CentOS中LVS的DR模式的配置
IP规划:
DIRECT SERVER:10.10.54.173
VIP:10.10.54.179
REALSERVER1:10.10.54.175
REALSERVER2: 10.10.54.178
(1).在DIRECT SERVER解压安装ipvsadm-1.26.tar.gz keepalived-1.2.9.tar.gz
yum -y install wget libnl* popt* gcc.x86_64 gcc-c++.x86_64 gcc-objc++.x86_64 kernel-devel.x86_64 make popt-static.x86_64 ---安装依赖包 [root@LVS]# tar -xzvf ipvsadm-1.26.tar.gz [root@LVS]# tar -xvzf keepalived-1.2.9.tar.gz
*****安装ipvsadm-1.26
//安装ipvsadm
[root@LVS]# cd ipvsadm-1.26 [root@LVS ipvsadm-1.26]# make && make install
//确认lvs模块
[root@LVS ipvsadm-1.26]# modprobe -l|grep ipvs kernel/net/netfilter/ipvs/ip_vs.ko kernel/net/netfilter/ipvs/ip_vs_rr.ko kernel/net/netfilter/ipvs/ip_vs_wrr.ko kernel/net/netfilter/ipvs/ip_vs_lc.ko kernel/net/netfilter/ipvs/ip_vs_wlc.ko kernel/net/netfilter/ipvs/ip_vs_lblc.ko kernel/net/netfilter/ipvs/ip_vs_lblcr.ko kernel/net/netfilter/ipvs/ip_vs_dh.ko kernel/net/netfilter/ipvs/ip_vs_sh.ko kernel/net/netfilter/ipvs/ip_vs_sed.ko kernel/net/netfilter/ipvs/ip_vs_nq.ko kernel/net/netfilter/ipvs/ip_vs_ftp.ko
*****编译keepalived
//基础软件包
In order to compile Keepalived needs the following libraries :
* OpenSSL, <www.openssl.org>
* popt
[root@LVS-BACKUP ipvsadm-1.26]# yum install openssl*
[root@LVS-BACKUP keepalived-1.2.9]# yum install -y net-snmp.x86_64 net-snmp-devel.x86_64 [root@LVS-BACKUP keepalived-1.2.9]# ./configure --prefix=/usr/local/keepalived --enable-snmp --sysconfdir=/etc&& make && make install
[root@LVS-BACKUP keepalived]# cp /usr/local/keepalived/sbin/keepalived /sbin/ --用于启动 [root@LVS-BACKUP keepalived]# cp /usr/local/keepalived/bin/genhash /bin/
(2).在DIRECT SERVER 更改配置文件/etc/keepalived/keepalived.conf 更改之前要记得备份,keepalived不检查语法错误,所以很容易出错。
[root@LVS home]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
[email protected]
}
notification_email_from [email protected]
smtp_server mail.shiwei.com
smtp_connect_timeout 30
router_id LVS_MASTER1
}
vrrp_instance VI_2 {
state MASTER
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
irtual_ipaddress {
10.10.54.179/24 dev eth0 label eth0:1
}
}
virtual_server 10.10.54.179 80 {
delay_loop 6
lb_algo rr
lb_kind DR
nat_mask 255.255.255.0
protocol TCP
real_server 10.10.54.175 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 10.10.54.178 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
(3).配置REAL SERVER (每个REAL SERVER 上都要配置) 增加一个启动脚本,并且对ARP进行限制
[root@lnmp-n html]# vim /etc/init.d/realserver
#!/bin/bash
#description:start realserver
#script_name:realserver_config
VIP=10.10.54.168
source /etc/init.d/functions
case "$1" in
start)
echo "start LVS of realserver."
/sbin/ifconfig lo:0 $VIP broadcast $VIP netmask 255.255.255.255 up
echo "1" > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" > /proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" > /proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" > /proc/sys/net/ipv4/conf/all/arp_announce
;;
stop)
/sbin/ifconfig lo:0 down
echo "0" > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo "0" > /proc/sys/net/ipv4/conf/lo/arp_announce
echo "0" > /proc/sys/net/ipv4/conf/all/arp_ignore
echo "0" > /proc/sys/net/ipv4/conf/all/arp_announce
;;
*)
echo "Usage: $0 {start|stop}"
exit 1
esac
[root@lnmp-n html]# chmod +x /etc/init.d/realserver
(4).启动并进行测试
DIRECT SERVER:
[root@LVS home]# /etc/init.d/keepalived start
REAL SERVER:
[root@lnmp-n html]# /etc/init.d/realserver start
*****利用telnet进行测试,测试的时候不要在DIRECT SERVER,如果测试的时候不进行跳转,可能原因是由于会话保存时间的设置即persistence_timeout 50,如果只是测试这个参数可以删除。貌似配置文件中不支持#注销
(5).对BACKUP进行支持,完成主从模式
IP:10.10.54.172
//安装ipvsadm,keepalived
//与MASTER 的配置文件只需做少许更改就可以完成。
router_id LVS_SLAVE
state BACKUP
priority 80 ---优先级一定要低于MASTER
(6).加入BACKUP后的测试
(1)停止MASTER
在BACKUP上面查看54.179vip)是否漂移过来 ifconfig 或者ip add list
telnet 10.10.54.179 80
(2)开启MASTER
在MASTER上查看54.233(vip)是否漂移过来 ifconfig或者ip add list
在BACKUP上查看是否还存在54.179(vip)
telnet 10.10.54.179 80