Centos5.6构建LVS+keepalived

系统环境：

centos64位系统

lvs-master：10.20.189.240
lvs-backup：10.20.189.241
vip：10.20.189.239
web1：10.20.189.242
web2：10.20.189.243

 

首先在lvs-master：10.20.189.240

[root@master ~]# cd /usr/local/src
[root@master ~]# wget http://www.linuxvirtualserver.org/software/kernel-2.6/ipvsadm-1.24.tar.gz

[root@master ~]# wget http://www.keepalived.org/software/keepalived-1.2.7.tar.gz
[root@master ~]# tar -zxvf ipvsadm-1.24.tar.gz

[root@master ~]# cd ipvsadm-1.24

[root@master ~]# ln -s /usr/src/kernels/2.6.18-238.el5-x86_64/ /usr/src/linux

（32位系统用：ln -s /usr/src/kernels/2.6.18-194.el5-i686/ /usr/src/linux）

不加这个软连接的话，在执行make的时候会出现类似如下的错误编译信息：

libipvs.h:14:23: error: net/ip_vs.h: No such file or directory

查找下此文件 find / -name ip_vs.h 发现64位系统在这个目录下/usr/src/kernels/2.6.18-238.el5-x86_64，所以就有了前面的软连接
/usr/src/kernels/2.6.18-238.el5-x86_64/include/net/ip_vs.h

[root@master ~]# make && make install

[root@master ~]# cd ..

[root@master ~]# tar -zxvf keepalived-1.2.7.tar.gz

[root@master ~]# cd keepalived-1.2.7

[root@master ~]# ./configure --sysconf=/etc  （指定配置文件的安装路径）

configure: error:
  !!! OpenSSL is not properly installed on your system. !!!
  !!! Can not include OpenSSL headers files.
解决：

[root@master ~]# yum -y install openssl-devel

版本1.2.7的编译信息如下：

------------------------
Keepalived version       : 1.2.7
Compiler                 : gcc
Compiler flags           : -g -O2 -DETHERTYPE_IPV6=0x86dd
Extra Lib                : -lpopt -lssl -lcrypto
Use IPVS Framework       : Yes
IPVS sync daemon support : Yes
IPVS use libnl           : No
Use VRRP Framework       : Yes
Use VRRP VMAC            : No
SNMP support             : No
Use Debug flags          : No

版本1.1.17的编译信息如下：

Keepalived configuration
------------------------
Keepalived version       : 1.1.17
Compiler                 : gcc
Compiler flags           : -g -O2
Extra Lib                : -lpopt -lssl -lcrypto
Use IPVS Framework       : Yes
IPVS sync daemon support : Yes
Use VRRP Framework       : Yes
Use LinkWatch            : No
Use Debug flags          : No

 

[root@master ~]# make

[root@master ~]# make install

[root@master ~]# ln -s /usr/local/sbin/keepalived /sbin/

[root@master ~]# vi /etc/keepalived/keepalived.conf
! Configuration File for keepalived

global_defs {
   notification_email {
      [email protected]
   }
   notification_email_from [email protected]
   smtp_server smtp.163.com
   # smtp_connect_timeout 30
   router_id LVS_DEVEL
}

vrrp_instance VI_1 {
    state MASTER       #备份服务器上将MASTER改为BACKUP   
    interface eth0
    virtual_router_id 51
    priority 100      # 备份服务器上将100改为90
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        10.20.189.239
    }
}

virtual_server 10.20.189.239 80 {
    delay_loop 6                  #(每隔10秒查询realserver状态)
    lb_algo rr                  #(lvs 算法)
    lb_kind DR                  #(Direct Route)
    persistence_timeout 60        #(同一IP的连接60秒内被分配到同一台realserver)
    protocol TCP                #(用TCP协议检查realserver状态)
 
    real_server 10.20.189.242 80 {
        weight 3               #(权重)
        TCP_CHECK {
        connect_timeout 5       #(10秒无响应超时)
        nb_get_retry 3
        delay_before_retry 3
        }
    }
    real_server 10.20.189.243 80 {
        weight 3
        TCP_CHECK {
        connect_timeout 5
        nb_get_retry 3
        delay_before_retry 3
        }
     }
}
[root@master ~]#  service keepalived start

[root@master ~]# chkconfig --level 2345 keepalived on

lvs-backup对照lvs-master安装相应软件，注意keepalive.conf有细微区别

 

配置realserver  10.20.189.242

[root@web_1 ~]# yum install httpd -y

[root@web_1 ~]# /etc/init.d/httpd start
[root@web_1 ~]# vi /root/lvs_real.sh
#!/bin/bash

SNS_VIP=10.20.189.239
 
/etc/rc.d/init.d/functions
 
case "$1" in
start)
       /sbin/ifconfig lo:0 $SNS_VIP netmask 255.255.255.255 broadcast $SNS_VIP
       /sbin/route add -host $SNS_VIP dev lo:0
       echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
       echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
       echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
       echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
       sysctl -p >/dev/null 2>&1
       echo "RealServer Start OK"
 
       ;;
stop)
       /sbin/ifconfig lo:0 down
       /sbin/route del $SNS_VIP >/dev/null 2>&1
       echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
       echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
       echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
       echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
       echo "RealServer Stoped"
       ;;
*)
       echo "Usage: $0 {start|stop}"
       exit 1
esac
 
exit 0
[root@web_1 ~]# chmod +x /root/lvs_real.sh
[root@web_1 ~]# /root/lvs_real.sh start
[root@web_1 ~]# ifconfig

eth0      Link encap:Ethernet  HWaddr 00:0C:29:82:A5:C2 
          inet addr:10.20.189.242  Bcast:10.20.189.255  Mask:255.255.254.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:25257 errors:0 dropped:0 overruns:0 frame:0
          TX packets:7730 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:12159312 (11.5 MiB)  TX bytes:502344 (490.5 KiB)

lo        Link encap:Local Loopback 
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:13 errors:0 dropped:0 overruns:0 frame:0
          TX packets:13 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:1120 (1.0 KiB)  TX bytes:1120 (1.0 KiB)

lo:0      Link encap:Local Loopback 
          inet addr:10.20.189.239  Mask:255.255.255.255
          UP LOOPBACK RUNNING  MTU:16436  Metric:1

[root@web_1 ~]# echo "/root/lvs_real.sh start" >> /etc/rc.local

 

#LVS_master、LVS_backup上开启keepalived，LVS_master先绑定VIP
LVS_master：

[root@localhost keepalived]# ip add
1: lo: mtu 16436 qdisc noqueue
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
2: eth0: mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:0c:29:64:7b:9f brd ff:ff:ff:ff:ff:ff
    inet 10.20.189.240/23 brd 10.20.189.255 scope global eth0
    inet 10.20.189.239/32 scope global eth0

LVS_backup：

[root@wpstest-9d9b39c keepalived]# ip add

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue 

    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

    inet 127.0.0.1/8 scope host lo

2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000

    link/ether 00:0c:29:92:2d:e8 brd ff:ff:ff:ff:ff:ff

    inet 10.20.189.241/23 brd 10.20.189.255 scope global eth0

#解析域名，测试访问，LVS转发

#测试关闭LVS_master，短暂的掉包后，LVS_backup马上接替工作

/etc/init.d/keepalived stop

LVS_backup接替LVS_master绑定VIP

[root@wpstest-9d9b39c keepalived]# ip add

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue 

    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

    inet 127.0.0.1/8 scope host lo

2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000

    link/ether 00:0c:29:92:2d:e8 brd ff:ff:ff:ff:ff:ff

    inet 10.20.189.241/23 brd 10.20.189.255 scope global eth0

    inet 10.20.189.239/32 scope global eth0

LVS_master重启完成后，就会自动接回控制权，继续负责转发

#测试关闭其中一台realserver  10.20.189.242 /etc/init.d/httpd stop

通过上面测试可以知道，当realserver故障或者无法提供服务时，负载均衡器通过健康检查自动把失效的机器从转发队列删除掉，实现故障隔离，保证用户的访问不受影响

#重启被关闭的realserver

当realserver故障恢复后，负载均衡器通过健康检查自动把恢复后的机器添加到转发队列中