Keepalived+lvs+nginx之负载均衡

部署LVS+Keepalived的步骤


系统版本
cat /proc/version 
Linux version 2.6.32-573.7.1.el6.x86_64 ([email protected]) (gcc version 4.4.7 20120313 (Red Hat 4.4.7-16) (GCC) ) #1 SMP Tue Sep 22 22:00:00 UTC 2015


一、加载ipvs模块
1)检查ipvs内核模块,看看是否已经被加载
lsmod | grep ip_vs


2) 如果没有加载,执行下列命令进行加载
modprobe ip_vs


二、安装ipvsadm工具


检测是否有相关依赖库


1)安装libnl*


yum install libnl-1.1.4-2.el6.x86_64.rpm -y
yum install libnl-devel-1.1.4-2.el6.x86_64.rpm -y


2)安装gettext
tar zxf gettext-0.13.1.tar.gz
cd gettext-0.13.1
./configure --disable-libasprintf
make; make install


3)安装popt-1.7
tar zxf popt-1.7.tar.gz
cd popt-1.7
./configure
make; make install


4)安装ipvsadm
tar zxf ipvsadm-1.26.tar.gz
cd ipvsadm-1.26
make; make install


三、安装keepalived软件


根据系统版本,下载对应的内核版本
uname -r
我的系统的内核版本是2.6.32


1)安装kernel-devel-2.6.32-573.el6.x86_64.rpm
yum install kernel-devel-2.6.32-573.el6.x86_64.rpm -y
ln -s /usr/src/kernels/2.6.32-573.el6.x86_64 /usr/src/linux


2) 安装openssl
如果已经安装,可省略这一步


3)安装keepalived
tar zxf keepalived-1.1.15.tar.gz
cd keepalived-1.1.15
./configure --prefix=/ --with-kernel-dir=/usr/src/linux/


############################################################
注:configure后的结果应该是如下所示
Keepalived configuration
------------------------
Keepalived version       : 1.1.15
Compiler                 : gcc
Compiler flags           : -g -O2
Extra Lib                : -lpopt -lssl -lcrypto 
Use IPVS Framework       : Yes
IPVS sync daemon support : Yes
Use VRRP Framework       : Yes
Use LinkWatch            : No
Use Debug flags          : No
#############################################################


make; make install


三、LVS主备上的配置
主机配置文件


! Configuration File for keepalived

global_defs {

   notification_email {
        [email protected]
        [email protected]
        [email protected]
   }


   notification_email_from [email protected]
    127.0.0.1
   smtp_csmtp_serveronnect_timeout 30
   router_id LVS_DEVEL_T1
}


vrrp_instance VI_1 {
    state MASTER
    interface eth0
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        10.10.121.200 
    }
}


virtual_server 10.10.121.200 80 {
    delay_loop 2 
    lb_algo rr
    lb_kind DR
    nat_mask 255.255.255.0
    persistence_timeout 0
    protocol TCP


    real_server 10.10.121.247 80 {
        weight 1
        TCP_CHECK {
    connect_timeout 3
            nb_get_retry 3
    delay_before_retry 3
    connect_port 80
        }
}
    
    real_server 10.10.121.13 80 {
        weight 3
        TCP_CHECK {
    connect_timeout 3
             nb_get_retry 3
    delay_before_retry 3
    connect_port 80
        }
}    
}


备机配置文件
! Configuration File for keepalived


global_defs {


   notification_email {
        [email protected]
        [email protected]
        [email protected]
   }


   notification_email_from [email protected]
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id LVS_DEVEL_T2
}


vrrp_instance VI_1 {
    state BACKUP
    interface eth0
    virtual_router_id 51
    priority 50
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        10.10.121.200 
    }
}


virtual_server 10.10.121.200 80 {
    delay_loop 2 
    lb_algo rr
    lb_kind DR
    nat_mask 255.255.255.0
    persistence_timeout 0
    protocol TCP


    real_server 10.10.121.247 80 {
        weight 1
       TCP_CHECK {
    connect_timeout 3
    nb_get_retry 3
    delay_before_retry 3
            connect_port 80
        }
}


    real_server 10.10.121.13 80 {
        weight 3
        TCP_CHECK {
    connect_timeout 3
            nb_get_retry 3
    delay_before_retry 3
            connect_port 80
        }
    }
}


四、realserver上的配置
#!/bin/sh

#description:start realserver

vip=10.10.121.200

source /etc/rc.d/init.d/functions

case $1 in
start)
        echo "Start Realserver"
        /sbin/ifconfig lo:0 $vip broadcast $vip netmask 255.255.255.255 up
        echo "1" > /proc/sys/net/ipv4/conf/lo/arp_ignore
        echo "2" > /proc/sys/net/ipv4/conf/lo/arp_announce
        echo "1" > /proc/sys/net/ipv4/conf/all/arp_ignore
        echo "2" > /proc/sys/net/ipv4/conf/all/arp_announce
;;
stop)
        echo "Stop Realserver"
        /sbin/ifconfig lo:0 down
        echo "0" > /proc/sys/net/ipv4/conf/lo/arp_ignore
        echo "0" > /proc/sys/net/ipv4/conf/lo/arp_announce
        echo "0" > /proc/sys/net/ipv4/conf/all/arp_ignore
        echo "0" > /proc/sys/net/ipv4/conf/all/arp_announce
;;
*)
        echo "Usage: $0 (start | stop)"
exit 1
esac

执行lvs_real start启动,执行lvs_real stop停止

五、碰到的问题:
1. 主备启动后,主备都宣称自己是主机,都对虚拟IP进行了绑定
从网上查找到的解决方案是将网卡的模式配置成混杂的模式,但是我按照下面的方式配置之后,发现还是不行。
ifconfig eth0 promisc

ifconfig 可以看到网卡是否混杂模式,如:
ifconfig eth0 看是否有“PROMISC”标志
ifconfig eth0 promisc #设置混杂模式

ifconfig eth0 -promisc #取消混杂模式

最终找到了问题的根源:主备配置文件中的virtual_router_id不一致导致的。主备配置文件不一样的地方只有三处,分别是

router_id LVS_DEVEL_T1

state MASTER

priority 150

其他配置项都要保持一致。


2. rr没有按预期工作

使用俩台主机安装keepalived+lvs,俩台主机做real server,lvs为DR模式,采用rr机制,测试时发现对于vip:192.168.122.100的请求都只能发送到其中一台real server上,不能交替的发给后端俩台real server ,没有实现轮询的机制。

keepalived配置文件
! Configuration File for keepalived

global_defs {

   router_id director1
}

vrrp_instance VI_1 {
    state MASTER
    interface eth0
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
       192.168.122.100
    }
}

virtual_server 192.168.122.100 80 {
    delay_loop 6
    lb_algo rr
    lb_kind DR

    nat_mask 255.255.255.0
    persistence_timeout 50
    protocol TCP
real_server 192.168.122.4 80 {
        weight 1
        HTTP_GET {
            url {
              path /test1.html
              digest 2ee55cb8cb23a5db1580d14aa37a5d27
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }

    real_server 192.168.122.5 80 {
        weight 1
        HTTP_GET {
            url {
              path /test2.html
              digest 8145db84654bc4c9dc5fa077a788c9db
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }

}

测试
# ab -c 100 -n 100 http://192.168.122.100/

ipvsadm查询
Every 0.5s: ipvsadm -Lnc                                                            Sun Nov 17 06:16:34 2013

IPVS connection entries
pro expire state       source             virtual            destination
TCP 01:26  FIN_WAIT    192.168.122.1:39157 192.168.122.100:80 192.168.122.4:80
TCP 01:26  FIN_WAIT    192.168.122.1:39142 192.168.122.100:80 192.168.122.4:80
TCP 01:26  FIN_WAIT    192.168.122.1:39105 192.168.122.100:80 192.168.122.4:80
TCP 01:26  FIN_WAIT    192.168.122.1:39099 192.168.122.100:80 192.168.122.4:80
TCP 01:27  FIN_WAIT    192.168.122.1:39191 192.168.122.100:80 192.168.122.4:80
TCP 01:26  FIN_WAIT    192.168.122.1:39155 192.168.122.100:80 192.168.122.4:80
TCP 01:26  FIN_WAIT    192.168.122.1:39123 192.168.122.100:80 192.168.122.4:80
TCP 01:27  FIN_WAIT    192.168.122.1:39180 192.168.122.100:80 192.168.122.4:80
TCP 01:27  FIN_WAIT    192.168.122.1:39188 192.168.122.100:80 192.168.122.4:80
TCP 01:26  FIN_WAIT    192.168.122.1:39150 192.168.122.100:80 192.168.122.4:80
TCP 01:26  FIN_WAIT    192.168.122.1:39109 192.168.122.100:80 192.168.122.4:80
TCP 01:27  FIN_WAIT    192.168.122.1:39175 192.168.122.100:80 192.168.122.4:80
TCP 01:27  FIN_WAIT    192.168.122.1:39194 192.168.122.100:80 192.168.122.4:80
TCP 01:27  FIN_WAIT    192.168.122.1:39195 192.168.122.100:80 192.168.122.4:80
TCP 01:26  FIN_WAIT    192.168.122.1:39146 192.168.122.100:80 192.168.122.4:80
..............................


查到问题了,是persistence_timeout 50保持时间引起的,设置了保持时间,模拟的批量请求在保持时间内都被定向到同一台机器了。

你可能感兴趣的:(Keepalived+lvs+nginx之负载均衡)