172.25.60.100
server3
[root@foundation60 ~]# curl 172.25.60.100
server3
[root@server2 ~]# /etc/init.d/httpd start
[root@foundation60 ~]# curl 172.25.60.100
server2
[root@foundation60 ~]# curl 172.25.60.100
server3
[root@foundation60 ~]# curl 172.25.60.100
server2
[root@foundation60 ~]# curl 172.25.60.100
server3