LVS DR + Keepalived 安装记录

最近需要帮助朋友搭建一个LVS，好久没有搭建了，所以此次记录一下，搭建的过程中还是出现了一些问题，好在最后解决了。

1. 前期规划
   LVS-Master: 192.168.10.1
   LVS-Slave: 192.168.10.2
   LVS-DR-VIP: 192.168.10.3
   RealServer1: 192.168.10.4
2. 为2个LVS主机安装ipsadm+keepalived
   检查系统是否有ipvsadm模块
   /sbin/ipvsadmin（是否存在）
   lsmod|grep ip_vs（是否存在）
   如果存在就说明已有ipvsadmin；如果不存在可以通过yum 或 源码来安装，比较简单，不在此介绍。
   安装Keepalived

wget http://www.keepalived.org/software/keepalived-1.1.15.tar.gz
tar zxvf keepalived-1.1.15.tar.gz
cd keepalived-1.1.15
./configure
make
make install
cp /usr/local/etc/rc.d/init.d/keepalived /etc/rc.d/init.d/
cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/
mkdir /etc/keepalived
cp /usr/local/etc/keepalived/keepalived.conf /etc/keepalived/
cp /usr/local/sbin/keepalived /usr/sbin/
service keepalived start|stop

配置keepalived.conf for LVS-master

 ! Configuration File for keepalived
global_defs {
   notification_email {
       [email protected]
   }
   notification_email_from [email protected]
   smtp_server 127.0.0.1
   router_id LVS_DEVEL
}
vrrp_instance VI_1 {
    state MASTER
    interface eth0
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.10.3
    }
}
virtual_server 192.168.10.3 80 {
    delay_loop 6
    lb_algo wrr
    lb_kind DR
    persistence_timeout 60
    protocol TCP
    real_server 192.168.10.1 80 {
        weight 3
        TCP_CHECK {
        connect_timeout 10
        nb_get_retry 3
        delay_before_retry 3
        connect_port 80
        }
    }
    real_server 192.168.10.2 80 {
        weight 3
        TCP_CHECK {
        connect_timeout 10
        nb_get_retry 3
        delay_before_retry 3
        connect_port 80
        }
     }
}

配置keepalived.conf for LVS-slave

! Configuration File for keepalived
global_defs {
   notification_email {
         [email protected]
   }
   notification_email_from [email protected]
   smtp_server 127.0.0.1
   router_id LVS_DEVEL
}
vrrp_instance VI_1 {
    state BACKUP
    interface eth0
    virtual_router_id 51
    priority 99
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.10.3
    }
}
virtual_server 192.168.10.3 80 {
    delay_loop 6
    lb_algo wrr
    lb_kind DR
    persistence_timeout 60
    protocol TCP
    real_server 192.168.10.1 80 {
        weight 3
        TCP_CHECK {
        connect_timeout 10
        nb_get_retry 3
        delay_before_retry 3
        connect_port 80
        }
    }
    real_server 192.168.10.2 80 {
        weight 3
        TCP_CHECK {
        connect_timeout 10
        nb_get_retry 3
        delay_before_retry 3
        connect_port 80
        }
     }
}

3. 为2个RealServer 编写脚本
   vim /usr/local/sbin/realserver

#!/bin/bash
SNS_VIP=192.168.10.3
. /etc/rc.d/init.d/functions
case "$1" in
start)
       ifconfig lo:0 $SNS_VIP netmask 255.255.255.255 broadcast $SNS_VIP
       /sbin/route add -host $SNS_VIP dev lo:0
       echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
       echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
       echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
       echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
       sysctl -p >/dev/null 2>&1
       echo "RealServer Start OK"
       ;;
stop)
       ifconfig lo:0 down
       route del $SNS_VIP >/dev/null 2>&1
       echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
       echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
       echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
       echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
       echo "RealServer Stoped"
       ;;
*)
       echo "Usage: $0 {start|stop}"
       exit 1
esac
exit 0

4.** 测试**
可以模拟故障进行测试，例如关闭LVS-master，检查LVS-slave是否能够接管过来；关闭一个RealServer，检查服务是否依然能够正常访问。

5. 配置过程中发现的问题
   在centos5.7上安装ipvsadm, keepalived 之后发现使用ipvsadm -ln 没有出现任何信息的情况，后来经过baidu，google发现的问题的所在，是由于编译安装keepalived的时候，最后信息显示有几个No，应该是表示有软件包未装上，但是当时也没 太注意，之后重新yum install kernel kernel-devel，同时指定kernel-dir目录，./configure --with-kernel-dir=/usr/src/kernels/2.6.18-164.el5-i686/再次编译安装keepalived后，信息中有2个No变成了2个Yes. 再次使用ipvsadm -ln发现有信息输出了，使用ps -ef|grep keepalived 发现有3个keepalived -D (之前只有2个)，抓紧测试了下成功了，开心！
6. 参考
   http://network.51cto.com/art/201006/206831.htm