LVS 安装配置

服务器列表

LVS主	10.92.21.12
LVS备	10.92.21.17
LVS VIP	10.92.21.222:80
应用	10.92.21.18:8080
应用	xxx.xxx.xxx.xxx:yyyy

安装包列表

依赖包	libapr1-1.3.8-2.1.x86_64.rpm
依赖包	apr-util-ldap-1.4.1-1.1.x86_64.rpm
依赖包	apr-util-1.4.1-1.1.x86_64.rpm
依赖包	php-common-5.3.3-3.el6.x86_64.rpm
依赖包	php-cli-5.3.3-3.el6.x86_64.rpm
依赖包	php-5.3.3-3.el6.x86_64.rpm
依赖包	httpd-tools-2.2.15-9.el6.x86_64.rpm
核心包	ipvsadm-1.25-9.el6.x86_64.rpm
核心包	httpd-2.2.15-9.el6.x86_64.rpm
核心包	piranha-0.8.5-7.el6.x86_64.rpm

按顺序安装上述rpm包

执行命令：rpm –ivh ${包名}

 

配置文件

 

    lvs.cf

serial_no = 126
primary = 10.92.21.12
service = lvs
backup_active = 1
backup = 10.92.21.17
heartbeat = 1
heartbeat_port = 539
keepalive = 6
deadtime = 18
network = direct
debug_level = NONE
monitor_links = 0
syncdaemon = 0
virtual lvs {
     active = 1
     address =10.92.21.222 eth1:1
     vip_nmask = 255.255.255.0
     port = 80
     #persistent = 3600
     send_program = "/etc/sysconfig/ha/lvs.sh %h"
     expect = "OK"
     use_regex = 0
     load_monitor = none
     scheduler = wrr
     protocol = tcp
     timeout = 10
     reentry = 15
     quiesce_server = 0
     server web1 {
         address = 10.92.21.18
         active = 1
	 port = 8080
         weight = 1
     }
     server web2 {
         address = xxx.xxx.xxx.xxx
         active = 1
         port = yyyy
	     weight = 1
     }
}

 把该文件放到etc/sysconfig/ha下

 

   lvs.sh  

#!/bin/sh
tmpUriName=$1
uri="http://${tmpUriName}:8080/CSMBP/lvs.Monitor"
keyword="SUCCESS"
timeout=10
errorTimes="1"
writeError(){
  if [ -f /tmp/.errorcount_${tmpUriName} ]; then
    errorCount="$(cat /tmp/.errorcount_${tmpUriName})"
  else
    errorCount="0"
  fi

  if [ $errorCount == ${errorTimes} ]; then
    echo "NOSUCCESS"
    #echo "LOG ${tmpUriName} FAIL">>/tmp/.errorcount
  else
    echo ${errorTimes} >/tmp/.errorcount_${tmpUriName}
    echo "OK"
    #echo "LOG ${tmpUriName} FAIL OK">>/tmp/.errorcount
  fi
}

testConn(){
  if [ `GET -t ${timeout} ${uri} |grep ${keyword} |wc -l` -gt 0 ]; then
    echo "0" > /tmp/.errorcount_${tmpUriName}
    echo "OK"
    #echo "LOG ${tmpUriName} OK">>/tmp/.errorcount
  else
    writeError
  fi
}
testConn

 把该文件放到etc/sysconfig/ha下

 

 

网卡配置

LVS服务器端 10.92.21.12

/etc/sysconfig/network-scripts/ifcfg-eth1

DEVICE="eth1"
BOOTPROTO="static"
IPADDR=10.92.21.12
GATEWAY=10.92.21.1
NETMASK=255.255.255.0
MTU="1500"
NM_CONTROLLED="yes"
ONBOOT="yes"

 /etc/sysctl.conf

 

 

net.ipv4.ip_forward = 0 改成 net.ipv4.ip_forward = 1
添加Arp抑制配置：
net.ipv4.conf.lo.arp_ignore=1
net.ipv4.conf.lo.arp_announce=2
net.ipv4.conf.all.arp_ignore=1
net.ipv4.conf.all.arp_announce=2
net.ipv4.conf.default.rp_filter=1
vm.swappiness = 0
# turn off swapping
net.ipv4.tcp_sack = 1
# enable selective acknowledgements
net.ipv4.tcp_timestamps = 1
# needed for selective acknowledgements
net.ipv4.tcp_window_scaling = 1
#scale the network window
net.ipv4.tcp_congestion_control = cubic
# better congestion algorythm

net.ipv4.tcp_max_syn_backlog = 65536
net.core.netdev_max_backlog =  32768
net.core.somaxconn = 32768

net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216

 

LVS服务器端 10.92.21.17

/etc/sysconfig/network-scripts/ifcfg-eth1

 

DEVICE="eth1"
BOOTPROTO="static"
IPADDR=10.92.21.17
GATEWAY=10.92.21.1
NETMASK=255.255.255.0
MTU="1500"
NM_CONTROLLED="yes"
ONBOOT="yes"

 

/etc/sysctl.conf

 

net.ipv4.ip_forward = 0 改成 net.ipv4.ip_forward = 1
添加Arp抑制配置：
net.ipv4.conf.lo.arp_ignore=1
net.ipv4.conf.lo.arp_announce=2
net.ipv4.conf.all.arp_ignore=1
net.ipv4.conf.all.arp_announce=2
net.ipv4.conf.default.rp_filter=1
vm.swappiness = 0
# turn off swapping
net.ipv4.tcp_sack = 1
# enable selective acknowledgements
net.ipv4.tcp_timestamps = 1
# needed for selective acknowledgements
net.ipv4.tcp_window_scaling = 1
#scale the network window
net.ipv4.tcp_congestion_control = cubic
# better congestion algorythm

net.ipv4.tcp_max_syn_backlog = 65536
net.core.netdev_max_backlog =  32768
net.core.somaxconn = 32768

net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216

 

LVS服务器端 10.92.21.18

/etc/sysconfig/network-scripts/ifcfg-eth1

DEVICE="eth1"
BOOTPROTO="static"
IPADDR=10.92.21.18
GATEWAY=10.92.21.1
NETMASK=255.255.255.0
MTU="1500"
NM_CONTROLLED="yes"
ONBOOT="yes"

 /etc/sysctl.conf

 

 

net.ipv4.ip_forward = 0 改成 net.ipv4.ip_forward = 1
添加Arp抑制配置：
net.ipv4.conf.lo.arp_ignore=1
net.ipv4.conf.lo.arp_announce=2
net.ipv4.conf.all.arp_ignore=1
net.ipv4.conf.all.arp_announce=2

 /etc/sysconfig/iptables

*nat
:PREROUTING ACCEPT [12:480]
:POSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A PREROUTING -d 10.92.21.222/32 -p tcp -m tcp --dport 80 -j DNAT --to-destination 10.92.21.18:8080

COMMIT

*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 8080 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited

COMMIT

 

LVS服务器端 xxx.xxx.xxx.xxx

/etc/sysconfig/network-scripts/ifcfg-eth1

DEVICE="eth1"
BOOTPROTO="static"
IPADDR=xxx.xxx.xxx.xxx
GATEWAY=xxx.xxx.xxx.1
NETMASK=255.255.255.0
MTU="1500"
NM_CONTROLLED="yes"
ONBOOT="yes"

/etc/sysctl.conf

net.ipv4.ip_forward = 0 改成 net.ipv4.ip_forward = 1
添加Arp抑制配置：
net.ipv4.conf.lo.arp_ignore=1
net.ipv4.conf.lo.arp_announce=2
net.ipv4.conf.all.arp_ignore=1
net.ipv4.conf.all.arp_announce=2

/etc/sysconfig/iptables

*nat
:PREROUTING ACCEPT [12:480]
:POSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A PREROUTING -d 10.92.21.222/32 -p tcp -m tcp --dport 80 -j DNAT --to-destination xxx.xxx.xxx.xxx:yyyy

COMMIT

*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 8080 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited

COMMIT

 启动LVS

a)10.92.21.12和10.92.21.17上执行命令

service pulse start

查看 ifconfig ，如果在12或17上出现

 则说明VIP已成功启动

 

b)在启动了eth1:1的机器上执行ipvsadm –L查看负载情况

 

 c) 通过vip访问应用 http://10.92.21.222/CSMBP/test/getWeather.do

d)日志文件是/var/log/message

 

 

 

 

 

 

 

 

 

、