2019独角兽企业重金招聘Python工程师标准>>>
[root@localhost soft]# uname -a
Linux localhost.localdomain 2.6.32-431.el6.x86_64 #1 SMP Fri Nov 22 03:15:09 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux
[root@localhost soft]# cat /etc/redhat-release
CentOS release 6.5 (Final)
LVS版本:ipvsadm-1.26
keepalived版本:keepalived-1.2.4
popt-static:popt-static-1.13-7.el6.x86_64.rpm
[root@localhost soft]# yum install popt*
http://linux.linuxidc.com/2012%E5%B9%B4%E8%B5%84%E6%96%99/3%E6%9C%88/24%E6%97%A5/%E8%A7%A3%E5%86%B3CentOS%206.2%E4%B8%8B%E5%AE%89%E8%A3%85ipvsadm-1.26%E6%8A%A5%E9%94%99/
免费下载地址在 http://linux.linuxidc.com/
用户名与密码都是www.linuxidc.com
具体下载目录在 /2012年资料/3月/24日/解决CentOS 6.2下安装ipvsadm-1.26报错/
ln -s /usr/src/kernels/2.6.32-279.el6.i686//usr/src/linux/
ip规划
对外vip192.168.88.100
LVS1
[root@localhost ipvsadm-1.26]# rpm -qa | grep popt
popt-1.13-7.el6.x86_64
popt-static-1.13-7.el6.x86_64
popt-devel-1.13-7.el6.x86_64
[root@localhost ipvsadm-1.26]# rpm -qa | grep libnl
libnl-1.1.4-2.el6.x86_64
libnl-devel-1.1.4-2.el6.x86_64
[root@localhost soft]# cd ipvsadm-1.26
[root@localhost soft]# tar -zxf ipvsadm-1.26.tar.gz
[root@localhost ipvsadm-1.26]# make && make install
[root@localhost ~]# lsmod |grep ip_vs
ip_vs_rr 1420 0
ip_vs 125220 2 ip_vs_rr
libcrc32c 1246 1 ip_vs
ipv6 317340 144 ip_vs,ip6t_REJECT,nf_conntrack_ipv6,nf_defrag_ipv6
echo "1">/proc/sys/net/ipv4/ip_forward
[root@localhost ~]# ifconfig eth1:1 192.168.88.100 netmask 255.255.255.0 up
或者
[root@localhost ~]# ifconfig eth1:1 192.168.88.100 netmask 255.255.255.255 up
[root@localhost ~]# route add -host 192.168.88.100 dev eth1
[root@localhost ~]#ipvsadm -C
[root@localhost ~]#ipvsadm -A -t 192.168.88.100:80 -s rr -p 600
[root@localhost ~]#ipvsadm -a -t 192.168.88.100:80 -r 192.168.88.147:80 -g
[root@localhost ~]#ipvsadm -a -t 192.168.88.100:80 -r 192.168.88.149:80 -g
[root@localhost ~]# ipvsadm -L -n --stats
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Conns InPkts OutPkts InBytes OutBytes
-> RemoteAddress:Port
TCP 192.168.88.100:80 0 0 0 0 0
-> 192.168.60.149:80 0 0 0 0 0
-> 192.168.88.147:80 0 0 0 0 0
LVS
REALSERVER
[root@localhost ~]# ifconfig lo:0 192.168.88.100 netmask 255.255.255.255 up
[root@localhost ~]# route add -host 192.168.88.100 dev lo:0
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
上面操作中,第一行是清除内核虚拟服务器列表中的所有记录,第二行是添加一条新的虚拟IP记录。这个新的IP是192.168.60.200,
同时指定 持续服务时间为600秒。第三、四行是在新加虚拟IP记录中添加两条新的Real Server记录,并且指定LVS 的工作模式为直接路由模式。
查看ipv列表状态: watch ipvsadm -ln
修改/etc/selinux/config 文件
将SELINUX=enforcing改为SELINUX=disabled
yum install openssl-devel
[root@localhost soft]# wget http://www.keepalived.org/software/keepalived-1.2.4.tar.gz
[root@localhost soft]# tar zxvf keepalived-1.2.4.tar.gz
[root@localhost soft]# cd keepalived-1.2.4
[root@localhost keepalived-1.2.4]# ./configure && make && make install
######### 将keepalived做成启动服务,方便管理##########
[root@localhost keepalived-1.2.4]# mkdir /etc/keepalived/
[root@localhost keepalived-1.2.4]# cp /usr/local/etc/rc.d/init.d/keepalived /etc/init.d/
[root@localhost keepalived-1.2.4]# cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/
[root@localhost keepalived-1.2.4]# cp /usr/local/etc/keepalived/keepalived.conf /etc/keepalived/
[root@localhost keepalived-1.2.4]# cp /usr/local/sbin/keepalived /usr/sbin/
[root@localhost keepalived-1.2.4]# service keepalived start
2、开启路由转发
[root@localhost keepalived-1.2.4]# vim /etc/sysctl.conf
net.ipv4.ip_forward = 1
root@localhost keepalived-1.2.4]# sysctl -p
net.ipv4.ip_forward = 1
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
kernel.sysrq = 0
kernel.core_uses_pid = 1
net.ipv4.tcp_syncookies = 1
net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0
kernel.msgmnb = 65536
kernel.msgmax = 65536
kernel.shmmax = 68719476736
kernel.shmall = 4294967296
3、配置Keepalived vi /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
[email protected]
[email protected]
[email protected]
}
notification_email_from [email protected]
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_MASTER #BACKUP上修改为LVS_BACKUP
}
vrrp_instance VI_1 {
state MASTER #BACKUP上修改为BACKUP
interface eth1
virtual_router_id 51
priority 100 #BACKUP上修改为80
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.88.100
}
}
vrrp_instance LAN_GATEWAY {
state MASTER #BACKUP上修改为LVS_BACKUP
interface eth2
virtual_router_id 52
priority 100 #BACKUP上修改为80
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.88.2
}
}
virtual_server 192.168.88.100 80 {
delay_loop 6
lb_algo rr
lb_kind NAT
nat_mask 255.255.255.0
persistence_timeout 50
protocol TCP
real_server 192.168.88.147 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 192.168.88.148 80 {
weight 3
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
BACKUP服务器同上配置,先安装lvs再安装keepalived,然后配置/etc/keepalived/keepalived.conf,只需将批注部分改一下即可。
、LVS负载均衡配置
ifconfig eth1:0 192.168.88.100 netmask 255.255.255.255 broadcast 192.168.88.255 up
route add -host 192.168.10.3 dev eth1:0
ipvsadm -C
ipvsadm -A -t 192.168.10.3:8080 -s rr
# Set Real Server
ipvsadm -a -t 192.168.10.3:8080 -r 192.168.10.7:8080 -g
ipvsadm -a -t 192.168.10.3:8080 -r 192.168.10.11:8080 -g
ipvsadm
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port
Forward Weight ActiveConn InActConn
TCP
192.168.10.3:webcache wrr
-> 192.168.10.11:webcache
Route
-> 192.168.10.7:webcache
另外每台
Real Server
上要执行如下命令:
ifconfig lo:0 192.168.10.3 netmask 255.255.255.255 broadcast 192.168.10.255 up
route add -host 192.168.10.3 dev lo:0
echo "1" > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" > /proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" > /proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" > /proc/sys/net/ipv4/conf/all/arp_announce
sysctl -p
http://www.cnblogs.com/mchina/archive/2012/08/27/2644391.html
http://blog.chinaunix.net/uid-20794164-id-1840738.html