lvs + heatbeat +dr
环境描述:本文在配置LVS时使用三台linux,虚拟VIP:192.168.62.111
一台做Directorserver(192.168.62.129),操作系统RedhatAS4
两台做realserver(192.168.62.5,192.168.62.6)操作系统RedhatAS4
在配置lvs+heartbeat时,又添加了一台(192.168.62.3)做为备份主节点,操作系统Fedora7
Virtual IP:192.168.62.111
Load Balancer:192.168.62.129
Backup: 192.168.62.3
Real Server 1: 192.168.62.5
Real Server 2: 192.168.62.6
软件列表:
ipvsadm-1.24.tar.gz: http://www.linuxvirtualserver.org/software/kernel-2.6/ipvsadm-1.24.tar.gz
ipvsadm-1.24-8.1.i386.rpm
ftp://rpmfind.net/linux/fedora/releases/7/Everything/i386/os/Fedora/ipvsadm-1.24-8.1.i386.rpm
libnet.tar 下载地址:http://www.packetfactory.net/libnet/ 稳定版本是:1.1.2.1
heartbeat-2.0.2.tar.gz: http://linux-ha.org/download/heartbeat-2.0.8.tar.gz
2.6内核已经集成IPVS内核补订了,所以不再需要重新编译内核。
配置此集群分以下几种情况
一、配置基于DR模式Lvs集群
1、下载ipvsadm管理程序
http://www.linuxvirtualserver.org/software/
注意对应自己的内核版本
ipvsadm-1.24.tar.gz
tar zxvf ipvsadm-1.24.tar.gz
cd ipvsadm-1.24
make && make install
注意在make时可能会出现很多错误的信息,请按照如下操作就可以心编译正常
1.找到ip_vs.h文件.copy to /usr/include/net下
2.ln -s /usr/src/kernels/2.6.9-22.EL-i686/ /usr/src/linux (若没有2.6.9-22.El-*,则rpm –ivh 内核.rpm)
3.修改当前目录和libipvs目录中的Makefile的:
INCLUDE = -I/usr/src/linux/include -I.. -I.
为:
INCLUDE = -I/usr/src/kernels/2.6.9-22.EL-i686/include -I..
INCLUDE = -I/usr/src/linux/include -I.. -I.
为:
INCLUDE = -I/usr/src/kernels/2.6.9-22.EL-i686/include -I..
cd ipvsadm-1.24
make && make install
2.配置VIP脚本
[root@test1song]#vi LvsDR
#!/bin/sh
VIP=192.168.62.111
RIP1=192.168.62.6
RIP2=192.168.62.5
/etc/rc.d/init.d/functions
case "$1" in
start)
echo "start LVS of DirectorServer"
#Set the Virtual IP Address
/sbin/ifconfig eth0:1 $VIP broadcast $VIP netmask 255.255.255.255 up
/sbin/route add -host $VIP dev eth0:1
#Clear IPVS Table
/sbin/ipvsadm -C
#Set Lvs
/sbin/ipvsadm -A -t $VIP:80 -s rr
/sbin/ipvsadm -a -t $VIP:80 -r $RIP1:80 -g
/sbin/ipvsadm -a -t $VIP:80 -r $RIP2:80 -g
#Run Lvs
/sbin/ipvsadm
;;
stop)
echo "close LVS Directorserver"
/sbin/ipvsadm -C
;;
*)
echo "Usage: $0 {start|stop}"
exit 1
esac
(-s rr 是使用了轮叫算法,可以自行选择相应的算法,默认是-wlc, -g 是使用lvs工作DR直接路由模式,ipvsadm -h查看帮助)。
3、配置realserver脚本
[root@testrealsong]#vi realserver
#!/bin/sh
VIP=192.168.62.111
/sbin/ifconfig lo:0 $VIP broadcast $VIP netmask 255.255.255.255 up
/sbin/route add -host $VIP dev lo:0
echo "1" > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" > /proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" > /proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" > /proc/sys/net/ipv4/conf/all/arp_announce
sysctl –p
如果有多个realserver直接添加就可以了,之后启动此脚本就可以了。
测试:分别启动realserver上的httpd服务
在realserver1 执行 echo "This is realserver1" >> /var/www/html/index.html
在realserver2 执行 echo "This is realserver2" >> /var/www/html/index.html
打开IE浏览器输入http://192.168.62.111应该可以分别看到:This is realserver1 和 This is realserver2.
二、配置基于隧道模式Lvs集群
1.配置LVS directorserver 脚本
[root@test1song]#vi TunLVS
#!/bin/sh
VIP=192.168.62.111
RIP1=192.168.62.5
RIP2=192.168.62.6
/etc/rc.d/init.d/functions
case "$1" in
start)
echo "Start Lvs of DirectorServer"
#set vip server
/sbin/ifconfig tunl0 $VIP broadcast $VIP netmask 255.255.255.255 up
/sbin/route add -host $VIP dev tunl0
#clear IPVS table
/sbin/ipvsadm -C
#set lvs
/sbin/ipvsadm -A -t $VIP:80 -s rr
/sbin/ipvsadm -a -t $VIP:80 -r $RIP1:80 -i
/sbin/ipvsadm -a -t $VIP:80 -r $RIP2:80 -i
#Run Lvs
/sbin/ipvsadm
;;
stop)
echo "Close Lvs DirectorServer "
ifconfig tunl0 down
/sbin/ipvsadm -C
;;
*)
echo "Usage: $0 {start|stop}"
exit 1
esac
2. 配置realserver
[root@testrealsong]#
#!/bin/sh
VIP=192.168.62.111
/etc/rc.d/init.d/functions
case "$1" in
start)
echo "tunl port starting"
/sbin/ifconfig tunl0 $VIP broadcast $VIP netmask 255.255.255.255 up
/sbin/route add -host $VIP dev tunl0
echo "1" > /proc/sys/net/ipv4/ip_forward
echo "1" > /proc/sys/net/ipv4/conf/tunl0/arp_ignore
echo "2" > /proc/sys/net/ipv4/conf/tunl0/arp_announce
echo "1" > /proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" > /proc/sys/net/ipv4/conf/all/arp_announce
sysctl -p
;;
stop)
echo "tunl port closing"
ifconfig tunl0 down
echo "1" > /proc/sys/net/ipv4/ip_forward
echo "0" > /proc/sys/net/ipv4/conf/all/arp_announce
;;
*)
echo "Usege: $0 {start|stop}"
exit 1
esac
此脚本分别在realserver上执行,目的使realserver忽略arp响应,并设定vip.
3、配置realserver脚本
[root@testrealsong]#vi realserver
#!/bin/sh
VIP=192.168.62.111
/sbin/ifconfig lo:0 $VIP broadcast $VIP netmask 255.255.255.255 up
/sbin/route add -host $VIP dev lo:0
echo "1" > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" > /proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" > /proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" > /proc/sys/net/ipv4/conf/all/arp_announce
sysctl –p
如果有多个realserver直接添加就可以了,之后启动此脚本就可以了。
测试:分别启动realserver上的httpd服务
在realserver1 执行 echo "This is realserver1" >> /var/www/html/index.html
在realserver2 执行 echo "This is realserver2" >> /var/www/html/index.html
打开IE浏览器输入http://192.168.62.111应该可以分别看到:This is realserver1 和 This is realserver2.
二、配置基于隧道模式Lvs集群
1.配置LVS directorserver 脚本
[root@test1song]#vi TunLVS
#!/bin/sh
VIP=192.168.62.111
RIP1=192.168.62.5
RIP2=192.168.62.6
/etc/rc.d/init.d/functions
case "$1" in
start)
echo "Start Lvs of DirectorServer"
#set vip server
/sbin/ifconfig tunl0 $VIP broadcast $VIP netmask 255.255.255.255 up
/sbin/route add -host $VIP dev tunl0
#clear IPVS table
/sbin/ipvsadm -C
#set lvs
/sbin/ipvsadm -A -t $VIP:80 -s rr
/sbin/ipvsadm -a -t $VIP:80 -r $RIP1:80 -i
/sbin/ipvsadm -a -t $VIP:80 -r $RIP2:80 -i
#Run Lvs
/sbin/ipvsadm
;;
stop)
echo "Close Lvs DirectorServer "
ifconfig tunl0 down
/sbin/ipvsadm -C
;;
*)
echo "Usage: $0 {start|stop}"
exit 1
esac
2. 配置realserver
[root@testrealsong]#
#!/bin/sh
VIP=192.168.62.111
/etc/rc.d/init.d/functions
case "$1" in
start)
echo "tunl port starting"
/sbin/ifconfig tunl0 $VIP broadcast $VIP netmask 255.255.255.255 up
/sbin/route add -host $VIP dev tunl0
echo "1" > /proc/sys/net/ipv4/ip_forward
echo "1" > /proc/sys/net/ipv4/conf/tunl0/arp_ignore
echo "2" > /proc/sys/net/ipv4/conf/tunl0/arp_announce
echo "1" > /proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" > /proc/sys/net/ipv4/conf/all/arp_announce
sysctl -p
;;
stop)
echo "tunl port closing"
ifconfig tunl0 down
echo "1" > /proc/sys/net/ipv4/ip_forward
echo "0" > /proc/sys/net/ipv4/conf/all/arp_announce
;;
*)
echo "Usege: $0 {start|stop}"
exit 1
esac
此脚本分别在realserver上执行,目的使realserver忽略arp响应,并设定vip.
三、配置基于高可用Lvs+heartbeat
确定LVS使用DR或/tun模式,请对照上面的配置,本例使用DR模式
1.配置LVS directorserver 脚本
#!/bin/sh
VIP=192.168.62.111
RIP1=192.168.62.6
RIP2=192.168.62.5
/etc/rc.d/init.d/functions
case "$1" in
start)
echo "start LVS of DirectorServer"
#Set the Virtual IP Address
/sbin/ifconfig eth0:1 $VIP broadcast $VIP netmask 255.255.255.255 up
/sbin/route add -host $VIP dev eth0:1
#Clear IPVS Table
/sbin/ipvsadm -C
#Set Lvs
/sbin/ipvsadm -A -t $VIP:80 -s rr
/sbin/ipvsadm -a -t $VIP:80 -r $RIP1:80 -g
/sbin/ipvsadm -a -t $VIP:80 -r $RIP2:80 -g
#Run Lvs
/sbin/ipvsadm
;;
stop)
echo "close LVS Directorserver"
/sbin/ipvsadm -C
;;
*)
echo "Usage: $0 {start|stop}"
exit 1
esac
2. realserver端同样使用上面的配置文件就可以。
3.安装heartbeat
3.1 安装
tar -zxvf libnet.tar.gz
cd libnet
。/configure
make
make install
groupadd -g 694 haclient
useradd -u 694 -g haclient hacluster
tar zxf heartbeat-1.99.4.tar.gz
cd heartbeat-1.99.4
。/ConfigureMe configure
make
make install
cp doc/ha.cf doc/haresources doc/authkeys /etc/ha.d/
cp ldirectord/ldirectord.cf /etc/ha.d/
3.2配置主文件/etc/ha.d/ha.cf
logfile /var/log/ha-log
keepalive 2
deadtime 60
warntime 10
initdead 120
udpport 694
bcast eth0 # Linux
auto_failback on
ping_group group1 192.168.62.129192.168.62.3
respawn root /usr/lib/heartbeat/ipfail
apiauth ipfail gid=root uid=root
hopfudge 1
use_logd yes
node test1
node test2
crm on
3.3资源文件/etc/ha.d/haresources
test1192.168.62.111 httpd
设置test1为主节点,集群服务器的ip地址为192.168.62.111集群服务有httpd
3.4认证文件(/etc/ha.d/authkeys),选取一种认证方式,这个文件的权限必须是600
auth 1
1 crc
#2 sha1 sha1_any_password
#3 md5 md5_any_password
chmod 600 /etc/ha.d/ haresources
3.5编辑主机名:/etc/hosts
192.168.62.129 test1
192.168.62.3 test2
备份节点192.168.62.3 上的heartbeat和apache的配置与节点1要完全相同,lvs配置也要相同
完装完毕进行测试,关闭主节点机器,另一台自动接管,主节点恢复后自动接管回服务。如果以上测试没有问题,那么开始和lvs整合。
4.配置Ldirectord
Ldirectord的作用是监测Real Server,当Real Server失效时,把它从Load Balancer列表中删除,恢复时重新添加,在安装heartbeat时已经安装了Ldirectord.
配置(/etc/ha.d/ldirectord.cf):
checktimeout=3
checkinterval=1
fallback=127.0.0.1:80
autoreload=yes
logfile="/var/log/ldirectord.log"
quiescent=yes
# Sample for an http virtual service
virtual=192.168.62.111:80
real=192.168.62.6:80 gate
real=192.168.62.5:80 gate
fallback=127.0.0.1:80 gate
service=http
request="index.html"
receive="Test Page"
protocol=tcp
checktype=negotiate
checkport=80
在每个Real Server的中添加监控页:
echo "Test Page" >> /var/www/html/index.html
修改/etc/ha.d/haresources
test1192.168.62.111 ipvsadm ldirectord httpd
现在可以在主节点启动heartbeat
/etc/init.d/heartbeat start
并在备份节点启动heartbeat
/etc/init.d/heartbeat start
测试:关闭主节点,备份节点将自动接管directorserver服务。
Hnq道州网-道县网
3、配置realserver脚本
[root@testrealsong]#vi realserver
#!/bin/sh
VIP=192.168.62.111
/sbin/ifconfig lo:0 $VIP broadcast $VIP netmask 255.255.255.255 up
/sbin/route add -host $VIP dev lo:0
echo "1" > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" > /proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" > /proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" > /proc/sys/net/ipv4/conf/all/arp_announce
sysctl –p
如果有多个realserver直接添加就可以了,之后启动此脚本就可以了。
测试:分别启动realserver上的httpd服务
在realserver1 执行 echo "This is realserver1" >> /var/www/html/index.html
在realserver2 执行 echo "This is realserver2" >> /var/www/html/index.html
打开IE浏览器输入http://192.168.62.111应该可以分别看到:This is realserver1 和 This is realserver2.
二、配置基于隧道模式Lvs集群
1.配置LVS directorserver 脚本
[root@test1song]#vi TunLVS
#!/bin/sh
VIP=192.168.62.111
RIP1=192.168.62.5
RIP2=192.168.62.6
/etc/rc.d/init.d/functions
case "$1" in
start)
echo "Start Lvs of DirectorServer"
#set vip server
/sbin/ifconfig tunl0 $VIP broadcast $VIP netmask 255.255.255.255 up
/sbin/route add -host $VIP dev tunl0
#clear IPVS table
/sbin/ipvsadm -C
#set lvs
/sbin/ipvsadm -A -t $VIP:80 -s rr
/sbin/ipvsadm -a -t $VIP:80 -r $RIP1:80 -i
/sbin/ipvsadm -a -t $VIP:80 -r $RIP2:80 -i
#Run Lvs
/sbin/ipvsadm
;;
stop)
echo "Close Lvs DirectorServer "
ifconfig tunl0 down
/sbin/ipvsadm -C
;;
*)
echo "Usage: $0 {start|stop}"
exit 1
esac
2. 配置realserver
[root@testrealsong]#
#!/bin/sh
VIP=192.168.62.111
/etc/rc.d/init.d/functions
case "$1" in
start)
echo "tunl port starting"
/sbin/ifconfig tunl0 $VIP broadcast $VIP netmask 255.255.255.255 up
/sbin/route add -host $VIP dev tunl0
echo "1" > /proc/sys/net/ipv4/ip_forward
echo "1" > /proc/sys/net/ipv4/conf/tunl0/arp_ignore
echo "2" > /proc/sys/net/ipv4/conf/tunl0/arp_announce
echo "1" > /proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" > /proc/sys/net/ipv4/conf/all/arp_announce
sysctl -p
;;
stop)
echo "tunl port closing"
ifconfig tunl0 down
echo "1" > /proc/sys/net/ipv4/ip_forward
echo "0" > /proc/sys/net/ipv4/conf/all/arp_announce
;;
*)
echo "Usege: $0 {start|stop}"
exit 1
esac
此脚本分别在realserver上执行,目的使realserver忽略arp响应,并设定vip.
3.4认证文件(/etc/ha.d/authkeys),选取一种认证方式,这个文件的权限必须是600
auth 1
1 crc
#2 sha1 sha1_any_password
#3 md5 md5_any_password
chmod 600 /etc/ha.d/ haresources
3.5编辑主机名:/etc/hosts
192.168.62.129 test1
192.168.62.3 test2
备份节点192.168.62.3 上的heartbeat和apache的配置与节点1要完全相同,lvs配置也要相同
完装完毕进行测试,关闭主节点机器,另一台自动接管,主节点恢复后自动接管回服务。如果以上测试没有问题,那么开始和lvs整合。
4.配置Ldirectord
Ldirectord的作用是监测Real Server,当Real Server失效时,把它从Load Balancer列表中删除,恢复时重新添加,在安装heartbeat时已经安装了Ldirectord.
配置(/etc/ha.d/ldirectord.cf):
checktimeout=3
checkinterval=1
fallback=127.0.0.1:80
autoreload=yes
logfile="/var/log/ldirectord.log"
quiescent=yes
# Sample for an http virtual service
virtual=192.168.62.111:80
real=192.168.62.6:80 gate
real=192.168.62.5:80 gate
fallback=127.0.0.1:80 gate
service=http
request="index.html"
receive="Test Page"
protocol=tcp
checktype=negotiate
checkport=80
在每个Real Server的中添加监控页:
echo "Test Page" >> /var/www/html/index.html
修改/etc/ha.d/haresources
test1192.168.62.111 ipvsadm ldirectord httpd
现在可以在主节点启动heartbeat
/etc/init.d/heartbeat start
并在备份节点启动heartbeat
/etc/init.d/heartbeat start
测试:关闭主节点,备份节点将自动接管directorserver服务。