lvs+keepalived 案例配置
基于keepalived和RS端脚本配置的案例,,后端是tomcat应用程序.
软件地址:
wget http://www.keepalived.org/software/keepalived-1.1.19.tar.gz
再做以下操作之前,应该lvs配置成功、配置见这篇文章
http://douya.blog.51cto.com/6173221/1680692
开始配置lvs基于keepalived的环境
[root@lvs-1 soft]# ls -al /usr/src/ total 16 drwxr-xr-x. 4 root root 4096 Nov 19 00:26 . drwxr-xr-x. 14 root root 4096 Nov 19 00:32 .. drwxr-xr-x. 2 root root 4096 Sep 23 2011 debug drwxr-xr-x. 4 root root 4096 Nov 19 00:27 kernels lrwxrwxrwx. 1 root root 39 Nov 19 00:26 linux -> /usr/src/kernels/2.6.32-431.el6.x86_64/ 安装前先查看是不是有此路径,如果没有,请执行以下步骤: ls /usr/src/kernels/2.6.32-573.8.1.el6.x86_64/ yum install kernel kernel-devel -y ln -s /usr/src/kernels/2.6.32-573.8.1.el6.x86_64/ /usr/src/linux/ [root@lvs-1 keepalived-1.1.19]tar xvf keepalived-1.1.19.tar.gz [root@lvs-1 keepalived-1.1.19] cd keepalived-1.1.19 [root@lvs-1 keepalived-1.1.19] ./configure configure: error: !!! OpenSSL is not properly installed on your system. !!! !!! Can not include OpenSSL headers files. !!! [root@lvs-1 keepalived-1.1.19]yum install openssl* -y [root@lvs-1 keepalived-1.1.19]./configure Keepalived configuration ------------------------ Keepalived version : 1.1.19 Compiler : gcc Compiler flags : -g -O2 Extra Lib : -lpopt -lssl -lcrypto Use IPVS Framework : Yes IPVS sync daemon support : Yes Use VRRP Framework : Yes Use Debug flags : No 表明无误 [root@lvs-1 keepalived-1.1.19]make &&make install
以上是编译安装,推荐使用yum install keepalived 安装
一、开始安装
yum install keepalived -y
二、开始配置keepalived、
lvs-1 配置keepalived ---MASTER
[root@lvs-1 ~]# more /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
[email protected]
}
notification_email_from root@localhost
smtp_server localhost
smtp_connect_timeout 30
router_id LVS_1
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.2.12/24
}
}
virtual_server 192.168.2.12 80 { #设置虚拟服务器,需要指定虚拟IP与服务端口,用空格分隔
delay_loop 6 #设置健康状态检查时间,单位为秒
lb_algo rr #设置负载高度算法,rr为轮询
lb_kind DR #设置LVS实现负载均衡的机制,可以为{NAT|TUN|DR}三种
nat_mask 255.255.255.0 #设置掩码
persistence_timeout 50 #会话保持时间,单位为秒;这个选项对于动态网页是非常有用的,为集群系统中session共享提供了一个很好的解决方案
protocol TCP #指定转发协议类型可以设置{TCP|UDP}两种
real_server 192.168.2.221 80 { #后端服务器节点,需要指定Real_server的IP与端口,用空格分隔
weight 1 #配置服务节点的权重,数字越大,权重越高
TCP_CHECK {
connect_timeout 3 #这个设置几秒钟测试一下这服务有没有挂.
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 192.168.2.30 80 {
weight 1
TCP_CHECK {
connect_timeout 3 #这个设置几秒钟测试一下这服务有没有挂.
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
SLAVE端配置文件
[root@lvs-2~]# more /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
[email protected]
}
notification_email_from root@localhost
smtp_server localhost
smtp_connect_timeout 30
router_id LVS_2
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.2.12/24
}
}
virtual_server 192.168.2.12 80 { #设置虚拟服务器,需要指定虚拟IP与服务端口,用空格分隔
delay_loop 6 #设置健康状态检查时间,单位为秒
lb_algo rr #设置负载高度算法,rr为轮询
lb_kind DR #设置LVS实现负载均衡的机制,可以为{NAT|TUN|DR}三种
nat_mask 255.255.255.0 #设置掩码
persistence_timeout 50 #会话保持时间,单位为秒;这个选项对于动态网页是非常有用的,为集群系统中session共享提供了一个很好的解决方案
protocol TCP #指定转发协议类型可以设置{TCP|UDP}两种
real_server 192.168.2.221 80 { #后端服务器节点,需要指定Real_server的IP与端口,用空格分隔
weight 1 #配置服务节点的权重,数字越大,权重越高
TCP_CHECK {
connect_timeout 3 #这个设置几秒钟测试一下这服务有没有挂.
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 192.168.2.30 80 {
weight 1
TCP_CHECK {
connect_timeout 3 #这个设置几秒钟测试一下这服务有没有挂.
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
启动master,slave,,在master查看状态
[root@lvs-1 scripts]# ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000 link/ether 00:0c:29:c8:69:ec brd ff:ff:ff:ff:ff:ff inet 192.168.2.13/24 brd 192.168.2.255 scope global eth0 inet 192.168.2.12/24 scope global secondary eth0 inet6 fe80::20c:29ff:fec8:69ec/64 scope link valid_lft forever preferred_lft forever
到目前为止,在lvs server端的配置已经完成、
三、下面开始配置real-server后面节点即(绑定VIP到lo,抑制ARP、)
此处可以使用脚本进行配置
#!/bin/sh
#Date: 2015-11-20
#By: charles
#Description: deploy backend server (bind lo interface and Inhibition arp)
VIP="192.168.2.12"
INT="lo:0"
lo_INT=`ifconfig|grep lo|awk -F " " '{print $1 }'`
. /etc/init.d/functions
function start() {
if [ "$lo_INT" == "lo" ];then
ifconfig $INT $VIP broadcast $VIP netmask 255.255.255.255 up
route add -host $VIP dev $INT
echo "1" > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" > /proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" > /proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" > /proc/sys/net/ipv4/conf/all/arp_announce
else
echo "vip is binded,Pls Re binding"
exit 2
fi
if [ $? -eq 0 ]
then
action "start bind vip and Inhibition arp is success" /bin/true
else
action "start bind vip and Inhibition arp failed" /bin/false
fi
}
function stop() {
ifconfig $INT $VIP broadcast $VIP netmask 255.255.255.255 up
echo "0" > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo "0" > /proc/sys/net/ipv4/conf/lo/arp_announce
echo "0" > /proc/sys/net/ipv4/conf/all/arp_ignore
echo "0" > /proc/sys/net/ipv4/conf/all/arp_announce
if [ "$INT" != "lo" ]
then
action "stop bind vip and Inhibition arp is success" /bin/true
elif [ "$INT" == "lo" ]
then
action "stop bind vip is and Inhibition arp failed" /bin/false
else
echo "bind Error"
fi
}
function restart() {
stop
sleep 1
start
}
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
restart
;;
*)
echo "USAGE :$0 {start|stop|restart}"
exit 2
esac
exit $?
四、还有对keepalived的日志做rsyslog的日志专门记录
root@lvs-1 ~]# cat /etc/sysconfig/keepalived 1,修改keepalived的日志格式 # Options for keepalived. See `keepalived --help' output and keepalived(8) and # keepalived.conf(5) man pages for a list of all options. Here are the most # common ones : # # --vrrp -P Only run with VRRP subsystem. # --check -C Only run with Health-checker subsystem. # --dont-release-vrrp -V Dont remove VRRP VIPs & VROUTEs on daemon stop. # --dont-release-ipvs -I Dont remove IPVS topology on daemon stop. # --dump-conf -d Dump the configuration data. # --log-detail -D Detailed log messages. # --log-facility -S 0-7 Set local syslog facility (default=LOG_DAEMON) # #KEEPALIVED_OPTIONS="-D" KEEPALIVED_OPTIONS="-D -d -S 0", 2, 配置rsyslog yum install syslog -y 新加一下行 [root@lvs-1 ~]# vim /etc/rsyslog.conf | grep local0 local0.* /var/log/keepalived.log [root@lvs-1 ~]# /etc/init.d/rsyslog restart /etc/init.d/keepalived restart 3,查看日志 [root@lvs-1 ~]# tail -f /var/log/keepalived.log Nov 20 13:36:27 lvs-1 Keepalived_healthcheckers[12935]: Using LinkWatch kernel netlink reflector... Nov 20 13:36:27 lvs-1 Keepalived_healthcheckers[12935]: Activating healthchecker for service [192.168.2.221]:80 Nov 20 13:36:27 lvs-1 Keepalived_healthcheckers[12935]: Activating healthchecker for service [192.168.2.30]:80 Nov 20 13:36:28 lvs-1 Keepalived_vrrp[12936]: VRRP_Instance(VI_1) Transition to MASTER STATE Nov 20 13:36:28 lvs-1 Keepalived_vrrp[12936]: VRRP_Instance(VI_1) Received lower prio advert, forcing new election Nov 20 13:36:29 lvs-1 Keepalived_vrrp[12936]: VRRP_Instance(VI_1) Entering MASTER STATE Nov 20 13:36:29 lvs-1 Keepalived_vrrp[12936]: VRRP_Instance(VI_1) setting protocol VIPs. Nov 20 13:36:29 lvs-1 Keepalived_healthcheckers[12935]: Netlink reflector reports IP 192.168.2.12 added Nov 20 13:36:29 lvs-1 Keepalived_vrrp[12936]: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 192.168.2.12 Nov 20 13:36:34 lvs-1 Keepalived_vrrp[12936]: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 192.168.2.12